google_cloud_confidentialcomputing_v1/model.rs
1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16
17#![allow(rustdoc::redundant_explicit_links)]
18#![allow(rustdoc::broken_intra_doc_links)]
19#![no_implicit_prelude]
20extern crate async_trait;
21extern crate bytes;
22extern crate gaxi;
23extern crate google_cloud_gax;
24extern crate google_cloud_location;
25extern crate google_cloud_rpc;
26extern crate lazy_static;
27extern crate serde;
28extern crate serde_json;
29extern crate serde_with;
30extern crate std;
31extern crate tracing;
32extern crate wkt;
33
34mod debug;
35mod deserialize;
36mod serialize;
37
38/// A Challenge from the server used to guarantee freshness of attestations
39#[derive(Clone, Default, PartialEq)]
40#[non_exhaustive]
41pub struct Challenge {
42 /// Output only. The resource name for this Challenge in the format
43 /// `projects/*/locations/*/challenges/*`
44 pub name: std::string::String,
45
46 /// Output only. The time at which this Challenge was created
47 pub create_time: std::option::Option<wkt::Timestamp>,
48
49 /// Output only. The time at which this Challenge will no longer be usable. It
50 /// is also the expiration time for any tokens generated from this Challenge.
51 pub expire_time: std::option::Option<wkt::Timestamp>,
52
53 /// Output only. Indicates if this challenge has been used to generate a token.
54 pub used: bool,
55
56 /// Output only. Identical to nonce, but as a string.
57 pub tpm_nonce: std::string::String,
58
59 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
60}
61
62impl Challenge {
63 pub fn new() -> Self {
64 std::default::Default::default()
65 }
66
67 /// Sets the value of [name][crate::model::Challenge::name].
68 ///
69 /// # Example
70 /// ```ignore,no_run
71 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
72 /// let x = Challenge::new().set_name("example");
73 /// ```
74 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
75 self.name = v.into();
76 self
77 }
78
79 /// Sets the value of [create_time][crate::model::Challenge::create_time].
80 ///
81 /// # Example
82 /// ```ignore,no_run
83 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
84 /// use wkt::Timestamp;
85 /// let x = Challenge::new().set_create_time(Timestamp::default()/* use setters */);
86 /// ```
87 pub fn set_create_time<T>(mut self, v: T) -> Self
88 where
89 T: std::convert::Into<wkt::Timestamp>,
90 {
91 self.create_time = std::option::Option::Some(v.into());
92 self
93 }
94
95 /// Sets or clears the value of [create_time][crate::model::Challenge::create_time].
96 ///
97 /// # Example
98 /// ```ignore,no_run
99 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
100 /// use wkt::Timestamp;
101 /// let x = Challenge::new().set_or_clear_create_time(Some(Timestamp::default()/* use setters */));
102 /// let x = Challenge::new().set_or_clear_create_time(None::<Timestamp>);
103 /// ```
104 pub fn set_or_clear_create_time<T>(mut self, v: std::option::Option<T>) -> Self
105 where
106 T: std::convert::Into<wkt::Timestamp>,
107 {
108 self.create_time = v.map(|x| x.into());
109 self
110 }
111
112 /// Sets the value of [expire_time][crate::model::Challenge::expire_time].
113 ///
114 /// # Example
115 /// ```ignore,no_run
116 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
117 /// use wkt::Timestamp;
118 /// let x = Challenge::new().set_expire_time(Timestamp::default()/* use setters */);
119 /// ```
120 pub fn set_expire_time<T>(mut self, v: T) -> Self
121 where
122 T: std::convert::Into<wkt::Timestamp>,
123 {
124 self.expire_time = std::option::Option::Some(v.into());
125 self
126 }
127
128 /// Sets or clears the value of [expire_time][crate::model::Challenge::expire_time].
129 ///
130 /// # Example
131 /// ```ignore,no_run
132 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
133 /// use wkt::Timestamp;
134 /// let x = Challenge::new().set_or_clear_expire_time(Some(Timestamp::default()/* use setters */));
135 /// let x = Challenge::new().set_or_clear_expire_time(None::<Timestamp>);
136 /// ```
137 pub fn set_or_clear_expire_time<T>(mut self, v: std::option::Option<T>) -> Self
138 where
139 T: std::convert::Into<wkt::Timestamp>,
140 {
141 self.expire_time = v.map(|x| x.into());
142 self
143 }
144
145 /// Sets the value of [used][crate::model::Challenge::used].
146 ///
147 /// # Example
148 /// ```ignore,no_run
149 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
150 /// let x = Challenge::new().set_used(true);
151 /// ```
152 pub fn set_used<T: std::convert::Into<bool>>(mut self, v: T) -> Self {
153 self.used = v.into();
154 self
155 }
156
157 /// Sets the value of [tpm_nonce][crate::model::Challenge::tpm_nonce].
158 ///
159 /// # Example
160 /// ```ignore,no_run
161 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
162 /// let x = Challenge::new().set_tpm_nonce("example");
163 /// ```
164 pub fn set_tpm_nonce<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
165 self.tpm_nonce = v.into();
166 self
167 }
168}
169
170impl wkt::message::Message for Challenge {
171 fn typename() -> &'static str {
172 "type.googleapis.com/google.cloud.confidentialcomputing.v1.Challenge"
173 }
174}
175
176/// Message for creating a Challenge
177#[derive(Clone, Default, PartialEq)]
178#[non_exhaustive]
179pub struct CreateChallengeRequest {
180 /// Required. The resource name of the location where the Challenge will be
181 /// used, in the format `projects/*/locations/*`.
182 pub parent: std::string::String,
183
184 /// Required. The Challenge to be created. Currently this field can be empty as
185 /// all the Challenge fields are set by the server.
186 pub challenge: std::option::Option<crate::model::Challenge>,
187
188 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
189}
190
191impl CreateChallengeRequest {
192 pub fn new() -> Self {
193 std::default::Default::default()
194 }
195
196 /// Sets the value of [parent][crate::model::CreateChallengeRequest::parent].
197 ///
198 /// # Example
199 /// ```ignore,no_run
200 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
201 /// let x = CreateChallengeRequest::new().set_parent("example");
202 /// ```
203 pub fn set_parent<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
204 self.parent = v.into();
205 self
206 }
207
208 /// Sets the value of [challenge][crate::model::CreateChallengeRequest::challenge].
209 ///
210 /// # Example
211 /// ```ignore,no_run
212 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
213 /// use google_cloud_confidentialcomputing_v1::model::Challenge;
214 /// let x = CreateChallengeRequest::new().set_challenge(Challenge::default()/* use setters */);
215 /// ```
216 pub fn set_challenge<T>(mut self, v: T) -> Self
217 where
218 T: std::convert::Into<crate::model::Challenge>,
219 {
220 self.challenge = std::option::Option::Some(v.into());
221 self
222 }
223
224 /// Sets or clears the value of [challenge][crate::model::CreateChallengeRequest::challenge].
225 ///
226 /// # Example
227 /// ```ignore,no_run
228 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
229 /// use google_cloud_confidentialcomputing_v1::model::Challenge;
230 /// let x = CreateChallengeRequest::new().set_or_clear_challenge(Some(Challenge::default()/* use setters */));
231 /// let x = CreateChallengeRequest::new().set_or_clear_challenge(None::<Challenge>);
232 /// ```
233 pub fn set_or_clear_challenge<T>(mut self, v: std::option::Option<T>) -> Self
234 where
235 T: std::convert::Into<crate::model::Challenge>,
236 {
237 self.challenge = v.map(|x| x.into());
238 self
239 }
240}
241
242impl wkt::message::Message for CreateChallengeRequest {
243 fn typename() -> &'static str {
244 "type.googleapis.com/google.cloud.confidentialcomputing.v1.CreateChallengeRequest"
245 }
246}
247
248/// A request for an attestation token, providing all the necessary information
249/// needed for this service to verify the platform state of the requestor.
250#[derive(Clone, Default, PartialEq)]
251#[non_exhaustive]
252pub struct VerifyAttestationRequest {
253 /// Required. The name of the Challenge whose nonce was used to generate the
254 /// attestation, in the format `projects/*/locations/*/challenges/*`. The
255 /// provided Challenge will be consumed, and cannot be used again.
256 pub challenge: std::string::String,
257
258 /// Optional. Credentials used to populate the "emails" claim in the
259 /// claims_token.
260 pub gcp_credentials: std::option::Option<crate::model::GcpCredentials>,
261
262 /// Required. The TPM-specific data provided by the attesting platform, used to
263 /// populate any of the claims regarding platform state.
264 pub tpm_attestation: std::option::Option<crate::model::TpmAttestation>,
265
266 /// Optional. Optional information related to the Confidential Space TEE.
267 pub confidential_space_info: std::option::Option<crate::model::ConfidentialSpaceInfo>,
268
269 /// Optional. A collection of optional, workload-specified claims that modify
270 /// the token output.
271 pub token_options: std::option::Option<crate::model::TokenOptions>,
272
273 /// Optional. An optional indicator of the attester, only applies to certain
274 /// products.
275 pub attester: std::string::String,
276
277 /// An optional tee attestation report, used to populate hardware rooted
278 /// claims.
279 pub tee_attestation:
280 std::option::Option<crate::model::verify_attestation_request::TeeAttestation>,
281
282 /// An optional device attestation report.
283 pub device_attestation:
284 std::option::Option<crate::model::verify_attestation_request::DeviceAttestation>,
285
286 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
287}
288
289impl VerifyAttestationRequest {
290 pub fn new() -> Self {
291 std::default::Default::default()
292 }
293
294 /// Sets the value of [challenge][crate::model::VerifyAttestationRequest::challenge].
295 ///
296 /// # Example
297 /// ```ignore,no_run
298 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
299 /// let x = VerifyAttestationRequest::new().set_challenge("example");
300 /// ```
301 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
302 self.challenge = v.into();
303 self
304 }
305
306 /// Sets the value of [gcp_credentials][crate::model::VerifyAttestationRequest::gcp_credentials].
307 ///
308 /// # Example
309 /// ```ignore,no_run
310 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
311 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
312 /// let x = VerifyAttestationRequest::new().set_gcp_credentials(GcpCredentials::default()/* use setters */);
313 /// ```
314 pub fn set_gcp_credentials<T>(mut self, v: T) -> Self
315 where
316 T: std::convert::Into<crate::model::GcpCredentials>,
317 {
318 self.gcp_credentials = std::option::Option::Some(v.into());
319 self
320 }
321
322 /// Sets or clears the value of [gcp_credentials][crate::model::VerifyAttestationRequest::gcp_credentials].
323 ///
324 /// # Example
325 /// ```ignore,no_run
326 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
327 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
328 /// let x = VerifyAttestationRequest::new().set_or_clear_gcp_credentials(Some(GcpCredentials::default()/* use setters */));
329 /// let x = VerifyAttestationRequest::new().set_or_clear_gcp_credentials(None::<GcpCredentials>);
330 /// ```
331 pub fn set_or_clear_gcp_credentials<T>(mut self, v: std::option::Option<T>) -> Self
332 where
333 T: std::convert::Into<crate::model::GcpCredentials>,
334 {
335 self.gcp_credentials = v.map(|x| x.into());
336 self
337 }
338
339 /// Sets the value of [tpm_attestation][crate::model::VerifyAttestationRequest::tpm_attestation].
340 ///
341 /// # Example
342 /// ```ignore,no_run
343 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
344 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
345 /// let x = VerifyAttestationRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
346 /// ```
347 pub fn set_tpm_attestation<T>(mut self, v: T) -> Self
348 where
349 T: std::convert::Into<crate::model::TpmAttestation>,
350 {
351 self.tpm_attestation = std::option::Option::Some(v.into());
352 self
353 }
354
355 /// Sets or clears the value of [tpm_attestation][crate::model::VerifyAttestationRequest::tpm_attestation].
356 ///
357 /// # Example
358 /// ```ignore,no_run
359 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
360 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
361 /// let x = VerifyAttestationRequest::new().set_or_clear_tpm_attestation(Some(TpmAttestation::default()/* use setters */));
362 /// let x = VerifyAttestationRequest::new().set_or_clear_tpm_attestation(None::<TpmAttestation>);
363 /// ```
364 pub fn set_or_clear_tpm_attestation<T>(mut self, v: std::option::Option<T>) -> Self
365 where
366 T: std::convert::Into<crate::model::TpmAttestation>,
367 {
368 self.tpm_attestation = v.map(|x| x.into());
369 self
370 }
371
372 /// Sets the value of [confidential_space_info][crate::model::VerifyAttestationRequest::confidential_space_info].
373 ///
374 /// # Example
375 /// ```ignore,no_run
376 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
377 /// use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
378 /// let x = VerifyAttestationRequest::new().set_confidential_space_info(ConfidentialSpaceInfo::default()/* use setters */);
379 /// ```
380 pub fn set_confidential_space_info<T>(mut self, v: T) -> Self
381 where
382 T: std::convert::Into<crate::model::ConfidentialSpaceInfo>,
383 {
384 self.confidential_space_info = std::option::Option::Some(v.into());
385 self
386 }
387
388 /// Sets or clears the value of [confidential_space_info][crate::model::VerifyAttestationRequest::confidential_space_info].
389 ///
390 /// # Example
391 /// ```ignore,no_run
392 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
393 /// use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
394 /// let x = VerifyAttestationRequest::new().set_or_clear_confidential_space_info(Some(ConfidentialSpaceInfo::default()/* use setters */));
395 /// let x = VerifyAttestationRequest::new().set_or_clear_confidential_space_info(None::<ConfidentialSpaceInfo>);
396 /// ```
397 pub fn set_or_clear_confidential_space_info<T>(mut self, v: std::option::Option<T>) -> Self
398 where
399 T: std::convert::Into<crate::model::ConfidentialSpaceInfo>,
400 {
401 self.confidential_space_info = v.map(|x| x.into());
402 self
403 }
404
405 /// Sets the value of [token_options][crate::model::VerifyAttestationRequest::token_options].
406 ///
407 /// # Example
408 /// ```ignore,no_run
409 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
410 /// use google_cloud_confidentialcomputing_v1::model::TokenOptions;
411 /// let x = VerifyAttestationRequest::new().set_token_options(TokenOptions::default()/* use setters */);
412 /// ```
413 pub fn set_token_options<T>(mut self, v: T) -> Self
414 where
415 T: std::convert::Into<crate::model::TokenOptions>,
416 {
417 self.token_options = std::option::Option::Some(v.into());
418 self
419 }
420
421 /// Sets or clears the value of [token_options][crate::model::VerifyAttestationRequest::token_options].
422 ///
423 /// # Example
424 /// ```ignore,no_run
425 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
426 /// use google_cloud_confidentialcomputing_v1::model::TokenOptions;
427 /// let x = VerifyAttestationRequest::new().set_or_clear_token_options(Some(TokenOptions::default()/* use setters */));
428 /// let x = VerifyAttestationRequest::new().set_or_clear_token_options(None::<TokenOptions>);
429 /// ```
430 pub fn set_or_clear_token_options<T>(mut self, v: std::option::Option<T>) -> Self
431 where
432 T: std::convert::Into<crate::model::TokenOptions>,
433 {
434 self.token_options = v.map(|x| x.into());
435 self
436 }
437
438 /// Sets the value of [attester][crate::model::VerifyAttestationRequest::attester].
439 ///
440 /// # Example
441 /// ```ignore,no_run
442 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
443 /// let x = VerifyAttestationRequest::new().set_attester("example");
444 /// ```
445 pub fn set_attester<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
446 self.attester = v.into();
447 self
448 }
449
450 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation].
451 ///
452 /// Note that all the setters affecting `tee_attestation` are mutually
453 /// exclusive.
454 ///
455 /// # Example
456 /// ```ignore,no_run
457 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
458 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
459 /// let x = VerifyAttestationRequest::new().set_tee_attestation(Some(
460 /// google_cloud_confidentialcomputing_v1::model::verify_attestation_request::TeeAttestation::TdCcel(TdxCcelAttestation::default().into())));
461 /// ```
462 pub fn set_tee_attestation<
463 T: std::convert::Into<
464 std::option::Option<crate::model::verify_attestation_request::TeeAttestation>,
465 >,
466 >(
467 mut self,
468 v: T,
469 ) -> Self {
470 self.tee_attestation = v.into();
471 self
472 }
473
474 /// The value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
475 /// if it holds a `TdCcel`, `None` if the field is not set or
476 /// holds a different branch.
477 pub fn td_ccel(
478 &self,
479 ) -> std::option::Option<&std::boxed::Box<crate::model::TdxCcelAttestation>> {
480 #[allow(unreachable_patterns)]
481 self.tee_attestation.as_ref().and_then(|v| match v {
482 crate::model::verify_attestation_request::TeeAttestation::TdCcel(v) => {
483 std::option::Option::Some(v)
484 }
485 _ => std::option::Option::None,
486 })
487 }
488
489 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
490 /// to hold a `TdCcel`.
491 ///
492 /// Note that all the setters affecting `tee_attestation` are
493 /// mutually exclusive.
