google-apis-cloudasset_v1 0.18.0 → 0.22.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/OVERVIEW.md +2 -2
- data/lib/google/apis/cloudasset_v1/classes.rb +274 -125
- data/lib/google/apis/cloudasset_v1/gem_version.rb +2 -2
- data/lib/google/apis/cloudasset_v1/representations.rb +52 -0
- data/lib/google/apis/cloudasset_v1/service.rb +226 -12
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3ce8dfe25ab46886cb08e2987553321a3c3ae82229825c8d656dfb7f66817210
|
4
|
+
data.tar.gz: 206d02c703103ce073e5e76a0c23a8c69c8000dbb87844c71afdc5d8e421137f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a5cf7ab8a7ab3d720cf321e91fac7f06bab64be6768bf8687f7a91e3a4078b9848f831293832fd5da005448340a370acb2d2cc3ef8d93d7d0800ed0ad123b077
|
7
|
+
data.tar.gz: e07a0c2257d4eec90730e322a05199b887a84f1d76083bc07bb8b01e887a91a8548da2f763d807782a1d60fe303ea7e57804e4c366657ca83576f070735251b2
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,21 @@
|
|
1
1
|
# Release history for google-apis-cloudasset_v1
|
2
2
|
|
3
|
+
### v0.22.0 (2021-12-02)
|
4
|
+
|
5
|
+
* Regenerated from discovery document revision 20211125
|
6
|
+
|
7
|
+
### v0.21.0 (2021-11-10)
|
8
|
+
|
9
|
+
* Regenerated from discovery document revision 20211105
|
10
|
+
|
11
|
+
### v0.20.0 (2021-10-27)
|
12
|
+
|
13
|
+
* Regenerated from discovery document revision 20211022
|
14
|
+
|
15
|
+
### v0.19.0 (2021-09-29)
|
16
|
+
|
17
|
+
* Regenerated from discovery document revision 20210924
|
18
|
+
|
3
19
|
### v0.18.0 (2021-09-15)
|
4
20
|
|
5
21
|
* Regenerated from discovery document revision 20210910
|
data/OVERVIEW.md
CHANGED
@@ -60,8 +60,8 @@ See the class reference docs for information on the methods you can call from a
|
|
60
60
|
|
61
61
|
More detailed descriptions of the Google simple REST clients are available in two documents.
|
62
62
|
|
63
|
-
* The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/
|
64
|
-
* The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/
|
63
|
+
* The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/usage-guide.md) discusses how to make API calls, how to use the provided data structures, and how to work the various features of the client library, including media upload and download, error handling, retries, pagination, and logging.
|
64
|
+
* The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/auth-guide.md) discusses authentication in the client libraries, including API keys, OAuth 2.0, service accounts, and environment variables.
|
65
65
|
|
66
66
|
(Note: the above documents are written for the simple REST clients in general, and their examples may not reflect the Cloudasset service in particular.)
|
67
67
|
|
@@ -74,7 +74,7 @@ module Google
|
|
74
74
|
class AnalyzeIamPolicyLongrunningRequest
|
75
75
|
include Google::Apis::Core::Hashable
|
76
76
|
|
77
|
-
#
|
77
|
+
# IAM policy analysis query message.
|
78
78
|
# Corresponds to the JSON property `analysisQuery`
|
79
79
|
# @return [Google::Apis::CloudassetV1::IamPolicyAnalysisQuery]
|
80
80
|
attr_accessor :analysis_query
|
@@ -84,6 +84,21 @@ module Google
|
|
84
84
|
# @return [Google::Apis::CloudassetV1::IamPolicyAnalysisOutputConfig]
|
85
85
|
attr_accessor :output_config
|
86
86
|
|
87
|
+
# Optional. The name of a saved query, which must be in the format of: *
|
88
|
+
# projects/project_number/savedQueries/saved_query_id * folders/folder_number/
|
89
|
+
# savedQueries/saved_query_id * organizations/organization_number/savedQueries/
|
90
|
+
# saved_query_id If both `analysis_query` and `saved_analysis_query` are
|
91
|
+
# provided, they will be merged together with the `saved_analysis_query` as base
|
92
|
+
# and the `analysis_query` as overrides. For more details of the merge behavior,
|
93
|
+
# please refer to the [MergeFrom](https://developers.google.com/protocol-buffers/
|
94
|
+
# docs/reference/cpp/google.protobuf.message#Message.MergeFrom.details) doc.
|
95
|
+
# Note that you cannot override primitive fields with default value, such as 0
|
96
|
+
# or empty string, etc., because we use proto3, which doesn't support field
|
97
|
+
# presence yet.
|
98
|
+
# Corresponds to the JSON property `savedAnalysisQuery`
|
99
|
+
# @return [String]
|
100
|
+
attr_accessor :saved_analysis_query
|
101
|
+
|
87
102
|
def initialize(**args)
|
88
103
|
update!(**args)
|
89
104
|
end
|
@@ -92,6 +107,7 @@ module Google
|
|
92
107
|
def update!(**args)
|
93
108
|
@analysis_query = args[:analysis_query] if args.key?(:analysis_query)
|
94
109
|
@output_config = args[:output_config] if args.key?(:output_config)
|
110
|
+
@saved_analysis_query = args[:saved_analysis_query] if args.key?(:saved_analysis_query)
