{ "discoveryVersion": "v1", "fullyEncodeReservedExpansion": true, "revision": "20260422", "version": "v1", "ownerName": "Google", "id": "cloudcontrolspartner:v1", "documentationLink": "https://cloud.google.com/sovereign-controls-by-partners/docs/sovereign-partners/reference/rest", "baseUrl": "https://cloudcontrolspartner.googleapis.com/", "parameters": { "access_token": { "type": "string", "location": "query", "description": "OAuth access token." }, "upload_protocol": { "description": "Upload protocol for media (e.g. \"raw\", \"multipart\").", "type": "string", "location": "query" }, "$.xgafv": { "description": "V1 error format.", "enumDescriptions": [ "v1 error format", "v2 error format" ], "location": "query", "enum": [ "1", "2" ], "type": "string" }, "oauth_token": { "description": "OAuth 2.0 token for the current user.", "type": "string", "location": "query" }, "fields": { "description": "Selector specifying which fields to include in a partial response.", "type": "string", "location": "query" }, "callback": { "description": "JSONP", "type": "string", "location": "query" }, "key": { "description": "API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.", "type": "string", "location": "query" }, "prettyPrint": { "description": "Returns response with indentations and line breaks.", "default": "true", "type": "boolean", "location": "query" }, "quotaUser": { "type": "string", "location": "query", "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters." }, "alt": { "enum": [ "json", "media", "proto" ], "type": "string", "enumDescriptions": [ "Responses with Content-Type of application/json", "Media download with context-dependent Content-Type", "Responses with Content-Type of application/x-protobuf" ], "location": "query", "description": "Data format for response.", "default": "json" }, "uploadType": { "type": "string", "location": "query", "description": "Legacy upload protocol for media (e.g. \"media\", \"multipart\")." } }, "version_module": true, "name": "cloudcontrolspartner", "ownerDomain": "google.com", "protocol": "rest", "canonicalName": "Cloud Controls Partner Service", "mtlsRootUrl": "https://cloudcontrolspartner.mtls.googleapis.com/", "title": "Cloud Controls Partner API", "icons": { "x16": "http://www.google.com/images/icons/product/search-16.gif", "x32": "http://www.google.com/images/icons/product/search-32.gif" }, "rootUrl": "https://cloudcontrolspartner.googleapis.com/", "auth": { "oauth2": { "scopes": { "https://www.googleapis.com/auth/cloud-platform": { "description": "See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account." } } } }, "schemas": { "Console": { "type": "object", "properties": { "consoleUris": { "description": "Link to console page where violations can be resolved", "items": { "type": "string" }, "type": "array" }, "steps": { "description": "Steps to resolve violation via cloud console", "items": { "type": "string" }, "type": "array" }, "additionalLinks": { "type": "array", "description": "Additional urls for more information about steps", "items": { "type": "string" } } }, "id": "Console", "description": "Remediation instructions to resolve violation via cloud console" }, "ListViolationsResponse": { "id": "ListViolationsResponse", "description": "Response message for list customer violation requests", "type": "object", "properties": { "violations": { "description": "List of violation", "items": { "$ref": "Violation" }, "type": "array" }, "unreachable": { "type": "array", "description": "Workloads that could not be reached due to permission errors or any other error. Ref: https://google.aip.dev/217", "items": { "type": "string" } }, "nextPageToken": { "type": "string", "description": "A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages." } } }, "CustomerOnboardingStep": { "id": "CustomerOnboardingStep", "description": "Container for customer onboarding information", "type": "object", "properties": { "startTime": { "description": "The starting time of the onboarding step", "format": "google-datetime", "type": "string" }, "completionTime": { "description": "The completion time of the onboarding step", "format": "google-datetime", "type": "string" }, "step": { "description": "The onboarding step", "type": "string", "enumDescriptions": [ "Unspecified step", "KAJ Enrollment", "Customer Environment" ], "enum": [ "STEP_UNSPECIFIED", "KAJ_ENROLLMENT", "CUSTOMER_ENVIRONMENT" ] }, "completionState": { "enumDescriptions": [ "Unspecified completion state.", "Task started (has start date) but not yet completed.", "Succeeded state.", "Failed state.", "Not applicable state." ], "description": "Output only. Current state of the