google_cloud_confidentialcomputing_v1/model.rs
1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16
17#![allow(rustdoc::redundant_explicit_links)]
18#![allow(rustdoc::broken_intra_doc_links)]
19#![no_implicit_prelude]
20extern crate async_trait;
21extern crate bytes;
22extern crate gaxi;
23extern crate google_cloud_gax;
24extern crate google_cloud_location;
25extern crate google_cloud_rpc;
26extern crate serde;
27extern crate serde_json;
28extern crate serde_with;
29extern crate std;
30extern crate tracing;
31extern crate wkt;
32
33mod debug;
34mod deserialize;
35mod serialize;
36
37/// A Challenge from the server used to guarantee freshness of attestations
38#[derive(Clone, Default, PartialEq)]
39#[non_exhaustive]
40pub struct Challenge {
41 /// Output only. The resource name for this Challenge in the format
42 /// `projects/*/locations/*/challenges/*`
43 pub name: std::string::String,
44
45 /// Output only. The time at which this Challenge was created
46 pub create_time: std::option::Option<wkt::Timestamp>,
47
48 /// Output only. The time at which this Challenge will no longer be usable. It
49 /// is also the expiration time for any tokens generated from this Challenge.
50 pub expire_time: std::option::Option<wkt::Timestamp>,
51
52 /// Output only. Indicates if this challenge has been used to generate a token.
53 pub used: bool,
54
55 /// Output only. Identical to nonce, but as a string.
56 pub tpm_nonce: std::string::String,
57
58 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
59}
60
61impl Challenge {
62 pub fn new() -> Self {
63 std::default::Default::default()
64 }
65
66 /// Sets the value of [name][crate::model::Challenge::name].
67 ///
68 /// # Example
69 /// ```ignore,no_run
70 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
71 /// let x = Challenge::new().set_name("example");
72 /// ```
73 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
74 self.name = v.into();
75 self
76 }
77
78 /// Sets the value of [create_time][crate::model::Challenge::create_time].
79 ///
80 /// # Example
81 /// ```ignore,no_run
82 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
83 /// use wkt::Timestamp;
84 /// let x = Challenge::new().set_create_time(Timestamp::default()/* use setters */);
85 /// ```
86 pub fn set_create_time<T>(mut self, v: T) -> Self
87 where
88 T: std::convert::Into<wkt::Timestamp>,
89 {
90 self.create_time = std::option::Option::Some(v.into());
91 self
92 }
93
94 /// Sets or clears the value of [create_time][crate::model::Challenge::create_time].
95 ///
96 /// # Example
97 /// ```ignore,no_run
98 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
99 /// use wkt::Timestamp;
100 /// let x = Challenge::new().set_or_clear_create_time(Some(Timestamp::default()/* use setters */));
101 /// let x = Challenge::new().set_or_clear_create_time(None::<Timestamp>);
102 /// ```
103 pub fn set_or_clear_create_time<T>(mut self, v: std::option::Option<T>) -> Self
104 where
105 T: std::convert::Into<wkt::Timestamp>,
106 {
107 self.create_time = v.map(|x| x.into());
108 self
109 }
110
111 /// Sets the value of [expire_time][crate::model::Challenge::expire_time].
112 ///
113 /// # Example
114 /// ```ignore,no_run
115 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
116 /// use wkt::Timestamp;
117 /// let x = Challenge::new().set_expire_time(Timestamp::default()/* use setters */);
118 /// ```
119 pub fn set_expire_time<T>(mut self, v: T) -> Self
120 where
121 T: std::convert::Into<wkt::Timestamp>,
122 {
123 self.expire_time = std::option::Option::Some(v.into());
124 self
125 }
126
127 /// Sets or clears the value of [expire_time][crate::model::Challenge::expire_time].
128 ///
129 /// # Example
130 /// ```ignore,no_run
131 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
132 /// use wkt::Timestamp;
133 /// let x = Challenge::new().set_or_clear_expire_time(Some(Timestamp::default()/* use setters */));
134 /// let x = Challenge::new().set_or_clear_expire_time(None::<Timestamp>);
135 /// ```
136 pub fn set_or_clear_expire_time<T>(mut self, v: std::option::Option<T>) -> Self
137 where
138 T: std::convert::Into<wkt::Timestamp>,
139 {
140 self.expire_time = v.map(|x| x.into());
141 self
142 }
143
144 /// Sets the value of [used][crate::model::Challenge::used].
145 ///
146 /// # Example
147 /// ```ignore,no_run
148 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
149 /// let x = Challenge::new().set_used(true);
150 /// ```
151 pub fn set_used<T: std::convert::Into<bool>>(mut self, v: T) -> Self {
152 self.used = v.into();
153 self
154 }
155
156 /// Sets the value of [tpm_nonce][crate::model::Challenge::tpm_nonce].
157 ///
158 /// # Example
159 /// ```ignore,no_run
160 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
161 /// let x = Challenge::new().set_tpm_nonce("example");
162 /// ```
163 pub fn set_tpm_nonce<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
164 self.tpm_nonce = v.into();
165 self
166 }
167}
168
169impl wkt::message::Message for Challenge {
170 fn typename() -> &'static str {
171 "type.googleapis.com/google.cloud.confidentialcomputing.v1.Challenge"
172 }
173}
174
175/// Message for creating a Challenge
176#[derive(Clone, Default, PartialEq)]
177#[non_exhaustive]
178pub struct CreateChallengeRequest {
179 /// Required. The resource name of the location where the Challenge will be
180 /// used, in the format `projects/*/locations/*`.
181 pub parent: std::string::String,
182
183 /// Required. The Challenge to be created. Currently this field can be empty as
184 /// all the Challenge fields are set by the server.
185 pub challenge: std::option::Option<crate::model::Challenge>,
186
187 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
188}
189
190impl CreateChallengeRequest {
191 pub fn new() -> Self {
192 std::default::Default::default()
193 }
194
195 /// Sets the value of [parent][crate::model::CreateChallengeRequest::parent].
196 ///
197 /// # Example
198 /// ```ignore,no_run
199 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
200 /// let x = CreateChallengeRequest::new().set_parent("example");
201 /// ```
202 pub fn set_parent<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
203 self.parent = v.into();
204 self
205 }
206
207 /// Sets the value of [challenge][crate::model::CreateChallengeRequest::challenge].
208 ///
209 /// # Example
210 /// ```ignore,no_run
211 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
212 /// use google_cloud_confidentialcomputing_v1::model::Challenge;
213 /// let x = CreateChallengeRequest::new().set_challenge(Challenge::default()/* use setters */);
214 /// ```
215 pub fn set_challenge<T>(mut self, v: T) -> Self
216 where
217 T: std::convert::Into<crate::model::Challenge>,
218 {
219 self.challenge = std::option::Option::Some(v.into());
220 self
221 }
222
223 /// Sets or clears the value of [challenge][crate::model::CreateChallengeRequest::challenge].
224 ///
225 /// # Example
226 /// ```ignore,no_run
227 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
228 /// use google_cloud_confidentialcomputing_v1::model::Challenge;
229 /// let x = CreateChallengeRequest::new().set_or_clear_challenge(Some(Challenge::default()/* use setters */));
230 /// let x = CreateChallengeRequest::new().set_or_clear_challenge(None::<Challenge>);
231 /// ```
232 pub fn set_or_clear_challenge<T>(mut self, v: std::option::Option<T>) -> Self
233 where
234 T: std::convert::Into<crate::model::Challenge>,
235 {
236 self.challenge = v.map(|x| x.into());
237 self
238 }
239}
240
241impl wkt::message::Message for CreateChallengeRequest {
242 fn typename() -> &'static str {
243 "type.googleapis.com/google.cloud.confidentialcomputing.v1.CreateChallengeRequest"
244 }
245}
246
247/// A request for an attestation token, providing all the necessary information
248/// needed for this service to verify the platform state of the requestor.
249#[derive(Clone, Default, PartialEq)]
250#[non_exhaustive]
251pub struct VerifyAttestationRequest {
252 /// Required. The name of the Challenge whose nonce was used to generate the
253 /// attestation, in the format `projects/*/locations/*/challenges/*`. The
254 /// provided Challenge will be consumed, and cannot be used again.
255 pub challenge: std::string::String,
256
257 /// Optional. Credentials used to populate the "emails" claim in the
258 /// claims_token.
259 pub gcp_credentials: std::option::Option<crate::model::GcpCredentials>,
260
261 /// Required. The TPM-specific data provided by the attesting platform, used to
262 /// populate any of the claims regarding platform state.
263 pub tpm_attestation: std::option::Option<crate::model::TpmAttestation>,
264
265 /// Optional. Optional information related to the Confidential Space TEE.
266 pub confidential_space_info: std::option::Option<crate::model::ConfidentialSpaceInfo>,
267
268 /// Optional. A collection of optional, workload-specified claims that modify
269 /// the token output.
270 pub token_options: std::option::Option<crate::model::TokenOptions>,
271
272 /// Optional. An optional indicator of the attester, only applies to certain
273 /// products.
274 pub attester: std::string::String,
275
276 /// An optional tee attestation report, used to populate hardware rooted
277 /// claims.
278 pub tee_attestation:
279 std::option::Option<crate::model::verify_attestation_request::TeeAttestation>,
280
281 /// An optional device attestation report.
282 pub device_attestation:
283 std::option::Option<crate::model::verify_attestation_request::DeviceAttestation>,
284
285 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
286}
287
288impl VerifyAttestationRequest {
289 pub fn new() -> Self {
290 std::default::Default::default()
291 }
292
293 /// Sets the value of [challenge][crate::model::VerifyAttestationRequest::challenge].
294 ///
295 /// # Example
296 /// ```ignore,no_run
297 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
298 /// let x = VerifyAttestationRequest::new().set_challenge("example");
299 /// ```
300 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
301 self.challenge = v.into();
302 self
303 }
304
305 /// Sets the value of [gcp_credentials][crate::model::VerifyAttestationRequest::gcp_credentials].
306 ///
307 /// # Example
308 /// ```ignore,no_run
309 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
310 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
311 /// let x = VerifyAttestationRequest::new().set_gcp_credentials(GcpCredentials::default()/* use setters */);
312 /// ```
313 pub fn set_gcp_credentials<T>(mut self, v: T) -> Self
314 where
315 T: std::convert::Into<crate::model::GcpCredentials>,
316 {
317 self.gcp_credentials = std::option::Option::Some(v.into());
318 self
319 }
320
321 /// Sets or clears the value of [gcp_credentials][crate::model::VerifyAttestationRequest::gcp_credentials].
322 ///
323 /// # Example
324 /// ```ignore,no_run
325 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
326 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
327 /// let x = VerifyAttestationRequest::new().set_or_clear_gcp_credentials(Some(GcpCredentials::default()/* use setters */));
328 /// let x = VerifyAttestationRequest::new().set_or_clear_gcp_credentials(None::<GcpCredentials>);
329 /// ```
330 pub fn set_or_clear_gcp_credentials<T>(mut self, v: std::option::Option<T>) -> Self
331 where
332 T: std::convert::Into<crate::model::GcpCredentials>,
333 {
334 self.gcp_credentials = v.map(|x| x.into());
335 self
336 }
337
338 /// Sets the value of [tpm_attestation][crate::model::VerifyAttestationRequest::tpm_attestation].
339 ///
340 /// # Example
341 /// ```ignore,no_run
342 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
343 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
344 /// let x = VerifyAttestationRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
345 /// ```
346 pub fn set_tpm_attestation<T>(mut self, v: T) -> Self
347 where
348 T: std::convert::Into<crate::model::TpmAttestation>,
349 {
350 self.tpm_attestation = std::option::Option::Some(v.into());
351 self
352 }
353
354 /// Sets or clears the value of [tpm_attestation][crate::model::VerifyAttestationRequest::tpm_attestation].
355 ///
356 /// # Example
357 /// ```ignore,no_run
358 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
359 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
360 /// let x = VerifyAttestationRequest::new().set_or_clear_tpm_attestation(Some(TpmAttestation::default()/* use setters */));
361 /// let x = VerifyAttestationRequest::new().set_or_clear_tpm_attestation(None::<TpmAttestation>);
362 /// ```
363 pub fn set_or_clear_tpm_attestation<T>(mut self, v: std::option::Option<T>) -> Self
364 where
365 T: std::convert::Into<crate::model::TpmAttestation>,
366 {
367 self.tpm_attestation = v.map(|x| x.into());
368 self
369 }
370
371 /// Sets the value of [confidential_space_info][crate::model::VerifyAttestationRequest::confidential_space_info].
372 ///
373 /// # Example
374 /// ```ignore,no_run
375 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
376 /// use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
377 /// let x = VerifyAttestationRequest::new().set_confidential_space_info(ConfidentialSpaceInfo::default()/* use setters */);
378 /// ```
379 pub fn set_confidential_space_info<T>(mut self, v: T) -> Self
380 where
381 T: std::convert::Into<crate::model::ConfidentialSpaceInfo>,
382 {
383 self.confidential_space_info = std::option::Option::Some(v.into());
384 self
385 }
386
387 /// Sets or clears the value of [confidential_space_info][crate::model::VerifyAttestationRequest::confidential_space_info].
388 ///
389 /// # Example
390 /// ```ignore,no_run
391 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
392 /// use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
393 /// let x = VerifyAttestationRequest::new().set_or_clear_confidential_space_info(Some(ConfidentialSpaceInfo::default()/* use setters */));
394 /// let x = VerifyAttestationRequest::new().set_or_clear_confidential_space_info(None::<ConfidentialSpaceInfo>);
395 /// ```
396 pub fn set_or_clear_confidential_space_info<T>(mut self, v: std::option::Option<T>) -> Self
397 where
398 T: std::convert::Into<crate::model::ConfidentialSpaceInfo>,
399 {
400 self.confidential_space_info = v.map(|x| x.into());
401 self
402 }
403
404 /// Sets the value of [token_options][crate::model::VerifyAttestationRequest::token_options].
405 ///
406 /// # Example
407 /// ```ignore,no_run
408 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
409 /// use google_cloud_confidentialcomputing_v1::model::TokenOptions;
410 /// let x = VerifyAttestationRequest::new().set_token_options(TokenOptions::default()/* use setters */);
411 /// ```
412 pub fn set_token_options<T>(mut self, v: T) -> Self
413 where
414 T: std::convert::Into<crate::model::TokenOptions>,
415 {
416 self.token_options = std::option::Option::Some(v.into());
417 self
418 }
419
420 /// Sets or clears the value of [token_options][crate::model::VerifyAttestationRequest::token_options].
421 ///
422 /// # Example
423 /// ```ignore,no_run
424 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
425 /// use google_cloud_confidentialcomputing_v1::model::TokenOptions;
426 /// let x = VerifyAttestationRequest::new().set_or_clear_token_options(Some(TokenOptions::default()/* use setters */));
427 /// let x = VerifyAttestationRequest::new().set_or_clear_token_options(None::<TokenOptions>);
428 /// ```
429 pub fn set_or_clear_token_options<T>(mut self, v: std::option::Option<T>) -> Self
430 where
431 T: std::convert::Into<crate::model::TokenOptions>,
432 {
433 self.token_options = v.map(|x| x.into());
434 self
435 }
436
437 /// Sets the value of [attester][crate::model::VerifyAttestationRequest::attester].
438 ///
439 /// # Example
440 /// ```ignore,no_run
441 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
442 /// let x = VerifyAttestationRequest::new().set_attester("example");
443 /// ```
444 pub fn set_attester<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
445 self.attester = v.into();
446 self
447 }
448
449 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation].
450 ///
451 /// Note that all the setters affecting `tee_attestation` are mutually
452 /// exclusive.
453 ///
454 /// # Example
455 /// ```ignore,no_run
456 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
457 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
458 /// let x = VerifyAttestationRequest::new().set_tee_attestation(Some(
459 /// google_cloud_confidentialcomputing_v1::model::verify_attestation_request::TeeAttestation::TdCcel(TdxCcelAttestation::default().into())));
460 /// ```
461 pub fn set_tee_attestation<
462 T: std::convert::Into<
463 std::option::Option<crate::model::verify_attestation_request::TeeAttestation>,
464 >,
465 >(
466 mut self,
467 v: T,
468 ) -> Self {
469 self.tee_attestation = v.into();
470 self
471 }
472
473 /// The value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
474 /// if it holds a `TdCcel`, `None` if the field is not set or
475 /// holds a different branch.
476 pub fn td_ccel(
477 &self,
478 ) -> std::option::Option<&std::boxed::Box<crate::model::TdxCcelAttestation>> {
479 #[allow(unreachable_patterns)]
480 self.tee_attestation.as_ref().and_then(|v| match v {
481 crate::model::verify_attestation_request::TeeAttestation::TdCcel(v) => {
482 std::option::Option::Some(v)
483 }
484 _ => std::option::Option::None,
485 })
486 }
487
488 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
489 /// to hold a `TdCcel`.
490 ///
491 /// Note that all the setters affecting `tee_attestation` are
492 /// mutually exclusive.
