Google Cloud Entities supported in DSL

Attribute	Type	Description
id	string	Bucket ID, format - 'projects/{project-id}/buckets/{bucket-name}'
Name	string	Bucket ID
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Labels
Name	string	Label Key
Value	string	Label Value
Acl	list	Access controls on the bucket, containing one or more bucketAccessControls Resources
Bucket	string	The name of the bucket
Domain	string	The domain associated with the entity, if any
Email	string	The email address associated with the entity, if any
Entity	string	The entity holding the permission
EntityId	string	The ID for the entity
Etag	string	HTTP 1.1 Entity tag for the access-control entry
Generation	number	The content generation of the object, if applied to an object
Id	string	The ID of the access-control entry
Object	string	The kind of item this is. For object access control entries, this is always storage#objectAccessControl
ProjectTeam	sequence	The name of the object, if applied to an object
ProjectNumber	string	The project number
Team	string	The project team associated with the entity
Role	string	The access permission for the entity, valid Values (OWNER, READER)
Billing	sequence	The bucket's billing configuration
RequesterPays	boolean	When set to true, Requester Pays is enabled for this bucket
IAMConfiguration	sequence	The bucket's IAM configuration
UniformBucketLevelAccess	boolean	whether uniformBucketLevelAccess is enabled
BucketPolicyOnly	boolean	whether BucketPolicyOnly is enabled
Cors	list	The bucket's Cross-Origin Resource Sharing (CORS) configuration
MaxAgeSeconds	number	The value, in seconds, to return in the Access-Control-Max-Age header used in preflight responses
Method	list	The list of HTTP methods on which to include CORS response headers, (GET, OPTIONS, POST, etc)
Value	string	value
Origin	list	The list of Origins eligible to receive CORS response headers
Value	string	None
ResponseHeader	list	The list of HTTP headers other than the simple response headers to give permission for the user-agent to share across domains
Value	string	value
DefaultEventBasedHold	boolean	Whether or not to automatically apply an eventBasedHold to new objects added to the bucket
DefaultObjectAcl	list	Default access controls to apply to new objects when no ACL is provided
Bucket	string	The name of the bucket
Domain	string	The domain associated with the entity, if any
Email	string	The email address associated with the entity, if any
Entity	string	The entity holding the permission
EntityId	string	The ID for the entity
Etag	string	HTTP 1.1 Entity tag for the access-control entry
Generation	number	The content generation of the object, if applied to an object
Id	string	The ID of the access-control entry
Object	string	The kind of item this is. For object access control entries, this is always storage#objectAccessControl
ProjectTeam	sequence	The name of the object, if applied to an object
ProjectNumber	string	The project number
Team	string	The project team associated with the entity
Role	string	The access permission for the entity, valid Values (OWNER, READER)
Encryption	string	Encryption configuration for a bucket
Etag	string	HTTP 1.1 Entity tag for the bucket
Lifecycle	sequence	The bucket's lifecycle configuration. See lifecycle management for more information
Rule	list	A lifecycle management rule, which is made of an action to take and the condition(s) under which the action will be taken
Action	sequence	The action to take
StorageClass	string	Target storage class
Type	string	Type of the action, valid value (Delete, SetStorageClass)
Condition	sequence	The condition(s) under which the action will be taken
Age	number	Age of an object (in days)
CreatedBefore	number	This condition is satisfied when an object is created in epoch time
IsLive	boolean	If the value is true, this condition matches live objects; if the value is false, it matches archived objects
MatchesStorageClass	list	Objects having any of the storage classes specified by this condition will be matched, valid values (MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY)
Value	string	None
NumNewerVersions	number	If the value is N, this condition is satisfied when there are at least N versions (including the live version) newer than this version of the object
Logging	sequence	The bucket's logging configuration
LogBucket	string	The destination bucket where the current bucket's logs should be placed
LogObjectPrefix	string	A prefix for log object names
Metageneration	number	The metadata generation of this bucket
Owner	sequence	The owner of the bucket
Entity	string	The entity, in the form project-owner-projectId
EntityId	string	The ID for the entity
RetentionPolicy	sequence	The bucket's retention policy, which defines the minimum age an object in the bucket must reach before it can be deleted or overwritten
EffectiveTime	number	The time from which the retentionPolicy was effective in epoch time
IsLocked	boolean	Whether or not the retentionPolicy is locked
RetentionPeriod	number	The period of time, in seconds, that objects in the bucket must be retained and cannot be deleted, overwritten, or archived
Type	string	Storage Class, The bucket's default storage class, valid values (MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, DURABLE_REDUCED_AVAILABILITY)
Updated	number	Modification time of the bucket in epoch time
Versioning	sequence	The bucket's versioning configuration
Enabled	boolean	While set to true, versioning is fully enabled for this bucket
Website	sequence	The bucket's website configuration, controlling how the service behaves when accessing bucket contents as a web site
MainPageSuffix	string	This allows the creation of index.html objects to represent directory pages
NotFoundPage	string	Service will return the named object from this bucket as the content for a 404 Not Found result
Policies	list	IAM bindings associated with bucket
Role	Reference to Role	IAM Role
RoleName	string	ACL permissions
Access	string	IAMPolicy access
Members	sequence	Bucket IAM Members
UserEmails	list	User Account Email
Email	string	email
GroupEmails	list	Group Account Email
Email	string	email
ServiceEmails	list	Service Account Email
Email	string	email
Domains	list	Domain
AllUsers	boolean	All Users - represents anyone on the internet
AllAuthenticatedUsers	boolean	All Authenticated Users - represents anyone who is authenticated with a Google account or a service account
ProjectOwners	Reference to Project	Owners of the given project
ProjectEditor	Reference to Project	Editors of the given project
ProjectViewer	Reference to Project	Viewers of the given project

Attribute	Type	Description
id	string	Audit Config ID, format 'projects/{project-id}/AuditConfig/{audit-config-id}'
Name	string	Audit Config Name
AccountName	string	Account Name
AccountId	string	Account ID
RegionName	string	Audit Config Region Name
RegionId	string	Audit Config Region ID
Project	Reference to Project	Project
HasExemptedMembers	boolean	Audit Config has Exempted Members?
Service	string	Service
AuditLogConfigs	list	Audit Log Configurations
LogType	string	Log Type, possible values ('ADMIN_READ', 'DATA_READ', 'DATA_WRITE')
HasExemptedMembers	boolean	Has Exempted Members with 'LogType'?
ExemptedMembers	sequence	IAM Member
UserEmails	list	User Account Email
Email	string	email
GroupEmails	list	Group Account Email
Email	string	email
ServiceEmails	list	Service Account Email
Email	string	email
Domains	list	Domain
AllUsers	boolean	All Users
AllAuthenticatedUsers	boolean	All Authenticated Users
Tags	list	Tags or Label
Name	string	Tag name
Value	string	Tag Value

Attribute	Type	Description
id	string	Project ID, format 'projects/{project-id}'
Name	string	Project Name
RegionName	string	Region Name
RegionId	string	Region ID
AccountName	string	Project Name
AccountId	string	Project ID
CreationDate	number	Project Created Date
Status	string	Project status, valid values (active, inactive)
LifecycleState	string	Project lifecycle state, valid values (LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED, DELETE_IN_PROGRESS)
Active	boolean	Is project active?
Organization	Reference to Organization	project belongs to a parent organization
ComputeInfo	sequence	Project properties for compute
CommonInstanceMetadata	sequence	Custom metadata, see Tags field metadata key/value
Fingerprint	string	Hash of the metadata's contents and used for optimistic locking
Items	list	Array of key/value pairs
Key	string	Key for the metadata entry
Value	string	Value for the metadata entry
DefaultNetworkTier	string	Default network tier used for configuring resources of the project, valid values (PREMIUM, STANDARD)
DefaultServiceAccount	Reference to ServiceAccount	Service Account
Description	string	Textual description of the resource
EnabledFeatures	list	Restricted features enabled for use on this project
Value	string	value
Quotas	list	Quotas assigned to this project
Limit	number	Quota limit for this metric
Metric	string	Name of the quota metric
Usage	number	Current usage of this metric
UsageExportLocation	sequence	Naming prefix for daily usage reports and the Google Cloud Storage bucket where they are stored
BucketName	string	Name of an existing bucket in Cloud Storage where the usage report object is stored
ReportNamePrefix	string	Prefix for the name of the usage report object stored in bucketName
XpnProjectStatus	string	Role this project has in a shared VPC configuration
Tags	list	Labels
Name	string	Key Name
Value	string	Key Value
Services	Reference to Service	Services/API enabled for this account
OrganizationPolicies	list	Organization Policies
Version	number	Policy Version
Constraint	string	Constraint ID associated with policy
UpdateTime	number	Policy Update Time
PolicyConfiguration	sequence	Policy Configuration
AllowedValues	list	List of values allowed for resource
DeniedValues	list	List of values denied for resource
AllValues	string	The policy allValues state.
SuggestedValue	string	Suggested Value for policy
InheritFromParent	boolean	inheritance behavior for the Policy
PolicyEnforced	boolean	Is Policy is enforced