494 ///
495 /// # Example
496 /// ```ignore,no_run
497 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
498 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
499 /// let x = VerifyAttestationRequest::new().set_td_ccel(TdxCcelAttestation::default()/* use setters */);
500 /// assert!(x.td_ccel().is_some());
501 /// assert!(x.sev_snp_attestation().is_none());
502 /// ```
503 pub fn set_td_ccel<T: std::convert::Into<std::boxed::Box<crate::model::TdxCcelAttestation>>>(
504 mut self,
505 v: T,
506 ) -> Self {
507 self.tee_attestation = std::option::Option::Some(
508 crate::model::verify_attestation_request::TeeAttestation::TdCcel(v.into()),
509 );
510 self
511 }
512
513 /// The value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
514 /// if it holds a `SevSnpAttestation`, `None` if the field is not set or
515 /// holds a different branch.
516 pub fn sev_snp_attestation(
517 &self,
518 ) -> std::option::Option<&std::boxed::Box<crate::model::SevSnpAttestation>> {
519 #[allow(unreachable_patterns)]
520 self.tee_attestation.as_ref().and_then(|v| match v {
521 crate::model::verify_attestation_request::TeeAttestation::SevSnpAttestation(v) => {
522 std::option::Option::Some(v)
523 }
524 _ => std::option::Option::None,
525 })
526 }
527
528 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
529 /// to hold a `SevSnpAttestation`.
530 ///
531 /// Note that all the setters affecting `tee_attestation` are
532 /// mutually exclusive.
533 ///
534 /// # Example
535 /// ```ignore,no_run
536 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
537 /// use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
538 /// let x = VerifyAttestationRequest::new().set_sev_snp_attestation(SevSnpAttestation::default()/* use setters */);
539 /// assert!(x.sev_snp_attestation().is_some());
540 /// assert!(x.td_ccel().is_none());
541 /// ```
542 pub fn set_sev_snp_attestation<
543 T: std::convert::Into<std::boxed::Box<crate::model::SevSnpAttestation>>,
544 >(
545 mut self,
546 v: T,
547 ) -> Self {
548 self.tee_attestation = std::option::Option::Some(
549 crate::model::verify_attestation_request::TeeAttestation::SevSnpAttestation(v.into()),
550 );
551 self
552 }
553
554 /// Sets the value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation].
555 ///
556 /// Note that all the setters affecting `device_attestation` are mutually
557 /// exclusive.
558 ///
559 /// # Example
560 /// ```ignore,no_run
561 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
562 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
563 /// let x = VerifyAttestationRequest::new().set_device_attestation(Some(
564 /// google_cloud_confidentialcomputing_v1::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(NvidiaAttestation::default().into())));
565 /// ```
566 pub fn set_device_attestation<
567 T: std::convert::Into<
568 std::option::Option<crate::model::verify_attestation_request::DeviceAttestation>,
569 >,
570 >(
571 mut self,
572 v: T,
573 ) -> Self {
574 self.device_attestation = v.into();
575 self
576 }
577
578 /// The value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation]
579 /// if it holds a `NvidiaAttestation`, `None` if the field is not set or
580 /// holds a different branch.
581 pub fn nvidia_attestation(
582 &self,
583 ) -> std::option::Option<&std::boxed::Box<crate::model::NvidiaAttestation>> {
584 #[allow(unreachable_patterns)]
585 self.device_attestation.as_ref().and_then(|v| match v {
586 crate::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(v) => {
587 std::option::Option::Some(v)
588 }
589 _ => std::option::Option::None,
590 })
591 }
592
593 /// Sets the value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation]
594 /// to hold a `NvidiaAttestation`.
595 ///
596 /// Note that all the setters affecting `device_attestation` are
597 /// mutually exclusive.
598 ///
599 /// # Example
600 /// ```ignore,no_run
601 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
602 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
603 /// let x = VerifyAttestationRequest::new().set_nvidia_attestation(NvidiaAttestation::default()/* use setters */);
604 /// assert!(x.nvidia_attestation().is_some());
605 /// ```
606 pub fn set_nvidia_attestation<
607 T: std::convert::Into<std::boxed::Box<crate::model::NvidiaAttestation>>,
608 >(
609 mut self,
610 v: T,
611 ) -> Self {
612 self.device_attestation = std::option::Option::Some(
613 crate::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(
614 v.into(),
615 ),
616 );
617 self
618 }
619}
620
621impl wkt::message::Message for VerifyAttestationRequest {
622 fn typename() -> &'static str {
623 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyAttestationRequest"
624 }
625}
626
627/// Defines additional types related to [VerifyAttestationRequest].
628pub mod verify_attestation_request {
629 #[allow(unused_imports)]
630 use super::*;
631
632 /// An optional tee attestation report, used to populate hardware rooted
633 /// claims.
634 #[derive(Clone, Debug, PartialEq)]
635 #[non_exhaustive]
636 pub enum TeeAttestation {
637 /// Optional. A TDX with CCEL and RTMR Attestation Quote.
638 TdCcel(std::boxed::Box<crate::model::TdxCcelAttestation>),
639 /// Optional. An SEV-SNP Attestation Report.
640 SevSnpAttestation(std::boxed::Box<crate::model::SevSnpAttestation>),
641 }
642
643 /// An optional device attestation report.
644 #[derive(Clone, Debug, PartialEq)]
645 #[non_exhaustive]
646 pub enum DeviceAttestation {
647 /// Optional. An Nvidia attestation report for GPU and NVSwitch devices.
648 NvidiaAttestation(std::boxed::Box<crate::model::NvidiaAttestation>),
649 }
650}
651
652/// An Nvidia attestation report for GPU and NVSwitch devices.
653/// Contains necessary attestation evidence that the client collects for
654/// verification.
655#[derive(Clone, Default, PartialEq)]
656#[non_exhaustive]
657pub struct NvidiaAttestation {
658 /// The Confidential Computing feature that the attestation is for.
659 pub cc_feature: std::option::Option<crate::model::nvidia_attestation::CcFeature>,
660
661 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
662}
663
664impl NvidiaAttestation {
665 pub fn new() -> Self {
666 std::default::Default::default()
667 }
668
669 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature].
670 ///
671 /// Note that all the setters affecting `cc_feature` are mutually
672 /// exclusive.
673 ///
674 /// # Example
675 /// ```ignore,no_run
676 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
677 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
678 /// let x = NvidiaAttestation::new().set_cc_feature(Some(
679 /// google_cloud_confidentialcomputing_v1::model::nvidia_attestation::CcFeature::Spt(SinglePassthroughAttestation::default().into())));
680 /// ```
681 pub fn set_cc_feature<
682 T: std::convert::Into<std::option::Option<crate::model::nvidia_attestation::CcFeature>>,
683 >(
684 mut self,
685 v: T,
686 ) -> Self {
687 self.cc_feature = v.into();
688 self
689 }
690
691 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
692 /// if it holds a `Spt`, `None` if the field is not set or
693 /// holds a different branch.
694 pub fn spt(
695 &self,
696 ) -> std::option::Option<
697 &std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>,
698 > {
699 #[allow(unreachable_patterns)]
700 self.cc_feature.as_ref().and_then(|v| match v {
701 crate::model::nvidia_attestation::CcFeature::Spt(v) => std::option::Option::Some(v),
702 _ => std::option::Option::None,
703 })
704 }
705
706 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
707 /// to hold a `Spt`.
708 ///
709 /// Note that all the setters affecting `cc_feature` are
710 /// mutually exclusive.
711 ///
712 /// # Example
713 /// ```ignore,no_run
714 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
715 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
716 /// let x = NvidiaAttestation::new().set_spt(SinglePassthroughAttestation::default()/* use setters */);
717 /// assert!(x.spt().is_some());
718 /// assert!(x.ppcie().is_none());
719 /// assert!(x.mpt().is_none());
720 /// ```
721 pub fn set_spt<
722 T: std::convert::Into<
723 std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>,
724 >,
725 >(
726 mut self,
727 v: T,
728 ) -> Self {
729 self.cc_feature =
730 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Spt(v.into()));
731 self
732 }
733
734 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
735 /// if it holds a `Ppcie`, `None` if the field is not set or
736 /// holds a different branch.
737 pub fn ppcie(
738 &self,
739 ) -> std::option::Option<
740 &std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>,
741 > {
742 #[allow(unreachable_patterns)]
743 self.cc_feature.as_ref().and_then(|v| match v {
744 crate::model::nvidia_attestation::CcFeature::Ppcie(v) => std::option::Option::Some(v),
745 _ => std::option::Option::None,
746 })
747 }
748
749 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
750 /// to hold a `Ppcie`.
751 ///
752 /// Note that all the setters affecting `cc_feature` are
753 /// mutually exclusive.
754 ///
755 /// # Example
756 /// ```ignore,no_run
757 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
758 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
759 /// let x = NvidiaAttestation::new().set_ppcie(ProtectedPcieAttestation::default()/* use setters */);
760 /// assert!(x.ppcie().is_some());
761 /// assert!(x.spt().is_none());
762 /// assert!(x.mpt().is_none());
763 /// ```
764 pub fn set_ppcie<
765 T: std::convert::Into<
766 std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>,
767 >,
768 >(
769 mut self,
770 v: T,
771 ) -> Self {
772 self.cc_feature =
773 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Ppcie(v.into()));
774 self
775 }
776
777 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
778 /// if it holds a `Mpt`, `None` if the field is not set or
779 /// holds a different branch.
780 pub fn mpt(
781 &self,
782 ) -> std::option::Option<
783 &std::boxed::Box<crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation>,
784 > {
785 #[allow(unreachable_patterns)]
786 self.cc_feature.as_ref().and_then(|v| match v {
787 crate::model::nvidia_attestation::CcFeature::Mpt(v) => std::option::Option::Some(v),
788 _ => std::option::Option::None,
789 })
790 }
791
792 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
793 /// to hold a `Mpt`.
794 ///
795 /// Note that all the setters affecting `cc_feature` are
796 /// mutually exclusive.
797 ///
798 /// # Example
799 /// ```ignore,no_run
800 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
801 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation;
802 /// let x = NvidiaAttestation::new().set_mpt(MultiGpuSecurePassthroughAttestation::default()/* use setters */);
803 /// assert!(x.mpt().is_some());
804 /// assert!(x.spt().is_none());
805 /// assert!(x.ppcie().is_none());
806 /// ```
807 pub fn set_mpt<
808 T: std::convert::Into<
809 std::boxed::Box<
810 crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation,
811 >,
812 >,
813 >(
814 mut self,
815 v: T,
816 ) -> Self {
817 self.cc_feature =
818 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Mpt(v.into()));
819 self
820 }
821}
822
823impl wkt::message::Message for NvidiaAttestation {
824 fn typename() -> &'static str {
825 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation"
826 }
827}
828
829/// Defines additional types related to [NvidiaAttestation].
830pub mod nvidia_attestation {
831 #[allow(unused_imports)]
832 use super::*;
833
834 /// GpuInfo contains the attestation evidence for a GPU device.
835 #[derive(Clone, Default, PartialEq)]
836 #[non_exhaustive]
837 pub struct GpuInfo {
838 /// Optional. The UUID of the GPU device.
839 pub uuid: std::string::String,
840
841 /// Optional. The driver version of the GPU.
842 pub driver_version: std::string::String,
843
844 /// Optional. The vBIOS version of the GPU.
845 pub vbios_version: std::string::String,
846
847 /// Optional. The GPU architecture type.
848 pub gpu_architecture_type: crate::model::nvidia_attestation::GpuArchitectureType,
849
850 /// Optional. The raw attestation certificate chain for the GPU device.
851 pub attestation_certificate_chain: ::bytes::Bytes,
852
853 /// Optional. The raw attestation report for the GPU device.
854 /// This field contains SPDM request/response defined in
855 /// <https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.0.pdf>
856 pub attestation_report: ::bytes::Bytes,
857
858 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
859 }
860
861 impl GpuInfo {
862 pub fn new() -> Self {
863 std::default::Default::default()
864 }
865
866 /// Sets the value of [uuid][crate::model::nvidia_attestation::GpuInfo::uuid].
867 ///
868 /// # Example
869 /// ```ignore,no_run
870 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
871 /// let x = GpuInfo::new().set_uuid("example");
872 /// ```
873 pub fn set_uuid<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
874 self.uuid = v.into();
875 self
876 }
877
878 /// Sets the value of [driver_version][crate::model::nvidia_attestation::GpuInfo::driver_version].
879 ///
880 /// # Example
881 /// ```ignore,no_run
882 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
883 /// let x = GpuInfo::new().set_driver_version("example");
884 /// ```
885 pub fn set_driver_version<T: std::convert::Into<std::string::String>>(
886 mut self,
887 v: T,
888 ) -> Self {
889 self.driver_version = v.into();
890 self
891 }
892
893 /// Sets the value of [vbios_version][crate::model::nvidia_attestation::GpuInfo::vbios_version].
894 ///
895 /// # Example
896 /// ```ignore,no_run
897 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
898 /// let x = GpuInfo::new().set_vbios_version("example");
899 /// ```
900 pub fn set_vbios_version<T: std::convert::Into<std::string::String>>(
901 mut self,
902 v: T,
903 ) -> Self {
904 self.vbios_version = v.into();
905 self
906 }
907
908 /// Sets the value of [gpu_architecture_type][crate::model::nvidia_attestation::GpuInfo::gpu_architecture_type].
909 ///
910 /// # Example
911 /// ```ignore,no_run
912 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
913 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuArchitectureType;
914 /// let x0 = GpuInfo::new().set_gpu_architecture_type(GpuArchitectureType::Hopper);
915 /// let x1 = GpuInfo::new().set_gpu_architecture_type(GpuArchitectureType::Blackwell);
916 /// ```
917 pub fn set_gpu_architecture_type<
918 T: std::convert::Into<crate::model::nvidia_attestation::GpuArchitectureType>,
919 >(
920 mut self,
921 v: T,
922 ) -> Self {
923 self.gpu_architecture_type = v.into();
924 self
925 }
926
927 /// Sets the value of [attestation_certificate_chain][crate::model::nvidia_attestation::GpuInfo::attestation_certificate_chain].
928 ///
929 /// # Example
930 /// ```ignore,no_run
931 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
932 /// let x = GpuInfo::new().set_attestation_certificate_chain(bytes::Bytes::from_static(b"example"));
933 /// ```
934 pub fn set_attestation_certificate_chain<T: std::convert::Into<::bytes::Bytes>>(
935 mut self,
936 v: T,
937 ) -> Self {
938 self.attestation_certificate_chain = v.into();
939 self
940 }
941
942 /// Sets the value of [attestation_report][crate::model::nvidia_attestation::GpuInfo::attestation_report].
943 ///
944 /// # Example
945 /// ```ignore,no_run
946 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
947 /// let x = GpuInfo::new().set_attestation_report(bytes::Bytes::from_static(b"example"));
948 /// ```
949 pub fn set_attestation_report<T: std::convert::Into<::bytes::Bytes>>(
950 mut self,
951 v: T,
952 ) -> Self {
953 self.attestation_report = v.into();
954 self
955 }
956 }
957
958 impl wkt::message::Message for GpuInfo {
959 fn typename() -> &'static str {
960 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.GpuInfo"
961 }
962 }
963
964 /// SwitchInfo contains the attestation evidence for a NVSwitch device.
965 #[derive(Clone, Default, PartialEq)]
966 #[non_exhaustive]
967 pub struct SwitchInfo {
968 /// Optional. The UUID of the NVSwitch device.
969 pub uuid: std::string::String,
970
971 /// Optional. The raw attestation certificate chain for the NVSwitch device.
972 pub attestation_certificate_chain: ::bytes::Bytes,
973
974 /// Optional. The raw attestation report for the NvSwitch device.
975 /// This field contains SPDM request/response defined in
976 /// <https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.0.pdf>
977 pub attestation_report: ::bytes::Bytes,
978
979 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
980 }
981
982 impl SwitchInfo {
983 pub fn new() -> Self {
984 std::default::Default::default()
985 }
986
987 /// Sets the value of [uuid][crate::model::nvidia_attestation::SwitchInfo::uuid].
988 ///
989 /// # Example
990 /// ```ignore,no_run
991 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
992 /// let x = SwitchInfo::new().set_uuid("example");
993 /// ```
994 pub fn set_uuid<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
995 self.uuid = v.into();
996 self
997 }
998
999 /// Sets the value of [attestation_certificate_chain][crate::model::nvidia_attestation::SwitchInfo::attestation_certificate_chain].
1000 ///
1001 /// # Example
1002 /// ```ignore,no_run
1003 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1004 /// let x = SwitchInfo::new().set_attestation_certificate_chain(bytes::Bytes::from_static(b"example"));
1005 /// ```
1006 pub fn set_attestation_certificate_chain<T: std::convert::Into<::bytes::Bytes>>(
1007 mut self,
1008 v: T,
1009 ) -> Self {
1010 self.attestation_certificate_chain = v.into();
1011 self
1012 }
1013
1014 /// Sets the value of [attestation_report][crate::model::nvidia_attestation::SwitchInfo::attestation_report].