step", "type": "string", "readOnly": true, "enum": [ "COMPLETION_STATE_UNSPECIFIED", "PENDING", "SUCCEEDED", "FAILED", "NOT_APPLICABLE" ] } } }, "Empty": { "type": "object", "properties": {}, "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", "id": "Empty" }, "ListWorkloadsResponse": { "type": "object", "properties": { "unreachable": { "description": "Locations that could not be reached.", "items": { "type": "string" }, "type": "array" }, "workloads": { "type": "array", "description": "List of customer workloads", "items": { "$ref": "Workload" } }, "nextPageToken": { "description": "A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.", "type": "string" } }, "id": "ListWorkloadsResponse", "description": "Response message for list customer workloads requests." }, "CustomerOnboardingState": { "id": "CustomerOnboardingState", "description": "Container for customer onboarding steps", "type": "object", "properties": { "onboardingSteps": { "description": "List of customer onboarding steps", "items": { "$ref": "CustomerOnboardingStep" }, "type": "array" } } }, "EkmMetadata": { "type": "object", "properties": { "ekmEndpointUri": { "type": "string", "description": "Endpoint for sending requests to the EKM for key provisioning during Assured Workload creation." }, "ekmSolution": { "type": "string", "enum": [ "EKM_SOLUTION_UNSPECIFIED", "FORTANIX", "FUTUREX", "THALES", "VIRTRU" ], "description": "The Cloud EKM partner.", "enumDescriptions": [ "Unspecified EKM solution", "EKM Partner Fortanix", "EKM Partner FutureX", "EKM Partner Thales", "This enum value is never used." ], "enumDeprecated": [ false, false, false, false, true ] } }, "id": "EkmMetadata", "description": "Holds information needed by Mudbray to use partner EKMs for workloads." }, "EkmConnection": { "type": "object", "properties": { "connectionError": { "$ref": "ConnectionError", "description": "The connection error that occurred if any" }, "connectionName": { "type": "string", "description": "Resource name of the EKM connection in the format: projects/{project}/locations/{location}/ekmConnections/{ekm_connection}" }, "connectionState": { "type": "string", "readOnly": true, "enum": [ "CONNECTION_STATE_UNSPECIFIED", "AVAILABLE", "NOT_AVAILABLE", "ERROR", "PERMISSION_DENIED" ], "enumDescriptions": [ "Unspecified EKM connection state", "Available EKM connection state", "Not available EKM connection state", "Error EKM connection state", "Permission denied EKM connection state" ], "description": "Output only. The connection state" } }, "id": "EkmConnection", "description": "Details about the EKM connection" }, "ConnectionError": { "description": "Information around the error that occurred if the connection state is anything other than available or unspecified", "id": "ConnectionError", "type": "object", "properties": { "errorDomain": { "description": "The error domain for the error", "type": "string" }, "errorMessage": { "description": "The error message for the error", "type": "string" } } }, "AccessReason": { "id": "AccessReason", "description": "Reason for the access.", "type": "object", "properties": { "type": { "enum": [ "TYPE_UNSPECIFIED", "CUSTOMER_INITIATED_SUPPORT", "GOOGLE_INITIATED_SERVICE", "GOOGLE_INITIATED_REVIEW", "THIRD_PARTY_DATA_REQUEST", "GOOGLE_RESPONSE_TO_PRODUCTION_ALERT", "CLOUD_INITIATED_ACCESS" ], "type": "string", "enumDescriptions": [ "Default value for proto, shouldn't be used.", "Customer made a request or raised an issue that required the principal to access customer data. `detail` is of the form (\"#####\" is the issue ID): - \"Feedback Report: #####\" - \"Case Number: #####\" - \"Case ID: #####\" - \"E-PIN Reference: #####\" - \"Google-#####\" - \"T-#####\"", "The principal accessed customer data in order to diagnose or resolve a suspected issue in services. Often this access is used to confirm that customers are not affected by a suspected service issue or to remediate a reversible system issue.", "Google initiated service for security, fraud, abuse, or compliance purposes.", "The principal was compelled to access customer data in order to respond to a legal third party data request or process, including legal processes from customers themselves.", "The principal accessed customer data in order to diagnose or resolve a suspected issue in services or a known outage.", "Similar to 'GOOGLE_INITIATED_SERVICE' or 'GOOGLE_INITIATED_REVIEW', but with universe agnostic naming. The principal accessed customer data in order to diagnose or resolve a suspected issue in services or a known outage, or for security, fraud, abuse, or compliance review purposes." ], "description": "Type of access justification." }, "detail": { "description": "More