-
Notifications
You must be signed in to change notification settings - Fork 2.2k
/
transfer_types.proto
1340 lines (1126 loc) · 51.5 KB
/
transfer_types.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
// Copyright 2023 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.storagetransfer.v1;
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/timestamp.proto";
import "google/rpc/code.proto";
import "google/type/date.proto";
import "google/type/timeofday.proto";
option cc_enable_arenas = true;
option csharp_namespace = "Google.Cloud.StorageTransfer.V1";
option go_package = "cloud.google.com/go/storagetransfer/apiv1/storagetransferpb;storagetransferpb";
option java_outer_classname = "TransferTypes";
option java_package = "com.google.storagetransfer.v1.proto";
option php_namespace = "Google\\Cloud\\StorageTransfer\\V1";
option ruby_package = "Google::Cloud::StorageTransfer::V1";
// Google service account
message GoogleServiceAccount {
// Email address of the service account.
string account_email = 1;
// Unique identifier for the service account.
string subject_id = 2;
}
// AWS access key (see
// [AWS Security
// Credentials](https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html)).
//
// For information on our data retention policy for user credentials, see
// [User credentials](/storage-transfer/docs/data-retention#user-credentials).
message AwsAccessKey {
// Required. AWS access key ID.
string access_key_id = 1 [(google.api.field_behavior) = REQUIRED];
// Required. AWS secret access key. This field is not returned in RPC
// responses.
string secret_access_key = 2 [(google.api.field_behavior) = REQUIRED];
}
// Azure credentials
//
// For information on our data retention policy for user credentials, see
// [User credentials](/storage-transfer/docs/data-retention#user-credentials).
message AzureCredentials {
// Required. Azure shared access signature (SAS).
//
// For more information about SAS, see
// [Grant limited access to Azure Storage resources using shared access
// signatures
// (SAS)](https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview).
string sas_token = 2 [(google.api.field_behavior) = REQUIRED];
}
// Conditions that determine which objects are transferred. Applies only
// to Cloud Data Sources such as S3, Azure, and Cloud Storage.
//
// The "last modification time" refers to the time of the
// last change to the object's content or metadata — specifically, this is
// the `updated` property of Cloud Storage objects, the `LastModified` field
// of S3 objects, and the `Last-Modified` header of Azure blobs.
//
// Transfers with a [PosixFilesystem][google.storagetransfer.v1.PosixFilesystem]
// source or destination don't support `ObjectConditions`.
message ObjectConditions {
// Ensures that objects are not transferred until a specific minimum time
// has elapsed after the "last modification time". When a
// [TransferOperation][google.storagetransfer.v1.TransferOperation] begins,
// objects with a "last modification time" are transferred only if the elapsed
// time between the
// [start_time][google.storagetransfer.v1.TransferOperation.start_time] of the
// `TransferOperation` and the "last modification time" of the object is equal
// to or greater than the value of min_time_elapsed_since_last_modification`.
// Objects that do not have a "last modification time" are also transferred.
google.protobuf.Duration min_time_elapsed_since_last_modification = 1;
// Ensures that objects are not transferred if a specific maximum time
// has elapsed since the "last modification time".
// When a [TransferOperation][google.storagetransfer.v1.TransferOperation]
// begins, objects with a "last modification time" are transferred only if the
// elapsed time between the
// [start_time][google.storagetransfer.v1.TransferOperation.start_time] of the
// `TransferOperation`and the "last modification time" of the object
// is less than the value of max_time_elapsed_since_last_modification`.
// Objects that do not have a "last modification time" are also transferred.
google.protobuf.Duration max_time_elapsed_since_last_modification = 2;
// If you specify `include_prefixes`, Storage Transfer Service uses the items
// in the `include_prefixes` array to determine which objects to include in a
// transfer. Objects must start with one of the matching `include_prefixes`
// for inclusion in the transfer. If
// [exclude_prefixes][google.storagetransfer.v1.ObjectConditions.exclude_prefixes]
// is specified, objects must not start with any of the `exclude_prefixes`
// specified for inclusion in the transfer.
//
// The following are requirements of `include_prefixes`:
//
// * Each include-prefix can contain any sequence of Unicode characters, to
// a max length of 1024 bytes when UTF8-encoded, and must not contain
// Carriage Return or Line Feed characters. Wildcard matching and regular
// expression matching are not supported.
//
// * Each include-prefix must omit the leading slash. For example, to
// include the object `s3://my-aws-bucket/logs/y=2015/requests.gz`,
// specify the include-prefix as `logs/y=2015/requests.gz`.
//
// * None of the include-prefix values can be empty, if specified.