493 ///
494 /// # Example
495 /// ```ignore,no_run
496 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
497 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
498 /// let x = VerifyAttestationRequest::new().set_td_ccel(TdxCcelAttestation::default()/* use setters */);
499 /// assert!(x.td_ccel().is_some());
500 /// assert!(x.sev_snp_attestation().is_none());
501 /// ```
502 pub fn set_td_ccel<T: std::convert::Into<std::boxed::Box<crate::model::TdxCcelAttestation>>>(
503 mut self,
504 v: T,
505 ) -> Self {
506 self.tee_attestation = std::option::Option::Some(
507 crate::model::verify_attestation_request::TeeAttestation::TdCcel(v.into()),
508 );
509 self
510 }
511
512 /// The value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
513 /// if it holds a `SevSnpAttestation`, `None` if the field is not set or
514 /// holds a different branch.
515 pub fn sev_snp_attestation(
516 &self,
517 ) -> std::option::Option<&std::boxed::Box<crate::model::SevSnpAttestation>> {
518 #[allow(unreachable_patterns)]
519 self.tee_attestation.as_ref().and_then(|v| match v {
520 crate::model::verify_attestation_request::TeeAttestation::SevSnpAttestation(v) => {
521 std::option::Option::Some(v)
522 }
523 _ => std::option::Option::None,
524 })
525 }
526
527 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
528 /// to hold a `SevSnpAttestation`.
529 ///
530 /// Note that all the setters affecting `tee_attestation` are
531 /// mutually exclusive.
532 ///
533 /// # Example
534 /// ```ignore,no_run
535 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
536 /// use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
537 /// let x = VerifyAttestationRequest::new().set_sev_snp_attestation(SevSnpAttestation::default()/* use setters */);
538 /// assert!(x.sev_snp_attestation().is_some());
539 /// assert!(x.td_ccel().is_none());
540 /// ```
541 pub fn set_sev_snp_attestation<
542 T: std::convert::Into<std::boxed::Box<crate::model::SevSnpAttestation>>,
543 >(
544 mut self,
545 v: T,
546 ) -> Self {
547 self.tee_attestation = std::option::Option::Some(
548 crate::model::verify_attestation_request::TeeAttestation::SevSnpAttestation(v.into()),
549 );
550 self
551 }
552
553 /// Sets the value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation].
554 ///
555 /// Note that all the setters affecting `device_attestation` are mutually
556 /// exclusive.
557 ///
558 /// # Example
559 /// ```ignore,no_run
560 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
561 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
562 /// let x = VerifyAttestationRequest::new().set_device_attestation(Some(
563 /// google_cloud_confidentialcomputing_v1::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(NvidiaAttestation::default().into())));
564 /// ```
565 pub fn set_device_attestation<
566 T: std::convert::Into<
567 std::option::Option<crate::model::verify_attestation_request::DeviceAttestation>,
568 >,
569 >(
570 mut self,
571 v: T,
572 ) -> Self {
573 self.device_attestation = v.into();
574 self
575 }
576
577 /// The value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation]
578 /// if it holds a `NvidiaAttestation`, `None` if the field is not set or
579 /// holds a different branch.
580 pub fn nvidia_attestation(
581 &self,
582 ) -> std::option::Option<&std::boxed::Box<crate::model::NvidiaAttestation>> {
583 #[allow(unreachable_patterns)]
584 self.device_attestation.as_ref().and_then(|v| match v {
585 crate::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(v) => {
586 std::option::Option::Some(v)
587 }
588 _ => std::option::Option::None,
589 })
590 }
591
592 /// Sets the value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation]
593 /// to hold a `NvidiaAttestation`.
594 ///
595 /// Note that all the setters affecting `device_attestation` are
596 /// mutually exclusive.
597 ///
598 /// # Example
599 /// ```ignore,no_run
600 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
601 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
602 /// let x = VerifyAttestationRequest::new().set_nvidia_attestation(NvidiaAttestation::default()/* use setters */);
603 /// assert!(x.nvidia_attestation().is_some());
604 /// ```
605 pub fn set_nvidia_attestation<
606 T: std::convert::Into<std::boxed::Box<crate::model::NvidiaAttestation>>,
607 >(
608 mut self,
609 v: T,
610 ) -> Self {
611 self.device_attestation = std::option::Option::Some(
612 crate::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(
613 v.into(),
614 ),
615 );
616 self
617 }
618}
619
620impl wkt::message::Message for VerifyAttestationRequest {
621 fn typename() -> &'static str {
622 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyAttestationRequest"
623 }
624}
625
626/// Defines additional types related to [VerifyAttestationRequest].
627pub mod verify_attestation_request {
628 #[allow(unused_imports)]
629 use super::*;
630
631 /// An optional tee attestation report, used to populate hardware rooted
632 /// claims.
633 #[derive(Clone, Debug, PartialEq)]
634 #[non_exhaustive]
635 pub enum TeeAttestation {
636 /// Optional. A TDX with CCEL and RTMR Attestation Quote.
637 TdCcel(std::boxed::Box<crate::model::TdxCcelAttestation>),
638 /// Optional. An SEV-SNP Attestation Report.
639 SevSnpAttestation(std::boxed::Box<crate::model::SevSnpAttestation>),
640 }
641
642 /// An optional device attestation report.
643 #[derive(Clone, Debug, PartialEq)]
644 #[non_exhaustive]
645 pub enum DeviceAttestation {
646 /// Optional. An Nvidia attestation report for GPU and NVSwitch devices.
647 NvidiaAttestation(std::boxed::Box<crate::model::NvidiaAttestation>),
648 }
649}
650
651/// An Nvidia attestation report for GPU and NVSwitch devices.
652/// Contains necessary attestation evidence that the client collects for
653/// verification.
654#[derive(Clone, Default, PartialEq)]
655#[non_exhaustive]
656pub struct NvidiaAttestation {
657 /// The Confidential Computing feature that the attestation is for.
658 pub cc_feature: std::option::Option<crate::model::nvidia_attestation::CcFeature>,
659
660 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
661}
662
663impl NvidiaAttestation {
664 pub fn new() -> Self {
665 std::default::Default::default()
666 }
667
668 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature].
669 ///
670 /// Note that all the setters affecting `cc_feature` are mutually
671 /// exclusive.
672 ///
673 /// # Example
674 /// ```ignore,no_run
675 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
676 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
677 /// let x = NvidiaAttestation::new().set_cc_feature(Some(
678 /// google_cloud_confidentialcomputing_v1::model::nvidia_attestation::CcFeature::Spt(SinglePassthroughAttestation::default().into())));
679 /// ```
680 pub fn set_cc_feature<
681 T: std::convert::Into<std::option::Option<crate::model::nvidia_attestation::CcFeature>>,
682 >(
683 mut self,
684 v: T,
685 ) -> Self {
686 self.cc_feature = v.into();
687 self
688 }
689
690 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
691 /// if it holds a `Spt`, `None` if the field is not set or
692 /// holds a different branch.
693 pub fn spt(
694 &self,
695 ) -> std::option::Option<
696 &std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>,
697 > {
698 #[allow(unreachable_patterns)]
699 self.cc_feature.as_ref().and_then(|v| match v {
700 crate::model::nvidia_attestation::CcFeature::Spt(v) => std::option::Option::Some(v),
701 _ => std::option::Option::None,
702 })
703 }
704
705 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
706 /// to hold a `Spt`.
707 ///
708 /// Note that all the setters affecting `cc_feature` are
709 /// mutually exclusive.
710 ///
711 /// # Example
712 /// ```ignore,no_run
713 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
714 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
715 /// let x = NvidiaAttestation::new().set_spt(SinglePassthroughAttestation::default()/* use setters */);
716 /// assert!(x.spt().is_some());
717 /// assert!(x.ppcie().is_none());
718 /// assert!(x.mpt().is_none());
719 /// ```
720 pub fn set_spt<
721 T: std::convert::Into<
722 std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>,
723 >,
724 >(
725 mut self,
726 v: T,
727 ) -> Self {
728 self.cc_feature =
729 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Spt(v.into()));
730 self
731 }
732
733 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
734 /// if it holds a `Ppcie`, `None` if the field is not set or
735 /// holds a different branch.
736 pub fn ppcie(
737 &self,
738 ) -> std::option::Option<
739 &std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>,
740 > {
741 #[allow(unreachable_patterns)]
742 self.cc_feature.as_ref().and_then(|v| match v {
743 crate::model::nvidia_attestation::CcFeature::Ppcie(v) => std::option::Option::Some(v),
744 _ => std::option::Option::None,
745 })
746 }
747
748 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
749 /// to hold a `Ppcie`.
750 ///
751 /// Note that all the setters affecting `cc_feature` are
752 /// mutually exclusive.
753 ///
754 /// # Example
755 /// ```ignore,no_run
756 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
757 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
758 /// let x = NvidiaAttestation::new().set_ppcie(ProtectedPcieAttestation::default()/* use setters */);
759 /// assert!(x.ppcie().is_some());
760 /// assert!(x.spt().is_none());
761 /// assert!(x.mpt().is_none());
762 /// ```
763 pub fn set_ppcie<
764 T: std::convert::Into<
765 std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>,
766 >,
767 >(
768 mut self,
769 v: T,
770 ) -> Self {
771 self.cc_feature =
772 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Ppcie(v.into()));
773 self
774 }
775
776 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
777 /// if it holds a `Mpt`, `None` if the field is not set or
778 /// holds a different branch.
779 pub fn mpt(
780 &self,
781 ) -> std::option::Option<
782 &std::boxed::Box<crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation>,
783 > {
784 #[allow(unreachable_patterns)]
785 self.cc_feature.as_ref().and_then(|v| match v {
786 crate::model::nvidia_attestation::CcFeature::Mpt(v) => std::option::Option::Some(v),
787 _ => std::option::Option::None,
788 })
789 }
790
791 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
792 /// to hold a `Mpt`.
793 ///
794 /// Note that all the setters affecting `cc_feature` are
795 /// mutually exclusive.
796 ///
797 /// # Example
798 /// ```ignore,no_run
799 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
800 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation;
801 /// let x = NvidiaAttestation::new().set_mpt(MultiGpuSecurePassthroughAttestation::default()/* use setters */);
802 /// assert!(x.mpt().is_some());
803 /// assert!(x.spt().is_none());
804 /// assert!(x.ppcie().is_none());
805 /// ```
806 pub fn set_mpt<
807 T: std::convert::Into<
808 std::boxed::Box<
809 crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation,
810 >,
811 >,
812 >(
813 mut self,
814 v: T,
815 ) -> Self {
816 self.cc_feature =
817 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Mpt(v.into()));
818 self
819 }
820}
821
822impl wkt::message::Message for NvidiaAttestation {
823 fn typename() -> &'static str {
824 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation"
825 }
826}
827
828/// Defines additional types related to [NvidiaAttestation].
829pub mod nvidia_attestation {
830 #[allow(unused_imports)]
831 use super::*;
832
833 /// GpuInfo contains the attestation evidence for a GPU device.
834 #[derive(Clone, Default, PartialEq)]
835 #[non_exhaustive]
836 pub struct GpuInfo {
837 /// Optional. The UUID of the GPU device.
838 pub uuid: std::string::String,
839
840 /// Optional. The driver version of the GPU.
841 pub driver_version: std::string::String,
842
843 /// Optional. The vBIOS version of the GPU.
844 pub vbios_version: std::string::String,
845
846 /// Optional. The GPU architecture type.
847 pub gpu_architecture_type: crate::model::nvidia_attestation::GpuArchitectureType,
848
849 /// Optional. The raw attestation certificate chain for the GPU device.
850 pub attestation_certificate_chain: ::bytes::Bytes,
851
852 /// Optional. The raw attestation report for the GPU device.
853 /// This field contains SPDM request/response defined in
854 /// <https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.0.pdf>
855 pub attestation_report: ::bytes::Bytes,
856
857 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
858 }
859
860 impl GpuInfo {
861 pub fn new() -> Self {
862 std::default::Default::default()
863 }
864
865 /// Sets the value of [uuid][crate::model::nvidia_attestation::GpuInfo::uuid].
866 ///
867 /// # Example
868 /// ```ignore,no_run
869 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
870 /// let x = GpuInfo::new().set_uuid("example");
871 /// ```
872 pub fn set_uuid<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
873 self.uuid = v.into();
874 self
875 }
876
877 /// Sets the value of [driver_version][crate::model::nvidia_attestation::GpuInfo::driver_version].
878 ///
879 /// # Example
880 /// ```ignore,no_run
881 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
882 /// let x = GpuInfo::new().set_driver_version("example");
883 /// ```
884 pub fn set_driver_version<T: std::convert::Into<std::string::String>>(
885 mut self,
886 v: T,
887 ) -> Self {
888 self.driver_version = v.into();
889 self
890 }
891
892 /// Sets the value of [vbios_version][crate::model::nvidia_attestation::GpuInfo::vbios_version].
893 ///
894 /// # Example
895 /// ```ignore,no_run
896 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
897 /// let x = GpuInfo::new().set_vbios_version("example");
898 /// ```
899 pub fn set_vbios_version<T: std::convert::Into<std::string::String>>(
900 mut self,
901 v: T,
902 ) -> Self {
903 self.vbios_version = v.into();
904 self
905 }
906
907 /// Sets the value of [gpu_architecture_type][crate::model::nvidia_attestation::GpuInfo::gpu_architecture_type].
908 ///
909 /// # Example
910 /// ```ignore,no_run
911 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
912 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuArchitectureType;
913 /// let x0 = GpuInfo::new().set_gpu_architecture_type(GpuArchitectureType::Hopper);
914 /// let x1 = GpuInfo::new().set_gpu_architecture_type(GpuArchitectureType::Blackwell);
915 /// ```
916 pub fn set_gpu_architecture_type<
917 T: std::convert::Into<crate::model::nvidia_attestation::GpuArchitectureType>,
918 >(
919 mut self,
920 v: T,
921 ) -> Self {
922 self.gpu_architecture_type = v.into();
923 self
924 }
925
926 /// Sets the value of [attestation_certificate_chain][crate::model::nvidia_attestation::GpuInfo::attestation_certificate_chain].
927 ///
928 /// # Example
929 /// ```ignore,no_run
930 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
931 /// let x = GpuInfo::new().set_attestation_certificate_chain(bytes::Bytes::from_static(b"example"));
932 /// ```
933 pub fn set_attestation_certificate_chain<T: std::convert::Into<::bytes::Bytes>>(
934 mut self,
935 v: T,
936 ) -> Self {
937 self.attestation_certificate_chain = v.into();
938 self
939 }
940
941 /// Sets the value of [attestation_report][crate::model::nvidia_attestation::GpuInfo::attestation_report].
942 ///
943 /// # Example
944 /// ```ignore,no_run
945 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
946 /// let x = GpuInfo::new().set_attestation_report(bytes::Bytes::from_static(b"example"));
947 /// ```
948 pub fn set_attestation_report<T: std::convert::Into<::bytes::Bytes>>(
949 mut self,
950 v: T,
951 ) -> Self {
952 self.attestation_report = v.into();
953 self
954 }
955 }
956
957 impl wkt::message::Message for GpuInfo {
958 fn typename() -> &'static str {
959 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.GpuInfo"
960 }
961 }
962
963 /// SwitchInfo contains the attestation evidence for a NVSwitch device.
964 #[derive(Clone, Default, PartialEq)]
965 #[non_exhaustive]
966 pub struct SwitchInfo {
967 /// Optional. The UUID of the NVSwitch device.
968 pub uuid: std::string::String,
969
970 /// Optional. The raw attestation certificate chain for the NVSwitch device.
971 pub attestation_certificate_chain: ::bytes::Bytes,
972
973 /// Optional. The raw attestation report for the NvSwitch device.
974 /// This field contains SPDM request/response defined in
975 /// <https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.0.pdf>
976 pub attestation_report: ::bytes::Bytes,
977
978 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
979 }
980
981 impl SwitchInfo {
982 pub fn new() -> Self {
983 std::default::Default::default()
984 }
985
986 /// Sets the value of [uuid][crate::model::nvidia_attestation::SwitchInfo::uuid].
987 ///
988 /// # Example
989 /// ```ignore,no_run
990 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
991 /// let x = SwitchInfo::new().set_uuid("example");
992 /// ```
993 pub fn set_uuid<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
994 self.uuid = v.into();
995 self
996 }
997
998 /// Sets the value of [attestation_certificate_chain][crate::model::nvidia_attestation::SwitchInfo::attestation_certificate_chain].
999 ///
1000 /// # Example
1001 /// ```ignore,no_run
1002 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1003 /// let x = SwitchInfo::new().set_attestation_certificate_chain(bytes::Bytes::from_static(b"example"));
1004 /// ```
1005 pub fn set_attestation_certificate_chain<T: std::convert::Into<::bytes::Bytes>>(
1006 mut self,
1007 v: T,
1008 ) -> Self {
1009 self.attestation_certificate_chain = v.into();
1010 self
1011 }
1012
1013 /// Sets the value of [attestation_report][crate::model::nvidia_attestation::SwitchInfo::attestation_report].