1015 ///
1016 /// # Example
1017 /// ```ignore,no_run
1018 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1019 /// let x = SwitchInfo::new().set_attestation_report(bytes::Bytes::from_static(b"example"));
1020 /// ```
1021 pub fn set_attestation_report<T: std::convert::Into<::bytes::Bytes>>(
1022 mut self,
1023 v: T,
1024 ) -> Self {
1025 self.attestation_report = v.into();
1026 self
1027 }
1028 }
1029
1030 impl wkt::message::Message for SwitchInfo {
1031 fn typename() -> &'static str {
1032 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.SwitchInfo"
1033 }
1034 }
1035
1036 /// Single GPU Passthrough (SPT) attestation.
1037 #[derive(Clone, Default, PartialEq)]
1038 #[non_exhaustive]
1039 pub struct SinglePassthroughAttestation {
1040 /// Optional. Single GPU quote.
1041 pub gpu_quote: std::option::Option<crate::model::nvidia_attestation::GpuInfo>,
1042
1043 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1044 }
1045
1046 impl SinglePassthroughAttestation {
1047 pub fn new() -> Self {
1048 std::default::Default::default()
1049 }
1050
1051 /// Sets the value of [gpu_quote][crate::model::nvidia_attestation::SinglePassthroughAttestation::gpu_quote].
1052 ///
1053 /// # Example
1054 /// ```ignore,no_run
1055 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
1056 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1057 /// let x = SinglePassthroughAttestation::new().set_gpu_quote(GpuInfo::default()/* use setters */);
1058 /// ```
1059 pub fn set_gpu_quote<T>(mut self, v: T) -> Self
1060 where
1061 T: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1062 {
1063 self.gpu_quote = std::option::Option::Some(v.into());
1064 self
1065 }
1066
1067 /// Sets or clears the value of [gpu_quote][crate::model::nvidia_attestation::SinglePassthroughAttestation::gpu_quote].
1068 ///
1069 /// # Example
1070 /// ```ignore,no_run
1071 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
1072 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1073 /// let x = SinglePassthroughAttestation::new().set_or_clear_gpu_quote(Some(GpuInfo::default()/* use setters */));
1074 /// let x = SinglePassthroughAttestation::new().set_or_clear_gpu_quote(None::<GpuInfo>);
1075 /// ```
1076 pub fn set_or_clear_gpu_quote<T>(mut self, v: std::option::Option<T>) -> Self
1077 where
1078 T: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1079 {
1080 self.gpu_quote = v.map(|x| x.into());
1081 self
1082 }
1083 }
1084
1085 impl wkt::message::Message for SinglePassthroughAttestation {
1086 fn typename() -> &'static str {
1087 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.SinglePassthroughAttestation"
1088 }
1089 }
1090
1091 /// Protected PCIe (PPCIE) attestation.
1092 /// Eight Hopper GPUs with Four NVSwitch Passthrough.
1093 #[derive(Clone, Default, PartialEq)]
1094 #[non_exhaustive]
1095 pub struct ProtectedPcieAttestation {
1096 /// Optional. A list of GPU infos.
1097 pub gpu_quotes: std::vec::Vec<crate::model::nvidia_attestation::GpuInfo>,
1098
1099 /// Optional. A list of SWITCH infos.
1100 pub switch_quotes: std::vec::Vec<crate::model::nvidia_attestation::SwitchInfo>,
1101
1102 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1103 }
1104
1105 impl ProtectedPcieAttestation {
1106 pub fn new() -> Self {
1107 std::default::Default::default()
1108 }
1109
1110 /// Sets the value of [gpu_quotes][crate::model::nvidia_attestation::ProtectedPcieAttestation::gpu_quotes].
1111 ///
1112 /// # Example
1113 /// ```ignore,no_run
1114 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
1115 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1116 /// let x = ProtectedPcieAttestation::new()
1117 /// .set_gpu_quotes([
1118 /// GpuInfo::default()/* use setters */,
1119 /// GpuInfo::default()/* use (different) setters */,
1120 /// ]);
1121 /// ```
1122 pub fn set_gpu_quotes<T, V>(mut self, v: T) -> Self
1123 where
1124 T: std::iter::IntoIterator<Item = V>,
1125 V: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1126 {
1127 use std::iter::Iterator;
1128 self.gpu_quotes = v.into_iter().map(|i| i.into()).collect();
1129 self
1130 }
1131
1132 /// Sets the value of [switch_quotes][crate::model::nvidia_attestation::ProtectedPcieAttestation::switch_quotes].
1133 ///
1134 /// # Example
1135 /// ```ignore,no_run
1136 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
1137 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1138 /// let x = ProtectedPcieAttestation::new()
1139 /// .set_switch_quotes([
1140 /// SwitchInfo::default()/* use setters */,
1141 /// SwitchInfo::default()/* use (different) setters */,
1142 /// ]);
1143 /// ```
1144 pub fn set_switch_quotes<T, V>(mut self, v: T) -> Self
1145 where
1146 T: std::iter::IntoIterator<Item = V>,
1147 V: std::convert::Into<crate::model::nvidia_attestation::SwitchInfo>,
1148 {
1149 use std::iter::Iterator;
1150 self.switch_quotes = v.into_iter().map(|i| i.into()).collect();
1151 self
1152 }
1153 }
1154
1155 impl wkt::message::Message for ProtectedPcieAttestation {
1156 fn typename() -> &'static str {
1157 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.ProtectedPcieAttestation"
1158 }
1159 }
1160
1161 /// MultiGpuSecurePassthroughAttestation contains the attestation evidence
1162 /// for a Multi-GPU Secure Passthrough (MPT) attestation.
1163 #[derive(Clone, Default, PartialEq)]
1164 #[non_exhaustive]
1165 pub struct MultiGpuSecurePassthroughAttestation {
1166 /// Optional. A list of GPU quotes.
1167 pub gpu_quotes: std::vec::Vec<crate::model::nvidia_attestation::GpuInfo>,
1168
1169 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1170 }
1171
1172 impl MultiGpuSecurePassthroughAttestation {
1173 pub fn new() -> Self {
1174 std::default::Default::default()
1175 }
1176
1177 /// Sets the value of [gpu_quotes][crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation::gpu_quotes].
1178 ///
1179 /// # Example
1180 /// ```ignore,no_run
1181 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation;
1182 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1183 /// let x = MultiGpuSecurePassthroughAttestation::new()
1184 /// .set_gpu_quotes([
1185 /// GpuInfo::default()/* use setters */,
1186 /// GpuInfo::default()/* use (different) setters */,
1187 /// ]);
1188 /// ```
1189 pub fn set_gpu_quotes<T, V>(mut self, v: T) -> Self
1190 where
1191 T: std::iter::IntoIterator<Item = V>,
1192 V: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1193 {
1194 use std::iter::Iterator;
1195 self.gpu_quotes = v.into_iter().map(|i| i.into()).collect();
1196 self
1197 }
1198 }
1199
1200 impl wkt::message::Message for MultiGpuSecurePassthroughAttestation {
1201 fn typename() -> &'static str {
1202 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.MultiGpuSecurePassthroughAttestation"
1203 }
1204 }
1205
1206 /// GpuArchitectureType enumerates the supported GPU architecture types.
1207 ///
1208 /// # Working with unknown values
1209 ///
1210 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
1211 /// additional enum variants at any time. Adding new variants is not considered
1212 /// a breaking change. Applications should write their code in anticipation of:
1213 ///
1214 /// - New values appearing in future releases of the client library, **and**
1215 /// - New values received dynamically, without application changes.
1216 ///
1217 /// Please consult the [Working with enums] section in the user guide for some
1218 /// guidelines.
1219 ///
1220 /// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
1221 #[derive(Clone, Debug, PartialEq)]
1222 #[non_exhaustive]
1223 pub enum GpuArchitectureType {
1224 /// Unspecified GPU architecture type.
1225 Unspecified,
1226 /// Hopper GPU architecture type.
1227 Hopper,
1228 /// Blackwell GPU architecture type.
1229 Blackwell,
1230 /// If set, the enum was initialized with an unknown value.
1231 ///
1232 /// Applications can examine the value using [GpuArchitectureType::value] or
1233 /// [GpuArchitectureType::name].
1234 UnknownValue(gpu_architecture_type::UnknownValue),
1235 }
1236
1237 #[doc(hidden)]
1238 pub mod gpu_architecture_type {
1239 #[allow(unused_imports)]
1240 use super::*;
1241 #[derive(Clone, Debug, PartialEq)]
1242 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
1243 }
1244
1245 impl GpuArchitectureType {
1246 /// Gets the enum value.
1247 ///
1248 /// Returns `None` if the enum contains an unknown value deserialized from
1249 /// the string representation of enums.
1250 pub fn value(&self) -> std::option::Option<i32> {
1251 match self {
1252 Self::Unspecified => std::option::Option::Some(0),
1253 Self::Hopper => std::option::Option::Some(8),
1254 Self::Blackwell => std::option::Option::Some(10),
1255 Self::UnknownValue(u) => u.0.value(),
1256 }
1257 }
1258
1259 /// Gets the enum value as a string.
1260 ///
1261 /// Returns `None` if the enum contains an unknown value deserialized from
1262 /// the integer representation of enums.
1263 pub fn name(&self) -> std::option::Option<&str> {
1264 match self {
1265 Self::Unspecified => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_UNSPECIFIED"),
1266 Self::Hopper => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_HOPPER"),
1267 Self::Blackwell => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_BLACKWELL"),
1268 Self::UnknownValue(u) => u.0.name(),
1269 }
1270 }
1271 }
1272
1273 impl std::default::Default for GpuArchitectureType {
1274 fn default() -> Self {
1275 use std::convert::From;
1276 Self::from(0)
1277 }
1278 }
1279
1280 impl std::fmt::Display for GpuArchitectureType {
1281 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
1282 wkt::internal::display_enum(f, self.name(), self.value())
1283 }
1284 }
1285
1286 impl std::convert::From<i32> for GpuArchitectureType {
1287 fn from(value: i32) -> Self {
1288 match value {
1289 0 => Self::Unspecified,
1290 8 => Self::Hopper,
1291 10 => Self::Blackwell,
1292 _ => Self::UnknownValue(gpu_architecture_type::UnknownValue(
1293 wkt::internal::UnknownEnumValue::Integer(value),
1294 )),
1295 }
1296 }
1297 }
1298
1299 impl std::convert::From<&str> for GpuArchitectureType {
1300 fn from(value: &str) -> Self {
1301 use std::string::ToString;
1302 match value {
1303 "GPU_ARCHITECTURE_TYPE_UNSPECIFIED" => Self::Unspecified,
1304 "GPU_ARCHITECTURE_TYPE_HOPPER" => Self::Hopper,
1305 "GPU_ARCHITECTURE_TYPE_BLACKWELL" => Self::Blackwell,
1306 _ => Self::UnknownValue(gpu_architecture_type::UnknownValue(
1307 wkt::internal::UnknownEnumValue::String(value.to_string()),
1308 )),
1309 }
1310 }
1311 }
1312
1313 impl serde::ser::Serialize for GpuArchitectureType {
1314 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
1315 where
1316 S: serde::Serializer,
1317 {
1318 match self {
1319 Self::Unspecified => serializer.serialize_i32(0),
1320 Self::Hopper => serializer.serialize_i32(8),
1321 Self::Blackwell => serializer.serialize_i32(10),
1322 Self::UnknownValue(u) => u.0.serialize(serializer),
1323 }
1324 }
1325 }
1326
1327 impl<'de> serde::de::Deserialize<'de> for GpuArchitectureType {
1328 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
1329 where
1330 D: serde::Deserializer<'de>,
1331 {
1332 deserializer.deserialize_any(wkt::internal::EnumVisitor::<GpuArchitectureType>::new(
1333 ".google.cloud.confidentialcomputing.v1.NvidiaAttestation.GpuArchitectureType",
1334 ))
1335 }
1336 }
1337
1338 /// The Confidential Computing feature that the attestation is for.
1339 #[derive(Clone, Debug, PartialEq)]
1340 #[non_exhaustive]
1341 pub enum CcFeature {
1342 /// Single GPU Passthrough (SPT) attestation.
1343 Spt(std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>),
1344 /// Protected PCIe (PPCIE) attestation.
1345 Ppcie(std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>),
1346 /// Multi-GPU Secure Passthrough (MPT) attestation.
1347 Mpt(
1348 std::boxed::Box<crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation>,
1349 ),
1350 }
1351}
1352
1353/// A TDX Attestation quote.
1354#[derive(Clone, Default, PartialEq)]
1355#[non_exhaustive]
1356pub struct TdxCcelAttestation {
1357 /// Optional. The Confidential Computing Event Log (CCEL) ACPI table. Formatted
1358 /// as described in the ACPI Specification 6.5.
1359 pub ccel_acpi_table: ::bytes::Bytes,
1360
1361 /// Optional. The CCEL event log. Formatted as described in the UEFI 2.10.
1362 pub ccel_data: ::bytes::Bytes,
1363
1364 /// Optional. An Event Log containing additional events measured into the RTMR
1365 /// that are not already present in the CCEL.
1366 pub canonical_event_log: ::bytes::Bytes,
1367
1368 /// Optional. The TDX attestation quote from the guest. It contains the RTMR
1369 /// values.
1370 pub td_quote: ::bytes::Bytes,
1371
1372 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1373}
1374
1375impl TdxCcelAttestation {
1376 pub fn new() -> Self {
1377 std::default::Default::default()
1378 }
1379
1380 /// Sets the value of [ccel_acpi_table][crate::model::TdxCcelAttestation::ccel_acpi_table].
1381 ///
1382 /// # Example
1383 /// ```ignore,no_run
1384 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1385 /// let x = TdxCcelAttestation::new().set_ccel_acpi_table(bytes::Bytes::from_static(b"example"));
1386 /// ```
1387 pub fn set_ccel_acpi_table<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1388 self.ccel_acpi_table = v.into();
1389 self
1390 }
1391
1392 /// Sets the value of [ccel_data][crate::model::TdxCcelAttestation::ccel_data].
1393 ///
1394 /// # Example
1395 /// ```ignore,no_run
1396 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1397 /// let x = TdxCcelAttestation::new().set_ccel_data(bytes::Bytes::from_static(b"example"));
1398 /// ```
1399 pub fn set_ccel_data<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1400 self.ccel_data = v.into();
1401 self
1402 }
1403
1404 /// Sets the value of [canonical_event_log][crate::model::TdxCcelAttestation::canonical_event_log].
1405 ///
1406 /// # Example
1407 /// ```ignore,no_run
1408 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1409 /// let x = TdxCcelAttestation::new().set_canonical_event_log(bytes::Bytes::from_static(b"example"));
1410 /// ```
1411 pub fn set_canonical_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1412 self.canonical_event_log = v.into();
1413 self
1414 }
1415
1416 /// Sets the value of [td_quote][crate::model::TdxCcelAttestation::td_quote].
1417 ///
1418 /// # Example
1419 /// ```ignore,no_run
1420 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1421 /// let x = TdxCcelAttestation::new().set_td_quote(bytes::Bytes::from_static(b"example"));
1422 /// ```
1423 pub fn set_td_quote<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1424 self.td_quote = v.into();
1425 self
1426 }
1427}
1428
1429impl wkt::message::Message for TdxCcelAttestation {
1430 fn typename() -> &'static str {
1431 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TdxCcelAttestation"
1432 }
1433}
1434
1435/// An SEV-SNP Attestation Report.
1436/// Contains the attestation report and the certificate bundle that the client
1437/// collects.
1438#[derive(Clone, Default, PartialEq)]
1439#[non_exhaustive]
1440pub struct SevSnpAttestation {
1441 /// Optional. The SEV-SNP Attestation Report
1442 /// Format is in revision 1.55, §7.3 Attestation, Table 22. ATTESTATION_REPORT
1443 /// Structure in this document:
1444 /// <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf>
1445 pub report: ::bytes::Bytes,
1446
1447 /// Optional. Certificate bundle defined in the GHCB protocol definition
1448 /// Format is documented in GHCB revision 2.03, section 4.1.8.1 struct
1449 /// cert_table in this document:
1450 /// <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf>
1451 pub aux_blob: ::bytes::Bytes,
1452
1453 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1454}
1455
1456impl SevSnpAttestation {
1457 pub fn new() -> Self {
1458 std::default::Default::default()
1459 }
1460
1461 /// Sets the value of [report][crate::model::SevSnpAttestation::report].
1462 ///
1463 /// # Example
1464 /// ```ignore,no_run
1465 /// # use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
1466 /// let x = SevSnpAttestation::new().set_report(bytes::Bytes::from_static(b"example"));
1467 /// ```
1468 pub fn set_report<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1469 self.report = v.into();
1470 self
1471 }
1472
1473 /// Sets the value of [aux_blob][crate::model::SevSnpAttestation::aux_blob].