|
95
111
|
end
|
96
112
|
end
|
97
113
|
|
@@ -208,31 +224,31 @@ module Google
|
|
208
224
|
|
209
225
|
# An Identity and Access Management (IAM) policy, which specifies access
|
210
226
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
211
|
-
# A `binding` binds one or more `members
|
212
|
-
# user accounts, service accounts, Google groups, and domains (
|
213
|
-
# A `role` is a named list of permissions; each `role` can be
|
214
|
-
# role or a user-created custom role. For some types of Google
|
215
|
-
# a `binding` can also specify a `condition`, which is a
|
216
|
-
# allows access to a resource only if the expression
|
217
|
-
# condition can add constraints based on attributes of
|
218
|
-
# or both. To learn which resources support
|
219
|
-
# see the [IAM documentation](https://cloud.
|
220
|
-
# resource-policies). **JSON example:** ` "
|
221
|
-
# resourcemanager.organizationAdmin", "members": [
|
222
|
-
# group:admins@example.com", "domain:google.com", "
|
223
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
224
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
225
|
-
# title": "expirable access", "description": "Does not grant
|
226
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
227
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
228
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
229
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
230
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
231
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
232
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
233
|
-
# timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
234
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
235
|
-
# google.com/iam/docs/).
|
227
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
228
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
229
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
230
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
231
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
232
|
+
# logical expression that allows access to a resource only if the expression
|
233
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
234
|
+
# the request, the resource, or both. To learn which resources support
|
235
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
236
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
237
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
238
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
239
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
240
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
241
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
242
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
243
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
244
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
245
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
246
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
247
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
248
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
249
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
250
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
251
|
+
# cloud.google.com/iam/docs/).
|
236
252
|
# Corresponds to the JSON property `iamPolicy`
|
237
253
|
# @return [Google::Apis::CloudassetV1::Policy]
|
238
254
|
attr_accessor :iam_policy
|
@@ -504,7 +520,7 @@ module Google
|
|
504
520
|
end
|
505
521
|
end
|
506
522
|
|
507
|
-
# Associates `members
|
523
|
+
# Associates `members`, or principals, with a `role`.
|
508
524
|
class Binding
|
509
525
|
include Google::Apis::Core::Hashable
|
510
526
|
|
@@ -527,7 +543,7 @@ module Google
|
|
527
543
|
# @return [Google::Apis::CloudassetV1::Expr]
|
528
544
|
attr_accessor :condition
|
529
545
|
|
530
|
-
# Specifies the
|
546
|
+
# Specifies the principals requesting access for a Cloud Platform resource. `
|
531
547
|
# members` can have the following values: * `allUsers`: A special identifier
|
532
548
|
# that represents anyone who is on the internet; with or without a Google
|
533
549
|
# account. * `allAuthenticatedUsers`: A special identifier that represents
|
@@ -557,8 +573,8 @@ module Google
|
|
557
573
|
# @return [Array<String>]
|
558
574
|
attr_accessor :members
|
559
575
|
|
560
|
-
# Role that is assigned to `members
|
561
|
-
#
|
576
|
+
# Role that is assigned to the list of `members`, or principals. For example, `
|
577
|
+
# roles/viewer`, `roles/editor`, or `roles/owner`.
|
562
578
|
# Corresponds to the JSON property `role`
|
563
579
|
# @return [String]
|
564
580
|
attr_accessor :role
|
@@ -1322,31 +1338,31 @@ module Google
|
|
1322
1338
|
|
1323
1339
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1324
1340
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
1325
|
-
# A `binding` binds one or more `members
|
1326
|
-
# user accounts, service accounts, Google groups, and domains (
|
1327
|
-
# A `role` is a named list of permissions; each `role` can be
|
1328
|
-
# role or a user-created custom role. For some types of Google
|
1329
|
-
# a `binding` can also specify a `condition`, which is a
|
1330
|
-
# allows access to a resource only if the expression
|
1331
|
-
# condition can add constraints based on attributes of
|
1332
|
-
# or both. To learn which resources support
|
1333
|
-
# see the [IAM documentation](https://cloud.
|
1334
|
-
# resource-policies). **JSON example:** ` "
|
1335
|
-
# resourcemanager.organizationAdmin", "members": [
|
1336
|
-
# group:admins@example.com", "domain:google.com", "
|
1337
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
1338
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
1339
|
-
# title": "expirable access", "description": "Does not grant
|
1340
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1341
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1342
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
1343
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1344
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
1345
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
1346
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
1347
|
-
# timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
1348
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
1349
|
-
# google.com/iam/docs/).
|
1341
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
1342
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
1343
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
1344
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
1345
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
1346
|
+
# logical expression that allows access to a resource only if the expression
|
1347
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
1348
|
+
# the request, the resource, or both. To learn which resources support
|
1349
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
1350
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
1351
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
1352
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
1353
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
1354
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
1355
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
1356
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1357
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1358
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
1359
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1360
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
1361
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
1362
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
1363
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
1364
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
1365
|
+
# cloud.google.com/iam/docs/).
|
1350
1366
|
# Corresponds to the JSON property `iamPolicy`
|
1351
1367
|
# @return [Google::Apis::CloudassetV1::Policy]
|
1352
1368
|
attr_accessor :iam_policy
|
@@ -1954,6 +1970,21 @@ module Google
|
|
1954
1970
|
# @return [String]
|
1955
1971
|
attr_accessor :parent
|
1956
1972
|
|
1973
|
+
# The scopes of a policy define which resources an ACM policy can restrict, and
|
1974
|
+
# where ACM resources can be referenced. For example, a policy with scopes=["
|
1975
|
+
# folders/123"] has the following behavior: - vpcsc perimeters can only restrict
|
1976
|
+
# projects within folders/123 - access levels can only be referenced by
|
1977
|
+
# resources within folders/123. If empty, there are no limitations on which
|
1978
|
+
# resources can be restricted by an ACM policy, and there are no limitations on
|
1979
|
+
# where ACM resources can be referenced. Only one policy can include a given
|
1980
|
+
# scope (attempting to create a second policy which includes "folders/123" will
|
1981
|
+
# result in an error). Currently, scopes cannot be modified after a policy is
|
1982
|
+
# created. Currently, policies can only have a single scope. Format: list of `
|
1983
|
+
# folders/`folder_number`` or `projects/`project_number``
|
1984
|
+
# Corresponds to the JSON property `scopes`
|
1985
|
+
# @return [Array<String>]
|
1986
|
+
attr_accessor :scopes
|
1987
|
+
|
1957
1988
|
# Required. Human readable title. Does not affect behavior.
|
1958
1989
|
# Corresponds to the JSON property `title`
|
1959
1990
|
# @return [String]
|
@@ -1968,6 +1999,7 @@ module Google
|
|
1968
1999
|
@etag = args[:etag] if args.key?(:etag)
|
1969
2000
|
@name = args[:name] if args.key?(:name)
|
1970
2001
|
@parent = args[:parent] if args.key?(:parent)
|
2002
|
+
@scopes = args[:scopes] if args.key?(:scopes)
|
1971
2003
|
@title = args[:title] if args.key?(:title)