1014 ///
1015 /// # Example
1016 /// ```ignore,no_run
1017 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1018 /// let x = SwitchInfo::new().set_attestation_report(bytes::Bytes::from_static(b"example"));
1019 /// ```
1020 pub fn set_attestation_report<T: std::convert::Into<::bytes::Bytes>>(
1021 mut self,
1022 v: T,
1023 ) -> Self {
1024 self.attestation_report = v.into();
1025 self
1026 }
1027 }
1028
1029 impl wkt::message::Message for SwitchInfo {
1030 fn typename() -> &'static str {
1031 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.SwitchInfo"
1032 }
1033 }
1034
1035 /// Single GPU Passthrough (SPT) attestation.
1036 #[derive(Clone, Default, PartialEq)]
1037 #[non_exhaustive]
1038 pub struct SinglePassthroughAttestation {
1039 /// Optional. Single GPU quote.
1040 pub gpu_quote: std::option::Option<crate::model::nvidia_attestation::GpuInfo>,
1041
1042 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1043 }
1044
1045 impl SinglePassthroughAttestation {
1046 pub fn new() -> Self {
1047 std::default::Default::default()
1048 }
1049
1050 /// Sets the value of [gpu_quote][crate::model::nvidia_attestation::SinglePassthroughAttestation::gpu_quote].
1051 ///
1052 /// # Example
1053 /// ```ignore,no_run
1054 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
1055 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1056 /// let x = SinglePassthroughAttestation::new().set_gpu_quote(GpuInfo::default()/* use setters */);
1057 /// ```
1058 pub fn set_gpu_quote<T>(mut self, v: T) -> Self
1059 where
1060 T: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1061 {
1062 self.gpu_quote = std::option::Option::Some(v.into());
1063 self
1064 }
1065
1066 /// Sets or clears the value of [gpu_quote][crate::model::nvidia_attestation::SinglePassthroughAttestation::gpu_quote].
1067 ///
1068 /// # Example
1069 /// ```ignore,no_run
1070 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
1071 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1072 /// let x = SinglePassthroughAttestation::new().set_or_clear_gpu_quote(Some(GpuInfo::default()/* use setters */));
1073 /// let x = SinglePassthroughAttestation::new().set_or_clear_gpu_quote(None::<GpuInfo>);
1074 /// ```
1075 pub fn set_or_clear_gpu_quote<T>(mut self, v: std::option::Option<T>) -> Self
1076 where
1077 T: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1078 {
1079 self.gpu_quote = v.map(|x| x.into());
1080 self
1081 }
1082 }
1083
1084 impl wkt::message::Message for SinglePassthroughAttestation {
1085 fn typename() -> &'static str {
1086 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.SinglePassthroughAttestation"
1087 }
1088 }
1089
1090 /// Protected PCIe (PPCIE) attestation.
1091 /// Eight Hopper GPUs with Four NVSwitch Passthrough.
1092 #[derive(Clone, Default, PartialEq)]
1093 #[non_exhaustive]
1094 pub struct ProtectedPcieAttestation {
1095 /// Optional. A list of GPU infos.
1096 pub gpu_quotes: std::vec::Vec<crate::model::nvidia_attestation::GpuInfo>,
1097
1098 /// Optional. A list of SWITCH infos.
1099 pub switch_quotes: std::vec::Vec<crate::model::nvidia_attestation::SwitchInfo>,
1100
1101 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1102 }
1103
1104 impl ProtectedPcieAttestation {
1105 pub fn new() -> Self {
1106 std::default::Default::default()
1107 }
1108
1109 /// Sets the value of [gpu_quotes][crate::model::nvidia_attestation::ProtectedPcieAttestation::gpu_quotes].
1110 ///
1111 /// # Example
1112 /// ```ignore,no_run
1113 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
1114 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1115 /// let x = ProtectedPcieAttestation::new()
1116 /// .set_gpu_quotes([
1117 /// GpuInfo::default()/* use setters */,
1118 /// GpuInfo::default()/* use (different) setters */,
1119 /// ]);
1120 /// ```
1121 pub fn set_gpu_quotes<T, V>(mut self, v: T) -> Self
1122 where
1123 T: std::iter::IntoIterator<Item = V>,
1124 V: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1125 {
1126 use std::iter::Iterator;
1127 self.gpu_quotes = v.into_iter().map(|i| i.into()).collect();
1128 self
1129 }
1130
1131 /// Sets the value of [switch_quotes][crate::model::nvidia_attestation::ProtectedPcieAttestation::switch_quotes].
1132 ///
1133 /// # Example
1134 /// ```ignore,no_run
1135 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
1136 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1137 /// let x = ProtectedPcieAttestation::new()
1138 /// .set_switch_quotes([
1139 /// SwitchInfo::default()/* use setters */,
1140 /// SwitchInfo::default()/* use (different) setters */,
1141 /// ]);
1142 /// ```
1143 pub fn set_switch_quotes<T, V>(mut self, v: T) -> Self
1144 where
1145 T: std::iter::IntoIterator<Item = V>,
1146 V: std::convert::Into<crate::model::nvidia_attestation::SwitchInfo>,
1147 {
1148 use std::iter::Iterator;
1149 self.switch_quotes = v.into_iter().map(|i| i.into()).collect();
1150 self
1151 }
1152 }
1153
1154 impl wkt::message::Message for ProtectedPcieAttestation {
1155 fn typename() -> &'static str {
1156 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.ProtectedPcieAttestation"
1157 }
1158 }
1159
1160 /// MultiGpuSecurePassthroughAttestation contains the attestation evidence
1161 /// for a Multi-GPU Secure Passthrough (MPT) attestation.
1162 #[derive(Clone, Default, PartialEq)]
1163 #[non_exhaustive]
1164 pub struct MultiGpuSecurePassthroughAttestation {
1165 /// Optional. A list of GPU quotes.
1166 pub gpu_quotes: std::vec::Vec<crate::model::nvidia_attestation::GpuInfo>,
1167
1168 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1169 }
1170
1171 impl MultiGpuSecurePassthroughAttestation {
1172 pub fn new() -> Self {
1173 std::default::Default::default()
1174 }
1175
1176 /// Sets the value of [gpu_quotes][crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation::gpu_quotes].
1177 ///
1178 /// # Example
1179 /// ```ignore,no_run
1180 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation;
1181 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1182 /// let x = MultiGpuSecurePassthroughAttestation::new()
1183 /// .set_gpu_quotes([
1184 /// GpuInfo::default()/* use setters */,
1185 /// GpuInfo::default()/* use (different) setters */,
1186 /// ]);
1187 /// ```
1188 pub fn set_gpu_quotes<T, V>(mut self, v: T) -> Self
1189 where
1190 T: std::iter::IntoIterator<Item = V>,
1191 V: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1192 {
1193 use std::iter::Iterator;
1194 self.gpu_quotes = v.into_iter().map(|i| i.into()).collect();
1195 self
1196 }
1197 }
1198
1199 impl wkt::message::Message for MultiGpuSecurePassthroughAttestation {
1200 fn typename() -> &'static str {
1201 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.MultiGpuSecurePassthroughAttestation"
1202 }
1203 }
1204
1205 /// GpuArchitectureType enumerates the supported GPU architecture types.
1206 ///
1207 /// # Working with unknown values
1208 ///
1209 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
1210 /// additional enum variants at any time. Adding new variants is not considered
1211 /// a breaking change. Applications should write their code in anticipation of:
1212 ///
1213 /// - New values appearing in future releases of the client library, **and**
1214 /// - New values received dynamically, without application changes.
1215 ///
1216 /// Please consult the [Working with enums] section in the user guide for some
1217 /// guidelines.
1218 ///
1219 /// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
1220 #[derive(Clone, Debug, PartialEq)]
1221 #[non_exhaustive]
1222 pub enum GpuArchitectureType {
1223 /// Unspecified GPU architecture type.
1224 Unspecified,
1225 /// Hopper GPU architecture type.
1226 Hopper,
1227 /// Blackwell GPU architecture type.
1228 Blackwell,
1229 /// If set, the enum was initialized with an unknown value.
1230 ///
1231 /// Applications can examine the value using [GpuArchitectureType::value] or
1232 /// [GpuArchitectureType::name].
1233 UnknownValue(gpu_architecture_type::UnknownValue),
1234 }
1235
1236 #[doc(hidden)]
1237 pub mod gpu_architecture_type {
1238 #[allow(unused_imports)]
1239 use super::*;
1240 #[derive(Clone, Debug, PartialEq)]
1241 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
1242 }
1243
1244 impl GpuArchitectureType {
1245 /// Gets the enum value.
1246 ///
1247 /// Returns `None` if the enum contains an unknown value deserialized from
1248 /// the string representation of enums.
1249 pub fn value(&self) -> std::option::Option<i32> {
1250 match self {
1251 Self::Unspecified => std::option::Option::Some(0),
1252 Self::Hopper => std::option::Option::Some(8),
1253 Self::Blackwell => std::option::Option::Some(10),
1254 Self::UnknownValue(u) => u.0.value(),
1255 }
1256 }
1257
1258 /// Gets the enum value as a string.
1259 ///
1260 /// Returns `None` if the enum contains an unknown value deserialized from
1261 /// the integer representation of enums.
1262 pub fn name(&self) -> std::option::Option<&str> {
1263 match self {
1264 Self::Unspecified => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_UNSPECIFIED"),
1265 Self::Hopper => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_HOPPER"),
1266 Self::Blackwell => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_BLACKWELL"),
1267 Self::UnknownValue(u) => u.0.name(),
1268 }
1269 }
1270 }
1271
1272 impl std::default::Default for GpuArchitectureType {
1273 fn default() -> Self {
1274 use std::convert::From;
1275 Self::from(0)
1276 }
1277 }
1278
1279 impl std::fmt::Display for GpuArchitectureType {
1280 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
1281 wkt::internal::display_enum(f, self.name(), self.value())
1282 }
1283 }
1284
1285 impl std::convert::From<i32> for GpuArchitectureType {
1286 fn from(value: i32) -> Self {
1287 match value {
1288 0 => Self::Unspecified,
1289 8 => Self::Hopper,
1290 10 => Self::Blackwell,
1291 _ => Self::UnknownValue(gpu_architecture_type::UnknownValue(
1292 wkt::internal::UnknownEnumValue::Integer(value),
1293 )),
1294 }
1295 }
1296 }
1297
1298 impl std::convert::From<&str> for GpuArchitectureType {
1299 fn from(value: &str) -> Self {
1300 use std::string::ToString;
1301 match value {
1302 "GPU_ARCHITECTURE_TYPE_UNSPECIFIED" => Self::Unspecified,
1303 "GPU_ARCHITECTURE_TYPE_HOPPER" => Self::Hopper,
1304 "GPU_ARCHITECTURE_TYPE_BLACKWELL" => Self::Blackwell,
1305 _ => Self::UnknownValue(gpu_architecture_type::UnknownValue(
1306 wkt::internal::UnknownEnumValue::String(value.to_string()),
1307 )),
1308 }
1309 }
1310 }
1311
1312 impl serde::ser::Serialize for GpuArchitectureType {
1313 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
1314 where
1315 S: serde::Serializer,
1316 {
1317 match self {
1318 Self::Unspecified => serializer.serialize_i32(0),
1319 Self::Hopper => serializer.serialize_i32(8),
1320 Self::Blackwell => serializer.serialize_i32(10),
1321 Self::UnknownValue(u) => u.0.serialize(serializer),
1322 }
1323 }
1324 }
1325
1326 impl<'de> serde::de::Deserialize<'de> for GpuArchitectureType {
1327 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
1328 where
1329 D: serde::Deserializer<'de>,
1330 {
1331 deserializer.deserialize_any(wkt::internal::EnumVisitor::<GpuArchitectureType>::new(
1332 ".google.cloud.confidentialcomputing.v1.NvidiaAttestation.GpuArchitectureType",
1333 ))
1334 }
1335 }
1336
1337 /// The Confidential Computing feature that the attestation is for.
1338 #[derive(Clone, Debug, PartialEq)]
1339 #[non_exhaustive]
1340 pub enum CcFeature {
1341 /// Single GPU Passthrough (SPT) attestation.
1342 Spt(std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>),
1343 /// Protected PCIe (PPCIE) attestation.
1344 Ppcie(std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>),
1345 /// Multi-GPU Secure Passthrough (MPT) attestation.
1346 Mpt(
1347 std::boxed::Box<crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation>,
1348 ),
1349 }
1350}
1351
1352/// A TDX Attestation quote.
1353#[derive(Clone, Default, PartialEq)]
1354#[non_exhaustive]
1355pub struct TdxCcelAttestation {
1356 /// Optional. The Confidential Computing Event Log (CCEL) ACPI table. Formatted
1357 /// as described in the ACPI Specification 6.5.
1358 pub ccel_acpi_table: ::bytes::Bytes,
1359
1360 /// Optional. The CCEL event log. Formatted as described in the UEFI 2.10.
1361 pub ccel_data: ::bytes::Bytes,
1362
1363 /// Optional. An Event Log containing additional events measured into the RTMR
1364 /// that are not already present in the CCEL.
1365 pub canonical_event_log: ::bytes::Bytes,
1366
1367 /// Optional. The TDX attestation quote from the guest. It contains the RTMR
1368 /// values.
1369 pub td_quote: ::bytes::Bytes,
1370
1371 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1372}
1373
1374impl TdxCcelAttestation {
1375 pub fn new() -> Self {
1376 std::default::Default::default()
1377 }
1378
1379 /// Sets the value of [ccel_acpi_table][crate::model::TdxCcelAttestation::ccel_acpi_table].
1380 ///
1381 /// # Example
1382 /// ```ignore,no_run
1383 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1384 /// let x = TdxCcelAttestation::new().set_ccel_acpi_table(bytes::Bytes::from_static(b"example"));
1385 /// ```
1386 pub fn set_ccel_acpi_table<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1387 self.ccel_acpi_table = v.into();
1388 self
1389 }
1390
1391 /// Sets the value of [ccel_data][crate::model::TdxCcelAttestation::ccel_data].
1392 ///
1393 /// # Example
1394 /// ```ignore,no_run
1395 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1396 /// let x = TdxCcelAttestation::new().set_ccel_data(bytes::Bytes::from_static(b"example"));
1397 /// ```
1398 pub fn set_ccel_data<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1399 self.ccel_data = v.into();
1400 self
1401 }
1402
1403 /// Sets the value of [canonical_event_log][crate::model::TdxCcelAttestation::canonical_event_log].
1404 ///
1405 /// # Example
1406 /// ```ignore,no_run
1407 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1408 /// let x = TdxCcelAttestation::new().set_canonical_event_log(bytes::Bytes::from_static(b"example"));
1409 /// ```
1410 pub fn set_canonical_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1411 self.canonical_event_log = v.into();
1412 self
1413 }
1414
1415 /// Sets the value of [td_quote][crate::model::TdxCcelAttestation::td_quote].
1416 ///
1417 /// # Example
1418 /// ```ignore,no_run
1419 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1420 /// let x = TdxCcelAttestation::new().set_td_quote(bytes::Bytes::from_static(b"example"));
1421 /// ```
1422 pub fn set_td_quote<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1423 self.td_quote = v.into();
1424 self
1425 }
1426}
1427
1428impl wkt::message::Message for TdxCcelAttestation {
1429 fn typename() -> &'static str {
1430 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TdxCcelAttestation"
1431 }
1432}
1433
1434/// An SEV-SNP Attestation Report.
1435/// Contains the attestation report and the certificate bundle that the client
1436/// collects.
1437#[derive(Clone, Default, PartialEq)]
1438#[non_exhaustive]
1439pub struct SevSnpAttestation {
1440 /// Optional. The SEV-SNP Attestation Report
1441 /// Format is in revision 1.55, §7.3 Attestation, Table 22. ATTESTATION_REPORT
1442 /// Structure in this document:
1443 /// <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf>
1444 pub report: ::bytes::Bytes,
1445
1446 /// Optional. Certificate bundle defined in the GHCB protocol definition
1447 /// Format is documented in GHCB revision 2.03, section 4.1.8.1 struct
1448 /// cert_table in this document:
1449 /// <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf>
1450 pub aux_blob: ::bytes::Bytes,
1451
1452 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1453}
1454
1455impl SevSnpAttestation {
1456 pub fn new() -> Self {
1457 std::default::Default::default()
1458 }
1459
1460 /// Sets the value of [report][crate::model::SevSnpAttestation::report].
1461 ///
1462 /// # Example
1463 /// ```ignore,no_run
1464 /// # use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
1465 /// let x = SevSnpAttestation::new().set_report(bytes::Bytes::from_static(b"example"));
1466 /// ```
1467 pub fn set_report<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1468 self.report = v.into();
1469 self
1470 }
1471
1472 /// Sets the value of [aux_blob][crate::model::SevSnpAttestation::aux_blob].