//
// * Each include-prefix must include a distinct portion of the object
// namespace. No include-prefix may be a prefix of another
// include-prefix.
//
// The max size of `include_prefixes` is 1000.
//
// For more information, see [Filtering objects from
// transfers](/storage-transfer/docs/filtering-objects-from-transfers).
repeated string include_prefixes = 3;
// If you specify `exclude_prefixes`, Storage Transfer Service uses the items
// in the `exclude_prefixes` array to determine which objects to exclude from
// a transfer. Objects must not start with one of the matching
// `exclude_prefixes` for inclusion in a transfer.
//
// The following are requirements of `exclude_prefixes`:
//
// * Each exclude-prefix can contain any sequence of Unicode characters, to
// a max length of 1024 bytes when UTF8-encoded, and must not contain
// Carriage Return or Line Feed characters. Wildcard matching and regular
// expression matching are not supported.
//
// * Each exclude-prefix must omit the leading slash. For example, to
// exclude the object `s3://my-aws-bucket/logs/y=2015/requests.gz`,
// specify the exclude-prefix as `logs/y=2015/requests.gz`.
//
// * None of the exclude-prefix values can be empty, if specified.
//
// * Each exclude-prefix must exclude a distinct portion of the object
// namespace. No exclude-prefix may be a prefix of another
// exclude-prefix.
//
// * If
// [include_prefixes][google.storagetransfer.v1.ObjectConditions.include_prefixes]
// is specified, then each exclude-prefix must start with the value of a
// path explicitly included by `include_prefixes`.
//
// The max size of `exclude_prefixes` is 1000.
//
// For more information, see [Filtering objects from
// transfers](/storage-transfer/docs/filtering-objects-from-transfers).
repeated string exclude_prefixes = 4;
// If specified, only objects with a "last modification time" on or after
// this timestamp and objects that don't have a "last modification time" are
// transferred.
//
// The `last_modified_since` and `last_modified_before` fields can be used
// together for chunked data processing. For example, consider a script that
// processes each day's worth of data at a time. For that you'd set each
// of the fields as follows:
//
// * `last_modified_since` to the start of the day
//
// * `last_modified_before` to the end of the day
google.protobuf.Timestamp last_modified_since = 5;
// If specified, only objects with a "last modification time" before this
// timestamp and objects that don't have a "last modification time" are
// transferred.
google.protobuf.Timestamp last_modified_before = 6;
}
// In a GcsData resource, an object's name is the Cloud Storage object's
// name and its "last modification time" refers to the object's `updated`
// property of Cloud Storage objects, which changes when the content or the
// metadata of the object is updated.
message GcsData {
// Required. Cloud Storage bucket name. Must meet
// [Bucket Name Requirements](/storage/docs/naming#requirements).
string bucket_name = 1 [(google.api.field_behavior) = REQUIRED];
// Root path to transfer objects.
//
// Must be an empty string or full path name that ends with a '/'. This field
// is treated as an object prefix. As such, it should generally not begin with
// a '/'.
//
// The root path value must meet
// [Object Name Requirements](/storage/docs/naming#objectnames).
string path = 3;
}
// An AwsS3Data resource can be a data source, but not a data sink.
// In an AwsS3Data resource, an object's name is the S3 object's key name.
message AwsS3Data {
// Required. S3 Bucket name (see
// [Creating a
// bucket](https://docs.aws.amazon.com/AmazonS3/latest/dev/create-bucket-get-location-example.html)).
string bucket_name = 1 [(google.api.field_behavior) = REQUIRED];
// Input only. AWS access key used to sign the API requests to the AWS S3
// bucket. Permissions on the bucket must be granted to the access ID of the
// AWS access key.
//
// For information on our data retention policy for user credentials, see
// [User credentials](/storage-transfer/docs/data-retention#user-credentials).
AwsAccessKey aws_access_key = 2 [(google.api.field_behavior) = INPUT_ONLY];
// Root path to transfer objects.
//
// Must be an empty string or full path name that ends with a '/'. This field
// is treated as an object prefix. As such, it should generally not begin with
// a '/'.
string path = 3;
// The Amazon Resource Name (ARN) of the role to support temporary
// credentials via `AssumeRoleWithWebIdentity`. For more information about
// ARNs, see [IAM
// ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns).
//
// When a role ARN is provided, Transfer Service fetches temporary
// credentials for the session using a `AssumeRoleWithWebIdentity` call for
// the provided role using the
// [GoogleServiceAccount][google.storagetransfer.v1.GoogleServiceAccount] for
// this project.
string role_arn = 4;
// Optional. The Resource name of a secret in Secret Manager.