detail about certain reason types. See comments for each type above.", "type": "string" } } }, "EkmConnections": { "id": "EkmConnections", "description": "The EKM connections associated with a workload", "type": "object", "properties": { "ekmConnections": { "type": "array", "description": "The EKM connections associated with the workload", "items": { "$ref": "EkmConnection" } }, "name": { "description": "Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/ekmConnections`", "type": "string" } } }, "AccessApprovalRequest": { "type": "object", "properties": { "name": { "type": "string", "description": "Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/accessApprovalRequests/{access_approval_request}`" }, "requestedReason": { "description": "The justification for which approval is being requested.", "$ref": "AccessReason" }, "requestedExpirationTime": { "type": "string", "description": "The requested expiration for the approval. If the request is approved, access will be granted from the time of approval until the expiration time.", "format": "google-datetime" }, "requestTime": { "type": "string", "description": "The time at which approval was requested.", "format": "google-datetime" } }, "description": "Details about the Access request.", "id": "AccessApprovalRequest" }, "WorkloadOnboardingStep": { "type": "object", "properties": { "startTime": { "type": "string", "description": "The starting time of the onboarding step.", "format": "google-datetime" }, "completionTime": { "description": "The completion time of the onboarding step.", "format": "google-datetime", "type": "string" }, "step": { "description": "The onboarding step.", "enum": [ "STEP_UNSPECIFIED", "EKM_PROVISIONED", "SIGNED_ACCESS_APPROVAL_CONFIGURED" ], "type": "string", "enumDescriptions": [ "Unspecified step.", "EKM Provisioned step.", "Signed Access Approval step." ] }, "completionState": { "type": "string", "readOnly": true, "enum": [ "COMPLETION_STATE_UNSPECIFIED", "PENDING", "SUCCEEDED", "FAILED", "NOT_APPLICABLE" ], "description": "Output only. The completion state of the onboarding step.", "enumDescriptions": [ "Unspecified completion state.", "Task started (has start date) but not yet completed.", "Succeeded state.", "Failed state.", "Not applicable state." ] } }, "id": "WorkloadOnboardingStep", "description": "Container for workload onboarding information." }, "ListCustomersResponse": { "id": "ListCustomersResponse", "description": "Response message for list customer Customers requests", "type": "object", "properties": { "customers": { "description": "List of customers", "items": { "$ref": "Customer" }, "type": "array" }, "nextPageToken": { "type": "string", "description": "A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages." }, "unreachable": { "type": "array", "description": "Locations that could not be reached.", "items": { "type": "string" } } } }, "WorkloadOnboardingState": { "id": "WorkloadOnboardingState", "description": "Container for workload onboarding steps.", "type": "object", "properties": { "onboardingSteps": { "type": "array", "description": "List of workload onboarding steps.", "items": { "$ref": "WorkloadOnboardingStep" } } } }, "ListAccessApprovalRequestsResponse": { "description": "Response message for list access requests.", "id": "ListAccessApprovalRequestsResponse", "type": "object", "properties": { "nextPageToken": { "type": "string", "description": "A token that can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages." }, "accessApprovalRequests": { "type": "array", "description": "List of access approval requests", "items": { "$ref": "AccessApprovalRequest" } }, "unreachable": { "type": "array", "description": "Locations that could not be reached.", "items": { "type": "string" } } } }, "PartnerPermissions": { "type": "object", "properties": { "name": { "type": "string", "description": "Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/partnerPermissions`" }, "partnerPermissions": { "type": "array", "description": "The partner permissions granted for the workload", "items": { "enum": [ "PERMISSION_UNSPECIFIED", "ACCESS_TRANSPARENCY_AND_EMERGENCY_ACCESS_LOGS", "ASSURED_WORKLOADS_MONITORING", "ACCESS_APPROVAL_REQUESTS", "ASSURED_WORKLOADS_EKM_CONNECTION_STATUS", "ACCESS_TRANSPARENCY_LOGS_SUPPORT_CASE_VIEWER" ], "type": "string", "enumDescriptions": [ "Unspecified partner permission", "Permission for Access Transparency and emergency logs", "Permission for Assured Workloads monitoring violations", "Permission for Access Approval requests", "Permission for External Key Manager connection status", "Permission for support case details for Access