// Copyright 2021 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. syntax = "proto3"; package google.cloud.sql.v1; import "google/api/annotations.proto"; import "google/api/field_behavior.proto"; import "google/cloud/sql/v1/cloud_sql_resources.proto"; import "google/api/client.proto"; option go_package = "google.golang.org/genproto/googleapis/cloud/sql/v1;sql"; option java_multiple_files = true; option java_outer_classname = "CloudSqlUsersProto"; option java_package = "com.google.cloud.sql.v1"; // NOTE: No sensitive PII logging is allowed. If you are adding a field/enum // value that is sensitive PII, please add corresponding datapol annotation to // it. For more information, please see // https://g3doc.corp.google.com/storage/speckle/g3doc/purple_team/data_pol_annotations.md?cl=head // Cloud SQL users service. service SqlUsersService { option (google.api.default_host) = "sqladmin.googleapis.com"; option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform," "https://www.googleapis.com/auth/sqlservice.admin"; // Deletes a user from a Cloud SQL instance. rpc Delete(SqlUsersDeleteRequest) returns (Operation) { option (google.api.http) = { delete: "/v1/projects/{project}/instances/{instance}/users" }; } // Creates a new user in a Cloud SQL instance. rpc Insert(SqlUsersInsertRequest) returns (Operation) { option (google.api.http) = { post: "/v1/projects/{project}/instances/{instance}/users" body: "body" }; } // Lists users in the specified Cloud SQL instance. rpc List(SqlUsersListRequest) returns (UsersListResponse) { option (google.api.http) = { get: "/v1/projects/{project}/instances/{instance}/users" }; } // Updates an existing user in a Cloud SQL instance. rpc Update(SqlUsersUpdateRequest) returns (Operation) { option (google.api.http) = { put: "/v1/projects/{project}/instances/{instance}/users" body: "body" }; } } message SqlUsersDeleteRequest { // Host of the user in the instance. string host = 1; // Database instance ID. This does not include the project ID. string instance = 2; // Name of the user in the instance. string name = 3; // Project ID of the project that contains the instance. string project = 4; } message SqlUsersInsertRequest { // Database instance ID. This does not include the project ID. string instance = 1; // Project ID of the project that contains the instance. string project = 2; User body = 100; } message SqlUsersListRequest { // Database instance ID. This does not include the project ID. string instance = 1; // Project ID of the project that contains the instance. string project = 2; } message SqlUsersUpdateRequest { // Optional. Host of the user in the instance. string host = 1 [(google.api.field_behavior) = OPTIONAL]; // Database instance ID. This does not include the project ID. string instance = 2; // Name of the user in the instance. string name = 3; // Project ID of the project that contains the instance. string project = 4; User body = 100; } // A Cloud SQL user resource. message User { // The user type. enum SqlUserType { // The database's built-in user type. BUILT_IN = 0; // Cloud IAM user. CLOUD_IAM_USER = 1; // Cloud IAM service account. CLOUD_IAM_SERVICE_ACCOUNT = 2; } // This is always **sql#user**. string kind = 1; // The password for the user. string password = 2; // This field is deprecated and will be removed from a future version of the // API. string etag = 3; // The name of the user in the Cloud SQL instance. Can be omitted for // **update** since it is already specified in the URL. string name = 4; // The host name from which the user can connect. For **insert** // operations, host defaults to an empty string. For **update** // operations, host is specified as part of the request URL. The host name // cannot be updated after insertion. string host = 5; // The name of the Cloud SQL instance. This does not include the project ID. // Can be omitted for **update** since it is already specified on the // URL. string instance = 6; // The project ID of the project containing the Cloud SQL database. The Google // apps domain is prefixed if applicable. Can be omitted for **update** since // it is already specified on the URL. string project = 7; // The user type. It determines the method to authenticate the user during // login. The default is the database's built-in user type. SqlUserType type = 8; // User details for specific database type oneof user_details { SqlServerUserDetails sqlserver_user_details = 9; } } // Represents a Sql Server user on the Cloud SQL instance. message SqlServerUserDetails { // If the user has been disabled bool disabled = 1; // The server roles for this user repeated string server_roles = 2; } // User list response. message UsersListResponse { // This is always **sql#usersList**. string kind = 1; // List of user resources in the instance. repeated User items = 2; // An identifier that uniquely identifies the operation. You can use this // identifier to retrieve the Operations resource that has information about // the operation. string next_page_token = 3; }