Path parameters

• cluster.id string Required

  ID of the cluster.

Responses

• 202 application/json

  Accepted

  Hide response attributes Show response attributes object

  • aws_private_link object

    AWS PrivateLink specification.

    Hide aws_private_link attributes Show aws_private_link attributes object

    • allowed_principals array[string]

      The ARN of the principals that can access Redpanda AWS PrivateLink Endpoint Service. To grant permissions to all principals, use an asterisk (*).

    • connect_console boolean

      Whether Console is connected in Redpanda AWS Private Link Service.

    • enabled boolean

      Whether Redpanda AWS Private Link Endpoint Service is enabled.

    • http_proxy_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

    • kafka_api_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

    • schema_registry_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

  • azure_private_link object
    Hide azure_private_link attributes Show azure_private_link attributes object

    • allowed_subscriptions array[string]

      The subscriptions that can access the Redpanda Azure PrivateLink Endpoint Service.

    • connect_console boolean

      Whether Console is connected in Redpanda Azure Private Link Service.

    • enabled boolean

      Enabled controls if Azure Private Link Endpoint Service is enabled.

    • http_proxy_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

    • kafka_api_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

    • schema_registry_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

  • cloud_provider_tags object

    Tags that are placed on Cloud resources. If the cloud provider is GCP and the name of a tag has the prefix "gcp.network-tag.", the tag is a network tag that will be added to the Redpanda cluster GKE nodes. Otherwise, the tag is a normal tag. For example, if the name of a tag is "gcp.network-tag.network-tag-foo", the network tag named "network-tag-foo" will be added to the Redpanda cluster GKE nodes. Note: The value of a network tag will be ignored. See the official GCP VPC for more details on network tags.

    Hide cloud_provider_tags attribute Show cloud_provider_tags attribute object

    • * string Additional properties
  • cloud_storage object
    Hide cloud_storage attributes Show cloud_storage attributes object

    • aws object
    • azure object
      Hide azure attributes Show azure attributes object

      • allowed_ips array[string]

        List of public IP or IP ranges in CIDR Format.

        • Only IPv4 addresses are allowed.
        • Private IP address ranges as defined in RFC 1918 are not allowed.
        • Private IP address ranges as defined in RFC 6598 are not allowed.
        • Small address ranges using "/31" or "/32" prefix sizes are not supported. These ranges should be configured using individual IP address rules without prefix specified.
        • allowed_ips have no effect on requests originating from the same Azure region as the storage account. Use allowed_subnet_ids to allow same-region requests. Services deployed in the same region as the storage account use private Azure IP addresses for communication. Thus, you cannot allow access to specific Azure services based on their public outbound IP address range.
      • allowed_subnet_ids array[string]

        A list of virtual network subnet ids that are allowed to access the storage account.

    • gcp object
    • skip_destroy boolean
  • cluster_configuration object
    Hide cluster_configuration attribute Show cluster_configuration attribute object

    • custom_properties object
  • customer_managed_resources object
    Hide customer_managed_resources attributes Show customer_managed_resources attributes object

    • aws object

      AWS resources managed by user.

      Hide aws attributes Show aws attributes object

      • redpanda_connect_node_group_instance_profile object

        AWS instance profile.

        Hide redpanda_connect_node_group_instance_profile attribute Show redpanda_connect_node_group_instance_profile attribute object

        • arn string Required

          AWS instance profile ARN.

      • redpanda_connect_security_group object

        Security Group identifies AWS security group.

        Hide redpanda_connect_security_group attribute Show redpanda_connect_security_group attribute object

        • arn string Required

          AWS security group ARN.

    • gcp object

      GCP resources managed by user.

      Hide gcp attributes Show gcp attributes object

      • psc_nat_subnet_name string

        NAT subnet name if GCP Private Service Connect (a.k.a. Private Link) is enabled. If it is used for PSC v1, use psc_v2_nat_subnet_name to set NAT subnet name for PSC v2.

