google_cloud_confidentialcomputing_v1/model.rs
1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16
17#![allow(rustdoc::redundant_explicit_links)]
18#![allow(rustdoc::broken_intra_doc_links)]
19#![no_implicit_prelude]
20extern crate async_trait;
21extern crate bytes;
22extern crate gaxi;
23extern crate google_cloud_gax;
24extern crate google_cloud_location;
25extern crate google_cloud_rpc;
26extern crate serde;
27extern crate serde_json;
28extern crate serde_with;
29extern crate std;
30extern crate tracing;
31extern crate wkt;
32
33mod debug;
34mod deserialize;
35mod serialize;
36
37/// A Challenge from the server used to guarantee freshness of attestations
38#[derive(Clone, Default, PartialEq)]
39#[non_exhaustive]
40pub struct Challenge {
41 /// Output only. The resource name for this Challenge in the format
42 /// `projects/*/locations/*/challenges/*`
43 pub name: std::string::String,
44
45 /// Output only. The time at which this Challenge was created
46 pub create_time: std::option::Option<wkt::Timestamp>,
47
48 /// Output only. The time at which this Challenge will no longer be usable. It
49 /// is also the expiration time for any tokens generated from this Challenge.
50 pub expire_time: std::option::Option<wkt::Timestamp>,
51
52 /// Output only. Indicates if this challenge has been used to generate a token.
53 pub used: bool,
54
55 /// Output only. Identical to nonce, but as a string.
56 pub tpm_nonce: std::string::String,
57
58 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
59}
60
61impl Challenge {
62 /// Creates a new default instance.
63 pub fn new() -> Self {
64 std::default::Default::default()
65 }
66
67 /// Sets the value of [name][crate::model::Challenge::name].
68 ///
69 /// # Example
70 /// ```ignore,no_run
71 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
72 /// let x = Challenge::new().set_name("example");
73 /// ```
74 pub fn set_name<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
75 self.name = v.into();
76 self
77 }
78
79 /// Sets the value of [create_time][crate::model::Challenge::create_time].
80 ///
81 /// # Example
82 /// ```ignore,no_run
83 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
84 /// use wkt::Timestamp;
85 /// let x = Challenge::new().set_create_time(Timestamp::default()/* use setters */);
86 /// ```
87 pub fn set_create_time<T>(mut self, v: T) -> Self
88 where
89 T: std::convert::Into<wkt::Timestamp>,
90 {
91 self.create_time = std::option::Option::Some(v.into());
92 self
93 }
94
95 /// Sets or clears the value of [create_time][crate::model::Challenge::create_time].
96 ///
97 /// # Example
98 /// ```ignore,no_run
99 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
100 /// use wkt::Timestamp;
101 /// let x = Challenge::new().set_or_clear_create_time(Some(Timestamp::default()/* use setters */));
102 /// let x = Challenge::new().set_or_clear_create_time(None::<Timestamp>);
103 /// ```
104 pub fn set_or_clear_create_time<T>(mut self, v: std::option::Option<T>) -> Self
105 where
106 T: std::convert::Into<wkt::Timestamp>,
107 {
108 self.create_time = v.map(|x| x.into());
109 self
110 }
111
112 /// Sets the value of [expire_time][crate::model::Challenge::expire_time].
113 ///
114 /// # Example
115 /// ```ignore,no_run
116 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
117 /// use wkt::Timestamp;
118 /// let x = Challenge::new().set_expire_time(Timestamp::default()/* use setters */);
119 /// ```
120 pub fn set_expire_time<T>(mut self, v: T) -> Self
121 where
122 T: std::convert::Into<wkt::Timestamp>,
123 {
124 self.expire_time = std::option::Option::Some(v.into());
125 self
126 }
127
128 /// Sets or clears the value of [expire_time][crate::model::Challenge::expire_time].
129 ///
130 /// # Example
131 /// ```ignore,no_run
132 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
133 /// use wkt::Timestamp;
134 /// let x = Challenge::new().set_or_clear_expire_time(Some(Timestamp::default()/* use setters */));
135 /// let x = Challenge::new().set_or_clear_expire_time(None::<Timestamp>);
136 /// ```
137 pub fn set_or_clear_expire_time<T>(mut self, v: std::option::Option<T>) -> Self
138 where
139 T: std::convert::Into<wkt::Timestamp>,
140 {
141 self.expire_time = v.map(|x| x.into());
142 self
143 }
144
145 /// Sets the value of [used][crate::model::Challenge::used].
146 ///
147 /// # Example
148 /// ```ignore,no_run
149 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
150 /// let x = Challenge::new().set_used(true);
151 /// ```
152 pub fn set_used<T: std::convert::Into<bool>>(mut self, v: T) -> Self {
153 self.used = v.into();
154 self
155 }
156
157 /// Sets the value of [tpm_nonce][crate::model::Challenge::tpm_nonce].
158 ///
159 /// # Example
160 /// ```ignore,no_run
161 /// # use google_cloud_confidentialcomputing_v1::model::Challenge;
162 /// let x = Challenge::new().set_tpm_nonce("example");
163 /// ```
164 pub fn set_tpm_nonce<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
165 self.tpm_nonce = v.into();
166 self
167 }
168}
169
170impl wkt::message::Message for Challenge {
171 fn typename() -> &'static str {
172 "type.googleapis.com/google.cloud.confidentialcomputing.v1.Challenge"
173 }
174}
175
176/// Message for creating a Challenge
177#[derive(Clone, Default, PartialEq)]
178#[non_exhaustive]
179pub struct CreateChallengeRequest {
180 /// Required. The resource name of the location where the Challenge will be
181 /// used, in the format `projects/*/locations/*`.
182 pub parent: std::string::String,
183
184 /// Required. The Challenge to be created. Currently this field can be empty as
185 /// all the Challenge fields are set by the server.
186 pub challenge: std::option::Option<crate::model::Challenge>,
187
188 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
189}
190
191impl CreateChallengeRequest {
192 /// Creates a new default instance.
193 pub fn new() -> Self {
194 std::default::Default::default()
195 }
196
197 /// Sets the value of [parent][crate::model::CreateChallengeRequest::parent].
198 ///
199 /// # Example
200 /// ```ignore,no_run
201 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
202 /// let x = CreateChallengeRequest::new().set_parent("example");
203 /// ```
204 pub fn set_parent<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
205 self.parent = v.into();
206 self
207 }
208
209 /// Sets the value of [challenge][crate::model::CreateChallengeRequest::challenge].
210 ///
211 /// # Example
212 /// ```ignore,no_run
213 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
214 /// use google_cloud_confidentialcomputing_v1::model::Challenge;
215 /// let x = CreateChallengeRequest::new().set_challenge(Challenge::default()/* use setters */);
216 /// ```
217 pub fn set_challenge<T>(mut self, v: T) -> Self
218 where
219 T: std::convert::Into<crate::model::Challenge>,
220 {
221 self.challenge = std::option::Option::Some(v.into());
222 self
223 }
224
225 /// Sets or clears the value of [challenge][crate::model::CreateChallengeRequest::challenge].
226 ///
227 /// # Example
228 /// ```ignore,no_run
229 /// # use google_cloud_confidentialcomputing_v1::model::CreateChallengeRequest;
230 /// use google_cloud_confidentialcomputing_v1::model::Challenge;
231 /// let x = CreateChallengeRequest::new().set_or_clear_challenge(Some(Challenge::default()/* use setters */));
232 /// let x = CreateChallengeRequest::new().set_or_clear_challenge(None::<Challenge>);
233 /// ```
234 pub fn set_or_clear_challenge<T>(mut self, v: std::option::Option<T>) -> Self
235 where
236 T: std::convert::Into<crate::model::Challenge>,
237 {
238 self.challenge = v.map(|x| x.into());
239 self
240 }
241}
242
243impl wkt::message::Message for CreateChallengeRequest {
244 fn typename() -> &'static str {
245 "type.googleapis.com/google.cloud.confidentialcomputing.v1.CreateChallengeRequest"
246 }
247}
248
249/// A request for an attestation token, providing all the necessary information
250/// needed for this service to verify the platform state of the requestor.
251#[derive(Clone, Default, PartialEq)]
252#[non_exhaustive]
253pub struct VerifyAttestationRequest {
254 /// Required. The name of the Challenge whose nonce was used to generate the
255 /// attestation, in the format `projects/*/locations/*/challenges/*`. The
256 /// provided Challenge will be consumed, and cannot be used again.
257 pub challenge: std::string::String,
258
259 /// Optional. Credentials used to populate the "emails" claim in the
260 /// claims_token.
261 pub gcp_credentials: std::option::Option<crate::model::GcpCredentials>,
262
263 /// Required. The TPM-specific data provided by the attesting platform, used to
264 /// populate any of the claims regarding platform state.
265 pub tpm_attestation: std::option::Option<crate::model::TpmAttestation>,
266
267 /// Optional. Optional information related to the Confidential Space TEE.
268 pub confidential_space_info: std::option::Option<crate::model::ConfidentialSpaceInfo>,
269
270 /// Optional. A collection of optional, workload-specified claims that modify
271 /// the token output.
272 pub token_options: std::option::Option<crate::model::TokenOptions>,
273
274 /// Optional. An optional indicator of the attester, only applies to certain
275 /// products.
276 pub attester: std::string::String,
277
278 /// An optional tee attestation report, used to populate hardware rooted
279 /// claims.
280 pub tee_attestation:
281 std::option::Option<crate::model::verify_attestation_request::TeeAttestation>,
282
283 /// An optional device attestation report.
284 pub device_attestation:
285 std::option::Option<crate::model::verify_attestation_request::DeviceAttestation>,
286
287 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
288}
289
290impl VerifyAttestationRequest {
291 /// Creates a new default instance.
292 pub fn new() -> Self {
293 std::default::Default::default()
294 }
295
296 /// Sets the value of [challenge][crate::model::VerifyAttestationRequest::challenge].
297 ///
298 /// # Example
299 /// ```ignore,no_run
300 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
301 /// let x = VerifyAttestationRequest::new().set_challenge("example");
302 /// ```
303 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
304 self.challenge = v.into();
305 self
306 }
307
308 /// Sets the value of [gcp_credentials][crate::model::VerifyAttestationRequest::gcp_credentials].
309 ///
310 /// # Example
311 /// ```ignore,no_run
312 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
313 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
314 /// let x = VerifyAttestationRequest::new().set_gcp_credentials(GcpCredentials::default()/* use setters */);
315 /// ```
316 pub fn set_gcp_credentials<T>(mut self, v: T) -> Self
317 where
318 T: std::convert::Into<crate::model::GcpCredentials>,
319 {
320 self.gcp_credentials = std::option::Option::Some(v.into());
321 self
322 }
323
324 /// Sets or clears the value of [gcp_credentials][crate::model::VerifyAttestationRequest::gcp_credentials].
325 ///
326 /// # Example
327 /// ```ignore,no_run
328 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
329 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
330 /// let x = VerifyAttestationRequest::new().set_or_clear_gcp_credentials(Some(GcpCredentials::default()/* use setters */));
331 /// let x = VerifyAttestationRequest::new().set_or_clear_gcp_credentials(None::<GcpCredentials>);
332 /// ```
333 pub fn set_or_clear_gcp_credentials<T>(mut self, v: std::option::Option<T>) -> Self
334 where
335 T: std::convert::Into<crate::model::GcpCredentials>,
336 {
337 self.gcp_credentials = v.map(|x| x.into());
338 self
339 }
340
341 /// Sets the value of [tpm_attestation][crate::model::VerifyAttestationRequest::tpm_attestation].
342 ///
343 /// # Example
344 /// ```ignore,no_run
345 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
346 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
347 /// let x = VerifyAttestationRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
348 /// ```
349 pub fn set_tpm_attestation<T>(mut self, v: T) -> Self
350 where
351 T: std::convert::Into<crate::model::TpmAttestation>,
352 {
353 self.tpm_attestation = std::option::Option::Some(v.into());
354 self
355 }
356
357 /// Sets or clears the value of [tpm_attestation][crate::model::VerifyAttestationRequest::tpm_attestation].
358 ///
359 /// # Example
360 /// ```ignore,no_run
361 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
362 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
363 /// let x = VerifyAttestationRequest::new().set_or_clear_tpm_attestation(Some(TpmAttestation::default()/* use setters */));
364 /// let x = VerifyAttestationRequest::new().set_or_clear_tpm_attestation(None::<TpmAttestation>);
365 /// ```
366 pub fn set_or_clear_tpm_attestation<T>(mut self, v: std::option::Option<T>) -> Self
367 where
368 T: std::convert::Into<crate::model::TpmAttestation>,
369 {
370 self.tpm_attestation = v.map(|x| x.into());
371 self
372 }
373
374 /// Sets the value of [confidential_space_info][crate::model::VerifyAttestationRequest::confidential_space_info].
375 ///
376 /// # Example
377 /// ```ignore,no_run
378 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
379 /// use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
380 /// let x = VerifyAttestationRequest::new().set_confidential_space_info(ConfidentialSpaceInfo::default()/* use setters */);
381 /// ```
382 pub fn set_confidential_space_info<T>(mut self, v: T) -> Self
383 where
384 T: std::convert::Into<crate::model::ConfidentialSpaceInfo>,
385 {
386 self.confidential_space_info = std::option::Option::Some(v.into());
387 self
388 }
389
390 /// Sets or clears the value of [confidential_space_info][crate::model::VerifyAttestationRequest::confidential_space_info].
391 ///
392 /// # Example
393 /// ```ignore,no_run
394 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
395 /// use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
396 /// let x = VerifyAttestationRequest::new().set_or_clear_confidential_space_info(Some(ConfidentialSpaceInfo::default()/* use setters */));
397 /// let x = VerifyAttestationRequest::new().set_or_clear_confidential_space_info(None::<ConfidentialSpaceInfo>);
398 /// ```
399 pub fn set_or_clear_confidential_space_info<T>(mut self, v: std::option::Option<T>) -> Self
400 where
401 T: std::convert::Into<crate::model::ConfidentialSpaceInfo>,
402 {
403 self.confidential_space_info = v.map(|x| x.into());
404 self
405 }
406
407 /// Sets the value of [token_options][crate::model::VerifyAttestationRequest::token_options].
408 ///
409 /// # Example
410 /// ```ignore,no_run
411 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
412 /// use google_cloud_confidentialcomputing_v1::model::TokenOptions;
413 /// let x = VerifyAttestationRequest::new().set_token_options(TokenOptions::default()/* use setters */);
414 /// ```
415 pub fn set_token_options<T>(mut self, v: T) -> Self
416 where
417 T: std::convert::Into<crate::model::TokenOptions>,
418 {
419 self.token_options = std::option::Option::Some(v.into());
420 self
421 }
422
423 /// Sets or clears the value of [token_options][crate::model::VerifyAttestationRequest::token_options].
424 ///
425 /// # Example
426 /// ```ignore,no_run
427 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
428 /// use google_cloud_confidentialcomputing_v1::model::TokenOptions;
429 /// let x = VerifyAttestationRequest::new().set_or_clear_token_options(Some(TokenOptions::default()/* use setters */));
430 /// let x = VerifyAttestationRequest::new().set_or_clear_token_options(None::<TokenOptions>);
431 /// ```
432 pub fn set_or_clear_token_options<T>(mut self, v: std::option::Option<T>) -> Self
433 where
434 T: std::convert::Into<crate::model::TokenOptions>,
435 {
436 self.token_options = v.map(|x| x.into());
437 self
438 }
439
440 /// Sets the value of [attester][crate::model::VerifyAttestationRequest::attester].
441 ///
442 /// # Example
443 /// ```ignore,no_run
444 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
445 /// let x = VerifyAttestationRequest::new().set_attester("example");
446 /// ```
447 pub fn set_attester<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
448 self.attester = v.into();
449 self
450 }
451
452 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation].
453 ///
454 /// Note that all the setters affecting `tee_attestation` are mutually
455 /// exclusive.
456 ///
457 /// # Example
458 /// ```ignore,no_run
459 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
460 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
461 /// let x = VerifyAttestationRequest::new().set_tee_attestation(Some(
462 /// google_cloud_confidentialcomputing_v1::model::verify_attestation_request::TeeAttestation::TdCcel(TdxCcelAttestation::default().into())));
463 /// ```
464 pub fn set_tee_attestation<
465 T: std::convert::Into<
466 std::option::Option<crate::model::verify_attestation_request::TeeAttestation>,
467 >,
468 >(
469 mut self,
470 v: T,
471 ) -> Self {
472 self.tee_attestation = v.into();
473 self
474 }
475
476 /// The value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
477 /// if it holds a `TdCcel`, `None` if the field is not set or
478 /// holds a different branch.
479 pub fn td_ccel(
480 &self,
481 ) -> std::option::Option<&std::boxed::Box<crate::model::TdxCcelAttestation>> {
482 #[allow(unreachable_patterns)]
483 self.tee_attestation.as_ref().and_then(|v| match v {
484 crate::model::verify_attestation_request::TeeAttestation::TdCcel(v) => {
485 std::option::Option::Some(v)
486 }
487 _ => std::option::Option::None,
488 })
489 }
490
491 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
492 /// to hold a `TdCcel`.
493 ///
494 /// Note that all the setters affecting `tee_attestation` are
495 /// mutually exclusive.
496 ///
497 /// # Example
498 /// ```ignore,no_run
499 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
500 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
501 /// let x = VerifyAttestationRequest::new().set_td_ccel(TdxCcelAttestation::default()/* use setters */);
502 /// assert!(x.td_ccel().is_some());
503 /// assert!(x.sev_snp_attestation().is_none());
504 /// ```
505 pub fn set_td_ccel<T: std::convert::Into<std::boxed::Box<crate::model::TdxCcelAttestation>>>(
506 mut self,
507 v: T,
508 ) -> Self {
509 self.tee_attestation = std::option::Option::Some(
510 crate::model::verify_attestation_request::TeeAttestation::TdCcel(v.into()),
511 );
512 self
513 }
514
515 /// The value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
516 /// if it holds a `SevSnpAttestation`, `None` if the field is not set or
517 /// holds a different branch.