//
// The Azure SAS token must be stored in Secret Manager in JSON format:
// <pre>{
// "sas_token" : "<var>SAS_TOKEN</var>"
// }</pre>
// [GoogleServiceAccount][google.storagetransfer.v1.GoogleServiceAccount] must
// be granted `roles/secretmanager.secretAccessor` for the resource.
//
// See [Configure access to a source: Microsoft Azure Blob Storage]
// (https://cloud.google.com/storage-transfer/docs/source-microsoft-azure#secret_manager)
// for more information.
//
// If `credentials_secret` is specified, do not specify [azure_credentials][].
//
// This feature is in
// [preview](https://cloud.google.com/terms/service-terms#1).
//
// Format: `projects/{project_number}/secrets/{secret_name}`
string credentials_secret = 7 [(google.api.field_behavior) = OPTIONAL];
}
// An AzureBlobStorageData resource can be a data source, but not a data sink.
// An AzureBlobStorageData resource represents one Azure container. The storage
// account determines the [Azure
// endpoint](https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account#storage-account-endpoints).
// In an AzureBlobStorageData resource, a blobs's name is the [Azure Blob
// Storage blob's key
// name](https://docs.microsoft.com/en-us/rest/api/storageservices/naming-and-referencing-containers--blobs--and-metadata#blob-names).
message AzureBlobStorageData {
// Required. The name of the Azure Storage account.
string storage_account = 1 [(google.api.field_behavior) = REQUIRED];
// Required. Input only. Credentials used to authenticate API requests to
// Azure.
//
// For information on our data retention policy for user credentials, see
// [User credentials](/storage-transfer/docs/data-retention#user-credentials).
AzureCredentials azure_credentials = 2 [
(google.api.field_behavior) = REQUIRED,
(google.api.field_behavior) = INPUT_ONLY
];
// Required. The container to transfer from the Azure Storage account.
string container = 4 [(google.api.field_behavior) = REQUIRED];
// Root path to transfer objects.
//
// Must be an empty string or full path name that ends with a '/'. This field
// is treated as an object prefix. As such, it should generally not begin with
// a '/'.
string path = 5;
// Optional. The Resource name of a secret in Secret Manager.
//
// The Azure SAS token must be stored in Secret Manager in JSON format:
// <pre>{
// "sas_token" : "<var>SAS_TOKEN</var>"
// }</pre>
// [GoogleServiceAccount][google.storagetransfer.v1.GoogleServiceAccount] must
// be granted `roles/secretmanager.secretAccessor` for the resource.
//
// See [Configure access to a source: Microsoft Azure Blob Storage]
// (https://cloud.google.com/storage-transfer/docs/source-microsoft-azure#secret_manager)
// for more information.
//
// If `credentials_secret` is specified, do not specify
// [azure_credentials][google.storagetransfer.v1.AzureBlobStorageData.azure_credentials].
//
// This feature is in
// [preview](https://cloud.google.com/terms/service-terms#1).
//
// Format: `projects/{project_number}/secrets/{secret_name}`
string credentials_secret = 7 [(google.api.field_behavior) = OPTIONAL];
}
// An HttpData resource specifies a list of objects on the web to be transferred
// over HTTP. The information of the objects to be transferred is contained in
// a file referenced by a URL. The first line in the file must be
// `"TsvHttpData-1.0"`, which specifies the format of the file. Subsequent
// lines specify the information of the list of objects, one object per list
// entry. Each entry has the following tab-delimited fields:
//
// * **HTTP URL** — The location of the object.
//
// * **Length** — The size of the object in bytes.
//
// * **MD5** — The base64-encoded MD5 hash of the object.
//
// For an example of a valid TSV file, see
// [Transferring data from
// URLs](https://cloud.google.com/storage-transfer/docs/create-url-list).
//
// When transferring data based on a URL list, keep the following in mind:
//
// * When an object located at `http(s)://hostname:port/<URL-path>` is
// transferred to a data sink, the name of the object at the data sink is
// `<hostname>/<URL-path>`.
//
// * If the specified size of an object does not match the actual size of the
// object fetched, the object is not transferred.
//
// * If the specified MD5 does not match the MD5 computed from the transferred
// bytes, the object transfer fails.
//
// * Ensure that each URL you specify is publicly accessible. For
// example, in Cloud Storage you can
// [share an object publicly]
// (/storage/docs/cloud-console#_sharingdata) and get a link to it.
//
// * Storage Transfer Service obeys `robots.txt` rules and requires the source
// HTTP server to support `Range` requests and to return a `Content-Length`
// header in each response.