Attribute	Type	Description
id	string	Compute Instance ID, format - 'projects/{project}/zones/{zone}/instances/{instance-id}'
Name	string	name
AccountId	string	Account ID
AccountName	string	Account Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Labels to apply to this instance
Name	string	Label Key
Value	string	Label value
Project	Reference to Project	Project
TagItems	list	Tags to apply to this instance
Value	string	value
TagFingerprint	string	Specifies a hash of the tag items contents and used for optimistic locking
CanIpForward	boolean	Allows this instance to send and receive packets with non-matching destination or source IP
CpuPlatform	string	CPU platform used by this instance
ShieldedVM	boolean	whether compute instance has ShieldedVM enabled
ConfidentialComputing	boolean	whether compute instance has confidential computing enabled.
DeletionProtection	boolean	Whether the resource should be protected against deletion
Description	string	Description of this resource
Disks	list	Disks associated with this instance
AutoDelete	boolean	Specifies whether the disk will be auto-deleted when the instance is deleted
Boot	boolean	Indicates that this is a boot disk
DeviceName	string	Unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree
DiskEncryptionKey	sequence	Encrypts or decrypts a disk using a customer-supplied encryption key
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied encryption key
GuestOsFeatures	list	list of features to enable on the guest operating system
Type	string	None
Index	number	A zero-based index to this disk, where 0 is reserved for the boot disk
InitializeParams	sequence	Specifies the parameters for a new disk that will be created alongside the new instance
Description	string	Description
DiskName	string	Specifies the disk name
DiskSizeGb	number	Specifies the size of the disk in base-2 GB
DiskType	string	Specifies the disk type to use to create the instance
Tags	list	Labels to apply to disk
Name	string	Label Key
Value	string	Label value
SourceImage	Reference to Image	Source image to create this disk. When creating a new instance
SourceImageEncryptionKey	sequence	Customer-supplied encryption key of the source image
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied encryption key
Interface	string	Specifies the disk interface to use for attaching this disk, valid values (SCSI, NVM)E
Licenses	list	Any valid publicly visible licenses
Value	string	value
Mode	string	mode in which to attach this disk, valid values (READ_WRITE or READ_ONLY)
Volume	Reference to Volume	Specifies Source ID of an existing Persistent Disk resource
Type	string	Specifies the type of the disk, valid values (SCRATCH, PERSISTENT)
GuestAccelerators	list	List of the type and count of accelerator cards attached to the instance
AcceleratorCount	number	Number of the guest accelerator cards exposed to this instance
AcceleratorType	string	Full or partial URL of the accelerator type resource to attach to this instanc
LabelFingerprint	string	hash of the label's contents and used for optimistic locking
Type	string	Compute machine type
MachineType	sequence	Machine type resource to use for this instance
id	string	VPC ID
Metadata	sequence	Metadata key/value pairs assigned to this instance
Fingerprint	string	Hash of the metadata's contents and used for optimistic locking
Items	list	Array of key/value pairs
Key	string	Key for the metadata entry
Value	string	Value for the metadata entry
MinCpuPlatform	string	Specifies a minimum CPU platform for the VM instance
NetworkInterfaces	list	Network configurations for this instance
AccessConfigs	list	Configurations for this interfac
Name	string	Name of this access configuration
NatIP	ip	External IP address associated with this instance
NetworkTier	string	Signifies the networking tier used for configuring this access configuration, valid values (PREMIUM, STANDARD)
PublicPtrDomainName	string	DNS domain name for the public PTR record, when SetPublicPtr enabled
SetPublicPtr	boolean	Specifies whether a public DNS PTR record should be created to map the external IP address of the instance to a DNS domain name
Type	string	Type of configuration, valid values (ONE_TO_ONE_NAT)
AliasIpRanges	list	Alias IP ranges for this network interface
IpCidrRange	ip	IP CIDR range represented by this alias IP range
SubnetworkRangeName	string	subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range
Fingerprint	string	Fingerprint hash of contents stored in this network interface
Name	string	Name of the network interface, generated by the server
VPC	Reference to VPC	Network resource for this instance
NetworkIP	ip	IPv4 internal network address to assign to the instance for this network interface
Subnet	Reference to Subnet	Subnetwork resource for this instance
Scheduling	sequence	Sets the scheduling options for this instance
AutomaticRestart	boolean	Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine
NodeAffinities	list	A set of node affinity and anti-affinity
Key	string	Corresponds to the label key of Node resource
Operator	string	Defines the operation of node selection
Values	list	Corresponds to the label values of Node resource
Value	string	value
OnHostMaintenance	string	Defines the maintenance behavior for this instance
Preemptible	boolean	Defines whether the instance is preemptible
ServiceAccounts	list	Service accounts, with their specified scopes, authorized for this instance
Email	string	Email address of the service account
ServiceAccount	Reference to ServiceAccount	None
Scopes	list	Scopes to be made available for this service account.
Value	string	value
StartRestricted	boolean	Whether a VM has been restricted for start because Compute Engine has detected suspicious activity
Status	string	Status of the instance, valid values (PROVISIONING, STAGING, RUNNING, STOPPING, STOPPED, SUSPENDING, SUSPENDED, TERMINATED)
StatusMessage	string	Human-readable explanation of the status
AvailabilityZone	string	Zone where the instance resides
Firewallrule	Reference to FirewallRule	firewall rules applicable for the instance

Attribute	Type	Description
id	string	Compute Disk ID, format - 'projects/{project}/zones/{zone}/disks/{disk-id}'
Name	string	Compute Disk Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Disk create date/time in UNIX epoch
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	User Labels
Name	string	Label key
Value	string	Label value
Description	string	Description of this resource
DiskEncryptionKey	sequence	Encrypts the disk using a customer-supplied encryption key
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied encryption key
GuestOsFeatures	list	List of features to enable on the guest operating system
Type	string	ID of a supported feature
LabelFingerprint	string	Fingerprint for the labels being applied to this disk
LastAttachTimestamp	number	Last attach timestamp in UNIX epoch time
LastDetachTimestamp	number	Last detach timestamp in UNIX epoch time
LicenseCodes	list	Integer license codes indicating which licenses are attached to this disk
Value	string	value
Licenses	list	List of publicly visible licenses
Value	string	value
Options	string	Internal use only
ReplicaZones	list	URLs of the zones where the disk should be replicated to
Value	string	value
SizeGb	string	Size of the persistent disk, specified in GB
SourceImage	Reference to Image	Source image used to create this disk
SourceImageEncryptionKey	sequence	Customer-supplied encryption key of the source image
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied encryption key
SourceImageId	string	ID value of the image used to create this disk
SourceSnapshot	string	Source snapshot used to create this disk
SourceSnapshotEncryptionKey	sequence	Customer-supplied encryption key of the source snapshot
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied encryption key
SourceSnapshotId	string	Unique ID of the snapshot used to create this disk
Status	string	Status of disk creation
Type	string	Disk Type
DiskType	sequence	URL of the disk type resource describing which disk type to use to create the disk
id	string	Disk Type
Instances	Reference to Instance	Links to the users of the disk
Project	Reference to Project	Project
AvailabilityZone	string	Zone where the disk resides

Attribute	Type	Description
id	string	Image ID, format - 'projects/{project}/global/images/{image-id}'
Name	string	Image Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation date/time in UNIX epoch
RegionId	string	Region ID
RegionName	string	Region name
Tags	list	Labels to apply to this image
Name	string	Label Key
Value	string	Label value
Project	Reference to Project	Project
ArchiveSizeBytes	number	Size of the image tar.gz archive stored in Google Cloud Storage (in bytes)
Deprecated	sequence	Deprecation status associated with this image
Deleted	number	Epoch on or after which the state of this resource is intended to change to DELETED
Deprecated	number	Epoch time on or after which the state of this resource is intended to change to DEPRECATED
Obsolete	number	Epoch on or after which the state of this resource is intended to change to OBSOLETE
Replacement	string	URL of the suggested replacement for a deprecated resource
State	string	Deprecation state of this resource, valid values (DEPRECATED, OBSOLETE, DELETED)
Description	string	Description of this resource
DiskSizeGb	number	Size of the image when restored onto a persistent disk (in GB)
Family	string	Name of the image family to which this image belongs
GuestOsFeatures	list	List of features to enable on the guest operating system
Type	string	ID of a supported feature
ImageEncryptionKey	sequence	Encrypts the image using a customer-supplied encryption key
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied
ImageEncryptionType	string	Encryption key type, valid values (google-managed, customer-managed, customer-supplied)
LabelFingerprint	string	Fingerprint for the labels being applied to this image
LicenseCodes	list	Integer license codes indicating which licenses are attached to this image
Value	string	value
Licenses	list	Any applicable license URI
Value	string	value
RawDisk	sequence	Parameters of the raw disk image
ContainerType	string	Format used to encode and transmit the block device
Sha1Checksum	string	SHA1 checksum of the disk image
Source	string	Google Cloud Storage URL where the disk image is stored
SourceDisk	Reference to Volume	Source disk used to create this image
SourceDiskEncryptionKey	sequence	Customer-supplied encryption key of the source disk
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied
SourceDiskId	string	ID value of the disk used to create this image
SourceImage	Reference to Image	Source image used to create this image
SourceImageEncryptionKey	sequence	Customer-supplied encryption key of the source image
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied
SourceImageId	string	ID value of the image used to create this image
SourceSnapshot	string	URL of the source snapshot used to create this image
SourceSnapshotEncryptionKey	sequence	Customer-supplied encryption key of the source snapshot
KMSKey	Reference to KMSKey	Name of the encryption key that is stored in Google Cloud KMS
RawKey	string	Specifies a 256-bit customer-supplied encryption key
Sha256	string	SHA-256 hash of the customer-supplied
SourceSnapshotId	string	ID value of the snapshot used to create this image
SourceType	string	Type of the image used to create this disk
Status	string	Status of the image, valid values (FAILED, PENDING, READY)

Attribute	Type	Description
id	string	Bigquery Dataset ID, format 'projects/{project-id}/datasets/{dataset-id}'
Name	string	Bigquery Dataset Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Project	Reference to Project	Project
Tags	list	Labels associated with this datasets
Name	string	Label Name
Value	string	Label Value
DatasetACL	list	None
Role	string	Describes the rights granted to the user specified by the other member of the access object, valid values (READER, WRITER, OWNER)
Domain	string	Domain to grant access to
GroupEmail	string	Email address of a Google Group to grant access to
SpecialGroup	string	A special group to grant access, valid values (projectOwners, projectReaders, projectWriters, allAuthenticatedUsers)
UserEmail	string	Email address of a user to grant access to
BigqueryTable	sequence	A view from a different dataset to grant access to
id	string	ID of the bigquery table
Tables	list	Tables belonging to the bigquery dataset
id	string	ID of the Table
creationTime	number	creationTime of Table
expirationTime	number	expirationTime of Table
lastModifiedTime	number	lastModifiedTime of Table
encryption	sequence	encryptionConfiguration of table
kmsKeyName	string	cryptokey of the Table
enabled	boolean	Whether CMEK enabled for the table
Views	list	Views belonging to the bigquery dataset
id	string	ID of the View
creationTime	number	creationTime of view
expirationTime	number	expirationTime of view
lastModifiedTime	number	lastModifiedTime of view
encryption	sequence	encryptionConfiguration of view
kmsKeyName	string	cryptokey of the view
enabled	boolean	Whether CMEK enabled for the view
Externals	list	Externals belonging to the bigquery dataset
id	string	ID of the external
creationTime	number	creationTime of external
expirationTime	number	expirationTime of external
lastModifiedTime	number	lastModifiedTime of external
encryption	sequence	encryptionConfiguration of external
kmsKeyName	string	cryptokey of the external
enabled	boolean	Whether CMEK enabled for the external
MaterializedViews	list	Materialized Views belonging to the bigquery dataset
id	string	ID of the materialized View
creationTime	number	creationTime of materialized view
expirationTime	number	expirationTime of materialized view
lastModifiedTime	number	lastModifiedTime of materialized view
encryption	sequence	encryptionConfiguration of materialized view
kmsKeyName	string	cryptokey of the materialized view
enabled	boolean	Whether CMEK enabled for the materialized view
DefaultPartitionExpirationMs	number	The default partition expiration for all partitioned tables in the dataset, in milliseconds
DefaultTableExpirationMs	number	The default lifetime of all tables in the dataset, in milliseconds
Encryption	sequence	CMEK settings
Enabled	boolean	Is bigquery dataset encrypted by CMEK
CMEK	string	CMEK used to encrypt the bigquery dataset
Description	string	User-friendly description of the dataset
FriendlyName	string	Descriptive name for the dataset
LastModifiedTime	number	Last modified date/time in epoch time