Transparency log entries" ] } } }, "id": "PartnerPermissions", "description": "The permissions granted to the partner for a workload" }, "Violation": { "type": "object", "properties": { "beginTime": { "description": "Output only. Time of the event which triggered the Violation.", "format": "google-datetime", "type": "string", "readOnly": true }, "updateTime": { "type": "string", "readOnly": true, "description": "Output only. The last time when the Violation record was updated.", "format": "google-datetime" }, "resolveTime": { "description": "Output only. Time of the event which fixed the Violation. If the violation is ACTIVE this will be empty.", "format": "google-datetime", "type": "string", "readOnly": true }, "description": { "description": "Output only. Description for the Violation. e.g. OrgPolicy gcp.resourceLocations has non compliant value.", "readOnly": true, "type": "string" }, "state": { "description": "Output only. State of the violation", "enumDescriptions": [ "Unspecified state.", "Violation is resolved.", "Violation is Unresolved", "Violation is Exception" ], "type": "string", "readOnly": true, "enum": [ "STATE_UNSPECIFIED", "RESOLVED", "UNRESOLVED", "EXCEPTION" ] }, "name": { "type": "string", "description": "Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/violations/{violation}`" }, "nonCompliantOrgPolicy": { "type": "string", "readOnly": true, "description": "Output only. Immutable. Name of the OrgPolicy which was modified with non-compliant change and resulted this violation. Format: `projects/{project_number}/policies/{constraint_name}` `folders/{folder_id}/policies/{constraint_name}` `organizations/{organization_id}/policies/{constraint_name}`" }, "folderId": { "description": "The folder_id of the violation", "format": "int64", "type": "string" }, "remediation": { "readOnly": true, "$ref": "Remediation", "description": "Output only. Compliance violation remediation" }, "category": { "description": "Output only. Category under which this violation is mapped. e.g. Location, Service Usage, Access, Encryption, etc.", "readOnly": true, "type": "string" } }, "id": "Violation", "description": "Details of resource Violation" }, "Instructions": { "id": "Instructions", "description": "Instructions to remediate violation", "type": "object", "properties": { "gcloudInstructions": { "$ref": "Gcloud", "description": "Remediation instructions to resolve violation via gcloud cli" }, "consoleInstructions": { "$ref": "Console", "description": "Remediation instructions to resolve violation via cloud console" } } }, "Remediation": { "type": "object", "properties": { "instructions": { "description": "Required. Remediation instructions to resolve violations", "$ref": "Instructions" }, "remediationType": { "type": "string", "readOnly": true, "enum": [ "REMEDIATION_TYPE_UNSPECIFIED", "REMEDIATION_BOOLEAN_ORG_POLICY_VIOLATION", "REMEDIATION_LIST_ALLOWED_VALUES_ORG_POLICY_VIOLATION", "REMEDIATION_LIST_DENIED_VALUES_ORG_POLICY_VIOLATION", "REMEDIATION_RESTRICT_CMEK_CRYPTO_KEY_PROJECTS_ORG_POLICY_VIOLATION", "REMEDIATION_RESOURCE_VIOLATION" ], "description": "Output only. Remediation type based on the type of org policy values violated", "enumDescriptions": [ "Unspecified remediation type", "Remediation type for boolean org policy", "Remediation type for list org policy which have allowed values in the monitoring rule", "Remediation type for list org policy which have denied values in the monitoring rule", "Remediation type for gcp.restrictCmekCryptoKeyProjects", "Remediation type for resource violation." ] }, "compliantValues": { "description": "Values that can resolve the violation For example: for list org policy violations, this will either be the list of allowed or denied values", "items": { "type": "string" }, "type": "array" } }, "description": "Represents remediation guidance to resolve compliance violation for AssuredWorkload", "id": "Remediation" }, "Gcloud": { "id": "Gcloud", "description": "Remediation instructions to resolve violation via gcloud cli", "type": "object", "properties": { "gcloudCommands": { "description": "Gcloud command to resolve violation", "items": { "type": "string" }, "type": "array" }, "steps": { "type": "array", "description": "Steps to resolve violation via gcloud cli", "items": { "type": "string" } }, "additionalLinks": { "type": "array", "description": "Additional urls for more information about steps", "items": { "type": "string" } } } }, "Customer": { "id": "Customer", "description": "Contains metadata around a Cloud Controls Partner Customer", "type": "object", "properties": { "customerOnboardingState": { "description": "Output only. Container