gcp_pubsub_topic

ancestors

Type: UNORDERED_LIST_STRING

ingestion_data_source_settings

Type: STRUCT
Provider name: ingestionDataSourceSettings
Description: Optional. Settings for ingestion from a data source into this topic.

  • aws_kinesis
    Type: STRUCT
    Provider name: awsKinesis
    Description: Optional. Amazon Kinesis Data Streams.
    • aws_role_arn
      Type: STRING
      Provider name: awsRoleArn
      Description: Required. AWS role ARN to be used for Federated Identity authentication with Kinesis. Check the Pub/Sub docs for how to set up this role and the required permissions that need to be attached to it.
    • consumer_arn
      Type: STRING
      Provider name: consumerArn
      Description: Required. The Kinesis consumer ARN to used for ingestion in Enhanced Fan-Out mode. The consumer must be already created and ready to be used.
    • gcp_service_account
      Type: STRING
      Provider name: gcpServiceAccount
      Description: Required. The GCP service account to be used for Federated Identity authentication with Kinesis (via a AssumeRoleWithWebIdentity call for the provided role). The aws_role_arn must be set up with accounts.google.com:sub equals to this service account number.
    • state
      Type: STRING
      Provider name: state
      Description: Output only. An output-only field that indicates the state of the Kinesis ingestion source.
      Possible values:
      • STATE_UNSPECIFIED - Default value. This value is unused.
      • ACTIVE - Ingestion is active.
      • KINESIS_PERMISSION_DENIED - Permission denied encountered while consuming data from Kinesis. This can happen if: - The provided aws_role_arn does not exist or does not have the appropriate permissions attached. - The provided aws_role_arn is not set up properly for Identity Federation using gcp_service_account. - The Pub/Sub SA is not granted the iam.serviceAccounts.getOpenIdToken permission on gcp_service_account.
      • PUBLISH_PERMISSION_DENIED - Permission denied encountered while publishing to the topic. This can happen if the Pub/Sub SA has not been granted the appropriate publish permissions
      • STREAM_NOT_FOUND - The Kinesis stream does not exist.
      • CONSUMER_NOT_FOUND - The Kinesis consumer does not exist.
    • stream_arn
      Type: STRING
      Provider name: streamArn
      Description: Required. The Kinesis stream ARN to ingest data from.
  • aws_msk
    Type: STRUCT
    Provider name: awsMsk
    Description: Optional. Amazon MSK.
    • aws_role_arn
      Type: STRING
      Provider name: awsRoleArn
      Description: Required. AWS role ARN to be used for Federated Identity authentication with Amazon MSK. Check the Pub/Sub docs for how to set up this role and the required permissions that need to be attached to it.
    • cluster_arn
      Type: STRING
      Provider name: clusterArn
      Description: Required. The Amazon Resource Name (ARN) that uniquely identifies the cluster.
    • gcp_service_account
      Type: STRING
      Provider name: gcpServiceAccount
      Description: Required. The GCP service account to be used for Federated Identity authentication with Amazon MSK (via a AssumeRoleWithWebIdentity call for the provided role). The aws_role_arn must be set up with accounts.google.com:sub equals to this service account number.
    • state
      Type: STRING
      Provider name: state
      Description: Output only. An output-only field that indicates the state of the Amazon MSK ingestion source.
      Possible values:
      • STATE_UNSPECIFIED - Default value. This value is unused.
      • ACTIVE - Ingestion is active.
      • MSK_PERMISSION_DENIED - Permission denied encountered while consuming data from Amazon MSK.
      • PUBLISH_PERMISSION_DENIED - Permission denied encountered while publishing to the topic.
      • CLUSTER_NOT_FOUND - The provided MSK cluster wasn’t found.
      • TOPIC_NOT_FOUND - The provided topic wasn’t found.
    • topic
      Type: STRING
      Provider name: topic
      Description: Required. The name of the topic in the Amazon MSK cluster that Pub/Sub will import from.
  • azure_event_hubs
    Type: STRUCT
    Provider name: azureEventHubs
    Description: Optional. Azure Event Hubs.
    • client_id
      Type: STRING
      Provider name: clientId
      Description: Optional. The client id of the Azure application that is being used to authenticate Pub/Sub.
    • event_hub
      Type: STRING
      Provider name: eventHub
      Description: Optional. The name of the Event Hub.
    • gcp_service_account
      Type: STRING
      Provider name: gcpServiceAccount
      Description: Optional. The GCP service account to be used for Federated Identity authentication.
    • namespace
      Type: STRING
      Provider name: namespace
      Description: Optional. The name of the Event Hubs namespace.
    • resource_group
      Type: STRING
      Provider name: resourceGroup
      Description: Optional. Name of the resource group within the azure subscription.
    • state
      Type: STRING
      Provider name: state
      Description: Output only. An output-only field that indicates the state of the Event Hubs ingestion source.
      Possible values:
      • STATE_UNSPECIFIED - Default value. This value is unused.
      • ACTIVE - Ingestion is active.
      • EVENT_HUBS_PERMISSION_DENIED - Permission denied encountered while consuming data from Event Hubs. This can happen when client_id, or tenant_id are invalid. Or the right permissions haven’t been granted.
      • PUBLISH_PERMISSION_DENIED - Permission denied encountered while publishing to the topic.
      • NAMESPACE_NOT_FOUND - The provided Event Hubs namespace couldn’t be found.
      • EVENT_HUB_NOT_FOUND - The provided Event Hub couldn’t be found.
      • SUBSCRIPTION_NOT_FOUND - The provided Event Hubs subscription couldn’t be found.
      • RESOURCE_GROUP_NOT_FOUND - The provided Event Hubs resource group couldn’t be found.
    • subscription_id
      Type: STRING
      Provider name: subscriptionId
      Description: Optional. The Azure subscription id.
    • tenant_id
      Type: STRING
      Provider name: tenantId
      Description: Optional. The tenant id of the Azure application that is being used to authenticate Pub/Sub.
  • cloud_storage
    Type: STRUCT
    Provider name: cloudStorage
    Description: Optional. Cloud Storage.