Attribute	Type	Description
id	string	Logging Sink ID, format 'projects/{project-id}/sinks/{sink-id}'
Name	string	Sink name
RegionName	string	Region Name
RegionId	string	Region ID
AccountName	string	Account Name
AccountId	string	Account ID
Project	Reference to Project	Project (if role belongs to project)
Tags	list	Labels
Name	string	Key Name
Value	string	Key Value
Destination	sequence	Export destination
Bucket	Reference to Bucket	Destination Google Cloud Storage Bucket
BigqueryDataset	Reference to BigqueryDataset	Bigquery Dataset
PubSubTopic	sequence	Pub/Sub Topic
id	string	ID
URL	string	URL
Filter	string	Log filter
WriterIdentity	sequence	Writers IAM identity can be a service account or group
ServiceAccount	string	Service Account IAM
Group	string	Group IAM
IncludeChildren	string	Include logs from all sources from sink's parent resource

Attribute	Type	Description
id	string	DB Instance ID, format - 'projects/{project-id}/sqlInstances/{instance-name}'
Name	string	Db Instance Name
RegionId	string	Region Id
RegionName	string	Region Name
AccountId	string	Account ID
AccountName	string	Account Name
CreationDate	number	Instance Created Date
AvailabilityZone	string	Availabile Zone for instance (Compute Engine Zone)
Status	string	Project Status, valid values ('active', 'inactive')
ComputeClass	string	The tier (or machine type) for this instance
Tags	list	User provided labels
Name	string	Key Name
Value	string	Key Value
VPC	Reference to VPC	VPC name
DatabaseType	string	Database type, valid values (POSTGRES, SQLSERVER, MYSQL)
BackendType	string	Backend type, valid values (FIRST_GEN, SECOND_GEN, EXTERNAL)
ConnectionName	string	Connection name of the Cloud SQL instance
CurrentDiskSize	number	Current disk usage of the instance in bytes
DatabaseVersion	string	Database engine type and versio
FailoverReplica	sequence	Name and status of the failover replica
Available	boolean	Availability status
Name	string	Name of the failover replica
InstanceType	string	Instance type, valid values (CLOUD_SQL_INSTANCE, ON_PREMISES_INSTANCE, READ_REPLICA_INSTANCE)
IpAddresses	list	Assigned IP addresses for the instance
IpAddress	ip	IP address assigned
TimeToRetire	number	Due time for this IP to be retired, UNIX epoch time
Type	string	Type of this IP address
Ipv6Address	ip	IPv6 address assigned to the instance
MasterInstanceName	string	Name of the instance which will act as master in the replication
MaxDiskSize	number	Maximum disk size of the instance in bytes
OnPremisesConfiguration	sequence	Configuration specific to on-premises instances
Host	string	Host of the on-premises instance
Port	number	Port of the on-premises instance
Project	Reference to Project	Project (if role belongs to project)
ReplicaConfiguration	sequence	Configuration specific to failover replicas and read replicas
FailoverTarget	boolean	Specifies if the replica is the failover target
MysqlReplicaConfiguration	sequence	MySQL specific configuration
CaCertificate	string	PEM representation of the trusted CA's x509 certificate
ClientCertificate	string	PEM representation of the slave's x509 certificate
ClientKey	string	PEM representation of the slave's private key
ConnectRetryInterval	number	Seconds to wait between connect retries
DumpFilePath	string	Path to a SQL dump file in Google Cloud Storage from which the slave instance is to be created
MasterHeartbeatPeriod	number	Interval in milliseconds between replication heartbeats
Password	string	Password for the replication connection
SslCipher	string	A list of permissible ciphers to use for SSL encryption
Username	string	Username for the replication connection.
VerifyServerCertificate	boolean	Whether or not to check the master's Common Name value in the certificate that it sends during the SSL handshake
ReplicaNames	list	Replicas of the instance
Value	string	value
ServerCaCert	sequence	SSL configuration
Cert	string	certPEM representation.
CertSerialNumber	string	certSerialNumberSerial number, as extracted from the certificate.
CommonName	string	commonNameUser supplied name.
CreateTime	number	Time when the certificate was created, UNIX epoch time
ExpirationTime	number	Time when the certificate expires, UNIX epoch time
Instance	string	Name of the database instance.
Sha1Fingerprint	string	SHA1 Fingerprint.
ServiceAccountEmailAddress	string	Service Account Email Address
ServiceAccount	Reference to ServiceAccount	Service Account
Settings	sequence	User settings
ActivationPolicy	string	Activation policy specifies when the instance is activated, valid values (ALWAYS, NEVER, ON_DEMAND)
AuthorizedGaeApplications	list	App Engine app IDs that can access this instance. First Generation instances only
Value	string	value
AvailabilityType	string	Availability type for PostgreSQL instances only, valid values (ZONAL, REGIONAL)
BackupConfiguration	sequence	Daily backup configuration for the instance
BinaryLogEnabled	boolean	Whether binary log is enabled
Enabled	boolean	Whether this configuration is enabled
ReplicationLogArchivingEnabled	boolean	Replication Log Archiving Enabled
StartTime	string	Start time for the daily backup configuration in HH:MM
CrashSafeReplicationEnabled	boolean	Whether database flags for crash-safe replication are enabled, for read replica instances only
DataDiskSizeGb	number	Size of data disk, in GB
DataDiskType	string	Type of data disk, valid values (PD_SSD, PD_HDD)
DatabaseFlags	list	database flags passed to the instance at startup
Name	string	name
Value	string	value
DatabaseReplicationEnabled	boolean	Whether replication is enabled, for read replica instances only
IpConfiguration	sequence	Settings for IP Management
AuthorizedNetworks	list	list of external networks that are allowed to connect to the instance using the IP
ExpirationTime	number	Date/time when this access control entry expires, UNIX epoch time
Name	string	Label to identify this entry
CIDR	ip	Whitelisted value for the access control list
Ipv4Enabled	boolean	Whether the instance should be assigned an IP address or not
PrivateNetwork	string	Resource link for the VPC network from which the Cloud SQL instance is accessible for private IP
RequireSsl	boolean	Whether SSL connections over IP should be enforced or not
LocationPreference	sequence	Location preference settings
FollowGaeApplication	string	App Engine application to follow
Zone	string	Preferred Compute Engine zone
MaintenanceWindow	sequence	Maintenance window for this instance
Day	number	day of week (1-7), starting on Monday
Hour	number	hour of day - 0 to 23
UpdateTrack	string	Maintenance timing setting, canary (Earlier) or stable (Later)
PricingPlan	string	The pricing plan for this instance. This can be either PER_USE or PACKAGE
ReplicationType	string	Type of replication this instance uses,valid values (ASYNCHRONOUS, SYNCHRONOUS)
SettingsVersion	number	The version of instance settings
StorageAutoResize	boolean	Configuration to increase storage size automatically
StorageAutoResizeLimit	number	The maximum size to which storage capacity can be automatically increased
Tier	string	The tier (or machine type) for this instance
State	string	Current serving state of the Cloud SQL instance, valid values (RUNNABLE, PENDING_CREATE, MAINTENANCE, FALIED, UNKNOWN_STATE)
SuspensionReason	list	If the instance state is SUSPENDED, the reason for the suspension
Value	string	value, Potential values, (BILLING_ISSUE, INTERNAL_MAINTENANCE, and OPERATIONAL_ISSUE)
Users	list	Database user in a Cloud SQL instance
Name	string	The name of the user in the Cloud SQL instance
Host	string	Host name from which the user can connect
Password	string	Password for the user

Attribute	Type	Description
id	string	VPC ID, format - 'projects/{project}/global/networks/{network-id}'
Name	string	VPC Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	User Labels
Name	string	Tag Name
Value	string	Tag Value
IPv4Range	ip	Range of internal addresses that are legal on this network
AutoCreateSubnetworks	boolean	VPC network is created in "auto" mode if true else in "custom" mode.
Description	string	Description of this resource
GatewayIPv4	ip	Gateway address for default routing out of the network
Peerings	list	List of network peerings for the resource
AutoCreateRoutes	boolean	Whether full mesh connectivity is created and managed automatically
Name	string	Name of this peering
VPC	Reference to VPC	Peer network
State	string	State for the peerin
StateDetails	string	Details about the current state of the peering
RoutingMode	string	Network-wide routing mode to use
Subnetworks	Reference to Subnet	All subnetworks in this VPC network
Mode	string	Compute Network/Subnet Mode, valid values (AUTO, CUSTOM, LEGACY)
DNSPolicy	sequence	Network DNS Policy
id	string	ID of DNS Policy
name	string	Name of DNS Policy
description	string	Description of DNS Policy
enableLogging	boolean	Whether DNS Policy has logging enabled

