google-apis-cloudasset_v1 0.3.0 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -0
- data/lib/google/apis/cloudasset_v1.rb +1 -1
- data/lib/google/apis/cloudasset_v1/classes.rb +589 -42
- data/lib/google/apis/cloudasset_v1/gem_version.rb +3 -3
- data/lib/google/apis/cloudasset_v1/representations.rb +214 -0
- data/lib/google/apis/cloudasset_v1/service.rb +140 -17
- metadata +5 -5
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module CloudassetV1
|
18
18
|
# Version of the google-apis-cloudasset_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.8.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
|
-
GENERATOR_VERSION = "0.
|
22
|
+
GENERATOR_VERSION = "0.2.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20210518"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
@@ -34,12 +34,24 @@ module Google
|
|
34
34
|
include Google::Apis::Core::JsonObjectSupport
|
35
35
|
end
|
36
36
|
|
37
|
+
class AnalyzeIamPolicyLongrunningResponse
|
38
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
39
|
+
|
40
|
+
include Google::Apis::Core::JsonObjectSupport
|
41
|
+
end
|
42
|
+
|
37
43
|
class AnalyzeIamPolicyResponse
|
38
44
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
39
45
|
|
40
46
|
include Google::Apis::Core::JsonObjectSupport
|
41
47
|
end
|
42
48
|
|
49
|
+
class AnalyzeMoveResponse
|
50
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
51
|
+
|
52
|
+
include Google::Apis::Core::JsonObjectSupport
|
53
|
+
end
|
54
|
+
|
43
55
|
class Asset
|
44
56
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
45
57
|
|
@@ -76,6 +88,18 @@ module Google
|
|
76
88
|
include Google::Apis::Core::JsonObjectSupport
|
77
89
|
end
|
78
90
|
|
91
|
+
class ConditionContext
|
92
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
93
|
+
|
94
|
+
include Google::Apis::Core::JsonObjectSupport
|
95
|
+
end
|
96
|
+
|
97
|
+
class ConditionEvaluation
|
98
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
99
|
+
|
100
|
+
include Google::Apis::Core::JsonObjectSupport
|
101
|
+
end
|
102
|
+
|
79
103
|
class CreateFeedRequest
|
80
104
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
81
105
|
|
@@ -172,6 +196,36 @@ module Google
|
|
172
196
|
include Google::Apis::Core::JsonObjectSupport
|
173
197
|
end
|
174
198
|
|
199
|
+
class GoogleCloudAssetV1p7beta1Asset
|
200
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
201
|
+
|
202
|
+
include Google::Apis::Core::JsonObjectSupport
|
203
|
+
end
|
204
|
+
|
205
|
+
class GoogleCloudAssetV1p7beta1RelatedAsset
|
206
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
207
|
+
|
208
|
+
include Google::Apis::Core::JsonObjectSupport
|
209
|
+
end
|
210
|
+
|
211
|
+
class GoogleCloudAssetV1p7beta1RelatedAssets
|
212
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
213
|
+
|
214
|
+
include Google::Apis::Core::JsonObjectSupport
|
215
|
+
end
|
216
|
+
|
217
|
+
class GoogleCloudAssetV1p7beta1RelationshipAttributes
|
218
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
219
|
+
|
220
|
+
include Google::Apis::Core::JsonObjectSupport
|
221
|
+
end
|
222
|
+
|
223
|
+
class GoogleCloudAssetV1p7beta1Resource
|
224
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
225
|
+
|
226
|
+
include Google::Apis::Core::JsonObjectSupport
|
227
|
+
end
|
228
|
+
|
175
229
|
class GoogleCloudOrgpolicyV1BooleanPolicy
|
176
230
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
177
231
|
|
@@ -364,12 +418,36 @@ module Google
|
|
364
418
|
include Google::Apis::Core::JsonObjectSupport
|
365
419
|
end
|
366
420
|
|
421
|
+
class ListAssetsResponse
|
422
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
423
|
+
|
424
|
+
include Google::Apis::Core::JsonObjectSupport
|
425
|
+
end
|
426
|
+
|
367
427
|
class ListFeedsResponse
|
368
428
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
369
429
|
|
370
430
|
include Google::Apis::Core::JsonObjectSupport
|
371
431
|
end
|
372
432
|
|
433
|
+
class MoveAnalysis
|
434
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
435
|
+
|
436
|
+
include Google::Apis::Core::JsonObjectSupport
|
437
|
+
end
|
438
|
+
|
439
|
+
class MoveAnalysisResult
|
440
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
441
|
+
|
442
|
+
include Google::Apis::Core::JsonObjectSupport
|
443
|
+
end
|
444
|
+
|
445
|
+
class MoveImpact
|
446
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
447
|
+
|
448
|
+
include Google::Apis::Core::JsonObjectSupport
|
449
|
+
end
|
450
|
+
|
373
451
|
class Operation
|
374
452
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
375
453
|
|
@@ -526,6 +604,12 @@ module Google
|
|
526
604
|
end
|
527
605
|
end
|
528