for customer onboarding steps", "$ref": "CustomerOnboardingState", "readOnly": true }, "isOnboarded": { "description": "Output only. Indicates whether a customer is fully onboarded", "type": "boolean", "readOnly": true }, "name": { "description": "Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}`", "type": "string" }, "displayName": { "type": "string", "description": "Required. Display name for the customer" }, "organizationDomain": { "type": "string", "readOnly": true, "description": "Output only. The customer organization domain, extracted from CRM Organization’s display_name field. e.g. \"google.com\"" } } }, "OperationMetadata": { "id": "OperationMetadata", "description": "Represents the metadata of the long-running operation.", "type": "object", "properties": { "verb": { "description": "Output only. Name of the verb executed by the operation.", "type": "string", "readOnly": true }, "requestedCancellation": { "type": "boolean", "readOnly": true, "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`." }, "createTime": { "description": "Output only. The time the operation was created.", "format": "google-datetime", "type": "string", "readOnly": true }, "statusMessage": { "description": "Output only. Human-readable status of the operation, if any.", "readOnly": true, "type": "string" }, "endTime": { "readOnly": true, "type": "string", "description": "Output only. The time the operation finished running.", "format": "google-datetime" }, "target": { "type": "string", "readOnly": true, "description": "Output only. Server-defined resource path for the target of the operation." }, "apiVersion": { "readOnly": true, "type": "string", "description": "Output only. API version used to start the operation." } } }, "Partner": { "type": "object", "properties": { "operatedCloudRegions": { "description": "List of Google Cloud regions that the partner sells services to customers. Valid Google Cloud regions found here: https://cloud.google.com/compute/docs/regions-zones", "items": { "type": "string" }, "type": "array" }, "partnerProjectId": { "description": "Google Cloud project ID in the partner's Google Cloud organization for receiving enhanced Logs for Partners.", "type": "string" }, "createTime": { "type": "string", "readOnly": true, "description": "Output only. Time the resource was created", "format": "google-datetime" }, "name": { "type": "string", "description": "Identifier. The resource name of the partner. Format: `organizations/{organization}/locations/{location}/partner` Example: \"organizations/123456/locations/us-central1/partner\"" }, "skus": { "type": "array", "description": "List of SKUs the partner is offering", "items": { "$ref": "Sku" } }, "ekmSolutions": { "type": "array", "description": "List of Google Cloud supported EKM partners supported by the partner", "items": { "$ref": "EkmMetadata" } }, "updateTime": { "type": "string", "readOnly": true, "description": "Output only. The last time the resource was updated", "format": "google-datetime" } }, "description": "Message describing Partner resource", "id": "Partner" }, "Workload": { "id": "Workload", "description": "Contains metadata around the [Workload resource](https://cloud.google.com/assured-workloads/docs/reference/rest/Shared.Types/Workload) in the Assured Workloads API.", "type": "object", "properties": { "workloadOnboardingState": { "description": "Container for workload onboarding steps.", "$ref": "WorkloadOnboardingState" }, "isOnboarded": { "description": "Indicates whether a workload is fully onboarded.", "type": "boolean" }, "folder": { "description": "Output only. The name of container folder of the assured workload", "type": "string", "readOnly": true }, "keyManagementProjectId": { "type": "string", "description": "The project id of the key management project for the workload" }, "folderId": { "description": "Output only. Folder id this workload is associated with", "format": "int64", "readOnly": true, "type": "string" }, "partner": { "description": "Partner associated with this workload.", "enum": [ "PARTNER_UNSPECIFIED", "PARTNER_LOCAL_CONTROLS_BY_S3NS", "PARTNER_SOVEREIGN_CONTROLS_BY_T_SYSTEMS", "PARTNER_SOVEREIGN_CONTROLS_BY_SIA_MINSAIT", "PARTNER_SOVEREIGN_CONTROLS_BY_PSN", "PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT", "PARTNER_SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM", "PARTNER_SPAIN_DATA_BOUNDARY_BY_TELEFONICA" ], "type": "string", "enumDescriptions": [ "Unknown Partner.", "Enum representing S3NS (Thales) partner.", "Enum representing T_SYSTEM (TSI) partner.", "Enum representing SIA_MINSAIT (Indra) partner.", "Enum representing PSN (TIM) partner.", "Enum representing