Skip to content

Commit 7cef847

Browse files
Google APIscopybara-github
Google APIs
authored and
copybara-github
committed
feat: add support for AUTH functionality
feat: add support for TLS functionality feat: add secondary_ip_range field PiperOrigin-RevId: 434816216
1 parent 9acf398 commit 7cef847

1 file changed

Lines changed: 93 additions & 9 deletions

File tree

google/cloud/redis/v1/cloud_redis.proto

Lines changed: 93 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2021 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -72,6 +72,16 @@ service CloudRedis {
7272
option (google.api.method_signature) = "name";
7373
}
7474

75+
// Gets the AUTH string for a Redis instance. If AUTH is not enabled for the
76+
// instance the response will be empty. This information is not included in
77+
// the details returned to GetInstance.
78+
rpc GetInstanceAuthString(GetInstanceAuthStringRequest) returns (InstanceAuthString) {
79+
option (google.api.http) = {
80+
get: "/v1/{name=projects/*/locations/*/instances/*}/authString"
81+
};
82+
option (google.api.method_signature) = "name";
83+
}
84+
7585
// Creates a Redis instance based on the specified tier and memory size.
7686
//
7787
// By default, the instance is accessible from the project's
@@ -202,7 +212,7 @@ message NodeInfo {
202212
string zone = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
203213
}
204214

205-
// A Google Cloud Redis instance.
215+
// A Memorystore for Redis instance.
206216
message Instance {
207217
option (google.api.resource) = {
208218
type: "redis.googleapis.com/Instance"
@@ -267,18 +277,30 @@ message Instance {
267277
PRIVATE_SERVICE_ACCESS = 2;
268278
}
269279

280+
// Available TLS modes.
281+
enum TransitEncryptionMode {
282+
// Not set.
283+
TRANSIT_ENCRYPTION_MODE_UNSPECIFIED = 0;
284+
285+
// Client to Server traffic encryption enabled with server authentication.
286+
SERVER_AUTHENTICATION = 1;
287+
288+
// TLS is disabled for the instance.
289+
DISABLED = 2;
290+
}
291+
270292
// Read replicas mode.
271293
enum ReadReplicasMode {
272-
// If not set, Memorystore Redis backend will pick the mode based on other fields in
273-
// the request.
294+
// If not set, Memorystore Redis backend will default to
295+
// READ_REPLICAS_DISABLED.
274296
READ_REPLICAS_MODE_UNSPECIFIED = 0;
275297

276298
// If disabled, read endpoint will not be provided and the instance cannot
277299
// scale up or down the number of replicas.
278300
READ_REPLICAS_DISABLED = 1;
279301

280302
// If enabled, read endpoint will be provided and the instance can scale
281-
// up and down the number of replicas.
303+
// up and down the number of replicas. Not valid for basic tier.
282304
READ_REPLICAS_ENABLED = 2;
283305
}
284306

@@ -333,6 +355,13 @@ message Instance {
333355
// the default block size is /28.
334356
string reserved_ip_range = 9 [(google.api.field_behavior) = OPTIONAL];
335357

358+
// Optional. Additional IP range for node placement. Required when enabling read
359+
// replicas on an existing instance. For DIRECT_PEERING mode value must be a
360+
// CIDR range of size /28, or "auto". For PRIVATE_SERVICE_ACCESS mode value
361+
// must be the name of an allocated address range associated with the private
362+
// service access connection, or "auto".
363+
string secondary_ip_range = 30 [(google.api.field_behavior) = OPTIONAL];
364+
336365
// Output only. Hostname or IP address of the exposed Redis endpoint used by
337366
// clients to connect to the service.
338367
string host = 10 [(google.api.field_behavior) = OUTPUT_ONLY];
@@ -400,9 +429,23 @@ message Instance {
400429
// If not provided, the connect mode defaults to DIRECT_PEERING.
401430
ConnectMode connect_mode = 22 [(google.api.field_behavior) = OPTIONAL];
402431