      • psc_v2_nat_subnet_name string

        NAT subnet name for PSC v2 if GCP Private Service Connect (a.k.a. Private Link) is enabled and psc_nat_subnet_name is used for PSC v1.

      • redpanda_connect_api_service_account object

        GCP service account.

        Hide redpanda_connect_api_service_account attribute Show redpanda_connect_api_service_account attribute object

        • email string Required

          GCP service account email.

      • redpanda_connect_service_account object

        GCP service account.

        Hide redpanda_connect_service_account attribute Show redpanda_connect_service_account attribute object

        • email string Required

          GCP service account email.

      • redpanda_operator_service_account object

        GCP service account.

        Hide redpanda_operator_service_account attribute Show redpanda_operator_service_account attribute object

        • email string Required

          GCP service account email.

  • gcp_private_service_connect object
    Hide gcp_private_service_connect attributes Show gcp_private_service_connect attributes object

    • consumer_accept_list array[object]

      List of consumers that are allowed to connect to Redpanda GCP PSC (Private Service Connect) service attachment.

      GCP Private Service Connect consumer specifications.

      Hide consumer_accept_list attribute Show consumer_accept_list attribute object

      • source string

        Either the GCP project number or its alphanumeric ID.

    • enabled boolean

      Whether Redpanda GCP Private Service Connect is enabled.

    • global_access_enabled boolean

      Whether global access is enabled.

    • http_proxy_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

    • kafka_api_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

    • schema_registry_auth_mode string

      Private link authentication mode.

      • PRIVATE_LINK_AUTH_MODE_MATCH: Match the authentication methods configured for the normal API endpoint, i.e. Kafka, HTTP Proxy, or Schema Registry.
      • PRIVATE_LINK_AUTH_MODE_SASL: SASL authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS: mTLS authentication mode only.
      • PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL: Both SASL and mTLS authentication modes.
      • PRIVATE_LINK_AUTH_MODE_NONE: Neither SASL or mTLS is enabled for Private Link.

      Values are PRIVATE_LINK_AUTH_MODE_MATCH, PRIVATE_LINK_AUTH_MODE_SASL, PRIVATE_LINK_AUTH_MODE_MTLS, PRIVATE_LINK_AUTH_MODE_MTLS_AND_SASL, or PRIVATE_LINK_AUTH_MODE_NONE.

  • http_proxy object

    Cluster's HTTP Proxy properties. See Use Redpanda with the HTTP Proxy API and the HTTP Proxy API reference for more information.

    Hide http_proxy attributes Show http_proxy attributes object

    • mtls object

      mTLS configuration.

      Hide mtls attributes Show mtls attributes object

      • ca_certificates_pem array[string]

        CA certificate in PEM format.

      • enabled boolean

        Whether mTLS is enabled.

      • principal_mapping_rules array[string]

        Principal mapping rules for mTLS authentication. Only valid for Kafka API. See the Redpanda documentation on configuring authentication.

    • sasl object
      Hide sasl attribute Show sasl attribute object

      • enabled boolean

        Whether SASL is enabled.

  • id string Required

    ID of the cluster.

  • kafka_api object

    Cluster's Kafka API properties.

    Hide kafka_api attributes Show kafka_api attributes object

    • mtls object

      mTLS configuration.

      Hide mtls attributes Show mtls attributes object

      • ca_certificates_pem array[string]

        CA certificate in PEM format.

      • enabled boolean

        Whether mTLS is enabled.

      • principal_mapping_rules array[string]

        Principal mapping rules for mTLS authentication. Only valid for Kafka API. See the Redpanda documentation on configuring authentication.

    • sasl object
      Hide sasl attribute Show sasl attribute object

      • enabled boolean

        Whether SASL is enabled.

  • kafka_connect object
    Hide kafka_connect attribute Show kafka_connect attribute object

    • enabled boolean
  • maintenance_window_config object

    Resource describing the maintenance window configuration of a cluster.

    Hide maintenance_window_config attributes Show maintenance_window_config attributes object

    • anytime object
    • day_hour object
      Hide day_hour attributes Show day_hour attributes object

      • day_of_week string

        Represents a day of the week.