CNTXT (Kingdom of Saudi Arabia) partner.", "Enum representing CNXT (Kingdom of Saudi Arabia) partner offering without EKM provisioning.", "Enum representing Telefonica (Spain) partner." ] }, "createTime": { "type": "string", "readOnly": true, "description": "Output only. Time the resource was created.", "format": "google-datetime" }, "name": { "description": "Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}`", "type": "string" }, "location": { "description": "The Google Cloud location of the workload", "type": "string" } } }, "Sku": { "type": "object", "properties": { "displayName": { "type": "string", "description": "Display name of the product identified by the SKU. A partner may want to show partner branded names for their offerings such as local sovereign cloud solutions." }, "id": { "type": "string", "description": "Argentum product SKU, that is associated with the partner offerings to customers used by Syntro for billing purposes. SKUs can represent resold Google products or support services." } }, "id": "Sku", "description": "Represents the SKU a partner owns inside Google Cloud to sell to customers." } }, "kind": "discovery#restDescription", "basePath": "", "resources": { "organizations": { "resources": { "locations": { "resources": { "customers": { "methods": { "delete": { "httpMethod": "DELETE", "parameterOrder": [ "name" ], "response": { "$ref": "Empty" }, "path": "v1/{+name}", "parameters": { "name": { "type": "string", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+$", "required": true, "description": "Required. name of the resource to be deleted format: name=organizations/*/locations/*/customers/*", "location": "path" } }, "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}", "id": "cloudcontrolspartner.organizations.locations.customers.delete", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "description": "Delete details of a single customer" }, "patch": { "description": "Update details of a single customer", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}", "id": "cloudcontrolspartner.organizations.locations.customers.patch", "parameters": { "name": { "location": "path", "description": "Identifier. Format: `organizations/{organization}/locations/{location}/customers/{customer}`", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+$", "required": true, "type": "string" }, "updateMask": { "location": "query", "type": "string", "description": "Optional. The list of fields to update", "format": "google-fieldmask" } }, "response": { "$ref": "Customer" }, "path": "v1/{+name}", "httpMethod": "PATCH", "parameterOrder": [ "name" ], "request": { "$ref": "Customer" } }, "list": { "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "description": "Lists customers of a partner identified by its Google Cloud organization ID", "id": "cloudcontrolspartner.organizations.locations.customers.list", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers", "path": "v1/{+parent}/customers", "response": { "$ref": "ListCustomersResponse" }, "parameters": { "parent": { "pattern": "^organizations/[^/]+/locations/[^/]+$", "required": true, "type": "string", "location": "path", "description": "Required. Parent resource Format: `organizations/{organization}/locations/{location}`" }, "pageToken": { "location": "query", "type": "string", "description": "A page token, received from a previous `ListCustomers` call. Provide this to retrieve the subsequent page." }, "orderBy": { "description": "Optional. Hint for how to order the results", "location": "query", "type": "string" }, "filter": { "description": "Optional. Filtering results", "location": "query", "type": "string" }, "pageSize": { "description": "The maximum number of Customers to return. The service may return fewer than this value. If unspecified, at most 500 Customers will be returned.", "format": "int32", "location": "query", "type": "integer" } }, "httpMethod": "GET", "parameterOrder": [ "parent" ] }, "create": { "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers", "id": "cloudcontrolspartner.organizations.locations.customers.create", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "description": "Creates a new customer.", "request": { "$ref": "Customer" }, "httpMethod": "POST", "parameterOrder": [ "parent" ], "response": { "$ref": "Customer" }, "path": "v1/{+parent}/customers", "parameters": { "parent": { "type": "string", "pattern": "^organizations/[^/]+/locations/[^/]+$", "required": true, "location": "path", "description": "Required. Parent resource Format: `organizations/{organization}/locations/{location}`" }, "customerId": { "description": "Required. The customer id to use for the