    • avro_format
      Type: STRUCT
      Provider name: avroFormat
      Description: Optional. Data from Cloud Storage will be interpreted in Avro format.

    • bucket
      Type: STRING
      Provider name: bucket
      Description: Optional. Cloud Storage bucket. The bucket name must be without any prefix like “gs://”. See the [bucket naming requirements] (https://cloud.google.com/storage/docs/buckets#naming).

    • match_glob
      Type: STRING
      Provider name: matchGlob
      Description: Optional. Glob pattern used to match objects that will be ingested. If unset, all objects will be ingested. See the supported patterns.

    • minimum_object_create_time
      Type: TIMESTAMP
      Provider name: minimumObjectCreateTime
      Description: Optional. Only objects with a larger or equal creation timestamp will be ingested.

    • pubsub_avro_format
      Type: STRUCT
      Provider name: pubsubAvroFormat
      Description: Optional. It will be assumed data from Cloud Storage was written via Cloud Storage subscriptions.

    • state
      Type: STRING
      Provider name: state
      Description: Output only. An output-only field that indicates the state of the Cloud Storage ingestion source.
      Possible values:

      • STATE_UNSPECIFIED - Default value. This value is unused.
      • ACTIVE - Ingestion is active.
      • CLOUD_STORAGE_PERMISSION_DENIED - Permission denied encountered while calling the Cloud Storage API. This can happen if the Pub/Sub SA has not been granted the appropriate permissions: - storage.objects.list: to list the objects in a bucket. - storage.objects.get: to read the objects in a bucket. - storage.buckets.get: to verify the bucket exists.
      • PUBLISH_PERMISSION_DENIED - Permission denied encountered while publishing to the topic. This can happen if the Pub/Sub SA has not been granted the appropriate publish permissions
      • BUCKET_NOT_FOUND - The provided Cloud Storage bucket doesn’t exist.
      • TOO_MANY_OBJECTS - The Cloud Storage bucket has too many objects, ingestion will be paused.

    • text_format
      Type: STRUCT
      Provider name: textFormat
      Description: Optional. Data from Cloud Storage will be interpreted as text.