        • MONDAY: Monday
        • TUESDAY: Tuesday
        • WEDNESDAY: Wednesday
        • THURSDAY: Thursday
        • FRIDAY: Friday
        • SATURDAY: Saturday
        • SUNDAY: Sunday

        Values are MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, or SUNDAY.

      • hour_of_day integer(int32)
    • unspecified object
  • name string

    Unique name of the cluster.

  • read_replica_cluster_ids array[string]

    IDs of clusters which may create read-only topics from this cluster.

  • redpanda_node_count integer(int32)
  • schema_registry object

    Cluster's Schema Registry properties. See the Schema Registry overview and the Schema Registry API reference for more information.

    Hide schema_registry attributes Show schema_registry attributes object

    • mtls object

      mTLS configuration.

      Hide mtls attributes Show mtls attributes object

      • ca_certificates_pem array[string]

        CA certificate in PEM format.

      • enabled boolean

        Whether mTLS is enabled.

      • principal_mapping_rules array[string]

        Principal mapping rules for mTLS authentication. Only valid for Kafka API. See the Redpanda documentation on configuring authentication.

    • sasl object
      Hide sasl attribute Show sasl attribute object

      • enabled boolean

        Whether SASL is enabled.

  • throughput_tier string
• 404 application/json

  Not Found

  Hide response attributes Show response attributes object

  • code string(int32)

    RPC status code, as described here.

    Values are OK, CANCELLED, UNKNOWN, INVALID_ARGUMENT, DEADLINE_EXCEEDED, NOT_FOUND, ALREADY_EXISTS, PERMISSION_DENIED, UNAUTHENTICATED, RESOURCE_EXHAUSTED, FAILED_PRECONDITION, ABORTED, OUT_OF_RANGE, UNIMPLEMENTED, INTERNAL, UNAVAILABLE, or DATA_LOSS.

  • details array[object]

    A list of messages that carries the error details.

    Details of the error.

    Details of the error.

    One of:

    BadRequest object ErrorInfo object QuotaFailure object Help object

    Describes violations in a client request. This error type focuses on the syntactic aspects of the request.

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.BadRequest.

    • field_violations array[object]

      Describes all violations in a client request.

      A message type used to describe a single bad request field.

      Hide field_violations attributes Show field_violations attributes object

      • description string

        A description of why the request element is bad.

      • field string

        A path that leads to a field in the request body. The value will be a sequence of dot-separated identifiers that identify a protocol buffer field.

        Consider the following:

        message CreateContactRequest { message EmailAddress { enum Type { TYPE_UNSPECIFIED = 0; HOME = 1; WORK = 2; }

        optional string email = 1; repeated EmailType type = 2; }

        string full_name = 1; repeated EmailAddress email_addresses = 2; }

        In this example, in proto field could take one of the following values:

        • full_name for a violation in the full_name value
        • email_addresses[1].email for a violation in the email field of the first email_addresses message
        • email_addresses[3].type[2] for a violation in the second type value in the third email_addresses message.

        In JSON, the same values are represented as:

        • fullName for a violation in the fullName value
        • emailAddresses[1].email for a violation in the email field of the first emailAddresses message
        • emailAddresses[3].type[2] for a violation in the second type value in the third emailAddresses message.
      • localized_message object

        Provides a localized error message that is safe to return to the user which can be attached to an RPC error.

        Hide localized_message attributes Show localized_message attributes object

        • locale string
        • message string

          The localized error message in the above locale.

      • reason string

        The reason of the field-level error. This is a constant value that identifies the proximate cause of the field-level error. It should uniquely identify the type of the FieldViolation within the scope of the google.rpc.ErrorInfo.domain. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE.

    Describes the cause of the error with structured details.

    Example of an error when contacting the "pubsub.googleapis.com" API when it is not enabled:

    { "reason": "API_DISABLED" "domain": "googleapis.com" "metadata": { "resource": "projects/123", "service": "pubsub.googleapis.com" } }

    This response indicates that the pubsub.googleapis.com API is not enabled.