//
// * [ObjectConditions][google.storagetransfer.v1.ObjectConditions] have no
// effect when filtering objects to transfer.
message HttpData {
// Required. The URL that points to the file that stores the object list
// entries. This file must allow public access. Currently, only URLs with
// HTTP and HTTPS schemes are supported.
string list_url = 1 [(google.api.field_behavior) = REQUIRED];
}
// A POSIX filesystem resource.
message PosixFilesystem {
// Root directory path to the filesystem.
string root_directory = 1;
}
// An AwsS3CompatibleData resource.
message AwsS3CompatibleData {
// Required. Specifies the name of the bucket.
string bucket_name = 1 [(google.api.field_behavior) = REQUIRED];
// Specifies the root path to transfer objects.
//
// Must be an empty string or full path name that ends with a '/'. This
// field is treated as an object prefix. As such, it should generally not
// begin with a '/'.
string path = 2;
// Required. Specifies the endpoint of the storage service.
string endpoint = 3 [(google.api.field_behavior) = REQUIRED];
// Specifies the region to sign requests with. This can be left blank if
// requests should be signed with an empty region.
string region = 5;
// Specifies the metadata of the S3 compatible data provider. Each provider
// may contain some attributes that do not apply to all S3-compatible data
// providers. When not specified, S3CompatibleMetadata is used by default.
oneof data_provider {
// A S3 compatible metadata.
S3CompatibleMetadata s3_metadata = 4;
}
}
// S3CompatibleMetadata contains the metadata fields that apply to the basic
// types of S3-compatible data providers.
message S3CompatibleMetadata {
// The authentication and authorization method used by the storage service.
enum AuthMethod {
// AuthMethod is not specified.
AUTH_METHOD_UNSPECIFIED = 0;
// Auth requests with AWS SigV4.
AUTH_METHOD_AWS_SIGNATURE_V4 = 1;
// Auth requests with AWS SigV2.
AUTH_METHOD_AWS_SIGNATURE_V2 = 2;
}
// The request model of the API.
enum RequestModel {
// RequestModel is not specified.
REQUEST_MODEL_UNSPECIFIED = 0;
// Perform requests using Virtual Hosted Style.
// Example: https://bucket-name.s3.region.amazonaws.com/key-name
REQUEST_MODEL_VIRTUAL_HOSTED_STYLE = 1;
// Perform requests using Path Style.
// Example: https://s3.region.amazonaws.com/bucket-name/key-name
REQUEST_MODEL_PATH_STYLE = 2;
}
// The agent network protocol to access the storage service.
enum NetworkProtocol {
// NetworkProtocol is not specified.
NETWORK_PROTOCOL_UNSPECIFIED = 0;
// Perform requests using HTTPS.
NETWORK_PROTOCOL_HTTPS = 1;
// Not recommended: This sends data in clear-text. This is only
// appropriate within a closed network or for publicly available data.
// Perform requests using HTTP.
NETWORK_PROTOCOL_HTTP = 2;
}
// The Listing API to use for discovering objects.
enum ListApi {
// ListApi is not specified.
LIST_API_UNSPECIFIED = 0;
// Perform listing using ListObjectsV2 API.
LIST_OBJECTS_V2 = 1;
// Legacy ListObjects API.
LIST_OBJECTS = 2;
}
// Specifies the authentication and authorization method used by the storage
// service. When not specified, Transfer Service will attempt to determine
// right auth method to use.
AuthMethod auth_method = 1;
// Specifies the API request model used to call the storage service. When not
// specified, the default value of RequestModel
// REQUEST_MODEL_VIRTUAL_HOSTED_STYLE is used.
RequestModel request_model = 2;
// Specifies the network protocol of the agent. When not specified, the
// default value of NetworkProtocol NETWORK_PROTOCOL_HTTPS is used.
NetworkProtocol protocol = 3;
// The Listing API to use for discovering objects. When not specified,
// Transfer Service will attempt to determine the right API to use.
ListApi list_api = 4;
}
// Represents an On-Premises Agent pool.
message AgentPool {
option (google.api.resource) = {
type: "storagetransfer.googleapis.com/agentPools"
pattern: "projects/{project_id}/agentPools/{agent_pool_id}"
};
// The state of an AgentPool.
enum State {
// Default value. This value is unused.
STATE_UNSPECIFIED = 0;
// This is an initialization state. During this stage, the resources such as
// Pub/Sub topics are allocated for the AgentPool.
CREATING = 1;
// Determines that the AgentPool is created for use. At this state, Agents
// can join the AgentPool and participate in the transfer jobs in that pool.
CREATED = 2;
// Determines that the AgentPool deletion has been initiated, and all the
// resources are scheduled to be cleaned up and freed.