1474 ///
1475 /// # Example
1476 /// ```ignore,no_run
1477 /// # use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
1478 /// let x = SevSnpAttestation::new().set_aux_blob(bytes::Bytes::from_static(b"example"));
1479 /// ```
1480 pub fn set_aux_blob<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1481 self.aux_blob = v.into();
1482 self
1483 }
1484}
1485
1486impl wkt::message::Message for SevSnpAttestation {
1487 fn typename() -> &'static str {
1488 "type.googleapis.com/google.cloud.confidentialcomputing.v1.SevSnpAttestation"
1489 }
1490}
1491
1492/// A response once an attestation has been successfully verified, containing a
1493/// signed attestation token.
1494#[derive(Clone, Default, PartialEq)]
1495#[non_exhaustive]
1496pub struct VerifyAttestationResponse {
1497 /// Output only. Same as claims_token, but as a string.
1498 pub oidc_claims_token: std::string::String,
1499
1500 /// Output only. A list of messages that carry the partial error details
1501 /// related to VerifyAttestation.
1502 pub partial_errors: std::vec::Vec<google_cloud_rpc::model::Status>,
1503
1504 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1505}
1506
1507impl VerifyAttestationResponse {
1508 pub fn new() -> Self {
1509 std::default::Default::default()
1510 }
1511
1512 /// Sets the value of [oidc_claims_token][crate::model::VerifyAttestationResponse::oidc_claims_token].
1513 ///
1514 /// # Example
1515 /// ```ignore,no_run
1516 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationResponse;
1517 /// let x = VerifyAttestationResponse::new().set_oidc_claims_token("example");
1518 /// ```
1519 pub fn set_oidc_claims_token<T: std::convert::Into<std::string::String>>(
1520 mut self,
1521 v: T,
1522 ) -> Self {
1523 self.oidc_claims_token = v.into();
1524 self
1525 }
1526
1527 /// Sets the value of [partial_errors][crate::model::VerifyAttestationResponse::partial_errors].
1528 ///
1529 /// # Example
1530 /// ```ignore,no_run
1531 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationResponse;
1532 /// use google_cloud_rpc::model::Status;
1533 /// let x = VerifyAttestationResponse::new()
1534 /// .set_partial_errors([
1535 /// Status::default()/* use setters */,
1536 /// Status::default()/* use (different) setters */,
1537 /// ]);
1538 /// ```
1539 pub fn set_partial_errors<T, V>(mut self, v: T) -> Self
1540 where
1541 T: std::iter::IntoIterator<Item = V>,
1542 V: std::convert::Into<google_cloud_rpc::model::Status>,
1543 {
1544 use std::iter::Iterator;
1545 self.partial_errors = v.into_iter().map(|i| i.into()).collect();
1546 self
1547 }
1548}
1549
1550impl wkt::message::Message for VerifyAttestationResponse {
1551 fn typename() -> &'static str {
1552 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyAttestationResponse"
1553 }
1554}
1555
1556/// Credentials issued by GCP which are linked to the platform attestation. These
1557/// will be verified server-side as part of attestaion verification.
1558#[derive(Clone, Default, PartialEq)]
1559#[non_exhaustive]
1560pub struct GcpCredentials {
1561 /// Same as id_tokens, but as a string.
1562 pub service_account_id_tokens: std::vec::Vec<std::string::String>,
1563
1564 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1565}
1566
1567impl GcpCredentials {
1568 pub fn new() -> Self {
1569 std::default::Default::default()
1570 }
1571
1572 /// Sets the value of [service_account_id_tokens][crate::model::GcpCredentials::service_account_id_tokens].
1573 ///
1574 /// # Example
1575 /// ```ignore,no_run
1576 /// # use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
1577 /// let x = GcpCredentials::new().set_service_account_id_tokens(["a", "b", "c"]);
1578 /// ```
1579 pub fn set_service_account_id_tokens<T, V>(mut self, v: T) -> Self
1580 where
1581 T: std::iter::IntoIterator<Item = V>,
1582 V: std::convert::Into<std::string::String>,
1583 {
1584 use std::iter::Iterator;
1585 self.service_account_id_tokens = v.into_iter().map(|i| i.into()).collect();
1586 self
1587 }
1588}
1589
1590impl wkt::message::Message for GcpCredentials {
1591 fn typename() -> &'static str {
1592 "type.googleapis.com/google.cloud.confidentialcomputing.v1.GcpCredentials"
1593 }
1594}
1595
1596/// Options to modify claims in the token to generate custom-purpose tokens.
1597#[derive(Clone, Default, PartialEq)]
1598#[non_exhaustive]
1599pub struct TokenOptions {
1600 /// Optional. Optional string to issue the token with a custom audience claim.
1601 /// Required if one or more nonces are specified.
1602 pub audience: std::string::String,
1603
1604 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
1605 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
1606 /// bytes and the maximum size is 74 bytes.
1607 pub nonce: std::vec::Vec<std::string::String>,
1608
1609 /// Optional. Optional token type to select what type of token to return.
1610 pub token_type: crate::model::TokenType,
1611
1612 /// An optional additional configuration per token type.
1613 pub token_type_options: std::option::Option<crate::model::token_options::TokenTypeOptions>,
1614
1615 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1616}
1617
1618impl TokenOptions {
1619 pub fn new() -> Self {
1620 std::default::Default::default()
1621 }
1622
1623 /// Sets the value of [audience][crate::model::TokenOptions::audience].
1624 ///
1625 /// # Example
1626 /// ```ignore,no_run
1627 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1628 /// let x = TokenOptions::new().set_audience("example");
1629 /// ```
1630 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1631 self.audience = v.into();
1632 self
1633 }
1634
1635 /// Sets the value of [nonce][crate::model::TokenOptions::nonce].
1636 ///
1637 /// # Example
1638 /// ```ignore,no_run
1639 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1640 /// let x = TokenOptions::new().set_nonce(["a", "b", "c"]);
1641 /// ```
1642 pub fn set_nonce<T, V>(mut self, v: T) -> Self
1643 where
1644 T: std::iter::IntoIterator<Item = V>,
1645 V: std::convert::Into<std::string::String>,
1646 {
1647 use std::iter::Iterator;
1648 self.nonce = v.into_iter().map(|i| i.into()).collect();
1649 self
1650 }
1651
1652 /// Sets the value of [token_type][crate::model::TokenOptions::token_type].
1653 ///
1654 /// # Example
1655 /// ```ignore,no_run
1656 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1657 /// use google_cloud_confidentialcomputing_v1::model::TokenType;
1658 /// let x0 = TokenOptions::new().set_token_type(TokenType::Oidc);
1659 /// let x1 = TokenOptions::new().set_token_type(TokenType::Pki);
1660 /// let x2 = TokenOptions::new().set_token_type(TokenType::LimitedAws);
1661 /// ```
1662 pub fn set_token_type<T: std::convert::Into<crate::model::TokenType>>(mut self, v: T) -> Self {
1663 self.token_type = v.into();
1664 self
1665 }
1666
1667 /// Sets the value of [token_type_options][crate::model::TokenOptions::token_type_options].
1668 ///
1669 /// Note that all the setters affecting `token_type_options` are mutually
1670 /// exclusive.
1671 ///
1672 /// # Example
1673 /// ```ignore,no_run
1674 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1675 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1676 /// let x = TokenOptions::new().set_token_type_options(Some(
1677 /// google_cloud_confidentialcomputing_v1::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(AwsPrincipalTagsOptions::default().into())));
1678 /// ```
1679 pub fn set_token_type_options<
1680 T: std::convert::Into<std::option::Option<crate::model::token_options::TokenTypeOptions>>,
1681 >(
1682 mut self,
1683 v: T,
1684 ) -> Self {
1685 self.token_type_options = v.into();
1686 self
1687 }
1688
1689 /// The value of [token_type_options][crate::model::TokenOptions::token_type_options]
1690 /// if it holds a `AwsPrincipalTagsOptions`, `None` if the field is not set or
1691 /// holds a different branch.
1692 pub fn aws_principal_tags_options(
1693 &self,
1694 ) -> std::option::Option<&std::boxed::Box<crate::model::AwsPrincipalTagsOptions>> {
1695 #[allow(unreachable_patterns)]
1696 self.token_type_options.as_ref().and_then(|v| match v {
1697 crate::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(v) => {
1698 std::option::Option::Some(v)
1699 }
1700 _ => std::option::Option::None,
1701 })
1702 }
1703
1704 /// Sets the value of [token_type_options][crate::model::TokenOptions::token_type_options]
1705 /// to hold a `AwsPrincipalTagsOptions`.
1706 ///
1707 /// Note that all the setters affecting `token_type_options` are
1708 /// mutually exclusive.
1709 ///
1710 /// # Example
1711 /// ```ignore,no_run
1712 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1713 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1714 /// let x = TokenOptions::new().set_aws_principal_tags_options(AwsPrincipalTagsOptions::default()/* use setters */);
1715 /// assert!(x.aws_principal_tags_options().is_some());
1716 /// ```
1717 pub fn set_aws_principal_tags_options<
1718 T: std::convert::Into<std::boxed::Box<crate::model::AwsPrincipalTagsOptions>>,
1719 >(
1720 mut self,
1721 v: T,
1722 ) -> Self {
1723 self.token_type_options = std::option::Option::Some(
1724 crate::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(v.into()),
1725 );
1726 self
1727 }
1728}
1729
1730impl wkt::message::Message for TokenOptions {
1731 fn typename() -> &'static str {
1732 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TokenOptions"
1733 }
1734}
1735
1736/// Defines additional types related to [TokenOptions].
1737pub mod token_options {
1738 #[allow(unused_imports)]
1739 use super::*;
1740
1741 /// An optional additional configuration per token type.
1742 #[derive(Clone, Debug, PartialEq)]
1743 #[non_exhaustive]
1744 pub enum TokenTypeOptions {
1745 /// Optional. Options for AWS token type.
1746 AwsPrincipalTagsOptions(std::boxed::Box<crate::model::AwsPrincipalTagsOptions>),
1747 }
1748}
1749
1750/// Token options that only apply to the AWS Principal Tags token type.
1751#[derive(Clone, Default, PartialEq)]
1752#[non_exhaustive]
1753pub struct AwsPrincipalTagsOptions {
1754 /// Optional. Principal tags to allow in the token.
1755 pub allowed_principal_tags:
1756 std::option::Option<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1757
1758 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1759}
1760
1761impl AwsPrincipalTagsOptions {
1762 pub fn new() -> Self {
1763 std::default::Default::default()
1764 }
1765
1766 /// Sets the value of [allowed_principal_tags][crate::model::AwsPrincipalTagsOptions::allowed_principal_tags].
1767 ///
1768 /// # Example
1769 /// ```ignore,no_run
1770 /// # use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1771 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1772 /// let x = AwsPrincipalTagsOptions::new().set_allowed_principal_tags(AllowedPrincipalTags::default()/* use setters */);
1773 /// ```
1774 pub fn set_allowed_principal_tags<T>(mut self, v: T) -> Self
1775 where
1776 T: std::convert::Into<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1777 {
1778 self.allowed_principal_tags = std::option::Option::Some(v.into());
1779 self
1780 }
1781
1782 /// Sets or clears the value of [allowed_principal_tags][crate::model::AwsPrincipalTagsOptions::allowed_principal_tags].
1783 ///
1784 /// # Example
1785 /// ```ignore,no_run
1786 /// # use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1787 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1788 /// let x = AwsPrincipalTagsOptions::new().set_or_clear_allowed_principal_tags(Some(AllowedPrincipalTags::default()/* use setters */));
1789 /// let x = AwsPrincipalTagsOptions::new().set_or_clear_allowed_principal_tags(None::<AllowedPrincipalTags>);
1790 /// ```
1791 pub fn set_or_clear_allowed_principal_tags<T>(mut self, v: std::option::Option<T>) -> Self
1792 where
1793 T: std::convert::Into<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1794 {
1795 self.allowed_principal_tags = v.map(|x| x.into());
1796 self
1797 }
1798}
1799
1800impl wkt::message::Message for AwsPrincipalTagsOptions {
1801 fn typename() -> &'static str {
1802 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions"
1803 }
1804}
1805
1806/// Defines additional types related to [AwsPrincipalTagsOptions].
1807pub mod aws_principal_tags_options {
1808 #[allow(unused_imports)]
1809 use super::*;
1810
1811 /// Allowed principal tags is used to define what principal tags will be
1812 /// placed in the token.
1813 #[derive(Clone, Default, PartialEq)]
1814 #[non_exhaustive]
1815 pub struct AllowedPrincipalTags {
1816
1817 /// Optional. Container image signatures allowed in the token.
1818 pub container_image_signatures: std::option::Option<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>,
1819
1820 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1821 }
1822
1823 impl AllowedPrincipalTags {
1824 pub fn new() -> Self {
1825 std::default::Default::default()
1826 }
1827
1828 /// Sets the value of [container_image_signatures][crate::model::aws_principal_tags_options::AllowedPrincipalTags::container_image_signatures].
1829 ///
1830 /// # Example
1831 /// ```ignore,no_run
1832 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1833 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1834 /// let x = AllowedPrincipalTags::new().set_container_image_signatures(ContainerImageSignatures::default()/* use setters */);
1835 /// ```
1836 pub fn set_container_image_signatures<T>(mut self, v: T) -> Self
1837 where T: std::convert::Into<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>
1838 {
1839 self.container_image_signatures = std::option::Option::Some(v.into());
1840 self
1841 }
1842
1843 /// Sets or clears the value of [container_image_signatures][crate::model::aws_principal_tags_options::AllowedPrincipalTags::container_image_signatures].
1844 ///
1845 /// # Example
1846 /// ```ignore,no_run
1847 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1848 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1849 /// let x = AllowedPrincipalTags::new().set_or_clear_container_image_signatures(Some(ContainerImageSignatures::default()/* use setters */));
1850 /// let x = AllowedPrincipalTags::new().set_or_clear_container_image_signatures(None::<ContainerImageSignatures>);
1851 /// ```
1852 pub fn set_or_clear_container_image_signatures<T>(mut self, v: std::option::Option<T>) -> Self
1853 where T: std::convert::Into<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>
1854 {
1855 self.container_image_signatures = v.map(|x| x.into());
1856 self
1857 }
1858 }
1859
1860 impl wkt::message::Message for AllowedPrincipalTags {
1861 fn typename() -> &'static str {
1862 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions.AllowedPrincipalTags"
1863 }
1864 }
1865
1866 /// Defines additional types related to [AllowedPrincipalTags].
1867 pub mod allowed_principal_tags {
1868 #[allow(unused_imports)]
1869 use super::*;
1870
1871 /// Allowed Container Image Signatures. Key IDs are required to allow
1872 /// this claim to fit within the narrow AWS IAM restrictions.
1873 #[derive(Clone, Default, PartialEq)]
1874 #[non_exhaustive]
1875 pub struct ContainerImageSignatures {
1876 /// Optional. List of key ids to filter into the Principal tags. Only keys
1877 /// that have been validated and added to the token will be filtered into
1878 /// principal tags. Unrecognized key ids will be ignored.
1879 pub key_ids: std::vec::Vec<std::string::String>,
1880
1881 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1882 }
1883
1884 impl ContainerImageSignatures {
1885 pub fn new() -> Self {
1886 std::default::Default::default()
1887 }
1888
1889 /// Sets the value of [key_ids][crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures::key_ids].
1890 ///
1891 /// # Example
1892 /// ```ignore,no_run
1893 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1894 /// let x = ContainerImageSignatures::new().set_key_ids(["a", "b", "c"]);
1895 /// ```
1896 pub fn set_key_ids<T, V>(mut self, v: T) -> Self
1897 where
1898 T: std::iter::IntoIterator<Item = V>,
1899 V: std::convert::Into<std::string::String>,
1900 {
1901 use std::iter::Iterator;
1902 self.key_ids = v.into_iter().map(|i| i.into()).collect();
1903 self
1904 }
1905 }
1906
1907 impl wkt::message::Message for ContainerImageSignatures {
1908 fn typename() -> &'static str {
1909 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions.AllowedPrincipalTags.ContainerImageSignatures"
1910 }
1911 }
1912 }
1913}
1914
1915/// TPM2 data containing everything necessary to validate any platform state
1916/// measured into the TPM.
1917#[derive(Clone, Default, PartialEq)]
1918#[non_exhaustive]
1919pub struct TpmAttestation {
1920 /// TPM2 PCR Quotes generated by calling TPM2_Quote on each PCR bank.
1921 pub quotes: std::vec::Vec<crate::model::tpm_attestation::Quote>,
1922
1923 /// The binary TCG Event Log containing events measured into the TPM by the
1924 /// platform firmware and operating system. Formatted as described in the
1925 /// "TCG PC Client Platform Firmware Profile Specification".
1926 pub tcg_event_log: ::bytes::Bytes,
1927
1928 /// An Event Log containing additional events measured into the TPM that are
1929 /// not already present in the tcg_event_log. Formatted as described in the
1930 /// "Canonical Event Log Format" TCG Specification.
1931 pub canonical_event_log: ::bytes::Bytes,
1932
1933 /// DER-encoded X.509 certificate of the Attestation Key (otherwise known as
1934 /// an AK or a TPM restricted signing key) used to generate the quotes.