|
1972
2004
|
end
|
1973
2005
|
end
|
@@ -2706,7 +2738,7 @@ module Google
|
|
2706
2738
|
class IamPolicyAnalysis
|
2707
2739
|
include Google::Apis::Core::Hashable
|
2708
2740
|
|
2709
|
-
#
|
2741
|
+
# IAM policy analysis query message.
|
2710
2742
|
# Corresponds to the JSON property `analysisQuery`
|
2711
2743
|
# @return [Google::Apis::CloudassetV1::IamPolicyAnalysisQuery]
|
2712
2744
|
attr_accessor :analysis_query
|
@@ -2767,7 +2799,7 @@ module Google
|
|
2767
2799
|
end
|
2768
2800
|
end
|
2769
2801
|
|
2770
|
-
#
|
2802
|
+
# IAM policy analysis query message.
|
2771
2803
|
class IamPolicyAnalysisQuery
|
2772
2804
|
include Google::Apis::Core::Hashable
|
2773
2805
|
|
@@ -2854,7 +2886,7 @@ module Google
|
|
2854
2886
|
attr_accessor :fully_explored
|
2855
2887
|
alias_method :fully_explored?, :fully_explored
|
2856
2888
|
|
2857
|
-
# Associates `members
|
2889
|
+
# Associates `members`, or principals, with a `role`.
|
2858
2890
|
# Corresponds to the JSON property `iamBinding`
|
2859
2891
|
# @return [Google::Apis::CloudassetV1::Binding]
|
2860
2892
|
attr_accessor :iam_binding
|
@@ -2944,31 +2976,31 @@ module Google
|
|
2944
2976
|
|
2945
2977
|
# An Identity and Access Management (IAM) policy, which specifies access
|
2946
2978
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
2947
|
-
# A `binding` binds one or more `members
|
2948
|
-
# user accounts, service accounts, Google groups, and domains (
|
2949
|
-
# A `role` is a named list of permissions; each `role` can be
|
2950
|
-
# role or a user-created custom role. For some types of Google
|
2951
|
-
# a `binding` can also specify a `condition`, which is a
|
2952
|
-
# allows access to a resource only if the expression
|
2953
|
-
# condition can add constraints based on attributes of
|
2954
|
-
# or both. To learn which resources support
|
2955
|
-
# see the [IAM documentation](https://cloud.
|
2956
|
-
# resource-policies). **JSON example:** ` "
|
2957
|
-
# resourcemanager.organizationAdmin", "members": [
|
2958
|
-
# group:admins@example.com", "domain:google.com", "
|
2959
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
2960
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
2961
|
-
# title": "expirable access", "description": "Does not grant
|
2962
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
2963
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
2964
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
2965
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
2966
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
2967
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
2968
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
2969
|
-
# timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
2970
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
2971
|
-
# google.com/iam/docs/).
|
2979
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
2980
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
2981
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
2982
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
2983
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
2984
|
+
# logical expression that allows access to a resource only if the expression
|
2985
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
2986
|
+
# the request, the resource, or both. To learn which resources support
|
2987
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
2988
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
2989
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
2990
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
2991
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
2992
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
2993
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
2994
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
2995
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
2996
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
2997
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
2998
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
2999
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
3000
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
3001
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
3002
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
3003
|
+
# cloud.google.com/iam/docs/).
|
2972
3004
|
# Corresponds to the JSON property `policy`
|
2973
3005
|
# @return [Google::Apis::CloudassetV1::Policy]
|
2974
3006
|
attr_accessor :policy
|
@@ -3015,8 +3047,8 @@ module Google
|
|
3015
3047
|
class IdentitySelector
|
3016
3048
|
include Google::Apis::Core::Hashable
|
3017
3049
|
|
3018
|
-
# Required. The identity appear in the form of
|
3019
|
-
# https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of
|
3050
|
+
# Required. The identity appear in the form of principals in [IAM policy binding]
|
3051
|
+
# (https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of
|
3020
3052
|
# supported forms are: "user:mike@example.com", "group:admins@example.com", "
|
3021
3053
|
# domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com".
|
3022
3054
|
# Notice that wildcard characters (such as * and ?) are not supported. You must
|
@@ -3186,6 +3218,32 @@ module Google
|
|
3186
3218
|
end
|
3187
3219
|
end
|
3188
3220
|
|
3221
|
+
# Response of listing saved queries.
|
3222
|
+
class ListSavedQueriesResponse
|
3223
|
+
include Google::Apis::Core::Hashable
|
3224
|
+
|
3225
|
+
# A token, which can be sent as `page_token` to retrieve the next page. If this
|
3226
|
+
# field is omitted, there are no subsequent pages.
|
3227
|
+
# Corresponds to the JSON property `nextPageToken`
|
3228
|
+
# @return [String]
|
3229
|
+
attr_accessor :next_page_token
|
3230
|
+
|
3231
|
+
# A list of savedQueries.
|
3232
|
+
# Corresponds to the JSON property `savedQueries`
|
3233
|
+
# @return [Array<Google::Apis::CloudassetV1::SavedQuery>]
|
3234
|
+
attr_accessor :saved_queries
|
3235
|
+
|
3236
|
+
def initialize(**args)
|
3237
|
+
update!(**args)
|
3238
|
+
end
|
3239
|
+
|
3240
|
+
# Update properties of this object
|
3241
|
+
def update!(**args)
|
3242
|
+
@next_page_token = args[:next_page_token] if args.key?(:next_page_token)
|
3243
|
+
@saved_queries = args[:saved_queries] if args.key?(:saved_queries)