606
|
|
607
|
+
class AnalyzeIamPolicyLongrunningResponse
|
608
|
+
# @private
|
609
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
610
|
+
end
|
611
|
+
end
|
612
|
+
|
529
613
|
class AnalyzeIamPolicyResponse
|
530
614
|
# @private
|
531
615
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -537,6 +621,14 @@ module Google
|
|
537
621
|
end
|
538
622
|
end
|
539
623
|
|
624
|
+
class AnalyzeMoveResponse
|
625
|
+
# @private
|
626
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
627
|
+
collection :move_analysis, as: 'moveAnalysis', class: Google::Apis::CloudassetV1::MoveAnalysis, decorator: Google::Apis::CloudassetV1::MoveAnalysis::Representation
|
628
|
+
|
629
|
+
end
|
630
|
+
end
|
631
|
+
|
540
632
|
class Asset
|
541
633
|
# @private
|
542
634
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -608,6 +700,20 @@ module Google
|
|
608
700
|
end
|
609
701
|
end
|
610
702
|
|
703
|
+
class ConditionContext
|
704
|
+
# @private
|
705
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
706
|
+
property :access_time, as: 'accessTime'
|
707
|
+
end
|
708
|
+
end
|
709
|
+
|
710
|
+
class ConditionEvaluation
|
711
|
+
# @private
|
712
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
713
|
+
property :evaluation_value, as: 'evaluationValue'
|
714
|
+
end
|
715
|
+
end
|
716
|
+
|
611
717
|
class CreateFeedRequest
|
612
718
|
# @private
|
613
719
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -697,6 +803,8 @@ module Google
|
|
697
803
|
class Representation < Google::Apis::Core::JsonRepresentation
|
698
804
|
collection :accesses, as: 'accesses', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1Access, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1Access::Representation
|
699
805
|
|
806
|
+
property :condition_evaluation, as: 'conditionEvaluation', class: Google::Apis::CloudassetV1::ConditionEvaluation, decorator: Google::Apis::CloudassetV1::ConditionEvaluation::Representation
|
807
|
+
|
700
808
|
collection :resource_edges, as: 'resourceEdges', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1Edge, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1Edge::Representation
|
701
809
|
|
702
810
|
collection :resources, as: 'resources', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1Resource, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1Resource::Representation
|
@@ -757,6 +865,72 @@ module Google
|
|
757
865
|
end
|
758
866
|
end
|
759
867
|
|
868
|
+
class GoogleCloudAssetV1p7beta1Asset
|
869
|
+
# @private
|
870
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
871
|
+
property :access_level, as: 'accessLevel', class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessLevel, decorator: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessLevel::Representation
|
872
|
+
|
873
|
+
property :access_policy, as: 'accessPolicy', class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessPolicy, decorator: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessPolicy::Representation
|
874
|
+
|
875
|
+
collection :ancestors, as: 'ancestors'
|
876
|
+
property :asset_type, as: 'assetType'
|
877
|
+
property :iam_policy, as: 'iamPolicy', class: Google::Apis::CloudassetV1::Policy, decorator: Google::Apis::CloudassetV1::Policy::Representation
|
878
|
+
|
879
|
+
property :name, as: 'name'
|
880
|
+
collection :org_policy, as: 'orgPolicy', class: Google::Apis::CloudassetV1::GoogleCloudOrgpolicyV1Policy, decorator: Google::Apis::CloudassetV1::GoogleCloudOrgpolicyV1Policy::Representation
|
881
|
+
|
882
|
+
property :related_assets, as: 'relatedAssets', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1RelatedAssets, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1RelatedAssets::Representation
|
883
|
+
|
884
|
+
property :resource, as: 'resource', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1Resource, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1Resource::Representation
|
885
|
+
|
886
|
+
property :service_perimeter, as: 'servicePerimeter', class: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter, decorator: Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter::Representation
|
887
|
+
|
888
|
+
property :update_time, as: 'updateTime'
|
889
|
+
end
|
890
|
+
end
|
891
|
+
|
892
|
+
class GoogleCloudAssetV1p7beta1RelatedAsset
|
893
|
+
# @private
|
894
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
895
|
+
collection :ancestors, as: 'ancestors'
|
896
|
+
property :asset, as: 'asset'
|
897
|
+
property :asset_type, as: 'assetType'
|
898
|
+
end
|
899
|
+
end
|
900
|
+
|
901
|
+
class GoogleCloudAssetV1p7beta1RelatedAssets
|
902
|
+
# @private
|
903