1935 pub ak_cert: ::bytes::Bytes,
1936
1937 /// List of DER-encoded X.509 certificates which, together with the ak_cert,
1938 /// chain back to a trusted Root Certificate.
1939 pub cert_chain: std::vec::Vec<::bytes::Bytes>,
1940
1941 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1942}
1943
1944impl TpmAttestation {
1945 pub fn new() -> Self {
1946 std::default::Default::default()
1947 }
1948
1949 /// Sets the value of [quotes][crate::model::TpmAttestation::quotes].
1950 ///
1951 /// # Example
1952 /// ```ignore,no_run
1953 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1954 /// use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
1955 /// let x = TpmAttestation::new()
1956 /// .set_quotes([
1957 /// Quote::default()/* use setters */,
1958 /// Quote::default()/* use (different) setters */,
1959 /// ]);
1960 /// ```
1961 pub fn set_quotes<T, V>(mut self, v: T) -> Self
1962 where
1963 T: std::iter::IntoIterator<Item = V>,
1964 V: std::convert::Into<crate::model::tpm_attestation::Quote>,
1965 {
1966 use std::iter::Iterator;
1967 self.quotes = v.into_iter().map(|i| i.into()).collect();
1968 self
1969 }
1970
1971 /// Sets the value of [tcg_event_log][crate::model::TpmAttestation::tcg_event_log].
1972 ///
1973 /// # Example
1974 /// ```ignore,no_run
1975 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1976 /// let x = TpmAttestation::new().set_tcg_event_log(bytes::Bytes::from_static(b"example"));
1977 /// ```
1978 pub fn set_tcg_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1979 self.tcg_event_log = v.into();
1980 self
1981 }
1982
1983 /// Sets the value of [canonical_event_log][crate::model::TpmAttestation::canonical_event_log].
1984 ///
1985 /// # Example
1986 /// ```ignore,no_run
1987 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1988 /// let x = TpmAttestation::new().set_canonical_event_log(bytes::Bytes::from_static(b"example"));
1989 /// ```
1990 pub fn set_canonical_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1991 self.canonical_event_log = v.into();
1992 self
1993 }
1994
1995 /// Sets the value of [ak_cert][crate::model::TpmAttestation::ak_cert].
1996 ///
1997 /// # Example
1998 /// ```ignore,no_run
1999 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2000 /// let x = TpmAttestation::new().set_ak_cert(bytes::Bytes::from_static(b"example"));
2001 /// ```
2002 pub fn set_ak_cert<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2003 self.ak_cert = v.into();
2004 self
2005 }
2006
2007 /// Sets the value of [cert_chain][crate::model::TpmAttestation::cert_chain].
2008 ///
2009 /// # Example
2010 /// ```ignore,no_run
2011 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2012 /// let b1 = bytes::Bytes::from_static(b"abc");
2013 /// let b2 = bytes::Bytes::from_static(b"xyz");
2014 /// let x = TpmAttestation::new().set_cert_chain([b1, b2]);
2015 /// ```
2016 pub fn set_cert_chain<T, V>(mut self, v: T) -> Self
2017 where
2018 T: std::iter::IntoIterator<Item = V>,
2019 V: std::convert::Into<::bytes::Bytes>,
2020 {
2021 use std::iter::Iterator;
2022 self.cert_chain = v.into_iter().map(|i| i.into()).collect();
2023 self
2024 }
2025}
2026
2027impl wkt::message::Message for TpmAttestation {
2028 fn typename() -> &'static str {
2029 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TpmAttestation"
2030 }
2031}
2032
2033/// Defines additional types related to [TpmAttestation].
2034pub mod tpm_attestation {
2035 #[allow(unused_imports)]
2036 use super::*;
2037
2038 /// Information about Platform Control Registers (PCRs) including a signature
2039 /// over their values, which can be used for remote validation.
2040 #[derive(Clone, Default, PartialEq)]
2041 #[non_exhaustive]
2042 pub struct Quote {
2043 /// The hash algorithm of the PCR bank being quoted, encoded as a TPM_ALG_ID
2044 pub hash_algo: i32,
2045
2046 /// Raw binary values of each PCRs being quoted.
2047 pub pcr_values: std::collections::HashMap<i32, ::bytes::Bytes>,
2048
2049 /// TPM2 quote, encoded as a TPMS_ATTEST
2050 pub raw_quote: ::bytes::Bytes,
2051
2052 /// TPM2 signature, encoded as a TPMT_SIGNATURE
2053 pub raw_signature: ::bytes::Bytes,
2054
2055 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2056 }
2057
2058 impl Quote {
2059 pub fn new() -> Self {
2060 std::default::Default::default()
2061 }
2062
2063 /// Sets the value of [hash_algo][crate::model::tpm_attestation::Quote::hash_algo].
2064 ///
2065 /// # Example
2066 /// ```ignore,no_run
2067 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2068 /// let x = Quote::new().set_hash_algo(42);
2069 /// ```
2070 pub fn set_hash_algo<T: std::convert::Into<i32>>(mut self, v: T) -> Self {
2071 self.hash_algo = v.into();
2072 self
2073 }
2074
2075 /// Sets the value of [pcr_values][crate::model::tpm_attestation::Quote::pcr_values].
2076 ///
2077 /// # Example
2078 /// ```ignore,no_run
2079 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2080 /// let x = Quote::new().set_pcr_values([
2081 /// (0, bytes::Bytes::from_static(b"abc")),
2082 /// (1, bytes::Bytes::from_static(b"xyz")),
2083 /// ]);
2084 /// ```
2085 pub fn set_pcr_values<T, K, V>(mut self, v: T) -> Self
2086 where
2087 T: std::iter::IntoIterator<Item = (K, V)>,
2088 K: std::convert::Into<i32>,
2089 V: std::convert::Into<::bytes::Bytes>,
2090 {
2091 use std::iter::Iterator;
2092 self.pcr_values = v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
2093 self
2094 }
2095
2096 /// Sets the value of [raw_quote][crate::model::tpm_attestation::Quote::raw_quote].
2097 ///
2098 /// # Example
2099 /// ```ignore,no_run
2100 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2101 /// let x = Quote::new().set_raw_quote(bytes::Bytes::from_static(b"example"));
2102 /// ```
2103 pub fn set_raw_quote<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2104 self.raw_quote = v.into();
2105 self
2106 }
2107
2108 /// Sets the value of [raw_signature][crate::model::tpm_attestation::Quote::raw_signature].
2109 ///
2110 /// # Example
2111 /// ```ignore,no_run
2112 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2113 /// let x = Quote::new().set_raw_signature(bytes::Bytes::from_static(b"example"));
2114 /// ```
2115 pub fn set_raw_signature<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2116 self.raw_signature = v.into();
2117 self
2118 }
2119 }
2120
2121 impl wkt::message::Message for Quote {
2122 fn typename() -> &'static str {
2123 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TpmAttestation.Quote"
2124 }
2125 }
2126}
2127
2128/// ConfidentialSpaceInfo contains information related to the Confidential Space
2129/// TEE.
2130#[derive(Clone, Default, PartialEq)]
2131#[non_exhaustive]
2132pub struct ConfidentialSpaceInfo {
2133 /// Optional. A list of signed entities containing container image signatures
2134 /// that can be used for server-side signature verification.
2135 pub signed_entities: std::vec::Vec<crate::model::SignedEntity>,
2136
2137 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2138}
2139
2140impl ConfidentialSpaceInfo {
2141 pub fn new() -> Self {
2142 std::default::Default::default()
2143 }
2144
2145 /// Sets the value of [signed_entities][crate::model::ConfidentialSpaceInfo::signed_entities].
2146 ///
2147 /// # Example
2148 /// ```ignore,no_run
2149 /// # use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
2150 /// use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2151 /// let x = ConfidentialSpaceInfo::new()
2152 /// .set_signed_entities([
2153 /// SignedEntity::default()/* use setters */,
2154 /// SignedEntity::default()/* use (different) setters */,
2155 /// ]);
2156 /// ```
2157 pub fn set_signed_entities<T, V>(mut self, v: T) -> Self
2158 where
2159 T: std::iter::IntoIterator<Item = V>,
2160 V: std::convert::Into<crate::model::SignedEntity>,
2161 {
2162 use std::iter::Iterator;
2163 self.signed_entities = v.into_iter().map(|i| i.into()).collect();
2164 self
2165 }
2166}
2167
2168impl wkt::message::Message for ConfidentialSpaceInfo {
2169 fn typename() -> &'static str {
2170 "type.googleapis.com/google.cloud.confidentialcomputing.v1.ConfidentialSpaceInfo"
2171 }
2172}
2173
2174/// SignedEntity represents an OCI image object containing everything necessary
2175/// to verify container image signatures.
2176#[derive(Clone, Default, PartialEq)]
2177#[non_exhaustive]
2178pub struct SignedEntity {
2179 /// Optional. A list of container image signatures attached to an OCI image
2180 /// object.
2181 pub container_image_signatures: std::vec::Vec<crate::model::ContainerImageSignature>,
2182
2183 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2184}
2185
2186impl SignedEntity {
2187 pub fn new() -> Self {
2188 std::default::Default::default()
2189 }
2190
2191 /// Sets the value of [container_image_signatures][crate::model::SignedEntity::container_image_signatures].
2192 ///
2193 /// # Example
2194 /// ```ignore,no_run
2195 /// # use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2196 /// use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2197 /// let x = SignedEntity::new()
2198 /// .set_container_image_signatures([
2199 /// ContainerImageSignature::default()/* use setters */,
2200 /// ContainerImageSignature::default()/* use (different) setters */,
2201 /// ]);
2202 /// ```
2203 pub fn set_container_image_signatures<T, V>(mut self, v: T) -> Self
2204 where
2205 T: std::iter::IntoIterator<Item = V>,
2206 V: std::convert::Into<crate::model::ContainerImageSignature>,
2207 {
2208 use std::iter::Iterator;
2209 self.container_image_signatures = v.into_iter().map(|i| i.into()).collect();
2210 self
2211 }
2212}
2213
2214impl wkt::message::Message for SignedEntity {
2215 fn typename() -> &'static str {
2216 "type.googleapis.com/google.cloud.confidentialcomputing.v1.SignedEntity"
2217 }
2218}
2219
2220/// ContainerImageSignature holds necessary metadata to verify a container image
2221/// signature.
2222#[derive(Clone, Default, PartialEq)]
2223#[non_exhaustive]
2224pub struct ContainerImageSignature {
2225 /// Optional. The binary signature payload following the SimpleSigning format
2226 /// <https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md#simple-signing>.
2227 /// This payload includes the container image digest.
2228 pub payload: ::bytes::Bytes,
2229
2230 /// Optional. A signature over the payload.
2231 /// The container image digest is incorporated into the signature as follows:
2232 ///
2233 /// 1. Generate a SimpleSigning format payload that includes the container
2234 /// image digest.
2235 /// 1. Generate a signature over SHA256 digest of the payload.
2236 /// The signature generation process can be represented as follows:
2237 /// `Sign(sha256(SimpleSigningPayload(sha256(Image Manifest))))`
2238 pub signature: ::bytes::Bytes,
2239
2240 /// Optional. Reserved for future use.
2241 pub public_key: ::bytes::Bytes,
2242
2243 /// Optional. Reserved for future use.
2244 pub sig_alg: crate::model::SigningAlgorithm,
2245
2246 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2247}
2248
2249impl ContainerImageSignature {
2250 pub fn new() -> Self {
2251 std::default::Default::default()
2252 }
2253
2254 /// Sets the value of [payload][crate::model::ContainerImageSignature::payload].
2255 ///
2256 /// # Example
2257 /// ```ignore,no_run
2258 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2259 /// let x = ContainerImageSignature::new().set_payload(bytes::Bytes::from_static(b"example"));
2260 /// ```
2261 pub fn set_payload<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2262 self.payload = v.into();
2263 self
2264 }
2265
2266 /// Sets the value of [signature][crate::model::ContainerImageSignature::signature].
2267 ///
2268 /// # Example
2269 /// ```ignore,no_run
2270 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2271 /// let x = ContainerImageSignature::new().set_signature(bytes::Bytes::from_static(b"example"));
2272 /// ```
2273 pub fn set_signature<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2274 self.signature = v.into();
2275 self
2276 }
2277
2278 /// Sets the value of [public_key][crate::model::ContainerImageSignature::public_key].
2279 ///
2280 /// # Example
2281 /// ```ignore,no_run
2282 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2283 /// let x = ContainerImageSignature::new().set_public_key(bytes::Bytes::from_static(b"example"));
2284 /// ```
2285 pub fn set_public_key<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2286 self.public_key = v.into();
2287 self
2288 }
2289
2290 /// Sets the value of [sig_alg][crate::model::ContainerImageSignature::sig_alg].
2291 ///
2292 /// # Example
2293 /// ```ignore,no_run
2294 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2295 /// use google_cloud_confidentialcomputing_v1::model::SigningAlgorithm;
2296 /// let x0 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::RsassaPssSha256);
2297 /// let x1 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::RsassaPkcs1V15Sha256);
2298 /// let x2 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::EcdsaP256Sha256);
2299 /// ```
2300 pub fn set_sig_alg<T: std::convert::Into<crate::model::SigningAlgorithm>>(
2301 mut self,
2302 v: T,
2303 ) -> Self {
2304 self.sig_alg = v.into();
2305 self
2306 }
2307}
2308
2309impl wkt::message::Message for ContainerImageSignature {
2310 fn typename() -> &'static str {
2311 "type.googleapis.com/google.cloud.confidentialcomputing.v1.ContainerImageSignature"
2312 }
2313}
2314
2315/// A request for an attestation token, providing all the necessary information
2316/// needed for this service to verify the platform state of the requestor.
2317#[derive(Clone, Default, PartialEq)]
2318#[non_exhaustive]
2319pub struct VerifyConfidentialSpaceRequest {
2320 /// Required. The name of the Challenge whose nonce was used to generate the
2321 /// attestation, in the format `projects/*/locations/*/challenges/*`. The
2322 /// provided Challenge will be consumed, and cannot be used again.
2323 pub challenge: std::string::String,
2324
2325 /// Optional. Credentials used to populate the "emails" claim in the
2326 /// claims_token. If not present, token will not contain the "emails" claim.
2327 pub gcp_credentials: std::option::Option<crate::model::GcpCredentials>,
2328
2329 /// Optional. A list of signed entities containing container image signatures
2330 /// that can be used for server-side signature verification.
2331 pub signed_entities: std::vec::Vec<crate::model::SignedEntity>,
2332
2333 /// Optional. Information about the associated Compute Engine instance.
2334 /// Required for td_ccel requests only - tpm_attestation requests will provide
2335 /// this information in the attestation.
2336 pub gce_shielded_identity: std::option::Option<crate::model::GceShieldedIdentity>,
2337
2338 /// Optional. A collection of fields that modify the token output.
2339 pub options: std::option::Option<
2340 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2341 >,
2342
2343 /// Optional. An optional Nvidia attestation report, used to populate hardware
2344 /// rooted claims for Nvidia devices.
2345 pub nvidia_attestation: std::option::Option<crate::model::NvidiaAttestation>,
2346
2347 /// Required. A tee attestation report, used to populate hardware rooted
2348 /// claims.
2349 pub tee_attestation:
2350 std::option::Option<crate::model::verify_confidential_space_request::TeeAttestation>,
2351
2352 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2353}
2354
2355impl VerifyConfidentialSpaceRequest {
2356 pub fn new() -> Self {
2357 std::default::Default::default()
2358 }
2359
2360 /// Sets the value of [challenge][crate::model::VerifyConfidentialSpaceRequest::challenge].
2361 ///
2362 /// # Example
2363 /// ```ignore,no_run
2364 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2365 /// let x = VerifyConfidentialSpaceRequest::new().set_challenge("example");
2366 /// ```
2367 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2368 self.challenge = v.into();
2369 self
2370 }
2371
2372 /// Sets the value of [gcp_credentials][crate::model::VerifyConfidentialSpaceRequest::gcp_credentials].
2373 ///
2374 /// # Example
2375 /// ```ignore,no_run
2376 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2377 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
2378 /// let x = VerifyConfidentialSpaceRequest::new().set_gcp_credentials(GcpCredentials::default()/* use setters */);
2379 /// ```
2380 pub fn set_gcp_credentials<T>(mut self, v: T) -> Self
2381 where
2382 T: std::convert::Into<crate::model::GcpCredentials>,
2383 {
2384 self.gcp_credentials = std::option::Option::Some(v.into());
2385 self
2386 }
2387
2388 /// Sets or clears the value of [gcp_credentials][crate::model::VerifyConfidentialSpaceRequest::gcp_credentials].
2389 ///
2390 /// # Example
2391 /// ```ignore,no_run
2392 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2393 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
2394 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gcp_credentials(Some(GcpCredentials::default()/* use setters */));
2395 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gcp_credentials(None::<GcpCredentials>);
2396 /// ```
2397 pub fn set_or_clear_gcp_credentials<T>(mut self, v: std::option::Option<T>) -> Self
2398 where
2399 T: std::convert::Into<crate::model::GcpCredentials>,
2400 {
2401 self.gcp_credentials = v.map(|x| x.into());
2402 self
2403 }
2404
2405 /// Sets the value of [signed_entities][crate::model::VerifyConfidentialSpaceRequest::signed_entities].