|
3244
|
+
end
|
3245
|
+
end
|
3246
|
+
|
3189
3247
|
# A message to group the analysis information.
|
3190
3248
|
class MoveAnalysis
|
3191
3249
|
include Google::Apis::Core::Hashable
|
@@ -3395,15 +3453,16 @@ module Google
|
|
3395
3453
|
attr_accessor :expand_roles
|
3396
3454
|
alias_method :expand_roles?, :expand_roles
|
3397
3455
|
|
3398
|
-
# Optional. If true, the result will output
|
3399
|
-
#
|
3456
|
+
# Optional. If true, the result will output the relevant membership
|
3457
|
+
# relationships between groups and other groups, and between groups and
|
3458
|
+
# principals. Default is false.
|
3400
3459
|
# Corresponds to the JSON property `outputGroupEdges`
|
3401
3460
|
# @return [Boolean]
|
3402
3461
|
attr_accessor :output_group_edges
|
3403
3462
|
alias_method :output_group_edges?, :output_group_edges
|
3404
3463
|
|
3405
|
-
# Optional. If true, the result will output
|
3406
|
-
#
|
3464
|
+
# Optional. If true, the result will output the relevant parent/child
|
3465
|
+
# relationships between resources. Default is false.
|
3407
3466
|
# Corresponds to the JSON property `outputResourceEdges`
|
3408
3467
|
# @return [Boolean]
|
3409
3468
|
attr_accessor :output_resource_edges
|
@@ -3551,31 +3610,31 @@ module Google
|
|
3551
3610
|
|
3552
3611
|
# An Identity and Access Management (IAM) policy, which specifies access
|
3553
3612
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
3554
|
-
# A `binding` binds one or more `members
|
3555
|
-
# user accounts, service accounts, Google groups, and domains (
|
3556
|
-
# A `role` is a named list of permissions; each `role` can be
|
3557
|
-
# role or a user-created custom role. For some types of Google
|
3558
|
-
# a `binding` can also specify a `condition`, which is a
|
3559
|
-
# allows access to a resource only if the expression
|
3560
|
-
# condition can add constraints based on attributes of
|
3561
|
-
# or both. To learn which resources support
|
3562
|
-
# see the [IAM documentation](https://cloud.
|
3563
|
-
# resource-policies). **JSON example:** ` "
|
3564
|
-
# resourcemanager.organizationAdmin", "members": [
|
3565
|
-
# group:admins@example.com", "domain:google.com", "
|
3566
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
3567
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
3568
|
-
# title": "expirable access", "description": "Does not grant
|
3569
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
3570
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
3571
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
3572
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
3573
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
3574
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
3575
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
3576
|
-
# timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
3577
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
3578
|
-
# google.com/iam/docs/).
|
3613
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
3614
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
3615
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
3616
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
3617
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
3618
|
+
# logical expression that allows access to a resource only if the expression
|
3619
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
3620
|
+
# the request, the resource, or both. To learn which resources support
|
3621
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
3622
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
3623
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
3624
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
3625
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
3626
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
3627
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
3628
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
3629
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
3630
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
3631
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
3632
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
3633
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
3634
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
3635
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
3636
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
3637
|
+
# cloud.google.com/iam/docs/).
|
3579
3638
|
class Policy
|
3580
3639
|
include Google::Apis::Core::Hashable
|
3581
3640
|
|
@@ -3584,9 +3643,14 @@ module Google
|
|
3584
3643
|
# @return [Array<Google::Apis::CloudassetV1::AuditConfig>]
|
3585
3644
|
attr_accessor :audit_configs
|
3586
3645
|
|
3587
|
-
# Associates a list of `members
|
3588
|
-
# condition` that determines how and when the `bindings` are applied.
|
3589
|
-
# the `bindings` must contain at least one
|
3646
|
+
# Associates a list of `members`, or principals, with a `role`. Optionally, may
|
3647
|
+
# specify a `condition` that determines how and when the `bindings` are applied.
|
3648
|
+
# Each of the `bindings` must contain at least one principal. The `bindings` in
|
3649
|
+
# a `Policy` can refer to up to 1,500 principals; up to 250 of these principals
|
3650
|
+
# can be Google groups. Each occurrence of a principal counts towards these
|
3651
|
+
# limits. For example, if the `bindings` grant 50 different roles to `user:alice@
|
3652
|
+
# example.com`, and not to any other principal, then you can add another 1,450
|
3653
|
+
# principals to the `bindings` in the `Policy`.
|
3590
3654
|
# Corresponds to the JSON property `bindings`
|
3591
3655
|
# @return [Array<Google::Apis::CloudassetV1::Binding>]
|
3592
3656
|
attr_accessor :bindings
|
@@ -3659,6 +3723,25 @@ module Google
|
|
3659
3723
|
end
|
3660
3724
|
end
|
3661
3725
|
|
3726
|
+
# The query content.
|
3727
|
+
class QueryContent
|
3728
|
+
include Google::Apis::Core::Hashable
|
3729
|
+
|
3730
|
+
# IAM policy analysis query message.
|
3731
|
+
# Corresponds to the JSON property `iamPolicyAnalysisQuery`
|
3732
|
+
# @return [Google::Apis::CloudassetV1::IamPolicyAnalysisQuery]
|
3733
|
+
attr_accessor :iam_policy_analysis_query
|
3734
|
+
|
3735
|
+
def initialize(**args)
|
3736
|
+
update!(**args)
|
3737
|
+
end
|
3738
|
+
|
3739
|
+
# Update properties of this object
|
3740
|
+
def update!(**args)
|
3741
|
+
@iam_policy_analysis_query = args[:iam_policy_analysis_query] if args.key?(:iam_policy_analysis_query)
|
3742
|
+
end
|
3743
|
+
end
|
3744
|
+
|
3662
3745
|
# An asset identifier in Google Cloud which contains its name, type and
|
3663
3746
|
# ancestors. An asset can be any resource in the Google Cloud [resource
|
3664
3747
|
# hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-
|
@@ -4144,6 +4227,74 @@ module Google
|
|
4144
4227
|
end
|
4145
4228
|
end
|
4146
4229
|
|
4230
|
+
# A saved query which can be shared with others or used later.
|
4231
|
+
class SavedQuery
|
4232
|
+
include Google::Apis::Core::Hashable
|
4233
|
+
|
4234
|
+
# The query content.
|
4235
|
+
# Corresponds to the JSON property `content`
|
4236
|
+
# @return [Google::Apis::CloudassetV1::QueryContent]
|
4237
|
+
attr_accessor :content
|
4238
|
+
|
4239
|
+
# Output only. The create time of this saved query.
|
4240
|
+
# Corresponds to the JSON property `createTime`
|
4241
|
+
# @return [String]
|
4242
|
+
attr_accessor :create_time
|
4243
|
+
|
4244
|
+
# Output only. The account's email address who has created this saved query.
|
4245
|
+
# Corresponds to the JSON property `creator`
|
4246
|
+
# @return [String]
|
4247
|
+
attr_accessor :creator
|
4248
|
+
|
4249
|
+
# The description of this saved query. This value should be fewer than 255
|
4250
|
+
# characters.
|
4251
|
+
# Corresponds to the JSON property `description`
|
4252
|
+
# @return [String]
|
4253
|
+
attr_accessor :description
|
4254
|
+
|
4255
|
+
# Labels applied on the resource. This value should not contain more than 10
|
4256
|
+
# entries. The key and value of each entry must be non-empty and fewer than 64
|
4257
|
+
# characters.
|
4258
|
+
# Corresponds to the JSON property `labels`
|
4259
|
+
# @return [Hash<String,String>]
|
4260
|
+
attr_accessor :labels
|
4261
|
+
|
4262
|
+
# Output only. The last update time of this saved query.
|
4263
|
+
# Corresponds to the JSON property `lastUpdateTime`
|
4264
|
+
# @return [String]
|
4265
|
+
attr_accessor :last_update_time
|
4266
|
+
|
4267
|
+
# Output only. The account's email address who has updated this saved query most
|
4268
|
+
# recently.
|
4269
|
+
# Corresponds to the JSON property `lastUpdater`
|
4270
|
+
# @return [String]
|
4271
|
+
attr_accessor :last_updater
|
4272
|
+
|
4273
|
+
# The resource name of the saved query. The format must be: * projects/
|
4274
|
+
# project_number/savedQueries/saved_query_id * folders/folder_number/
|
4275
|
+
# savedQueries/saved_query_id * organizations/organization_number/savedQueries/
|
4276
|
+
# saved_query_id
|
4277
|
+
# Corresponds to the JSON property `name`
|
4278
|
+
# @return [String]
|
4279
|
+
attr_accessor :name
|
4280
|
+
|
4281
|
+
def initialize(**args)
|
4282
|
+
update!(**args)
|
4283
|
+
end
|
4284
|
+
|
4285
|
+
# Update properties of this object
|
4286
|
+
def update!(**args)
|
4287
|
+
@content = args[:content] if args.key?(:content)
|
4288
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
4289
|
+
@creator = args[:creator] if args.key?(:creator)
|
4290
|
+
@description = args[:description] if args.key?(:description)
|
4291
|
+
@labels = args[:labels] if args.key?(:labels)
|
4292
|
+
@last_update_time = args[:last_update_time] if args.key?(:last_update_time)
|
4293
|
+
@last_updater = args[:last_updater] if args.key?(:last_updater)
|
4294
|
+
@name = args[:name] if args.key?(:name)
