feat: add new load balancer fields to public API

PiperOrigin-RevId: 613975155

google/cloud/networkmanagement/v1/trace.proto

@@ -16,6 +16,8 @@ syntax = "proto3";
 
 package google.cloud.networkmanagement.v1;
 
+import "google/api/field_behavior.proto";
+
 option csharp_namespace = "Google.Cloud.NetworkManagement.V1";
 option go_package = "cloud.google.com/go/networkmanagement/apiv1/networkmanagementpb;networkmanagementpb";
 option java_multiple_files = true;
@@ -112,6 +114,9 @@ message Step {
     // Config checking state: match forwarding rule.
     APPLY_FORWARDING_RULE = 7;
 
+    // Config checking state: verify load balancer backend configuration.
+    ANALYZE_LOAD_BALANCER_BACKEND = 28;
+
     // Config checking state: packet sent or received under foreign IP
     // address and allowed.
     SPOOFING_APPROVED = 8;
@@ -239,6 +244,15 @@ message Step {
 
     // Display information of a Cloud Run revision.
     CloudRunRevisionInfo cloud_run_revision = 23;
+
+    // Display information of a ProxyConnection.
+    ProxyConnectionInfo proxy_connection = 26;
+
+    // Display information of a specific load balancer backend.
+    LoadBalancerBackendInfo load_balancer_backend_info = 27;
+
+    // Display information of a Storage Bucket. Used only for return traces.
+    StorageBucketInfo storage_bucket = 28;
   }
 }
 
@@ -781,6 +795,9 @@ message DeliverInfo {
 
     // Target is a serverless network endpoint group.
     SERVERLESS_NEG = 9;
+
+    // Target is a Cloud Storage bucket.
+    STORAGE_BUCKET = 10;
   }
 
   // Target type where the packet is delivered to.
@@ -1201,6 +1218,114 @@ message VpcConnectorInfo {
   string location = 3;
 }
 
+// For display only. Metadata associated with ProxyConnection.
+message ProxyConnectionInfo {
+  // IP protocol in string format, for example: "TCP", "UDP", "ICMP".
+  string protocol = 1;
+
+  // Source IP address of an original connection.
+  string old_source_ip = 2;
+
+  // Source IP address of a new connection.
+  string new_source_ip = 3;
+
+  // Destination IP address of an original connection
+  string old_destination_ip = 4;
+
+  // Destination IP address of a new connection.
+  string new_destination_ip = 5;
+
+  // Source port of an original connection. Only valid when protocol is TCP or
+  // UDP.
+  int32 old_source_port = 6;
+
+  // Source port of a new connection. Only valid when protocol is TCP or UDP.
+  int32 new_source_port = 7;
+
+  // Destination port of an original connection. Only valid when protocol is TCP
+  // or UDP.
+  int32 old_destination_port = 8;
+
+  // Destination port of a new connection. Only valid when protocol is TCP or
+  // UDP.
+  int32 new_destination_port = 9;
+
+  // Uri of proxy subnet.
+  string subnet_uri = 10;
+
+  // URI of the network where connection is proxied.
+  string network_uri = 11;
+}
+
+// For display only. Metadata associated with the load balancer backend.
+message LoadBalancerBackendInfo {
+  // Display name of the backend. For example, it might be an instance name for
+  // the instance group backends, or an IP address and port for zonal network
+  // endpoint group backends.
+  string name = 1;
+
+  // URI of the backend instance (if applicable). Populated for instance group
+  // backends, and zonal NEG backends.
+  string instance_uri = 2;
+
+  // URI of the backend service this backend belongs to (if applicable).
+  string backend_service_uri = 3;
+
+  // URI of the instance group this backend belongs to (if applicable).
+  string instance_group_uri = 4;
+
+  // URI of the network endpoint group this backend belongs to (if applicable).
+  string network_endpoint_group_uri = 5;
+
+  // URI of the backend bucket this backend targets (if applicable).
+  string backend_bucket_uri = 8;
+
+  // URI of the PSC service attachment this PSC NEG backend targets (if
+  // applicable).
+  string psc_service_attachment_uri = 9;
+
+  // PSC Google API target this PSC NEG backend targets (if applicable).
+  string psc_google_api_target = 10;
+
+  // URI of the health check attached to this backend (if applicable).
+  string health_check_uri = 6;
+
+  // Health check firewalls configuration state enum.
+  enum HealthCheckFirewallsConfigState {
+    // Configuration state unspecified. It usually means that the backend has
+    // no health check attached, or there was an unexpected configuration error
+    // preventing Connectivity tests from verifying health check configuration.
+    HEALTH_CHECK_FIREWALLS_CONFIG_STATE_UNSPECIFIED = 0;
+
+    // Firewall rules (policies) allowing health check traffic from all required
+    // IP ranges to the backend are configured.
+    FIREWALLS_CONFIGURED = 1;
+
+    // Firewall rules (policies) allow health check traffic only from a part of
+    // required IP ranges.
+    FIREWALLS_PARTIALLY_CONFIGURED = 2;
+
+    // Firewall rules (policies) deny health check traffic from all required
+    // IP ranges to the backend.
+    FIREWALLS_NOT_CONFIGURED = 3;
+
+    // The network contains firewall rules of unsupported types, so Connectivity
+    // tests were not able to verify health check configuration status. Please
+    // refer to the documentation for the list of unsupported configurations:
+    // https://cloud.google.com/network-intelligence-center/docs/connectivity-tests/concepts/overview#unsupported-configs
+    FIREWALLS_UNSUPPORTED = 4;
+  }
+
+  // Health check firewalls configuration state for the backend. This is a
+  // result of the static firewall analysis (verifying that health check traffic
+  // from required IP ranges to the backend is allowed or not). The backend
+  // might still be unhealthy even if these firewalls are configured. Please
+  // refer to the documentation for more information:
+  // https://cloud.google.com/load-balancing/docs/firewall-rules
+  HealthCheckFirewallsConfigState health_check_firewalls_config_state = 7
+      [(google.api.field_behavior) = OUTPUT_ONLY];
+}
+
 // Type of a load balancer. For more information, see [Summary of Google Cloud
 // load
 // balancers](https://cloud.google.com/load-balancing/docs/load-balancing-overview#summary-of-google-cloud-load-balancers).
@@ -1239,3 +1364,9 @@ enum LoadBalancerType {
   // Internal TCP/UDP load balancer.
   TCP_UDP_INTERNAL_LOAD_BALANCER = 10;
 }
+
+// For display only. Metadata associated with Storage Bucket.
+message StorageBucketInfo {
+  // Cloud Storage Bucket name.
+  string bucket = 1;
+}