Attribute	Type	Description
id	string	Kubernetes Cluster ID, format 'projects/{project-id}/locations/{locaiton-id}/clusters/{cluster-id}'
Name	string	Kubernetes Cluster Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Resource labels for the cluster to use to annotate any related Google Compute Engine resources
Name	string	Tag Name
Value	string	Tag Value
AddonsConfig	sequence	Configurations for the various addons available to run in the cluster
HttpLoadBalancing	sequence	Configuration for the HTTP (L7) load balancing controller addon
Disabled	boolean	Disabled
HorizontalPodAutoscaling	sequence	Configuration for the horizontal pod autoscaling feature
Disabled	boolean	Disabled
KubernetesDashboard	sequence	Configuration for the Kubernetes Dashboard
Disabled	boolean	Disabled
NetworkPolicyConfig	sequence	Configuration for NetworkPolicy
Disabled	boolean	Disabled
IstioConfig	sequence	Configuration for NetworkPolicy
Disabled	boolean	Disabled
Auth	string	The specified Istio auth mode, either none, or mutual TLS
CloudRunConfig	sequence	Configuration options for the Cloud Run feature
Disabled	boolean	Disabled
LoadBalancerType	string	Which load balancer type is installed for Cloud Run
DnsCacheConfig	sequence	Configuration for NodeLocal DNSCache
Enabled	boolean	Whether NodeLocal DNSCache is enabled for this cluster
ConfigConnectorConfig	sequence	Configuration for Config Connector add-on
Enabled	boolean	Whether Cloud Connector is enabled for this cluster
GcePersistentDiskCsiDriverConfig	sequence	Configuration for the Compute Engine PD CSI driver. This option can only be enabled at cluster creation time
Enabled	boolean	Whether the Compute Engine PD CSI driver is enabled for this cluster
KalmConfig	sequence	Configuration for KALM addon
Enabled	boolean	Whether KALM is enabled for this cluster
Autoscaling	sequence	Cluster-level autoscaling configuration
EnableNodeAutoprovisioning	boolean	Enables automatic node pool creation and deletion
ResourceLimits	list	Contains global constraints regarding minimum and maximum amount of resources in the cluster
Maximum	number	Maximum amount of the resource in the cluster
Minimum	number	Minimum amount of the resource in the cluster
ResourceType	string	Resource name "cpu", "memory" or gpu-specific string.
AutoscalingProfile	string	Defines autoscaling behaviour
AutoprovisioningNodePoolDefaults	sequence	AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP
OauthScopes	list	Set of Google API scopes to be made available on all of the node VMs
Value	string	value
ServiceAccount	string	Google Cloud Platform Service Account to be used by the node VMs
UpgradeSettings	sequence	Upgrade settings control disruption and speed of the upgrade
MaxSurge	number	The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process
MaxUnavailable	number	The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready
Management	sequence	NodeManagement configuration for this NodePool
AutoUpgrade	boolean	Is node auto-upgrade is enabled for the node pool
AutoRepair	boolean	Is node auto-repair is enabled for the node pool
UpgradeOptions	sequence	Specifies the Auto Upgrade knobs for the node pool
AutoUpgradeStartTime	number	This field is set when upgrades are about to commence with the approximate start time for the upgrades
Description	string	Field is set when upgrades are about to commence with the description of the upgrade
MinCpuPlatform	string	Minimum CPU platform to be used by this instance
DiskSizeGb	number	Size of the disk attached to each node, specified in GB
DiskType	string	Type of the disk attached to each node
ImageType	string	Image type to use for this node
ShieldedInstanceConfig	sequence	A set of Shielded Instance options
EnableIntegrityMonitoring	boolean	Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created
EnableSecureBoot	boolean	Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails
BootDiskKmsKey	string	The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]
AutoprovisioningLocations	list	The list of Google Compute Engine zones in which the NodePool's nodes can be created by NAP
BinaryAuthorization	sequence	Configuration for Binary Authorization
Enabled	boolean	Enabled
ClusterIpv4Cidr	ip	IP address range of the container pods in this cluster, in CIDR
CurrentMasterVersion	string	Current software version of the master endpoint
Conditions	list	Describes which conditions caused the cluster or a node pool to have current status
Code	string	Condition code, valid values (UNKNOWN, GCE_STOCKOUT, GKE_SERVICE_ACCOUNT_DELETED, GCE_QUOTA_EXCEEDED)
Message	string	Human-friendly representation of the condition
CurrentNodeCount	number	Number of nodes currently in the cluster
DefaultMaxPodsConstraint	sequence	The default constraint on the maximum number of pods that can be run simultaneously on a node in the node pool of this cluster
MaxPodsPerNode	number	Constraint enforced on the max num of pods per node.
Description	string	Description of this cluster
EnableKubernetesAlpha	boolean	Kubernetes alpha features are enabled on this cluster
EnableTpu	boolean	Enable the ability to use Cloud TPUs in this cluster. This field is deprecated, use tpu_config.enabled instead.
Endpoint	ip	IP address of this cluster's master endpoint
ExpireTime	number	Date/Time the cluster will be automatically deleted in UNIX Epoch time
InitialClusterVersion	string	Initial Kubernetes version for this cluster
InitialNodeCount	number	Number of nodes to create in this cluster. You must ensure that your Compute Engine resource quota is sufficient for this number of instances. You must also have available firewall and routes quota. For requests, this field should only be used in lieu of a "node_pool" object, since this configuration (along with the "node_config") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a node_pool at the same time. This field is deprecated, use node_pool.initial_node_count instead.
IpAllocationPolicy	sequence	Configuration for cluster IP allocation
AllowRouteOverlap	boolean	Allow allocation of cluster CIDR ranges that overlap with certain kinds of network routes
ClusterIpv4CidrBlock	ip	IP address range for the cluster pod IPs
ClusterSecondaryRangeName	string	Name of the secondary range to be used for the cluster CIDR block
CreateSubnetwork	boolean	Whether a new subnetwork will be created automatically for the cluster
NodeIpv4CidrBlock	ip	IP address range of the instance IPs in this cluster
ServicesIpv4CidrBlock	ip	IP address range of the services IPs in this cluster
ServicesSecondaryRangeName	string	Name of the secondary range to be used as for the services CIDR block
SubnetworkName	string	Custom subnetwork name to be used if createSubnetwork is true
TpuIpv4CidrBlock	ip	IP address range of the Cloud TPUs in this cluster
UseIpAliases	boolean	Whether alias IPs will be used for pod IPs in the cluster
UseRoutes	boolean	Whether routes will be used for pod IPs in the cluster. This is used in conjunction with use_ip_aliases. It cannot be true if use_ip_aliases is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode
LabelFingerprint	string	Fingerprint of the set of labels for this cluster
LegacyAbac	sequence	Configuration for the legacy Attribute Based Access Control authorization mode
Enabled	boolean	Enabled
Locations	list	List of Google Compute Engine locations in which the cluster's nodes should be located
Value	string	value
LoggingService	string	Logging service the cluster should use to write logs
MaintenancePolicy	sequence	Configure the maintenance policy for this cluster
ResourceVersion	string	A hash identifying the version of this policy, so that updates to fields of the policy won't accidentally undo intermediate changes (and so that users of the API unaware of some fields won't accidentally remove other fields). Make a get() request to the cluster to get the current resource version and include it with requests to set the policy
Window	sequence	Specifies the maintenance window in which maintenance may be performed
DailyMaintenanceWindow	sequence	DailyMaintenanceWindow specifies a daily maintenance operation window
StartTime	string	Time within the maintenance window to start the maintenance operations (HH:MM)
Duration	string	Duration of the time window, automatically chosen to be smallest possible in the given scenario, format (PTnHnMnS)
RecurringWindow	sequence	RecurringWindow specifies some number of recurring time periods for maintenance to occur. The time windows may be overlapping. If no maintenance windows are set, maintenance can occur at any time
Recurrence	string	An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how this window reccurs. They go on for the span of time between the start and end time
Window	sequence	Represents an arbitrary window of time
StartTime	number	The time that the window first starts
EndTime	number	The time that the window ends. The end time should take place after the start time
MasterAuth	sequence	Authentication information for accessing the master endpoint
ClientCertificate	string	Base64-encoded public certificate used by clients to authenticate to the cluster endpoint
ClientKey	string	Base64-encoded private key used by clients to authenticate to the cluster endpoint
ClusterCaCertificate	string	Base64-encoded public certificate that is the root of trust for the cluster
ClientCertificateConfig	sequence	Configuration for client certificate authentication on the cluster
IssueClientCertificate	boolean	Issue a client certificate
Password	string	Password to use for HTTP basic authentication
Username	string	Username to use for HTTP basic authentication
MasterAuthorizedNetworksConfig	sequence	Configuration options for master authorized networks feature
CidrBlocks	list	External networks that could access Kubernetes master through HTTPS
CidrBlock	ip	External network CIDR
DisplayName	string	Field for users to identify CIDR blocks
Enabled	boolean	Whether or not master authorized networks is enabled
MonitoringService	string	Monitoring service the cluster should use to write metrics
Network	Reference to VPC	Google Compute Engine network to which the cluster is connected
NetworkConfig	sequence	Configuration for cluster networking
Network	Reference to VPC	The relative name of the Google Compute Engine network to which the cluster is connected
Subnetwork	Reference to Subnet	Relative name of the Google Compute Engine subnetwork to which the cluster is connected
EnableIntraNodeVisibility	boolean	Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network
DefaultSnatStatus	sequence	Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when default_snat_status is disabled. When disabled is set to false, default IP masquerade rules will be applied to the nodes to prevent sNAT on cluster internal traffic
Disabled	boolean	DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster
DatapathProvider	string	The datapath provider selects the implementation of the Kubernetes networking model for service resolution and network policy enforcement
NetworkPolicy	sequence	Configuration options for the NetworkPolicy feature
Enabled	boolean	Enabled
Provider	string	Network Policy providers, valid values (PROVIDER_UNSPECIFIED, CALICO)
NodeConfig	sequence	Parameters used in creating the cluster's nodes. For requests, this field should only be used in lieu of a "node_pool" object, since this configuration (along with the "initial_node_count") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a node_pool at the same time. For responses, this field will be populated with the node configuration of the first node pool. (For configuration of each node pool, see node_pool.config). If unspecified, the defaults are used. This field is deprecated, use node_pool.config instead.
Accelerators	list	List of hardware accelerators to be attached to each node
AcceleratorCount	number	Number of the accelerator cards exposed to an instance
AcceleratorType	string	Accelerator type resource name
DiskSizeGb	number	Size of the disk attached to each node, specified in GB
DiskType	string	Type of the disk attached to each node
ImageType	string	Image type to use for this node
LocalSsdCount	number	Number of local SSD disks to be attached to the node
MachineType	string	Google Compute Engine machine type, default 'n1-standard-1'
MinCpuPlatform	string	Minimum CPU platform to be used by this instance
Preemptible	boolean	Are created as preemptible VM instances
OauthScopes	list	Set of Google API scopes to be made available on all of the node VMs
Value	string	value
ServiceAccount	string	Google Cloud Platform Service Account to be used by the node VMs
Metadata	list	Metadata key/value pairs assigned to instances in the cluster
Name	string	Metadata Name
Value	string	Metadata Value
Labels	list	Map of Kubernetes labels (key/value pairs) to be applied to each node
Name	string	Tag Name
Value	string	Tag Value
Tags	list	List of instance tags applied to all nodes
Value	string	value
Taints	list	List of kubernetes taints to be applied to each node
Key	string	Key for taint
Value	string	Value for taint
Effect	string	Effect for taint, (EFFECT_UNSPECIFIED, NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE)
SandboxConfig	sequence	SandboxConfig contains configurations of the sandbox to use for the node
SandboxType	string	Type of the sandbox to use for the node (e.g. 'gvisor')
Type	string	Type
NodeGroup	string	Setting this field will assign instances of this pool to run on the specified node group. This is useful for running workloads on sole tenant nodes.
BootDiskKmsKey	string	The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]
ShieldedInstanceConfig	sequence	A set of Shielded Instance options
EnableIntegrityMonitoring	boolean	Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created
EnableSecureBoot	boolean	Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails
ReservationAffinity	sequence	The optional reservation affinity. Setting this field will apply the specified Zonal Compute Reservation to this node pool.
ConsumeReservationType	string	Corresponds to the type of reservation consumption
Key	string	Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify "googleapis.com/reservation-name" as the key and specify the name of your reservation as its value
Values	list	Corresponds to the label value(s) of reservation resource(s)
LinuxNodeConfig	sequence	Parameters that can be configured on Linux nodes
Sysctls	string	The Linux kernel parameters to be applied to the nodes and all pods running on the nodes
EphemeralStorageConfig	sequence	EphemeralStorageConfig contains configuration for the ephemeral storage filesystem.
LocalSsdCount	number	Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. Each local SSD is 375 GB in size. If zero, it means to disable using local SSDs as ephemeral storage
WorkloadMetadataConfig	sequence	Workload metadata configuration for this node
NodeMetadata	string	Configuration for how to expose the node metadata to the workload running on the node, valid values (UNSPECIFIED, SECURE, EXPOSE)
NodeIpv4CidrSize	number	nodeIpv4CidrSize
NodePools	list	nodePools
Autoscaling	sequence	autoscaling
Autoprovisioned	boolean	autoprovisioned
Enabled	boolean	Is autoscaling enabled for this node pool
MaxNodeCount	number	Maximum number of nodes in the NodePool
MinNodeCount	number	Minimum number of nodes in the NodePool
Conditions	list	Describes which conditions caused the cluster or a node pool to have current status
Code	string	Condition code, valid values (UNKNOWN, GCE_STOCKOUT, GKE_SERVICE_ACCOUNT_DELETED, GCE_QUOTA_EXCEEDED)
Message	string	Human-friendly representation of the condition
Config	sequence	Parameters used in creating the cluster's nodes
Accelerators	list	List of hardware accelerators to be attached to each node
AcceleratorCount	number	Number of the accelerator cards exposed to an instance
AcceleratorType	string	Accelerator type resource name
DiskSizeGb	number	Size of the disk attached to each node, specified in GB
DiskType	string	Type of the disk attached to each node
ImageType	string	Image type to use for this node
LocalSsdCount	number	Number of local SSD disks to be attached to the node
MachineType	string	Google Compute Engine machine type, default 'n1-standard-1'
MinCpuPlatform	string	Minimum CPU platform to be used by this instance
Preemptible	boolean	Are created as preemptible VM instances
OauthScopes	list	Set of Google API scopes to be made available on all of the node VMs
Value	string	value
ServiceAccount	string	Google Cloud Platform Service Account to be used by the node VMs
Metadata	list	Metadata key/value pairs assigned to instances in the cluster
Name	string	Metadata Name
Value	string	Metadata Value
Labels	list	Map of Kubernetes labels (key/value pairs) to be applied to each node
Name	string	Tag Name
Value	string	Tag Value
Tags	list	List of instance tags applied to all nodes
Value	string	value
Taints	list	List of kubernetes taints to be applied to each node
Key	string	Key for taint
Value	string	Value for taint
Effect	string	Effect for taint, (EFFECT_UNSPECIFIED, NO_SCHEDULE, PREFER_NO_SCHEDULE, NO_EXECUTE)
SandboxConfig	sequence	SandboxConfig contains configurations of the sandbox to use for the node
SandboxType	string	Type of the sandbox to use for the node (e.g. 'gvisor')
Type	string	Type
NodeGroup	string	Setting this field will assign instances of this pool to run on the specified node group. This is useful for running workloads on sole tenant nodes.
BootDiskKmsKey	string	The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]
ShieldedInstanceConfig	sequence	A set of Shielded Instance options
EnableIntegrityMonitoring	boolean	Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created
EnableSecureBoot	boolean	Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails
ReservationAffinity	sequence	The optional reservation affinity. Setting this field will apply the specified Zonal Compute Reservation to this node pool.
ConsumeReservationType	string	Corresponds to the type of reservation consumption
Key	string	Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify "googleapis.com/reservation-name" as the key and specify the name of your reservation as its value
Values	list	Corresponds to the label value(s) of reservation resource(s)
LinuxNodeConfig	sequence	Parameters that can be configured on Linux nodes
Sysctls	string	The Linux kernel parameters to be applied to the nodes and all pods running on the nodes
EphemeralStorageConfig	sequence	EphemeralStorageConfig contains configuration for the ephemeral storage filesystem.
LocalSsdCount	number	Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. Each local SSD is 375 GB in size. If zero, it means to disable using local SSDs as ephemeral storage
WorkloadMetadataConfig	sequence	Workload metadata configuration for this node
NodeMetadata	string	Configuration for how to expose the node metadata to the workload running on the node, valid values (UNSPECIFIED, SECURE, EXPOSE)
InitialNodeCount	number	Initial node count for the pool
Management	sequence	NodeManagement configuration for this NodePool
AutoUpgrade	boolean	Is node auto-upgrade is enabled for the node pool
AutoRepair	boolean	Is node auto-repair is enabled for the node pool
UpgradeOptions	sequence	Specifies the Auto Upgrade knobs for the node pool
AutoUpgradeStartTime	number	This field is set when upgrades are about to commence with the approximate start time for the upgrades
Description	string	Field is set when upgrades are about to commence with the description of the upgrade
MaxPodsConstraint	sequence	Constraint on the maximum number of pods that can be run simultaneously on a node in the node pool
MaxPodsPerNode	number	Constraint enforced on the max num of pods per node
Name	string	Name of the node pool
Status	string	Status of the nodes in this pool instance, valid values (STATUS_UNSPECIFIED, PROVISIONING, RUNNING, RUNNING_WITH_ERROR, RECONCILING, STOPPING, ERROR)
StatusMessage	string	Additional information about the current status of this node pool instance
Version	string	Version of the Kubernetes of this node
Locations	list	The list of Google Compute Engine zones in which the NodePool's nodes should be located. If this value is unspecified during node pool creation, the Cluster.Locations value will be used, instead. Warning - changing node pool locations will result in nodes being added and/or removed
Value	string	value
SelfLink	string	Server-defined URL for the resource
PodIpv4CidrSize	number	The pod CIDR block size per node in this node pool
UpgradeSettings	sequence	Upgrade settings control disruption and speed of the upgrade
MaxSurge	number	The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process
MaxUnavailable	number	The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready
InstanceGroups	list	Managed instance groups associated with this node pool
id	string	value
PodSecurityPolicyConfig	sequence	Configuration for the PodSecurityPolicy feature
Enabled	boolean	Enabled
PrivateClusterConfig	sequence	Configuration for private cluster
EnablePrivateEndpoint	boolean	Whether the master's internal IP address is used as the cluster endpoint
EnablePrivateNodes	boolean	Whether nodes have internal IP addresses only
MasterIpv4CidrBlock	ip	IP range in CIDR notation to use for the hosted master network
PrivateEndpoint	string	Internal IP address of this cluster's master endpoint
PublicEndpoint	string	External IP address of this cluster's master endpoint
PeeringName	string	The peering name in the customer VPC used by this cluster
MasterGlobalAccessConfig	sequence	Controls master global access settings
Enabled	boolean	Whenever master is accessible globally or not
ServicesIpv4Cidr	ip	IP address range of the Kubernetes services in this cluster
Status	string	Current status of this cluster. ('STATUS_UNSPECIFIED', 'PROVISIONING', 'RUNNING', 'RECONCILING', 'STOPPING', 'ERROR', 'DEGRADED')
StatusMessage	string	Additional information about the current status of this cluster. This field is deprecated. Use Conditions instead.
Subnetwork	Reference to Subnet	Google Compute Engine subnetwork to which the cluster is connected
TpuIpv4CidrBlock	ip	IP address range of the Cloud TPUs in this cluster
VerticalPodAutoscaling	sequence	Cluster-level Vertical Pod Autoscaling configuration
Enabled	boolean	Enabled
Zone	string	Location/Zone
DatabaseEncryption	sequence	Configuration of etcd encryption
State	string	State of etcd encryption
KeyName	string	Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my- project/locations/global/keyRings/my- ring/cryptoKeys/my-key
ReleaseChannel	sequence	ReleaseChannel indicates which release channel a cluster is subscribed to. Release channels are arranged in order of risk. When a cluster is subscribed to a release channel, Google maintains both the master version and the node version. Node auto-upgrade defaults to true and cannot be disabled.
Channel	string	channel specifies which release channel the cluster is subscribed to
ShieldedNodes	sequence	Configuration of Shielded Nodes feature
Enabled	boolean	Whether Shielded Nodes features are enabled on all nodes in this cluster
ShieldedInstanceConfig	sequence	A set of Shielded Instance options
EnableIntegrityMonitoring	boolean	Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created
EnableSecureBoot	boolean	Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails
SandboxConfig	sequence	SandboxConfig contains configurations of the sandbox to use for the node
SandboxType	string	Type of the sandbox to use for the node (e.g. 'gvisor')
ResourceLabels	list	The resource labels for the cluster to use to annotate any related Google Compute Engine resources
ResourceUsageExportConfig	sequence	Configuration for exporting cluster resource usages
BigqueryDestination	sequence	Configuration to use BigQuery as usage export destination
DatasetId	string	The ID of a BigQuery Dataset
EnableNetworkEgressMetering	boolean	Whether to enable network egress metering for this cluster. If enabled, a daemonset will be created in the cluster to meter network egress traffic
ConsumptionMeteringConfig	sequence	Configuration to enable resource consumption metering
Enabled	boolean	Whether to enable consumption metering for this cluster. If enabled, a second BigQuery table will be created to hold resource consumption records
AuthenticatorGroupsConfig	sequence	Configuration for returning group information from authenticators
Enabled	boolean	Whether this cluster should return group membership lookups during authentication using a group of security groups
SecurityGroup	string	The name of the security group-of-groups to be used. Only relevant if enabled = true
WorkloadIdentityConfig	sequence	Configuration for the use of Kubernetes Service Accounts in GCP IAM policies
IdentityNamespace	string	IAM Identity Namespace to attach all Kubernetes Service Accounts to
WorkloadPool	string	The workload pool to attach all Kubernetes service accounts to
IdentityProvider	string	identity provider is the third party identity provider
ClusterTelemetry	sequence	Telemetry integration for the cluster
Type	string	Type of the integration
TpuConfig	sequence	Configuration for Cloud TPU
Enabled	boolean	Whether Cloud TPU integration is enabled or not
UseServiceNetworking	boolean	Whether to use service networking for Cloud TPU or not
Ipv4CidrBlock	string	IPv4 CIDR block reserved for Cloud TPU in the VPC
NotificationConfig	sequence	NotificationConfig is the configuration of notifications
Pubsub	sequence	Notification config for Pub/Sub
Enabled	boolean	Enable notifications for Pub/Sub
Topic	string	The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}
ConfidentialNodes	sequence	ConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs
Enabled	boolean	Whether Confidential Nodes feature is enabled for all nodes in this cluster
SelfLink	string	Server-defined URL for the resource