DELETING = 3;
}
// Specifies a bandwidth limit for an agent pool.
message BandwidthLimit {
// Bandwidth rate in megabytes per second, distributed across all the agents
// in the pool.
int64 limit_mbps = 1;
}
// Required. Specifies a unique string that identifies the agent pool.
//
// Format: `projects/{project_id}/agentPools/{agent_pool_id}`
string name = 2 [(google.api.field_behavior) = REQUIRED];
// Specifies the client-specified AgentPool description.
string display_name = 3;
// Output only. Specifies the state of the AgentPool.
State state = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
// Specifies the bandwidth limit details. If this field is unspecified, the
// default value is set as 'No Limit'.
BandwidthLimit bandwidth_limit = 5;
}
// TransferOptions define the actions to be performed on objects in a transfer.
message TransferOptions {
// Specifies when to overwrite an object in the sink when an object with
// matching name is found in the source.
enum OverwriteWhen {
// Overwrite behavior is unspecified.
OVERWRITE_WHEN_UNSPECIFIED = 0;
// Overwrites destination objects with the source objects, only if the
// objects have the same name but different HTTP ETags or checksum values.
DIFFERENT = 1;
// Never overwrites a destination object if a source object has the
// same name. In this case, the source object is not transferred.
NEVER = 2;
// Always overwrite the destination object with the source object, even if
// the HTTP Etags or checksum values are the same.
ALWAYS = 3;
}
// When to overwrite objects that already exist in the sink. The default is
// that only objects that are different from the source are ovewritten. If
// true, all objects in the sink whose name matches an object in the source
// are overwritten with the source object.
bool overwrite_objects_already_existing_in_sink = 1;
// Whether objects that exist only in the sink should be deleted.
//
// **Note:** This option and
// [delete_objects_from_source_after_transfer][google.storagetransfer.v1.TransferOptions.delete_objects_from_source_after_transfer]
// are mutually exclusive.
bool delete_objects_unique_in_sink = 2;
// Whether objects should be deleted from the source after they are
// transferred to the sink.
//
// **Note:** This option and
// [delete_objects_unique_in_sink][google.storagetransfer.v1.TransferOptions.delete_objects_unique_in_sink]
// are mutually exclusive.
bool delete_objects_from_source_after_transfer = 3;
// When to overwrite objects that already exist in the sink. If not set,
// overwrite behavior is determined by
// [overwrite_objects_already_existing_in_sink][google.storagetransfer.v1.TransferOptions.overwrite_objects_already_existing_in_sink].
OverwriteWhen overwrite_when = 4;
// Represents the selected metadata options for a transfer job.
MetadataOptions metadata_options = 5;
}
// Configuration for running a transfer.
message TransferSpec {
// The write sink for the data.
oneof data_sink {
// A Cloud Storage data sink.
GcsData gcs_data_sink = 4;
// A POSIX Filesystem data sink.
PosixFilesystem posix_data_sink = 13;
}
// The read source of the data.
oneof data_source {
// A Cloud Storage data source.
GcsData gcs_data_source = 1;
// An AWS S3 data source.
AwsS3Data aws_s3_data_source = 2;
// An HTTP URL data source.
HttpData http_data_source = 3;
// A POSIX Filesystem data source.
PosixFilesystem posix_data_source = 14;
// An Azure Blob Storage data source.
AzureBlobStorageData azure_blob_storage_data_source = 8;
// An AWS S3 compatible data source.
AwsS3CompatibleData aws_s3_compatible_data_source = 19;
}
oneof intermediate_data_location {
// For transfers between file systems, specifies a Cloud Storage bucket
// to be used as an intermediate location through which to transfer data.
//
// See [Transfer data between file
// systems](https://cloud.google.com/storage-transfer/docs/file-to-file) for
// more information.
GcsData gcs_intermediate_data_location = 16;
}
// Only objects that satisfy these object conditions are included in the set
// of data source and data sink objects. Object conditions based on
// objects' "last modification time" do not exclude objects in a data sink.
ObjectConditions object_conditions = 5;
// If the option
// [delete_objects_unique_in_sink][google.storagetransfer.v1.TransferOptions.delete_objects_unique_in_sink]
// is `true` and time-based object conditions such as 'last modification time'
// are specified, the request fails with an
// [INVALID_ARGUMENT][google.rpc.Code.INVALID_ARGUMENT] error.
TransferOptions transfer_options = 6;
// A manifest file provides a list of objects to be transferred from the data
// source. This field points to the location of the manifest file.
// Otherwise, the entire source bucket is used. ObjectConditions still apply.