|
4295
|
+
end
|
4296
|
+
end
|
4297
|
+
|
4147
4298
|
# Search all IAM policies response.
|
4148
4299
|
class SearchAllIamPoliciesResponse
|
4149
4300
|
include Google::Apis::Core::Hashable
|
@@ -4229,10 +4380,9 @@ module Google
|
|
4229
4380
|
# @return [Google::Apis::CloudassetV1::WindowsQuickFixEngineeringPackage]
|
4230
4381
|
attr_accessor :qfe_package
|
4231
4382
|
|
4232
|
-
# Contains information about a Windows application
|
4233
|
-
# Registry. For more information about these fields, see
|
4234
|
-
#
|
4235
|
-
# windows/win32/msi/uninstall-registry-key)`: class="external" `
|
4383
|
+
# Contains information about a Windows application that is retrieved from the
|
4384
|
+
# Windows Registry. For more information about these fields, see: https://docs.
|
4385
|
+
# microsoft.com/en-us/windows/win32/msi/uninstall-registry-key
|
4236
4386
|
# Corresponds to the JSON property `windowsApplication`
|
4237
4387
|
# @return [Google::Apis::CloudassetV1::WindowsApplication]
|
4238
4388
|
attr_accessor :windows_application
|
@@ -4498,10 +4648,9 @@ module Google
|
|
4498
4648
|
end
|
4499
4649
|
end
|
4500
4650
|
|
4501
|
-
# Contains information about a Windows application
|
4502
|
-
# Registry. For more information about these fields, see
|
4503
|
-
#
|
4504
|
-
# windows/win32/msi/uninstall-registry-key)`: class="external" `
|
4651
|
+
# Contains information about a Windows application that is retrieved from the
|
4652
|
+
# Windows Registry. For more information about these fields, see: https://docs.
|
4653
|
+
# microsoft.com/en-us/windows/win32/msi/uninstall-registry-key
|
4505
4654
|
class WindowsApplication
|
4506
4655
|
include Google::Apis::Core::Hashable
|
4507
4656
|
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module CloudassetV1
|
18
18
|
# Version of the google-apis-cloudasset_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.22.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
22
|
GENERATOR_VERSION = "0.4.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20211125"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
@@ -448,6 +448,12 @@ module Google
|
|
448
448
|
include Google::Apis::Core::JsonObjectSupport
|
449
449
|
end
|
450
450
|
|
451
|
+
class ListSavedQueriesResponse
|
452
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
453
|
+
|
454
|
+
include Google::Apis::Core::JsonObjectSupport
|
455
|
+
end
|
456
|
+
|
451
457
|
class MoveAnalysis
|
452
458
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
453
459
|
|
@@ -514,6 +520,12 @@ module Google
|
|
514
520
|
include Google::Apis::Core::JsonObjectSupport
|
515
521
|
end
|
516
522
|
|
523
|
+
class QueryContent
|
524
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
525
|
+
|
526
|
+
include Google::Apis::Core::JsonObjectSupport
|
527
|
+
end
|
528
|
+
|
517
529
|
class RelatedAsset
|
518
530
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
519
531
|
|
@@ -562,6 +574,12 @@ module Google
|
|
562
574
|
include Google::Apis::Core::JsonObjectSupport
|
563
575
|
end
|
564
576
|
|
577
|
+
class SavedQuery
|
578
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
579
|
+
|
580
|
+
include Google::Apis::Core::JsonObjectSupport
|
581
|
+
end
|
582
|
+
|
565
583
|
class SearchAllIamPoliciesResponse
|
566
584
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
567
585
|
|
@@ -668,6 +686,7 @@ module Google
|
|
668
686
|
|
669
687
|
property :output_config, as: 'outputConfig', class: Google::Apis::CloudassetV1::IamPolicyAnalysisOutputConfig, decorator: Google::Apis::CloudassetV1::IamPolicyAnalysisOutputConfig::Representation
|
670
688
|
|
689
|
+
property :saved_analysis_query, as: 'savedAnalysisQuery'
|
671
690
|
end
|
672
691
|
end
|
673
692
|
|
@@ -1079,6 +1098,7 @@ module Google
|
|
1079
1098
|
property :etag, as: 'etag'
|
1080
1099
|
property :name, as: 'name'
|
1081
1100
|
property :parent, as: 'parent'
|
1101
|
+
collection :scopes, as: 'scopes'
|
1082
1102
|
property :title, as: 'title'
|
1083
1103
|
end
|
1084
1104
|
end
|
@@ -1383,6 +1403,15 @@ module Google
|
|
1383
1403
|
end
|
1384
1404
|
end
|
1385
1405
|
|
1406
|
+
class ListSavedQueriesResponse
|
1407
|
+
# @private
|
1408
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
1409
|
+
property :next_page_token, as: 'nextPageToken'
|
1410
|
+
collection :saved_queries, as: 'savedQueries', class: Google::Apis::CloudassetV1::SavedQuery, decorator: Google::Apis::CloudassetV1::SavedQuery::Representation
|
1411
|
+
|
1412
|
+
end
|
1413
|
+
end
|
1414
|
+
|
1386
1415
|
class MoveAnalysis
|
1387
1416
|
# @private
|
1388
1417
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -1492,6 +1521,14 @@ module Google
|
|
1492
1521
|
end
|
1493
1522
|
end
|
1494
1523
|
|
1524
|
+
class QueryContent
|
1525
|
+
# @private
|
1526
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
1527
|
+
property :iam_policy_analysis_query, as: 'iamPolicyAnalysisQuery', class: Google::Apis::CloudassetV1::IamPolicyAnalysisQuery, decorator: Google::Apis::CloudassetV1::IamPolicyAnalysisQuery::Representation
|
1528
|
+
|
1529
|
+
end
|
1530
|
+
end
|
1531
|
+
|
1495
1532
|
class RelatedAsset
|
1496
1533
|
# @private
|
1497
1534
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -1586,6 +1623,21 @@ module Google
|
|
1586
1623
|
end
|
1587
1624
|
end
|
1588
1625
|
|
1626
|
+
class SavedQuery
|
1627
|
+
# @private
|
1628
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
1629
|
+
property :content, as: 'content', class: Google::Apis::CloudassetV1::QueryContent, decorator: Google::Apis::CloudassetV1::QueryContent::Representation
|
1630
|
+
|
1631
|
+
property :create_time, as: 'createTime'
|
1632
|
+
property :creator, as: 'creator'
|
1633
|
+
property :description, as: 'description'
|
1634
|
+
hash :labels, as: 'labels'
|
1635
|
+
property :last_update_time, as: 'lastUpdateTime'
|
1636
|
+
property :last_updater, as: 'lastUpdater'
|
1637
|
+
property :name, as: 'name'
|
1638
|
+
end
|
1639
|
+
end
|
1640
|
+
|
1589
1641
|
class SearchAllIamPoliciesResponse
|
1590
1642
|
# @private
|
1591
1643
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -331,6 +331,206 @@ module Google
|
|
331
331
|
execute_or_queue_command(command, &block)
