1// Copyright 2017 Google Inc. 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.oslogin.v1alpha; 18 19import "google/api/annotations.proto"; 20import "google/cloud/oslogin/common/common.proto"; 21import "google/protobuf/empty.proto"; 22import "google/protobuf/field_mask.proto"; 23 24option csharp_namespace = "Google.Cloud.OsLogin.V1Alpha"; 25option go_package = "cloud.google.com/go/oslogin/apiv1alpha/osloginpb;osloginpb"; 26option java_multiple_files = true; 27option java_outer_classname = "OsLoginProto"; 28option java_package = "com.google.cloud.oslogin.v1alpha"; 29option php_namespace = "Google\\Cloud\\OsLogin\\V1alpha"; 30 31// Cloud OS Login API 32// 33// The Cloud OS Login API allows you to manage users and their associated SSH 34// public keys for logging into virtual machines on Google Cloud Platform. 35service OsLoginService { 36 // Deletes a POSIX account. 37 rpc DeletePosixAccount(DeletePosixAccountRequest) 38 returns (google.protobuf.Empty) { 39 option (google.api.http) = { 40 delete: "/v1alpha/{name=users/*/projects/*}" 41 }; 42 } 43 44 // Deletes an SSH public key. 45 rpc DeleteSshPublicKey(DeleteSshPublicKeyRequest) 46 returns (google.protobuf.Empty) { 47 option (google.api.http) = { 48 delete: "/v1alpha/{name=users/*/sshPublicKeys/*}" 49 }; 50 } 51 52 // Retrieves the profile information used for logging in to a virtual machine 53 // on Google Compute Engine. 54 rpc GetLoginProfile(GetLoginProfileRequest) returns (LoginProfile) { 55 option (google.api.http) = { 56 get: "/v1alpha/{name=users/*}/loginProfile" 57 }; 58 } 59 60 // Retrieves an SSH public key. 61 rpc GetSshPublicKey(GetSshPublicKeyRequest) 62 returns (google.cloud.oslogin.common.SshPublicKey) { 63 option (google.api.http) = { 64 get: "/v1alpha/{name=users/*/sshPublicKeys/*}" 65 }; 66 } 67 68 // Adds an SSH public key and returns the profile information. Default POSIX 69 // account information is set when no username and UID exist as part of the 70 // login profile. 71 rpc ImportSshPublicKey(ImportSshPublicKeyRequest) 72 returns (ImportSshPublicKeyResponse) { 73 option (google.api.http) = { 74 post: "/v1alpha/{parent=users/*}:importSshPublicKey" 75 body: "ssh_public_key" 76 }; 77 } 78 79 // Updates an SSH public key and returns the profile information. This method 80 // supports patch semantics. 81 rpc UpdateSshPublicKey(UpdateSshPublicKeyRequest) 82 returns (google.cloud.oslogin.common.SshPublicKey) { 83 option (google.api.http) = { 84 patch: "/v1alpha/{name=users/*/sshPublicKeys/*}" 85 body: "ssh_public_key" 86 }; 87 } 88} 89 90// The user profile information used for logging in to a virtual machine on 91// Google Compute Engine. 92message LoginProfile { 93 // A unique user ID for identifying the user. 94 string name = 1; 95 96 // The list of POSIX accounts associated with the Directory API user. 97 repeated google.cloud.oslogin.common.PosixAccount posix_accounts = 2; 98 99 // A map from SSH public key fingerprint to the associated key object. 100 map<string, google.cloud.oslogin.common.SshPublicKey> ssh_public_keys = 3; 101 102 // Indicates if the user is suspended. 103 bool suspended = 4; 104} 105 106// A request message for deleting a POSIX account entry. 107message DeletePosixAccountRequest { 108 // A reference to the POSIX account to update. POSIX accounts are identified 109 // by the project ID they are associated with. A reference to the POSIX 110 // account is in format `users/{user}/projects/{project}`. 111 string name = 1; 112} 113 114// A request message for deleting an SSH public key. 115message DeleteSshPublicKeyRequest { 116 // The fingerprint of the public key to update. Public keys are identified by 117 // their SHA-256 fingerprint. The fingerprint of the public key is in format 118 // `users/{user}/sshPublicKeys/{fingerprint}`. 119 string name = 1; 120} 121 122// A request message for retrieving the login profile information for a user. 123message GetLoginProfileRequest { 124 // The unique ID for the user in format `users/{user}`. 125 string name = 1; 126} 127 128// A request message for retrieving an SSH public key. 129message GetSshPublicKeyRequest { 130 // The fingerprint of the public key to retrieve. Public keys are identified 131 // by their SHA-256 fingerprint. The fingerprint of the public key is in 132 // format `users/{user}/sshPublicKeys/{fingerprint}`. 133 string name = 1; 134} 135 136// A request message for importing an SSH public key. 137message ImportSshPublicKeyRequest { 138 // The unique ID for the user in format `users/{user}`. 139 string parent = 1; 140 141 // The SSH public key and expiration time. 142 google.cloud.oslogin.common.SshPublicKey ssh_public_key = 2; 143 144 // The project ID of the Google Cloud Platform project. 145 string project_id = 3; 146} 147 148// A response message for importing an SSH public key. 149message ImportSshPublicKeyResponse { 150 // The login profile information for the user. 151 LoginProfile login_profile = 1; 152} 153 154// A request message for updating an SSH public key. 155message UpdateSshPublicKeyRequest { 156 // The fingerprint of the public key to update. Public keys are identified by 157 // their SHA-256 fingerprint. The fingerprint of the public key is in format 158 // `users/{user}/sshPublicKeys/{fingerprint}`. 159 string name = 1; 160 161 // The SSH public key and expiration time. 162 google.cloud.oslogin.common.SshPublicKey ssh_public_key = 2; 163 164 // Mask to control which fields get updated. Updates all if not present. 165 google.protobuf.FieldMask update_mask = 3; 166} 167