REST Resource: projects.locations.instances

Resource: Instance

A resource that represents a Secure Source Manager instance.

JSON representation
{
  "name": string,
  "createTime": string,
  "updateTime": string,
  "labels": {
    string: string,
    ...
  },
  "privateConfig": {
    object (PrivateConfig)
  },
  "state": enum (State),
  "stateNote": enum (StateNote),
  "kmsKey": string,
  "hostConfig": {
    object (HostConfig)
  },
  "workforceIdentityFederationConfig": {
    object (WorkforceIdentityFederationConfig)
  }
}
Fields
name

string

Optional. A unique identifier for an instance. The name should be of the format: projects/{project_number}/locations/{locationId}/instances/{instanceId}

project_number: Maps to a unique int64 id assigned to each project.

locationId: Refers to the region where the instance will be deployed. Since Secure Source Manager is a regional service, it must be one of the valid GCP regions.

instanceId: User provided name for the instance, must be unique for a project_number and locationId combination.

createTime

string (Timestamp format)

Output only. Create timestamp.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

updateTime

string (Timestamp format)

Output only. Update timestamp.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

labels

map (key: string, value: string)

Optional. Labels as key value pairs.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

privateConfig

object (PrivateConfig)

Optional. Private settings for private instance.

state

enum (State)

Output only. Current state of the instance.

stateNote

enum (StateNote)

Output only. An optional field providing information about the current instance state.

kmsKey

string

Optional. Immutable. Customer-managed encryption key name, in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

hostConfig

object (HostConfig)

Output only. A list of hostnames for this instance.

workforceIdentityFederationConfig

object (WorkforceIdentityFederationConfig)

Optional. Configuration for Workforce Identity Federation to support third party identity provider. If unset, defaults to the Google OIDC IdP.

PrivateConfig

PrivateConfig includes settings for private instance.

JSON representation
{
  "isPrivate": boolean,
  "caPool": string,
  "httpServiceAttachment": string,
  "sshServiceAttachment": string,
  "pscAllowedProjects": [
    string
  ]
}
Fields
isPrivate

boolean

Required. Immutable. Indicate if it's private instance.

caPool

string

Required. Immutable. CA pool resource, resource must in the format of projects/{project}/locations/{location}/caPools/{caPool}.

httpServiceAttachment

string

Output only. Service Attachment for HTTP, resource is in the format of projects/{project}/regions/{region}/serviceAttachments/{service_attachment}.

sshServiceAttachment

string

Output only. Service Attachment for SSH, resource is in the format of projects/{project}/regions/{region}/serviceAttachments/{service_attachment}.

pscAllowedProjects[]

string

Optional. Additional allowed projects for setting up PSC connections. Instance host project is automatically allowed and does not need to be included in this list.

State

Secure Source Manager instance state.

Enums
STATE_UNSPECIFIED Not set. This should only be the case for incoming requests.
CREATING Instance is being created.
ACTIVE Instance is ready.
DELETING Instance is being deleted.
PAUSED Instance is paused.
UNKNOWN Instance is unknown, we are not sure if it's functioning.

StateNote

Provides information about the current instance state.

Enums
STATE_NOTE_UNSPECIFIED STATE_NOTE_UNSPECIFIED as the first value of State.
PAUSED_CMEK_UNAVAILABLE CMEK access is unavailable.
INSTANCE_RESUMING

INSTANCE_RESUMING indicates that the instance was previously paused and is under the process of being brought back.

HostConfig

HostConfig has different instance endpoints.

JSON representation
{
  "html": string,
  "api": string,
  "gitHttp": string,
  "gitSsh": string
}
Fields
html

string

Output only. HTML hostname.

api

string

Output only. API hostname. This is the hostname to use for Host: Data Plane endpoints.

gitHttp

string

Output only. Git HTTP hostname.

gitSsh

string

Output only. Git SSH hostname.

WorkforceIdentityFederationConfig

WorkforceIdentityFederationConfig allows this instance to support users from external identity providers.

JSON representation
{
  "enabled": boolean
}
Fields
enabled

boolean

Optional. Immutable. Whether Workforce Identity Federation is enabled.

Methods

create

Creates a new instance in a given project and location.

delete

Deletes a single instance.

get

Gets details of a single instance.

getIamPolicy

Gets the access control policy for a resource.

list

Lists Instances in a given project and location.

setIamPolicy

Sets the access control policy on the specified resource.

testIamPermissions

Returns permissions that a caller has on the specified resource.