|
332
332
|
end
|
333
333
|
|
334
|
+
# Creates a saved query in a parent project/folder/organization.
|
335
|
+
# @param [String] parent
|
336
|
+
# Required. The name of the project/folder/organization where this saved_query
|
337
|
+
# should be created in. It can only be an organization number (such as "
|
338
|
+
# organizations/123"), a folder number (such as "folders/123"), a project ID (
|
339
|
+
# such as "projects/my-project-id")", or a project number (such as "projects/
|
340
|
+
# 12345").
|
341
|
+
# @param [Google::Apis::CloudassetV1::SavedQuery] saved_query_object
|
342
|
+
# @param [String] saved_query_id
|
343
|
+
# Required. The ID to use for the saved query, which must be unique in the
|
344
|
+
# specified parent. It will become the final component of the saved query's
|
345
|
+
# resource name. This value should be 4-63 characters, and valid characters are /
|
346
|
+
# a-z-/. Notice that this field is required in the saved query creation, and the
|
347
|
+
# `name` field of the `saved_query` will be ignored.
|
348
|
+
# @param [String] fields
|
349
|
+
# Selector specifying which fields to include in a partial response.
|
350
|
+
# @param [String] quota_user
|
351
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
352
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
353
|
+
# @param [Google::Apis::RequestOptions] options
|
354
|
+
# Request-specific options
|
355
|
+
#
|
356
|
+
# @yield [result, err] Result & error if block supplied
|
357
|
+
# @yieldparam result [Google::Apis::CloudassetV1::SavedQuery] parsed result object
|
358
|
+
# @yieldparam err [StandardError] error object if request failed
|
359
|
+
#
|
360
|
+
# @return [Google::Apis::CloudassetV1::SavedQuery]
|
361
|
+
#
|
362
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
363
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
364
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
365
|
+
def create_saved_query(parent, saved_query_object = nil, saved_query_id: nil, fields: nil, quota_user: nil, options: nil, &block)
|
366
|
+
command = make_simple_command(:post, 'v1/{+parent}/savedQueries', options)
|
367
|
+
command.request_representation = Google::Apis::CloudassetV1::SavedQuery::Representation
|
368
|
+
command.request_object = saved_query_object
|
369
|
+
command.response_representation = Google::Apis::CloudassetV1::SavedQuery::Representation
|
370
|
+
command.response_class = Google::Apis::CloudassetV1::SavedQuery
|
371
|
+
command.params['parent'] = parent unless parent.nil?
|
372
|
+
command.query['savedQueryId'] = saved_query_id unless saved_query_id.nil?
|
373
|
+
command.query['fields'] = fields unless fields.nil?
|
374
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
375
|
+
execute_or_queue_command(command, &block)
|
376
|
+
end
|
377
|
+
|
378
|
+
# Deletes a saved query.
|
379
|
+
# @param [String] name
|
380
|
+
# Required. The name of the saved query to delete. It must be in the format of: *
|
381
|
+
# projects/project_number/savedQueries/saved_query_id * folders/folder_number/
|
382
|
+
# savedQueries/saved_query_id * organizations/organization_number/savedQueries/
|
383
|
+
# saved_query_id
|
384
|
+
# @param [String] fields
|
385
|
+
# Selector specifying which fields to include in a partial response.
|
386
|
+
# @param [String] quota_user
|
387
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
388
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
389
|
+
# @param [Google::Apis::RequestOptions] options
|
390
|
+
# Request-specific options
|
391
|
+
#
|
392
|
+
# @yield [result, err] Result & error if block supplied
|
393
|
+
# @yieldparam result [Google::Apis::CloudassetV1::Empty] parsed result object
|
394
|
+
# @yieldparam err [StandardError] error object if request failed
|
395
|
+
#
|
396
|
+
# @return [Google::Apis::CloudassetV1::Empty]
|
397
|
+
#
|
398
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
399
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
400
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
401
|
+
def delete_saved_query(name, fields: nil, quota_user: nil, options: nil, &block)
|
402
|
+
command = make_simple_command(:delete, 'v1/{+name}', options)
|
403
|
+
command.response_representation = Google::Apis::CloudassetV1::Empty::Representation
|
404
|
+
command.response_class = Google::Apis::CloudassetV1::Empty
|
405
|
+
command.params['name'] = name unless name.nil?
|
406
|
+
command.query['fields'] = fields unless fields.nil?
|
407
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
408
|
+
execute_or_queue_command(command, &block)
|
409
|
+
end
|
410
|
+
|
411
|
+
# Gets details about a saved query.
|
412
|
+
# @param [String] name
|
413
|
+
# Required. The name of the saved query and it must be in the format of: *
|
414
|
+
# projects/project_number/savedQueries/saved_query_id * folders/folder_number/
|
415
|
+
# savedQueries/saved_query_id * organizations/organization_number/savedQueries/
|
416
|
+
# saved_query_id
|
417
|
+
# @param [String] fields
|
418
|
+
# Selector specifying which fields to include in a partial response.
|
419
|
+
# @param [String] quota_user
|
420
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
421
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
422
|
+
# @param [Google::Apis::RequestOptions] options
|
423
|
+
# Request-specific options
|
424
|
+
#
|
425
|
+
# @yield [result, err] Result & error if block supplied
|
426
|
+
# @yieldparam result [Google::Apis::CloudassetV1::SavedQuery] parsed result object
|
427
|
+
# @yieldparam err [StandardError] error object if request failed
|
428
|
+
#
|
429
|
+
# @return [Google::Apis::CloudassetV1::SavedQuery]
|
430
|
+
#
|
431
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
432
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
433
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
434
|
+
def get_saved_query(name, fields: nil, quota_user: nil, options: nil, &block)
|
435
|
+
command = make_simple_command(:get, 'v1/{+name}', options)
|
436
|
+
command.response_representation = Google::Apis::CloudassetV1::SavedQuery::Representation
|
437
|
+
command.response_class = Google::Apis::CloudassetV1::SavedQuery
|
438
|
+
command.params['name'] = name unless name.nil?
|
439
|
+
command.query['fields'] = fields unless fields.nil?