518 pub fn sev_snp_attestation(
519 &self,
520 ) -> std::option::Option<&std::boxed::Box<crate::model::SevSnpAttestation>> {
521 #[allow(unreachable_patterns)]
522 self.tee_attestation.as_ref().and_then(|v| match v {
523 crate::model::verify_attestation_request::TeeAttestation::SevSnpAttestation(v) => {
524 std::option::Option::Some(v)
525 }
526 _ => std::option::Option::None,
527 })
528 }
529
530 /// Sets the value of [tee_attestation][crate::model::VerifyAttestationRequest::tee_attestation]
531 /// to hold a `SevSnpAttestation`.
532 ///
533 /// Note that all the setters affecting `tee_attestation` are
534 /// mutually exclusive.
535 ///
536 /// # Example
537 /// ```ignore,no_run
538 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
539 /// use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
540 /// let x = VerifyAttestationRequest::new().set_sev_snp_attestation(SevSnpAttestation::default()/* use setters */);
541 /// assert!(x.sev_snp_attestation().is_some());
542 /// assert!(x.td_ccel().is_none());
543 /// ```
544 pub fn set_sev_snp_attestation<
545 T: std::convert::Into<std::boxed::Box<crate::model::SevSnpAttestation>>,
546 >(
547 mut self,
548 v: T,
549 ) -> Self {
550 self.tee_attestation = std::option::Option::Some(
551 crate::model::verify_attestation_request::TeeAttestation::SevSnpAttestation(v.into()),
552 );
553 self
554 }
555
556 /// Sets the value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation].
557 ///
558 /// Note that all the setters affecting `device_attestation` are mutually
559 /// exclusive.
560 ///
561 /// # Example
562 /// ```ignore,no_run
563 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
564 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
565 /// let x = VerifyAttestationRequest::new().set_device_attestation(Some(
566 /// google_cloud_confidentialcomputing_v1::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(NvidiaAttestation::default().into())));
567 /// ```
568 pub fn set_device_attestation<
569 T: std::convert::Into<
570 std::option::Option<crate::model::verify_attestation_request::DeviceAttestation>,
571 >,
572 >(
573 mut self,
574 v: T,
575 ) -> Self {
576 self.device_attestation = v.into();
577 self
578 }
579
580 /// The value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation]
581 /// if it holds a `NvidiaAttestation`, `None` if the field is not set or
582 /// holds a different branch.
583 pub fn nvidia_attestation(
584 &self,
585 ) -> std::option::Option<&std::boxed::Box<crate::model::NvidiaAttestation>> {
586 #[allow(unreachable_patterns)]
587 self.device_attestation.as_ref().and_then(|v| match v {
588 crate::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(v) => {
589 std::option::Option::Some(v)
590 }
591 _ => std::option::Option::None,
592 })
593 }
594
595 /// Sets the value of [device_attestation][crate::model::VerifyAttestationRequest::device_attestation]
596 /// to hold a `NvidiaAttestation`.
597 ///
598 /// Note that all the setters affecting `device_attestation` are
599 /// mutually exclusive.
600 ///
601 /// # Example
602 /// ```ignore,no_run
603 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationRequest;
604 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
605 /// let x = VerifyAttestationRequest::new().set_nvidia_attestation(NvidiaAttestation::default()/* use setters */);
606 /// assert!(x.nvidia_attestation().is_some());
607 /// ```
608 pub fn set_nvidia_attestation<
609 T: std::convert::Into<std::boxed::Box<crate::model::NvidiaAttestation>>,
610 >(
611 mut self,
612 v: T,
613 ) -> Self {
614 self.device_attestation = std::option::Option::Some(
615 crate::model::verify_attestation_request::DeviceAttestation::NvidiaAttestation(
616 v.into(),
617 ),
618 );
619 self
620 }
621}
622
623impl wkt::message::Message for VerifyAttestationRequest {
624 fn typename() -> &'static str {
625 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyAttestationRequest"
626 }
627}
628
629/// Defines additional types related to [VerifyAttestationRequest].
630pub mod verify_attestation_request {
631 #[allow(unused_imports)]
632 use super::*;
633
634 /// An optional tee attestation report, used to populate hardware rooted
635 /// claims.
636 #[derive(Clone, Debug, PartialEq)]
637 #[non_exhaustive]
638 pub enum TeeAttestation {
639 /// Optional. A TDX with CCEL and RTMR Attestation Quote.
640 TdCcel(std::boxed::Box<crate::model::TdxCcelAttestation>),
641 /// Optional. An SEV-SNP Attestation Report.
642 SevSnpAttestation(std::boxed::Box<crate::model::SevSnpAttestation>),
643 }
644
645 /// An optional device attestation report.
646 #[derive(Clone, Debug, PartialEq)]
647 #[non_exhaustive]
648 pub enum DeviceAttestation {
649 /// Optional. An Nvidia attestation report for GPU and NVSwitch devices.
650 NvidiaAttestation(std::boxed::Box<crate::model::NvidiaAttestation>),
651 }
652}
653
654/// An Nvidia attestation report for GPU and NVSwitch devices.
655/// Contains necessary attestation evidence that the client collects for
656/// verification.
657#[derive(Clone, Default, PartialEq)]
658#[non_exhaustive]
659pub struct NvidiaAttestation {
660 /// The Confidential Computing feature that the attestation is for.
661 pub cc_feature: std::option::Option<crate::model::nvidia_attestation::CcFeature>,
662
663 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
664}
665
666impl NvidiaAttestation {
667 /// Creates a new default instance.
668 pub fn new() -> Self {
669 std::default::Default::default()
670 }
671
672 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature].
673 ///
674 /// Note that all the setters affecting `cc_feature` are mutually
675 /// exclusive.
676 ///
677 /// # Example
678 /// ```ignore,no_run
679 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
680 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
681 /// let x = NvidiaAttestation::new().set_cc_feature(Some(
682 /// google_cloud_confidentialcomputing_v1::model::nvidia_attestation::CcFeature::Spt(SinglePassthroughAttestation::default().into())));
683 /// ```
684 pub fn set_cc_feature<
685 T: std::convert::Into<std::option::Option<crate::model::nvidia_attestation::CcFeature>>,
686 >(
687 mut self,
688 v: T,
689 ) -> Self {
690 self.cc_feature = v.into();
691 self
692 }
693
694 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
695 /// if it holds a `Spt`, `None` if the field is not set or
696 /// holds a different branch.
697 pub fn spt(
698 &self,
699 ) -> std::option::Option<
700 &std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>,
701 > {
702 #[allow(unreachable_patterns)]
703 self.cc_feature.as_ref().and_then(|v| match v {
704 crate::model::nvidia_attestation::CcFeature::Spt(v) => std::option::Option::Some(v),
705 _ => std::option::Option::None,
706 })
707 }
708
709 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
710 /// to hold a `Spt`.
711 ///
712 /// Note that all the setters affecting `cc_feature` are
713 /// mutually exclusive.
714 ///
715 /// # Example
716 /// ```ignore,no_run
717 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
718 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
719 /// let x = NvidiaAttestation::new().set_spt(SinglePassthroughAttestation::default()/* use setters */);
720 /// assert!(x.spt().is_some());
721 /// assert!(x.ppcie().is_none());
722 /// assert!(x.mpt().is_none());
723 /// ```
724 pub fn set_spt<
725 T: std::convert::Into<
726 std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>,
727 >,
728 >(
729 mut self,
730 v: T,
731 ) -> Self {
732 self.cc_feature =
733 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Spt(v.into()));
734 self
735 }
736
737 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
738 /// if it holds a `Ppcie`, `None` if the field is not set or
739 /// holds a different branch.
740 pub fn ppcie(
741 &self,
742 ) -> std::option::Option<
743 &std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>,
744 > {
745 #[allow(unreachable_patterns)]
746 self.cc_feature.as_ref().and_then(|v| match v {
747 crate::model::nvidia_attestation::CcFeature::Ppcie(v) => std::option::Option::Some(v),
748 _ => std::option::Option::None,
749 })
750 }
751
752 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
753 /// to hold a `Ppcie`.
754 ///
755 /// Note that all the setters affecting `cc_feature` are
756 /// mutually exclusive.
757 ///
758 /// # Example
759 /// ```ignore,no_run
760 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
761 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
762 /// let x = NvidiaAttestation::new().set_ppcie(ProtectedPcieAttestation::default()/* use setters */);
763 /// assert!(x.ppcie().is_some());
764 /// assert!(x.spt().is_none());
765 /// assert!(x.mpt().is_none());
766 /// ```
767 pub fn set_ppcie<
768 T: std::convert::Into<
769 std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>,
770 >,
771 >(
772 mut self,
773 v: T,
774 ) -> Self {
775 self.cc_feature =
776 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Ppcie(v.into()));
777 self
778 }
779
780 /// The value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
781 /// if it holds a `Mpt`, `None` if the field is not set or
782 /// holds a different branch.
783 pub fn mpt(
784 &self,
785 ) -> std::option::Option<
786 &std::boxed::Box<crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation>,
787 > {
788 #[allow(unreachable_patterns)]
789 self.cc_feature.as_ref().and_then(|v| match v {
790 crate::model::nvidia_attestation::CcFeature::Mpt(v) => std::option::Option::Some(v),
791 _ => std::option::Option::None,
792 })
793 }
794
795 /// Sets the value of [cc_feature][crate::model::NvidiaAttestation::cc_feature]
796 /// to hold a `Mpt`.
797 ///
798 /// Note that all the setters affecting `cc_feature` are
799 /// mutually exclusive.
800 ///
801 /// # Example
802 /// ```ignore,no_run
803 /// # use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
804 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation;
805 /// let x = NvidiaAttestation::new().set_mpt(MultiGpuSecurePassthroughAttestation::default()/* use setters */);
806 /// assert!(x.mpt().is_some());
807 /// assert!(x.spt().is_none());
808 /// assert!(x.ppcie().is_none());
809 /// ```
810 pub fn set_mpt<
811 T: std::convert::Into<
812 std::boxed::Box<
813 crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation,
814 >,
815 >,
816 >(
817 mut self,
818 v: T,
819 ) -> Self {
820 self.cc_feature =
821 std::option::Option::Some(crate::model::nvidia_attestation::CcFeature::Mpt(v.into()));
822 self
823 }
824}
825
826impl wkt::message::Message for NvidiaAttestation {
827 fn typename() -> &'static str {
828 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation"
829 }
830}
831
832/// Defines additional types related to [NvidiaAttestation].
833pub mod nvidia_attestation {
834 #[allow(unused_imports)]
835 use super::*;
836
837 /// GpuInfo contains the attestation evidence for a GPU device.
838 #[derive(Clone, Default, PartialEq)]
839 #[non_exhaustive]
840 pub struct GpuInfo {
841 /// Optional. The UUID of the GPU device.
842 pub uuid: std::string::String,
843
844 /// Optional. The driver version of the GPU.
845 pub driver_version: std::string::String,
846
847 /// Optional. The vBIOS version of the GPU.
848 pub vbios_version: std::string::String,
849
850 /// Optional. The GPU architecture type.
851 pub gpu_architecture_type: crate::model::nvidia_attestation::GpuArchitectureType,
852
853 /// Optional. The raw attestation certificate chain for the GPU device.
854 pub attestation_certificate_chain: ::bytes::Bytes,
855
856 /// Optional. The raw attestation report for the GPU device.
857 /// This field contains SPDM request/response defined in
858 /// <https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.0.pdf>
859 pub attestation_report: ::bytes::Bytes,
860
861 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
862 }
863
864 impl GpuInfo {
865 /// Creates a new default instance.
866 pub fn new() -> Self {
867 std::default::Default::default()
868 }
869
870 /// Sets the value of [uuid][crate::model::nvidia_attestation::GpuInfo::uuid].
871 ///
872 /// # Example
873 /// ```ignore,no_run
874 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
875 /// let x = GpuInfo::new().set_uuid("example");
876 /// ```
877 pub fn set_uuid<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
878 self.uuid = v.into();
879 self
880 }
881
882 /// Sets the value of [driver_version][crate::model::nvidia_attestation::GpuInfo::driver_version].
883 ///
884 /// # Example
885 /// ```ignore,no_run
886 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
887 /// let x = GpuInfo::new().set_driver_version("example");
888 /// ```
889 pub fn set_driver_version<T: std::convert::Into<std::string::String>>(
890 mut self,
891 v: T,
892 ) -> Self {
893 self.driver_version = v.into();
894 self
895 }
896
897 /// Sets the value of [vbios_version][crate::model::nvidia_attestation::GpuInfo::vbios_version].
898 ///
899 /// # Example
900 /// ```ignore,no_run
901 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
902 /// let x = GpuInfo::new().set_vbios_version("example");
903 /// ```
904 pub fn set_vbios_version<T: std::convert::Into<std::string::String>>(
905 mut self,
906 v: T,
907 ) -> Self {
908 self.vbios_version = v.into();
909 self
910 }
911
912 /// Sets the value of [gpu_architecture_type][crate::model::nvidia_attestation::GpuInfo::gpu_architecture_type].
913 ///
914 /// # Example
915 /// ```ignore,no_run
916 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
917 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuArchitectureType;
918 /// let x0 = GpuInfo::new().set_gpu_architecture_type(GpuArchitectureType::Hopper);
919 /// let x1 = GpuInfo::new().set_gpu_architecture_type(GpuArchitectureType::Blackwell);
920 /// ```
921 pub fn set_gpu_architecture_type<
922 T: std::convert::Into<crate::model::nvidia_attestation::GpuArchitectureType>,
923 >(
924 mut self,
925 v: T,
926 ) -> Self {
927 self.gpu_architecture_type = v.into();
928 self
929 }
930
931 /// Sets the value of [attestation_certificate_chain][crate::model::nvidia_attestation::GpuInfo::attestation_certificate_chain].
932 ///
933 /// # Example
934 /// ```ignore,no_run
935 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
936 /// let x = GpuInfo::new().set_attestation_certificate_chain(bytes::Bytes::from_static(b"example"));
937 /// ```
938 pub fn set_attestation_certificate_chain<T: std::convert::Into<::bytes::Bytes>>(
939 mut self,
940 v: T,
941 ) -> Self {
942 self.attestation_certificate_chain = v.into();
943 self
944 }
945
946 /// Sets the value of [attestation_report][crate::model::nvidia_attestation::GpuInfo::attestation_report].
947 ///
948 /// # Example
949 /// ```ignore,no_run
950 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
951 /// let x = GpuInfo::new().set_attestation_report(bytes::Bytes::from_static(b"example"));
952 /// ```
953 pub fn set_attestation_report<T: std::convert::Into<::bytes::Bytes>>(
954 mut self,
955 v: T,
956 ) -> Self {
957 self.attestation_report = v.into();
958 self
959 }
960 }
961
962 impl wkt::message::Message for GpuInfo {
963 fn typename() -> &'static str {
964 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.GpuInfo"
965 }
966 }
967
968 /// SwitchInfo contains the attestation evidence for a NVSwitch device.
969 #[derive(Clone, Default, PartialEq)]
970 #[non_exhaustive]
971 pub struct SwitchInfo {
972 /// Optional. The UUID of the NVSwitch device.
973 pub uuid: std::string::String,
974
975 /// Optional. The raw attestation certificate chain for the NVSwitch device.
976 pub attestation_certificate_chain: ::bytes::Bytes,
977
978 /// Optional. The raw attestation report for the NvSwitch device.
979 /// This field contains SPDM request/response defined in
980 /// <https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.0.pdf>
981 pub attestation_report: ::bytes::Bytes,
982
983 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
984 }
985
986 impl SwitchInfo {
987 /// Creates a new default instance.
988 pub fn new() -> Self {
989 std::default::Default::default()
990 }
991
992 /// Sets the value of [uuid][crate::model::nvidia_attestation::SwitchInfo::uuid].
993 ///
994 /// # Example
995 /// ```ignore,no_run
996 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
997 /// let x = SwitchInfo::new().set_uuid("example");
998 /// ```
999 pub fn set_uuid<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1000 self.uuid = v.into();
1001 self
1002 }
1003
1004 /// Sets the value of [attestation_certificate_chain][crate::model::nvidia_attestation::SwitchInfo::attestation_certificate_chain].
1005 ///
1006 /// # Example
1007 /// ```ignore,no_run
1008 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1009 /// let x = SwitchInfo::new().set_attestation_certificate_chain(bytes::Bytes::from_static(b"example"));
1010 /// ```
1011 pub fn set_attestation_certificate_chain<T: std::convert::Into<::bytes::Bytes>>(
1012 mut self,
1013 v: T,
1014 ) -> Self {
1015 self.attestation_certificate_chain = v.into();
1016 self
1017 }
1018
1019 /// Sets the value of [attestation_report][crate::model::nvidia_attestation::SwitchInfo::attestation_report].
1020 ///
1021 /// # Example
1022 /// ```ignore,no_run
1023 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1024 /// let x = SwitchInfo::new().set_attestation_report(bytes::Bytes::from_static(b"example"));
1025 /// ```
1026 pub fn set_attestation_report<T: std::convert::Into<::bytes::Bytes>>(
1027 mut self,
1028 v: T,
1029 ) -> Self {
1030 self.attestation_report = v.into();
1031 self
1032 }
1033 }
1034
1035 impl wkt::message::Message for SwitchInfo {
1036 fn typename() -> &'static str {
1037 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.SwitchInfo"
1038 }
1039 }
1040
1041 /// Single GPU Passthrough (SPT) attestation.