Attribute	Type	Description
id	string	Firewall ID, format 'projects/{project_id}/global/firewalls/{firewall_id}'
Name	string	Firewall Name
AccountId	string	Account ID
AccountName	string	Account Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Tags or Label
Name	string	Tag Name
Value	string	Tag Value
Allowed	list	Allowed Traffic Rules
Protocol	string	Allowed Protocol
Ports	list	Allowed Ports
ToPort	number	To port
FromPort	number	from port
Denied	list	Denied Traffic Rules
Protocol	string	Denied Protocol
Ports	list	Denied Ports
ToPort	number	To port
FromPort	number	from port
Description	string	description of firewall rule
Direction	string	Direction of firewall rule - valid values (EGRESS, INGRESS)
Disabled	boolean	Is firewall rule disabled
EnableLogging	boolean	enable Logging
UniqueId	string	id
VPC	Reference to VPC	Network resource for this firewallrule
Priority	number	priority of firewall rule
SourceRanges	list	sourceRanges
Value	ip	ip
DestinationRanges	list	Firewall Destination Ranges
Value	ip	ip
TargetTags	list	targetTags
Value	string	value
SourceTags	list	Firewall Source Tags
Value	string	value
SourceServiceAccounts	list	Firewall Source Service Accounts
Value	string	value
TargetServiceAccounts	list	Firewall Target Service Accounts
Value	string	value