|
440
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
441
|
+
execute_or_queue_command(command, &block)
|
442
|
+
end
|
443
|
+
|
444
|
+
# Lists all saved queries in a parent project/folder/organization.
|
445
|
+
# @param [String] parent
|
446
|
+
# Required. The parent project/folder/organization whose savedQueries are to be
|
447
|
+
# listed. It can only be using project/folder/organization number (such as "
|
448
|
+
# folders/12345")", or a project ID (such as "projects/my-project-id").
|
449
|
+
# @param [String] filter
|
450
|
+
# Optional. The expression to filter resources. The expression is a list of zero
|
451
|
+
# or more restrictions combined via logical operators `AND` and `OR`. When `AND`
|
452
|
+
# and `OR` are both used in the expression, parentheses must be appropriately
|
453
|
+
# used to group the combinations. The expression may also contain regular
|
454
|
+
# expressions. See https://google.aip.dev/160 for more information on the
|
455
|
+
# grammar.
|
456
|
+
# @param [Fixnum] page_size
|
457
|
+
# Optional. The maximum number of saved queries to return per page. The service
|
458
|
+
# may return fewer than this value. If unspecified, at most 50 will be returned.
|
459
|
+
# The maximum value is 1000; values above 1000 will be coerced to 1000.
|
460
|
+
# @param [String] page_token
|
461
|
+
# Optional. A page token, received from a previous `ListSavedQueries` call.
|
462
|
+
# Provide this to retrieve the subsequent page. When paginating, all other
|
463
|
+
# parameters provided to `ListSavedQueries` must match the call that provided
|
464
|
+
# the page token.
|
465
|
+
# @param [String] fields
|
466
|
+
# Selector specifying which fields to include in a partial response.
|
467
|
+
# @param [String] quota_user
|
468
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
469
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
470
|
+
# @param [Google::Apis::RequestOptions] options
|
471
|
+
# Request-specific options
|
472
|
+
#
|
473
|
+
# @yield [result, err] Result & error if block supplied
|
474
|
+
# @yieldparam result [Google::Apis::CloudassetV1::ListSavedQueriesResponse] parsed result object
|
475
|
+
# @yieldparam err [StandardError] error object if request failed
|
476
|
+
#
|
477
|
+
# @return [Google::Apis::CloudassetV1::ListSavedQueriesResponse]
|
478
|
+
#
|
479
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
480
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
481
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
482
|
+
def list_saved_queries(parent, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
|
483
|
+
command = make_simple_command(:get, 'v1/{+parent}/savedQueries', options)
|
484
|
+
command.response_representation = Google::Apis::CloudassetV1::ListSavedQueriesResponse::Representation
|
485
|
+
command.response_class = Google::Apis::CloudassetV1::ListSavedQueriesResponse
|
486
|
+
command.params['parent'] = parent unless parent.nil?
|
487
|
+
command.query['filter'] = filter unless filter.nil?
|
488
|
+
command.query['pageSize'] = page_size unless page_size.nil?
|
489
|
+
command.query['pageToken'] = page_token unless page_token.nil?
|
490
|
+
command.query['fields'] = fields unless fields.nil?
|
491
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
492
|
+
execute_or_queue_command(command, &block)
|
493
|
+
end
|
494
|
+
|
495
|
+
# Updates a saved query.
|
496
|
+
# @param [String] name
|
497
|
+
# The resource name of the saved query. The format must be: * projects/
|
498
|
+
# project_number/savedQueries/saved_query_id * folders/folder_number/
|
499
|
+
# savedQueries/saved_query_id * organizations/organization_number/savedQueries/
|
500
|
+
# saved_query_id
|
501
|
+
# @param [Google::Apis::CloudassetV1::SavedQuery] saved_query_object
|
502
|
+
# @param [String] update_mask
|
503
|
+
# Required. The list of fields to update.
|
504
|
+
# @param [String] fields
|
505
|
+
# Selector specifying which fields to include in a partial response.
|
506
|
+
# @param [String] quota_user
|
507
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
508
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
509
|
+
# @param [Google::Apis::RequestOptions] options
|
510
|
+
# Request-specific options
|
511
|
+
#
|
512
|
+
# @yield [result, err] Result & error if block supplied
|
513
|
+
# @yieldparam result [Google::Apis::CloudassetV1::SavedQuery] parsed result object
|
514
|
+
# @yieldparam err [StandardError] error object if request failed
|
515
|
+
#
|
516
|
+
# @return [Google::Apis::CloudassetV1::SavedQuery]
|
517
|
+
#
|
518
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
519
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
520
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
521
|
+
def patch_saved_query(name, saved_query_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
|
522
|
+
command = make_simple_command(:patch, 'v1/{+name}', options)
|
523
|
+
command.request_representation = Google::Apis::CloudassetV1::SavedQuery::Representation
|
524
|
+
command.request_object = saved_query_object
|
525
|
+
command.response_representation = Google::Apis::CloudassetV1::SavedQuery::Representation
|
526
|
+
command.response_class = Google::Apis::CloudassetV1::SavedQuery
|
527
|
+
command.params['name'] = name unless name.nil?
|
528
|
+
command.query['updateMask'] = update_mask unless update_mask.nil?
|
529
|
+
command.query['fields'] = fields unless fields.nil?
|
530
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
531
|
+
execute_or_queue_command(command, &block)