      • delimiter
        Type: STRING
        Provider name: delimiter
        Description: Optional. When unset, ‘\n’ is used.
  • confluent_cloud
    Type: STRUCT
    Provider name: confluentCloud
    Description: Optional. Confluent Cloud.
    • bootstrap_server
      Type: STRING
      Provider name: bootstrapServer
      Description: Required. The address of the bootstrap server. The format is url:port.
    • cluster_id
      Type: STRING
      Provider name: clusterId
      Description: Required. The id of the cluster.
    • gcp_service_account
      Type: STRING
      Provider name: gcpServiceAccount
      Description: Required. The GCP service account to be used for Federated Identity authentication with identity_pool_id.
    • identity_pool_id
      Type: STRING
      Provider name: identityPoolId
      Description: Required. The id of the identity pool to be used for Federated Identity authentication with Confluent Cloud. See https://docs.confluent.io/cloud/current/security/authenticate/workload-identities/identity-providers/oauth/identity-pools.html#add-oauth-identity-pools.
    • state
      Type: STRING
      Provider name: state
      Description: Output only. An output-only field that indicates the state of the Confluent Cloud ingestion source.
      Possible values:
      • STATE_UNSPECIFIED - Default value. This value is unused.
      • ACTIVE - Ingestion is active.
      • CONFLUENT_CLOUD_PERMISSION_DENIED - Permission denied encountered while consuming data from Confluent Cloud.
      • PUBLISH_PERMISSION_DENIED - Permission denied encountered while publishing to the topic.
      • UNREACHABLE_BOOTSTRAP_SERVER - The provided bootstrap server address is unreachable.
      • CLUSTER_NOT_FOUND - The provided cluster wasn’t found.
      • TOPIC_NOT_FOUND - The provided topic wasn’t found.
    • topic
      Type: STRING
      Provider name: topic
      Description: Required. The name of the topic in the Confluent Cloud cluster that Pub/Sub will import from.
  • platform_logs_settings
    Type: STRUCT
    Provider name: platformLogsSettings
    Description: Optional. Platform Logs settings. If unset, no Platform Logs will be generated.
    • severity
      Type: STRING
      Provider name: severity
      Description: Optional. The minimum severity level of Platform Logs that will be written.
      Possible values:
      • SEVERITY_UNSPECIFIED - Default value. Logs level is unspecified. Logs will be disabled.
      • DISABLED - Logs will be disabled.
      • DEBUG - Debug logs and higher-severity logs will be written.
      • INFO - Info logs and higher-severity logs will be written.
      • WARNING - Warning logs and higher-severity logs will be written.
      • ERROR - Only error logs will be written.

kms_key_name

Type: STRING
Provider name: kmsKeyName
Description: Optional. The resource name of the Cloud KMS CryptoKey to be used to protect access to messages published on this topic. The expected format is projects/*/locations/*/keyRings/*/cryptoKeys/*.

labels

Type: UNORDERED_LIST_STRING

message_retention_duration

Type: STRING
Provider name: messageRetentionDuration
Description: Optional. Indicates the minimum duration to retain a message after it is published to the topic. If this field is set, messages published to the topic in the last message_retention_duration are always available to subscribers. For instance, it allows any attached subscription to seek to a timestamp that is up to message_retention_duration in the past. If this field is not set, message retention is controlled by settings on individual subscriptions. Cannot be more than 31 days or less than 10 minutes.

message_storage_policy

Type: STRUCT
Provider name: messageStoragePolicy
Description: Optional. Policy constraining the set of Google Cloud Platform regions where messages published to the topic may be stored. If not present, then no constraints are in effect.

  • allowed_persistence_regions
    Type: UNORDERED_LIST_STRING
    Provider name: allowedPersistenceRegions
    Description: Optional. A list of IDs of Google Cloud regions where messages that are published to the topic may be persisted in storage. Messages published by publishers running in non-allowed Google Cloud regions (or running outside of Google Cloud altogether) are routed for storage in one of the allowed regions. An empty list means that no regions are allowed, and is not a valid configuration.
  • enforce_in_transit
    Type: BOOLEAN
    Provider name: enforceInTransit
    Description: Optional. If true, allowed_persistence_regions is also used to enforce in-transit guarantees for messages. That is, Pub/Sub will fail Publish operations on this topic and subscribe operations on any subscription attached to this topic in any region that is not in allowed_persistence_regions.

message_transforms

Type: UNORDERED_LIST_STRUCT
Provider name: messageTransforms
Description: Optional. Transforms to be applied to messages published to the topic. Transforms are applied in the order specified.