1473 ///
1474 /// # Example
1475 /// ```ignore,no_run
1476 /// # use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
1477 /// let x = SevSnpAttestation::new().set_aux_blob(bytes::Bytes::from_static(b"example"));
1478 /// ```
1479 pub fn set_aux_blob<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1480 self.aux_blob = v.into();
1481 self
1482 }
1483}
1484
1485impl wkt::message::Message for SevSnpAttestation {
1486 fn typename() -> &'static str {
1487 "type.googleapis.com/google.cloud.confidentialcomputing.v1.SevSnpAttestation"
1488 }
1489}
1490
1491/// A response once an attestation has been successfully verified, containing a
1492/// signed attestation token.
1493#[derive(Clone, Default, PartialEq)]
1494#[non_exhaustive]
1495pub struct VerifyAttestationResponse {
1496 /// Output only. Same as claims_token, but as a string.
1497 pub oidc_claims_token: std::string::String,
1498
1499 /// Output only. A list of messages that carry the partial error details
1500 /// related to VerifyAttestation.
1501 pub partial_errors: std::vec::Vec<google_cloud_rpc::model::Status>,
1502
1503 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1504}
1505
1506impl VerifyAttestationResponse {
1507 pub fn new() -> Self {
1508 std::default::Default::default()
1509 }
1510
1511 /// Sets the value of [oidc_claims_token][crate::model::VerifyAttestationResponse::oidc_claims_token].
1512 ///
1513 /// # Example
1514 /// ```ignore,no_run
1515 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationResponse;
1516 /// let x = VerifyAttestationResponse::new().set_oidc_claims_token("example");
1517 /// ```
1518 pub fn set_oidc_claims_token<T: std::convert::Into<std::string::String>>(
1519 mut self,
1520 v: T,
1521 ) -> Self {
1522 self.oidc_claims_token = v.into();
1523 self
1524 }
1525
1526 /// Sets the value of [partial_errors][crate::model::VerifyAttestationResponse::partial_errors].
1527 ///
1528 /// # Example
1529 /// ```ignore,no_run
1530 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationResponse;
1531 /// use google_cloud_rpc::model::Status;
1532 /// let x = VerifyAttestationResponse::new()
1533 /// .set_partial_errors([
1534 /// Status::default()/* use setters */,
1535 /// Status::default()/* use (different) setters */,
1536 /// ]);
1537 /// ```
1538 pub fn set_partial_errors<T, V>(mut self, v: T) -> Self
1539 where
1540 T: std::iter::IntoIterator<Item = V>,
1541 V: std::convert::Into<google_cloud_rpc::model::Status>,
1542 {
1543 use std::iter::Iterator;
1544 self.partial_errors = v.into_iter().map(|i| i.into()).collect();
1545 self
1546 }
1547}
1548
1549impl wkt::message::Message for VerifyAttestationResponse {
1550 fn typename() -> &'static str {
1551 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyAttestationResponse"
1552 }
1553}
1554
1555/// Credentials issued by GCP which are linked to the platform attestation. These
1556/// will be verified server-side as part of attestaion verification.
1557#[derive(Clone, Default, PartialEq)]
1558#[non_exhaustive]
1559pub struct GcpCredentials {
1560 /// Same as id_tokens, but as a string.
1561 pub service_account_id_tokens: std::vec::Vec<std::string::String>,
1562
1563 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1564}
1565
1566impl GcpCredentials {
1567 pub fn new() -> Self {
1568 std::default::Default::default()
1569 }
1570
1571 /// Sets the value of [service_account_id_tokens][crate::model::GcpCredentials::service_account_id_tokens].
1572 ///
1573 /// # Example
1574 /// ```ignore,no_run
1575 /// # use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
1576 /// let x = GcpCredentials::new().set_service_account_id_tokens(["a", "b", "c"]);
1577 /// ```
1578 pub fn set_service_account_id_tokens<T, V>(mut self, v: T) -> Self
1579 where
1580 T: std::iter::IntoIterator<Item = V>,
1581 V: std::convert::Into<std::string::String>,
1582 {
1583 use std::iter::Iterator;
1584 self.service_account_id_tokens = v.into_iter().map(|i| i.into()).collect();
1585 self
1586 }
1587}
1588
1589impl wkt::message::Message for GcpCredentials {
1590 fn typename() -> &'static str {
1591 "type.googleapis.com/google.cloud.confidentialcomputing.v1.GcpCredentials"
1592 }
1593}
1594
1595/// Options to modify claims in the token to generate custom-purpose tokens.
1596#[derive(Clone, Default, PartialEq)]
1597#[non_exhaustive]
1598pub struct TokenOptions {
1599 /// Optional. Optional string to issue the token with a custom audience claim.
1600 /// Required if one or more nonces are specified.
1601 pub audience: std::string::String,
1602
1603 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
1604 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
1605 /// bytes and the maximum size is 74 bytes.
1606 pub nonce: std::vec::Vec<std::string::String>,
1607
1608 /// Optional. Optional token type to select what type of token to return.
1609 pub token_type: crate::model::TokenType,
1610
1611 /// An optional additional configuration per token type.
1612 pub token_type_options: std::option::Option<crate::model::token_options::TokenTypeOptions>,
1613
1614 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1615}
1616
1617impl TokenOptions {
1618 pub fn new() -> Self {
1619 std::default::Default::default()
1620 }
1621
1622 /// Sets the value of [audience][crate::model::TokenOptions::audience].
1623 ///
1624 /// # Example
1625 /// ```ignore,no_run
1626 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1627 /// let x = TokenOptions::new().set_audience("example");
1628 /// ```
1629 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1630 self.audience = v.into();
1631 self
1632 }
1633
1634 /// Sets the value of [nonce][crate::model::TokenOptions::nonce].
1635 ///
1636 /// # Example
1637 /// ```ignore,no_run
1638 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1639 /// let x = TokenOptions::new().set_nonce(["a", "b", "c"]);
1640 /// ```
1641 pub fn set_nonce<T, V>(mut self, v: T) -> Self
1642 where
1643 T: std::iter::IntoIterator<Item = V>,
1644 V: std::convert::Into<std::string::String>,
1645 {
1646 use std::iter::Iterator;
1647 self.nonce = v.into_iter().map(|i| i.into()).collect();
1648 self
1649 }
1650
1651 /// Sets the value of [token_type][crate::model::TokenOptions::token_type].
1652 ///
1653 /// # Example
1654 /// ```ignore,no_run
1655 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1656 /// use google_cloud_confidentialcomputing_v1::model::TokenType;
1657 /// let x0 = TokenOptions::new().set_token_type(TokenType::Oidc);
1658 /// let x1 = TokenOptions::new().set_token_type(TokenType::Pki);
1659 /// let x2 = TokenOptions::new().set_token_type(TokenType::LimitedAws);
1660 /// ```
1661 pub fn set_token_type<T: std::convert::Into<crate::model::TokenType>>(mut self, v: T) -> Self {
1662 self.token_type = v.into();
1663 self
1664 }
1665
1666 /// Sets the value of [token_type_options][crate::model::TokenOptions::token_type_options].
1667 ///
1668 /// Note that all the setters affecting `token_type_options` are mutually
1669 /// exclusive.
1670 ///
1671 /// # Example
1672 /// ```ignore,no_run
1673 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1674 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1675 /// let x = TokenOptions::new().set_token_type_options(Some(
1676 /// google_cloud_confidentialcomputing_v1::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(AwsPrincipalTagsOptions::default().into())));
1677 /// ```
1678 pub fn set_token_type_options<
1679 T: std::convert::Into<std::option::Option<crate::model::token_options::TokenTypeOptions>>,
1680 >(
1681 mut self,
1682 v: T,
1683 ) -> Self {
1684 self.token_type_options = v.into();
1685 self
1686 }
1687
1688 /// The value of [token_type_options][crate::model::TokenOptions::token_type_options]
1689 /// if it holds a `AwsPrincipalTagsOptions`, `None` if the field is not set or
1690 /// holds a different branch.
1691 pub fn aws_principal_tags_options(
1692 &self,
1693 ) -> std::option::Option<&std::boxed::Box<crate::model::AwsPrincipalTagsOptions>> {
1694 #[allow(unreachable_patterns)]
1695 self.token_type_options.as_ref().and_then(|v| match v {
1696 crate::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(v) => {
1697 std::option::Option::Some(v)
1698 }
1699 _ => std::option::Option::None,
1700 })
1701 }
1702
1703 /// Sets the value of [token_type_options][crate::model::TokenOptions::token_type_options]
1704 /// to hold a `AwsPrincipalTagsOptions`.
1705 ///
1706 /// Note that all the setters affecting `token_type_options` are
1707 /// mutually exclusive.
1708 ///
1709 /// # Example
1710 /// ```ignore,no_run
1711 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1712 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1713 /// let x = TokenOptions::new().set_aws_principal_tags_options(AwsPrincipalTagsOptions::default()/* use setters */);
1714 /// assert!(x.aws_principal_tags_options().is_some());
1715 /// ```
1716 pub fn set_aws_principal_tags_options<
1717 T: std::convert::Into<std::boxed::Box<crate::model::AwsPrincipalTagsOptions>>,
1718 >(
1719 mut self,
1720 v: T,
1721 ) -> Self {
1722 self.token_type_options = std::option::Option::Some(
1723 crate::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(v.into()),
1724 );
1725 self
1726 }
1727}
1728
1729impl wkt::message::Message for TokenOptions {
1730 fn typename() -> &'static str {
1731 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TokenOptions"
1732 }
1733}
1734
1735/// Defines additional types related to [TokenOptions].
1736pub mod token_options {
1737 #[allow(unused_imports)]
1738 use super::*;
1739
1740 /// An optional additional configuration per token type.
1741 #[derive(Clone, Debug, PartialEq)]
1742 #[non_exhaustive]
1743 pub enum TokenTypeOptions {
1744 /// Optional. Options for AWS token type.
1745 AwsPrincipalTagsOptions(std::boxed::Box<crate::model::AwsPrincipalTagsOptions>),
1746 }
1747}
1748
1749/// Token options that only apply to the AWS Principal Tags token type.
1750#[derive(Clone, Default, PartialEq)]
1751#[non_exhaustive]
1752pub struct AwsPrincipalTagsOptions {
1753 /// Optional. Principal tags to allow in the token.
1754 pub allowed_principal_tags:
1755 std::option::Option<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1756
1757 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1758}
1759
1760impl AwsPrincipalTagsOptions {
1761 pub fn new() -> Self {
1762 std::default::Default::default()
1763 }
1764
1765 /// Sets the value of [allowed_principal_tags][crate::model::AwsPrincipalTagsOptions::allowed_principal_tags].
1766 ///
1767 /// # Example
1768 /// ```ignore,no_run
1769 /// # use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1770 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1771 /// let x = AwsPrincipalTagsOptions::new().set_allowed_principal_tags(AllowedPrincipalTags::default()/* use setters */);
1772 /// ```
1773 pub fn set_allowed_principal_tags<T>(mut self, v: T) -> Self
1774 where
1775 T: std::convert::Into<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1776 {
1777 self.allowed_principal_tags = std::option::Option::Some(v.into());
1778 self
1779 }
1780
1781 /// Sets or clears the value of [allowed_principal_tags][crate::model::AwsPrincipalTagsOptions::allowed_principal_tags].
1782 ///
1783 /// # Example
1784 /// ```ignore,no_run
1785 /// # use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1786 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1787 /// let x = AwsPrincipalTagsOptions::new().set_or_clear_allowed_principal_tags(Some(AllowedPrincipalTags::default()/* use setters */));
1788 /// let x = AwsPrincipalTagsOptions::new().set_or_clear_allowed_principal_tags(None::<AllowedPrincipalTags>);
1789 /// ```
1790 pub fn set_or_clear_allowed_principal_tags<T>(mut self, v: std::option::Option<T>) -> Self
1791 where
1792 T: std::convert::Into<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1793 {
1794 self.allowed_principal_tags = v.map(|x| x.into());
1795 self
1796 }
1797}
1798
1799impl wkt::message::Message for AwsPrincipalTagsOptions {
1800 fn typename() -> &'static str {
1801 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions"
1802 }
1803}
1804
1805/// Defines additional types related to [AwsPrincipalTagsOptions].
1806pub mod aws_principal_tags_options {
1807 #[allow(unused_imports)]
1808 use super::*;
1809
1810 /// Allowed principal tags is used to define what principal tags will be
1811 /// placed in the token.
1812 #[derive(Clone, Default, PartialEq)]
1813 #[non_exhaustive]
1814 pub struct AllowedPrincipalTags {
1815
1816 /// Optional. Container image signatures allowed in the token.
1817 pub container_image_signatures: std::option::Option<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>,
1818
1819 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1820 }
1821
1822 impl AllowedPrincipalTags {
1823 pub fn new() -> Self {
1824 std::default::Default::default()
1825 }
1826
1827 /// Sets the value of [container_image_signatures][crate::model::aws_principal_tags_options::AllowedPrincipalTags::container_image_signatures].
1828 ///
1829 /// # Example
1830 /// ```ignore,no_run
1831 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1832 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1833 /// let x = AllowedPrincipalTags::new().set_container_image_signatures(ContainerImageSignatures::default()/* use setters */);
1834 /// ```
1835 pub fn set_container_image_signatures<T>(mut self, v: T) -> Self
1836 where T: std::convert::Into<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>
1837 {
1838 self.container_image_signatures = std::option::Option::Some(v.into());
1839 self
1840 }
1841
1842 /// Sets or clears the value of [container_image_signatures][crate::model::aws_principal_tags_options::AllowedPrincipalTags::container_image_signatures].
1843 ///
1844 /// # Example
1845 /// ```ignore,no_run
1846 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1847 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1848 /// let x = AllowedPrincipalTags::new().set_or_clear_container_image_signatures(Some(ContainerImageSignatures::default()/* use setters */));
1849 /// let x = AllowedPrincipalTags::new().set_or_clear_container_image_signatures(None::<ContainerImageSignatures>);
1850 /// ```
1851 pub fn set_or_clear_container_image_signatures<T>(mut self, v: std::option::Option<T>) -> Self
1852 where T: std::convert::Into<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>
1853 {
1854 self.container_image_signatures = v.map(|x| x.into());
1855 self
1856 }
1857 }
1858
1859 impl wkt::message::Message for AllowedPrincipalTags {
1860 fn typename() -> &'static str {
1861 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions.AllowedPrincipalTags"
1862 }
1863 }
1864
1865 /// Defines additional types related to [AllowedPrincipalTags].
1866 pub mod allowed_principal_tags {
1867 #[allow(unused_imports)]
1868 use super::*;
1869
1870 /// Allowed Container Image Signatures. Key IDs are required to allow
1871 /// this claim to fit within the narrow AWS IAM restrictions.
1872 #[derive(Clone, Default, PartialEq)]
1873 #[non_exhaustive]
1874 pub struct ContainerImageSignatures {
1875 /// Optional. List of key ids to filter into the Principal tags. Only keys
1876 /// that have been validated and added to the token will be filtered into
1877 /// principal tags. Unrecognized key ids will be ignored.
1878 pub key_ids: std::vec::Vec<std::string::String>,
1879
1880 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1881 }
1882
1883 impl ContainerImageSignatures {
1884 pub fn new() -> Self {
1885 std::default::Default::default()
1886 }
1887
1888 /// Sets the value of [key_ids][crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures::key_ids].
1889 ///
1890 /// # Example
1891 /// ```ignore,no_run
1892 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1893 /// let x = ContainerImageSignatures::new().set_key_ids(["a", "b", "c"]);
1894 /// ```
1895 pub fn set_key_ids<T, V>(mut self, v: T) -> Self
1896 where
1897 T: std::iter::IntoIterator<Item = V>,
1898 V: std::convert::Into<std::string::String>,
1899 {
1900 use std::iter::Iterator;
1901 self.key_ids = v.into_iter().map(|i| i.into()).collect();
1902 self
1903 }
1904 }
1905
1906 impl wkt::message::Message for ContainerImageSignatures {
1907 fn typename() -> &'static str {
1908 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions.AllowedPrincipalTags.ContainerImageSignatures"
1909 }
1910 }
1911 }
1912}
1913
1914/// TPM2 data containing everything necessary to validate any platform state
1915/// measured into the TPM.
1916#[derive(Clone, Default, PartialEq)]
1917#[non_exhaustive]
1918pub struct TpmAttestation {
1919 /// TPM2 PCR Quotes generated by calling TPM2_Quote on each PCR bank.
1920 pub quotes: std::vec::Vec<crate::model::tpm_attestation::Quote>,
1921
1922 /// The binary TCG Event Log containing events measured into the TPM by the
1923 /// platform firmware and operating system. Formatted as described in the
1924 /// "TCG PC Client Platform Firmware Profile Specification".
1925 pub tcg_event_log: ::bytes::Bytes,
1926
1927 /// An Event Log containing additional events measured into the TPM that are
1928 /// not already present in the tcg_event_log. Formatted as described in the
1929 /// "Canonical Event Log Format" TCG Specification.
1930 pub canonical_event_log: ::bytes::Bytes,
1931
1932 /// DER-encoded X.509 certificate of the Attestation Key (otherwise known as
1933 /// an AK or a TPM restricted signing key) used to generate the quotes.
