# Copyright 2023 Google LLC. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. info: title: Compute/PacketMirroring description: Packet Mirroring mirrors traffic to and from particular VM instances. You can use the collected traffic to help you detect security threats and monitor application performance. x-dcl-struct-name: PacketMirroring x-dcl-has-iam: false x-dcl-ref: text: API documentation url: https://cloud.google.com/compute/docs/reference/rest/beta/packetMirrorings x-dcl-guides: - text: Using Packet Mirroring url: https://cloud.google.com/vpc/docs/using-packet-mirroring paths: get: description: The function used to get information about a PacketMirroring parameters: - name: packetMirroring required: true description: A full instance of a PacketMirroring apply: description: The function used to apply information about a PacketMirroring parameters: - name: packetMirroring required: true description: A full instance of a PacketMirroring delete: description: The function used to delete a PacketMirroring parameters: - name: packetMirroring required: true description: A full instance of a PacketMirroring deleteAll: description: The function used to delete all PacketMirroring parameters: - name: project required: true schema: type: string - name: location required: true schema: type: string list: description: The function used to list information about many PacketMirroring parameters: - name: project required: true schema: type: string - name: location required: true schema: type: string components: schemas: PacketMirroring: title: PacketMirroring x-dcl-id: projects/{{project}}/regions/{{location}}/packetMirrorings/{{name}} x-dcl-locations: - region x-dcl-parent-container: project x-dcl-has-create: true x-dcl-has-iam: false x-dcl-read-timeout: 0 x-dcl-apply-timeout: 0 x-dcl-delete-timeout: 0 type: object required: - name - network - collectorIlb - mirroredResources - project - location properties: collectorIlb: type: object x-dcl-go-name: CollectorIlb x-dcl-go-type: PacketMirroringCollectorIlb description: The Forwarding Rule resource of type `loadBalancingScheme=INTERNAL` that will be used as collector for mirrored traffic. The specified forwarding rule must have `isMirroringCollector` set to true. required: - url properties: canonicalUrl: type: string x-dcl-go-name: CanonicalUrl readOnly: true description: Output only. Unique identifier for the forwarding rule; defined by the server. url: type: string x-dcl-go-name: Url description: Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic. x-dcl-references: - resource: Compute/ForwardingRule field: selfLink description: type: string x-dcl-go-name: Description description: An optional description of this resource. Provide this property when you create the resource. enable: type: string x-dcl-go-name: Enable x-dcl-go-type: PacketMirroringEnableEnum description: Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE. x-dcl-server-default: true enum: - "TRUE" - "FALSE" filter: type: object x-dcl-go-name: Filter x-dcl-go-type: PacketMirroringFilter description: Filter for mirrored traffic. If unspecified, all traffic is mirrored. x-dcl-server-default: true properties: cidrRanges: type: array x-dcl-go-name: CidrRanges description: IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored. x-dcl-send-empty: true x-dcl-list-type: list items: type: string x-dcl-go-type: string direction: type: string x-dcl-go-name: Direction x-dcl-go-type: PacketMirroringFilterDirectionEnum description: Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH. enum: - INGRESS - EGRESS ipProtocols: type: array x-dcl-go-name: IPProtocols description: Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored. x-dcl-send-empty: true x-dcl-list-type: list items: type: string x-dcl-go-type: string id: type: integer format: int64 x-dcl-go-name: Id readOnly: true description: Output only. The unique identifier for the resource. This identifier is defined by the server. x-kubernetes-immutable: true location: type: string x-dcl-go-name: Location description: The location for the resource x-kubernetes-immutable: true mirroredResources: type: object x-dcl-go-name: MirroredResources x-dcl-go-type: PacketMirroringMirroredResources description: PacketMirroring mirroredResourceInfos. MirroredResourceInfo specifies a set of mirrored VM instances, subnetworks and/or tags for which traffic from/to all VM instances will be mirrored. properties: instances: type: array x-dcl-go-name: Instances description: A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances. x-dcl-send-empty: true x-dcl-list-type: list items: type: object x-dcl-go-type: PacketMirroringMirroredResourcesInstances properties: canonicalUrl: type: string x-dcl-go-name: CanonicalUrl readOnly: true description: Output only. Unique identifier for the instance; defined by the server. x-kubernetes-immutable: true url: type: string x-dcl-go-name: Url description: Resource URL to the virtual machine instance which is being mirrored. x-dcl-references: - resource: Compute/Instance field: selfLink subnetworks: type: array x-dcl-go-name: Subnetworks description: A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks. x-kubernetes-immutable: true x-dcl-send-empty: true x-dcl-list-type: list items: type: object x-dcl-go-type: PacketMirroringMirroredResourcesSubnetworks properties: canonicalUrl: type: string x-dcl-go-name: CanonicalUrl readOnly: true description: Output only. Unique identifier for the subnetwork; defined by the server. x-kubernetes-immutable: true url: type: string x-dcl-go-name: Url description: Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored. x-kubernetes-immutable: true x-dcl-references: - resource: Compute/Subnetwork field: selfLink tags: type: array x-dcl-go-name: Tags description: A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored. x-dcl-send-empty: true x-dcl-list-type: list items: type: string x-dcl-go-type: string name: type: string x-dcl-go-name: Name description: Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). Specifically, the name must be 1-63 characters long and match the regular expression `)?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. x-kubernetes-immutable: true network: type: object x-dcl-go-name: Network x-dcl-go-type: PacketMirroringNetwork description: Specifies the mirrored VPC network. Only packets in this network will be mirrored. All mirrored VMs should have a NIC in the given network. All mirrored subnetworks should belong to the given network. x-kubernetes-immutable: true required: - url properties: canonicalUrl: type: string x-dcl-go-name: CanonicalUrl readOnly: true description: Output only. Unique identifier for the network; defined by the server. x-kubernetes-immutable: true url: type: string x-dcl-go-name: Url description: URL of the network resource. x-kubernetes-immutable: true x-dcl-references: - resource: Compute/Network field: selfLink priority: type: integer format: int64 x-dcl-go-name: Priority description: The priority of applying this configuration. Priority is used to break ties in cases where there is more than one matching rule. In the case of two rules that apply for a given Instance, the one with the lowest-numbered priority value wins. Default value is 1000. Valid range is 0 through 65535. x-dcl-server-default: true project: type: string x-dcl-go-name: Project description: The project for the resource x-kubernetes-immutable: true x-dcl-references: - resource: Cloudresourcemanager/Project field: name parent: true region: type: string x-dcl-go-name: Region readOnly: true description: URI of the region where the packetMirroring resides. x-kubernetes-immutable: true selfLink: type: string x-dcl-go-name: SelfLink readOnly: true description: Server-defined URL for the resource. x-kubernetes-immutable: true