403-
// Optional. The number of replica nodes. Valid range for standard tier
404-
// is [1-5] and defaults to 1. Valid value for basic tier is 0 and defaults
405-
// to 0.
432+
// Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to
433+
// "true" AUTH is enabled on the instance. Default value is "false" meaning
434+
// AUTH is disabled.
435+
bool auth_enabled = 23 [(google.api.field_behavior) = OPTIONAL];
436+
437+
// Output only. List of server CA certificates for the instance.
438+
repeated TlsCertificate server_ca_certs = 25 [(google.api.field_behavior) = OUTPUT_ONLY];
439+
440+
// Optional. The TLS mode of the Redis instance.
441+
// If not provided, TLS is disabled for the instance.
442+
TransitEncryptionMode transit_encryption_mode = 26 [(google.api.field_behavior) = OPTIONAL];
443+
444+
// Optional. The number of replica nodes. The valid range for the Standard Tier with
445+
// read replicas enabled is [1-5] and defaults to 2. If read replicas are not
446+
// enabled for a Standard Tier instance, the only valid value is 1 and the
447+
// default is 1. The valid value for basic tier is 0 and the default is also
448+
// 0.
406449
int32 replica_count = 31 [(google.api.field_behavior) = OPTIONAL];
407450

408451
// Output only. Info per node.
@@ -418,7 +461,7 @@ message Instance {
418461
// endpoint. Standard tier only. Write requests should target 'port'.
419462
int32 read_endpoint_port = 34 [(google.api.field_behavior) = OUTPUT_ONLY];
420463

421-
// Optional. Read replica mode.
464+
// Optional. Read replicas mode for the instance. Defaults to READ_REPLICAS_DISABLED.
422465
ReadReplicasMode read_replicas_mode = 35 [(google.api.field_behavior) = OPTIONAL];
423466
}
424467

@@ -484,6 +527,25 @@ message GetInstanceRequest {
484527
];
485528
}
486529

530+
// Request for [GetInstanceAuthString][google.cloud.redis.v1.CloudRedis.GetInstanceAuthString].
531+
message GetInstanceAuthStringRequest {
532+
// Required. Redis instance resource name using the form:
533+
// `projects/{project_id}/locations/{location_id}/instances/{instance_id}`
534+
// where `location_id` refers to a GCP region.
535+
string name = 1 [
536+
(google.api.field_behavior) = REQUIRED,
537+
(google.api.resource_reference) = {
538+
type: "redis.googleapis.com/Instance"
539+
}
540+
];
541+
}
542+
543+
// Instance AUTH string details.
544+
message InstanceAuthString {
545+
// AUTH string set on the instance.
546+
string auth_string = 1;
547+
}
548+
487549
// Request for [CreateInstance][google.cloud.redis.v1.CloudRedis.CreateInstance].
488550
message CreateInstanceRequest {
489551
// Required. The resource name of the instance location using the form:
@@ -684,3 +746,25 @@ message LocationMetadata {
684746
message ZoneMetadata {
685747

686748
}
749+
750+
// TlsCertificate Resource
751+
message TlsCertificate {
752+
// Serial number, as extracted from the certificate.
753+
string serial_number = 1;
754+
755+
// PEM representation.
756+
string cert = 2;
757+
758+
// Output only. The time when the certificate was created in [RFC
759+
// 3339](https://tools.ietf.org/html/rfc3339) format, for example
760+
// `2020-05-18T00:00:00.094Z`.
761+
google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY];
762+
763+
// Output only. The time when the certificate expires in [RFC
764+
// 3339](https://tools.ietf.org/html/rfc3339) format, for example
765+
// `2020-05-18T00:00:00.094Z`.
766+
google.protobuf.Timestamp expire_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
767+
768+
// Sha1 Fingerprint of the certificate.
769+
string sha1_fingerprint = 5;
770+
}

0 commit comments

Comments
 (0)