TransferManifest transfer_manifest = 15;
// Specifies the agent pool name associated with the posix data source. When
// unspecified, the default name is used.
string source_agent_pool_name = 17;
// Specifies the agent pool name associated with the posix data sink. When
// unspecified, the default name is used.
string sink_agent_pool_name = 18;
}
// Specifies the metadata options for running a transfer.
message MetadataOptions {
// Whether symlinks should be skipped or preserved during a transfer job.
enum Symlink {
// Symlink behavior is unspecified.
SYMLINK_UNSPECIFIED = 0;
// Do not preserve symlinks during a transfer job.
SYMLINK_SKIP = 1;
// Preserve symlinks during a transfer job.
SYMLINK_PRESERVE = 2;
}
// Options for handling file mode attribute.
enum Mode {
// Mode behavior is unspecified.
MODE_UNSPECIFIED = 0;
// Do not preserve mode during a transfer job.
MODE_SKIP = 1;
// Preserve mode during a transfer job.
MODE_PRESERVE = 2;
}
// Options for handling file GID attribute.
enum GID {
// GID behavior is unspecified.
GID_UNSPECIFIED = 0;
// Do not preserve GID during a transfer job.
GID_SKIP = 1;
// Preserve GID during a transfer job.
GID_NUMBER = 2;
}
// Options for handling file UID attribute.
enum UID {
// UID behavior is unspecified.
UID_UNSPECIFIED = 0;
// Do not preserve UID during a transfer job.
UID_SKIP = 1;
// Preserve UID during a transfer job.
UID_NUMBER = 2;
}
// Options for handling Cloud Storage object ACLs.
enum Acl {
// ACL behavior is unspecified.
ACL_UNSPECIFIED = 0;
// Use the destination bucket's default object ACLS, if applicable.
ACL_DESTINATION_BUCKET_DEFAULT = 1;
// Preserve the object's original ACLs. This requires the service account
// to have `storage.objects.getIamPolicy` permission for the source object.
// [Uniform bucket-level
// access](https://cloud.google.com/storage/docs/uniform-bucket-level-access)
// must not be enabled on either the source or destination buckets.
ACL_PRESERVE = 2;
}
// Options for handling Google Cloud Storage object storage class.
enum StorageClass {
// Storage class behavior is unspecified.
STORAGE_CLASS_UNSPECIFIED = 0;
// Use the destination bucket's default storage class.
STORAGE_CLASS_DESTINATION_BUCKET_DEFAULT = 1;
// Preserve the object's original storage class. This is only supported for
// transfers from Google Cloud Storage buckets. REGIONAL and MULTI_REGIONAL
// storage classes will be mapped to STANDARD to ensure they can be written
// to the destination bucket.
STORAGE_CLASS_PRESERVE = 2;
// Set the storage class to STANDARD.
STORAGE_CLASS_STANDARD = 3;
// Set the storage class to NEARLINE.
STORAGE_CLASS_NEARLINE = 4;
// Set the storage class to COLDLINE.
STORAGE_CLASS_COLDLINE = 5;
// Set the storage class to ARCHIVE.
STORAGE_CLASS_ARCHIVE = 6;
}
// Options for handling temporary holds for Google Cloud Storage objects.
enum TemporaryHold {
// Temporary hold behavior is unspecified.
TEMPORARY_HOLD_UNSPECIFIED = 0;
// Do not set a temporary hold on the destination object.
TEMPORARY_HOLD_SKIP = 1;
// Preserve the object's original temporary hold status.
TEMPORARY_HOLD_PRESERVE = 2;
}
// Options for handling the KmsKey setting for Google Cloud Storage objects.
enum KmsKey {
// KmsKey behavior is unspecified.
KMS_KEY_UNSPECIFIED = 0;
// Use the destination bucket's default encryption settings.
KMS_KEY_DESTINATION_BUCKET_DEFAULT = 1;
// Preserve the object's original Cloud KMS customer-managed encryption key
// (CMEK) if present. Objects that do not use a Cloud KMS encryption key
// will be encrypted using the destination bucket's encryption settings.
KMS_KEY_PRESERVE = 2;
}
// Options for handling `timeCreated` metadata for Google Cloud Storage
// objects.
enum TimeCreated {
// TimeCreated behavior is unspecified.
TIME_CREATED_UNSPECIFIED = 0;
// Do not preserve the `timeCreated` metadata from the source object.
TIME_CREATED_SKIP = 1;
// Preserves the source object's `timeCreated` metadata in the `customTime`
// field in the destination object. Note that any value stored in the
// source object's `customTime` field will not be propagated to the
// destination object.
TIME_CREATED_PRESERVE_AS_CUSTOM_TIME = 2;
}
// Specifies how symlinks should be handled by the transfer. By default,
// symlinks are not preserved. Only applicable to transfers involving
// POSIX file systems, and ignored for other transfers.
