google-apis-cloudasset_v1 0.50.0 → 0.51.0
Sign up to get free protection for your applications and to get access to all the features.
@@ -821,6 +821,176 @@ module Google
|
|
821
821
|
execute_or_queue_command(command, &block)
|
822
822
|
end
|
823
823
|
|
824
|
+
# Analyzes organization policies under a scope.
|
825
|
+
# @param [String] scope
|
826
|
+
# Required. The organization to scope the request. Only organization policies
|
827
|
+
# within the scope will be analyzed. * organizations/`ORGANIZATION_NUMBER` (e.g.,
|
828
|
+
# "organizations/123456")
|
829
|
+
# @param [String] constraint
|
830
|
+
# Required. The name of the constraint to analyze organization policies for. The
|
831
|
+
# response only contains analyzed organization policies for the provided
|
832
|
+
# constraint.
|
833
|
+
# @param [String] filter
|
834
|
+
# The expression to filter AnalyzeOrgPoliciesResponse.org_policy_results. The
|
835
|
+
# only supported field is `consolidated_policy.attached_resource`, and the only
|
836
|
+
# supported operator is `=`. Example: consolidated_policy.attached_resource="//
|
837
|
+
# cloudresourcemanager.googleapis.com/folders/001" will return the org policy
|
838
|
+
# results of"folders/001".
|
839
|
+
# @param [Fixnum] page_size
|
840
|
+
# The maximum number of items to return per page. If unspecified,
|
841
|
+
# AnalyzeOrgPoliciesResponse.org_policy_results will contain 20 items with a
|
842
|
+
# maximum of 200.
|
843
|
+
# @param [String] page_token
|
844
|
+
# The pagination token to retrieve the next page.
|
845
|
+
# @param [String] fields
|
846
|
+
# Selector specifying which fields to include in a partial response.
|
847
|
+
# @param [String] quota_user
|
848
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
849
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
850
|
+
# @param [Google::Apis::RequestOptions] options
|
851
|
+
# Request-specific options
|
852
|
+
#
|
853
|
+
# @yield [result, err] Result & error if block supplied
|
854
|
+
# @yieldparam result [Google::Apis::CloudassetV1::AnalyzeOrgPoliciesResponse] parsed result object
|
855
|
+
# @yieldparam err [StandardError] error object if request failed
|
856
|
+
#
|
857
|
+
# @return [Google::Apis::CloudassetV1::AnalyzeOrgPoliciesResponse]
|
858
|
+
#
|
859
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
860
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
861
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
862
|
+
def analyze_org_policies(scope, constraint: nil, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
|
863
|
+
command = make_simple_command(:get, 'v1/{+scope}:analyzeOrgPolicies', options)
|
864
|
+
command.response_representation = Google::Apis::CloudassetV1::AnalyzeOrgPoliciesResponse::Representation
|
865
|
+
command.response_class = Google::Apis::CloudassetV1::AnalyzeOrgPoliciesResponse
|
866
|
+
command.params['scope'] = scope unless scope.nil?
|
867
|
+
command.query['constraint'] = constraint unless constraint.nil?
|
868
|
+
command.query['filter'] = filter unless filter.nil?
|
869
|
+
command.query['pageSize'] = page_size unless page_size.nil?
|
870
|
+
command.query['pageToken'] = page_token unless page_token.nil?
|
871
|
+
command.query['fields'] = fields unless fields.nil?
|
872
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
873
|
+
execute_or_queue_command(command, &block)