  • enabled
    Type: BOOLEAN
    Provider name: enabled
    Description: Optional. If set to true, the transform is enabled. If false, the transform is disabled and will not be applied to messages. Defaults to true.
  • javascript_udf
    Type: STRUCT
    Provider name: javascriptUdf
    Description: Optional. JavaScript User Defined Function. If multiple JavaScriptUDF’s are specified on a resource, each must have a unique function_name.
    • code
      Type: STRING
      Provider name: code
      Description: Required. JavaScript code that contains a function function_name with the below signature: /** * Transforms a Pub/Sub message. * @return {(Object)>|null)} - To * filter a message, return `null`. To transform a message return a map * with the following keys: * - (required) 'data' : {string} * - (optional) 'attributes' : {Object} * Returning empty `attributes` will remove all attributes from the * message. * * @param {(Object)>} Pub/Sub * message. Keys: * - (required) 'data' : {string} * - (required) 'attributes' : {Object} * * @param {Object} metadata - Pub/Sub message metadata. * Keys: * - (required) 'message_id' : {string} * - (optional) 'publish_time': {string} YYYY-MM-DDTHH:MM:SSZ format * - (optional) 'ordering_key': {string} */ function (message, metadata) { }
    • function_name
      Type: STRING
      Provider name: functionName
      Description: Required. Name of the JavasScript function that should applied to Pub/Sub messages.

name

Type: STRING
Provider name: name
Description: Required. The name of the topic. It must have the format "projects/{project}/topics/{topic}". {topic} must start with a letter, and contain only letters ([A-Za-z]), numbers ([0-9]), dashes (-), underscores (_), periods (.), tildes (~), plus (+) or percent signs (%). It must be between 3 and 255 characters in length, and it must not start with "goog".

organization_id

Type: STRING

parent

Type: STRING

project_id

Type: STRING

project_number

Type: STRING

resource_name

Type: STRING

satisfies_pzs

Type: BOOLEAN
Provider name: satisfiesPzs
Description: Optional. Reserved for future use. This field is set only in responses from the server; it is ignored if it is set in any requests.

schema_settings

Type: STRUCT
Provider name: schemaSettings
Description: Optional. Settings for validating messages published against a schema.

  • encoding
    Type: STRING
    Provider name: encoding
    Description: Optional. The encoding of messages validated against schema.
    Possible values:
    • ENCODING_UNSPECIFIED - Unspecified
    • JSON - JSON encoding
    • BINARY - Binary encoding, as defined by the schema type. For some schema types, binary encoding may not be available.
  • first_revision_id
    Type: STRING
    Provider name: firstRevisionId
    Description: Optional. The minimum (inclusive) revision allowed for validating messages. If empty or not present, allow any revision to be validated against last_revision or any revision created before.
  • last_revision_id
    Type: STRING
    Provider name: lastRevisionId
    Description: Optional. The maximum (inclusive) revision allowed for validating messages. If empty or not present, allow any revision to be validated against first_revision or any revision created after.
  • schema
    Type: STRING
    Provider name: schema
    Description: Required. The name of the schema that messages published should be validated against. Format is projects/{project}/schemas/{schema}. The value of this field will be _deleted-schema_ if the schema has been deleted.

state

Type: STRING
Provider name: state
Description: Output only. An output-only field indicating the state of the topic.
Possible values:

  • STATE_UNSPECIFIED - Default value. This value is unused.
  • ACTIVE - The topic does not have any persistent errors.
  • INGESTION_RESOURCE_ERROR - Ingestion from the data source has encountered a permanent error. See the more detailed error state in the corresponding ingestion source configuration.

tags

Type: UNORDERED_LIST_STRING

PREVIEWING: brett.blue/embedded-collector-release