Attribute	Type	Description
id	string	Subnet ID, format - 'projects/{project-id}/regions/{region-id}/subnetworks/{subnet-id}'
Name	string	Subnet Name
AccountId	string	Account ID
AccountName	string	Account Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Tags or Label
Name	string	Tag Name
Value	string	Tag Value
Description	string	Subnetwork description
LogEnabled	boolean	Whether to enable flow logging for this subnetwork
Fingerprint	string	Fingerprint of this resource
Gateway	string	Gateway address for default routes to reach destination addresses outside this subnetwork
CIDR	ip	Range of internal addresses that are owned by this subnetwork
VPC	Reference to VPC	Network to which this subnetwork belongs
PrivateIPGoogleAccess	boolean	Whether the VMs in this subnet can access Google services without assigned external IP addresses
SecondaryIpRanges	list	Configurations for secondary IP ranges for VM instances contained in this subnetwork
CIDR	ip	Range of IP addresses belonging to this subnetwork secondary range
RangeName	string	Name associated with this subnetwork secondary range

Attribute	Type	Description
id	string	Role ID, format 'roles/{role-name}' or 'projects/{project-id}/roles/{role-name}'
Name	string	Role Name
AccountName	string	Project Name (Not present if role does not belong to a project)
AccountId	string	Project ID (Not present if role does not belong to a project)
Stage	string	Current stage of launch of role
Permissions	list	Permissions this role grants
Project	Reference to Project	Project (if role belongs to project)
Deleted	boolean	Current deleted state of the role
InbuiltRole	boolean	Is role GCP in-built role or custom to project
Title	string	Role title

Attribute	Type	Description
id	string	Forwarding Rule ID, format - 'projects/{project-id}/regions/{region-id}/forwardingRules/{forwardingRules-id}'
Name	string	name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Tags or Label
Name	string	Tag Name
Value	string	Tag Value
IP	ip	IP address that this forwarding rule is serving on behalf of
Address	sequence	GCP Compute Address resource
id	string	Address ID
Protocol	string	IP protocol to which this rule applies, valid values (TCP, UDP, ESP, AH, SCTP, ICMP)
PortRanges	list	Forwarding rule port range
FromPort	number	Start port range
ToPort	number	End port range
BackendService	string	For INTERNAL load balancing, this field identifies the BackendService resource to receive the matched traffic
Description	string	Description of this resource
IpVersion	string	IP Version that will be used by this forwarding rule. valid values (IPV4, IPV6)
Type	string	Load Balancing Scheme, signifies what the ForwardingRule will be used for, valid values (INTERNAL, INTERNAL_SELF_MANAGED, EXTERNAL)
Network	string	For INTERNAL and INTERNAL_SELF_MANAGED load balancing, this field identifies the network that the load balanced IP should belong to for this Forwarding Rule
NetworkTier	string	This signifies the networking tier used for configuring this load balance, valid values (PREMIUM , STANDARD)
Subnet	Reference to Subnet	For internal load balancing, this field identifies the subnetwork that the load balanced IP should belong to for this Forwarding Rule
Target	string	Target resource to receive the matched traffic

Attribute	Type	Description
id	string	Service Account ID, format 'projects/{project-id}/serviceAccounts/{service-account-email}'
Name	string	Email
AccountName	string	Project Name
AccountId	string	Project ID
Project	Reference to Project	Project
Email	string	Email address of the service account
Oauth2ClientId	string	OAuth2 client id for the service account
UniqueId	string	Unique and stable id of the service account
Keys	list	Service Account Key pairs
id	string	Key name
Validity	sequence	Validity duration of the key
AfterTime	number	Key valid after time
BeforeTime	number	Key valid before time
Algorithm	string	Key Algorithm, valid values (KEY_ALG_UNSPECIFIED, KEY_ALG_RSA_1024, KEY_ALG_RSA_2048)

Attribute	Type	Description
id	string	KMS Key ID, format 'projects/{project-id}/locations/{locaiton-id}/keyRings/{keyring-id}/cryptoKeys/{key-id}'
Name	string	Key name
RegionName	string	Region Name
RegionId	string	Region ID
AccountName	string	Account Name
AccountId	string	Account ID
Project	Reference to Project	Project
Tags	list	Labels
Name	string	Key Name
Value	string	Key Value
State	string	key state - valid values ('ENABLED', 'DISABLED', 'DESTROYED', 'DESTROY_SCHEDULED', 'PENDING_GENERATION', 'CRYPTO_KEY_VERSION_STATE_UNSPECIFIED')
CreationDate	number	Project Created Date in UNIX Epoch time in seconds
RotationPeriod	number	Rotation period
NextRotationTime	number	Date/Time for next Rotation in Epock
Bindings	list	IAM Policy bindings of Cloud KMS
Role	string	Role attached to Cloud KMS
Members	list	Member of IAM Policy for Cloud KMS

Attribute	Type	Description
id	string	IAM Policy ID, format 'project[s]/{project-id}/roles/{role-name}'
Name	string	IAM Policy Name
AccountName	string	Account Name
AccountId	string	Account ID
RegionName	string	IAMPolicy Region
RegionId	string	IAMPolicy Region
Access	string	IAMPolicy access
Role	Reference to Role	IAM Role
Project	Reference to Project	Project
Members	sequence	IAM Member
UserEmails	list	User Account Email
Email	string	email
GroupEmails	list	Group Account Email
Email	string	email
ServiceEmails	list	Service Account Email
Email	string	email
Domains	list	Domain
AllUsers	boolean	All Users
AllAuthenticatedUsers	boolean	All Authenticated Users
Tags	list	Tags or Label
Name	string	Tag name
Value	string	Tag Value

Attribute	Type	Description
id	string	IAM Policy ID, format 'projects/{project-id}/IAMPolicyUsers/{user-email}'
Name	string	User Email
AccountName	string	Project Name
AccountId	string	Peoject ID
RegionName	string	IAMPolicy Region
RegionId	string	IAMPolicy Region
Roles	Reference to Role	IAM Role
Project	Reference to Project	Project
Tags	list	Tags or Label
Name	string	Tag name
Value	string	Tag Value

Attribute	Type	Description
id	string	DNS Managed Zone ID, format 'projects/{project-id}/dnsManagedZones/{managed-zones-id}'
Name	string	User assigned name for this DNS Managed Zone
AccountId	string	Account ID
AccountName	string	Account Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	User Label
Name	string	Label Key
Value	string	Label Value
Project	Reference to Project	Project
Description	string	Resource description
DnsName	string	DNS name of this managed zone
NameServerSet	string	Specifies the NameServerSet for this ManagedZone
NameServers	list	Delegate the managed zone to these virtual name servers
Value	string	value
DnssecConfig	sequence	DNS Security Extensions Configuration
DefaultKeySpecs	list	Specifies parameters that will be used for generating initial DnsKeys for this ManagedZone
Algorithm	string	DNSSEC algorithm of the key, valid values (ecdsap256sha256, ecdsap384sha384, rsasha1, rsasha256, rsasha512)
KeyLength	number	Length of the keys in bits
KeyType	string	Key type, valid values (keySigning, zoneSigning)
NonExistence	string	Specifies the mechanism used to provide authenticated denial-of-existence responses, valid values (nsec, nsec3)
State	string	Specifies whether DNSSEC is state, valid values (on. off. transfer)
Status	string	Status of DNSSEC, valid values (active, inactive)