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
904
|
+
collection :assets, as: 'assets', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1RelatedAsset, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1RelatedAsset::Representation
|
905
|
+
|
906
|
+
property :relationship_attributes, as: 'relationshipAttributes', class: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1RelationshipAttributes, decorator: Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1RelationshipAttributes::Representation
|
907
|
+
|
908
|
+
end
|
909
|
+
end
|
910
|
+
|
911
|
+
class GoogleCloudAssetV1p7beta1RelationshipAttributes
|
912
|
+
# @private
|
913
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
914
|
+
property :action, as: 'action'
|
915
|
+
property :source_resource_type, as: 'sourceResourceType'
|
916
|
+
property :target_resource_type, as: 'targetResourceType'
|
917
|
+
property :type, as: 'type'
|
918
|
+
end
|
919
|
+
end
|
920
|
+
|
921
|
+
class GoogleCloudAssetV1p7beta1Resource
|
922
|
+
# @private
|
923
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
924
|
+
hash :data, as: 'data'
|
925
|
+
property :discovery_document_uri, as: 'discoveryDocumentUri'
|
926
|
+
property :discovery_name, as: 'discoveryName'
|
927
|
+
property :location, as: 'location'
|
928
|
+
property :parent, as: 'parent'
|
929
|
+
property :resource_url, as: 'resourceUrl'
|
930
|
+
property :version, as: 'version'
|
931
|
+
end
|
932
|
+
end
|
933
|
+
|
760
934
|
class GoogleCloudOrgpolicyV1BooleanPolicy
|
761
935
|
# @private
|
762
936
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -1019,6 +1193,8 @@ module Google
|
|
1019
1193
|
class Representation < Google::Apis::Core::JsonRepresentation
|
1020
1194
|
property :access_selector, as: 'accessSelector', class: Google::Apis::CloudassetV1::AccessSelector, decorator: Google::Apis::CloudassetV1::AccessSelector::Representation
|
1021
1195
|
|
1196
|
+
property :condition_context, as: 'conditionContext', class: Google::Apis::CloudassetV1::ConditionContext, decorator: Google::Apis::CloudassetV1::ConditionContext::Representation
|
1197
|
+
|
1022
1198
|
property :identity_selector, as: 'identitySelector', class: Google::Apis::CloudassetV1::IdentitySelector, decorator: Google::Apis::CloudassetV1::IdentitySelector::Representation
|
1023
1199
|
|
1024
1200
|
property :options, as: 'options', class: Google::Apis::CloudassetV1::Options, decorator: Google::Apis::CloudassetV1::Options::Representation
|
@@ -1095,6 +1271,16 @@ module Google
|
|
1095
1271
|
end
|
1096
1272
|
end
|
1097
1273
|
|
1274
|
+
class ListAssetsResponse
|
1275
|
+
# @private
|
1276
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
1277
|
+
collection :assets, as: 'assets', class: Google::Apis::CloudassetV1::Asset, decorator: Google::Apis::CloudassetV1::Asset::Representation
|
1278
|
+
|
1279
|
+
property :next_page_token, as: 'nextPageToken'
|
1280
|
+
property :read_time, as: 'readTime'
|
1281
|
+
end
|
1282
|
+
end
|
1283
|
+
|
1098
1284
|
class ListFeedsResponse
|
1099
1285
|
# @private
|
1100
1286
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -1103,6 +1289,34 @@ module Google
|
|
1103
1289
|
end
|
1104
1290
|
end
|
1105
1291
|
|
1292
|
+
class MoveAnalysis
|
1293
|
+
# @private
|
1294
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
1295
|
+
property :analysis, as: 'analysis', class: Google::Apis::CloudassetV1::MoveAnalysisResult, decorator: Google::Apis::CloudassetV1::MoveAnalysisResult::Representation
|
1296
|
+
|
1297
|
+
property :display_name, as: 'displayName'
|
1298
|
+
property :error, as: 'error', class: Google::Apis::CloudassetV1::Status, decorator: Google::Apis::CloudassetV1::Status::Representation
|
1299
|
+
|
1300
|
+
end
|
1301
|
+
end
|
1302
|
+
|
1303
|
+
class MoveAnalysisResult
|
1304
|
+
# @private
|
1305
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
1306
|
+
collection :blockers, as: 'blockers', class: Google::Apis::CloudassetV1::MoveImpact, decorator: Google::Apis::CloudassetV1::MoveImpact::Representation
|
1307
|
+
|
1308
|
+
collection :warnings, as: 'warnings', class: Google::Apis::CloudassetV1::MoveImpact, decorator: Google::Apis::CloudassetV1::MoveImpact::Representation
|
1309
|
+
|
1310
|
+
end
|
1311
|
+
end
|
1312
|
+
|
1313
|
+
class MoveImpact
|
1314
|
+
# @private
|
1315
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
1316
|
+
property :detail, as: 'detail'
|
1317
|
+
end
|
1318
|
+
end
|
1319
|
+
|
1106
1320
|
class Operation
|
1107
1321
|
# @private
|
1108
1322
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -49,6 +49,73 @@ module Google
|
|
49
49
|
@batch_path = 'batch'
