84a258e247
* Added retention support for project-factory buckets * Cleanup * Added retention_policy to project.schema.md in PF stage --------- Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
864 lines
21 KiB
JSON
864 lines
21 KiB
JSON
{
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"title": "Project",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"automation": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"project"
|
|
],
|
|
"properties": {
|
|
"prefix": {
|
|
"type": "string"
|
|
},
|
|
"project": {
|
|
"type": "string"
|
|
},
|
|
"bucket": {
|
|
"$ref": "#/$defs/bucket"
|
|
},
|
|
"service_accounts": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"iam_billing_roles": {
|
|
"$ref": "#/$defs/iam_billing_roles"
|
|
},
|
|
"iam_folder_roles": {
|
|
"$ref": "#/$defs/iam_folder_roles"
|
|
},
|
|
"iam_organization_roles": {
|
|
"$ref": "#/$defs/iam_organization_roles"
|
|
},
|
|
"iam_project_roles": {
|
|
"$ref": "#/$defs/iam_project_roles"
|
|
},
|
|
"iam_sa_roles": {
|
|
"$ref": "#/$defs/iam_sa_roles"
|
|
},
|
|
"iam_storage_roles": {
|
|
"$ref": "#/$defs/iam_storage_roles"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"billing_account": {
|
|
"type": "string"
|
|
},
|
|
"billing_budgets": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"buckets": {
|
|
"$ref": "#/$defs/buckets"
|
|
},
|
|
"contacts": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"datasets": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"friendly_name": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"deletion_policy": {
|
|
"type": "string",
|
|
"enum": [
|
|
"PREVENT",
|
|
"DELETE",
|
|
"ABANDON"
|
|
]
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"iam_by_principals": {
|
|
"$ref": "#/$defs/iam_by_principals"
|
|
},
|
|
"iam_by_principals_additive": {
|
|
"$ref": "#/$defs/iam_by_principals"
|
|
},
|
|
"labels": {
|
|
"type": "object"
|
|
},
|
|
"log_buckets": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"$ref": "#/$defs/log_bucket"
|
|
}
|
|
}
|
|
},
|
|
"metric_scopes": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"org_policies": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z]+\\.": {
|
|
"type": "object",
|
|
"properties": {
|
|
"inherit_from_parent": {
|
|
"type": "boolean"
|
|
},
|
|
"reset": {
|
|
"type": "boolean"
|
|
},
|
|
"rules": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"allow": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"all": {
|
|
"type": "boolean"
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"deny": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"all": {
|
|
"type": "boolean"
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"enforce": {
|
|
"type": "boolean"
|
|
},
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"quotas": {
|
|
"title": "Quotas",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-zA-Z0-9_-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"service",
|
|
"quota_id",
|
|
"preferred_value"
|
|
],
|
|
"properties": {
|
|
"service": {
|
|
"type": "string"
|
|
},
|
|
"quota_id": {
|
|
"type": "string"
|
|
},
|
|
"preferred_value": {
|
|
"type": "number"
|
|
},
|
|
"dimensions": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"justification": {
|
|
"type": "string"
|
|
},
|
|
"contact_email": {
|
|
"type": "string"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"ignore_safety_checks": {
|
|
"type": "string",
|
|
"enum": [
|
|
"QUOTA_DECREASE_BELOW_USAGE",
|
|
"QUOTA_DECREASE_PERCENTAGE_TOO_HIGH",
|
|
"QUOTA_SAFETY_CHECK_UNSPECIFIED"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"parent": {
|
|
"type": "string"
|
|
},
|
|
"prefix": {
|
|
"type": "string"
|
|
},
|
|
"project_reuse": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"use_data_source": {
|
|
"type": "boolean"
|
|
},
|
|
"attributes": {
|
|
"type": "object",
|
|
"required": [
|
|
"name",
|
|
"number"
|
|
],
|
|
"properties": {
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"number": {
|
|
"type": "number"
|
|
},
|
|
"services_enabled": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"project_template": {
|
|
"type": "string"
|
|
},
|
|
"service_accounts": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"display_name": {
|
|
"type": "string"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_self_roles": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"iam_project_roles": {
|
|
"$ref": "#/$defs/iam_project_roles"
|
|
},
|
|
"iam_sa_roles": {
|
|
"$ref": "#/$defs/iam_sa_roles"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"service_encryption_key_ids": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z-]+\\.googleapis\\.com$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"services": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^[a-z-]+\\.googleapis\\.com$"
|
|
}
|
|
},
|
|
"shared_vpc_host_config": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"enabled"
|
|
],
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean"
|
|
},
|
|
"service_projects": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"shared_vpc_service_config": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"host_project"
|
|
],
|
|
"properties": {
|
|
"host_project": {
|
|
"type": "string"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"network_users": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"service_agent_iam": {
|
|
"type": "object",