2406 ///
2407 /// # Example
2408 /// ```ignore,no_run
2409 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2410 /// use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2411 /// let x = VerifyConfidentialSpaceRequest::new()
2412 /// .set_signed_entities([
2413 /// SignedEntity::default()/* use setters */,
2414 /// SignedEntity::default()/* use (different) setters */,
2415 /// ]);
2416 /// ```
2417 pub fn set_signed_entities<T, V>(mut self, v: T) -> Self
2418 where
2419 T: std::iter::IntoIterator<Item = V>,
2420 V: std::convert::Into<crate::model::SignedEntity>,
2421 {
2422 use std::iter::Iterator;
2423 self.signed_entities = v.into_iter().map(|i| i.into()).collect();
2424 self
2425 }
2426
2427 /// Sets the value of [gce_shielded_identity][crate::model::VerifyConfidentialSpaceRequest::gce_shielded_identity].
2428 ///
2429 /// # Example
2430 /// ```ignore,no_run
2431 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2432 /// use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2433 /// let x = VerifyConfidentialSpaceRequest::new().set_gce_shielded_identity(GceShieldedIdentity::default()/* use setters */);
2434 /// ```
2435 pub fn set_gce_shielded_identity<T>(mut self, v: T) -> Self
2436 where
2437 T: std::convert::Into<crate::model::GceShieldedIdentity>,
2438 {
2439 self.gce_shielded_identity = std::option::Option::Some(v.into());
2440 self
2441 }
2442
2443 /// Sets or clears the value of [gce_shielded_identity][crate::model::VerifyConfidentialSpaceRequest::gce_shielded_identity].
2444 ///
2445 /// # Example
2446 /// ```ignore,no_run
2447 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2448 /// use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2449 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gce_shielded_identity(Some(GceShieldedIdentity::default()/* use setters */));
2450 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gce_shielded_identity(None::<GceShieldedIdentity>);
2451 /// ```
2452 pub fn set_or_clear_gce_shielded_identity<T>(mut self, v: std::option::Option<T>) -> Self
2453 where
2454 T: std::convert::Into<crate::model::GceShieldedIdentity>,
2455 {
2456 self.gce_shielded_identity = v.map(|x| x.into());
2457 self
2458 }
2459
2460 /// Sets the value of [options][crate::model::VerifyConfidentialSpaceRequest::options].
2461 ///
2462 /// # Example
2463 /// ```ignore,no_run
2464 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2465 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2466 /// let x = VerifyConfidentialSpaceRequest::new().set_options(ConfidentialSpaceOptions::default()/* use setters */);
2467 /// ```
2468 pub fn set_options<T>(mut self, v: T) -> Self
2469 where
2470 T: std::convert::Into<
2471 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2472 >,
2473 {
2474 self.options = std::option::Option::Some(v.into());
2475 self
2476 }
2477
2478 /// Sets or clears the value of [options][crate::model::VerifyConfidentialSpaceRequest::options].
2479 ///
2480 /// # Example
2481 /// ```ignore,no_run
2482 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2483 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2484 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_options(Some(ConfidentialSpaceOptions::default()/* use setters */));
2485 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_options(None::<ConfidentialSpaceOptions>);
2486 /// ```
2487 pub fn set_or_clear_options<T>(mut self, v: std::option::Option<T>) -> Self
2488 where
2489 T: std::convert::Into<
2490 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2491 >,
2492 {
2493 self.options = v.map(|x| x.into());
2494 self
2495 }
2496
2497 /// Sets the value of [nvidia_attestation][crate::model::VerifyConfidentialSpaceRequest::nvidia_attestation].
2498 ///
2499 /// # Example
2500 /// ```ignore,no_run
2501 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2502 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
2503 /// let x = VerifyConfidentialSpaceRequest::new().set_nvidia_attestation(NvidiaAttestation::default()/* use setters */);
2504 /// ```
2505 pub fn set_nvidia_attestation<T>(mut self, v: T) -> Self
2506 where
2507 T: std::convert::Into<crate::model::NvidiaAttestation>,
2508 {
2509 self.nvidia_attestation = std::option::Option::Some(v.into());
2510 self
2511 }
2512
2513 /// Sets or clears the value of [nvidia_attestation][crate::model::VerifyConfidentialSpaceRequest::nvidia_attestation].
2514 ///
2515 /// # Example
2516 /// ```ignore,no_run
2517 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2518 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
2519 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_nvidia_attestation(Some(NvidiaAttestation::default()/* use setters */));
2520 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_nvidia_attestation(None::<NvidiaAttestation>);
2521 /// ```
2522 pub fn set_or_clear_nvidia_attestation<T>(mut self, v: std::option::Option<T>) -> Self
2523 where
2524 T: std::convert::Into<crate::model::NvidiaAttestation>,
2525 {
2526 self.nvidia_attestation = v.map(|x| x.into());
2527 self
2528 }
2529
2530 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation].
2531 ///
2532 /// Note that all the setters affecting `tee_attestation` are mutually
2533 /// exclusive.
2534 ///
2535 /// # Example
2536 /// ```ignore,no_run
2537 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2538 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
2539 /// let x = VerifyConfidentialSpaceRequest::new().set_tee_attestation(Some(
2540 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::TeeAttestation::TdCcel(TdxCcelAttestation::default().into())));
2541 /// ```
2542 pub fn set_tee_attestation<
2543 T: std::convert::Into<
2544 std::option::Option<
2545 crate::model::verify_confidential_space_request::TeeAttestation,
2546 >,
2547 >,
2548 >(
2549 mut self,
2550 v: T,
2551 ) -> Self {
2552 self.tee_attestation = v.into();
2553 self
2554 }
2555
2556 /// The value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2557 /// if it holds a `TdCcel`, `None` if the field is not set or
2558 /// holds a different branch.
2559 pub fn td_ccel(
2560 &self,
2561 ) -> std::option::Option<&std::boxed::Box<crate::model::TdxCcelAttestation>> {
2562 #[allow(unreachable_patterns)]
2563 self.tee_attestation.as_ref().and_then(|v| match v {
2564 crate::model::verify_confidential_space_request::TeeAttestation::TdCcel(v) => {
2565 std::option::Option::Some(v)
2566 }
2567 _ => std::option::Option::None,
2568 })
2569 }
2570
2571 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2572 /// to hold a `TdCcel`.
2573 ///
2574 /// Note that all the setters affecting `tee_attestation` are
2575 /// mutually exclusive.
2576 ///
2577 /// # Example
2578 /// ```ignore,no_run
2579 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2580 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
2581 /// let x = VerifyConfidentialSpaceRequest::new().set_td_ccel(TdxCcelAttestation::default()/* use setters */);
2582 /// assert!(x.td_ccel().is_some());
2583 /// assert!(x.tpm_attestation().is_none());
2584 /// ```
2585 pub fn set_td_ccel<T: std::convert::Into<std::boxed::Box<crate::model::TdxCcelAttestation>>>(
2586 mut self,
2587 v: T,
2588 ) -> Self {
2589 self.tee_attestation = std::option::Option::Some(
2590 crate::model::verify_confidential_space_request::TeeAttestation::TdCcel(v.into()),
2591 );
2592 self
2593 }
2594
2595 /// The value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2596 /// if it holds a `TpmAttestation`, `None` if the field is not set or
2597 /// holds a different branch.
2598 pub fn tpm_attestation(
2599 &self,
2600 ) -> std::option::Option<&std::boxed::Box<crate::model::TpmAttestation>> {
2601 #[allow(unreachable_patterns)]
2602 self.tee_attestation.as_ref().and_then(|v| match v {
2603 crate::model::verify_confidential_space_request::TeeAttestation::TpmAttestation(v) => {
2604 std::option::Option::Some(v)
2605 }
2606 _ => std::option::Option::None,
2607 })
2608 }
2609
2610 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2611 /// to hold a `TpmAttestation`.
2612 ///
2613 /// Note that all the setters affecting `tee_attestation` are
2614 /// mutually exclusive.
2615 ///
2616 /// # Example
2617 /// ```ignore,no_run
2618 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2619 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2620 /// let x = VerifyConfidentialSpaceRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
2621 /// assert!(x.tpm_attestation().is_some());
2622 /// assert!(x.td_ccel().is_none());
2623 /// ```
2624 pub fn set_tpm_attestation<
2625 T: std::convert::Into<std::boxed::Box<crate::model::TpmAttestation>>,
2626 >(
2627 mut self,
2628 v: T,
2629 ) -> Self {
2630 self.tee_attestation = std::option::Option::Some(
2631 crate::model::verify_confidential_space_request::TeeAttestation::TpmAttestation(
2632 v.into(),
2633 ),
2634 );
2635 self
2636 }
2637}
2638
2639impl wkt::message::Message for VerifyConfidentialSpaceRequest {
2640 fn typename() -> &'static str {
2641 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceRequest"
2642 }
2643}
2644
2645/// Defines additional types related to [VerifyConfidentialSpaceRequest].
2646pub mod verify_confidential_space_request {
2647 #[allow(unused_imports)]
2648 use super::*;
2649
2650 /// Token options for Confidential Space attestation.
2651 #[derive(Clone, Default, PartialEq)]
2652 #[non_exhaustive]
2653 pub struct ConfidentialSpaceOptions {
2654
2655 /// Optional. Optional string to issue the token with a custom audience
2656 /// claim. Required if custom nonces are specified.
2657 pub audience: std::string::String,
2658
2659 /// Optional. Optional specification for token claims profile.
2660 pub token_profile: crate::model::TokenProfile,
2661
2662 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
2663 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
2664 /// bytes and the maximum size is 74 bytes.
2665 pub nonce: std::vec::Vec<std::string::String>,
2666
2667 /// Optional. Optional specification for how to sign the attestation token.
2668 /// Defaults to SIGNATURE_TYPE_OIDC if unspecified.
2669 pub signature_type: crate::model::SignatureType,
2670
2671 /// An optional additional configuration per token type.
2672 pub token_profile_options: std::option::Option<crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions>,
2673
2674 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2675 }
2676
2677 impl ConfidentialSpaceOptions {
2678 pub fn new() -> Self {
2679 std::default::Default::default()
2680 }
2681
2682 /// Sets the value of [audience][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::audience].
2683 ///
2684 /// # Example
2685 /// ```ignore,no_run
2686 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2687 /// let x = ConfidentialSpaceOptions::new().set_audience("example");
2688 /// ```
2689 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2690 self.audience = v.into();
2691 self
2692 }
2693
2694 /// Sets the value of [token_profile][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile].
2695 ///
2696 /// # Example
2697 /// ```ignore,no_run
2698 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2699 /// use google_cloud_confidentialcomputing_v1::model::TokenProfile;
2700 /// let x0 = ConfidentialSpaceOptions::new().set_token_profile(TokenProfile::DefaultEat);
2701 /// let x1 = ConfidentialSpaceOptions::new().set_token_profile(TokenProfile::Aws);
2702 /// ```
2703 pub fn set_token_profile<T: std::convert::Into<crate::model::TokenProfile>>(
2704 mut self,
2705 v: T,
2706 ) -> Self {
2707 self.token_profile = v.into();
2708 self
2709 }
2710
2711 /// Sets the value of [nonce][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::nonce].
2712 ///
2713 /// # Example
2714 /// ```ignore,no_run
2715 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2716 /// let x = ConfidentialSpaceOptions::new().set_nonce(["a", "b", "c"]);
2717 /// ```
2718 pub fn set_nonce<T, V>(mut self, v: T) -> Self
2719 where
2720 T: std::iter::IntoIterator<Item = V>,
2721 V: std::convert::Into<std::string::String>,
2722 {
2723 use std::iter::Iterator;
2724 self.nonce = v.into_iter().map(|i| i.into()).collect();
2725 self
2726 }
2727
2728 /// Sets the value of [signature_type][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::signature_type].
2729 ///
2730 /// # Example
2731 /// ```ignore,no_run
2732 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2733 /// use google_cloud_confidentialcomputing_v1::model::SignatureType;
2734 /// let x0 = ConfidentialSpaceOptions::new().set_signature_type(SignatureType::Oidc);
2735 /// let x1 = ConfidentialSpaceOptions::new().set_signature_type(SignatureType::Pki);
2736 /// ```
2737 pub fn set_signature_type<T: std::convert::Into<crate::model::SignatureType>>(
2738 mut self,
2739 v: T,
2740 ) -> Self {
2741 self.signature_type = v.into();
2742 self
2743 }
2744
2745 /// Sets the value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options].
2746 ///
2747 /// Note that all the setters affecting `token_profile_options` are mutually
2748 /// exclusive.
2749 ///
2750 /// # Example
2751 /// ```ignore,no_run
2752 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2753 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
2754 /// let x = ConfidentialSpaceOptions::new().set_token_profile_options(Some(
2755 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(AwsPrincipalTagsOptions::default().into())));
2756 /// ```
2757 pub fn set_token_profile_options<T: std::convert::Into<std::option::Option<crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions>>>(mut self, v: T) -> Self
2758 {
2759 self.token_profile_options = v.into();
2760 self
2761 }
2762
2763 /// The value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options]
2764 /// if it holds a `AwsPrincipalTagsOptions`, `None` if the field is not set or
2765 /// holds a different branch.
2766 pub fn aws_principal_tags_options(
2767 &self,
2768 ) -> std::option::Option<&std::boxed::Box<crate::model::AwsPrincipalTagsOptions>> {
2769 #[allow(unreachable_patterns)]
2770 self.token_profile_options.as_ref().and_then(|v| match v {
2771 crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(v) => std::option::Option::Some(v),
2772 _ => std::option::Option::None,
2773 })
2774 }
2775
2776 /// Sets the value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options]
2777 /// to hold a `AwsPrincipalTagsOptions`.
2778 ///
2779 /// Note that all the setters affecting `token_profile_options` are
2780 /// mutually exclusive.
2781 ///
2782 /// # Example
2783 /// ```ignore,no_run
2784 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2785 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
2786 /// let x = ConfidentialSpaceOptions::new().set_aws_principal_tags_options(AwsPrincipalTagsOptions::default()/* use setters */);
2787 /// assert!(x.aws_principal_tags_options().is_some());
2788 /// ```
2789 pub fn set_aws_principal_tags_options<
2790 T: std::convert::Into<std::boxed::Box<crate::model::AwsPrincipalTagsOptions>>,
2791 >(
2792 mut self,
2793 v: T,
2794 ) -> Self {
2795 self.token_profile_options = std::option::Option::Some(
2796 crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(
2797 v.into()
2798 )
2799 );
2800 self
2801 }
2802 }
2803
2804 impl wkt::message::Message for ConfidentialSpaceOptions {
2805 fn typename() -> &'static str {
2806 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceRequest.ConfidentialSpaceOptions"
2807 }
2808 }
2809
2810 /// Defines additional types related to [ConfidentialSpaceOptions].
2811 pub mod confidential_space_options {
2812 #[allow(unused_imports)]
2813 use super::*;
2814
2815 /// An optional additional configuration per token type.
2816 #[derive(Clone, Debug, PartialEq)]
2817 #[non_exhaustive]
2818 pub enum TokenProfileOptions {
2819 /// Optional. Options for the AWS token type.
2820 AwsPrincipalTagsOptions(std::boxed::Box<crate::model::AwsPrincipalTagsOptions>),
2821 }
2822 }
2823
2824 /// Required. A tee attestation report, used to populate hardware rooted
2825 /// claims.
2826 #[derive(Clone, Debug, PartialEq)]
2827 #[non_exhaustive]
2828 pub enum TeeAttestation {
2829 /// Input only. A TDX with CCEL and RTMR Attestation Quote.
2830 TdCcel(std::boxed::Box<crate::model::TdxCcelAttestation>),
2831 /// Input only. The TPM-specific data provided by the attesting platform,
2832 /// used to populate any of the claims regarding platform state.
2833 TpmAttestation(std::boxed::Box<crate::model::TpmAttestation>),
2834 }
2835}
2836
2837/// GceShieldedIdentity contains information about a Compute Engine instance.
2838#[derive(Clone, Default, PartialEq)]
2839#[non_exhaustive]
2840pub struct GceShieldedIdentity {
2841 /// Optional. DER-encoded X.509 certificate of the Attestation Key (otherwise
2842 /// known as an AK or a TPM restricted signing key) used to generate the
2843 /// quotes.
2844 pub ak_cert: ::bytes::Bytes,
2845
2846 /// Optional. List of DER-encoded X.509 certificates which, together with the
2847 /// ak_cert, chain back to a trusted Root Certificate.
2848 pub ak_cert_chain: std::vec::Vec<::bytes::Bytes>,
2849
2850 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2851}
2852
2853impl GceShieldedIdentity {
2854 pub fn new() -> Self {
2855 std::default::Default::default()
2856 }
2857
2858 /// Sets the value of [ak_cert][crate::model::GceShieldedIdentity::ak_cert].