google/cloud/networkmanagement/v1beta1/trace.proto

@@ -16,6 +16,8 @@ syntax = "proto3";
 
 package google.cloud.networkmanagement.v1beta1;
 
+import "google/api/field_behavior.proto";
+
 option csharp_namespace = "Google.Cloud.NetworkManagement.V1Beta1";
 option go_package = "cloud.google.com/go/networkmanagement/apiv1beta1/networkmanagementpb;networkmanagementpb";
 option java_multiple_files = true;
@@ -112,6 +114,9 @@ message Step {
     // Config checking state: match forwarding rule.
     APPLY_FORWARDING_RULE = 7;
 
+    // Config checking state: verify load balancer backend configuration.
+    ANALYZE_LOAD_BALANCER_BACKEND = 28;
+
     // Config checking state: packet sent or received under foreign IP
     // address and allowed.
     SPOOFING_APPROVED = 8;
@@ -239,6 +244,15 @@ message Step {
 
     // Display information of a Cloud Run revision.
     CloudRunRevisionInfo cloud_run_revision = 23;
+
+    // Display information of a ProxyConnection.
+    ProxyConnectionInfo proxy_connection = 26;
+
+    // Display information of a specific load balancer backend.
+    LoadBalancerBackendInfo load_balancer_backend_info = 27;
+
+    // Display information of a Storage Bucket. Used only for return traces.
+    StorageBucketInfo storage_bucket = 28;
   }
 }
 
@@ -781,6 +795,9 @@ message DeliverInfo {
 
     // Target is a serverless network endpoint group.
     SERVERLESS_NEG = 9;
+
+    // Target is a Cloud Storage bucket.
+    STORAGE_BUCKET = 10;
   }
 
   // Target type where the packet is delivered to.
@@ -1201,6 +1218,114 @@ message VpcConnectorInfo {
   string location = 3;
 }
 