Symlink symlink = 1;
// Specifies how each file's mode attribute should be handled by the transfer.
// By default, mode is not preserved. Only applicable to transfers involving
// POSIX file systems, and ignored for other transfers.
Mode mode = 2;
// Specifies how each file's POSIX group ID (GID) attribute should be handled
// by the transfer. By default, GID is not preserved. Only applicable to
// transfers involving POSIX file systems, and ignored for other transfers.
GID gid = 3;
// Specifies how each file's POSIX user ID (UID) attribute should be handled
// by the transfer. By default, UID is not preserved. Only applicable to
// transfers involving POSIX file systems, and ignored for other transfers.
UID uid = 4;
// Specifies how each object's ACLs should be preserved for transfers between
// Google Cloud Storage buckets. If unspecified, the default behavior is the
// same as ACL_DESTINATION_BUCKET_DEFAULT.
Acl acl = 5;
// Specifies the storage class to set on objects being transferred to Google
// Cloud Storage buckets. If unspecified, the default behavior is the same as
// [STORAGE_CLASS_DESTINATION_BUCKET_DEFAULT][google.storagetransfer.v1.MetadataOptions.StorageClass.STORAGE_CLASS_DESTINATION_BUCKET_DEFAULT].
StorageClass storage_class = 6;
// Specifies how each object's temporary hold status should be preserved for
// transfers between Google Cloud Storage buckets. If unspecified, the
// default behavior is the same as
// [TEMPORARY_HOLD_PRESERVE][google.storagetransfer.v1.MetadataOptions.TemporaryHold.TEMPORARY_HOLD_PRESERVE].
TemporaryHold temporary_hold = 7;
// Specifies how each object's Cloud KMS customer-managed encryption key
// (CMEK) is preserved for transfers between Google Cloud Storage buckets. If
// unspecified, the default behavior is the same as
// [KMS_KEY_DESTINATION_BUCKET_DEFAULT][google.storagetransfer.v1.MetadataOptions.KmsKey.KMS_KEY_DESTINATION_BUCKET_DEFAULT].
KmsKey kms_key = 8;
// Specifies how each object's `timeCreated` metadata is preserved for
// transfers between Google Cloud Storage buckets. If unspecified, the
// default behavior is the same as
// [TIME_CREATED_SKIP][google.storagetransfer.v1.MetadataOptions.TimeCreated.TIME_CREATED_SKIP].
TimeCreated time_created = 9;
}
// Specifies where the manifest is located.
message TransferManifest {
// Specifies the path to the manifest in Cloud Storage. The Google-managed
// service account for the transfer must have `storage.objects.get`
// permission for this object. An example path is
// `gs://bucket_name/path/manifest.csv`.
string location = 1;
}
// Transfers can be scheduled to recur or to run just once.
message Schedule {
// Required. The start date of a transfer. Date boundaries are determined
// relative to UTC time. If `schedule_start_date` and
// [start_time_of_day][google.storagetransfer.v1.Schedule.start_time_of_day]
// are in the past relative to the job's creation time, the transfer starts
// the day after you schedule the transfer request.
//
// **Note:** When starting jobs at or near midnight UTC it is possible that
// a job starts later than expected. For example, if you send an outbound
// request on June 1 one millisecond prior to midnight UTC and the Storage
// Transfer Service server receives the request on June 2, then it creates
// a TransferJob with `schedule_start_date` set to June 2 and a
// `start_time_of_day` set to midnight UTC. The first scheduled
// [TransferOperation][google.storagetransfer.v1.TransferOperation] takes
// place on June 3 at midnight UTC.
google.type.Date schedule_start_date = 1
[(google.api.field_behavior) = REQUIRED];
// The last day a transfer runs. Date boundaries are determined relative to
// UTC time. A job runs once per 24 hours within the following guidelines:
//
// * If `schedule_end_date` and
// [schedule_start_date][google.storagetransfer.v1.Schedule.schedule_start_date]
// are the same and in
// the future relative to UTC, the transfer is executed only one time.
// * If `schedule_end_date` is later than `schedule_start_date` and
// `schedule_end_date` is in the future relative to UTC, the job runs each
// day at
// [start_time_of_day][google.storagetransfer.v1.Schedule.start_time_of_day]
// through `schedule_end_date`.
google.type.Date schedule_end_date = 2;
// The time in UTC that a transfer job is scheduled to run. Transfers may
// start later than this time.
//
// If `start_time_of_day` is not specified:
//
// * One-time transfers run immediately.
// * Recurring transfers run immediately, and each day at midnight UTC,
// through
// [schedule_end_date][google.storagetransfer.v1.Schedule.schedule_end_date].