|
|
"additionalItems": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"service_agent_subnet_iam": {
|
|
"type": "object",
|
|
"additionalItems": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"service_iam_grants": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"network_subnet_users": {
|
|
"type": "object",
|
|
"additionalItems": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"tag_bindings": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"tags": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"id": {
|
|
"type": "string"
|
|
},
|
|
"values": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"id": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"universe": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"prefix": {
|
|
"type": "string"
|
|
},
|
|
"forced_jit_service_identities": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"unavailable_services": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"unavailable_service_identities": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"vpc_sc": {
|
|
"type": "object",
|
|
"additionalItems": false,
|
|
"required": [
|
|
"perimeter_name"
|
|
],
|
|
"properties": {
|
|
"perimeter_name": {
|
|
"type": "string"
|
|
},
|
|
"is_dry_run": {
|
|
"type": "boolean"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"$defs": {
|
|
"bucket": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"name": {
|
|
"type": "string"
|
|
},
|
|
"create": {
|
|
"type": "boolean",
|
|
"default": true
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
},
|
|
"force_destroy": {
|
|
"type": "boolean"
|
|
},
|
|
"labels": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
},
|
|
"managed_folders": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-zA-Z0-9][a-zA-Z0-9_/-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"force_destroy": {
|
|
"type": "boolean"
|
|
},
|
|
"iam": {
|
|
"$ref": "#/$defs/iam"
|
|
},
|
|
"iam_bindings": {
|
|
"$ref": "#/$defs/iam_bindings"
|
|
},
|
|
"iam_bindings_additive": {
|
|
"$ref": "#/$defs/iam_bindings_additive"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"prefix": {
|
|
"type": "string"
|
|
},
|
|
"storage_class": {
|
|
"type": "string"
|
|
},
|
|
"uniform_bucket_level_access": {
|
|
"type": "boolean"
|
|
},
|
|
"versioning": {
|
|
"type": "boolean"
|
|
},
|
|
"retention_policy": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"retention_period": {
|
|
"type": "number"
|
|
},
|
|
"is_locked": {
|
|
"type": "boolean"
|
|
}
|
|
}
|
|
},
|
|
"enable_object_retention": {
|
|
"type": "boolean"
|
|
}
|
|
}
|
|
},
|
|
"buckets": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"$ref": "#/$defs/bucket"
|
|
}
|
|
}
|
|
},
|
|
"iam": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(?:roles/|\\$custom_roles:)": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:||\\$iam_principals:[a-z0-9_-]+)"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_bindings": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"members": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:[a-z0-9_-]+)"
|
|
}
|
|
},
|
|
"role": {
|
|
"type": "string",
|
|
"pattern": "^(?:roles/|\\$custom_roles:)"
|
|
},
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"expression",
|
|
"title"
|
|
],
|
|
"properties": {
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_bindings_additive": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9_-]+$": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"member": {
|
|
"type": "string",
|
|
"pattern": "^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:[a-z0-9_-]+)"
|
|
},
|
|
"role": {
|
|
"type": "string",
|
|
"pattern": "^(?:roles/|\\$custom_roles:)"
|
|
},
|
|
"condition": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"expression",
|
|
"title"
|
|
],
|
|
"properties": {
|
|
"expression": {
|
|
"type": "string"
|
|
},
|
|
"title": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_by_principals": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(?:domain:|group:|serviceAccount:|user:|principal:|principalSet:|\\$iam_principals:[a-z0-9_-]+)": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^(?:roles/|\\$custom_roles:)"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_billing_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_folder_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_organization_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_project_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(?:[a-z0-9-]|\\$project_ids:[a-z0-9_-])+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_sa_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^(?:\\$service_account_ids:|projects/)": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"iam_storage_roles": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"patternProperties": {
|
|
"^[a-z0-9-]+$": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"log_bucket": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"kms_key_name": {
|
|
"type": "string"
|
|
},
|
|
"location": {
|
|
"type": "string"
|
|
},
|
|
"log_analytics": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"enable": {
|
|
"type": "boolean",
|
|
"default": false
|
|
},
|
|
"dataset_link_id": {
|
|
"type": "string"
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"retention": {
|
|
"type": "number"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} |