+// For display only. Metadata associated with ProxyConnection.
+message ProxyConnectionInfo {
+  // IP protocol in string format, for example: "TCP", "UDP", "ICMP".
+  string protocol = 1;
+
+  // Source IP address of an original connection.
+  string old_source_ip = 2;
+
+  // Source IP address of a new connection.
+  string new_source_ip = 3;
+
+  // Destination IP address of an original connection
+  string old_destination_ip = 4;
+
+  // Destination IP address of a new connection.
+  string new_destination_ip = 5;
+
+  // Source port of an original connection. Only valid when protocol is TCP or
+  // UDP.
+  int32 old_source_port = 6;
+
+  // Source port of a new connection. Only valid when protocol is TCP or UDP.
+  int32 new_source_port = 7;
+
+  // Destination port of an original connection. Only valid when protocol is TCP
+  // or UDP.
+  int32 old_destination_port = 8;
+
+  // Destination port of a new connection. Only valid when protocol is TCP or
+  // UDP.
+  int32 new_destination_port = 9;
+
+  // Uri of proxy subnet.
+  string subnet_uri = 10;
+
+  // URI of the network where connection is proxied.
+  string network_uri = 11;
+}
+
+// For display only. Metadata associated with the load balancer backend.
+message LoadBalancerBackendInfo {
+  // Display name of the backend. For example, it might be an instance name for
+  // the instance group backends, or an IP address and port for zonal network
+  // endpoint group backends.
+  string name = 1;
+
+  // URI of the backend instance (if applicable). Populated for instance group
+  // backends, and zonal NEG backends.
+  string instance_uri = 2;
+
+  // URI of the backend service this backend belongs to (if applicable).
+  string backend_service_uri = 3;
+
+  // URI of the instance group this backend belongs to (if applicable).
+  string instance_group_uri = 4;
+
+  // URI of the network endpoint group this backend belongs to (if applicable).
+  string network_endpoint_group_uri = 5;
+
+  // URI of the backend bucket this backend targets (if applicable).
+  string backend_bucket_uri = 8;
+
+  // URI of the PSC service attachment this PSC NEG backend targets (if
+  // applicable).
+  string psc_service_attachment_uri = 9;
+
+  // PSC Google API target this PSC NEG backend targets (if applicable).
+  string psc_google_api_target = 10;
+
+  // URI of the health check attached to this backend (if applicable).
+  string health_check_uri = 6;
+
+  // Health check firewalls configuration state enum.
+  enum HealthCheckFirewallsConfigState {
+    // Configuration state unspecified. It usually means that the backend has
+    // no health check attached, or there was an unexpected configuration error
+    // preventing Connectivity tests from verifying health check configuration.
+    HEALTH_CHECK_FIREWALLS_CONFIG_STATE_UNSPECIFIED = 0;
+
+    // Firewall rules (policies) allowing health check traffic from all required
+    // IP ranges to the backend are configured.
+    FIREWALLS_CONFIGURED = 1;
+
+    // Firewall rules (policies) allow health check traffic only from a part of
+    // required IP ranges.
+    FIREWALLS_PARTIALLY_CONFIGURED = 2;
+
+    // Firewall rules (policies) deny health check traffic from all required
+    // IP ranges to the backend.
+    FIREWALLS_NOT_CONFIGURED = 3;
+
+    // The network contains firewall rules of unsupported types, so Connectivity
+    // tests were not able to verify health check configuration status. Please
+    // refer to the documentation for the list of unsupported configurations:
+    // https://cloud.google.com/network-intelligence-center/docs/connectivity-tests/concepts/overview#unsupported-configs
+    FIREWALLS_UNSUPPORTED = 4;
+  }
+
+  // Health check firewalls configuration state for the backend. This is a
+  // result of the static firewall analysis (verifying that health check traffic
+  // from required IP ranges to the backend is allowed or not). The backend
+  // might still be unhealthy even if these firewalls are configured. Please
+  // refer to the documentation for more information:
+  // https://cloud.google.com/load-balancing/docs/firewall-rules
+  HealthCheckFirewallsConfigState health_check_firewalls_config_state = 7
+      [(google.api.field_behavior) = OUTPUT_ONLY];
+}
+
 // Type of a load balancer. For more information, see [Summary of Google Cloud
 // load
 // balancers](https://cloud.google.com/load-balancing/docs/load-balancing-overview#summary-of-google-cloud-load-balancers).
@@ -1239,3 +1364,9 @@ enum LoadBalancerType {
   // Internal TCP/UDP load balancer.
   TCP_UDP_INTERNAL_LOAD_BALANCER = 10;
 }
+
+// For display only. Metadata associated with Storage Bucket.
+message StorageBucketInfo {
+  // Cloud Storage Bucket name.
+  string bucket = 1;
+}