//
// If `start_time_of_day` is specified:
//
// * One-time transfers run at the specified time.
// * Recurring transfers run at the specified time each day, through
// `schedule_end_date`.
google.type.TimeOfDay start_time_of_day = 3;
// The time in UTC that no further transfer operations are scheduled. Combined
// with
// [schedule_end_date][google.storagetransfer.v1.Schedule.schedule_end_date],
// `end_time_of_day` specifies the end date and time for starting new transfer
// operations. This field must be greater than or equal to the timestamp
// corresponding to the combintation of
// [schedule_start_date][google.storagetransfer.v1.Schedule.schedule_start_date]
// and
// [start_time_of_day][google.storagetransfer.v1.Schedule.start_time_of_day],
// and is subject to the following:
//
// * If `end_time_of_day` is not set and `schedule_end_date` is set, then
// a default value of `23:59:59` is used for `end_time_of_day`.
//
// * If `end_time_of_day` is set and `schedule_end_date` is not set, then
// [INVALID_ARGUMENT][google.rpc.Code.INVALID_ARGUMENT] is returned.
google.type.TimeOfDay end_time_of_day = 4;
// Interval between the start of each scheduled TransferOperation. If
// unspecified, the default value is 24 hours. This value may not be less than
// 1 hour.
google.protobuf.Duration repeat_interval = 5;
}
// Specifies the Event-driven transfer options. Event-driven transfers listen to
// an event stream to transfer updated files.
message EventStream {
// Required. Specifies a unique name of the resource such as AWS SQS
// ARN in the form 'arn:aws:sqs:region:account_id:queue_name',
// or Pub/Sub subscription resource name in the form
// 'projects/{project}/subscriptions/{sub}'.
string name = 1 [(google.api.field_behavior) = REQUIRED];
// Specifies the date and time that Storage Transfer Service starts
// listening for events from this stream. If no start time is specified or
// start time is in the past, Storage Transfer Service starts listening
// immediately.
google.protobuf.Timestamp event_stream_start_time = 2;
// Specifies the data and time at which Storage Transfer Service stops
// listening for events from this stream. After this time, any transfers in
// progress will complete, but no new transfers are initiated.
google.protobuf.Timestamp event_stream_expiration_time = 3;
}
// This resource represents the configuration of a transfer job that runs
// periodically.
message TransferJob {
// The status of the transfer job.
enum Status {
// Zero is an illegal value.
STATUS_UNSPECIFIED = 0;
// New transfers are performed based on the schedule.
ENABLED = 1;
// New transfers are not scheduled.
DISABLED = 2;
// This is a soft delete state. After a transfer job is set to this
// state, the job and all the transfer executions are subject to
// garbage collection. Transfer jobs become eligible for garbage collection
// 30 days after their status is set to `DELETED`.
DELETED = 3;
}
// A unique name (within the transfer project) assigned when the job is
// created. If this field is empty in a CreateTransferJobRequest, Storage
// Transfer Service assigns a unique name. Otherwise, the specified name
// is used as the unique name for this job.
//
// If the specified name is in use by a job, the creation request fails with
// an [ALREADY_EXISTS][google.rpc.Code.ALREADY_EXISTS] error.
//
// This name must start with `"transferJobs/"` prefix and end with a letter or
// a number, and should be no more than 128 characters. For transfers
// involving PosixFilesystem, this name must start with `transferJobs/OPI`
// specifically. For all other transfer types, this name must not start with
// `transferJobs/OPI`.
//
// Non-PosixFilesystem example:
// `"transferJobs/^(?!OPI)[A-Za-z0-9-._~]*[A-Za-z0-9]$"`
//
// PosixFilesystem example:
// `"transferJobs/OPI^[A-Za-z0-9-._~]*[A-Za-z0-9]$"`
//
// Applications must not rely on the enforcement of naming requirements
// involving OPI.
//
// Invalid job names fail with an
// [INVALID_ARGUMENT][google.rpc.Code.INVALID_ARGUMENT] error.
string name = 1;
// A description provided by the user for the job. Its max length is 1024
// bytes when Unicode-encoded.
string description = 2;
// The ID of the Google Cloud project that owns the job.
string project_id = 3;
// Transfer specification.
TransferSpec transfer_spec = 4;
// Notification configuration. This is not supported for transfers involving
// PosixFilesystem.
NotificationConfig notification_config = 11;
// Logging configuration.
LoggingConfig logging_config = 14;
// Specifies schedule for the transfer job.
// This is an optional field. When the field is not set, the job never
// executes a transfer, unless you invoke RunTransferJob or update the job to
// have a non-empty schedule.
Schedule schedule = 5;