customer, which will become the final component of the customer's resource name. The specified value must be a valid Google cloud organization id.", "location": "query", "type": "string" } } }, "get": { "description": "Gets details of a single customer", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}", "id": "cloudcontrolspartner.organizations.locations.customers.get", "parameters": { "name": { "description": "Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}`", "location": "path", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+$", "required": true, "type": "string" } }, "response": { "$ref": "Customer" }, "path": "v1/{+name}", "httpMethod": "GET", "parameterOrder": [ "name" ] } }, "resources": { "workloads": { "resources": { "accessApprovalRequests": { "deprecated": true, "methods": { "list": { "httpMethod": "GET", "parameterOrder": [ "parent" ], "path": "v1/{+parent}/accessApprovalRequests", "deprecated": true, "response": { "$ref": "ListAccessApprovalRequestsResponse" }, "parameters": { "pageSize": { "location": "query", "type": "integer", "description": "Optional. The maximum number of access requests to return. The service may return fewer than this value. If unspecified, at most 500 access requests will be returned.", "format": "int32" }, "filter": { "location": "query", "type": "string", "description": "Optional. Filtering results." }, "orderBy": { "description": "Optional. Hint for how to order the results.", "location": "query", "type": "string" }, "parent": { "type": "string", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+/workloads/[^/]+$", "required": true, "location": "path", "description": "Required. Parent resource Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}`" }, "pageToken": { "location": "query", "type": "string", "description": "Optional. A page token, received from a previous `ListAccessApprovalRequests` call. Provide this to retrieve the subsequent page." } }, "id": "cloudcontrolspartner.organizations.locations.customers.workloads.accessApprovalRequests.list", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/accessApprovalRequests", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "description": "Deprecated: Only returns access approval requests directly associated with an assured workload folder." } } }, "violations": { "methods": { "list": { "description": "Lists Violations for a workload Callers may also choose to read across multiple Customers or for a single customer as per [AIP-159](https://google.aip.dev/159) by using '-' (the hyphen or dash character) as a wildcard character instead of {customer} & {workload}. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}`", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "id": "cloudcontrolspartner.organizations.locations.customers.workloads.violations.list", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/violations", "parameters": { "orderBy": { "description": "Optional. Hint for how to order the results", "location": "query", "type": "string" }, "interval.startTime": { "location": "query", "type": "string", "description": "Optional. Inclusive start of the interval. If specified, a Timestamp matching this interval will have to be the same or after the start.", "format": "google-datetime" }, "parent": { "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+/workloads/[^/]+$", "required": true, "type": "string", "description": "Required. Parent resource Format `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}`", "location": "path" }, "pageToken": { "description": "Optional. A page token, received from a previous `ListViolations` call. Provide this to retrieve the subsequent page.", "location": "query", "type": "string" }, "pageSize": { "description": "Optional. The maximum number of customers row to return. The service may return fewer than this value. If unspecified, at most 10 customers will be returned.", "format": "int32", "location": "query", "type": "integer" }, "interval.endTime": { "location": "query", "type": "string", "description": "Optional. Exclusive end of the interval. If specified, a Timestamp matching this interval will have to be before the end.", "format": "google-datetime" }, "filter": { "description": "Optional. Filtering results", "location": "query", "type": "string" } }, "path": "v1/{+parent}/violations", "response": { "$ref": "ListViolationsResponse" }, "httpMethod": "GET", "parameterOrder": [ "parent" ] }, "get": { "path": "v1/{+name}", "response": { "$ref": "Violation" }, "parameters": { "name": { "type": "string", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+/workloads/[^/]+/violations/[^/]+$", "required": true, "description": "Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/violations/{violation}`", "location": "path" } }, "httpMethod": "GET", "parameterOrder": [ "name" ], "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "description": "Gets details of a single Violation.", "id": "cloudcontrolspartner.organizations.locations.customers.workloads.violations.get", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/violations/{violationsId}" } } } }, "methods": { "getEkmConnections": { "description": "Gets the EKM connections associated with a workload", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/ekmConnections", "id": "cloudcontrolspartner.organizations.locations.customers.workloads.getEkmConnections", "parameters": { "name": { "description": "Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/ekmConnections`", "location": "path", "type": "string", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+/workloads/[^/]+/ekmConnections$", "required": true } }, "response": { "$ref": "EkmConnections" }, "path": "v1/{+name}", "httpMethod": "GET", "parameterOrder": [ "name" ] }, "get": { "response": { "$ref": "Workload" }, "path": "v1/{+name}", "parameters": { "name": { "location": "path", "description": "Required. Format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}`", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+/workloads/[^/]+$", "required": true, "type": "string" } }, "httpMethod": "GET", "parameterOrder": [ "name" ], "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "description": "Gets details of a single workload", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}", "id": "cloudcontrolspartner.organizations.locations.customers.workloads.get" }, "getPartnerPermissions": { "id": "cloudcontrolspartner.organizations.locations.customers.workloads.getPartnerPermissions", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads/{workloadsId}/partnerPermissions", "description": "Gets the partner permissions granted for a workload", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "httpMethod": "GET", "parameterOrder": [ "name" ], "parameters": { "name": { "location": "path", "description": "Required. Name of the resource to get in the format: `organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/partnerPermissions`", "type": "string", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+/workloads/[^/]+/partnerPermissions$", "required": true } }, "path": "v1/{+name}", "response": { "$ref": "PartnerPermissions" } }, "list": { "httpMethod": "GET", "parameterOrder": [ "parent" ], "parameters": { "pageSize": { "location": "query", "type": "integer", "description": "The maximum number of workloads to return. The service may return fewer than this value. If unspecified, at most 500 workloads will be returned.", "format": "int32" }, "filter": { "description": "Optional. Filtering results.", "location": "query", "type": "string" }, "orderBy": { "location": "query", "type": "string", "description": "Optional. Hint for how to order the results." }, "parent": { "location": "path", "description": "Required. Parent resource Format: `organizations/{organization}/locations/{location}/customers/{customer}`", "type": "string", "pattern": "^organizations/[^/]+/locations/[^/]+/customers/[^/]+$", "required": true }, "pageToken": { "location": "query", "type": "string", "description": "A page token, received from a previous `ListWorkloads` call. Provide this to retrieve the subsequent page." } }, "path": "v1/{+parent}/workloads", "response": { "$ref": "ListWorkloadsResponse" }, "id": "cloudcontrolspartner.organizations.locations.customers.workloads.list", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/customers/{customersId}/workloads", "description": "Lists customer workloads for a given customer org id", "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] } } } } } }, "methods": { "getPartner": { "path": "v1/{+name}", "response": { "$ref": "Partner" }, "parameters": { "name": { "description": "Required. Format: `organizations/{organization}/locations/{location}/partner`", "location": "path", "pattern": "^organizations/[^/]+/locations/[^/]+/partner$", "required": true, "type": "string" } }, "httpMethod": "GET", "parameterOrder": [ "name" ], "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ], "description": "Get details of a Partner.", "id": "cloudcontrolspartner.organizations.locations.getPartner", "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/partner" } } } } } }, "description": "Provides insights about your customers and their Assured Workloads based on your Sovereign Controls by Partners offering.", "batchPath": "batch", "servicePath": "" }