1042 #[derive(Clone, Default, PartialEq)]
1043 #[non_exhaustive]
1044 pub struct SinglePassthroughAttestation {
1045 /// Optional. Single GPU quote.
1046 pub gpu_quote: std::option::Option<crate::model::nvidia_attestation::GpuInfo>,
1047
1048 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1049 }
1050
1051 impl SinglePassthroughAttestation {
1052 /// Creates a new default instance.
1053 pub fn new() -> Self {
1054 std::default::Default::default()
1055 }
1056
1057 /// Sets the value of [gpu_quote][crate::model::nvidia_attestation::SinglePassthroughAttestation::gpu_quote].
1058 ///
1059 /// # Example
1060 /// ```ignore,no_run
1061 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
1062 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1063 /// let x = SinglePassthroughAttestation::new().set_gpu_quote(GpuInfo::default()/* use setters */);
1064 /// ```
1065 pub fn set_gpu_quote<T>(mut self, v: T) -> Self
1066 where
1067 T: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1068 {
1069 self.gpu_quote = std::option::Option::Some(v.into());
1070 self
1071 }
1072
1073 /// Sets or clears the value of [gpu_quote][crate::model::nvidia_attestation::SinglePassthroughAttestation::gpu_quote].
1074 ///
1075 /// # Example
1076 /// ```ignore,no_run
1077 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SinglePassthroughAttestation;
1078 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1079 /// let x = SinglePassthroughAttestation::new().set_or_clear_gpu_quote(Some(GpuInfo::default()/* use setters */));
1080 /// let x = SinglePassthroughAttestation::new().set_or_clear_gpu_quote(None::<GpuInfo>);
1081 /// ```
1082 pub fn set_or_clear_gpu_quote<T>(mut self, v: std::option::Option<T>) -> Self
1083 where
1084 T: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1085 {
1086 self.gpu_quote = v.map(|x| x.into());
1087 self
1088 }
1089 }
1090
1091 impl wkt::message::Message for SinglePassthroughAttestation {
1092 fn typename() -> &'static str {
1093 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.SinglePassthroughAttestation"
1094 }
1095 }
1096
1097 /// Protected PCIe (PPCIE) attestation.
1098 /// Eight Hopper GPUs with Four NVSwitch Passthrough.
1099 #[derive(Clone, Default, PartialEq)]
1100 #[non_exhaustive]
1101 pub struct ProtectedPcieAttestation {
1102 /// Optional. A list of GPU infos.
1103 pub gpu_quotes: std::vec::Vec<crate::model::nvidia_attestation::GpuInfo>,
1104
1105 /// Optional. A list of SWITCH infos.
1106 pub switch_quotes: std::vec::Vec<crate::model::nvidia_attestation::SwitchInfo>,
1107
1108 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1109 }
1110
1111 impl ProtectedPcieAttestation {
1112 /// Creates a new default instance.
1113 pub fn new() -> Self {
1114 std::default::Default::default()
1115 }
1116
1117 /// Sets the value of [gpu_quotes][crate::model::nvidia_attestation::ProtectedPcieAttestation::gpu_quotes].
1118 ///
1119 /// # Example
1120 /// ```ignore,no_run
1121 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
1122 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1123 /// let x = ProtectedPcieAttestation::new()
1124 /// .set_gpu_quotes([
1125 /// GpuInfo::default()/* use setters */,
1126 /// GpuInfo::default()/* use (different) setters */,
1127 /// ]);
1128 /// ```
1129 pub fn set_gpu_quotes<T, V>(mut self, v: T) -> Self
1130 where
1131 T: std::iter::IntoIterator<Item = V>,
1132 V: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1133 {
1134 use std::iter::Iterator;
1135 self.gpu_quotes = v.into_iter().map(|i| i.into()).collect();
1136 self
1137 }
1138
1139 /// Sets the value of [switch_quotes][crate::model::nvidia_attestation::ProtectedPcieAttestation::switch_quotes].
1140 ///
1141 /// # Example
1142 /// ```ignore,no_run
1143 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::ProtectedPcieAttestation;
1144 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::SwitchInfo;
1145 /// let x = ProtectedPcieAttestation::new()
1146 /// .set_switch_quotes([
1147 /// SwitchInfo::default()/* use setters */,
1148 /// SwitchInfo::default()/* use (different) setters */,
1149 /// ]);
1150 /// ```
1151 pub fn set_switch_quotes<T, V>(mut self, v: T) -> Self
1152 where
1153 T: std::iter::IntoIterator<Item = V>,
1154 V: std::convert::Into<crate::model::nvidia_attestation::SwitchInfo>,
1155 {
1156 use std::iter::Iterator;
1157 self.switch_quotes = v.into_iter().map(|i| i.into()).collect();
1158 self
1159 }
1160 }
1161
1162 impl wkt::message::Message for ProtectedPcieAttestation {
1163 fn typename() -> &'static str {
1164 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.ProtectedPcieAttestation"
1165 }
1166 }
1167
1168 /// MultiGpuSecurePassthroughAttestation contains the attestation evidence
1169 /// for a Multi-GPU Secure Passthrough (MPT) attestation.
1170 #[derive(Clone, Default, PartialEq)]
1171 #[non_exhaustive]
1172 pub struct MultiGpuSecurePassthroughAttestation {
1173 /// Optional. A list of GPU quotes.
1174 pub gpu_quotes: std::vec::Vec<crate::model::nvidia_attestation::GpuInfo>,
1175
1176 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1177 }
1178
1179 impl MultiGpuSecurePassthroughAttestation {
1180 /// Creates a new default instance.
1181 pub fn new() -> Self {
1182 std::default::Default::default()
1183 }
1184
1185 /// Sets the value of [gpu_quotes][crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation::gpu_quotes].
1186 ///
1187 /// # Example
1188 /// ```ignore,no_run
1189 /// # use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation;
1190 /// use google_cloud_confidentialcomputing_v1::model::nvidia_attestation::GpuInfo;
1191 /// let x = MultiGpuSecurePassthroughAttestation::new()
1192 /// .set_gpu_quotes([
1193 /// GpuInfo::default()/* use setters */,
1194 /// GpuInfo::default()/* use (different) setters */,
1195 /// ]);
1196 /// ```
1197 pub fn set_gpu_quotes<T, V>(mut self, v: T) -> Self
1198 where
1199 T: std::iter::IntoIterator<Item = V>,
1200 V: std::convert::Into<crate::model::nvidia_attestation::GpuInfo>,
1201 {
1202 use std::iter::Iterator;
1203 self.gpu_quotes = v.into_iter().map(|i| i.into()).collect();
1204 self
1205 }
1206 }
1207
1208 impl wkt::message::Message for MultiGpuSecurePassthroughAttestation {
1209 fn typename() -> &'static str {
1210 "type.googleapis.com/google.cloud.confidentialcomputing.v1.NvidiaAttestation.MultiGpuSecurePassthroughAttestation"
1211 }
1212 }
1213
1214 /// GpuArchitectureType enumerates the supported GPU architecture types.
1215 ///
1216 /// # Working with unknown values
1217 ///
1218 /// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
1219 /// additional enum variants at any time. Adding new variants is not considered
1220 /// a breaking change. Applications should write their code in anticipation of:
1221 ///
1222 /// - New values appearing in future releases of the client library, **and**
1223 /// - New values received dynamically, without application changes.
1224 ///
1225 /// Please consult the [Working with enums] section in the user guide for some
1226 /// guidelines.
1227 ///
1228 /// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
1229 #[derive(Clone, Debug, PartialEq)]
1230 #[non_exhaustive]
1231 pub enum GpuArchitectureType {
1232 /// Unspecified GPU architecture type.
1233 Unspecified,
1234 /// Hopper GPU architecture type.
1235 Hopper,
1236 /// Blackwell GPU architecture type.
1237 Blackwell,
1238 /// If set, the enum was initialized with an unknown value.
1239 ///
1240 /// Applications can examine the value using [GpuArchitectureType::value] or
1241 /// [GpuArchitectureType::name].
1242 UnknownValue(gpu_architecture_type::UnknownValue),
1243 }
1244
1245 #[doc(hidden)]
1246 pub mod gpu_architecture_type {
1247 #[allow(unused_imports)]
1248 use super::*;
1249 #[derive(Clone, Debug, PartialEq)]
1250 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
1251 }
1252
1253 impl GpuArchitectureType {
1254 /// Gets the enum value.
1255 ///
1256 /// Returns `None` if the enum contains an unknown value deserialized from
1257 /// the string representation of enums.
1258 pub fn value(&self) -> std::option::Option<i32> {
1259 match self {
1260 Self::Unspecified => std::option::Option::Some(0),
1261 Self::Hopper => std::option::Option::Some(8),
1262 Self::Blackwell => std::option::Option::Some(10),
1263 Self::UnknownValue(u) => u.0.value(),
1264 }
1265 }
1266
1267 /// Gets the enum value as a string.
1268 ///
1269 /// Returns `None` if the enum contains an unknown value deserialized from
1270 /// the integer representation of enums.
1271 pub fn name(&self) -> std::option::Option<&str> {
1272 match self {
1273 Self::Unspecified => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_UNSPECIFIED"),
1274 Self::Hopper => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_HOPPER"),
1275 Self::Blackwell => std::option::Option::Some("GPU_ARCHITECTURE_TYPE_BLACKWELL"),
1276 Self::UnknownValue(u) => u.0.name(),
1277 }
1278 }
1279 }
1280
1281 impl std::default::Default for GpuArchitectureType {
1282 fn default() -> Self {
1283 use std::convert::From;
1284 Self::from(0)
1285 }
1286 }
1287
1288 impl std::fmt::Display for GpuArchitectureType {
1289 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
1290 wkt::internal::display_enum(f, self.name(), self.value())
1291 }
1292 }
1293
1294 impl std::convert::From<i32> for GpuArchitectureType {
1295 fn from(value: i32) -> Self {
1296 match value {
1297 0 => Self::Unspecified,
1298 8 => Self::Hopper,
1299 10 => Self::Blackwell,
1300 _ => Self::UnknownValue(gpu_architecture_type::UnknownValue(
1301 wkt::internal::UnknownEnumValue::Integer(value),
1302 )),
1303 }
1304 }
1305 }
1306
1307 impl std::convert::From<&str> for GpuArchitectureType {
1308 fn from(value: &str) -> Self {
1309 use std::string::ToString;
1310 match value {
1311 "GPU_ARCHITECTURE_TYPE_UNSPECIFIED" => Self::Unspecified,
1312 "GPU_ARCHITECTURE_TYPE_HOPPER" => Self::Hopper,
1313 "GPU_ARCHITECTURE_TYPE_BLACKWELL" => Self::Blackwell,
1314 _ => Self::UnknownValue(gpu_architecture_type::UnknownValue(
1315 wkt::internal::UnknownEnumValue::String(value.to_string()),
1316 )),
1317 }
1318 }
1319 }
1320
1321 impl serde::ser::Serialize for GpuArchitectureType {
1322 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
1323 where
1324 S: serde::Serializer,
1325 {
1326 match self {
1327 Self::Unspecified => serializer.serialize_i32(0),
1328 Self::Hopper => serializer.serialize_i32(8),
1329 Self::Blackwell => serializer.serialize_i32(10),
1330 Self::UnknownValue(u) => u.0.serialize(serializer),
1331 }
1332 }
1333 }
1334
1335 impl<'de> serde::de::Deserialize<'de> for GpuArchitectureType {
1336 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
1337 where
1338 D: serde::Deserializer<'de>,
1339 {
1340 deserializer.deserialize_any(wkt::internal::EnumVisitor::<GpuArchitectureType>::new(
1341 ".google.cloud.confidentialcomputing.v1.NvidiaAttestation.GpuArchitectureType",
1342 ))
1343 }
1344 }
1345
1346 /// The Confidential Computing feature that the attestation is for.
1347 #[derive(Clone, Debug, PartialEq)]
1348 #[non_exhaustive]
1349 pub enum CcFeature {
1350 /// Single GPU Passthrough (SPT) attestation.
1351 Spt(std::boxed::Box<crate::model::nvidia_attestation::SinglePassthroughAttestation>),
1352 /// Protected PCIe (PPCIE) attestation.
1353 Ppcie(std::boxed::Box<crate::model::nvidia_attestation::ProtectedPcieAttestation>),
1354 /// Multi-GPU Secure Passthrough (MPT) attestation.
1355 Mpt(
1356 std::boxed::Box<crate::model::nvidia_attestation::MultiGpuSecurePassthroughAttestation>,
1357 ),
1358 }
1359}
1360
1361/// A TDX Attestation quote.
1362#[derive(Clone, Default, PartialEq)]
1363#[non_exhaustive]
1364pub struct TdxCcelAttestation {
1365 /// Optional. The Confidential Computing Event Log (CCEL) ACPI table. Formatted
1366 /// as described in the ACPI Specification 6.5.
1367 pub ccel_acpi_table: ::bytes::Bytes,
1368
1369 /// Optional. The CCEL event log. Formatted as described in the UEFI 2.10.
1370 pub ccel_data: ::bytes::Bytes,
1371
1372 /// Optional. An Event Log containing additional events measured into the RTMR
1373 /// that are not already present in the CCEL.
1374 pub canonical_event_log: ::bytes::Bytes,
1375
1376 /// Optional. The TDX attestation quote from the guest. It contains the RTMR
1377 /// values.
1378 pub td_quote: ::bytes::Bytes,
1379
1380 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1381}
1382
1383impl TdxCcelAttestation {
1384 /// Creates a new default instance.
1385 pub fn new() -> Self {
1386 std::default::Default::default()
1387 }
1388
1389 /// Sets the value of [ccel_acpi_table][crate::model::TdxCcelAttestation::ccel_acpi_table].
1390 ///
1391 /// # Example
1392 /// ```ignore,no_run
1393 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1394 /// let x = TdxCcelAttestation::new().set_ccel_acpi_table(bytes::Bytes::from_static(b"example"));
1395 /// ```
1396 pub fn set_ccel_acpi_table<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1397 self.ccel_acpi_table = v.into();
1398 self
1399 }
1400
1401 /// Sets the value of [ccel_data][crate::model::TdxCcelAttestation::ccel_data].
1402 ///
1403 /// # Example
1404 /// ```ignore,no_run
1405 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1406 /// let x = TdxCcelAttestation::new().set_ccel_data(bytes::Bytes::from_static(b"example"));
1407 /// ```
1408 pub fn set_ccel_data<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1409 self.ccel_data = v.into();
1410 self
1411 }
1412
1413 /// Sets the value of [canonical_event_log][crate::model::TdxCcelAttestation::canonical_event_log].
1414 ///
1415 /// # Example
1416 /// ```ignore,no_run
1417 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1418 /// let x = TdxCcelAttestation::new().set_canonical_event_log(bytes::Bytes::from_static(b"example"));
1419 /// ```
1420 pub fn set_canonical_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1421 self.canonical_event_log = v.into();
1422 self
1423 }
1424
1425 /// Sets the value of [td_quote][crate::model::TdxCcelAttestation::td_quote].
1426 ///
1427 /// # Example
1428 /// ```ignore,no_run
1429 /// # use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
1430 /// let x = TdxCcelAttestation::new().set_td_quote(bytes::Bytes::from_static(b"example"));
1431 /// ```
1432 pub fn set_td_quote<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1433 self.td_quote = v.into();
1434 self
1435 }
1436}
1437
1438impl wkt::message::Message for TdxCcelAttestation {
1439 fn typename() -> &'static str {
1440 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TdxCcelAttestation"
1441 }
1442}
1443
1444/// An SEV-SNP Attestation Report.
1445/// Contains the attestation report and the certificate bundle that the client
1446/// collects.
1447#[derive(Clone, Default, PartialEq)]
1448#[non_exhaustive]
1449pub struct SevSnpAttestation {
1450 /// Optional. The SEV-SNP Attestation Report
1451 /// Format is in revision 1.55, §7.3 Attestation, Table 22. ATTESTATION_REPORT
1452 /// Structure in this document:
1453 /// <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56860.pdf>
1454 pub report: ::bytes::Bytes,
1455
1456 /// Optional. Certificate bundle defined in the GHCB protocol definition
1457 /// Format is documented in GHCB revision 2.03, section 4.1.8.1 struct
1458 /// cert_table in this document:
1459 /// <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf>
1460 pub aux_blob: ::bytes::Bytes,
1461
1462 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1463}
1464
1465impl SevSnpAttestation {
1466 /// Creates a new default instance.
1467 pub fn new() -> Self {
1468 std::default::Default::default()
1469 }
1470
1471 /// Sets the value of [report][crate::model::SevSnpAttestation::report].
1472 ///
1473 /// # Example
1474 /// ```ignore,no_run
1475 /// # use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
1476 /// let x = SevSnpAttestation::new().set_report(bytes::Bytes::from_static(b"example"));
1477 /// ```
1478 pub fn set_report<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1479 self.report = v.into();
1480 self
1481 }
1482
1483 /// Sets the value of [aux_blob][crate::model::SevSnpAttestation::aux_blob].
1484 ///
1485 /// # Example
1486 /// ```ignore,no_run
1487 /// # use google_cloud_confidentialcomputing_v1::model::SevSnpAttestation;
1488 /// let x = SevSnpAttestation::new().set_aux_blob(bytes::Bytes::from_static(b"example"));
1489 /// ```
1490 pub fn set_aux_blob<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1491 self.aux_blob = v.into();
1492 self
1493 }
1494}
1495
1496impl wkt::message::Message for SevSnpAttestation {
1497 fn typename() -> &'static str {
1498 "type.googleapis.com/google.cloud.confidentialcomputing.v1.SevSnpAttestation"
1499 }
1500}
1501
1502/// A response once an attestation has been successfully verified, containing a
1503/// signed attestation token.