|
50
50
|
end
|
51
51
|
|
52
|
+
# Lists assets with time and resource types and returns paged results in
|
53
|
+
# response.
|
54
|
+
# @param [String] parent
|
55
|
+
# Required. Name of the organization or project the assets belong to. Format: "
|
56
|
+
# organizations/[organization-number]" (such as "organizations/123"), "projects/[
|
57
|
+
# project-id]" (such as "projects/my-project-id"), or "projects/[project-number]"
|
58
|
+
# (such as "projects/12345").
|
59
|
+
# @param [Array<String>, String] asset_types
|
60
|
+
# A list of asset types to take a snapshot for. For example: "compute.googleapis.
|
61
|
+
# com/Disk". Regular expression is also supported. For example: * "compute.
|
62
|
+
# googleapis.com.*" snapshots resources whose asset type starts with "compute.
|
63
|
+
# googleapis.com". * ".*Instance" snapshots resources whose asset type ends with
|
64
|
+
# "Instance". * ".*Instance.*" snapshots resources whose asset type contains "
|
65
|
+
# Instance". See [RE2](https://github.com/google/re2/wiki/Syntax) for all
|
66
|
+
# supported regular expression syntax. If the regular expression does not match
|
67
|
+
# any supported asset type, an INVALID_ARGUMENT error will be returned. If
|
68
|
+
# specified, only matching assets will be returned, otherwise, it will snapshot
|
69
|
+
# all asset types. See [Introduction to Cloud Asset Inventory](https://cloud.
|
70
|
+
# google.com/asset-inventory/docs/overview) for all supported asset types.
|
71
|
+
# @param [String] content_type
|
72
|
+
# Asset content type. If not specified, no content but the asset name will be
|
73
|
+
# returned.
|
74
|
+
# @param [Fixnum] page_size
|
75
|
+
# The maximum number of assets to be returned in a single response. Default is
|
76
|
+
# 100, minimum is 1, and maximum is 1000.
|
77
|
+
# @param [String] page_token
|
78
|
+
# The `next_page_token` returned from the previous `ListAssetsResponse`, or
|
79
|
+
# unspecified for the first `ListAssetsRequest`. It is a continuation of a prior
|
80
|
+
# `ListAssets` call, and the API should return the next page of assets.
|
81
|
+
# @param [String] read_time
|
82
|
+
# Timestamp to take an asset snapshot. This can only be set to a timestamp
|
83
|
+
# between the current time and the current time minus 35 days (inclusive). If
|
84
|
+
# not specified, the current time will be used. Due to delays in resource data
|
85
|
+
# collection and indexing, there is a volatile window during which running the
|
86
|
+
# same query may get different results.
|
87
|
+
# @param [String] fields
|
88
|
+
# Selector specifying which fields to include in a partial response.
|
89
|
+
# @param [String] quota_user
|
90
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
91
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
92
|
+
# @param [Google::Apis::RequestOptions] options
|
93
|
+
# Request-specific options
|
94
|
+
#
|
95
|
+
# @yield [result, err] Result & error if block supplied
|
96
|
+
# @yieldparam result [Google::Apis::CloudassetV1::ListAssetsResponse] parsed result object
|
97
|
+
# @yieldparam err [StandardError] error object if request failed
|
98
|
+
#
|
99
|
+
# @return [Google::Apis::CloudassetV1::ListAssetsResponse]
|
100
|
+
#
|
101
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
102
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
103
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
104
|
+
def list_assets(parent, asset_types: nil, content_type: nil, page_size: nil, page_token: nil, read_time: nil, fields: nil, quota_user: nil, options: nil, &block)
|
105
|
+