    Example of an error that is returned when attempting to create a Spanner instance in a region that is out of stock:

    { "reason": "STOCKOUT" "domain": "spanner.googleapis.com", "metadata": { "availableRegions": "us-central1,us-east2" } }

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.ErrorInfo.

    • domain string

      The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com".

    • metadata object

      Additional structured details about this error.

      Keys must match a regular expression of [a-z][a-zA-Z0-9-_]+ but should ideally be lowerCamelCase. Also, they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request.

      Hide metadata attribute Show metadata attribute object

      • * string Additional properties
    • reason string

      The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE.

    Describes how a quota check failed.

    For example if a daily limit was exceeded for the calling project, a service could respond with a QuotaFailure detail containing the project id and the description of the quota limit that was exceeded. If the calling project hasn't enabled the service in the developer console, then a service could respond with the project id and set service_disabled to true.

    Also see RetryInfo and Help types for other details about handling a quota failure.

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.QuotaFailure.

    • violations array[object]

      Describes all quota violations.

      A message type used to describe a single quota violation. For example, a daily quota or a custom quota that was exceeded.

      Hide violations attributes Show violations attributes object

      • api_service string

        The API Service from which the QuotaFailure.Violation orginates. In some cases, Quota issues originate from an API Service other than the one that was called. In other words, a dependency of the called API Service could be the cause of the QuotaFailure, and this field would have the dependency API service name.

        For example, if the called API is Kubernetes Engine API (container.googleapis.com), and a quota violation occurs in the Kubernetes Engine API itself, this field would be "container.googleapis.com". On the other hand, if the quota violation occurs when the Kubernetes Engine API creates VMs in the Compute Engine API (compute.googleapis.com), this field would be "compute.googleapis.com".

      • description string

        A description of how the quota check failed. Clients can use this description to find more about the quota configuration in the service's public documentation, or find the relevant quota limit to adjust through developer console.

        For example: "Service disabled" or "Daily Limit for read operations exceeded".

      • future_quota_value string(int64) | null

        The new quota value being rolled out at the time of the violation. At the completion of the rollout, this value will be enforced in place of quota_value. If no rollout is in progress at the time of the violation, this field is not set.

        For example, if at the time of the violation a rollout is in progress changing the number of CPUs quota from 10 to 20, 20 would be the value of this field.

      • quota_dimensions object

        The dimensions of the violated quota. Every non-global quota is enforced on a set of dimensions. While quota metric defines what to count, the dimensions specify for what aspects the counter should be increased.

        For example, the quota "CPUs per region per VM family" enforces a limit on the metric "compute.googleapis.com/cpus_per_vm_family" on dimensions "region" and "vm_family". And if the violation occurred in region "us-central1" and for VM family "n1", the quota_dimensions would be,

        { "region": "us-central1", "vm_family": "n1", }

        When a quota is enforced globally, the quota_dimensions would always be empty.

        Hide quota_dimensions attribute Show quota_dimensions attribute object

        • * string Additional properties
      • quota_id string

        The id of the violated quota. Also know as "limit name", this is the unique identifier of a quota in the context of an API service.

        For example, "CPUS-PER-VM-FAMILY-per-project-region".

      • quota_metric string

        The metric of the violated quota. A quota metric is a named counter to measure usage, such as API requests or CPUs. When an activity occurs in a service, such as Virtual Machine allocation, one or more quota metrics may be affected.

        For example, "compute.googleapis.com/cpus_per_vm_family", "storage.googleapis.com/internet_egress_bandwidth".

      • quota_value string(int64)

        The enforced quota value at the time of the QuotaFailure.

        For example, if the enforced quota value at the time of the QuotaFailure on the number of CPUs is "10", then the value of this field would reflect this quantity.

      • subject string

        The subject on which the quota check failed. For example, "clientip:" or "project:".

    Provides links to documentation or for performing an out of band action.

    For example, if a quota check failed with an error indicating the calling project hasn't enabled the accessed service, this can contain a URL pointing directly to the right place in the developer console to flip the bit.