1504#[derive(Clone, Default, PartialEq)]
1505#[non_exhaustive]
1506pub struct VerifyAttestationResponse {
1507 /// Output only. Same as claims_token, but as a string.
1508 pub oidc_claims_token: std::string::String,
1509
1510 /// Output only. A list of messages that carry the partial error details
1511 /// related to VerifyAttestation.
1512 pub partial_errors: std::vec::Vec<google_cloud_rpc::model::Status>,
1513
1514 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1515}
1516
1517impl VerifyAttestationResponse {
1518 /// Creates a new default instance.
1519 pub fn new() -> Self {
1520 std::default::Default::default()
1521 }
1522
1523 /// Sets the value of [oidc_claims_token][crate::model::VerifyAttestationResponse::oidc_claims_token].
1524 ///
1525 /// # Example
1526 /// ```ignore,no_run
1527 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationResponse;
1528 /// let x = VerifyAttestationResponse::new().set_oidc_claims_token("example");
1529 /// ```
1530 pub fn set_oidc_claims_token<T: std::convert::Into<std::string::String>>(
1531 mut self,
1532 v: T,
1533 ) -> Self {
1534 self.oidc_claims_token = v.into();
1535 self
1536 }
1537
1538 /// Sets the value of [partial_errors][crate::model::VerifyAttestationResponse::partial_errors].
1539 ///
1540 /// # Example
1541 /// ```ignore,no_run
1542 /// # use google_cloud_confidentialcomputing_v1::model::VerifyAttestationResponse;
1543 /// use google_cloud_rpc::model::Status;
1544 /// let x = VerifyAttestationResponse::new()
1545 /// .set_partial_errors([
1546 /// Status::default()/* use setters */,
1547 /// Status::default()/* use (different) setters */,
1548 /// ]);
1549 /// ```
1550 pub fn set_partial_errors<T, V>(mut self, v: T) -> Self
1551 where
1552 T: std::iter::IntoIterator<Item = V>,
1553 V: std::convert::Into<google_cloud_rpc::model::Status>,
1554 {
1555 use std::iter::Iterator;
1556 self.partial_errors = v.into_iter().map(|i| i.into()).collect();
1557 self
1558 }
1559}
1560
1561impl wkt::message::Message for VerifyAttestationResponse {
1562 fn typename() -> &'static str {
1563 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyAttestationResponse"
1564 }
1565}
1566
1567/// Credentials issued by GCP which are linked to the platform attestation. These
1568/// will be verified server-side as part of attestaion verification.
1569#[derive(Clone, Default, PartialEq)]
1570#[non_exhaustive]
1571pub struct GcpCredentials {
1572 /// Same as id_tokens, but as a string.
1573 pub service_account_id_tokens: std::vec::Vec<std::string::String>,
1574
1575 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1576}
1577
1578impl GcpCredentials {
1579 /// Creates a new default instance.
1580 pub fn new() -> Self {
1581 std::default::Default::default()
1582 }
1583
1584 /// Sets the value of [service_account_id_tokens][crate::model::GcpCredentials::service_account_id_tokens].
1585 ///
1586 /// # Example
1587 /// ```ignore,no_run
1588 /// # use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
1589 /// let x = GcpCredentials::new().set_service_account_id_tokens(["a", "b", "c"]);
1590 /// ```
1591 pub fn set_service_account_id_tokens<T, V>(mut self, v: T) -> Self
1592 where
1593 T: std::iter::IntoIterator<Item = V>,
1594 V: std::convert::Into<std::string::String>,
1595 {
1596 use std::iter::Iterator;
1597 self.service_account_id_tokens = v.into_iter().map(|i| i.into()).collect();
1598 self
1599 }
1600}
1601
1602impl wkt::message::Message for GcpCredentials {
1603 fn typename() -> &'static str {
1604 "type.googleapis.com/google.cloud.confidentialcomputing.v1.GcpCredentials"
1605 }
1606}
1607
1608/// Options to modify claims in the token to generate custom-purpose tokens.
1609#[derive(Clone, Default, PartialEq)]
1610#[non_exhaustive]
1611pub struct TokenOptions {
1612 /// Optional. Optional string to issue the token with a custom audience claim.
1613 /// Required if one or more nonces are specified.
1614 pub audience: std::string::String,
1615
1616 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
1617 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
1618 /// bytes and the maximum size is 74 bytes.
1619 pub nonce: std::vec::Vec<std::string::String>,
1620
1621 /// Optional. Optional token type to select what type of token to return.
1622 pub token_type: crate::model::TokenType,
1623
1624 /// An optional additional configuration per token type.
1625 pub token_type_options: std::option::Option<crate::model::token_options::TokenTypeOptions>,
1626
1627 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1628}
1629
1630impl TokenOptions {
1631 /// Creates a new default instance.
1632 pub fn new() -> Self {
1633 std::default::Default::default()
1634 }
1635
1636 /// Sets the value of [audience][crate::model::TokenOptions::audience].
1637 ///
1638 /// # Example
1639 /// ```ignore,no_run
1640 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1641 /// let x = TokenOptions::new().set_audience("example");
1642 /// ```
1643 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
1644 self.audience = v.into();
1645 self
1646 }
1647
1648 /// Sets the value of [nonce][crate::model::TokenOptions::nonce].
1649 ///
1650 /// # Example
1651 /// ```ignore,no_run
1652 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1653 /// let x = TokenOptions::new().set_nonce(["a", "b", "c"]);
1654 /// ```
1655 pub fn set_nonce<T, V>(mut self, v: T) -> Self
1656 where
1657 T: std::iter::IntoIterator<Item = V>,
1658 V: std::convert::Into<std::string::String>,
1659 {
1660 use std::iter::Iterator;
1661 self.nonce = v.into_iter().map(|i| i.into()).collect();
1662 self
1663 }
1664
1665 /// Sets the value of [token_type][crate::model::TokenOptions::token_type].
1666 ///
1667 /// # Example
1668 /// ```ignore,no_run
1669 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1670 /// use google_cloud_confidentialcomputing_v1::model::TokenType;
1671 /// let x0 = TokenOptions::new().set_token_type(TokenType::Oidc);
1672 /// let x1 = TokenOptions::new().set_token_type(TokenType::Pki);
1673 /// let x2 = TokenOptions::new().set_token_type(TokenType::LimitedAws);
1674 /// ```
1675 pub fn set_token_type<T: std::convert::Into<crate::model::TokenType>>(mut self, v: T) -> Self {
1676 self.token_type = v.into();
1677 self
1678 }
1679
1680 /// Sets the value of [token_type_options][crate::model::TokenOptions::token_type_options].
1681 ///
1682 /// Note that all the setters affecting `token_type_options` are mutually
1683 /// exclusive.
1684 ///
1685 /// # Example
1686 /// ```ignore,no_run
1687 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1688 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1689 /// let x = TokenOptions::new().set_token_type_options(Some(
1690 /// google_cloud_confidentialcomputing_v1::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(AwsPrincipalTagsOptions::default().into())));
1691 /// ```
1692 pub fn set_token_type_options<
1693 T: std::convert::Into<std::option::Option<crate::model::token_options::TokenTypeOptions>>,
1694 >(
1695 mut self,
1696 v: T,
1697 ) -> Self {
1698 self.token_type_options = v.into();
1699 self
1700 }
1701
1702 /// The value of [token_type_options][crate::model::TokenOptions::token_type_options]
1703 /// if it holds a `AwsPrincipalTagsOptions`, `None` if the field is not set or
1704 /// holds a different branch.
1705 pub fn aws_principal_tags_options(
1706 &self,
1707 ) -> std::option::Option<&std::boxed::Box<crate::model::AwsPrincipalTagsOptions>> {
1708 #[allow(unreachable_patterns)]
1709 self.token_type_options.as_ref().and_then(|v| match v {
1710 crate::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(v) => {
1711 std::option::Option::Some(v)
1712 }
1713 _ => std::option::Option::None,
1714 })
1715 }
1716
1717 /// Sets the value of [token_type_options][crate::model::TokenOptions::token_type_options]
1718 /// to hold a `AwsPrincipalTagsOptions`.
1719 ///
1720 /// Note that all the setters affecting `token_type_options` are
1721 /// mutually exclusive.
1722 ///
1723 /// # Example
1724 /// ```ignore,no_run
1725 /// # use google_cloud_confidentialcomputing_v1::model::TokenOptions;
1726 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1727 /// let x = TokenOptions::new().set_aws_principal_tags_options(AwsPrincipalTagsOptions::default()/* use setters */);
1728 /// assert!(x.aws_principal_tags_options().is_some());
1729 /// ```
1730 pub fn set_aws_principal_tags_options<
1731 T: std::convert::Into<std::boxed::Box<crate::model::AwsPrincipalTagsOptions>>,
1732 >(
1733 mut self,
1734 v: T,
1735 ) -> Self {
1736 self.token_type_options = std::option::Option::Some(
1737 crate::model::token_options::TokenTypeOptions::AwsPrincipalTagsOptions(v.into()),
1738 );
1739 self
1740 }
1741}
1742
1743impl wkt::message::Message for TokenOptions {
1744 fn typename() -> &'static str {
1745 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TokenOptions"
1746 }
1747}
1748
1749/// Defines additional types related to [TokenOptions].
1750pub mod token_options {
1751 #[allow(unused_imports)]
1752 use super::*;
1753
1754 /// An optional additional configuration per token type.
1755 #[derive(Clone, Debug, PartialEq)]
1756 #[non_exhaustive]
1757 pub enum TokenTypeOptions {
1758 /// Optional. Options for AWS token type.
1759 AwsPrincipalTagsOptions(std::boxed::Box<crate::model::AwsPrincipalTagsOptions>),
1760 }
1761}
1762
1763/// Token options that only apply to the AWS Principal Tags token type.
1764#[derive(Clone, Default, PartialEq)]
1765#[non_exhaustive]
1766pub struct AwsPrincipalTagsOptions {
1767 /// Optional. Principal tags to allow in the token.
1768 pub allowed_principal_tags:
1769 std::option::Option<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1770
1771 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1772}
1773
1774impl AwsPrincipalTagsOptions {
1775 /// Creates a new default instance.
1776 pub fn new() -> Self {
1777 std::default::Default::default()
1778 }
1779
1780 /// Sets the value of [allowed_principal_tags][crate::model::AwsPrincipalTagsOptions::allowed_principal_tags].
1781 ///
1782 /// # Example
1783 /// ```ignore,no_run
1784 /// # use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1785 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1786 /// let x = AwsPrincipalTagsOptions::new().set_allowed_principal_tags(AllowedPrincipalTags::default()/* use setters */);
1787 /// ```
1788 pub fn set_allowed_principal_tags<T>(mut self, v: T) -> Self
1789 where
1790 T: std::convert::Into<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1791 {
1792 self.allowed_principal_tags = std::option::Option::Some(v.into());
1793 self
1794 }
1795
1796 /// Sets or clears the value of [allowed_principal_tags][crate::model::AwsPrincipalTagsOptions::allowed_principal_tags].
1797 ///
1798 /// # Example
1799 /// ```ignore,no_run
1800 /// # use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
1801 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1802 /// let x = AwsPrincipalTagsOptions::new().set_or_clear_allowed_principal_tags(Some(AllowedPrincipalTags::default()/* use setters */));
1803 /// let x = AwsPrincipalTagsOptions::new().set_or_clear_allowed_principal_tags(None::<AllowedPrincipalTags>);
1804 /// ```
1805 pub fn set_or_clear_allowed_principal_tags<T>(mut self, v: std::option::Option<T>) -> Self
1806 where
1807 T: std::convert::Into<crate::model::aws_principal_tags_options::AllowedPrincipalTags>,
1808 {
1809 self.allowed_principal_tags = v.map(|x| x.into());
1810 self
1811 }
1812}
1813
1814impl wkt::message::Message for AwsPrincipalTagsOptions {
1815 fn typename() -> &'static str {
1816 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions"
1817 }
1818}
1819
1820/// Defines additional types related to [AwsPrincipalTagsOptions].
1821pub mod aws_principal_tags_options {
1822 #[allow(unused_imports)]
1823 use super::*;
1824
1825 /// Allowed principal tags is used to define what principal tags will be
1826 /// placed in the token.
1827 #[derive(Clone, Default, PartialEq)]
1828 #[non_exhaustive]
1829 pub struct AllowedPrincipalTags {
1830
1831 /// Optional. Container image signatures allowed in the token.
1832 pub container_image_signatures: std::option::Option<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>,
1833
1834 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1835 }
1836
1837 impl AllowedPrincipalTags {
1838 /// Creates a new default instance.
1839 pub fn new() -> Self {
1840 std::default::Default::default()
1841 }
1842
1843 /// Sets the value of [container_image_signatures][crate::model::aws_principal_tags_options::AllowedPrincipalTags::container_image_signatures].
1844 ///
1845 /// # Example
1846 /// ```ignore,no_run
1847 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1848 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1849 /// let x = AllowedPrincipalTags::new().set_container_image_signatures(ContainerImageSignatures::default()/* use setters */);
1850 /// ```
1851 pub fn set_container_image_signatures<T>(mut self, v: T) -> Self
1852 where T: std::convert::Into<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>
1853 {
1854 self.container_image_signatures = std::option::Option::Some(v.into());
1855 self
1856 }
1857
1858 /// Sets or clears the value of [container_image_signatures][crate::model::aws_principal_tags_options::AllowedPrincipalTags::container_image_signatures].
1859 ///
1860 /// # Example
1861 /// ```ignore,no_run
1862 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::AllowedPrincipalTags;
1863 /// use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1864 /// let x = AllowedPrincipalTags::new().set_or_clear_container_image_signatures(Some(ContainerImageSignatures::default()/* use setters */));
1865 /// let x = AllowedPrincipalTags::new().set_or_clear_container_image_signatures(None::<ContainerImageSignatures>);
1866 /// ```
1867 pub fn set_or_clear_container_image_signatures<T>(mut self, v: std::option::Option<T>) -> Self
1868 where T: std::convert::Into<crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures>
1869 {
1870 self.container_image_signatures = v.map(|x| x.into());
1871 self
1872 }
1873 }
1874
1875 impl wkt::message::Message for AllowedPrincipalTags {
1876 fn typename() -> &'static str {
1877 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions.AllowedPrincipalTags"
1878 }
1879 }
1880
1881 /// Defines additional types related to [AllowedPrincipalTags].
1882 pub mod allowed_principal_tags {
1883 #[allow(unused_imports)]
1884 use super::*;
1885
1886 /// Allowed Container Image Signatures. Key IDs are required to allow
1887 /// this claim to fit within the narrow AWS IAM restrictions.
1888 #[derive(Clone, Default, PartialEq)]
1889 #[non_exhaustive]
1890 pub struct ContainerImageSignatures {
1891 /// Optional. List of key ids to filter into the Principal tags. Only keys
1892 /// that have been validated and added to the token will be filtered into
1893 /// principal tags. Unrecognized key ids will be ignored.
1894 pub key_ids: std::vec::Vec<std::string::String>,
1895
1896 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1897 }
1898
1899 impl ContainerImageSignatures {
1900 /// Creates a new default instance.
1901 pub fn new() -> Self {
1902 std::default::Default::default()
1903 }
1904
1905 /// Sets the value of [key_ids][crate::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures::key_ids].
1906 ///
1907 /// # Example
1908 /// ```ignore,no_run
1909 /// # use google_cloud_confidentialcomputing_v1::model::aws_principal_tags_options::allowed_principal_tags::ContainerImageSignatures;
1910 /// let x = ContainerImageSignatures::new().set_key_ids(["a", "b", "c"]);
1911 /// ```
1912 pub fn set_key_ids<T, V>(mut self, v: T) -> Self
1913 where
1914 T: std::iter::IntoIterator<Item = V>,
1915 V: std::convert::Into<std::string::String>,
1916 {
1917 use std::iter::Iterator;
1918 self.key_ids = v.into_iter().map(|i| i.into()).collect();
1919 self
1920 }
1921 }
1922
1923 impl wkt::message::Message for ContainerImageSignatures {
1924 fn typename() -> &'static str {
1925 "type.googleapis.com/google.cloud.confidentialcomputing.v1.AwsPrincipalTagsOptions.AllowedPrincipalTags.ContainerImageSignatures"
1926 }
1927 }
1928 }
1929}
1930
1931/// TPM2 data containing everything necessary to validate any platform state
1932/// measured into the TPM.
1933#[derive(Clone, Default, PartialEq)]
1934#[non_exhaustive]
1935pub struct TpmAttestation {
1936 /// TPM2 PCR Quotes generated by calling TPM2_Quote on each PCR bank.
1937 pub quotes: std::vec::Vec<crate::model::tpm_attestation::Quote>,
1938
1939 /// The binary TCG Event Log containing events measured into the TPM by the
1940 /// platform firmware and operating system. Formatted as described in the
1941 /// "TCG PC Client Platform Firmware Profile Specification".
1942 pub tcg_event_log: ::bytes::Bytes,
1943
1944 /// An Event Log containing additional events measured into the TPM that are
1945 /// not already present in the tcg_event_log. Formatted as described in the
1946 /// "Canonical Event Log Format" TCG Specification.
1947 pub canonical_event_log: ::bytes::Bytes,
1948
1949 /// DER-encoded X.509 certificate of the Attestation Key (otherwise known as
1950 /// an AK or a TPM restricted signing key) used to generate the quotes.
1951 pub ak_cert: ::bytes::Bytes,
1952
1953 /// List of DER-encoded X.509 certificates which, together with the ak_cert,
1954 /// chain back to a trusted Root Certificate.
1955 pub cert_chain: std::vec::Vec<::bytes::Bytes>,
1956
1957 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
1958}
1959
1960impl TpmAttestation {
1961 /// Creates a new default instance.
1962 pub fn new() -> Self {
1963 std::default::Default::default()
1964 }
1965
1966 /// Sets the value of [quotes][crate::model::TpmAttestation::quotes].