command = make_simple_command(:get, 'v1/{+parent}/assets', options)
|
106
|
+
command.response_representation = Google::Apis::CloudassetV1::ListAssetsResponse::Representation
|
107
|
+
command.response_class = Google::Apis::CloudassetV1::ListAssetsResponse
|
108
|
+
command.params['parent'] = parent unless parent.nil?
|
109
|
+
command.query['assetTypes'] = asset_types unless asset_types.nil?
|
110
|
+
command.query['contentType'] = content_type unless content_type.nil?
|
111
|
+
command.query['pageSize'] = page_size unless page_size.nil?
|
112
|
+
command.query['pageToken'] = page_token unless page_token.nil?
|
113
|
+
command.query['readTime'] = read_time unless read_time.nil?
|
114
|
+
command.query['fields'] = fields unless fields.nil?
|
115
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
116
|
+
execute_or_queue_command(command, &block)
|
117
|
+
end
|
118
|
+
|
52
119
|
# Creates a feed in a parent project/folder/organization to listen to its asset
|
53
120
|
# updates.
|
54
121
|
# @param [String] parent
|
@@ -266,6 +333,10 @@ module Google
|
|
266
333
|
# Optional. The permissions to appear in result.
|
267
334
|
# @param [Array<String>, String] analysis_query_access_selector_roles
|
268
335
|
# Optional. The roles to appear in result.
|
336
|
+
# @param [String] analysis_query_condition_context_access_time
|
337
|
+
# The hypothetical access timestamp to evaluate IAM conditions. Note that this
|
338
|
+
# value must not be earlier than the current time; otherwise, an
|
339
|
+
# INVALID_ARGUMENT error will be returned.
|
269
340
|
# @param [String] analysis_query_identity_selector_identity
|
270
341
|
# Required. The identity appear in the form of members in [IAM policy binding](
|
271
342
|
# https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of
|
@@ -352,13 +423,14 @@ module Google
|
|
352
423
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
353
424
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
354
425
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
355
|
-
def analyze_iam_policy(scope, analysis_query_access_selector_permissions: nil, analysis_query_access_selector_roles: nil, analysis_query_identity_selector_identity: nil, analysis_query_options_analyze_service_account_impersonation: nil, analysis_query_options_expand_groups: nil, analysis_query_options_expand_resources: nil, analysis_query_options_expand_roles: nil, analysis_query_options_output_group_edges: nil, analysis_query_options_output_resource_edges: nil, analysis_query_resource_selector_full_resource_name: nil, execution_timeout: nil, fields: nil, quota_user: nil, options: nil, &block)
|
426
|
+
def analyze_iam_policy(scope, analysis_query_access_selector_permissions: nil, analysis_query_access_selector_roles: nil, analysis_query_condition_context_access_time: nil, analysis_query_identity_selector_identity: nil, analysis_query_options_analyze_service_account_impersonation: nil, analysis_query_options_expand_groups: nil, analysis_query_options_expand_resources: nil, analysis_query_options_expand_roles: nil, analysis_query_options_output_group_edges: nil, analysis_query_options_output_resource_edges: nil, analysis_query_resource_selector_full_resource_name: nil, execution_timeout: nil, fields: nil, quota_user: nil, options: nil, &block)
|
356
427
|
command = make_simple_command(:get, 'v1/{+scope}:analyzeIamPolicy', options)
|
357
428
|
command.response_representation = Google::Apis::CloudassetV1::AnalyzeIamPolicyResponse::Representation
|
358
429
|
command.response_class = Google::Apis::CloudassetV1::AnalyzeIamPolicyResponse
|
359
430
|
command.params['scope'] = scope unless scope.nil?