Attribute	Type	Description
id	string	Log Metric ID, format - 'projects/{project-id}/logMetrics/{metric-type-id}'
Name	string	Log Metric Name
AccountId	string	Account ID
AccountName	string	Account Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Project	Reference to Project	Project
Tags	list	Label Extractors
Name	string	Tag Name
Value	string	Tag Value
BucketOptions	sequence	Describes the bucket boundaries used to create a histogram of the extracted values
ExplicitBuckets	sequence	ExplicitBucket
Bounds	list	Bounds, values must be monotonically increasing
Value	number	value
ExponentialBuckets	sequence	Exponential Bucket
GrowthFactor	number	Growth Factor, must be greater than 1
NumFiniteBuckets	number	Finite Buckets, must be greater than 0
Scale	number	Scale, Must be greater than 0
LinearBuckets	sequence	Linear Bucket
NumFiniteBuckets	number	Finite Buckets, must be greater than 0
Offset	number	Lower bound of the first bucket
Width	number	Width, must be greater than 0.
Description	string	None
Filter	string	An advanced logs filter which is used to match log entries
MetricDescriptor	sequence	Metric descriptor associated with the logs-based metric
Description	string	None
DisplayName	string	Concise name for the metric
Labels	list	A description of a label
Description	string	Detailed description of the metric
Key	string	Label key
ValueType	string	Value type for label, valid values (STRING, BOOL, INT64)
Metadata	sequence	Metadata which can be used to guide usage of the metric
IngestDelay	number	Delay of data points caused by ingestion in seconds
LaunchStage	string	Launch stage of the metric definition, valid values (LAUNCH_STAGE_UNSPECIFIED, EARLY_ACCESS, ALPHA, BETA, GA, DEPRECATED)
SamplePeriod	number	Sampling period of metric data point in seconds
MetricKind	string	The kind of measurement, valid values (METRIC_KIND_UNSPECIFIED, GAUGE, DELTA, CUMULATIVE)
Name	string	Metric descriptor name
Type	string	Metric type, including its DNS name prefix
Unit	string	Unit in which the metric value is reported
ValueType	string	Value type of a metric, valid values (VALUE_TYPE_UNSPECIFIED, BOOL, INT64, DOUBLE, STRING, DISTRIBUTION, MONEY)
ValueExtractor	string	ValueExtractor is used when using a distribution logs-based metric to extract the values to record from a log entry
AlertPolicies	Reference to AlertPolicy	AlertPolicies using this log metric

Attribute	Type	Description
id	string	Alert Policy ID , format 'projects/{project-id}/alertPolicies/{alert-policy-id}'
Name	string	Alert Policy Name
AccountId	string	GCP Project ID
AccountName	string	GCP Project Name
CreationDate	number	Alert policy creation date in UNIX epoch time
RegionId	string	GCP Location ID
RegionName	string	GCP Location Name
Tags	list	User Labels
Name	string	Label Name
Value	string	Label Value
Combiner	string	Logical conjunction, valid values (COMBINE_UNSPECIFIED, AND, OR, AND_WITH_MATCHING_RESOURCE)
Conditions	list	List of conditions for the policy, contains either ConditionAbsent or ConditionThreshold
ConditionAbsent	sequence	Condition that checks that a time series continues to receive new data points
Aggregations	list	Specifies the alignment of data points in individual time series as well as how to combine the retrieved time series together
AlignmentPeriod	number	Alignment period for per-time series alignment in seconds
CrossSeriesReducer	string	Approach to be used to combine time series
GroupByFields	list	Set of fields to preserve when CrossSeriesReducer is specified
Value	string	value
PerSeriesAligner	string	Approach to be used to align individual time series
Duration	number	Amount of time that a time series must fail to report new data to be considered failing in seconds
LogMetric	Reference to LogMetric	Log Metric in filter, if used
Filter	string	Filter that identifies which time series should be compared with the threshold
Trigger	sequence	Number/percent of time series for which the comparison must hold in order for the condition to trigger
Count	number	Absolute number of time series that must fail the predicate for the condition to be triggered
Percent	number	Percentage of time series that must fail the predicate for the condition to be triggered
ConditionThreshold	sequence	Condition that compares a time series against a threshold
Aggregations	list	Specifies the alignment of data points in individual time series as well as how to combine the retrieved time series together
AlignmentPeriod	number	Alignment period for per-time series alignment in seconds
CrossSeriesReducer	string	Approach to be used to combine time series
GroupByFields	list	Set of fields to preserve when CrossSeriesReducer is specified
Value	string	value
PerSeriesAligner	string	Approach to be used to align individual time series
Comparison	string	Comparison to apply between the time series and the threshold, valid values (COMPARISON_UNSPECIFIED, COMPARISON_GT, COMPARISON_GE, COMPARISON_LT, COMPARISON_LE, COMPARISON_EQ, COMPARISON_NE)
DenominatorAggregations	list	Specifies the alignment of data points in individual time series selected by denominatorFilter
AlignmentPeriod	number	Alignment period for per-time series alignment in seconds
CrossSeriesReducer	string	Approach to be used to combine time series
GroupByFields	list	Set of fields to preserve when CrossSeriesReducer is specified
Value	string	value
PerSeriesAligner	string	Approach to be used to align individual time series
DenominatorFilter	string	Filter that identifies a time series that should be used as the denominator of a ratio that will be compared with the threshold
Duration	number	Amount of time that a time series must violate the threshold to be considered failing
LogMetric	Reference to LogMetric	Log Metric in filter, if used
DenominatorLogMetric	Reference to LogMetric	Log Metric in denominator filter, if used
Filter	string	None
ThresholdValue	number	Value against which to compare the time series
Trigger	sequence	Number/percent of time series for which the comparison must hold in order for the condition to trigger
Count	number	Absolute number of time series that must fail the predicate for the condition to be triggered
Percent	number	Percentage of time series that must fail the predicate for the condition to be triggered
DisplayName	string	Short name or phrase used to identify the condition in dashboards
Name	string	Unique resource name for this condition
CreationRecord	sequence	Creation of the alerting policy record
MutateTime	number	Creation date/time of the alerting policy in UNIX epoch time
MutatedBy	string	Email address of the user making the change
DisplayName	string	A short name or phrase used to identify the policy in dashboards
Documentation	sequence	Documentation that is included with notifications and incidents related to this policy
Content	string	Text of the documentation
MimeType	string	Format of the content field
Enabled	boolean	Whether or not the policy is enabled
MutationRecord	sequence	Most recent change to the alerting policy
MutateTime	number	Edited date/time of the alerting policy in UNIX epoch time
MutatedBy	string	Email address of the user making the change
NotificationChannels	list	Identifies the notification channels to which notifications should be sent
Value	string	value

Attribute	Type	Description
id	string	Route Id, format - 'projects/{project}/routes/{route-id}'
Name	string	Route Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Instance tags to which this route applies
Name	string	value
Value	string	value
Description	string	Description of this resource
DestinationCIDR	ip	Destination range of outgoing packets that this route applies to, CIDR IPV4
Network	Reference to VPC	GCP Compute Network that this route applies to
NextHopGateway	string	Gateway that should handle matching packets
NextHopInstance	Reference to Instance	Instance that should handle matching packets
NextHopIP	ip	IP address of an instance that should handle matching packets
NextHopNetwork	Reference to VPC	Local network if it should handle matching packets
NextHopPeering	string	Network peering name that should handle matching packets
NextHopVpnTunnel	string	VpnTunnel that should handle matching packets
Priority	number	Priority of this route
UniqueId	string	Unique identifier for the resource
Warnings	list	If potential misconfigurations are detected for this route, this field will be populated with warning messages
Code	string	A warning code
Data	list	Metadata about this warning
Key	string	Key that provides more detail on the warning being returned
Value	string	Warning data value corresponding to the key
Message	string	Human-readable description of the warning code

Attribute	Type	Description
id	string	Service Id, format - 'projects/{project-id}/services/{service-name}'
Name	string	name
AccountName	string	Project Name
AccountId	string	Project ID
Project	Reference to Project	Project
Config	sequence	config
Authentication	sequence	authentication
Documentation	sequence	documentation
Summary	string	summary
Name	string	name
Quota	sequence	quota
Title	string	title
Usage	sequence	usage
Requirements	list	requirements
Value	string	value
State	string	state

Attribute	Type	Description
id	string	Cloud Functions ID, format 'projects/{project-id}/locations/{locaton-id}/functions/{cluster-id}'
Name	string	Kubernetes Cluster Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Resource labels for the cluster to use to annotate any related Google Compute Engine resources
Name	string	Tag Name
Value	string	Tag Value
Status	string	Function status
EntryPoint	string	Function EntryPoint
Runtime	string	Function runtime
Timeout	string	Function timeout
AvailableMemoryMb	number	Function available Memory in Mb
ServiceAccountEmail	string	Function serviceAccountEmail
UpdateTime	string	Function updateTime
VersionId	string	Function versionId
Network	string	Function network
MaxInstances	number	Function maxInstances
VPCConnector	string	Function VPC Connector
SourceArchiveUrl	string	Function source Archive Url
SourceRepository	sequence	Function Source Repository
URL	string	URL
DeployedURL	string	Cloud function deployed Url
SourceUploadUrl	string	Function source Upload Url
HTTPSTrigger	sequence	Function HTTPS Trigger
url	string	url
EventTrigger	sequence	Function eventTrigger
EventType	string	Event Type
Resource	string	Trigger Resource
Service	string	Trigger Service
FailurePolicy	sequence	failurePolicy
retry	sequence	retry