1934 pub ak_cert: ::bytes::Bytes,
1935
1936 /// List of DER-encoded X.509 certificates which, together with the ak_cert,
1937 /// chain back to a trusted Root Certificate.
1938 pub cert_chain: std::vec::Vec<::bytes::Bytes>,
1939
1940 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1941}
1942
1943impl TpmAttestation {
1944 pub fn new() -> Self {
1945 std::default::Default::default()
1946 }
1947
1948 /// Sets the value of [quotes][crate::model::TpmAttestation::quotes].
1949 ///
1950 /// # Example
1951 /// ```ignore,no_run
1952 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1953 /// use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
1954 /// let x = TpmAttestation::new()
1955 /// .set_quotes([
1956 /// Quote::default()/* use setters */,
1957 /// Quote::default()/* use (different) setters */,
1958 /// ]);
1959 /// ```
1960 pub fn set_quotes<T, V>(mut self, v: T) -> Self
1961 where
1962 T: std::iter::IntoIterator<Item = V>,
1963 V: std::convert::Into<crate::model::tpm_attestation::Quote>,
1964 {
1965 use std::iter::Iterator;
1966 self.quotes = v.into_iter().map(|i| i.into()).collect();
1967 self
1968 }
1969
1970 /// Sets the value of [tcg_event_log][crate::model::TpmAttestation::tcg_event_log].
1971 ///
1972 /// # Example
1973 /// ```ignore,no_run
1974 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1975 /// let x = TpmAttestation::new().set_tcg_event_log(bytes::Bytes::from_static(b"example"));
1976 /// ```
1977 pub fn set_tcg_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1978 self.tcg_event_log = v.into();
1979 self
1980 }
1981
1982 /// Sets the value of [canonical_event_log][crate::model::TpmAttestation::canonical_event_log].
1983 ///
1984 /// # Example
1985 /// ```ignore,no_run
1986 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1987 /// let x = TpmAttestation::new().set_canonical_event_log(bytes::Bytes::from_static(b"example"));
1988 /// ```
1989 pub fn set_canonical_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1990 self.canonical_event_log = v.into();
1991 self
1992 }
1993
1994 /// Sets the value of [ak_cert][crate::model::TpmAttestation::ak_cert].
1995 ///
1996 /// # Example
1997 /// ```ignore,no_run
1998 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1999 /// let x = TpmAttestation::new().set_ak_cert(bytes::Bytes::from_static(b"example"));
2000 /// ```
2001 pub fn set_ak_cert<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2002 self.ak_cert = v.into();
2003 self
2004 }
2005
2006 /// Sets the value of [cert_chain][crate::model::TpmAttestation::cert_chain].
2007 ///
2008 /// # Example
2009 /// ```ignore,no_run
2010 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2011 /// let b1 = bytes::Bytes::from_static(b"abc");
2012 /// let b2 = bytes::Bytes::from_static(b"xyz");
2013 /// let x = TpmAttestation::new().set_cert_chain([b1, b2]);
2014 /// ```
2015 pub fn set_cert_chain<T, V>(mut self, v: T) -> Self
2016 where
2017 T: std::iter::IntoIterator<Item = V>,
2018 V: std::convert::Into<::bytes::Bytes>,
2019 {
2020 use std::iter::Iterator;
2021 self.cert_chain = v.into_iter().map(|i| i.into()).collect();
2022 self
2023 }
2024}
2025
2026impl wkt::message::Message for TpmAttestation {
2027 fn typename() -> &'static str {
2028 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TpmAttestation"
2029 }
2030}
2031
2032/// Defines additional types related to [TpmAttestation].
2033pub mod tpm_attestation {
2034 #[allow(unused_imports)]
2035 use super::*;
2036
2037 /// Information about Platform Control Registers (PCRs) including a signature
2038 /// over their values, which can be used for remote validation.
2039 #[derive(Clone, Default, PartialEq)]
2040 #[non_exhaustive]
2041 pub struct Quote {
2042 /// The hash algorithm of the PCR bank being quoted, encoded as a TPM_ALG_ID
2043 pub hash_algo: i32,
2044
2045 /// Raw binary values of each PCRs being quoted.
2046 pub pcr_values: std::collections::HashMap<i32, ::bytes::Bytes>,
2047
2048 /// TPM2 quote, encoded as a TPMS_ATTEST
2049 pub raw_quote: ::bytes::Bytes,
2050
2051 /// TPM2 signature, encoded as a TPMT_SIGNATURE
2052 pub raw_signature: ::bytes::Bytes,
2053
2054 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2055 }
2056
2057 impl Quote {
2058 pub fn new() -> Self {
2059 std::default::Default::default()
2060 }
2061
2062 /// Sets the value of [hash_algo][crate::model::tpm_attestation::Quote::hash_algo].
2063 ///
2064 /// # Example
2065 /// ```ignore,no_run
2066 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2067 /// let x = Quote::new().set_hash_algo(42);
2068 /// ```
2069 pub fn set_hash_algo<T: std::convert::Into<i32>>(mut self, v: T) -> Self {
2070 self.hash_algo = v.into();
2071 self
2072 }
2073
2074 /// Sets the value of [pcr_values][crate::model::tpm_attestation::Quote::pcr_values].
2075 ///
2076 /// # Example
2077 /// ```ignore,no_run
2078 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2079 /// let x = Quote::new().set_pcr_values([
2080 /// (0, bytes::Bytes::from_static(b"abc")),
2081 /// (1, bytes::Bytes::from_static(b"xyz")),
2082 /// ]);
2083 /// ```
2084 pub fn set_pcr_values<T, K, V>(mut self, v: T) -> Self
2085 where
2086 T: std::iter::IntoIterator<Item = (K, V)>,
2087 K: std::convert::Into<i32>,
2088 V: std::convert::Into<::bytes::Bytes>,
2089 {
2090 use std::iter::Iterator;
2091 self.pcr_values = v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
2092 self
2093 }
2094
2095 /// Sets the value of [raw_quote][crate::model::tpm_attestation::Quote::raw_quote].
2096 ///
2097 /// # Example
2098 /// ```ignore,no_run
2099 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2100 /// let x = Quote::new().set_raw_quote(bytes::Bytes::from_static(b"example"));
2101 /// ```
2102 pub fn set_raw_quote<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2103 self.raw_quote = v.into();
2104 self
2105 }
2106
2107 /// Sets the value of [raw_signature][crate::model::tpm_attestation::Quote::raw_signature].
2108 ///
2109 /// # Example
2110 /// ```ignore,no_run
2111 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2112 /// let x = Quote::new().set_raw_signature(bytes::Bytes::from_static(b"example"));
2113 /// ```
2114 pub fn set_raw_signature<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2115 self.raw_signature = v.into();
2116 self
2117 }
2118 }
2119
2120 impl wkt::message::Message for Quote {
2121 fn typename() -> &'static str {
2122 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TpmAttestation.Quote"
2123 }
2124 }
2125}
2126
2127/// ConfidentialSpaceInfo contains information related to the Confidential Space
2128/// TEE.
2129#[derive(Clone, Default, PartialEq)]
2130#[non_exhaustive]
2131pub struct ConfidentialSpaceInfo {
2132 /// Optional. A list of signed entities containing container image signatures
2133 /// that can be used for server-side signature verification.
2134 pub signed_entities: std::vec::Vec<crate::model::SignedEntity>,
2135
2136 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2137}
2138
2139impl ConfidentialSpaceInfo {
2140 pub fn new() -> Self {
2141 std::default::Default::default()
2142 }
2143
2144 /// Sets the value of [signed_entities][crate::model::ConfidentialSpaceInfo::signed_entities].
2145 ///
2146 /// # Example
2147 /// ```ignore,no_run
2148 /// # use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
2149 /// use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2150 /// let x = ConfidentialSpaceInfo::new()
2151 /// .set_signed_entities([
2152 /// SignedEntity::default()/* use setters */,
2153 /// SignedEntity::default()/* use (different) setters */,
2154 /// ]);
2155 /// ```
2156 pub fn set_signed_entities<T, V>(mut self, v: T) -> Self
2157 where
2158 T: std::iter::IntoIterator<Item = V>,
2159 V: std::convert::Into<crate::model::SignedEntity>,
2160 {
2161 use std::iter::Iterator;
2162 self.signed_entities = v.into_iter().map(|i| i.into()).collect();
2163 self
2164 }
2165}
2166
2167impl wkt::message::Message for ConfidentialSpaceInfo {
2168 fn typename() -> &'static str {
2169 "type.googleapis.com/google.cloud.confidentialcomputing.v1.ConfidentialSpaceInfo"
2170 }
2171}
2172
2173/// SignedEntity represents an OCI image object containing everything necessary
2174/// to verify container image signatures.
2175#[derive(Clone, Default, PartialEq)]
2176#[non_exhaustive]
2177pub struct SignedEntity {
2178 /// Optional. A list of container image signatures attached to an OCI image
2179 /// object.
2180 pub container_image_signatures: std::vec::Vec<crate::model::ContainerImageSignature>,
2181
2182 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2183}
2184
2185impl SignedEntity {
2186 pub fn new() -> Self {
2187 std::default::Default::default()
2188 }
2189
2190 /// Sets the value of [container_image_signatures][crate::model::SignedEntity::container_image_signatures].
2191 ///
2192 /// # Example
2193 /// ```ignore,no_run
2194 /// # use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2195 /// use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2196 /// let x = SignedEntity::new()
2197 /// .set_container_image_signatures([
2198 /// ContainerImageSignature::default()/* use setters */,
2199 /// ContainerImageSignature::default()/* use (different) setters */,
2200 /// ]);
2201 /// ```
2202 pub fn set_container_image_signatures<T, V>(mut self, v: T) -> Self
2203 where
2204 T: std::iter::IntoIterator<Item = V>,
2205 V: std::convert::Into<crate::model::ContainerImageSignature>,
2206 {
2207 use std::iter::Iterator;
2208 self.container_image_signatures = v.into_iter().map(|i| i.into()).collect();
2209 self
2210 }
2211}
2212
2213impl wkt::message::Message for SignedEntity {
2214 fn typename() -> &'static str {
2215 "type.googleapis.com/google.cloud.confidentialcomputing.v1.SignedEntity"
2216 }
2217}
2218
2219/// ContainerImageSignature holds necessary metadata to verify a container image
2220/// signature.
2221#[derive(Clone, Default, PartialEq)]
2222#[non_exhaustive]
2223pub struct ContainerImageSignature {
2224 /// Optional. The binary signature payload following the SimpleSigning format
2225 /// <https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md#simple-signing>.
2226 /// This payload includes the container image digest.
2227 pub payload: ::bytes::Bytes,
2228
2229 /// Optional. A signature over the payload.
2230 /// The container image digest is incorporated into the signature as follows:
2231 ///
2232 /// 1. Generate a SimpleSigning format payload that includes the container
2233 /// image digest.
2234 /// 1. Generate a signature over SHA256 digest of the payload.
2235 /// The signature generation process can be represented as follows:
2236 /// `Sign(sha256(SimpleSigningPayload(sha256(Image Manifest))))`
2237 pub signature: ::bytes::Bytes,
2238
2239 /// Optional. Reserved for future use.
2240 pub public_key: ::bytes::Bytes,
2241
2242 /// Optional. Reserved for future use.
2243 pub sig_alg: crate::model::SigningAlgorithm,
2244
2245 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2246}
2247
2248impl ContainerImageSignature {
2249 pub fn new() -> Self {
2250 std::default::Default::default()
2251 }
2252
2253 /// Sets the value of [payload][crate::model::ContainerImageSignature::payload].
2254 ///
2255 /// # Example
2256 /// ```ignore,no_run
2257 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2258 /// let x = ContainerImageSignature::new().set_payload(bytes::Bytes::from_static(b"example"));
2259 /// ```
2260 pub fn set_payload<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2261 self.payload = v.into();
2262 self
2263 }
2264
2265 /// Sets the value of [signature][crate::model::ContainerImageSignature::signature].
2266 ///
2267 /// # Example
2268 /// ```ignore,no_run
2269 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2270 /// let x = ContainerImageSignature::new().set_signature(bytes::Bytes::from_static(b"example"));
2271 /// ```
2272 pub fn set_signature<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2273 self.signature = v.into();
2274 self
2275 }
2276
2277 /// Sets the value of [public_key][crate::model::ContainerImageSignature::public_key].
2278 ///
2279 /// # Example
2280 /// ```ignore,no_run
2281 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2282 /// let x = ContainerImageSignature::new().set_public_key(bytes::Bytes::from_static(b"example"));
2283 /// ```
2284 pub fn set_public_key<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2285 self.public_key = v.into();
2286 self
2287 }
2288
2289 /// Sets the value of [sig_alg][crate::model::ContainerImageSignature::sig_alg].
2290 ///
2291 /// # Example
2292 /// ```ignore,no_run
2293 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2294 /// use google_cloud_confidentialcomputing_v1::model::SigningAlgorithm;
2295 /// let x0 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::RsassaPssSha256);
2296 /// let x1 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::RsassaPkcs1V15Sha256);
2297 /// let x2 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::EcdsaP256Sha256);
2298 /// ```
2299 pub fn set_sig_alg<T: std::convert::Into<crate::model::SigningAlgorithm>>(
2300 mut self,
2301 v: T,
2302 ) -> Self {
2303 self.sig_alg = v.into();
2304 self
2305 }
2306}
2307
2308impl wkt::message::Message for ContainerImageSignature {
2309 fn typename() -> &'static str {
2310 "type.googleapis.com/google.cloud.confidentialcomputing.v1.ContainerImageSignature"
2311 }
2312}
2313
2314/// A request for an attestation token, providing all the necessary information
2315/// needed for this service to verify the platform state of the requestor.
2316#[derive(Clone, Default, PartialEq)]
2317#[non_exhaustive]
2318pub struct VerifyConfidentialSpaceRequest {
2319 /// Required. The name of the Challenge whose nonce was used to generate the
2320 /// attestation, in the format `projects/*/locations/*/challenges/*`. The
2321 /// provided Challenge will be consumed, and cannot be used again.
2322 pub challenge: std::string::String,
2323
2324 /// Optional. Credentials used to populate the "emails" claim in the
2325 /// claims_token. If not present, token will not contain the "emails" claim.
2326 pub gcp_credentials: std::option::Option<crate::model::GcpCredentials>,
2327
2328 /// Optional. A list of signed entities containing container image signatures
2329 /// that can be used for server-side signature verification.
2330 pub signed_entities: std::vec::Vec<crate::model::SignedEntity>,
2331
2332 /// Optional. Information about the associated Compute Engine instance.
2333 /// Required for td_ccel requests only - tpm_attestation requests will provide
2334 /// this information in the attestation.
2335 pub gce_shielded_identity: std::option::Option<crate::model::GceShieldedIdentity>,
2336
2337 /// Optional. A collection of fields that modify the token output.
2338 pub options: std::option::Option<
2339 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2340 >,
2341
2342 /// Optional. An optional Nvidia attestation report, used to populate hardware
2343 /// rooted claims for Nvidia devices.
2344 pub nvidia_attestation: std::option::Option<crate::model::NvidiaAttestation>,
2345
2346 /// Required. A tee attestation report, used to populate hardware rooted
2347 /// claims.
2348 pub tee_attestation:
2349 std::option::Option<crate::model::verify_confidential_space_request::TeeAttestation>,
2350
2351 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2352}
2353
2354impl VerifyConfidentialSpaceRequest {
2355 pub fn new() -> Self {
2356 std::default::Default::default()
2357 }
2358
2359 /// Sets the value of [challenge][crate::model::VerifyConfidentialSpaceRequest::challenge].
2360 ///
2361 /// # Example
2362 /// ```ignore,no_run
2363 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2364 /// let x = VerifyConfidentialSpaceRequest::new().set_challenge("example");
2365 /// ```
2366 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2367 self.challenge = v.into();
2368 self
2369 }
2370
2371 /// Sets the value of [gcp_credentials][crate::model::VerifyConfidentialSpaceRequest::gcp_credentials].
2372 ///
2373 /// # Example
2374 /// ```ignore,no_run
2375 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2376 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
2377 /// let x = VerifyConfidentialSpaceRequest::new().set_gcp_credentials(GcpCredentials::default()/* use setters */);
2378 /// ```
2379 pub fn set_gcp_credentials<T>(mut self, v: T) -> Self
2380 where
2381 T: std::convert::Into<crate::model::GcpCredentials>,
2382 {
2383 self.gcp_credentials = std::option::Option::Some(v.into());
2384 self
2385 }
2386
2387 /// Sets or clears the value of [gcp_credentials][crate::model::VerifyConfidentialSpaceRequest::gcp_credentials].
2388 ///
2389 /// # Example
2390 /// ```ignore,no_run
2391 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2392 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
2393 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gcp_credentials(Some(GcpCredentials::default()/* use setters */));
2394 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gcp_credentials(None::<GcpCredentials>);
2395 /// ```
2396 pub fn set_or_clear_gcp_credentials<T>(mut self, v: std::option::Option<T>) -> Self
2397 where
2398 T: std::convert::Into<crate::model::GcpCredentials>,
2399 {
2400 self.gcp_credentials = v.map(|x| x.into());
2401 self
2402 }
2403
2404 /// Sets the value of [signed_entities][crate::model::VerifyConfidentialSpaceRequest::signed_entities].