2859 ///
2860 /// # Example
2861 /// ```ignore,no_run
2862 /// # use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2863 /// let x = GceShieldedIdentity::new().set_ak_cert(bytes::Bytes::from_static(b"example"));
2864 /// ```
2865 pub fn set_ak_cert<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2866 self.ak_cert = v.into();
2867 self
2868 }
2869
2870 /// Sets the value of [ak_cert_chain][crate::model::GceShieldedIdentity::ak_cert_chain].
2871 ///
2872 /// # Example
2873 /// ```ignore,no_run
2874 /// # use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2875 /// let b1 = bytes::Bytes::from_static(b"abc");
2876 /// let b2 = bytes::Bytes::from_static(b"xyz");
2877 /// let x = GceShieldedIdentity::new().set_ak_cert_chain([b1, b2]);
2878 /// ```
2879 pub fn set_ak_cert_chain<T, V>(mut self, v: T) -> Self
2880 where
2881 T: std::iter::IntoIterator<Item = V>,
2882 V: std::convert::Into<::bytes::Bytes>,
2883 {
2884 use std::iter::Iterator;
2885 self.ak_cert_chain = v.into_iter().map(|i| i.into()).collect();
2886 self
2887 }
2888}
2889
2890impl wkt::message::Message for GceShieldedIdentity {
2891 fn typename() -> &'static str {
2892 "type.googleapis.com/google.cloud.confidentialcomputing.v1.GceShieldedIdentity"
2893 }
2894}
2895
2896/// VerifyConfidentialSpaceResponse is returned once a Confidential Space
2897/// attestation has been successfully verified, containing a signed token.
2898#[derive(Clone, Default, PartialEq)]
2899#[non_exhaustive]
2900pub struct VerifyConfidentialSpaceResponse {
2901 /// Output only. The attestation token issued by this service. It contains
2902 /// specific platform claims based on the contents of the provided attestation.
2903 pub attestation_token: std::string::String,
2904
2905 /// Output only. A list of messages that carry the partial error details
2906 /// related to VerifyConfidentialSpace. This field is populated by errors
2907 /// during container image signature verification, which may reflect problems
2908 /// in the provided image signatures. This does not block the issuing of an
2909 /// attestation token, but the token will not contain claims for the failed
2910 /// image signatures.
2911 pub partial_errors: std::vec::Vec<google_cloud_rpc::model::Status>,
2912
2913 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2914}
2915
2916impl VerifyConfidentialSpaceResponse {
2917 pub fn new() -> Self {
2918 std::default::Default::default()
2919 }
2920
2921 /// Sets the value of [attestation_token][crate::model::VerifyConfidentialSpaceResponse::attestation_token].
2922 ///
2923 /// # Example
2924 /// ```ignore,no_run
2925 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceResponse;
2926 /// let x = VerifyConfidentialSpaceResponse::new().set_attestation_token("example");
2927 /// ```
2928 pub fn set_attestation_token<T: std::convert::Into<std::string::String>>(
2929 mut self,
2930 v: T,
2931 ) -> Self {
2932 self.attestation_token = v.into();
2933 self
2934 }
2935
2936 /// Sets the value of [partial_errors][crate::model::VerifyConfidentialSpaceResponse::partial_errors].
2937 ///
2938 /// # Example
2939 /// ```ignore,no_run
2940 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceResponse;
2941 /// use google_cloud_rpc::model::Status;
2942 /// let x = VerifyConfidentialSpaceResponse::new()
2943 /// .set_partial_errors([
2944 /// Status::default()/* use setters */,
2945 /// Status::default()/* use (different) setters */,
2946 /// ]);
2947 /// ```
2948 pub fn set_partial_errors<T, V>(mut self, v: T) -> Self
2949 where
2950 T: std::iter::IntoIterator<Item = V>,
2951 V: std::convert::Into<google_cloud_rpc::model::Status>,
2952 {
2953 use std::iter::Iterator;
2954 self.partial_errors = v.into_iter().map(|i| i.into()).collect();
2955 self
2956 }
2957}
2958
2959impl wkt::message::Message for VerifyConfidentialSpaceResponse {
2960 fn typename() -> &'static str {
2961 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceResponse"
2962 }
2963}
2964
2965/// A request for an attestation token, providing all the necessary information
2966/// needed for this service to verify Confidential GKE platform state of the
2967/// requestor.
2968#[derive(Clone, Default, PartialEq)]
2969#[non_exhaustive]
2970pub struct VerifyConfidentialGkeRequest {
2971 /// Required. The name of the Challenge whose nonce was used to generate the
2972 /// attestation, in the format projects/*/locations/*/challenges/*. The
2973 /// provided Challenge will be consumed, and cannot be used again.
2974 pub challenge: std::string::String,
2975
2976 /// Optional. A collection of fields that modify the token output.
2977 pub options:
2978 std::option::Option<crate::model::verify_confidential_gke_request::ConfidentialGkeOptions>,
2979
2980 /// Required. A tee attestation report, used to populate hardware rooted
2981 /// claims.
2982 pub tee_attestation:
2983 std::option::Option<crate::model::verify_confidential_gke_request::TeeAttestation>,
2984
2985 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2986}
2987
2988impl VerifyConfidentialGkeRequest {
2989 pub fn new() -> Self {
2990 std::default::Default::default()
2991 }
2992
2993 /// Sets the value of [challenge][crate::model::VerifyConfidentialGkeRequest::challenge].
2994 ///
2995 /// # Example
2996 /// ```ignore,no_run
2997 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
2998 /// let x = VerifyConfidentialGkeRequest::new().set_challenge("example");
2999 /// ```
3000 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
3001 self.challenge = v.into();
3002 self
3003 }
3004
3005 /// Sets the value of [options][crate::model::VerifyConfidentialGkeRequest::options].
3006 ///
3007 /// # Example
3008 /// ```ignore,no_run
3009 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3010 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3011 /// let x = VerifyConfidentialGkeRequest::new().set_options(ConfidentialGkeOptions::default()/* use setters */);
3012 /// ```
3013 pub fn set_options<T>(mut self, v: T) -> Self
3014 where
3015 T: std::convert::Into<
3016 crate::model::verify_confidential_gke_request::ConfidentialGkeOptions,
3017 >,
3018 {
3019 self.options = std::option::Option::Some(v.into());
3020 self
3021 }
3022
3023 /// Sets or clears the value of [options][crate::model::VerifyConfidentialGkeRequest::options].
3024 ///
3025 /// # Example
3026 /// ```ignore,no_run
3027 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3028 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3029 /// let x = VerifyConfidentialGkeRequest::new().set_or_clear_options(Some(ConfidentialGkeOptions::default()/* use setters */));
3030 /// let x = VerifyConfidentialGkeRequest::new().set_or_clear_options(None::<ConfidentialGkeOptions>);
3031 /// ```
3032 pub fn set_or_clear_options<T>(mut self, v: std::option::Option<T>) -> Self
3033 where
3034 T: std::convert::Into<
3035 crate::model::verify_confidential_gke_request::ConfidentialGkeOptions,
3036 >,
3037 {
3038 self.options = v.map(|x| x.into());
3039 self
3040 }
3041
3042 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation].
3043 ///
3044 /// Note that all the setters affecting `tee_attestation` are mutually
3045 /// exclusive.
3046 ///
3047 /// # Example
3048 /// ```ignore,no_run
3049 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3050 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
3051 /// let x = VerifyConfidentialGkeRequest::new().set_tee_attestation(Some(
3052 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(TpmAttestation::default().into())));
3053 /// ```
3054 pub fn set_tee_attestation<
3055 T: std::convert::Into<
3056 std::option::Option<crate::model::verify_confidential_gke_request::TeeAttestation>,
3057 >,
3058 >(
3059 mut self,
3060 v: T,
3061 ) -> Self {
3062 self.tee_attestation = v.into();
3063 self
3064 }
3065
3066 /// The value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation]
3067 /// if it holds a `TpmAttestation`, `None` if the field is not set or
3068 /// holds a different branch.
3069 pub fn tpm_attestation(
3070 &self,
3071 ) -> std::option::Option<&std::boxed::Box<crate::model::TpmAttestation>> {
3072 #[allow(unreachable_patterns)]
3073 self.tee_attestation.as_ref().and_then(|v| match v {
3074 crate::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(v) => {
3075 std::option::Option::Some(v)
3076 }
3077 _ => std::option::Option::None,
3078 })
3079 }
3080
3081 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation]
3082 /// to hold a `TpmAttestation`.
3083 ///
3084 /// Note that all the setters affecting `tee_attestation` are
3085 /// mutually exclusive.
3086 ///
3087 /// # Example
3088 /// ```ignore,no_run
3089 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3090 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
3091 /// let x = VerifyConfidentialGkeRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
3092 /// assert!(x.tpm_attestation().is_some());
3093 /// ```
3094 pub fn set_tpm_attestation<
3095 T: std::convert::Into<std::boxed::Box<crate::model::TpmAttestation>>,
3096 >(
3097 mut self,
3098 v: T,
3099 ) -> Self {
3100 self.tee_attestation = std::option::Option::Some(
3101 crate::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(v.into()),
3102 );
3103 self
3104 }
3105}
3106
3107impl wkt::message::Message for VerifyConfidentialGkeRequest {
3108 fn typename() -> &'static str {
3109 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeRequest"
3110 }
3111}
3112
3113/// Defines additional types related to [VerifyConfidentialGkeRequest].
3114pub mod verify_confidential_gke_request {
3115 #[allow(unused_imports)]
3116 use super::*;
3117
3118 /// Token options for Confidential GKE attestation.
3119 #[derive(Clone, Default, PartialEq)]
3120 #[non_exhaustive]
3121 pub struct ConfidentialGkeOptions {
3122 /// Optional. Optional string to issue the token with a custom audience
3123 /// claim. Required if custom nonces are specified.
3124 pub audience: std::string::String,
3125
3126 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
3127 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
3128 /// bytes and the maximum size is 74 bytes.
3129 pub nonce: std::vec::Vec<std::string::String>,
3130
3131 /// Optional. Optional specification for how to sign the attestation token.
3132 /// Defaults to SIGNATURE_TYPE_OIDC if unspecified.
3133 pub signature_type: crate::model::SignatureType,
3134
3135 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
3136 }
3137
3138 impl ConfidentialGkeOptions {
3139 pub fn new() -> Self {
3140 std::default::Default::default()
3141 }
3142
3143 /// Sets the value of [audience][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::audience].
3144 ///
3145 /// # Example
3146 /// ```ignore,no_run
3147 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3148 /// let x = ConfidentialGkeOptions::new().set_audience("example");
3149 /// ```
3150 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
3151 self.audience = v.into();
3152 self
3153 }
3154
3155 /// Sets the value of [nonce][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::nonce].
3156 ///
3157 /// # Example
3158 /// ```ignore,no_run
3159 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3160 /// let x = ConfidentialGkeOptions::new().set_nonce(["a", "b", "c"]);
3161 /// ```
3162 pub fn set_nonce<T, V>(mut self, v: T) -> Self
3163 where
3164 T: std::iter::IntoIterator<Item = V>,
3165 V: std::convert::Into<std::string::String>,
3166 {
3167 use std::iter::Iterator;
3168 self.nonce = v.into_iter().map(|i| i.into()).collect();
3169 self
3170 }
3171
3172 /// Sets the value of [signature_type][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::signature_type].
3173 ///
3174 /// # Example
3175 /// ```ignore,no_run
3176 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3177 /// use google_cloud_confidentialcomputing_v1::model::SignatureType;
3178 /// let x0 = ConfidentialGkeOptions::new().set_signature_type(SignatureType::Oidc);
3179 /// let x1 = ConfidentialGkeOptions::new().set_signature_type(SignatureType::Pki);
3180 /// ```
3181 pub fn set_signature_type<T: std::convert::Into<crate::model::SignatureType>>(
3182 mut self,
3183 v: T,
3184 ) -> Self {
3185 self.signature_type = v.into();
3186 self
3187 }
3188 }
3189
3190 impl wkt::message::Message for ConfidentialGkeOptions {
3191 fn typename() -> &'static str {
3192 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeRequest.ConfidentialGkeOptions"
3193 }
3194 }
3195
3196 /// Required. A tee attestation report, used to populate hardware rooted
3197 /// claims.
3198 #[derive(Clone, Debug, PartialEq)]
3199 #[non_exhaustive]
3200 pub enum TeeAttestation {
3201 /// The TPM-specific data provided by the attesting platform, used to
3202 /// populate any of the claims regarding platform state.
3203 TpmAttestation(std::boxed::Box<crate::model::TpmAttestation>),
3204 }
3205}
3206
3207/// VerifyConfidentialGkeResponse response is returened once a Confidential GKE
3208/// attestation has been successfully verified, containing a signed OIDC token.
3209#[derive(Clone, Default, PartialEq)]
3210#[non_exhaustive]
3211pub struct VerifyConfidentialGkeResponse {
3212 /// Output only. The attestation token issued by this service for Confidential
3213 /// GKE. It contains specific platform claims based on the contents of the
3214 /// provided attestation.
3215 pub attestation_token: std::string::String,
3216
3217 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
3218}
3219
3220impl VerifyConfidentialGkeResponse {
3221 pub fn new() -> Self {
3222 std::default::Default::default()
3223 }
3224
3225 /// Sets the value of [attestation_token][crate::model::VerifyConfidentialGkeResponse::attestation_token].
3226 ///
3227 /// # Example
3228 /// ```ignore,no_run
3229 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeResponse;
3230 /// let x = VerifyConfidentialGkeResponse::new().set_attestation_token("example");
3231 /// ```
3232 pub fn set_attestation_token<T: std::convert::Into<std::string::String>>(
3233 mut self,
3234 v: T,
3235 ) -> Self {
3236 self.attestation_token = v.into();
3237 self
3238 }
3239}
3240
3241impl wkt::message::Message for VerifyConfidentialGkeResponse {
3242 fn typename() -> &'static str {
3243 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeResponse"
3244 }
3245}
3246
3247/// SigningAlgorithm enumerates all the supported signing algorithms.
3248///
3249/// # Working with unknown values
3250///
3251/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3252/// additional enum variants at any time. Adding new variants is not considered
3253/// a breaking change. Applications should write their code in anticipation of:
3254///
3255/// - New values appearing in future releases of the client library, **and**
3256/// - New values received dynamically, without application changes.
3257///
3258/// Please consult the [Working with enums] section in the user guide for some
3259/// guidelines.
3260///
3261/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3262#[derive(Clone, Debug, PartialEq)]
3263#[non_exhaustive]
3264pub enum SigningAlgorithm {
3265 /// Unspecified signing algorithm.
3266 Unspecified,
3267 /// RSASSA-PSS with a SHA256 digest.
3268 RsassaPssSha256,
3269 /// RSASSA-PKCS1 v1.5 with a SHA256 digest.
3270 RsassaPkcs1V15Sha256,
3271 /// ECDSA on the P-256 Curve with a SHA256 digest.
3272 EcdsaP256Sha256,
3273 /// If set, the enum was initialized with an unknown value.
3274 ///
3275 /// Applications can examine the value using [SigningAlgorithm::value] or
3276 /// [SigningAlgorithm::name].
3277 UnknownValue(signing_algorithm::UnknownValue),
3278}
3279
3280#[doc(hidden)]
3281pub mod signing_algorithm {
3282 #[allow(unused_imports)]
3283 use super::*;
3284 #[derive(Clone, Debug, PartialEq)]
3285 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3286}
3287
3288impl SigningAlgorithm {
3289 /// Gets the enum value.
3290 ///
3291 /// Returns `None` if the enum contains an unknown value deserialized from
3292 /// the string representation of enums.
3293 pub fn value(&self) -> std::option::Option<i32> {
3294 match self {
3295 Self::Unspecified => std::option::Option::Some(0),
3296 Self::RsassaPssSha256 => std::option::Option::Some(1),
3297 Self::RsassaPkcs1V15Sha256 => std::option::Option::Some(2),
3298 Self::EcdsaP256Sha256 => std::option::Option::Some(3),
3299 Self::UnknownValue(u) => u.0.value(),
3300 }
3301 }
3302
3303 /// Gets the enum value as a string.
3304 ///
3305 /// Returns `None` if the enum contains an unknown value deserialized from
3306 /// the integer representation of enums.