1967 ///
1968 /// # Example
1969 /// ```ignore,no_run
1970 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1971 /// use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
1972 /// let x = TpmAttestation::new()
1973 /// .set_quotes([
1974 /// Quote::default()/* use setters */,
1975 /// Quote::default()/* use (different) setters */,
1976 /// ]);
1977 /// ```
1978 pub fn set_quotes<T, V>(mut self, v: T) -> Self
1979 where
1980 T: std::iter::IntoIterator<Item = V>,
1981 V: std::convert::Into<crate::model::tpm_attestation::Quote>,
1982 {
1983 use std::iter::Iterator;
1984 self.quotes = v.into_iter().map(|i| i.into()).collect();
1985 self
1986 }
1987
1988 /// Sets the value of [tcg_event_log][crate::model::TpmAttestation::tcg_event_log].
1989 ///
1990 /// # Example
1991 /// ```ignore,no_run
1992 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
1993 /// let x = TpmAttestation::new().set_tcg_event_log(bytes::Bytes::from_static(b"example"));
1994 /// ```
1995 pub fn set_tcg_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
1996 self.tcg_event_log = v.into();
1997 self
1998 }
1999
2000 /// Sets the value of [canonical_event_log][crate::model::TpmAttestation::canonical_event_log].
2001 ///
2002 /// # Example
2003 /// ```ignore,no_run
2004 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2005 /// let x = TpmAttestation::new().set_canonical_event_log(bytes::Bytes::from_static(b"example"));
2006 /// ```
2007 pub fn set_canonical_event_log<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2008 self.canonical_event_log = v.into();
2009 self
2010 }
2011
2012 /// Sets the value of [ak_cert][crate::model::TpmAttestation::ak_cert].
2013 ///
2014 /// # Example
2015 /// ```ignore,no_run
2016 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2017 /// let x = TpmAttestation::new().set_ak_cert(bytes::Bytes::from_static(b"example"));
2018 /// ```
2019 pub fn set_ak_cert<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2020 self.ak_cert = v.into();
2021 self
2022 }
2023
2024 /// Sets the value of [cert_chain][crate::model::TpmAttestation::cert_chain].
2025 ///
2026 /// # Example
2027 /// ```ignore,no_run
2028 /// # use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2029 /// let b1 = bytes::Bytes::from_static(b"abc");
2030 /// let b2 = bytes::Bytes::from_static(b"xyz");
2031 /// let x = TpmAttestation::new().set_cert_chain([b1, b2]);
2032 /// ```
2033 pub fn set_cert_chain<T, V>(mut self, v: T) -> Self
2034 where
2035 T: std::iter::IntoIterator<Item = V>,
2036 V: std::convert::Into<::bytes::Bytes>,
2037 {
2038 use std::iter::Iterator;
2039 self.cert_chain = v.into_iter().map(|i| i.into()).collect();
2040 self
2041 }
2042}
2043
2044impl wkt::message::Message for TpmAttestation {
2045 fn typename() -> &'static str {
2046 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TpmAttestation"
2047 }
2048}
2049
2050/// Defines additional types related to [TpmAttestation].
2051pub mod tpm_attestation {
2052 #[allow(unused_imports)]
2053 use super::*;
2054
2055 /// Information about Platform Control Registers (PCRs) including a signature
2056 /// over their values, which can be used for remote validation.
2057 #[derive(Clone, Default, PartialEq)]
2058 #[non_exhaustive]
2059 pub struct Quote {
2060 /// The hash algorithm of the PCR bank being quoted, encoded as a TPM_ALG_ID
2061 pub hash_algo: i32,
2062
2063 /// Raw binary values of each PCRs being quoted.
2064 pub pcr_values: std::collections::HashMap<i32, ::bytes::Bytes>,
2065
2066 /// TPM2 quote, encoded as a TPMS_ATTEST
2067 pub raw_quote: ::bytes::Bytes,
2068
2069 /// TPM2 signature, encoded as a TPMT_SIGNATURE
2070 pub raw_signature: ::bytes::Bytes,
2071
2072 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2073 }
2074
2075 impl Quote {
2076 /// Creates a new default instance.
2077 pub fn new() -> Self {
2078 std::default::Default::default()
2079 }
2080
2081 /// Sets the value of [hash_algo][crate::model::tpm_attestation::Quote::hash_algo].
2082 ///
2083 /// # Example
2084 /// ```ignore,no_run
2085 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2086 /// let x = Quote::new().set_hash_algo(42);
2087 /// ```
2088 pub fn set_hash_algo<T: std::convert::Into<i32>>(mut self, v: T) -> Self {
2089 self.hash_algo = v.into();
2090 self
2091 }
2092
2093 /// Sets the value of [pcr_values][crate::model::tpm_attestation::Quote::pcr_values].
2094 ///
2095 /// # Example
2096 /// ```ignore,no_run
2097 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2098 /// let x = Quote::new().set_pcr_values([
2099 /// (0, bytes::Bytes::from_static(b"abc")),
2100 /// (1, bytes::Bytes::from_static(b"xyz")),
2101 /// ]);
2102 /// ```
2103 pub fn set_pcr_values<T, K, V>(mut self, v: T) -> Self
2104 where
2105 T: std::iter::IntoIterator<Item = (K, V)>,
2106 K: std::convert::Into<i32>,
2107 V: std::convert::Into<::bytes::Bytes>,
2108 {
2109 use std::iter::Iterator;
2110 self.pcr_values = v.into_iter().map(|(k, v)| (k.into(), v.into())).collect();
2111 self
2112 }
2113
2114 /// Sets the value of [raw_quote][crate::model::tpm_attestation::Quote::raw_quote].
2115 ///
2116 /// # Example
2117 /// ```ignore,no_run
2118 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2119 /// let x = Quote::new().set_raw_quote(bytes::Bytes::from_static(b"example"));
2120 /// ```
2121 pub fn set_raw_quote<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2122 self.raw_quote = v.into();
2123 self
2124 }
2125
2126 /// Sets the value of [raw_signature][crate::model::tpm_attestation::Quote::raw_signature].
2127 ///
2128 /// # Example
2129 /// ```ignore,no_run
2130 /// # use google_cloud_confidentialcomputing_v1::model::tpm_attestation::Quote;
2131 /// let x = Quote::new().set_raw_signature(bytes::Bytes::from_static(b"example"));
2132 /// ```
2133 pub fn set_raw_signature<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2134 self.raw_signature = v.into();
2135 self
2136 }
2137 }
2138
2139 impl wkt::message::Message for Quote {
2140 fn typename() -> &'static str {
2141 "type.googleapis.com/google.cloud.confidentialcomputing.v1.TpmAttestation.Quote"
2142 }
2143 }
2144}
2145
2146/// ConfidentialSpaceInfo contains information related to the Confidential Space
2147/// TEE.
2148#[derive(Clone, Default, PartialEq)]
2149#[non_exhaustive]
2150pub struct ConfidentialSpaceInfo {
2151 /// Optional. A list of signed entities containing container image signatures
2152 /// that can be used for server-side signature verification.
2153 pub signed_entities: std::vec::Vec<crate::model::SignedEntity>,
2154
2155 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2156}
2157
2158impl ConfidentialSpaceInfo {
2159 /// Creates a new default instance.
2160 pub fn new() -> Self {
2161 std::default::Default::default()
2162 }
2163
2164 /// Sets the value of [signed_entities][crate::model::ConfidentialSpaceInfo::signed_entities].
2165 ///
2166 /// # Example
2167 /// ```ignore,no_run
2168 /// # use google_cloud_confidentialcomputing_v1::model::ConfidentialSpaceInfo;
2169 /// use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2170 /// let x = ConfidentialSpaceInfo::new()
2171 /// .set_signed_entities([
2172 /// SignedEntity::default()/* use setters */,
2173 /// SignedEntity::default()/* use (different) setters */,
2174 /// ]);
2175 /// ```
2176 pub fn set_signed_entities<T, V>(mut self, v: T) -> Self
2177 where
2178 T: std::iter::IntoIterator<Item = V>,
2179 V: std::convert::Into<crate::model::SignedEntity>,
2180 {
2181 use std::iter::Iterator;
2182 self.signed_entities = v.into_iter().map(|i| i.into()).collect();
2183 self
2184 }
2185}
2186
2187impl wkt::message::Message for ConfidentialSpaceInfo {
2188 fn typename() -> &'static str {
2189 "type.googleapis.com/google.cloud.confidentialcomputing.v1.ConfidentialSpaceInfo"
2190 }
2191}
2192
2193/// SignedEntity represents an OCI image object containing everything necessary
2194/// to verify container image signatures.
2195#[derive(Clone, Default, PartialEq)]
2196#[non_exhaustive]
2197pub struct SignedEntity {
2198 /// Optional. A list of container image signatures attached to an OCI image
2199 /// object.
2200 pub container_image_signatures: std::vec::Vec<crate::model::ContainerImageSignature>,
2201
2202 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2203}
2204
2205impl SignedEntity {
2206 /// Creates a new default instance.
2207 pub fn new() -> Self {
2208 std::default::Default::default()
2209 }
2210
2211 /// Sets the value of [container_image_signatures][crate::model::SignedEntity::container_image_signatures].
2212 ///
2213 /// # Example
2214 /// ```ignore,no_run
2215 /// # use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2216 /// use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2217 /// let x = SignedEntity::new()
2218 /// .set_container_image_signatures([
2219 /// ContainerImageSignature::default()/* use setters */,
2220 /// ContainerImageSignature::default()/* use (different) setters */,
2221 /// ]);
2222 /// ```
2223 pub fn set_container_image_signatures<T, V>(mut self, v: T) -> Self
2224 where
2225 T: std::iter::IntoIterator<Item = V>,
2226 V: std::convert::Into<crate::model::ContainerImageSignature>,
2227 {
2228 use std::iter::Iterator;
2229 self.container_image_signatures = v.into_iter().map(|i| i.into()).collect();
2230 self
2231 }
2232}
2233
2234impl wkt::message::Message for SignedEntity {
2235 fn typename() -> &'static str {
2236 "type.googleapis.com/google.cloud.confidentialcomputing.v1.SignedEntity"
2237 }
2238}
2239
2240/// ContainerImageSignature holds necessary metadata to verify a container image
2241/// signature.
2242#[derive(Clone, Default, PartialEq)]
2243#[non_exhaustive]
2244pub struct ContainerImageSignature {
2245 /// Optional. The binary signature payload following the SimpleSigning format
2246 /// <https://github.com/sigstore/cosign/blob/main/specs/SIGNATURE_SPEC.md#simple-signing>.
2247 /// This payload includes the container image digest.
2248 pub payload: ::bytes::Bytes,
2249
2250 /// Optional. A signature over the payload.
2251 /// The container image digest is incorporated into the signature as follows:
2252 ///
2253 /// 1. Generate a SimpleSigning format payload that includes the container
2254 /// image digest.
2255 /// 1. Generate a signature over SHA256 digest of the payload.
2256 /// The signature generation process can be represented as follows:
2257 /// `Sign(sha256(SimpleSigningPayload(sha256(Image Manifest))))`
2258 pub signature: ::bytes::Bytes,
2259
2260 /// Optional. Reserved for future use.
2261 pub public_key: ::bytes::Bytes,
2262
2263 /// Optional. Reserved for future use.
2264 pub sig_alg: crate::model::SigningAlgorithm,
2265
2266 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2267}
2268
2269impl ContainerImageSignature {
2270 /// Creates a new default instance.
2271 pub fn new() -> Self {
2272 std::default::Default::default()
2273 }
2274
2275 /// Sets the value of [payload][crate::model::ContainerImageSignature::payload].
2276 ///
2277 /// # Example
2278 /// ```ignore,no_run
2279 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2280 /// let x = ContainerImageSignature::new().set_payload(bytes::Bytes::from_static(b"example"));
2281 /// ```
2282 pub fn set_payload<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2283 self.payload = v.into();
2284 self
2285 }
2286
2287 /// Sets the value of [signature][crate::model::ContainerImageSignature::signature].
2288 ///
2289 /// # Example
2290 /// ```ignore,no_run
2291 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2292 /// let x = ContainerImageSignature::new().set_signature(bytes::Bytes::from_static(b"example"));
2293 /// ```
2294 pub fn set_signature<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2295 self.signature = v.into();
2296 self
2297 }
2298
2299 /// Sets the value of [public_key][crate::model::ContainerImageSignature::public_key].
2300 ///
2301 /// # Example
2302 /// ```ignore,no_run
2303 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2304 /// let x = ContainerImageSignature::new().set_public_key(bytes::Bytes::from_static(b"example"));
2305 /// ```
2306 pub fn set_public_key<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2307 self.public_key = v.into();
2308 self
2309 }
2310
2311 /// Sets the value of [sig_alg][crate::model::ContainerImageSignature::sig_alg].
2312 ///
2313 /// # Example
2314 /// ```ignore,no_run
2315 /// # use google_cloud_confidentialcomputing_v1::model::ContainerImageSignature;
2316 /// use google_cloud_confidentialcomputing_v1::model::SigningAlgorithm;
2317 /// let x0 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::RsassaPssSha256);
2318 /// let x1 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::RsassaPkcs1V15Sha256);
2319 /// let x2 = ContainerImageSignature::new().set_sig_alg(SigningAlgorithm::EcdsaP256Sha256);
2320 /// ```
2321 pub fn set_sig_alg<T: std::convert::Into<crate::model::SigningAlgorithm>>(
2322 mut self,
2323 v: T,
2324 ) -> Self {
2325 self.sig_alg = v.into();
2326 self
2327 }
2328}
2329
2330impl wkt::message::Message for ContainerImageSignature {
2331 fn typename() -> &'static str {
2332 "type.googleapis.com/google.cloud.confidentialcomputing.v1.ContainerImageSignature"
2333 }
2334}
2335
2336/// A request for an attestation token, providing all the necessary information
2337/// needed for this service to verify the platform state of the requestor.
2338#[derive(Clone, Default, PartialEq)]
2339#[non_exhaustive]
2340pub struct VerifyConfidentialSpaceRequest {
2341 /// Required. The name of the Challenge whose nonce was used to generate the
2342 /// attestation, in the format `projects/*/locations/*/challenges/*`. The
2343 /// provided Challenge will be consumed, and cannot be used again.
2344 pub challenge: std::string::String,
2345
2346 /// Optional. Credentials used to populate the "emails" claim in the
2347 /// claims_token. If not present, token will not contain the "emails" claim.
2348 pub gcp_credentials: std::option::Option<crate::model::GcpCredentials>,
2349
2350 /// Optional. A list of signed entities containing container image signatures
2351 /// that can be used for server-side signature verification.
2352 pub signed_entities: std::vec::Vec<crate::model::SignedEntity>,
2353
2354 /// Optional. Information about the associated Compute Engine instance.
2355 /// Required for td_ccel requests only - tpm_attestation requests will provide
2356 /// this information in the attestation.
2357 pub gce_shielded_identity: std::option::Option<crate::model::GceShieldedIdentity>,
2358
2359 /// Optional. A collection of fields that modify the token output.
2360 pub options: std::option::Option<
2361 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2362 >,
2363
2364 /// Optional. An optional Nvidia attestation report, used to populate hardware
2365 /// rooted claims for Nvidia devices.
2366 pub nvidia_attestation: std::option::Option<crate::model::NvidiaAttestation>,
2367
2368 /// Required. A tee attestation report, used to populate hardware rooted
2369 /// claims.
2370 pub tee_attestation:
2371 std::option::Option<crate::model::verify_confidential_space_request::TeeAttestation>,
2372
2373 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2374}
2375
2376impl VerifyConfidentialSpaceRequest {
2377 /// Creates a new default instance.
2378 pub fn new() -> Self {
2379 std::default::Default::default()
2380 }
2381
2382 /// Sets the value of [challenge][crate::model::VerifyConfidentialSpaceRequest::challenge].
2383 ///
2384 /// # Example
2385 /// ```ignore,no_run
2386 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2387 /// let x = VerifyConfidentialSpaceRequest::new().set_challenge("example");
2388 /// ```
2389 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2390 self.challenge = v.into();
2391 self
2392 }
2393
2394 /// Sets the value of [gcp_credentials][crate::model::VerifyConfidentialSpaceRequest::gcp_credentials].
2395 ///
2396 /// # Example
2397 /// ```ignore,no_run
2398 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2399 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
2400 /// let x = VerifyConfidentialSpaceRequest::new().set_gcp_credentials(GcpCredentials::default()/* use setters */);
2401 /// ```
2402 pub fn set_gcp_credentials<T>(mut self, v: T) -> Self
2403 where
2404 T: std::convert::Into<crate::model::GcpCredentials>,
2405 {
2406 self.gcp_credentials = std::option::Option::Some(v.into());
2407 self
2408 }
2409
2410 /// Sets or clears the value of [gcp_credentials][crate::model::VerifyConfidentialSpaceRequest::gcp_credentials].
2411 ///
2412 /// # Example
2413 /// ```ignore,no_run
2414 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2415 /// use google_cloud_confidentialcomputing_v1::model::GcpCredentials;
2416 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gcp_credentials(Some(GcpCredentials::default()/* use setters */));
2417 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gcp_credentials(None::<GcpCredentials>);
2418 /// ```
2419 pub fn set_or_clear_gcp_credentials<T>(mut self, v: std::option::Option<T>) -> Self
2420 where
2421 T: std::convert::Into<crate::model::GcpCredentials>,
2422 {
2423 self.gcp_credentials = v.map(|x| x.into());
2424 self
2425 }
2426
2427 /// Sets the value of [signed_entities][crate::model::VerifyConfidentialSpaceRequest::signed_entities].