2405 ///
2406 /// # Example
2407 /// ```ignore,no_run
2408 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2409 /// use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2410 /// let x = VerifyConfidentialSpaceRequest::new()
2411 /// .set_signed_entities([
2412 /// SignedEntity::default()/* use setters */,
2413 /// SignedEntity::default()/* use (different) setters */,
2414 /// ]);
2415 /// ```
2416 pub fn set_signed_entities<T, V>(mut self, v: T) -> Self
2417 where
2418 T: std::iter::IntoIterator<Item = V>,
2419 V: std::convert::Into<crate::model::SignedEntity>,
2420 {
2421 use std::iter::Iterator;
2422 self.signed_entities = v.into_iter().map(|i| i.into()).collect();
2423 self
2424 }
2425
2426 /// Sets the value of [gce_shielded_identity][crate::model::VerifyConfidentialSpaceRequest::gce_shielded_identity].
2427 ///
2428 /// # Example
2429 /// ```ignore,no_run
2430 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2431 /// use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2432 /// let x = VerifyConfidentialSpaceRequest::new().set_gce_shielded_identity(GceShieldedIdentity::default()/* use setters */);
2433 /// ```
2434 pub fn set_gce_shielded_identity<T>(mut self, v: T) -> Self
2435 where
2436 T: std::convert::Into<crate::model::GceShieldedIdentity>,
2437 {
2438 self.gce_shielded_identity = std::option::Option::Some(v.into());
2439 self
2440 }
2441
2442 /// Sets or clears the value of [gce_shielded_identity][crate::model::VerifyConfidentialSpaceRequest::gce_shielded_identity].
2443 ///
2444 /// # Example
2445 /// ```ignore,no_run
2446 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2447 /// use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2448 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gce_shielded_identity(Some(GceShieldedIdentity::default()/* use setters */));
2449 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gce_shielded_identity(None::<GceShieldedIdentity>);
2450 /// ```
2451 pub fn set_or_clear_gce_shielded_identity<T>(mut self, v: std::option::Option<T>) -> Self
2452 where
2453 T: std::convert::Into<crate::model::GceShieldedIdentity>,
2454 {
2455 self.gce_shielded_identity = v.map(|x| x.into());
2456 self
2457 }
2458
2459 /// Sets the value of [options][crate::model::VerifyConfidentialSpaceRequest::options].
2460 ///
2461 /// # Example
2462 /// ```ignore,no_run
2463 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2464 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2465 /// let x = VerifyConfidentialSpaceRequest::new().set_options(ConfidentialSpaceOptions::default()/* use setters */);
2466 /// ```
2467 pub fn set_options<T>(mut self, v: T) -> Self
2468 where
2469 T: std::convert::Into<
2470 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2471 >,
2472 {
2473 self.options = std::option::Option::Some(v.into());
2474 self
2475 }
2476
2477 /// Sets or clears the value of [options][crate::model::VerifyConfidentialSpaceRequest::options].
2478 ///
2479 /// # Example
2480 /// ```ignore,no_run
2481 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2482 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2483 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_options(Some(ConfidentialSpaceOptions::default()/* use setters */));
2484 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_options(None::<ConfidentialSpaceOptions>);
2485 /// ```
2486 pub fn set_or_clear_options<T>(mut self, v: std::option::Option<T>) -> Self
2487 where
2488 T: std::convert::Into<
2489 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2490 >,
2491 {
2492 self.options = v.map(|x| x.into());
2493 self
2494 }
2495
2496 /// Sets the value of [nvidia_attestation][crate::model::VerifyConfidentialSpaceRequest::nvidia_attestation].
2497 ///
2498 /// # Example
2499 /// ```ignore,no_run
2500 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2501 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
2502 /// let x = VerifyConfidentialSpaceRequest::new().set_nvidia_attestation(NvidiaAttestation::default()/* use setters */);
2503 /// ```
2504 pub fn set_nvidia_attestation<T>(mut self, v: T) -> Self
2505 where
2506 T: std::convert::Into<crate::model::NvidiaAttestation>,
2507 {
2508 self.nvidia_attestation = std::option::Option::Some(v.into());
2509 self
2510 }
2511
2512 /// Sets or clears the value of [nvidia_attestation][crate::model::VerifyConfidentialSpaceRequest::nvidia_attestation].
2513 ///
2514 /// # Example
2515 /// ```ignore,no_run
2516 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2517 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
2518 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_nvidia_attestation(Some(NvidiaAttestation::default()/* use setters */));
2519 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_nvidia_attestation(None::<NvidiaAttestation>);
2520 /// ```
2521 pub fn set_or_clear_nvidia_attestation<T>(mut self, v: std::option::Option<T>) -> Self
2522 where
2523 T: std::convert::Into<crate::model::NvidiaAttestation>,
2524 {
2525 self.nvidia_attestation = v.map(|x| x.into());
2526 self
2527 }
2528
2529 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation].
2530 ///
2531 /// Note that all the setters affecting `tee_attestation` are mutually
2532 /// exclusive.
2533 ///
2534 /// # Example
2535 /// ```ignore,no_run
2536 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2537 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
2538 /// let x = VerifyConfidentialSpaceRequest::new().set_tee_attestation(Some(
2539 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::TeeAttestation::TdCcel(TdxCcelAttestation::default().into())));
2540 /// ```
2541 pub fn set_tee_attestation<
2542 T: std::convert::Into<
2543 std::option::Option<
2544 crate::model::verify_confidential_space_request::TeeAttestation,
2545 >,
2546 >,
2547 >(
2548 mut self,
2549 v: T,
2550 ) -> Self {
2551 self.tee_attestation = v.into();
2552 self
2553 }
2554
2555 /// The value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2556 /// if it holds a `TdCcel`, `None` if the field is not set or
2557 /// holds a different branch.
2558 pub fn td_ccel(
2559 &self,
2560 ) -> std::option::Option<&std::boxed::Box<crate::model::TdxCcelAttestation>> {
2561 #[allow(unreachable_patterns)]
2562 self.tee_attestation.as_ref().and_then(|v| match v {
2563 crate::model::verify_confidential_space_request::TeeAttestation::TdCcel(v) => {
2564 std::option::Option::Some(v)
2565 }
2566 _ => std::option::Option::None,
2567 })
2568 }
2569
2570 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2571 /// to hold a `TdCcel`.
2572 ///
2573 /// Note that all the setters affecting `tee_attestation` are
2574 /// mutually exclusive.
2575 ///
2576 /// # Example
2577 /// ```ignore,no_run
2578 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2579 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
2580 /// let x = VerifyConfidentialSpaceRequest::new().set_td_ccel(TdxCcelAttestation::default()/* use setters */);
2581 /// assert!(x.td_ccel().is_some());
2582 /// assert!(x.tpm_attestation().is_none());
2583 /// ```
2584 pub fn set_td_ccel<T: std::convert::Into<std::boxed::Box<crate::model::TdxCcelAttestation>>>(
2585 mut self,
2586 v: T,
2587 ) -> Self {
2588 self.tee_attestation = std::option::Option::Some(
2589 crate::model::verify_confidential_space_request::TeeAttestation::TdCcel(v.into()),
2590 );
2591 self
2592 }
2593
2594 /// The value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2595 /// if it holds a `TpmAttestation`, `None` if the field is not set or
2596 /// holds a different branch.
2597 pub fn tpm_attestation(
2598 &self,
2599 ) -> std::option::Option<&std::boxed::Box<crate::model::TpmAttestation>> {
2600 #[allow(unreachable_patterns)]
2601 self.tee_attestation.as_ref().and_then(|v| match v {
2602 crate::model::verify_confidential_space_request::TeeAttestation::TpmAttestation(v) => {
2603 std::option::Option::Some(v)
2604 }
2605 _ => std::option::Option::None,
2606 })
2607 }
2608
2609 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2610 /// to hold a `TpmAttestation`.
2611 ///
2612 /// Note that all the setters affecting `tee_attestation` are
2613 /// mutually exclusive.
2614 ///
2615 /// # Example
2616 /// ```ignore,no_run
2617 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2618 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2619 /// let x = VerifyConfidentialSpaceRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
2620 /// assert!(x.tpm_attestation().is_some());
2621 /// assert!(x.td_ccel().is_none());
2622 /// ```
2623 pub fn set_tpm_attestation<
2624 T: std::convert::Into<std::boxed::Box<crate::model::TpmAttestation>>,
2625 >(
2626 mut self,
2627 v: T,
2628 ) -> Self {
2629 self.tee_attestation = std::option::Option::Some(
2630 crate::model::verify_confidential_space_request::TeeAttestation::TpmAttestation(
2631 v.into(),
2632 ),
2633 );
2634 self
2635 }
2636}
2637
2638impl wkt::message::Message for VerifyConfidentialSpaceRequest {
2639 fn typename() -> &'static str {
2640 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceRequest"
2641 }
2642}
2643
2644/// Defines additional types related to [VerifyConfidentialSpaceRequest].
2645pub mod verify_confidential_space_request {
2646 #[allow(unused_imports)]
2647 use super::*;
2648
2649 /// Token options for Confidential Space attestation.
2650 #[derive(Clone, Default, PartialEq)]
2651 #[non_exhaustive]
2652 pub struct ConfidentialSpaceOptions {
2653
2654 /// Optional. Optional string to issue the token with a custom audience
2655 /// claim. Required if custom nonces are specified.
2656 pub audience: std::string::String,
2657
2658 /// Optional. Optional specification for token claims profile.
2659 pub token_profile: crate::model::TokenProfile,
2660
2661 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
2662 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
2663 /// bytes and the maximum size is 74 bytes.
2664 pub nonce: std::vec::Vec<std::string::String>,
2665
2666 /// Optional. Optional specification for how to sign the attestation token.
2667 /// Defaults to SIGNATURE_TYPE_OIDC if unspecified.
2668 pub signature_type: crate::model::SignatureType,
2669
2670 /// An optional additional configuration per token type.
2671 pub token_profile_options: std::option::Option<crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions>,
2672
2673 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2674 }
2675
2676 impl ConfidentialSpaceOptions {
2677 pub fn new() -> Self {
2678 std::default::Default::default()
2679 }
2680
2681 /// Sets the value of [audience][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::audience].
2682 ///
2683 /// # Example
2684 /// ```ignore,no_run
2685 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2686 /// let x = ConfidentialSpaceOptions::new().set_audience("example");
2687 /// ```
2688 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2689 self.audience = v.into();
2690 self
2691 }
2692
2693 /// Sets the value of [token_profile][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile].
2694 ///
2695 /// # Example
2696 /// ```ignore,no_run
2697 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2698 /// use google_cloud_confidentialcomputing_v1::model::TokenProfile;
2699 /// let x0 = ConfidentialSpaceOptions::new().set_token_profile(TokenProfile::DefaultEat);
2700 /// let x1 = ConfidentialSpaceOptions::new().set_token_profile(TokenProfile::Aws);
2701 /// ```
2702 pub fn set_token_profile<T: std::convert::Into<crate::model::TokenProfile>>(
2703 mut self,
2704 v: T,
2705 ) -> Self {
2706 self.token_profile = v.into();
2707 self
2708 }
2709
2710 /// Sets the value of [nonce][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::nonce].
2711 ///
2712 /// # Example
2713 /// ```ignore,no_run
2714 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2715 /// let x = ConfidentialSpaceOptions::new().set_nonce(["a", "b", "c"]);
2716 /// ```
2717 pub fn set_nonce<T, V>(mut self, v: T) -> Self
2718 where
2719 T: std::iter::IntoIterator<Item = V>,
2720 V: std::convert::Into<std::string::String>,
2721 {
2722 use std::iter::Iterator;
2723 self.nonce = v.into_iter().map(|i| i.into()).collect();
2724 self
2725 }
2726
2727 /// Sets the value of [signature_type][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::signature_type].
2728 ///
2729 /// # Example
2730 /// ```ignore,no_run
2731 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2732 /// use google_cloud_confidentialcomputing_v1::model::SignatureType;
2733 /// let x0 = ConfidentialSpaceOptions::new().set_signature_type(SignatureType::Oidc);
2734 /// let x1 = ConfidentialSpaceOptions::new().set_signature_type(SignatureType::Pki);
2735 /// ```
2736 pub fn set_signature_type<T: std::convert::Into<crate::model::SignatureType>>(
2737 mut self,
2738 v: T,
2739 ) -> Self {
2740 self.signature_type = v.into();
2741 self
2742 }
2743
2744 /// Sets the value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options].
2745 ///
2746 /// Note that all the setters affecting `token_profile_options` are mutually
2747 /// exclusive.
2748 ///
2749 /// # Example
2750 /// ```ignore,no_run
2751 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2752 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
2753 /// let x = ConfidentialSpaceOptions::new().set_token_profile_options(Some(
2754 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(AwsPrincipalTagsOptions::default().into())));
2755 /// ```
2756 pub fn set_token_profile_options<T: std::convert::Into<std::option::Option<crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions>>>(mut self, v: T) -> Self
2757 {
2758 self.token_profile_options = v.into();
2759 self
2760 }
2761
2762 /// The value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options]
2763 /// if it holds a `AwsPrincipalTagsOptions`, `None` if the field is not set or
2764 /// holds a different branch.
2765 pub fn aws_principal_tags_options(
2766 &self,
2767 ) -> std::option::Option<&std::boxed::Box<crate::model::AwsPrincipalTagsOptions>> {
2768 #[allow(unreachable_patterns)]
2769 self.token_profile_options.as_ref().and_then(|v| match v {
2770 crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(v) => std::option::Option::Some(v),
2771 _ => std::option::Option::None,
2772 })
2773 }
2774
2775 /// Sets the value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options]
2776 /// to hold a `AwsPrincipalTagsOptions`.
2777 ///
2778 /// Note that all the setters affecting `token_profile_options` are
2779 /// mutually exclusive.
2780 ///
2781 /// # Example
2782 /// ```ignore,no_run
2783 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2784 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
2785 /// let x = ConfidentialSpaceOptions::new().set_aws_principal_tags_options(AwsPrincipalTagsOptions::default()/* use setters */);
2786 /// assert!(x.aws_principal_tags_options().is_some());
2787 /// ```
2788 pub fn set_aws_principal_tags_options<
2789 T: std::convert::Into<std::boxed::Box<crate::model::AwsPrincipalTagsOptions>>,
2790 >(
2791 mut self,
2792 v: T,
2793 ) -> Self {
2794 self.token_profile_options = std::option::Option::Some(
2795 crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(
2796 v.into()
2797 )
2798 );
2799 self
2800 }
2801 }
2802
2803 impl wkt::message::Message for ConfidentialSpaceOptions {
2804 fn typename() -> &'static str {
2805 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceRequest.ConfidentialSpaceOptions"
2806 }
2807 }
2808
2809 /// Defines additional types related to [ConfidentialSpaceOptions].
2810 pub mod confidential_space_options {
2811 #[allow(unused_imports)]
2812 use super::*;
2813
2814 /// An optional additional configuration per token type.
2815 #[derive(Clone, Debug, PartialEq)]
2816 #[non_exhaustive]
2817 pub enum TokenProfileOptions {
2818 /// Optional. Options for the AWS token type.
2819 AwsPrincipalTagsOptions(std::boxed::Box<crate::model::AwsPrincipalTagsOptions>),
2820 }
2821 }
2822
2823 /// Required. A tee attestation report, used to populate hardware rooted
2824 /// claims.
2825 #[derive(Clone, Debug, PartialEq)]
2826 #[non_exhaustive]
2827 pub enum TeeAttestation {
2828 /// Input only. A TDX with CCEL and RTMR Attestation Quote.
2829 TdCcel(std::boxed::Box<crate::model::TdxCcelAttestation>),
2830 /// Input only. The TPM-specific data provided by the attesting platform,
2831 /// used to populate any of the claims regarding platform state.
2832 TpmAttestation(std::boxed::Box<crate::model::TpmAttestation>),
2833 }
2834}
2835
2836/// GceShieldedIdentity contains information about a Compute Engine instance.
2837#[derive(Clone, Default, PartialEq)]
2838#[non_exhaustive]
2839pub struct GceShieldedIdentity {
2840 /// Optional. DER-encoded X.509 certificate of the Attestation Key (otherwise
2841 /// known as an AK or a TPM restricted signing key) used to generate the
2842 /// quotes.
2843 pub ak_cert: ::bytes::Bytes,
2844
2845 /// Optional. List of DER-encoded X.509 certificates which, together with the
2846 /// ak_cert, chain back to a trusted Root Certificate.
2847 pub ak_cert_chain: std::vec::Vec<::bytes::Bytes>,
2848
2849 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2850}
2851
2852impl GceShieldedIdentity {
2853 pub fn new() -> Self {
2854 std::default::Default::default()
2855 }
2856
2857 /// Sets the value of [ak_cert][crate::model::GceShieldedIdentity::ak_cert].