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.Help.

    • links array[object]

      URL(s) pointing to additional information on handling the current error.

      Describes a URL link.

      Hide links attributes Show links attributes object

      • description string

        Describes what the link offers.

      • url string

        The URL of the link.

  • message string

    Detailed error message. No compatibility guarantees are given for the text contained in this message.

• 500 application/json

  Internal Server Error. Please reach out to support.

  Hide response attributes Show response attributes object

  • code string(int32)

    RPC status code, as described here.

    Values are OK, CANCELLED, UNKNOWN, INVALID_ARGUMENT, DEADLINE_EXCEEDED, NOT_FOUND, ALREADY_EXISTS, PERMISSION_DENIED, UNAUTHENTICATED, RESOURCE_EXHAUSTED, FAILED_PRECONDITION, ABORTED, OUT_OF_RANGE, UNIMPLEMENTED, INTERNAL, UNAVAILABLE, or DATA_LOSS.

  • details array[object]

    A list of messages that carries the error details.

    Details of the error.

    Details of the error.

    One of:

    BadRequest object ErrorInfo object QuotaFailure object Help object

    Describes violations in a client request. This error type focuses on the syntactic aspects of the request.

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.BadRequest.

    • field_violations array[object]

      Describes all violations in a client request.

      A message type used to describe a single bad request field.

      Hide field_violations attributes Show field_violations attributes object

      • description string

        A description of why the request element is bad.

      • field string

        A path that leads to a field in the request body. The value will be a sequence of dot-separated identifiers that identify a protocol buffer field.

        Consider the following:

        message CreateContactRequest { message EmailAddress { enum Type { TYPE_UNSPECIFIED = 0; HOME = 1; WORK = 2; }

        optional string email = 1; repeated EmailType type = 2; }

        string full_name = 1; repeated EmailAddress email_addresses = 2; }

        In this example, in proto field could take one of the following values:

        • full_name for a violation in the full_name value
        • email_addresses[1].email for a violation in the email field of the first email_addresses message
        • email_addresses[3].type[2] for a violation in the second type value in the third email_addresses message.

        In JSON, the same values are represented as:

        • fullName for a violation in the fullName value
        • emailAddresses[1].email for a violation in the email field of the first emailAddresses message
        • emailAddresses[3].type[2] for a violation in the second type value in the third emailAddresses message.
      • localized_message object

        Provides a localized error message that is safe to return to the user which can be attached to an RPC error.

        Hide localized_message attributes Show localized_message attributes object

        • locale string
        • message string

          The localized error message in the above locale.

      • reason string

        The reason of the field-level error. This is a constant value that identifies the proximate cause of the field-level error. It should uniquely identify the type of the FieldViolation within the scope of the google.rpc.ErrorInfo.domain. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE.

    Describes the cause of the error with structured details.

    Example of an error when contacting the "pubsub.googleapis.com" API when it is not enabled:

    { "reason": "API_DISABLED" "domain": "googleapis.com" "metadata": { "resource": "projects/123", "service": "pubsub.googleapis.com" } }

    This response indicates that the pubsub.googleapis.com API is not enabled.

    Example of an error that is returned when attempting to create a Spanner instance in a region that is out of stock:

    { "reason": "STOCKOUT" "domain": "spanner.googleapis.com", "metadata": { "availableRegions": "us-central1,us-east2" } }

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.ErrorInfo.

    • domain string

      The logical grouping to which the "reason" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: "pubsub.googleapis.com". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is "googleapis.com".

    • metadata object

      Additional structured details about this error.

      Keys must match a regular expression of [a-z][a-zA-Z0-9-_]+ but should ideally be lowerCamelCase. Also, they must be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {"instanceLimit": "100/request"}, should be returned as, {"instanceLimitPerRequest": "100"}, if the client exceeds the number of instances that can be created in a single (batch) request.

      Hide metadata attribute Show metadata attribute object

      • * string Additional properties
    • reason string

      The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of [A-Z][A-Z0-9_]+[A-Z0-9], which represents UPPER_SNAKE_CASE.