2428 ///
2429 /// # Example
2430 /// ```ignore,no_run
2431 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2432 /// use google_cloud_confidentialcomputing_v1::model::SignedEntity;
2433 /// let x = VerifyConfidentialSpaceRequest::new()
2434 /// .set_signed_entities([
2435 /// SignedEntity::default()/* use setters */,
2436 /// SignedEntity::default()/* use (different) setters */,
2437 /// ]);
2438 /// ```
2439 pub fn set_signed_entities<T, V>(mut self, v: T) -> Self
2440 where
2441 T: std::iter::IntoIterator<Item = V>,
2442 V: std::convert::Into<crate::model::SignedEntity>,
2443 {
2444 use std::iter::Iterator;
2445 self.signed_entities = v.into_iter().map(|i| i.into()).collect();
2446 self
2447 }
2448
2449 /// Sets the value of [gce_shielded_identity][crate::model::VerifyConfidentialSpaceRequest::gce_shielded_identity].
2450 ///
2451 /// # Example
2452 /// ```ignore,no_run
2453 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2454 /// use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2455 /// let x = VerifyConfidentialSpaceRequest::new().set_gce_shielded_identity(GceShieldedIdentity::default()/* use setters */);
2456 /// ```
2457 pub fn set_gce_shielded_identity<T>(mut self, v: T) -> Self
2458 where
2459 T: std::convert::Into<crate::model::GceShieldedIdentity>,
2460 {
2461 self.gce_shielded_identity = std::option::Option::Some(v.into());
2462 self
2463 }
2464
2465 /// Sets or clears the value of [gce_shielded_identity][crate::model::VerifyConfidentialSpaceRequest::gce_shielded_identity].
2466 ///
2467 /// # Example
2468 /// ```ignore,no_run
2469 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2470 /// use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2471 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gce_shielded_identity(Some(GceShieldedIdentity::default()/* use setters */));
2472 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_gce_shielded_identity(None::<GceShieldedIdentity>);
2473 /// ```
2474 pub fn set_or_clear_gce_shielded_identity<T>(mut self, v: std::option::Option<T>) -> Self
2475 where
2476 T: std::convert::Into<crate::model::GceShieldedIdentity>,
2477 {
2478 self.gce_shielded_identity = v.map(|x| x.into());
2479 self
2480 }
2481
2482 /// Sets the value of [options][crate::model::VerifyConfidentialSpaceRequest::options].
2483 ///
2484 /// # Example
2485 /// ```ignore,no_run
2486 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2487 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2488 /// let x = VerifyConfidentialSpaceRequest::new().set_options(ConfidentialSpaceOptions::default()/* use setters */);
2489 /// ```
2490 pub fn set_options<T>(mut self, v: T) -> Self
2491 where
2492 T: std::convert::Into<
2493 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2494 >,
2495 {
2496 self.options = std::option::Option::Some(v.into());
2497 self
2498 }
2499
2500 /// Sets or clears the value of [options][crate::model::VerifyConfidentialSpaceRequest::options].
2501 ///
2502 /// # Example
2503 /// ```ignore,no_run
2504 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2505 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2506 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_options(Some(ConfidentialSpaceOptions::default()/* use setters */));
2507 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_options(None::<ConfidentialSpaceOptions>);
2508 /// ```
2509 pub fn set_or_clear_options<T>(mut self, v: std::option::Option<T>) -> Self
2510 where
2511 T: std::convert::Into<
2512 crate::model::verify_confidential_space_request::ConfidentialSpaceOptions,
2513 >,
2514 {
2515 self.options = v.map(|x| x.into());
2516 self
2517 }
2518
2519 /// Sets the value of [nvidia_attestation][crate::model::VerifyConfidentialSpaceRequest::nvidia_attestation].
2520 ///
2521 /// # Example
2522 /// ```ignore,no_run
2523 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2524 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
2525 /// let x = VerifyConfidentialSpaceRequest::new().set_nvidia_attestation(NvidiaAttestation::default()/* use setters */);
2526 /// ```
2527 pub fn set_nvidia_attestation<T>(mut self, v: T) -> Self
2528 where
2529 T: std::convert::Into<crate::model::NvidiaAttestation>,
2530 {
2531 self.nvidia_attestation = std::option::Option::Some(v.into());
2532 self
2533 }
2534
2535 /// Sets or clears the value of [nvidia_attestation][crate::model::VerifyConfidentialSpaceRequest::nvidia_attestation].
2536 ///
2537 /// # Example
2538 /// ```ignore,no_run
2539 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2540 /// use google_cloud_confidentialcomputing_v1::model::NvidiaAttestation;
2541 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_nvidia_attestation(Some(NvidiaAttestation::default()/* use setters */));
2542 /// let x = VerifyConfidentialSpaceRequest::new().set_or_clear_nvidia_attestation(None::<NvidiaAttestation>);
2543 /// ```
2544 pub fn set_or_clear_nvidia_attestation<T>(mut self, v: std::option::Option<T>) -> Self
2545 where
2546 T: std::convert::Into<crate::model::NvidiaAttestation>,
2547 {
2548 self.nvidia_attestation = v.map(|x| x.into());
2549 self
2550 }
2551
2552 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation].
2553 ///
2554 /// Note that all the setters affecting `tee_attestation` are mutually
2555 /// exclusive.
2556 ///
2557 /// # Example
2558 /// ```ignore,no_run
2559 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2560 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
2561 /// let x = VerifyConfidentialSpaceRequest::new().set_tee_attestation(Some(
2562 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::TeeAttestation::TdCcel(TdxCcelAttestation::default().into())));
2563 /// ```
2564 pub fn set_tee_attestation<
2565 T: std::convert::Into<
2566 std::option::Option<
2567 crate::model::verify_confidential_space_request::TeeAttestation,
2568 >,
2569 >,
2570 >(
2571 mut self,
2572 v: T,
2573 ) -> Self {
2574 self.tee_attestation = v.into();
2575 self
2576 }
2577
2578 /// The value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2579 /// if it holds a `TdCcel`, `None` if the field is not set or
2580 /// holds a different branch.
2581 pub fn td_ccel(
2582 &self,
2583 ) -> std::option::Option<&std::boxed::Box<crate::model::TdxCcelAttestation>> {
2584 #[allow(unreachable_patterns)]
2585 self.tee_attestation.as_ref().and_then(|v| match v {
2586 crate::model::verify_confidential_space_request::TeeAttestation::TdCcel(v) => {
2587 std::option::Option::Some(v)
2588 }
2589 _ => std::option::Option::None,
2590 })
2591 }
2592
2593 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2594 /// to hold a `TdCcel`.
2595 ///
2596 /// Note that all the setters affecting `tee_attestation` are
2597 /// mutually exclusive.
2598 ///
2599 /// # Example
2600 /// ```ignore,no_run
2601 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2602 /// use google_cloud_confidentialcomputing_v1::model::TdxCcelAttestation;
2603 /// let x = VerifyConfidentialSpaceRequest::new().set_td_ccel(TdxCcelAttestation::default()/* use setters */);
2604 /// assert!(x.td_ccel().is_some());
2605 /// assert!(x.tpm_attestation().is_none());
2606 /// ```
2607 pub fn set_td_ccel<T: std::convert::Into<std::boxed::Box<crate::model::TdxCcelAttestation>>>(
2608 mut self,
2609 v: T,
2610 ) -> Self {
2611 self.tee_attestation = std::option::Option::Some(
2612 crate::model::verify_confidential_space_request::TeeAttestation::TdCcel(v.into()),
2613 );
2614 self
2615 }
2616
2617 /// The value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2618 /// if it holds a `TpmAttestation`, `None` if the field is not set or
2619 /// holds a different branch.
2620 pub fn tpm_attestation(
2621 &self,
2622 ) -> std::option::Option<&std::boxed::Box<crate::model::TpmAttestation>> {
2623 #[allow(unreachable_patterns)]
2624 self.tee_attestation.as_ref().and_then(|v| match v {
2625 crate::model::verify_confidential_space_request::TeeAttestation::TpmAttestation(v) => {
2626 std::option::Option::Some(v)
2627 }
2628 _ => std::option::Option::None,
2629 })
2630 }
2631
2632 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialSpaceRequest::tee_attestation]
2633 /// to hold a `TpmAttestation`.
2634 ///
2635 /// Note that all the setters affecting `tee_attestation` are
2636 /// mutually exclusive.
2637 ///
2638 /// # Example
2639 /// ```ignore,no_run
2640 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceRequest;
2641 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
2642 /// let x = VerifyConfidentialSpaceRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
2643 /// assert!(x.tpm_attestation().is_some());
2644 /// assert!(x.td_ccel().is_none());
2645 /// ```
2646 pub fn set_tpm_attestation<
2647 T: std::convert::Into<std::boxed::Box<crate::model::TpmAttestation>>,
2648 >(
2649 mut self,
2650 v: T,
2651 ) -> Self {
2652 self.tee_attestation = std::option::Option::Some(
2653 crate::model::verify_confidential_space_request::TeeAttestation::TpmAttestation(
2654 v.into(),
2655 ),
2656 );
2657 self
2658 }
2659}
2660
2661impl wkt::message::Message for VerifyConfidentialSpaceRequest {
2662 fn typename() -> &'static str {
2663 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceRequest"
2664 }
2665}
2666
2667/// Defines additional types related to [VerifyConfidentialSpaceRequest].
2668pub mod verify_confidential_space_request {
2669 #[allow(unused_imports)]
2670 use super::*;
2671
2672 /// Token options for Confidential Space attestation.
2673 #[derive(Clone, Default, PartialEq)]
2674 #[non_exhaustive]
2675 pub struct ConfidentialSpaceOptions {
2676
2677 /// Optional. Optional string to issue the token with a custom audience
2678 /// claim. Required if custom nonces are specified.
2679 pub audience: std::string::String,
2680
2681 /// Optional. Optional specification for token claims profile.
2682 pub token_profile: crate::model::TokenProfile,
2683
2684 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
2685 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
2686 /// bytes and the maximum size is 74 bytes.
2687 pub nonce: std::vec::Vec<std::string::String>,
2688
2689 /// Optional. Optional specification for how to sign the attestation token.
2690 /// Defaults to SIGNATURE_TYPE_OIDC if unspecified.
2691 pub signature_type: crate::model::SignatureType,
2692
2693 /// An optional additional configuration per token type.
2694 pub token_profile_options: std::option::Option<crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions>,
2695
2696 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2697 }
2698
2699 impl ConfidentialSpaceOptions {
2700 /// Creates a new default instance.
2701 pub fn new() -> Self {
2702 std::default::Default::default()
2703 }
2704
2705 /// Sets the value of [audience][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::audience].
2706 ///
2707 /// # Example
2708 /// ```ignore,no_run
2709 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2710 /// let x = ConfidentialSpaceOptions::new().set_audience("example");
2711 /// ```
2712 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
2713 self.audience = v.into();
2714 self
2715 }
2716
2717 /// Sets the value of [token_profile][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile].
2718 ///
2719 /// # Example
2720 /// ```ignore,no_run
2721 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2722 /// use google_cloud_confidentialcomputing_v1::model::TokenProfile;
2723 /// let x0 = ConfidentialSpaceOptions::new().set_token_profile(TokenProfile::DefaultEat);
2724 /// let x1 = ConfidentialSpaceOptions::new().set_token_profile(TokenProfile::Aws);
2725 /// ```
2726 pub fn set_token_profile<T: std::convert::Into<crate::model::TokenProfile>>(
2727 mut self,
2728 v: T,
2729 ) -> Self {
2730 self.token_profile = v.into();
2731 self
2732 }
2733
2734 /// Sets the value of [nonce][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::nonce].
2735 ///
2736 /// # Example
2737 /// ```ignore,no_run
2738 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2739 /// let x = ConfidentialSpaceOptions::new().set_nonce(["a", "b", "c"]);
2740 /// ```
2741 pub fn set_nonce<T, V>(mut self, v: T) -> Self
2742 where
2743 T: std::iter::IntoIterator<Item = V>,
2744 V: std::convert::Into<std::string::String>,
2745 {
2746 use std::iter::Iterator;
2747 self.nonce = v.into_iter().map(|i| i.into()).collect();
2748 self
2749 }
2750
2751 /// Sets the value of [signature_type][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::signature_type].
2752 ///
2753 /// # Example
2754 /// ```ignore,no_run
2755 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2756 /// use google_cloud_confidentialcomputing_v1::model::SignatureType;
2757 /// let x0 = ConfidentialSpaceOptions::new().set_signature_type(SignatureType::Oidc);
2758 /// let x1 = ConfidentialSpaceOptions::new().set_signature_type(SignatureType::Pki);
2759 /// ```
2760 pub fn set_signature_type<T: std::convert::Into<crate::model::SignatureType>>(
2761 mut self,
2762 v: T,
2763 ) -> Self {
2764 self.signature_type = v.into();
2765 self
2766 }
2767
2768 /// Sets the value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options].
2769 ///
2770 /// Note that all the setters affecting `token_profile_options` are mutually
2771 /// exclusive.
2772 ///
2773 /// # Example
2774 /// ```ignore,no_run
2775 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2776 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
2777 /// let x = ConfidentialSpaceOptions::new().set_token_profile_options(Some(
2778 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(AwsPrincipalTagsOptions::default().into())));
2779 /// ```
2780 pub fn set_token_profile_options<T: std::convert::Into<std::option::Option<crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions>>>(mut self, v: T) -> Self
2781 {
2782 self.token_profile_options = v.into();
2783 self
2784 }
2785
2786 /// The value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options]
2787 /// if it holds a `AwsPrincipalTagsOptions`, `None` if the field is not set or
2788 /// holds a different branch.
2789 pub fn aws_principal_tags_options(
2790 &self,
2791 ) -> std::option::Option<&std::boxed::Box<crate::model::AwsPrincipalTagsOptions>> {
2792 #[allow(unreachable_patterns)]
2793 self.token_profile_options.as_ref().and_then(|v| match v {
2794 crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(v) => std::option::Option::Some(v),
2795 _ => std::option::Option::None,
2796 })
2797 }
2798
2799 /// Sets the value of [token_profile_options][crate::model::verify_confidential_space_request::ConfidentialSpaceOptions::token_profile_options]
2800 /// to hold a `AwsPrincipalTagsOptions`.
2801 ///
2802 /// Note that all the setters affecting `token_profile_options` are
2803 /// mutually exclusive.
2804 ///
2805 /// # Example
2806 /// ```ignore,no_run
2807 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_space_request::ConfidentialSpaceOptions;
2808 /// use google_cloud_confidentialcomputing_v1::model::AwsPrincipalTagsOptions;
2809 /// let x = ConfidentialSpaceOptions::new().set_aws_principal_tags_options(AwsPrincipalTagsOptions::default()/* use setters */);
2810 /// assert!(x.aws_principal_tags_options().is_some());
2811 /// ```
2812 pub fn set_aws_principal_tags_options<
2813 T: std::convert::Into<std::boxed::Box<crate::model::AwsPrincipalTagsOptions>>,
2814 >(
2815 mut self,
2816 v: T,
2817 ) -> Self {
2818 self.token_profile_options = std::option::Option::Some(
2819 crate::model::verify_confidential_space_request::confidential_space_options::TokenProfileOptions::AwsPrincipalTagsOptions(
2820 v.into()
2821 )
2822 );
2823 self
2824 }
2825 }
2826
2827 impl wkt::message::Message for ConfidentialSpaceOptions {
2828 fn typename() -> &'static str {
2829 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceRequest.ConfidentialSpaceOptions"
2830 }
2831 }
2832
2833 /// Defines additional types related to [ConfidentialSpaceOptions].
2834 pub mod confidential_space_options {
2835 #[allow(unused_imports)]
2836 use super::*;
2837
2838 /// An optional additional configuration per token type.
2839 #[derive(Clone, Debug, PartialEq)]
2840 #[non_exhaustive]
2841 pub enum TokenProfileOptions {
2842 /// Optional. Options for the AWS token type.
2843 AwsPrincipalTagsOptions(std::boxed::Box<crate::model::AwsPrincipalTagsOptions>),
2844 }
2845 }
2846
2847 /// Required. A tee attestation report, used to populate hardware rooted
2848 /// claims.
2849 #[derive(Clone, Debug, PartialEq)]
2850 #[non_exhaustive]
2851 pub enum TeeAttestation {
2852 /// Input only. A TDX with CCEL and RTMR Attestation Quote.
2853 TdCcel(std::boxed::Box<crate::model::TdxCcelAttestation>),
2854 /// Input only. The TPM-specific data provided by the attesting platform,
2855 /// used to populate any of the claims regarding platform state.
2856 TpmAttestation(std::boxed::Box<crate::model::TpmAttestation>),
2857 }
2858}
2859
2860/// GceShieldedIdentity contains information about a Compute Engine instance.
2861#[derive(Clone, Default, PartialEq)]
2862#[non_exhaustive]
2863pub struct GceShieldedIdentity {
2864 /// Optional. DER-encoded X.509 certificate of the Attestation Key (otherwise
2865 /// known as an AK or a TPM restricted signing key) used to generate the
2866 /// quotes.
2867 pub ak_cert: ::bytes::Bytes,
2868
2869 /// Optional. List of DER-encoded X.509 certificates which, together with the
2870 /// ak_cert, chain back to a trusted Root Certificate.
2871 pub ak_cert_chain: std::vec::Vec<::bytes::Bytes>,
2872
2873 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2874}
2875
2876impl GceShieldedIdentity {
2877 /// Creates a new default instance.
2878 pub fn new() -> Self {
2879 std::default::Default::default()
2880 }
2881
2882 /// Sets the value of [ak_cert][crate::model::GceShieldedIdentity::ak_cert].