|
532
|
+
end
|
533
|
+
|
334
534
|
# Analyzes IAM policies to answer which identities have what accesses on which
|
335
535
|
# resources.
|
336
536
|
# @param [String] scope
|
@@ -352,8 +552,8 @@ module Google
|
|
352
552
|
# value must not be earlier than the current time; otherwise, an
|
353
553
|
# INVALID_ARGUMENT error will be returned.
|
354
554
|
# @param [String] analysis_query_identity_selector_identity
|
355
|
-
# Required. The identity appear in the form of
|
356
|
-
# https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of
|
555
|
+
# Required. The identity appear in the form of principals in [IAM policy binding]
|
556
|
+
# (https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of
|
357
557
|
# supported forms are: "user:mike@example.com", "group:admins@example.com", "
|
358
558
|
# domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com".
|
359
559
|
# Notice that wildcard characters (such as * and ?) are not supported. You must
|
@@ -402,11 +602,12 @@ module Google
|
|
402
602
|
# result will be determined by the selector, and this flag is not allowed to set.
|
403
603
|
# Default is false.
|
404
604
|
# @param [Boolean] analysis_query_options_output_group_edges
|
405
|
-
# Optional. If true, the result will output
|
406
|
-
#
|
605
|
+
# Optional. If true, the result will output the relevant membership
|
606
|
+
# relationships between groups and other groups, and between groups and
|
607
|
+
# principals. Default is false.
|
407
608
|
# @param [Boolean] analysis_query_options_output_resource_edges
|
408
|
-
# Optional. If true, the result will output
|
409
|
-
#
|
609
|
+
# Optional. If true, the result will output the relevant parent/child
|
610
|
+
# relationships between resources. Default is false.
|
410
611
|
# @param [String] analysis_query_resource_selector_full_resource_name
|
411
612
|
# Required. The [full resource name] (https://cloud.google.com/asset-inventory/
|
412
613
|
# docs/resource-name-format) of a resource of [supported resource types](https://
|
@@ -420,6 +621,18 @@ module Google
|
|
420
621
|
# you will get a response with partial result. Otherwise, your query's execution
|
421
622
|
# will continue until the RPC deadline. If it's not finished until then, you
|
422
623
|
# will get a DEADLINE_EXCEEDED error. Default is empty.
|
624
|
+
# @param [String] saved_analysis_query
|
625
|
+
# Optional. The name of a saved query, which must be in the format of: *
|
626
|
+
# projects/project_number/savedQueries/saved_query_id * folders/folder_number/
|
627
|
+
# savedQueries/saved_query_id * organizations/organization_number/savedQueries/
|
628
|
+
# saved_query_id If both `analysis_query` and `saved_analysis_query` are
|
629
|
+
# provided, they will be merged together with the `saved_analysis_query` as base
|
630
|
+
# and the `analysis_query` as overrides. For more details of the merge behavior,
|
631
|
+
# please refer to the [MergeFrom](https://developers.google.com/protocol-buffers/
|
632
|
+
# docs/reference/cpp/google.protobuf.message#Message.MergeFrom.details) page.
|
633
|
+
# Note that you cannot override primitive fields with default value, such as 0
|
634
|
+
# or empty string, etc., because we use proto3, which doesn't support field
|
635
|
+
# presence yet.
|
423
636
|
# @param [String] fields
|
424
637
|
# Selector specifying which fields to include in a partial response.
|
425
638
|
# @param [String] quota_user
|
@@ -437,7 +650,7 @@ module Google
|
|
437
650
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
438
651
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
439
652
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
440
|
-
def analyze_iam_policy(scope, analysis_query_access_selector_permissions: nil, analysis_query_access_selector_roles: nil, analysis_query_condition_context_access_time: nil, analysis_query_identity_selector_identity: nil, analysis_query_options_analyze_service_account_impersonation: nil, analysis_query_options_expand_groups: nil, analysis_query_options_expand_resources: nil, analysis_query_options_expand_roles: nil, analysis_query_options_output_group_edges: nil, analysis_query_options_output_resource_edges: nil, analysis_query_resource_selector_full_resource_name: nil, execution_timeout: nil, fields: nil, quota_user: nil, options: nil, &block)
|
653
|
+
def analyze_iam_policy(scope, analysis_query_access_selector_permissions: nil, analysis_query_access_selector_roles: nil, analysis_query_condition_context_access_time: nil, analysis_query_identity_selector_identity: nil, analysis_query_options_analyze_service_account_impersonation: nil, analysis_query_options_expand_groups: nil, analysis_query_options_expand_resources: nil, analysis_query_options_expand_roles: nil, analysis_query_options_output_group_edges: nil, analysis_query_options_output_resource_edges: nil, analysis_query_resource_selector_full_resource_name: nil, execution_timeout: nil, saved_analysis_query: nil, fields: nil, quota_user: nil, options: nil, &block)
|
441
654
|
command = make_simple_command(:get, 'v1/{+scope}:analyzeIamPolicy', options)
|
442
655
|
command.response_representation = Google::Apis::CloudassetV1::AnalyzeIamPolicyResponse::Representation
|
443
656
|
command.response_class = Google::Apis::CloudassetV1::AnalyzeIamPolicyResponse
|
@@ -454,6 +667,7 @@ module Google
|
|
454
667
|
command.query['analysisQuery.options.outputResourceEdges'] = analysis_query_options_output_resource_edges unless analysis_query_options_output_resource_edges.nil?
|
455
668
|
command.query['analysisQuery.resourceSelector.fullResourceName'] = analysis_query_resource_selector_full_resource_name unless analysis_query_resource_selector_full_resource_name.nil?
|
456
669
|
command.query['executionTimeout'] = execution_timeout unless execution_timeout.nil?
|
670
|
+
command.query['savedAnalysisQuery'] = saved_analysis_query unless saved_analysis_query.nil?
|
457
671
|
command.query['fields'] = fields unless fields.nil?
|
458
672
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
459
673
|
execute_or_queue_command(command, &block)
|
@@ -713,9 +927,9 @@ module Google
|
|
713
927
|
# how_to_construct_a_query) for more information. If not specified or empty, it
|
714
928
|
# will search all the IAM policies within the specified `scope`. Note that the
|
715
929
|
# query string is compared against each Cloud IAM policy binding, including its
|
716
|
-
#
|
717
|
-
# only contain the bindings that match your query. To learn more about the
|
718
|
-
# policy structure, see [IAM policy doc](https://cloud.google.com/iam/docs/
|
930
|
+
# principals, roles, and Cloud IAM conditions. The returned Cloud IAM policies
|
931
|
+
# will only contain the bindings that match your query. To learn more about the
|
932
|
+
# IAM policy structure, see [IAM policy doc](https://cloud.google.com/iam/docs/
|
719
933
|
# policies#structure). Examples: * `policy:amy@gmail.com` to find IAM policy
|
720
934
|
# bindings that specify user "amy@gmail.com". * `policy:roles/compute.admin` to
|
721
935
|
# find IAM policy bindings that specify the Compute Admin role. * `policy:comp*`
|
@@ -737,8 +951,8 @@ module Google
|
|
737
951
|
# instance1 OR instance2) policy:amy` to find IAM policy bindings that are set
|
738
952
|
# on resources "instance1" or "instance2" and also specify user "amy". * `roles:
|
739
953
|
# roles/compute.admin` to find IAM policy bindings that specify the Compute
|
740
|
-
# Admin role. * `memberTypes:user` to find IAM policy bindings that contain the
|
741
|
-
# user"
|
954
|
+
# Admin role. * `memberTypes:user` to find IAM policy bindings that contain the
|
955
|
+
# principal type "user".
|
742
956
|
# @param [String] fields
|
743
957
|
# Selector specifying which fields to include in a partial response.
|
744
958
|
# @param [String] quota_user
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-cloudasset_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.22.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-12-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -57,9 +57,9 @@ licenses:
|
|
57
57
|
- Apache-2.0
|
58
58
|
metadata:
|
59
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
60
|
-
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/
|
61
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.
|
62
|
-
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/
|
60
|
+
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1/CHANGELOG.md
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.22.0
|
62
|
+
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1
|
63
63
|
post_install_message:
|
64
64
|
rdoc_options: []
|
65
65
|
require_paths:
|