    Describes how a quota check failed.

    For example if a daily limit was exceeded for the calling project, a service could respond with a QuotaFailure detail containing the project id and the description of the quota limit that was exceeded. If the calling project hasn't enabled the service in the developer console, then a service could respond with the project id and set service_disabled to true.

    Also see RetryInfo and Help types for other details about handling a quota failure.

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.QuotaFailure.

    • violations array[object]

      Describes all quota violations.

      A message type used to describe a single quota violation. For example, a daily quota or a custom quota that was exceeded.

      Hide violations attributes Show violations attributes object

      • api_service string

        The API Service from which the QuotaFailure.Violation orginates. In some cases, Quota issues originate from an API Service other than the one that was called. In other words, a dependency of the called API Service could be the cause of the QuotaFailure, and this field would have the dependency API service name.

        For example, if the called API is Kubernetes Engine API (container.googleapis.com), and a quota violation occurs in the Kubernetes Engine API itself, this field would be "container.googleapis.com". On the other hand, if the quota violation occurs when the Kubernetes Engine API creates VMs in the Compute Engine API (compute.googleapis.com), this field would be "compute.googleapis.com".

      • description string

        A description of how the quota check failed. Clients can use this description to find more about the quota configuration in the service's public documentation, or find the relevant quota limit to adjust through developer console.

        For example: "Service disabled" or "Daily Limit for read operations exceeded".

      • future_quota_value string(int64) | null

        The new quota value being rolled out at the time of the violation. At the completion of the rollout, this value will be enforced in place of quota_value. If no rollout is in progress at the time of the violation, this field is not set.

        For example, if at the time of the violation a rollout is in progress changing the number of CPUs quota from 10 to 20, 20 would be the value of this field.

      • quota_dimensions object

        The dimensions of the violated quota. Every non-global quota is enforced on a set of dimensions. While quota metric defines what to count, the dimensions specify for what aspects the counter should be increased.

        For example, the quota "CPUs per region per VM family" enforces a limit on the metric "compute.googleapis.com/cpus_per_vm_family" on dimensions "region" and "vm_family". And if the violation occurred in region "us-central1" and for VM family "n1", the quota_dimensions would be,

        { "region": "us-central1", "vm_family": "n1", }

        When a quota is enforced globally, the quota_dimensions would always be empty.

        Hide quota_dimensions attribute Show quota_dimensions attribute object

        • * string Additional properties
      • quota_id string

        The id of the violated quota. Also know as "limit name", this is the unique identifier of a quota in the context of an API service.

        For example, "CPUS-PER-VM-FAMILY-per-project-region".

      • quota_metric string

        The metric of the violated quota. A quota metric is a named counter to measure usage, such as API requests or CPUs. When an activity occurs in a service, such as Virtual Machine allocation, one or more quota metrics may be affected.

        For example, "compute.googleapis.com/cpus_per_vm_family", "storage.googleapis.com/internet_egress_bandwidth".

      • quota_value string(int64)

        The enforced quota value at the time of the QuotaFailure.

        For example, if the enforced quota value at the time of the QuotaFailure on the number of CPUs is "10", then the value of this field would reflect this quantity.

      • subject string

        The subject on which the quota check failed. For example, "clientip:" or "project:".

    Provides links to documentation or for performing an out of band action.

    For example, if a quota check failed with an error indicating the calling project hasn't enabled the accessed service, this can contain a URL pointing directly to the right place in the developer console to flip the bit.

    Hide attributes Show attributes

    • @type string

      Fully qualified protobuf type name of the underlying response, prefixed with type.googleapis.com/.

      Value is type.googleapis.com/google.rpc.Help.

    • links array[object]

      URL(s) pointing to additional information on handling the current error.

      Describes a URL link.

      Hide links attributes Show links attributes object

      • description string

        Describes what the link offers.

      • url string

        The URL of the link.

  • message string

    Detailed error message. No compatibility guarantees are given for the text contained in this message.