3307 pub fn name(&self) -> std::option::Option<&str> {
3308 match self {
3309 Self::Unspecified => std::option::Option::Some("SIGNING_ALGORITHM_UNSPECIFIED"),
3310 Self::RsassaPssSha256 => std::option::Option::Some("RSASSA_PSS_SHA256"),
3311 Self::RsassaPkcs1V15Sha256 => std::option::Option::Some("RSASSA_PKCS1V15_SHA256"),
3312 Self::EcdsaP256Sha256 => std::option::Option::Some("ECDSA_P256_SHA256"),
3313 Self::UnknownValue(u) => u.0.name(),
3314 }
3315 }
3316}
3317
3318impl std::default::Default for SigningAlgorithm {
3319 fn default() -> Self {
3320 use std::convert::From;
3321 Self::from(0)
3322 }
3323}
3324
3325impl std::fmt::Display for SigningAlgorithm {
3326 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3327 wkt::internal::display_enum(f, self.name(), self.value())
3328 }
3329}
3330
3331impl std::convert::From<i32> for SigningAlgorithm {
3332 fn from(value: i32) -> Self {
3333 match value {
3334 0 => Self::Unspecified,
3335 1 => Self::RsassaPssSha256,
3336 2 => Self::RsassaPkcs1V15Sha256,
3337 3 => Self::EcdsaP256Sha256,
3338 _ => Self::UnknownValue(signing_algorithm::UnknownValue(
3339 wkt::internal::UnknownEnumValue::Integer(value),
3340 )),
3341 }
3342 }
3343}
3344
3345impl std::convert::From<&str> for SigningAlgorithm {
3346 fn from(value: &str) -> Self {
3347 use std::string::ToString;
3348 match value {
3349 "SIGNING_ALGORITHM_UNSPECIFIED" => Self::Unspecified,
3350 "RSASSA_PSS_SHA256" => Self::RsassaPssSha256,
3351 "RSASSA_PKCS1V15_SHA256" => Self::RsassaPkcs1V15Sha256,
3352 "ECDSA_P256_SHA256" => Self::EcdsaP256Sha256,
3353 _ => Self::UnknownValue(signing_algorithm::UnknownValue(
3354 wkt::internal::UnknownEnumValue::String(value.to_string()),
3355 )),
3356 }
3357 }
3358}
3359
3360impl serde::ser::Serialize for SigningAlgorithm {
3361 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3362 where
3363 S: serde::Serializer,
3364 {
3365 match self {
3366 Self::Unspecified => serializer.serialize_i32(0),
3367 Self::RsassaPssSha256 => serializer.serialize_i32(1),
3368 Self::RsassaPkcs1V15Sha256 => serializer.serialize_i32(2),
3369 Self::EcdsaP256Sha256 => serializer.serialize_i32(3),
3370 Self::UnknownValue(u) => u.0.serialize(serializer),
3371 }
3372 }
3373}
3374
3375impl<'de> serde::de::Deserialize<'de> for SigningAlgorithm {
3376 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3377 where
3378 D: serde::Deserializer<'de>,
3379 {
3380 deserializer.deserialize_any(wkt::internal::EnumVisitor::<SigningAlgorithm>::new(
3381 ".google.cloud.confidentialcomputing.v1.SigningAlgorithm",
3382 ))
3383 }
3384}
3385
3386/// Token type enum contains the different types of token responses Confidential
3387/// Space supports
3388///
3389/// # Working with unknown values
3390///
3391/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3392/// additional enum variants at any time. Adding new variants is not considered
3393/// a breaking change. Applications should write their code in anticipation of:
3394///
3395/// - New values appearing in future releases of the client library, **and**
3396/// - New values received dynamically, without application changes.
3397///
3398/// Please consult the [Working with enums] section in the user guide for some
3399/// guidelines.
3400///
3401/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3402#[derive(Clone, Debug, PartialEq)]
3403#[non_exhaustive]
3404pub enum TokenType {
3405 /// Unspecified token type
3406 Unspecified,
3407 /// OpenID Connect (OIDC) token type
3408 Oidc,
3409 /// Public Key Infrastructure (PKI) token type
3410 Pki,
3411 /// Limited claim token type for AWS integration
3412 LimitedAws,
3413 /// Principal-tag-based token for AWS integration
3414 AwsPrincipaltags,
3415 /// If set, the enum was initialized with an unknown value.
3416 ///
3417 /// Applications can examine the value using [TokenType::value] or
3418 /// [TokenType::name].
3419 UnknownValue(token_type::UnknownValue),
3420}
3421
3422#[doc(hidden)]
3423pub mod token_type {
3424 #[allow(unused_imports)]
3425 use super::*;
3426 #[derive(Clone, Debug, PartialEq)]
3427 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3428}
3429
3430impl TokenType {
3431 /// Gets the enum value.
3432 ///
3433 /// Returns `None` if the enum contains an unknown value deserialized from
3434 /// the string representation of enums.
3435 pub fn value(&self) -> std::option::Option<i32> {
3436 match self {
3437 Self::Unspecified => std::option::Option::Some(0),
3438 Self::Oidc => std::option::Option::Some(1),
3439 Self::Pki => std::option::Option::Some(2),
3440 Self::LimitedAws => std::option::Option::Some(3),
3441 Self::AwsPrincipaltags => std::option::Option::Some(4),
3442 Self::UnknownValue(u) => u.0.value(),
3443 }
3444 }
3445
3446 /// Gets the enum value as a string.
3447 ///
3448 /// Returns `None` if the enum contains an unknown value deserialized from
3449 /// the integer representation of enums.
3450 pub fn name(&self) -> std::option::Option<&str> {
3451 match self {
3452 Self::Unspecified => std::option::Option::Some("TOKEN_TYPE_UNSPECIFIED"),
3453 Self::Oidc => std::option::Option::Some("TOKEN_TYPE_OIDC"),
3454 Self::Pki => std::option::Option::Some("TOKEN_TYPE_PKI"),
3455 Self::LimitedAws => std::option::Option::Some("TOKEN_TYPE_LIMITED_AWS"),
3456 Self::AwsPrincipaltags => std::option::Option::Some("TOKEN_TYPE_AWS_PRINCIPALTAGS"),
3457 Self::UnknownValue(u) => u.0.name(),
3458 }
3459 }
3460}
3461
3462impl std::default::Default for TokenType {
3463 fn default() -> Self {
3464 use std::convert::From;
3465 Self::from(0)
3466 }
3467}
3468
3469impl std::fmt::Display for TokenType {
3470 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3471 wkt::internal::display_enum(f, self.name(), self.value())
3472 }
3473}
3474
3475impl std::convert::From<i32> for TokenType {
3476 fn from(value: i32) -> Self {
3477 match value {
3478 0 => Self::Unspecified,
3479 1 => Self::Oidc,
3480 2 => Self::Pki,
3481 3 => Self::LimitedAws,
3482 4 => Self::AwsPrincipaltags,
3483 _ => Self::UnknownValue(token_type::UnknownValue(
3484 wkt::internal::UnknownEnumValue::Integer(value),
3485 )),
3486 }
3487 }
3488}
3489
3490impl std::convert::From<&str> for TokenType {
3491 fn from(value: &str) -> Self {
3492 use std::string::ToString;
3493 match value {
3494 "TOKEN_TYPE_UNSPECIFIED" => Self::Unspecified,
3495 "TOKEN_TYPE_OIDC" => Self::Oidc,
3496 "TOKEN_TYPE_PKI" => Self::Pki,
3497 "TOKEN_TYPE_LIMITED_AWS" => Self::LimitedAws,
3498 "TOKEN_TYPE_AWS_PRINCIPALTAGS" => Self::AwsPrincipaltags,
3499 _ => Self::UnknownValue(token_type::UnknownValue(
3500 wkt::internal::UnknownEnumValue::String(value.to_string()),
3501 )),
3502 }
3503 }
3504}
3505
3506impl serde::ser::Serialize for TokenType {
3507 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3508 where
3509 S: serde::Serializer,
3510 {
3511 match self {
3512 Self::Unspecified => serializer.serialize_i32(0),
3513 Self::Oidc => serializer.serialize_i32(1),
3514 Self::Pki => serializer.serialize_i32(2),
3515 Self::LimitedAws => serializer.serialize_i32(3),
3516 Self::AwsPrincipaltags => serializer.serialize_i32(4),
3517 Self::UnknownValue(u) => u.0.serialize(serializer),
3518 }
3519 }
3520}
3521
3522impl<'de> serde::de::Deserialize<'de> for TokenType {
3523 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3524 where
3525 D: serde::Deserializer<'de>,
3526 {
3527 deserializer.deserialize_any(wkt::internal::EnumVisitor::<TokenType>::new(
3528 ".google.cloud.confidentialcomputing.v1.TokenType",
3529 ))
3530 }
3531}
3532
3533/// SignatureType enumerates supported signature types for attestation tokens.
3534///
3535/// # Working with unknown values
3536///
3537/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3538/// additional enum variants at any time. Adding new variants is not considered
3539/// a breaking change. Applications should write their code in anticipation of:
3540///
3541/// - New values appearing in future releases of the client library, **and**
3542/// - New values received dynamically, without application changes.
3543///
3544/// Please consult the [Working with enums] section in the user guide for some
3545/// guidelines.
3546///
3547/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3548#[derive(Clone, Debug, PartialEq)]
3549#[non_exhaustive]
3550pub enum SignatureType {
3551 /// Unspecified signature type.
3552 Unspecified,
3553 /// Google OIDC signature.
3554 Oidc,
3555 /// Public Key Infrastructure (PKI) signature.
3556 Pki,
3557 /// If set, the enum was initialized with an unknown value.
3558 ///
3559 /// Applications can examine the value using [SignatureType::value] or
3560 /// [SignatureType::name].
3561 UnknownValue(signature_type::UnknownValue),
3562}
3563
3564#[doc(hidden)]
3565pub mod signature_type {
3566 #[allow(unused_imports)]
3567 use super::*;
3568 #[derive(Clone, Debug, PartialEq)]
3569 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3570}
3571
3572impl SignatureType {
3573 /// Gets the enum value.
3574 ///
3575 /// Returns `None` if the enum contains an unknown value deserialized from
3576 /// the string representation of enums.
3577 pub fn value(&self) -> std::option::Option<i32> {
3578 match self {
3579 Self::Unspecified => std::option::Option::Some(0),
3580 Self::Oidc => std::option::Option::Some(1),
3581 Self::Pki => std::option::Option::Some(2),
3582 Self::UnknownValue(u) => u.0.value(),
3583 }
3584 }
3585
3586 /// Gets the enum value as a string.
3587 ///
3588 /// Returns `None` if the enum contains an unknown value deserialized from
3589 /// the integer representation of enums.
3590 pub fn name(&self) -> std::option::Option<&str> {
3591 match self {
3592 Self::Unspecified => std::option::Option::Some("SIGNATURE_TYPE_UNSPECIFIED"),
3593 Self::Oidc => std::option::Option::Some("SIGNATURE_TYPE_OIDC"),
3594 Self::Pki => std::option::Option::Some("SIGNATURE_TYPE_PKI"),
3595 Self::UnknownValue(u) => u.0.name(),
3596 }
3597 }
3598}
3599
3600impl std::default::Default for SignatureType {
3601 fn default() -> Self {
3602 use std::convert::From;
3603 Self::from(0)
3604 }
3605}
3606
3607impl std::fmt::Display for SignatureType {
3608 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3609 wkt::internal::display_enum(f, self.name(), self.value())
3610 }
3611}
3612
3613impl std::convert::From<i32> for SignatureType {
3614 fn from(value: i32) -> Self {
3615 match value {
3616 0 => Self::Unspecified,
3617 1 => Self::Oidc,
3618 2 => Self::Pki,
3619 _ => Self::UnknownValue(signature_type::UnknownValue(
3620 wkt::internal::UnknownEnumValue::Integer(value),
3621 )),
3622 }
3623 }
3624}
3625
3626impl std::convert::From<&str> for SignatureType {
3627 fn from(value: &str) -> Self {
3628 use std::string::ToString;
3629 match value {
3630 "SIGNATURE_TYPE_UNSPECIFIED" => Self::Unspecified,
3631 "SIGNATURE_TYPE_OIDC" => Self::Oidc,
3632 "SIGNATURE_TYPE_PKI" => Self::Pki,
3633 _ => Self::UnknownValue(signature_type::UnknownValue(
3634 wkt::internal::UnknownEnumValue::String(value.to_string()),
3635 )),
3636 }
3637 }
3638}
3639
3640impl serde::ser::Serialize for SignatureType {
3641 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3642 where
3643 S: serde::Serializer,
3644 {
3645 match self {
3646 Self::Unspecified => serializer.serialize_i32(0),
3647 Self::Oidc => serializer.serialize_i32(1),
3648 Self::Pki => serializer.serialize_i32(2),
3649 Self::UnknownValue(u) => u.0.serialize(serializer),
3650 }
3651 }
3652}
3653
3654impl<'de> serde::de::Deserialize<'de> for SignatureType {
3655 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3656 where
3657 D: serde::Deserializer<'de>,
3658 {
3659 deserializer.deserialize_any(wkt::internal::EnumVisitor::<SignatureType>::new(
3660 ".google.cloud.confidentialcomputing.v1.SignatureType",
3661 ))
3662 }
3663}
3664
3665/// TokenProfile enumerates the supported token claims profiles.
3666///
3667/// # Working with unknown values
3668///
3669/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3670/// additional enum variants at any time. Adding new variants is not considered
3671/// a breaking change. Applications should write their code in anticipation of:
3672///
3673/// - New values appearing in future releases of the client library, **and**
3674/// - New values received dynamically, without application changes.
3675///
3676/// Please consult the [Working with enums] section in the user guide for some
3677/// guidelines.
3678///
3679/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3680#[derive(Clone, Debug, PartialEq)]
3681#[non_exhaustive]
3682pub enum TokenProfile {
3683 /// Unspecified token profile.
3684 Unspecified,
3685 /// EAT claims.
3686 DefaultEat,
3687 /// AWS Principal Tags claims.
3688 Aws,
3689 /// If set, the enum was initialized with an unknown value.
3690 ///
3691 /// Applications can examine the value using [TokenProfile::value] or
3692 /// [TokenProfile::name].
3693 UnknownValue(token_profile::UnknownValue),
3694}
3695
3696#[doc(hidden)]
3697pub mod token_profile {
3698 #[allow(unused_imports)]
3699 use super::*;
3700 #[derive(Clone, Debug, PartialEq)]
3701 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3702}
3703
3704impl TokenProfile {
3705 /// Gets the enum value.
3706 ///
3707 /// Returns `None` if the enum contains an unknown value deserialized from
3708 /// the string representation of enums.
3709 pub fn value(&self) -> std::option::Option<i32> {
3710 match self {
3711 Self::Unspecified => std::option::Option::Some(0),
3712 Self::DefaultEat => std::option::Option::Some(1),
3713 Self::Aws => std::option::Option::Some(2),
3714 Self::UnknownValue(u) => u.0.value(),
3715 }
3716 }
3717
3718 /// Gets the enum value as a string.
3719 ///
3720 /// Returns `None` if the enum contains an unknown value deserialized from
3721 /// the integer representation of enums.
3722 pub fn name(&self) -> std::option::Option<&str> {
3723 match self {
3724 Self::Unspecified => std::option::Option::Some("TOKEN_PROFILE_UNSPECIFIED"),
3725 Self::DefaultEat => std::option::Option::Some("TOKEN_PROFILE_DEFAULT_EAT"),
3726 Self::Aws => std::option::Option::Some("TOKEN_PROFILE_AWS"),
3727 Self::UnknownValue(u) => u.0.name(),
3728 }
3729 }
3730}
3731
3732impl std::default::Default for TokenProfile {
3733 fn default() -> Self {
3734 use std::convert::From;
3735 Self::from(0)
3736 }
3737}
3738
3739impl std::fmt::Display for TokenProfile {
3740 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3741 wkt::internal::display_enum(f, self.name(), self.value())
3742 }
3743}
3744
3745impl std::convert::From<i32> for TokenProfile {
3746 fn from(value: i32) -> Self {
3747 match value {
3748 0 => Self::Unspecified,
3749 1 => Self::DefaultEat,
3750 2 => Self::Aws,
3751 _ => Self::UnknownValue(token_profile::UnknownValue(
3752 wkt::internal::UnknownEnumValue::Integer(value),
3753 )),
3754 }
3755 }
3756}
3757
3758impl std::convert::From<&str> for TokenProfile {
3759 fn from(value: &str) -> Self {
3760 use std::string::ToString;
3761 match value {
3762 "TOKEN_PROFILE_UNSPECIFIED" => Self::Unspecified,
3763 "TOKEN_PROFILE_DEFAULT_EAT" => Self::DefaultEat,
3764 "TOKEN_PROFILE_AWS" => Self::Aws,
3765 _ => Self::UnknownValue(token_profile::UnknownValue(
3766 wkt::internal::UnknownEnumValue::String(value.to_string()),
3767 )),
3768 }
3769 }
3770}
3771
3772impl serde::ser::Serialize for TokenProfile {
3773 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3774 where
3775 S: serde::Serializer,
3776 {
3777 match self {
3778 Self::Unspecified => serializer.serialize_i32(0),
3779 Self::DefaultEat => serializer.serialize_i32(1),
3780 Self::Aws => serializer.serialize_i32(2),
3781 Self::UnknownValue(u) => u.0.serialize(serializer),
3782 }
3783 }
3784}
3785
3786impl<'de> serde::de::Deserialize<'de> for TokenProfile {
3787 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3788 where
3789 D: serde::Deserializer<'de>,
3790 {
3791 deserializer.deserialize_any(wkt::internal::EnumVisitor::<TokenProfile>::new(
3792 ".google.cloud.confidentialcomputing.v1.TokenProfile",
3793 ))
3794 }
3795}