@@ -600,6 +600,10 @@ message AllocationPolicy {
600
600
map <string , string > labels = 6 ;
601
601
602
602
// The network policy.
603
+ //
604
+ // If you define an instance template in the InstancePolicyOrTemplate field,
605
+ // Batch will use the network settings in the instance template instead of
606
+ // this field.
603
607
NetworkPolicy network = 7 ;
604
608
605
609
// The placement policy.
@@ -687,6 +691,17 @@ message TaskGroup {
687
691
// When true, Batch will configure SSH to allow passwordless login between
688
692
// VMs running the Batch tasks in the same TaskGroup.
689
693
bool permissive_ssh = 12 ;
694
+
695
+ // Optional. When true, Batch will use the OS Login generated POSIX account to
696
+ // exeucute the runnables instead of the default root user.
697
+ //
698
+ // To control root or non-root privilege for runnable execution, the project \
699
+ // Admin user needs to configure IAM roles according to
700
+ // https://cloud.google.com/compute/docs/oslogin/set-up-oslogin#configure_users.
701
+ // Specifically, if a root execution is needed, the roles/compute.osAdminLogin
702
+ // should be granted to the Batch job submitter. Otherwise,
703
+ // roles/compute.osLogin should be granted to the Batch job submitter.
704
+ bool enable_oslogin = 13 [(google.api.field_behavior ) = OPTIONAL ];
690
705
}
691
706
692
707
// Carries information about a Google Cloud service account.
0 commit comments