2858 ///
2859 /// # Example
2860 /// ```ignore,no_run
2861 /// # use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2862 /// let x = GceShieldedIdentity::new().set_ak_cert(bytes::Bytes::from_static(b"example"));
2863 /// ```
2864 pub fn set_ak_cert<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2865 self.ak_cert = v.into();
2866 self
2867 }
2868
2869 /// Sets the value of [ak_cert_chain][crate::model::GceShieldedIdentity::ak_cert_chain].
2870 ///
2871 /// # Example
2872 /// ```ignore,no_run
2873 /// # use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2874 /// let b1 = bytes::Bytes::from_static(b"abc");
2875 /// let b2 = bytes::Bytes::from_static(b"xyz");
2876 /// let x = GceShieldedIdentity::new().set_ak_cert_chain([b1, b2]);
2877 /// ```
2878 pub fn set_ak_cert_chain<T, V>(mut self, v: T) -> Self
2879 where
2880 T: std::iter::IntoIterator<Item = V>,
2881 V: std::convert::Into<::bytes::Bytes>,
2882 {
2883 use std::iter::Iterator;
2884 self.ak_cert_chain = v.into_iter().map(|i| i.into()).collect();
2885 self
2886 }
2887}
2888
2889impl wkt::message::Message for GceShieldedIdentity {
2890 fn typename() -> &'static str {
2891 "type.googleapis.com/google.cloud.confidentialcomputing.v1.GceShieldedIdentity"
2892 }
2893}
2894
2895/// VerifyConfidentialSpaceResponse is returned once a Confidential Space
2896/// attestation has been successfully verified, containing a signed token.
2897#[derive(Clone, Default, PartialEq)]
2898#[non_exhaustive]
2899pub struct VerifyConfidentialSpaceResponse {
2900 /// Output only. The attestation token issued by this service. It contains
2901 /// specific platform claims based on the contents of the provided attestation.
2902 pub attestation_token: std::string::String,
2903
2904 /// Output only. A list of messages that carry the partial error details
2905 /// related to VerifyConfidentialSpace. This field is populated by errors
2906 /// during container image signature verification, which may reflect problems
2907 /// in the provided image signatures. This does not block the issuing of an
2908 /// attestation token, but the token will not contain claims for the failed
2909 /// image signatures.
2910 pub partial_errors: std::vec::Vec<google_cloud_rpc::model::Status>,
2911
2912 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2913}
2914
2915impl VerifyConfidentialSpaceResponse {
2916 pub fn new() -> Self {
2917 std::default::Default::default()
2918 }
2919
2920 /// Sets the value of [attestation_token][crate::model::VerifyConfidentialSpaceResponse::attestation_token].
2921 ///
2922 /// # Example
2923 /// ```ignore,no_run
2924 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceResponse;
2925 /// let x = VerifyConfidentialSpaceResponse::new().set_attestation_token("example");
2926 /// ```
2927 pub fn set_attestation_token<T: std::convert::Into<std::string::String>>(
2928 mut self,
2929 v: T,
2930 ) -> Self {
2931 self.attestation_token = v.into();
2932 self
2933 }
2934
2935 /// Sets the value of [partial_errors][crate::model::VerifyConfidentialSpaceResponse::partial_errors].
2936 ///
2937 /// # Example
2938 /// ```ignore,no_run
2939 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceResponse;
2940 /// use google_cloud_rpc::model::Status;
2941 /// let x = VerifyConfidentialSpaceResponse::new()
2942 /// .set_partial_errors([
2943 /// Status::default()/* use setters */,
2944 /// Status::default()/* use (different) setters */,
2945 /// ]);
2946 /// ```
2947 pub fn set_partial_errors<T, V>(mut self, v: T) -> Self
2948 where
2949 T: std::iter::IntoIterator<Item = V>,
2950 V: std::convert::Into<google_cloud_rpc::model::Status>,
2951 {
2952 use std::iter::Iterator;
2953 self.partial_errors = v.into_iter().map(|i| i.into()).collect();
2954 self
2955 }
2956}
2957
2958impl wkt::message::Message for VerifyConfidentialSpaceResponse {
2959 fn typename() -> &'static str {
2960 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceResponse"
2961 }
2962}
2963
2964/// A request for an attestation token, providing all the necessary information
2965/// needed for this service to verify Confidential GKE platform state of the
2966/// requestor.
2967#[derive(Clone, Default, PartialEq)]
2968#[non_exhaustive]
2969pub struct VerifyConfidentialGkeRequest {
2970 /// Required. The name of the Challenge whose nonce was used to generate the
2971 /// attestation, in the format projects/*/locations/*/challenges/*. The
2972 /// provided Challenge will be consumed, and cannot be used again.
2973 pub challenge: std::string::String,
2974
2975 /// Optional. A collection of fields that modify the token output.
2976 pub options:
2977 std::option::Option<crate::model::verify_confidential_gke_request::ConfidentialGkeOptions>,
2978
2979 /// Required. A tee attestation report, used to populate hardware rooted
2980 /// claims.
2981 pub tee_attestation:
2982 std::option::Option<crate::model::verify_confidential_gke_request::TeeAttestation>,
2983
2984 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2985}
2986
2987impl VerifyConfidentialGkeRequest {
2988 pub fn new() -> Self {
2989 std::default::Default::default()
2990 }
2991
2992 /// Sets the value of [challenge][crate::model::VerifyConfidentialGkeRequest::challenge].
2993 ///
2994 /// # Example
2995 /// ```ignore,no_run
2996 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
2997 /// let x = VerifyConfidentialGkeRequest::new().set_challenge("example");
2998 /// ```
2999 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
3000 self.challenge = v.into();
3001 self
3002 }
3003
3004 /// Sets the value of [options][crate::model::VerifyConfidentialGkeRequest::options].
3005 ///
3006 /// # Example
3007 /// ```ignore,no_run
3008 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3009 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3010 /// let x = VerifyConfidentialGkeRequest::new().set_options(ConfidentialGkeOptions::default()/* use setters */);
3011 /// ```
3012 pub fn set_options<T>(mut self, v: T) -> Self
3013 where
3014 T: std::convert::Into<
3015 crate::model::verify_confidential_gke_request::ConfidentialGkeOptions,
3016 >,
3017 {
3018 self.options = std::option::Option::Some(v.into());
3019 self
3020 }
3021
3022 /// Sets or clears the value of [options][crate::model::VerifyConfidentialGkeRequest::options].
3023 ///
3024 /// # Example
3025 /// ```ignore,no_run
3026 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3027 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3028 /// let x = VerifyConfidentialGkeRequest::new().set_or_clear_options(Some(ConfidentialGkeOptions::default()/* use setters */));
3029 /// let x = VerifyConfidentialGkeRequest::new().set_or_clear_options(None::<ConfidentialGkeOptions>);
3030 /// ```
3031 pub fn set_or_clear_options<T>(mut self, v: std::option::Option<T>) -> Self
3032 where
3033 T: std::convert::Into<
3034 crate::model::verify_confidential_gke_request::ConfidentialGkeOptions,
3035 >,
3036 {
3037 self.options = v.map(|x| x.into());
3038 self
3039 }
3040
3041 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation].
3042 ///
3043 /// Note that all the setters affecting `tee_attestation` are mutually
3044 /// exclusive.
3045 ///
3046 /// # Example
3047 /// ```ignore,no_run
3048 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3049 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
3050 /// let x = VerifyConfidentialGkeRequest::new().set_tee_attestation(Some(
3051 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(TpmAttestation::default().into())));
3052 /// ```
3053 pub fn set_tee_attestation<
3054 T: std::convert::Into<
3055 std::option::Option<crate::model::verify_confidential_gke_request::TeeAttestation>,
3056 >,
3057 >(
3058 mut self,
3059 v: T,
3060 ) -> Self {
3061 self.tee_attestation = v.into();
3062 self
3063 }
3064
3065 /// The value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation]
3066 /// if it holds a `TpmAttestation`, `None` if the field is not set or
3067 /// holds a different branch.
3068 pub fn tpm_attestation(
3069 &self,
3070 ) -> std::option::Option<&std::boxed::Box<crate::model::TpmAttestation>> {
3071 #[allow(unreachable_patterns)]
3072 self.tee_attestation.as_ref().and_then(|v| match v {
3073 crate::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(v) => {
3074 std::option::Option::Some(v)
3075 }
3076 _ => std::option::Option::None,
3077 })
3078 }
3079
3080 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation]
3081 /// to hold a `TpmAttestation`.
3082 ///
3083 /// Note that all the setters affecting `tee_attestation` are
3084 /// mutually exclusive.
3085 ///
3086 /// # Example
3087 /// ```ignore,no_run
3088 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3089 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
3090 /// let x = VerifyConfidentialGkeRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
3091 /// assert!(x.tpm_attestation().is_some());
3092 /// ```
3093 pub fn set_tpm_attestation<
3094 T: std::convert::Into<std::boxed::Box<crate::model::TpmAttestation>>,
3095 >(
3096 mut self,
3097 v: T,
3098 ) -> Self {
3099 self.tee_attestation = std::option::Option::Some(
3100 crate::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(v.into()),
3101 );
3102 self
3103 }
3104}
3105
3106impl wkt::message::Message for VerifyConfidentialGkeRequest {
3107 fn typename() -> &'static str {
3108 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeRequest"
3109 }
3110}
3111
3112/// Defines additional types related to [VerifyConfidentialGkeRequest].
3113pub mod verify_confidential_gke_request {
3114 #[allow(unused_imports)]
3115 use super::*;
3116
3117 /// Token options for Confidential GKE attestation.
3118 #[derive(Clone, Default, PartialEq)]
3119 #[non_exhaustive]
3120 pub struct ConfidentialGkeOptions {
3121 /// Optional. Optional string to issue the token with a custom audience
3122 /// claim. Required if custom nonces are specified.
3123 pub audience: std::string::String,
3124
3125 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
3126 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
3127 /// bytes and the maximum size is 74 bytes.
3128 pub nonce: std::vec::Vec<std::string::String>,
3129
3130 /// Optional. Optional specification for how to sign the attestation token.
3131 /// Defaults to SIGNATURE_TYPE_OIDC if unspecified.
3132 pub signature_type: crate::model::SignatureType,
3133
3134 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
3135 }
3136
3137 impl ConfidentialGkeOptions {
3138 pub fn new() -> Self {
3139 std::default::Default::default()
3140 }
3141
3142 /// Sets the value of [audience][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::audience].
3143 ///
3144 /// # Example
3145 /// ```ignore,no_run
3146 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3147 /// let x = ConfidentialGkeOptions::new().set_audience("example");
3148 /// ```
3149 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
3150 self.audience = v.into();
3151 self
3152 }
3153
3154 /// Sets the value of [nonce][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::nonce].
3155 ///
3156 /// # Example
3157 /// ```ignore,no_run
3158 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3159 /// let x = ConfidentialGkeOptions::new().set_nonce(["a", "b", "c"]);
3160 /// ```
3161 pub fn set_nonce<T, V>(mut self, v: T) -> Self
3162 where
3163 T: std::iter::IntoIterator<Item = V>,
3164 V: std::convert::Into<std::string::String>,
3165 {
3166 use std::iter::Iterator;
3167 self.nonce = v.into_iter().map(|i| i.into()).collect();
3168 self
3169 }
3170
3171 /// Sets the value of [signature_type][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::signature_type].
3172 ///
3173 /// # Example
3174 /// ```ignore,no_run
3175 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3176 /// use google_cloud_confidentialcomputing_v1::model::SignatureType;
3177 /// let x0 = ConfidentialGkeOptions::new().set_signature_type(SignatureType::Oidc);
3178 /// let x1 = ConfidentialGkeOptions::new().set_signature_type(SignatureType::Pki);
3179 /// ```
3180 pub fn set_signature_type<T: std::convert::Into<crate::model::SignatureType>>(
3181 mut self,
3182 v: T,
3183 ) -> Self {
3184 self.signature_type = v.into();
3185 self
3186 }
3187 }
3188
3189 impl wkt::message::Message for ConfidentialGkeOptions {
3190 fn typename() -> &'static str {
3191 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeRequest.ConfidentialGkeOptions"
3192 }
3193 }
3194
3195 /// Required. A tee attestation report, used to populate hardware rooted
3196 /// claims.
3197 #[derive(Clone, Debug, PartialEq)]
3198 #[non_exhaustive]
3199 pub enum TeeAttestation {
3200 /// The TPM-specific data provided by the attesting platform, used to
3201 /// populate any of the claims regarding platform state.
3202 TpmAttestation(std::boxed::Box<crate::model::TpmAttestation>),
3203 }
3204}
3205
3206/// VerifyConfidentialGkeResponse response is returened once a Confidential GKE
3207/// attestation has been successfully verified, containing a signed OIDC token.
3208#[derive(Clone, Default, PartialEq)]
3209#[non_exhaustive]
3210pub struct VerifyConfidentialGkeResponse {
3211 /// Output only. The attestation token issued by this service for Confidential
3212 /// GKE. It contains specific platform claims based on the contents of the
3213 /// provided attestation.
3214 pub attestation_token: std::string::String,
3215
3216 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
3217}
3218
3219impl VerifyConfidentialGkeResponse {
3220 pub fn new() -> Self {
3221 std::default::Default::default()
3222 }
3223
3224 /// Sets the value of [attestation_token][crate::model::VerifyConfidentialGkeResponse::attestation_token].
3225 ///
3226 /// # Example
3227 /// ```ignore,no_run
3228 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeResponse;
3229 /// let x = VerifyConfidentialGkeResponse::new().set_attestation_token("example");
3230 /// ```
3231 pub fn set_attestation_token<T: std::convert::Into<std::string::String>>(
3232 mut self,
3233 v: T,
3234 ) -> Self {
3235 self.attestation_token = v.into();
3236 self
3237 }
3238}
3239
3240impl wkt::message::Message for VerifyConfidentialGkeResponse {
3241 fn typename() -> &'static str {
3242 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeResponse"
3243 }
3244}
3245
3246/// SigningAlgorithm enumerates all the supported signing algorithms.
3247///
3248/// # Working with unknown values
3249///
3250/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3251/// additional enum variants at any time. Adding new variants is not considered
3252/// a breaking change. Applications should write their code in anticipation of:
3253///
3254/// - New values appearing in future releases of the client library, **and**
3255/// - New values received dynamically, without application changes.
3256///
3257/// Please consult the [Working with enums] section in the user guide for some
3258/// guidelines.
3259///
3260/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3261#[derive(Clone, Debug, PartialEq)]
3262#[non_exhaustive]
3263pub enum SigningAlgorithm {
3264 /// Unspecified signing algorithm.
3265 Unspecified,
3266 /// RSASSA-PSS with a SHA256 digest.
3267 RsassaPssSha256,
3268 /// RSASSA-PKCS1 v1.5 with a SHA256 digest.
3269 RsassaPkcs1V15Sha256,
3270 /// ECDSA on the P-256 Curve with a SHA256 digest.
3271 EcdsaP256Sha256,
3272 /// If set, the enum was initialized with an unknown value.
3273 ///
3274 /// Applications can examine the value using [SigningAlgorithm::value] or
3275 /// [SigningAlgorithm::name].
3276 UnknownValue(signing_algorithm::UnknownValue),
3277}
3278
3279#[doc(hidden)]
3280pub mod signing_algorithm {
3281 #[allow(unused_imports)]
3282 use super::*;
3283 #[derive(Clone, Debug, PartialEq)]
3284 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3285}
3286
3287impl SigningAlgorithm {
3288 /// Gets the enum value.
3289 ///
3290 /// Returns `None` if the enum contains an unknown value deserialized from
3291 /// the string representation of enums.
3292 pub fn value(&self) -> std::option::Option<i32> {
3293 match self {
3294 Self::Unspecified => std::option::Option::Some(0),
3295 Self::RsassaPssSha256 => std::option::Option::Some(1),
3296 Self::RsassaPkcs1V15Sha256 => std::option::Option::Some(2),
3297 Self::EcdsaP256Sha256 => std::option::Option::Some(3),
3298 Self::UnknownValue(u) => u.0.value(),
3299 }
3300 }
3301
3302 /// Gets the enum value as a string.
3303 ///
3304 /// Returns `None` if the enum contains an unknown value deserialized from
3305 /// the integer representation of enums.