2883 ///
2884 /// # Example
2885 /// ```ignore,no_run
2886 /// # use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2887 /// let x = GceShieldedIdentity::new().set_ak_cert(bytes::Bytes::from_static(b"example"));
2888 /// ```
2889 pub fn set_ak_cert<T: std::convert::Into<::bytes::Bytes>>(mut self, v: T) -> Self {
2890 self.ak_cert = v.into();
2891 self
2892 }
2893
2894 /// Sets the value of [ak_cert_chain][crate::model::GceShieldedIdentity::ak_cert_chain].
2895 ///
2896 /// # Example
2897 /// ```ignore,no_run
2898 /// # use google_cloud_confidentialcomputing_v1::model::GceShieldedIdentity;
2899 /// let b1 = bytes::Bytes::from_static(b"abc");
2900 /// let b2 = bytes::Bytes::from_static(b"xyz");
2901 /// let x = GceShieldedIdentity::new().set_ak_cert_chain([b1, b2]);
2902 /// ```
2903 pub fn set_ak_cert_chain<T, V>(mut self, v: T) -> Self
2904 where
2905 T: std::iter::IntoIterator<Item = V>,
2906 V: std::convert::Into<::bytes::Bytes>,
2907 {
2908 use std::iter::Iterator;
2909 self.ak_cert_chain = v.into_iter().map(|i| i.into()).collect();
2910 self
2911 }
2912}
2913
2914impl wkt::message::Message for GceShieldedIdentity {
2915 fn typename() -> &'static str {
2916 "type.googleapis.com/google.cloud.confidentialcomputing.v1.GceShieldedIdentity"
2917 }
2918}
2919
2920/// VerifyConfidentialSpaceResponse is returned once a Confidential Space
2921/// attestation has been successfully verified, containing a signed token.
2922#[derive(Clone, Default, PartialEq)]
2923#[non_exhaustive]
2924pub struct VerifyConfidentialSpaceResponse {
2925 /// Output only. The attestation token issued by this service. It contains
2926 /// specific platform claims based on the contents of the provided attestation.
2927 pub attestation_token: std::string::String,
2928
2929 /// Output only. A list of messages that carry the partial error details
2930 /// related to VerifyConfidentialSpace. This field is populated by errors
2931 /// during container image signature verification, which may reflect problems
2932 /// in the provided image signatures. This does not block the issuing of an
2933 /// attestation token, but the token will not contain claims for the failed
2934 /// image signatures.
2935 pub partial_errors: std::vec::Vec<google_cloud_rpc::model::Status>,
2936
2937 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
2938}
2939
2940impl VerifyConfidentialSpaceResponse {
2941 /// Creates a new default instance.
2942 pub fn new() -> Self {
2943 std::default::Default::default()
2944 }
2945
2946 /// Sets the value of [attestation_token][crate::model::VerifyConfidentialSpaceResponse::attestation_token].
2947 ///
2948 /// # Example
2949 /// ```ignore,no_run
2950 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceResponse;
2951 /// let x = VerifyConfidentialSpaceResponse::new().set_attestation_token("example");
2952 /// ```
2953 pub fn set_attestation_token<T: std::convert::Into<std::string::String>>(
2954 mut self,
2955 v: T,
2956 ) -> Self {
2957 self.attestation_token = v.into();
2958 self
2959 }
2960
2961 /// Sets the value of [partial_errors][crate::model::VerifyConfidentialSpaceResponse::partial_errors].
2962 ///
2963 /// # Example
2964 /// ```ignore,no_run
2965 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialSpaceResponse;
2966 /// use google_cloud_rpc::model::Status;
2967 /// let x = VerifyConfidentialSpaceResponse::new()
2968 /// .set_partial_errors([
2969 /// Status::default()/* use setters */,
2970 /// Status::default()/* use (different) setters */,
2971 /// ]);
2972 /// ```
2973 pub fn set_partial_errors<T, V>(mut self, v: T) -> Self
2974 where
2975 T: std::iter::IntoIterator<Item = V>,
2976 V: std::convert::Into<google_cloud_rpc::model::Status>,
2977 {
2978 use std::iter::Iterator;
2979 self.partial_errors = v.into_iter().map(|i| i.into()).collect();
2980 self
2981 }
2982}
2983
2984impl wkt::message::Message for VerifyConfidentialSpaceResponse {
2985 fn typename() -> &'static str {
2986 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialSpaceResponse"
2987 }
2988}
2989
2990/// A request for an attestation token, providing all the necessary information
2991/// needed for this service to verify Confidential GKE platform state of the
2992/// requestor.
2993#[derive(Clone, Default, PartialEq)]
2994#[non_exhaustive]
2995pub struct VerifyConfidentialGkeRequest {
2996 /// Required. The name of the Challenge whose nonce was used to generate the
2997 /// attestation, in the format projects/*/locations/*/challenges/*. The
2998 /// provided Challenge will be consumed, and cannot be used again.
2999 pub challenge: std::string::String,
3000
3001 /// Optional. A collection of fields that modify the token output.
3002 pub options:
3003 std::option::Option<crate::model::verify_confidential_gke_request::ConfidentialGkeOptions>,
3004
3005 /// Required. A tee attestation report, used to populate hardware rooted
3006 /// claims.
3007 pub tee_attestation:
3008 std::option::Option<crate::model::verify_confidential_gke_request::TeeAttestation>,
3009
3010 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
3011}
3012
3013impl VerifyConfidentialGkeRequest {
3014 /// Creates a new default instance.
3015 pub fn new() -> Self {
3016 std::default::Default::default()
3017 }
3018
3019 /// Sets the value of [challenge][crate::model::VerifyConfidentialGkeRequest::challenge].
3020 ///
3021 /// # Example
3022 /// ```ignore,no_run
3023 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3024 /// let x = VerifyConfidentialGkeRequest::new().set_challenge("example");
3025 /// ```
3026 pub fn set_challenge<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
3027 self.challenge = v.into();
3028 self
3029 }
3030
3031 /// Sets the value of [options][crate::model::VerifyConfidentialGkeRequest::options].
3032 ///
3033 /// # Example
3034 /// ```ignore,no_run
3035 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3036 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3037 /// let x = VerifyConfidentialGkeRequest::new().set_options(ConfidentialGkeOptions::default()/* use setters */);
3038 /// ```
3039 pub fn set_options<T>(mut self, v: T) -> Self
3040 where
3041 T: std::convert::Into<
3042 crate::model::verify_confidential_gke_request::ConfidentialGkeOptions,
3043 >,
3044 {
3045 self.options = std::option::Option::Some(v.into());
3046 self
3047 }
3048
3049 /// Sets or clears the value of [options][crate::model::VerifyConfidentialGkeRequest::options].
3050 ///
3051 /// # Example
3052 /// ```ignore,no_run
3053 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3054 /// use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3055 /// let x = VerifyConfidentialGkeRequest::new().set_or_clear_options(Some(ConfidentialGkeOptions::default()/* use setters */));
3056 /// let x = VerifyConfidentialGkeRequest::new().set_or_clear_options(None::<ConfidentialGkeOptions>);
3057 /// ```
3058 pub fn set_or_clear_options<T>(mut self, v: std::option::Option<T>) -> Self
3059 where
3060 T: std::convert::Into<
3061 crate::model::verify_confidential_gke_request::ConfidentialGkeOptions,
3062 >,
3063 {
3064 self.options = v.map(|x| x.into());
3065 self
3066 }
3067
3068 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation].
3069 ///
3070 /// Note that all the setters affecting `tee_attestation` are mutually
3071 /// exclusive.
3072 ///
3073 /// # Example
3074 /// ```ignore,no_run
3075 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3076 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
3077 /// let x = VerifyConfidentialGkeRequest::new().set_tee_attestation(Some(
3078 /// google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(TpmAttestation::default().into())));
3079 /// ```
3080 pub fn set_tee_attestation<
3081 T: std::convert::Into<
3082 std::option::Option<crate::model::verify_confidential_gke_request::TeeAttestation>,
3083 >,
3084 >(
3085 mut self,
3086 v: T,
3087 ) -> Self {
3088 self.tee_attestation = v.into();
3089 self
3090 }
3091
3092 /// The value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation]
3093 /// if it holds a `TpmAttestation`, `None` if the field is not set or
3094 /// holds a different branch.
3095 pub fn tpm_attestation(
3096 &self,
3097 ) -> std::option::Option<&std::boxed::Box<crate::model::TpmAttestation>> {
3098 #[allow(unreachable_patterns)]
3099 self.tee_attestation.as_ref().and_then(|v| match v {
3100 crate::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(v) => {
3101 std::option::Option::Some(v)
3102 }
3103 _ => std::option::Option::None,
3104 })
3105 }
3106
3107 /// Sets the value of [tee_attestation][crate::model::VerifyConfidentialGkeRequest::tee_attestation]
3108 /// to hold a `TpmAttestation`.
3109 ///
3110 /// Note that all the setters affecting `tee_attestation` are
3111 /// mutually exclusive.
3112 ///
3113 /// # Example
3114 /// ```ignore,no_run
3115 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeRequest;
3116 /// use google_cloud_confidentialcomputing_v1::model::TpmAttestation;
3117 /// let x = VerifyConfidentialGkeRequest::new().set_tpm_attestation(TpmAttestation::default()/* use setters */);
3118 /// assert!(x.tpm_attestation().is_some());
3119 /// ```
3120 pub fn set_tpm_attestation<
3121 T: std::convert::Into<std::boxed::Box<crate::model::TpmAttestation>>,
3122 >(
3123 mut self,
3124 v: T,
3125 ) -> Self {
3126 self.tee_attestation = std::option::Option::Some(
3127 crate::model::verify_confidential_gke_request::TeeAttestation::TpmAttestation(v.into()),
3128 );
3129 self
3130 }
3131}
3132
3133impl wkt::message::Message for VerifyConfidentialGkeRequest {
3134 fn typename() -> &'static str {
3135 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeRequest"
3136 }
3137}
3138
3139/// Defines additional types related to [VerifyConfidentialGkeRequest].
3140pub mod verify_confidential_gke_request {
3141 #[allow(unused_imports)]
3142 use super::*;
3143
3144 /// Token options for Confidential GKE attestation.
3145 #[derive(Clone, Default, PartialEq)]
3146 #[non_exhaustive]
3147 pub struct ConfidentialGkeOptions {
3148 /// Optional. Optional string to issue the token with a custom audience
3149 /// claim. Required if custom nonces are specified.
3150 pub audience: std::string::String,
3151
3152 /// Optional. Optional parameter to place one or more nonces in the eat_nonce
3153 /// claim in the output token. The minimum size for JSON-encoded EATs is 10
3154 /// bytes and the maximum size is 74 bytes.
3155 pub nonce: std::vec::Vec<std::string::String>,
3156
3157 /// Optional. Optional specification for how to sign the attestation token.
3158 /// Defaults to SIGNATURE_TYPE_OIDC if unspecified.
3159 pub signature_type: crate::model::SignatureType,
3160
3161 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
3162 }
3163
3164 impl ConfidentialGkeOptions {
3165 /// Creates a new default instance.
3166 pub fn new() -> Self {
3167 std::default::Default::default()
3168 }
3169
3170 /// Sets the value of [audience][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::audience].
3171 ///
3172 /// # Example
3173 /// ```ignore,no_run
3174 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3175 /// let x = ConfidentialGkeOptions::new().set_audience("example");
3176 /// ```
3177 pub fn set_audience<T: std::convert::Into<std::string::String>>(mut self, v: T) -> Self {
3178 self.audience = v.into();
3179 self
3180 }
3181
3182 /// Sets the value of [nonce][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::nonce].
3183 ///
3184 /// # Example
3185 /// ```ignore,no_run
3186 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3187 /// let x = ConfidentialGkeOptions::new().set_nonce(["a", "b", "c"]);
3188 /// ```
3189 pub fn set_nonce<T, V>(mut self, v: T) -> Self
3190 where
3191 T: std::iter::IntoIterator<Item = V>,
3192 V: std::convert::Into<std::string::String>,
3193 {
3194 use std::iter::Iterator;
3195 self.nonce = v.into_iter().map(|i| i.into()).collect();
3196 self
3197 }
3198
3199 /// Sets the value of [signature_type][crate::model::verify_confidential_gke_request::ConfidentialGkeOptions::signature_type].
3200 ///
3201 /// # Example
3202 /// ```ignore,no_run
3203 /// # use google_cloud_confidentialcomputing_v1::model::verify_confidential_gke_request::ConfidentialGkeOptions;
3204 /// use google_cloud_confidentialcomputing_v1::model::SignatureType;
3205 /// let x0 = ConfidentialGkeOptions::new().set_signature_type(SignatureType::Oidc);
3206 /// let x1 = ConfidentialGkeOptions::new().set_signature_type(SignatureType::Pki);
3207 /// ```
3208 pub fn set_signature_type<T: std::convert::Into<crate::model::SignatureType>>(
3209 mut self,
3210 v: T,
3211 ) -> Self {
3212 self.signature_type = v.into();
3213 self
3214 }
3215 }
3216
3217 impl wkt::message::Message for ConfidentialGkeOptions {
3218 fn typename() -> &'static str {
3219 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeRequest.ConfidentialGkeOptions"
3220 }
3221 }
3222
3223 /// Required. A tee attestation report, used to populate hardware rooted
3224 /// claims.
3225 #[derive(Clone, Debug, PartialEq)]
3226 #[non_exhaustive]
3227 pub enum TeeAttestation {
3228 /// The TPM-specific data provided by the attesting platform, used to
3229 /// populate any of the claims regarding platform state.
3230 TpmAttestation(std::boxed::Box<crate::model::TpmAttestation>),
3231 }
3232}
3233
3234/// VerifyConfidentialGkeResponse response is returened once a Confidential GKE
3235/// attestation has been successfully verified, containing a signed OIDC token.
3236#[derive(Clone, Default, PartialEq)]
3237#[non_exhaustive]
3238pub struct VerifyConfidentialGkeResponse {
3239 /// Output only. The attestation token issued by this service for Confidential
3240 /// GKE. It contains specific platform claims based on the contents of the
3241 /// provided attestation.
3242 pub attestation_token: std::string::String,
3243
3244 pub(crate) _unknown_fields: serde_json::Map<std::string::String, serde_json::Value>,
3245}
3246
3247impl VerifyConfidentialGkeResponse {
3248 /// Creates a new default instance.
3249 pub fn new() -> Self {
3250 std::default::Default::default()
3251 }
3252
3253 /// Sets the value of [attestation_token][crate::model::VerifyConfidentialGkeResponse::attestation_token].
3254 ///
3255 /// # Example
3256 /// ```ignore,no_run
3257 /// # use google_cloud_confidentialcomputing_v1::model::VerifyConfidentialGkeResponse;
3258 /// let x = VerifyConfidentialGkeResponse::new().set_attestation_token("example");
3259 /// ```
3260 pub fn set_attestation_token<T: std::convert::Into<std::string::String>>(
3261 mut self,
3262 v: T,
3263 ) -> Self {
3264 self.attestation_token = v.into();
3265 self
3266 }
3267}
3268
3269impl wkt::message::Message for VerifyConfidentialGkeResponse {
3270 fn typename() -> &'static str {
3271 "type.googleapis.com/google.cloud.confidentialcomputing.v1.VerifyConfidentialGkeResponse"
3272 }
3273}
3274
3275/// SigningAlgorithm enumerates all the supported signing algorithms.
3276///
3277/// # Working with unknown values
3278///
3279/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3280/// additional enum variants at any time. Adding new variants is not considered
3281/// a breaking change. Applications should write their code in anticipation of:
3282///
3283/// - New values appearing in future releases of the client library, **and**
3284/// - New values received dynamically, without application changes.
3285///
3286/// Please consult the [Working with enums] section in the user guide for some
3287/// guidelines.
3288///
3289/// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
3290#[derive(Clone, Debug, PartialEq)]
3291#[non_exhaustive]
3292pub enum SigningAlgorithm {
3293 /// Unspecified signing algorithm.
3294 Unspecified,
3295 /// RSASSA-PSS with a SHA256 digest.
3296 RsassaPssSha256,
3297 /// RSASSA-PKCS1 v1.5 with a SHA256 digest.
3298 RsassaPkcs1V15Sha256,
3299 /// ECDSA on the P-256 Curve with a SHA256 digest.
3300 EcdsaP256Sha256,
3301 /// If set, the enum was initialized with an unknown value.
3302 ///
3303 /// Applications can examine the value using [SigningAlgorithm::value] or
3304 /// [SigningAlgorithm::name].
3305 UnknownValue(signing_algorithm::UnknownValue),
3306}
3307
3308#[doc(hidden)]
3309pub mod signing_algorithm {
3310 #[allow(unused_imports)]
3311 use super::*;
3312 #[derive(Clone, Debug, PartialEq)]
3313 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3314}
3315
3316impl SigningAlgorithm {
3317 /// Gets the enum value.
3318 ///
3319 /// Returns `None` if the enum contains an unknown value deserialized from
3320 /// the string representation of enums.
3321 pub fn value(&self) -> std::option::Option<i32> {
3322 match self {
3323 Self::Unspecified => std::option::Option::Some(0),
3324 Self::RsassaPssSha256 => std::option::Option::Some(1),
3325 Self::RsassaPkcs1V15Sha256 => std::option::Option::Some(2),
3326 Self::EcdsaP256Sha256 => std::option::Option::Some(3),
3327 Self::UnknownValue(u) => u.0.value(),
3328 }
3329 }
3330
3331 /// Gets the enum value as a string.
3332 ///
3333 /// Returns `None` if the enum contains an unknown value deserialized from
3334 /// the integer representation of enums.