|
360
431
|
command.query['analysisQuery.accessSelector.permissions'] = analysis_query_access_selector_permissions unless analysis_query_access_selector_permissions.nil?
|
361
432
|
command.query['analysisQuery.accessSelector.roles'] = analysis_query_access_selector_roles unless analysis_query_access_selector_roles.nil?
|
433
|
+
command.query['analysisQuery.conditionContext.accessTime'] = analysis_query_condition_context_access_time unless analysis_query_condition_context_access_time.nil?
|
362
434
|
command.query['analysisQuery.identitySelector.identity'] = analysis_query_identity_selector_identity unless analysis_query_identity_selector_identity.nil?
|
363
435
|
command.query['analysisQuery.options.analyzeServiceAccountImpersonation'] = analysis_query_options_analyze_service_account_impersonation unless analysis_query_options_analyze_service_account_impersonation.nil?
|
364
436
|
command.query['analysisQuery.options.expandGroups'] = analysis_query_options_expand_groups unless analysis_query_options_expand_groups.nil?
|
@@ -421,6 +493,53 @@ module Google
|
|
421
493
|
execute_or_queue_command(command, &block)
|
422
494
|
end
|
423
495
|
|
496
|
+
# Analyze moving a resource to a specified destination without kicking off the
|
497
|
+
# actual move. The analysis is best effort depending on the user's permissions
|
498
|
+
# of viewing different hierarchical policies and configurations. The policies
|
499
|
+
# and configuration are subject to change before the actual resource migration
|
500
|
+
# takes place.
|
501
|
+
# @param [String] resource
|
502
|
+
# Required. Name of the resource to perform the analysis against. Only GCP
|
503
|
+
# Project are supported as of today. Hence, this can only be Project ID (such as
|
504
|
+
# "projects/my-project-id") or a Project Number (such as "projects/12345").
|
505
|
+
# @param [String] destination_parent
|
506
|
+
# Required. Name of the GCP Folder or Organization to reparent the target
|
507
|
+
# resource. The analysis will be performed against hypothetically moving the
|
508
|
+
# resource to this specified desitination parent. This can only be a Folder
|
509
|
+
# number (such as "folders/123") or an Organization number (such as "
|
510
|
+
# organizations/123").
|
511
|
+
# @param [String] view
|
512
|
+
# Analysis view indicating what information should be included in the analysis
|
513
|
+
# response. If unspecified, the default view is FULL.
|
514
|
+
# @param [String] fields
|
515
|
+
# Selector specifying which fields to include in a partial response.
|
516
|
+
# @param [String] quota_user
|
517
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
518
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
519
|
+
# @param [Google::Apis::RequestOptions] options
|
520
|
+
# Request-specific options
|
521
|
+
#
|
522
|
+
# @yield [result, err] Result & error if block supplied
|
523
|
+
# @yieldparam result [Google::Apis::CloudassetV1::AnalyzeMoveResponse] parsed result object
|
524
|
+
# @yieldparam err [StandardError] error object if request failed
|
525
|
+
#
|
526
|
+
# @return [Google::Apis::CloudassetV1::AnalyzeMoveResponse]
|
527
|
+
#
|
528
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
529
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
530
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
531
|
+
def analyze_move(resource, destination_parent: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
|
532
|
+
command = make_simple_command(:get, 'v1/{+resource}:analyzeMove', options)
|
533
|
+
command.response_representation = Google::Apis::CloudassetV1::AnalyzeMoveResponse::Representation
|
534
|
+
command.response_class = Google::Apis::CloudassetV1::AnalyzeMoveResponse
|
535
|
+
command.params['resource'] = resource unless resource.nil?