3306 pub fn name(&self) -> std::option::Option<&str> {
3307 match self {
3308 Self::Unspecified => std::option::Option::Some("SIGNING_ALGORITHM_UNSPECIFIED"),
3309 Self::RsassaPssSha256 => std::option::Option::Some("RSASSA_PSS_SHA256"),
3310 Self::RsassaPkcs1V15Sha256 => std::option::Option::Some("RSASSA_PKCS1V15_SHA256"),
3311 Self::EcdsaP256Sha256 => std::option::Option::Some("ECDSA_P256_SHA256"),
3312 Self::UnknownValue(u) => u.0.name(),
3313 }
3314 }
3315}
3316
3317impl std::default::Default for SigningAlgorithm {
3318 fn default() -> Self {
3319 use std::convert::From;
3320 Self::from(0)
3321 }
3322}
3323
3324impl std::fmt::Display for SigningAlgorithm {
3325 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3326 wkt::internal::display_enum(f, self.name(), self.value())
3327 }
3328}
3329
3330impl std::convert::From<i32> for SigningAlgorithm {
3331 fn from(value: i32) -> Self {
3332 match value {
3333 0 => Self::Unspecified,
3334 1 => Self::RsassaPssSha256,
3335 2 => Self::RsassaPkcs1V15Sha256,
3336 3 => Self::EcdsaP256Sha256,
3337 _ => Self::UnknownValue(signing_algorithm::UnknownValue(
3338 wkt::internal::UnknownEnumValue::Integer(value),
3339 )),
3340 }
3341 }
3342}
3343
3344impl std::convert::From<&str> for SigningAlgorithm {
3345 fn from(value: &str) -> Self {
3346 use std::string::ToString;
3347 match value {
3348 "SIGNING_ALGORITHM_UNSPECIFIED" => Self::Unspecified,
3349 "RSASSA_PSS_SHA256" => Self::RsassaPssSha256,
3350 "RSASSA_PKCS1V15_SHA256" => Self::RsassaPkcs1V15Sha256,
3351 "ECDSA_P256_SHA256" => Self::EcdsaP256Sha256,
3352 _ => Self::UnknownValue(signing_algorithm::UnknownValue(
3353 wkt::internal::UnknownEnumValue::String(value.to_string()),
3354 )),
3355 }
3356 }
3357}
3358
3359impl serde::ser::Serialize for SigningAlgorithm {
3360 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3361 where
3362 S: serde::Serializer,
3363 {
3364 match self {
3365 Self::Unspecified => serializer.serialize_i32(0),
3366 Self::RsassaPssSha256 => serializer.serialize_i32(1),
3367 Self::RsassaPkcs1V15Sha256 => serializer.serialize_i32(2),
3368 Self::EcdsaP256Sha256 => serializer.serialize_i32(3),
3369 Self::UnknownValue(u) => u.0.serialize(serializer),
3370 }
3371 }
3372}
3373
3374impl<'de> serde::de::Deserialize<'de> for SigningAlgorithm {
3375 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3376 where
3377 D: serde::Deserializer<'de>,
3378 {
3379 deserializer.deserialize_any(wkt::internal::EnumVisitor::<SigningAlgorithm>::new(
3380 ".google.cloud.confidentialcomputing.v1.SigningAlgorithm",
3381 ))
3382 }
3383}
3384
3385/// Token type enum contains the different types of token responses Confidential
3386/// Space supports
3387///
3388/// # Working with unknown values
3389///
3390/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3391/// additional enum variants at any time. Adding new variants is not considered
3392/// a breaking change. Applications should write their code in anticipation of:
3393///
3394/// - New values appearing in future releases of the client library, **and**
3395/// - New values received dynamically, without application changes.
3396///
3397/// Please consult the [Working with enums] section in the user guide for some
3398/// guidelines.
3399///
3400/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3401#[derive(Clone, Debug, PartialEq)]
3402#[non_exhaustive]
3403pub enum TokenType {
3404 /// Unspecified token type
3405 Unspecified,
3406 /// OpenID Connect (OIDC) token type
3407 Oidc,
3408 /// Public Key Infrastructure (PKI) token type
3409 Pki,
3410 /// Limited claim token type for AWS integration
3411 LimitedAws,
3412 /// Principal-tag-based token for AWS integration
3413 AwsPrincipaltags,
3414 /// If set, the enum was initialized with an unknown value.
3415 ///
3416 /// Applications can examine the value using [TokenType::value] or
3417 /// [TokenType::name].
3418 UnknownValue(token_type::UnknownValue),
3419}
3420
3421#[doc(hidden)]
3422pub mod token_type {
3423 #[allow(unused_imports)]
3424 use super::*;
3425 #[derive(Clone, Debug, PartialEq)]
3426 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3427}
3428
3429impl TokenType {
3430 /// Gets the enum value.
3431 ///
3432 /// Returns `None` if the enum contains an unknown value deserialized from
3433 /// the string representation of enums.
3434 pub fn value(&self) -> std::option::Option<i32> {
3435 match self {
3436 Self::Unspecified => std::option::Option::Some(0),
3437 Self::Oidc => std::option::Option::Some(1),
3438 Self::Pki => std::option::Option::Some(2),
3439 Self::LimitedAws => std::option::Option::Some(3),
3440 Self::AwsPrincipaltags => std::option::Option::Some(4),
3441 Self::UnknownValue(u) => u.0.value(),
3442 }
3443 }
3444
3445 /// Gets the enum value as a string.
3446 ///
3447 /// Returns `None` if the enum contains an unknown value deserialized from
3448 /// the integer representation of enums.
3449 pub fn name(&self) -> std::option::Option<&str> {
3450 match self {
3451 Self::Unspecified => std::option::Option::Some("TOKEN_TYPE_UNSPECIFIED"),
3452 Self::Oidc => std::option::Option::Some("TOKEN_TYPE_OIDC"),
3453 Self::Pki => std::option::Option::Some("TOKEN_TYPE_PKI"),
3454 Self::LimitedAws => std::option::Option::Some("TOKEN_TYPE_LIMITED_AWS"),
3455 Self::AwsPrincipaltags => std::option::Option::Some("TOKEN_TYPE_AWS_PRINCIPALTAGS"),
3456 Self::UnknownValue(u) => u.0.name(),
3457 }
3458 }
3459}
3460
3461impl std::default::Default for TokenType {
3462 fn default() -> Self {
3463 use std::convert::From;
3464 Self::from(0)
3465 }
3466}
3467
3468impl std::fmt::Display for TokenType {
3469 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3470 wkt::internal::display_enum(f, self.name(), self.value())
3471 }
3472}
3473
3474impl std::convert::From<i32> for TokenType {
3475 fn from(value: i32) -> Self {
3476 match value {
3477 0 => Self::Unspecified,
3478 1 => Self::Oidc,
3479 2 => Self::Pki,
3480 3 => Self::LimitedAws,
3481 4 => Self::AwsPrincipaltags,
3482 _ => Self::UnknownValue(token_type::UnknownValue(
3483 wkt::internal::UnknownEnumValue::Integer(value),
3484 )),
3485 }
3486 }
3487}
3488
3489impl std::convert::From<&str> for TokenType {
3490 fn from(value: &str) -> Self {
3491 use std::string::ToString;
3492 match value {
3493 "TOKEN_TYPE_UNSPECIFIED" => Self::Unspecified,
3494 "TOKEN_TYPE_OIDC" => Self::Oidc,
3495 "TOKEN_TYPE_PKI" => Self::Pki,
3496 "TOKEN_TYPE_LIMITED_AWS" => Self::LimitedAws,
3497 "TOKEN_TYPE_AWS_PRINCIPALTAGS" => Self::AwsPrincipaltags,
3498 _ => Self::UnknownValue(token_type::UnknownValue(
3499 wkt::internal::UnknownEnumValue::String(value.to_string()),
3500 )),
3501 }
3502 }
3503}
3504
3505impl serde::ser::Serialize for TokenType {
3506 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3507 where
3508 S: serde::Serializer,
3509 {
3510 match self {
3511 Self::Unspecified => serializer.serialize_i32(0),
3512 Self::Oidc => serializer.serialize_i32(1),
3513 Self::Pki => serializer.serialize_i32(2),
3514 Self::LimitedAws => serializer.serialize_i32(3),
3515 Self::AwsPrincipaltags => serializer.serialize_i32(4),
3516 Self::UnknownValue(u) => u.0.serialize(serializer),
3517 }
3518 }
3519}
3520
3521impl<'de> serde::de::Deserialize<'de> for TokenType {
3522 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3523 where
3524 D: serde::Deserializer<'de>,
3525 {
3526 deserializer.deserialize_any(wkt::internal::EnumVisitor::<TokenType>::new(
3527 ".google.cloud.confidentialcomputing.v1.TokenType",
3528 ))
3529 }
3530}
3531
3532/// SignatureType enumerates supported signature types for attestation tokens.
3533///
3534/// # Working with unknown values
3535///
3536/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3537/// additional enum variants at any time. Adding new variants is not considered
3538/// a breaking change. Applications should write their code in anticipation of:
3539///
3540/// - New values appearing in future releases of the client library, **and**
3541/// - New values received dynamically, without application changes.
3542///
3543/// Please consult the [Working with enums] section in the user guide for some
3544/// guidelines.
3545///
3546/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3547#[derive(Clone, Debug, PartialEq)]
3548#[non_exhaustive]
3549pub enum SignatureType {
3550 /// Unspecified signature type.
3551 Unspecified,
3552 /// Google OIDC signature.
3553 Oidc,
3554 /// Public Key Infrastructure (PKI) signature.
3555 Pki,
3556 /// If set, the enum was initialized with an unknown value.
3557 ///
3558 /// Applications can examine the value using [SignatureType::value] or
3559 /// [SignatureType::name].
3560 UnknownValue(signature_type::UnknownValue),
3561}
3562
3563#[doc(hidden)]
3564pub mod signature_type {
3565 #[allow(unused_imports)]
3566 use super::*;
3567 #[derive(Clone, Debug, PartialEq)]
3568 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3569}
3570
3571impl SignatureType {
3572 /// Gets the enum value.
3573 ///
3574 /// Returns `None` if the enum contains an unknown value deserialized from
3575 /// the string representation of enums.
3576 pub fn value(&self) -> std::option::Option<i32> {
3577 match self {
3578 Self::Unspecified => std::option::Option::Some(0),
3579 Self::Oidc => std::option::Option::Some(1),
3580 Self::Pki => std::option::Option::Some(2),
3581 Self::UnknownValue(u) => u.0.value(),
3582 }
3583 }
3584
3585 /// Gets the enum value as a string.
3586 ///
3587 /// Returns `None` if the enum contains an unknown value deserialized from
3588 /// the integer representation of enums.
3589 pub fn name(&self) -> std::option::Option<&str> {
3590 match self {
3591 Self::Unspecified => std::option::Option::Some("SIGNATURE_TYPE_UNSPECIFIED"),
3592 Self::Oidc => std::option::Option::Some("SIGNATURE_TYPE_OIDC"),
3593 Self::Pki => std::option::Option::Some("SIGNATURE_TYPE_PKI"),
3594 Self::UnknownValue(u) => u.0.name(),
3595 }
3596 }
3597}
3598
3599impl std::default::Default for SignatureType {
3600 fn default() -> Self {
3601 use std::convert::From;
3602 Self::from(0)
3603 }
3604}
3605
3606impl std::fmt::Display for SignatureType {
3607 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3608 wkt::internal::display_enum(f, self.name(), self.value())
3609 }
3610}
3611
3612impl std::convert::From<i32> for SignatureType {
3613 fn from(value: i32) -> Self {
3614 match value {
3615 0 => Self::Unspecified,
3616 1 => Self::Oidc,
3617 2 => Self::Pki,
3618 _ => Self::UnknownValue(signature_type::UnknownValue(
3619 wkt::internal::UnknownEnumValue::Integer(value),
3620 )),
3621 }
3622 }
3623}
3624
3625impl std::convert::From<&str> for SignatureType {
3626 fn from(value: &str) -> Self {
3627 use std::string::ToString;
3628 match value {
3629 "SIGNATURE_TYPE_UNSPECIFIED" => Self::Unspecified,
3630 "SIGNATURE_TYPE_OIDC" => Self::Oidc,
3631 "SIGNATURE_TYPE_PKI" => Self::Pki,
3632 _ => Self::UnknownValue(signature_type::UnknownValue(
3633 wkt::internal::UnknownEnumValue::String(value.to_string()),
3634 )),
3635 }
3636 }
3637}
3638
3639impl serde::ser::Serialize for SignatureType {
3640 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3641 where
3642 S: serde::Serializer,
3643 {
3644 match self {
3645 Self::Unspecified => serializer.serialize_i32(0),
3646 Self::Oidc => serializer.serialize_i32(1),
3647 Self::Pki => serializer.serialize_i32(2),
3648 Self::UnknownValue(u) => u.0.serialize(serializer),
3649 }
3650 }
3651}
3652
3653impl<'de> serde::de::Deserialize<'de> for SignatureType {
3654 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3655 where
3656 D: serde::Deserializer<'de>,
3657 {
3658 deserializer.deserialize_any(wkt::internal::EnumVisitor::<SignatureType>::new(
3659 ".google.cloud.confidentialcomputing.v1.SignatureType",
3660 ))
3661 }
3662}
3663
3664/// TokenProfile enumerates the supported token claims profiles.
3665///
3666/// # Working with unknown values
3667///
3668/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3669/// additional enum variants at any time. Adding new variants is not considered
3670/// a breaking change. Applications should write their code in anticipation of:
3671///
3672/// - New values appearing in future releases of the client library, **and**
3673/// - New values received dynamically, without application changes.
3674///
3675/// Please consult the [Working with enums] section in the user guide for some
3676/// guidelines.
3677///
3678/// [Working with enums]: https://google-cloud-rust.github.io/working_with_enums.html
3679#[derive(Clone, Debug, PartialEq)]
3680#[non_exhaustive]
3681pub enum TokenProfile {
3682 /// Unspecified token profile.
3683 Unspecified,
3684 /// EAT claims.
3685 DefaultEat,
3686 /// AWS Principal Tags claims.
3687 Aws,
3688 /// If set, the enum was initialized with an unknown value.
3689 ///
3690 /// Applications can examine the value using [TokenProfile::value] or
3691 /// [TokenProfile::name].
3692 UnknownValue(token_profile::UnknownValue),
3693}
3694
3695#[doc(hidden)]
3696pub mod token_profile {
3697 #[allow(unused_imports)]
3698 use super::*;
3699 #[derive(Clone, Debug, PartialEq)]
3700 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3701}
3702
3703impl TokenProfile {
3704 /// Gets the enum value.
3705 ///
3706 /// Returns `None` if the enum contains an unknown value deserialized from
3707 /// the string representation of enums.
3708 pub fn value(&self) -> std::option::Option<i32> {
3709 match self {
3710 Self::Unspecified => std::option::Option::Some(0),
3711 Self::DefaultEat => std::option::Option::Some(1),
3712 Self::Aws => std::option::Option::Some(2),
3713 Self::UnknownValue(u) => u.0.value(),
3714 }
3715 }
3716
3717 /// Gets the enum value as a string.
3718 ///
3719 /// Returns `None` if the enum contains an unknown value deserialized from
3720 /// the integer representation of enums.
3721 pub fn name(&self) -> std::option::Option<&str> {
3722 match self {
3723 Self::Unspecified => std::option::Option::Some("TOKEN_PROFILE_UNSPECIFIED"),
3724 Self::DefaultEat => std::option::Option::Some("TOKEN_PROFILE_DEFAULT_EAT"),
3725 Self::Aws => std::option::Option::Some("TOKEN_PROFILE_AWS"),
3726 Self::UnknownValue(u) => u.0.name(),
3727 }
3728 }
3729}
3730
3731impl std::default::Default for TokenProfile {
3732 fn default() -> Self {
3733 use std::convert::From;
3734 Self::from(0)
3735 }
3736}
3737
3738impl std::fmt::Display for TokenProfile {
3739 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3740 wkt::internal::display_enum(f, self.name(), self.value())
3741 }
3742}
3743
3744impl std::convert::From<i32> for TokenProfile {
3745 fn from(value: i32) -> Self {
3746 match value {
3747 0 => Self::Unspecified,
3748 1 => Self::DefaultEat,
3749 2 => Self::Aws,
3750 _ => Self::UnknownValue(token_profile::UnknownValue(
3751 wkt::internal::UnknownEnumValue::Integer(value),
3752 )),
3753 }
3754 }
3755}
3756
3757impl std::convert::From<&str> for TokenProfile {
3758 fn from(value: &str) -> Self {
3759 use std::string::ToString;
3760 match value {
3761 "TOKEN_PROFILE_UNSPECIFIED" => Self::Unspecified,
3762 "TOKEN_PROFILE_DEFAULT_EAT" => Self::DefaultEat,
3763 "TOKEN_PROFILE_AWS" => Self::Aws,
3764 _ => Self::UnknownValue(token_profile::UnknownValue(
3765 wkt::internal::UnknownEnumValue::String(value.to_string()),
3766 )),
3767 }
3768 }
3769}
3770
3771impl serde::ser::Serialize for TokenProfile {
3772 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3773 where
3774 S: serde::Serializer,
3775 {
3776 match self {
3777 Self::Unspecified => serializer.serialize_i32(0),
3778 Self::DefaultEat => serializer.serialize_i32(1),
3779 Self::Aws => serializer.serialize_i32(2),
3780 Self::UnknownValue(u) => u.0.serialize(serializer),
3781 }
3782 }
3783}
3784
3785impl<'de> serde::de::Deserialize<'de> for TokenProfile {
3786 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3787 where
3788 D: serde::Deserializer<'de>,
3789 {
3790 deserializer.deserialize_any(wkt::internal::EnumVisitor::<TokenProfile>::new(
3791 ".google.cloud.confidentialcomputing.v1.TokenProfile",
3792 ))
3793 }
3794}