Attribute	Type	Description
id	string	Dataproc Cluster ID, format 'projects/{project-id}/regions/{locaton-id}/cluster/{cluster-id}'
Name	string	Dataprocs Cluster Name
AccountId	string	Project ID
AccountName	string	Project Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
RegionId	string	Region ID
RegionName	string	Region Name
Tags	list	Labels for Dataproc Clusters
Name	string	Tag Name
Value	string	Tag Value
ClusterName	string	Cluster Name
Status	sequence	Cluster Status
State	string	Cluster Status State
Detail	string	Cluster Status Detail
StateStartTime	string	Cluster State Start Time
Substate	string	Cluster Status Substate
StatusHistory	list	Cluster Status History
State	string	Cluster Status State
Detail	string	Cluster Status Detail
StateStartTime	string	Cluster State Start Time
Substate	string	Cluster Status Substate
ClusterUuid	string	Cluster Cluster Uuid
Metrics	sequence	Cluster metrics
HDFSMetrics	list	Cluster hdfs Metric
Name	string	HDFS Metric Property Name
Value	string	HDFS Metric Properties Value
YARNMetrics	string	Cluster YARN Metric
Config	sequence	Cluster Config
ConfigBucket	string	Cluster config Bucket
EncryptionConfig	sequence	Cluster encryption Config
GcePdKmsKeyName	string	Cluster gce Pd Kms Key Name
GceClusterConfig	sequence	Cluster gce Cluster Config
InternalIpOnly	boolean	Cluster internal Ip Only
Metadata	list	Metadata key/value pairs assigned to cluster
Name	string	Metadata Name
Value	string	Metadata Value
NetworkUri	string	Cluster network Uri
ServiceAccount	string	Cluster service Account
ServiceAccountScopes	list	Cluster service Account Scopes
Value	string	value
SubnetworkUri	string	Cluster subnetwork Uri
Tags	list	Cluster tags
Value	string	value
ZoneUri	string	Cluster zone Uri
InitializationActions	list	Cluster initialization Actions
ExecutableFile	string	Cluster executable File
ExecutionTimeout	string	Cluster execution Timeout
MasterConfig	sequence	Cluster master Config
Accelerators	list	Cluster accelerators
AcceleratorCount	number	Cluster accelerator Count
AcceleratorTypeUri	string	Cluster accelerator Type Uri
DiskConfig	sequence	Cluster disk Config
BootDiskSizeGb	number	Cluster boot Disk Size Gb
BootDiskType	string	Cluster boot Disk Type
NumLocalSsds	number	Cluster num Local Ssds
ImageUri	string	Cluster image Uri
InstanceNames	list	Cluster instance Names
Value	string	value
IsPreemptible	boolean	Cluster is Preemptible
MachineTypeUri	string	Cluster machine Type Uri
ManagedGroupConfig	sequence	Cluster managed Group Config
InstanceGroupManagerName	string	Cluster instance Group Manager Name
InstanceTemplateName	string	Cluster instance Template Name
NumInstances	number	Cluster num Instances
SecondaryWorkerConfig	sequence	Cluster secondary Worker Config
Accelerators	list	Cluster accelerators
AcceleratorCount	number	Cluster accelerator Count
AcceleratorTypeUri	string	Cluster accelerator Type Uri
DiskConfig	sequence	Cluster disk Config
BootDiskSizeGb	number	Cluster boot Disk Size Gb
BootDiskType	string	Cluster boot Disk Type
NumLocalSsds	number	Cluster num Local Ssds
ImageUri	string	Cluster image Uri
InstanceNames	list	Cluster instance Names
Value	string	value
IsPreemptible	boolean	Cluster is Preemptible
MachineTypeUri	string	Cluster machine Type Uri
ManagedGroupConfig	sequence	Cluster managed Group Config
InstanceGroupManagerName	string	Cluster instance Group Manager Name
InstanceTemplateName	string	Cluster instance Template Name
NumInstances	number	Cluster num Instances
SoftwareConfig	sequence	Cluster software Config
ImageVersion	string	Cluster image Version
OptionalComponents	list	Cluster optional Components
Value	string	value
Properties	list	Properties key/value pairs assigned to cluster
Name	string	Properties Name
Value	string	Properties Value
WorkerConfig	sequence	Cluster worker Config
Accelerators	list	Cluster accelerators
AcceleratorCount	number	Cluster accelerator Count
AcceleratorTypeUri	string	Cluster accelerator Type Uri
DiskConfig	sequence	Cluster disk Config
BootDiskSizeGb	number	Cluster boot Disk Size Gb
BootDiskType	string	Cluster boot Disk Type
NumLocalSsds	number	Cluster num Local Ssds
ImageUri	string	Cluster image Uri
InstanceNames	list	Cluster instance Names
Value	string	value
IsPreemptible	boolean	Cluster is Preemptible
MachineTypeUri	string	Cluster machine Type Uri
ManagedGroupConfig	sequence	Cluster managed Group Config
InstanceGroupManagerName	string	Cluster instance Group Manager Name
InstanceTemplateName	string	Cluster instance Template Name
NumInstances	number	Cluster num Instances

Attribute	Type	Description
id	string	Organization ID, format 'organizations/{project-id}'
Name	string	Organization Name
RegionName	string	Region Name
RegionId	string	Region ID
AccountName	string	Project Name
AccountId	string	Project ID
CreationDate	number	Organization creation date
Status	string	Organization status, valid values (active, inactive)
LifecycleState	string	Organization lifecycle state, valid values (LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED, DELETE_IN_PROGRESS)
Owner	sequence	Owner Of Organization
DirectoryCustomerId	string	Directory Customer Id of Organization
DisplayName	string	Display Name or Organization
OrganizationPolicies	list	Organization Policies
Version	number	Policy Version
Constraint	string	Constraint ID associated with policy
UpdateTime	number	Policy Update Time
PolicyConfiguration	sequence	Policy Configuration
AllowedValues	list	List of values allowed for resource
DeniedValues	list	List of values denied for resource
AllValues	string	The policy allValues state.
SuggestedValue	string	Suggested Value for policy
InheritFromParent	boolean	inheritance behavior for the Policy
PolicyEnforced	boolean	Is Policy is enforced
Projects	Reference to Project	Projects associated with Organization
EssentialContacts	list	Essential Contact of Organization
Name	string	Essential Contact name of Organization
Email	string	The email address to send notifications to. This does not need to be a Google account.
NotificationCategorySubscriptions	list	The categories of notifications that the contact will receive communications for
NotificationCategory	string	The notification categories that an essential contact can be subscribed to
LanguageTag	string	The preferred language for notifications, as a ISO 639-1 language code
ValidationState	string	The validity of the contact. A contact is considered valid if it is the correct recipient for notifications for a particular resource (VALIDATION_STATE_UNSPECIFIED \| VALID \| INVALID)
ValidateTime	number	The last time the validationState was updated, either manually or automatically. A contact is considered stale if its validation state was updated more than 1 year ago

Attribute	Type	Description
id	string	Access Policy ID, format 'accessPolicies/{accessPolicy-id}'
Name	string	Access Policy Name
AccountId	string	Project ID
AccountName	string	Project Name
RegionId	string	Region ID
RegionName	string	Region Name
CreationDate	number	Creation Date/Time in UNIX Epoch time
UpdationDate	number	Creation Date/Time in UNIX Epoch time
Parent	string	Parent of access Policy
Org	Reference to Organization	Org of access policy
Title	string	Title of access policy
AccessLevel	list	Access Level
Name	string	Access Level Name
Title	string	Access Level Title
CreationDate	number	Creation Date/Time in UNIX Epoch time
UpdationDate	number	Update Time Date/Time in UNIX Epoch time
Basic	sequence	Access Level Basic config
Conditions	list	Access level conditions
IPSubnetworks	list	IP Subnetworks
DevicePolicy	sequence	Device Policy
RequireScreenlock	boolean	Require Screen lock
AllowedEncryptionStatuses	list	Allowed Encryption Statuses
OSConstraints	list	OS Constraints
OSType	string	OS Type
MinimumVersion	string	Minimum Version of OS
RequireVerifiedChromeOs	boolean	Require Verified Chrome OS
RequireCorpOwned	boolean	Require Corp Owned
AllowedDeviceManagementLevels	list	Allowed Device Management Levels
RequireAdminApproval	boolean	Require Admin Approval
RequiredAccessLevels	list	Required Access Levels
Negate	string	Whether to negate the Condition
Members	list	Members
Regions	list	Regions for access level
CombiningFunction	string	Combining Function
ServicePerimeters	list	Service Perimeters
Name	string	Access Level Name
Title	string	Access Level Title
UpdationDate	number	Update Time Date/Time in UNIX Epoch time
CreationDate	number	Creation Date/Time in UNIX Epoch time
PerimeterType	string	Perimeter Type
Status	sequence	Perimeter Type
Resources	list	resources Type
AccessLevels	list	Access Levels
RestrictedServices	list	Perimeter Type

Attribute	Type	Description
id	string	API Key ID, format 'projects/{project-id}/locations/global/keys/{api-key-id}'
Name	string	API Key Name
AccountName	string	Account Name
AccountId	string	Account ID
RegionName	string	API Key Region Name
RegionId	string	API Key Region ID
CreationDate	number	Creation date/time in UNIX epoch
UpdatedDate	number	Creation date/time in UNIX epoch
APIRestrictions	list	A restriction for a specific service. Requests are allowed if they match any of these restrictions. If no restrictions are specified, all targets are allowed
Service	string	The service for this restriction. It should be the canonical service name, for example - translate.googleapis.com. You can use gcloud services list to get a list of services that are enabled in the project
ApplicationRestriction	string	An application restriction controls which websites, IP addresses, or applications can use your API key. You can set one application restriction per key
BrowserKeyRestrictions	list	The HTTP referrers (websites) that are allowed to use the key
AllowedReferrer	string	A regular expressions for the referrer URLs that are allowed to make API calls with this key
ServerKeyRestrictions	list	The IP addresses of callers that are allowed to use the key
AllowedIp	ip	A caller IP address that are allowed to make API calls with this key
AndroidKeyRestrictions	list	The Android apps that are allowed to use the key
Sha1Fingerprint	string	The SHA1 fingerprint of the application. For example, both sha1 formats are acceptable - DA:39:A3:EE:5E:6B:4B:0D:32:55:BF:EF:95:60:18:90:AF:D8:07:09 or DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Output format is the latter
PackageName	string	The package name of the application
IosKeyRestrictions	list	The iOS apps that are allowed to use the key
AllowedBundleId	string	A bundle ID that are allowed when making API calls with this key

Attribute	Type	Description
id	string	Access Approval Setting ID, format 'projects/{project-id}/accessApprovalSettings'
Name	string	Access Approval Setting Name
AccountName	string	Account Name
AccountId	string	Account ID
RegionName	string	Access Approval Setting Region Name
RegionId	string	Access Approval Setting Region ID
Enabled	boolean	Is Access Approval Setting enabled in the project or not
NotificationEmails	list	A list of email addresses to which notifications relating to approval requests should be sent. Notifications relating to a resource will be sent to all emails in the settings of ancestor resources of that resource. A maximum of 50 email addresses are allowed
EnrolledServices	list	A list of Google Cloud Services for which the given resource has Access Approval enrolled. Access requests for the resource given by name against any of these services contained here will be required to have explicit approval. If name refers to an organization, enrollment can be done for individual services. If name refers to a folder or project, enrollment can only be done on an all or nothing basis.
CloudProduct	string	The product for which Access Approval will be enrolled
EnrollmentLevel	string	The enrollment level of the service (ENROLLMENT_LEVEL_UNSPECIFIED \| BLOCK_ALL)

Google Cloud Entities supported in DSL

Access policy

Account

cloudfunctions

Compute

Database

dataproc

Identity

Management

Network

Organization

Security

Storage