|
536
|
+
command.query['destinationParent'] = destination_parent unless destination_parent.nil?
|
537
|
+
command.query['view'] = view unless view.nil?
|
538
|
+
command.query['fields'] = fields unless fields.nil?
|
539
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
540
|
+
execute_or_queue_command(command, &block)
|
541
|
+
end
|
542
|
+
|
424
543
|
# Batch gets the update history of assets that overlap a time window. For
|
425
544
|
# IAM_POLICY content, this API outputs history when the asset and its attached
|
426
545
|
# IAM POLICY both exist. This can create gaps in the output history. Otherwise,
|
@@ -625,13 +744,15 @@ module Google
|
|
625
744
|
# expression syntax. If the regular expression does not match any supported
|
626
745
|
# asset type, an INVALID_ARGUMENT error will be returned.
|
627
746
|
# @param [String] order_by
|
628
|
-
# Optional. A comma
|
747
|
+
# Optional. A comma-separated list of fields specifying the sorting order of the
|
629
748
|
# results. The default order is ascending. Add " DESC" after the field name to
|
630
749
|
# indicate descending order. Redundant space characters are ignored. Example: "
|
631
|
-
# location DESC, name". Only
|
632
|
-
#
|
633
|
-
#
|
634
|
-
#
|
750
|
+
# location DESC, name". Only singular primitive fields in the response are
|
751
|
+
# sortable: * name * assetType * project * displayName * description * location *
|
752
|
+
# kmsKey * createTime * updateTime * state * parentFullResourceName *
|
753
|
+
# parentAssetType All the other fields such as repeated fields (e.g., `
|
754
|
+
# networkTags`), map fields (e.g., `labels`) and struct fields (e.g., `
|
755
|
+
# additionalAttributes`) are not supported.
|
635
756
|
# @param [Fixnum] page_size
|
636
757
|
# Optional. The page size for search result pagination. Page size is capped at
|
637
758
|
# 500 even if a larger value is given. If set to zero, server will pick an
|
@@ -657,17 +778,19 @@ module Google
|
|
657
778
|
# prod". * `labels.env:*` to find Cloud resources that have a label "env". * `
|
658
779
|
# kmsKey:key` to find Cloud resources encrypted with a customer-managed
|
659
780
|
# encryption key whose name contains the word "key". * `state:ACTIVE` to find
|
660
|
-
# Cloud resources whose state contains "ACTIVE" as a word. * `
|
661
|
-
#
|
662
|
-
#
|
663
|
-
#
|
664
|
-
#
|
665
|
-
# 01 00:00:00 UTC"
|
666
|
-
#
|
667
|
-
#
|
668
|
-
#
|
669
|
-
#
|
670
|
-
#
|
781
|
+
# Cloud resources whose state contains "ACTIVE" as a word. * `NOT state:ACTIVE`
|
782
|
+
# to find ``gcp_name`` resources whose state doesn't contain "ACTIVE" as a word.
|
783
|
+
# * `createTime<1609459200` to find Cloud resources that were created before "
|
784
|
+
# 2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:
|
785
|
+
# 00:00 UTC" in seconds. * `updateTime>1609459200` to find Cloud resources that
|
786
|
+
# were updated after "2021-01-01 00:00:00 UTC". 1609459200 is the epoch
|
787
|
+
# timestamp of "2021-01-01 00:00:00 UTC" in seconds. * `Important` to find Cloud
|
788
|
+
# resources that contain "Important" as a word in any of the searchable fields. *
|
789
|
+
# `Impor*` to find Cloud resources that contain "Impor" as a prefix of any word
|
790
|
+
# in any of the searchable fields. * `Important location:(us-west1 OR global)`
|
791
|
+
# to find Cloud resources that contain "Important" as a word in any of the
|
792
|
+
# searchable fields and are also located in the "us-west1" region or the "global"
|
793
|
+
# location.
|
671
794
|
# @param [String] fields
|
672
795
|
# Selector specifying which fields to include in a partial response.
|
673
796
|
# @param [String] quota_user
|