3335 pub fn name(&self) -> std::option::Option<&str> {
3336 match self {
3337 Self::Unspecified => std::option::Option::Some("SIGNING_ALGORITHM_UNSPECIFIED"),
3338 Self::RsassaPssSha256 => std::option::Option::Some("RSASSA_PSS_SHA256"),
3339 Self::RsassaPkcs1V15Sha256 => std::option::Option::Some("RSASSA_PKCS1V15_SHA256"),
3340 Self::EcdsaP256Sha256 => std::option::Option::Some("ECDSA_P256_SHA256"),
3341 Self::UnknownValue(u) => u.0.name(),
3342 }
3343 }
3344}
3345
3346impl std::default::Default for SigningAlgorithm {
3347 fn default() -> Self {
3348 use std::convert::From;
3349 Self::from(0)
3350 }
3351}
3352
3353impl std::fmt::Display for SigningAlgorithm {
3354 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3355 wkt::internal::display_enum(f, self.name(), self.value())
3356 }
3357}
3358
3359impl std::convert::From<i32> for SigningAlgorithm {
3360 fn from(value: i32) -> Self {
3361 match value {
3362 0 => Self::Unspecified,
3363 1 => Self::RsassaPssSha256,
3364 2 => Self::RsassaPkcs1V15Sha256,
3365 3 => Self::EcdsaP256Sha256,
3366 _ => Self::UnknownValue(signing_algorithm::UnknownValue(
3367 wkt::internal::UnknownEnumValue::Integer(value),
3368 )),
3369 }
3370 }
3371}
3372
3373impl std::convert::From<&str> for SigningAlgorithm {
3374 fn from(value: &str) -> Self {
3375 use std::string::ToString;
3376 match value {
3377 "SIGNING_ALGORITHM_UNSPECIFIED" => Self::Unspecified,
3378 "RSASSA_PSS_SHA256" => Self::RsassaPssSha256,
3379 "RSASSA_PKCS1V15_SHA256" => Self::RsassaPkcs1V15Sha256,
3380 "ECDSA_P256_SHA256" => Self::EcdsaP256Sha256,
3381 _ => Self::UnknownValue(signing_algorithm::UnknownValue(
3382 wkt::internal::UnknownEnumValue::String(value.to_string()),
3383 )),
3384 }
3385 }
3386}
3387
3388impl serde::ser::Serialize for SigningAlgorithm {
3389 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3390 where
3391 S: serde::Serializer,
3392 {
3393 match self {
3394 Self::Unspecified => serializer.serialize_i32(0),
3395 Self::RsassaPssSha256 => serializer.serialize_i32(1),
3396 Self::RsassaPkcs1V15Sha256 => serializer.serialize_i32(2),
3397 Self::EcdsaP256Sha256 => serializer.serialize_i32(3),
3398 Self::UnknownValue(u) => u.0.serialize(serializer),
3399 }
3400 }
3401}
3402
3403impl<'de> serde::de::Deserialize<'de> for SigningAlgorithm {
3404 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3405 where
3406 D: serde::Deserializer<'de>,
3407 {
3408 deserializer.deserialize_any(wkt::internal::EnumVisitor::<SigningAlgorithm>::new(
3409 ".google.cloud.confidentialcomputing.v1.SigningAlgorithm",
3410 ))
3411 }
3412}
3413
3414/// Token type enum contains the different types of token responses Confidential
3415/// Space supports
3416///
3417/// # Working with unknown values
3418///
3419/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3420/// additional enum variants at any time. Adding new variants is not considered
3421/// a breaking change. Applications should write their code in anticipation of:
3422///
3423/// - New values appearing in future releases of the client library, **and**
3424/// - New values received dynamically, without application changes.
3425///
3426/// Please consult the [Working with enums] section in the user guide for some
3427/// guidelines.
3428///
3429/// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
3430#[derive(Clone, Debug, PartialEq)]
3431#[non_exhaustive]
3432pub enum TokenType {
3433 /// Unspecified token type
3434 Unspecified,
3435 /// OpenID Connect (OIDC) token type
3436 Oidc,
3437 /// Public Key Infrastructure (PKI) token type
3438 Pki,
3439 /// Limited claim token type for AWS integration
3440 LimitedAws,
3441 /// Principal-tag-based token for AWS integration
3442 AwsPrincipaltags,
3443 /// If set, the enum was initialized with an unknown value.
3444 ///
3445 /// Applications can examine the value using [TokenType::value] or
3446 /// [TokenType::name].
3447 UnknownValue(token_type::UnknownValue),
3448}
3449
3450#[doc(hidden)]
3451pub mod token_type {
3452 #[allow(unused_imports)]
3453 use super::*;
3454 #[derive(Clone, Debug, PartialEq)]
3455 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3456}
3457
3458impl TokenType {
3459 /// Gets the enum value.
3460 ///
3461 /// Returns `None` if the enum contains an unknown value deserialized from
3462 /// the string representation of enums.
3463 pub fn value(&self) -> std::option::Option<i32> {
3464 match self {
3465 Self::Unspecified => std::option::Option::Some(0),
3466 Self::Oidc => std::option::Option::Some(1),
3467 Self::Pki => std::option::Option::Some(2),
3468 Self::LimitedAws => std::option::Option::Some(3),
3469 Self::AwsPrincipaltags => std::option::Option::Some(4),
3470 Self::UnknownValue(u) => u.0.value(),
3471 }
3472 }
3473
3474 /// Gets the enum value as a string.
3475 ///
3476 /// Returns `None` if the enum contains an unknown value deserialized from
3477 /// the integer representation of enums.
3478 pub fn name(&self) -> std::option::Option<&str> {
3479 match self {
3480 Self::Unspecified => std::option::Option::Some("TOKEN_TYPE_UNSPECIFIED"),
3481 Self::Oidc => std::option::Option::Some("TOKEN_TYPE_OIDC"),
3482 Self::Pki => std::option::Option::Some("TOKEN_TYPE_PKI"),
3483 Self::LimitedAws => std::option::Option::Some("TOKEN_TYPE_LIMITED_AWS"),
3484 Self::AwsPrincipaltags => std::option::Option::Some("TOKEN_TYPE_AWS_PRINCIPALTAGS"),
3485 Self::UnknownValue(u) => u.0.name(),
3486 }
3487 }
3488}
3489
3490impl std::default::Default for TokenType {
3491 fn default() -> Self {
3492 use std::convert::From;
3493 Self::from(0)
3494 }
3495}
3496
3497impl std::fmt::Display for TokenType {
3498 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3499 wkt::internal::display_enum(f, self.name(), self.value())
3500 }
3501}
3502
3503impl std::convert::From<i32> for TokenType {
3504 fn from(value: i32) -> Self {
3505 match value {
3506 0 => Self::Unspecified,
3507 1 => Self::Oidc,
3508 2 => Self::Pki,
3509 3 => Self::LimitedAws,
3510 4 => Self::AwsPrincipaltags,
3511 _ => Self::UnknownValue(token_type::UnknownValue(
3512 wkt::internal::UnknownEnumValue::Integer(value),
3513 )),
3514 }
3515 }
3516}
3517
3518impl std::convert::From<&str> for TokenType {
3519 fn from(value: &str) -> Self {
3520 use std::string::ToString;
3521 match value {
3522 "TOKEN_TYPE_UNSPECIFIED" => Self::Unspecified,
3523 "TOKEN_TYPE_OIDC" => Self::Oidc,
3524 "TOKEN_TYPE_PKI" => Self::Pki,
3525 "TOKEN_TYPE_LIMITED_AWS" => Self::LimitedAws,
3526 "TOKEN_TYPE_AWS_PRINCIPALTAGS" => Self::AwsPrincipaltags,
3527 _ => Self::UnknownValue(token_type::UnknownValue(
3528 wkt::internal::UnknownEnumValue::String(value.to_string()),
3529 )),
3530 }
3531 }
3532}
3533
3534impl serde::ser::Serialize for TokenType {
3535 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3536 where
3537 S: serde::Serializer,
3538 {
3539 match self {
3540 Self::Unspecified => serializer.serialize_i32(0),
3541 Self::Oidc => serializer.serialize_i32(1),
3542 Self::Pki => serializer.serialize_i32(2),
3543 Self::LimitedAws => serializer.serialize_i32(3),
3544 Self::AwsPrincipaltags => serializer.serialize_i32(4),
3545 Self::UnknownValue(u) => u.0.serialize(serializer),
3546 }
3547 }
3548}
3549
3550impl<'de> serde::de::Deserialize<'de> for TokenType {
3551 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3552 where
3553 D: serde::Deserializer<'de>,
3554 {
3555 deserializer.deserialize_any(wkt::internal::EnumVisitor::<TokenType>::new(
3556 ".google.cloud.confidentialcomputing.v1.TokenType",
3557 ))
3558 }
3559}
3560
3561/// SignatureType enumerates supported signature types for attestation tokens.
3562///
3563/// # Working with unknown values
3564///
3565/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3566/// additional enum variants at any time. Adding new variants is not considered
3567/// a breaking change. Applications should write their code in anticipation of:
3568///
3569/// - New values appearing in future releases of the client library, **and**
3570/// - New values received dynamically, without application changes.
3571///
3572/// Please consult the [Working with enums] section in the user guide for some
3573/// guidelines.
3574///
3575/// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
3576#[derive(Clone, Debug, PartialEq)]
3577#[non_exhaustive]
3578pub enum SignatureType {
3579 /// Unspecified signature type.
3580 Unspecified,
3581 /// Google OIDC signature.
3582 Oidc,
3583 /// Public Key Infrastructure (PKI) signature.
3584 Pki,
3585 /// If set, the enum was initialized with an unknown value.
3586 ///
3587 /// Applications can examine the value using [SignatureType::value] or
3588 /// [SignatureType::name].
3589 UnknownValue(signature_type::UnknownValue),
3590}
3591
3592#[doc(hidden)]
3593pub mod signature_type {
3594 #[allow(unused_imports)]
3595 use super::*;
3596 #[derive(Clone, Debug, PartialEq)]
3597 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3598}
3599
3600impl SignatureType {
3601 /// Gets the enum value.
3602 ///
3603 /// Returns `None` if the enum contains an unknown value deserialized from
3604 /// the string representation of enums.
3605 pub fn value(&self) -> std::option::Option<i32> {
3606 match self {
3607 Self::Unspecified => std::option::Option::Some(0),
3608 Self::Oidc => std::option::Option::Some(1),
3609 Self::Pki => std::option::Option::Some(2),
3610 Self::UnknownValue(u) => u.0.value(),
3611 }
3612 }
3613
3614 /// Gets the enum value as a string.
3615 ///
3616 /// Returns `None` if the enum contains an unknown value deserialized from
3617 /// the integer representation of enums.
3618 pub fn name(&self) -> std::option::Option<&str> {
3619 match self {
3620 Self::Unspecified => std::option::Option::Some("SIGNATURE_TYPE_UNSPECIFIED"),
3621 Self::Oidc => std::option::Option::Some("SIGNATURE_TYPE_OIDC"),
3622 Self::Pki => std::option::Option::Some("SIGNATURE_TYPE_PKI"),
3623 Self::UnknownValue(u) => u.0.name(),
3624 }
3625 }
3626}
3627
3628impl std::default::Default for SignatureType {
3629 fn default() -> Self {
3630 use std::convert::From;
3631 Self::from(0)
3632 }
3633}
3634
3635impl std::fmt::Display for SignatureType {
3636 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3637 wkt::internal::display_enum(f, self.name(), self.value())
3638 }
3639}
3640
3641impl std::convert::From<i32> for SignatureType {
3642 fn from(value: i32) -> Self {
3643 match value {
3644 0 => Self::Unspecified,
3645 1 => Self::Oidc,
3646 2 => Self::Pki,
3647 _ => Self::UnknownValue(signature_type::UnknownValue(
3648 wkt::internal::UnknownEnumValue::Integer(value),
3649 )),
3650 }
3651 }
3652}
3653
3654impl std::convert::From<&str> for SignatureType {
3655 fn from(value: &str) -> Self {
3656 use std::string::ToString;
3657 match value {
3658 "SIGNATURE_TYPE_UNSPECIFIED" => Self::Unspecified,
3659 "SIGNATURE_TYPE_OIDC" => Self::Oidc,
3660 "SIGNATURE_TYPE_PKI" => Self::Pki,
3661 _ => Self::UnknownValue(signature_type::UnknownValue(
3662 wkt::internal::UnknownEnumValue::String(value.to_string()),
3663 )),
3664 }
3665 }
3666}
3667
3668impl serde::ser::Serialize for SignatureType {
3669 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3670 where
3671 S: serde::Serializer,
3672 {
3673 match self {
3674 Self::Unspecified => serializer.serialize_i32(0),
3675 Self::Oidc => serializer.serialize_i32(1),
3676 Self::Pki => serializer.serialize_i32(2),
3677 Self::UnknownValue(u) => u.0.serialize(serializer),
3678 }
3679 }
3680}
3681
3682impl<'de> serde::de::Deserialize<'de> for SignatureType {
3683 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3684 where
3685 D: serde::Deserializer<'de>,
3686 {
3687 deserializer.deserialize_any(wkt::internal::EnumVisitor::<SignatureType>::new(
3688 ".google.cloud.confidentialcomputing.v1.SignatureType",
3689 ))
3690 }
3691}
3692
3693/// TokenProfile enumerates the supported token claims profiles.
3694///
3695/// # Working with unknown values
3696///
3697/// This enum is defined as `#[non_exhaustive]` because Google Cloud may add
3698/// additional enum variants at any time. Adding new variants is not considered
3699/// a breaking change. Applications should write their code in anticipation of:
3700///
3701/// - New values appearing in future releases of the client library, **and**
3702/// - New values received dynamically, without application changes.
3703///
3704/// Please consult the [Working with enums] section in the user guide for some
3705/// guidelines.
3706///
3707/// [Working with enums]: https://googleapis.github.io/google-cloud-rust/working_with_enums.html
3708#[derive(Clone, Debug, PartialEq)]
3709#[non_exhaustive]
3710pub enum TokenProfile {
3711 /// Unspecified token profile.
3712 Unspecified,
3713 /// EAT claims.
3714 DefaultEat,
3715 /// AWS Principal Tags claims.
3716 Aws,
3717 /// If set, the enum was initialized with an unknown value.
3718 ///
3719 /// Applications can examine the value using [TokenProfile::value] or
3720 /// [TokenProfile::name].
3721 UnknownValue(token_profile::UnknownValue),
3722}
3723
3724#[doc(hidden)]
3725pub mod token_profile {
3726 #[allow(unused_imports)]
3727 use super::*;
3728 #[derive(Clone, Debug, PartialEq)]
3729 pub struct UnknownValue(pub(crate) wkt::internal::UnknownEnumValue);
3730}
3731
3732impl TokenProfile {
3733 /// Gets the enum value.
3734 ///
3735 /// Returns `None` if the enum contains an unknown value deserialized from
3736 /// the string representation of enums.
3737 pub fn value(&self) -> std::option::Option<i32> {
3738 match self {
3739 Self::Unspecified => std::option::Option::Some(0),
3740 Self::DefaultEat => std::option::Option::Some(1),
3741 Self::Aws => std::option::Option::Some(2),
3742 Self::UnknownValue(u) => u.0.value(),
3743 }
3744 }
3745
3746 /// Gets the enum value as a string.
3747 ///
3748 /// Returns `None` if the enum contains an unknown value deserialized from
3749 /// the integer representation of enums.
3750 pub fn name(&self) -> std::option::Option<&str> {
3751 match self {
3752 Self::Unspecified => std::option::Option::Some("TOKEN_PROFILE_UNSPECIFIED"),
3753 Self::DefaultEat => std::option::Option::Some("TOKEN_PROFILE_DEFAULT_EAT"),
3754 Self::Aws => std::option::Option::Some("TOKEN_PROFILE_AWS"),
3755 Self::UnknownValue(u) => u.0.name(),
3756 }
3757 }
3758}
3759
3760impl std::default::Default for TokenProfile {
3761 fn default() -> Self {
3762 use std::convert::From;
3763 Self::from(0)
3764 }
3765}
3766
3767impl std::fmt::Display for TokenProfile {
3768 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
3769 wkt::internal::display_enum(f, self.name(), self.value())
3770 }
3771}
3772
3773impl std::convert::From<i32> for TokenProfile {
3774 fn from(value: i32) -> Self {
3775 match value {
3776 0 => Self::Unspecified,
3777 1 => Self::DefaultEat,
3778 2 => Self::Aws,
3779 _ => Self::UnknownValue(token_profile::UnknownValue(
3780 wkt::internal::UnknownEnumValue::Integer(value),
3781 )),
3782 }
3783 }
3784}
3785
3786impl std::convert::From<&str> for TokenProfile {
3787 fn from(value: &str) -> Self {
3788 use std::string::ToString;
3789 match value {
3790 "TOKEN_PROFILE_UNSPECIFIED" => Self::Unspecified,
3791 "TOKEN_PROFILE_DEFAULT_EAT" => Self::DefaultEat,
3792 "TOKEN_PROFILE_AWS" => Self::Aws,
3793 _ => Self::UnknownValue(token_profile::UnknownValue(
3794 wkt::internal::UnknownEnumValue::String(value.to_string()),
3795 )),
3796 }
3797 }
3798}
3799
3800impl serde::ser::Serialize for TokenProfile {
3801 fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
3802 where
3803 S: serde::Serializer,
3804 {
3805 match self {
3806 Self::Unspecified => serializer.serialize_i32(0),
3807 Self::DefaultEat => serializer.serialize_i32(1),
3808 Self::Aws => serializer.serialize_i32(2),
3809 Self::UnknownValue(u) => u.0.serialize(serializer),
3810 }
3811 }
3812}
3813
3814impl<'de> serde::de::Deserialize<'de> for TokenProfile {
3815 fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
3816 where
3817 D: serde::Deserializer<'de>,
3818 {
3819 deserializer.deserialize_any(wkt::internal::EnumVisitor::<TokenProfile>::new(
3820 ".google.cloud.confidentialcomputing.v1.TokenProfile",
3821 ))
3822 }
3823}