|
874
|
+
end
|
875
|
+
|
876
|
+
# Analyzes organization policies governed assets (GCP resources or policies)
|
877
|
+
# under a scope. This RPC supports custom constraints and the following 10
|
878
|
+
# canned constraints: * storage.uniformBucketLevelAccess * iam.
|
879
|
+
# disableServiceAccountKeyCreation * iam.allowedPolicyMemberDomains * compute.
|
880
|
+
# vmExternalIpAccess * appengine.enforceServiceAccountActAsCheck * gcp.
|
881
|
+
# resourceLocations * compute.trustedImageProjects * compute.
|
882
|
+
# skipDefaultNetworkCreation * compute.requireOsLogin * compute.
|
883
|
+
# disableNestedVirtualization This RPC only returns either resources of types
|
884
|
+
# supported by [searchable asset types](https://cloud.google.com/asset-inventory/
|
885
|
+
# docs/supported-asset-types#searchable_asset_types), or IAM policies.
|
886
|
+
# @param [String] scope
|
887
|
+
# Required. The organization to scope the request. Only organization policies
|
888
|
+
# within the scope will be analyzed. The output assets will also be limited to
|
889
|
+
# the ones governed by those in-scope organization policies. * organizations/`
|
890
|
+
# ORGANIZATION_NUMBER` (e.g., "organizations/123456")
|
891
|
+
# @param [String] constraint
|
892
|
+
# Required. The name of the constraint to analyze governed assets for. The
|
893
|
+
# analysis only contains analyzed organization policies for the provided
|
894
|
+
# constraint.
|
895
|
+
# @param [String] filter
|
896
|
+
# The expression to filter the governed assets in result. The only supported
|
897
|
+
# fields for governed resources are `governed_resource.project` and `
|
898
|
+
# governed_resource.folders`. The only supported fields for governed iam
|
899
|
+
# policies are `governed_iam_policy.project` and `governed_iam_policy.folders`.
|
900
|
+
# The only supported operator is `=`. Example 1: governed_resource.project="
|
901
|
+
# projects/12345678" filter will return all governed resources under projects/
|
902
|
+
# 12345678 including the project ifself, if applicable. Example 2:
|
903
|
+
# governed_iam_policy.folders="folders/12345678" filter will return all governed
|
904
|
+
# iam policies under folders/12345678, if applicable.
|
905
|
+
# @param [Fixnum] page_size
|
906
|
+
# The maximum number of items to return per page. If unspecified,
|
907
|
+
# AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets will contain 100 items
|
908
|
+
# with a maximum of 200.
|
909
|
+
# @param [String] page_token
|
910
|
+
# The pagination token to retrieve the next page.
|
911
|
+
# @param [String] fields
|
912
|
+
# Selector specifying which fields to include in a partial response.
|
913
|
+
# @param [String] quota_user
|
914
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
915
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
916
|
+
# @param [Google::Apis::RequestOptions] options
|
917
|
+
# Request-specific options
|
918
|
+
#
|
919
|
+
# @yield [result, err] Result & error if block supplied
|
920
|
+
# @yieldparam result [Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedAssetsResponse] parsed result object
|
921
|
+
# @yieldparam err [StandardError] error object if request failed
|
922
|
+
#
|
923
|
+
# @return [Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedAssetsResponse]
|
924
|
+
#
|
925
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
926
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
927
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
928
|
+
def analyze_org_policy_governed_assets(scope, constraint: nil, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
|
929
|
+
command = make_simple_command(:get, 'v1/{+scope}:analyzeOrgPolicyGovernedAssets', options)
|
930
|
+
command.response_representation = Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedAssetsResponse::Representation
|
931
|
+
command.response_class = Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedAssetsResponse
|
932
|
+
command.params['scope'] = scope unless scope.nil?
|
933
|
+
command.query['constraint'] = constraint unless constraint.nil?
|
934
|
+
command.query['filter'] = filter unless filter.nil?
|
935
|
+
command.query['pageSize'] = page_size unless page_size.nil?
|
936
|
+
command.query['pageToken'] = page_token unless page_token.nil?
|
937
|
+
command.query['fields'] = fields unless fields.nil?
|
938
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
939
|
+
execute_or_queue_command(command, &block)
|
940
|
+
end
|
941
|
+
|
942
|
+
# Analyzes organization policies governed containers (projects, folders or
|
943
|
+
# organization) under a scope.
|
944
|
+
# @param [String] scope
|
945
|
+
# Required. The organization to scope the request. Only organization policies
|
946
|
+
# within the scope will be analyzed. The output containers will also be limited
|
947
|
+
# to the ones governed by those in-scope organization policies. * organizations/`
|
948
|
+
# ORGANIZATION_NUMBER` (e.g., "organizations/123456")
|
949
|
+
# @param [String] constraint
|
950
|
+
# Required. The name of the constraint to analyze governed containers for. The
|
951
|
+
# analysis only contains organization policies for the provided constraint.
|
952
|
+
# @param [String] filter
|
953
|
+
# The expression to filter the governed containers in result. The only supported
|
954
|
+
# field is `parent`, and the only supported operator is `=`. Example: parent="//
|
955
|
+
# cloudresourcemanager.googleapis.com/folders/001" will return all containers
|
956
|
+
# under "folders/001".
|
957
|
+
# @param [Fixnum] page_size
|
958
|
+
# The maximum number of items to return per page. If unspecified,
|
959
|
+
# AnalyzeOrgPolicyGovernedContainersResponse.governed_containers will contain
|
960
|
+
# 100 items with a maximum of 200.
|
961
|
+
# @param [String] page_token
|
962
|
+
# The pagination token to retrieve the next page.
|
963
|
+
# @param [String] fields
|
964
|
+
# Selector specifying which fields to include in a partial response.
|
965
|
+
# @param [String] quota_user
|
966
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
967
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
968
|
+
# @param [Google::Apis::RequestOptions] options
|
969
|
+
# Request-specific options
|
970
|
+
#
|
971
|
+
# @yield [result, err] Result & error if block supplied
|
972
|
+
# @yieldparam result [Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedContainersResponse] parsed result object
|
973
|
+
# @yieldparam err [StandardError] error object if request failed
|
974
|
+
#
|
975
|
+
# @return [Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedContainersResponse]
|
976
|
+
#
|
977
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
978
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
979
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
980
|
+
def analyze_org_policy_governed_containers(scope, constraint: nil, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
|
981
|
+
command = make_simple_command(:get, 'v1/{+scope}:analyzeOrgPolicyGovernedContainers', options)
|
982
|
+
command.response_representation = Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedContainersResponse::Representation
|
983
|
+
command.response_class = Google::Apis::CloudassetV1::AnalyzeOrgPolicyGovernedContainersResponse
|
984
|
+
command.params['scope'] = scope unless scope.nil?
|
985
|
+
command.query['constraint'] = constraint unless constraint.nil?
|
986
|
+
command.query['filter'] = filter unless filter.nil?
|
987
|
+
command.query['pageSize'] = page_size unless page_size.nil?
|
988
|
+
command.query['pageToken'] = page_token unless page_token.nil?
|
989
|
+
command.query['fields'] = fields unless fields.nil?
|
990
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
991
|
+
execute_or_queue_command(command, &block)
|
992
|
+
end
|
993
|
+
|
824
994
|
# Batch gets the update history of assets that overlap a time window. For
|
825
995
|
# IAM_POLICY content, this API outputs history when the asset and its attached
|
826
996
|
# IAM POLICY both exist. This can create gaps in the output history. Otherwise,
|
@@ -931,6 +1101,51 @@ module Google
|
|
931
1101
|
execute_or_queue_command(command, &block)
|
932
1102
|
end
|
933
1103
|
|
1104
|
+
# Issue a job that queries assets using a SQL statement compatible with [
|
1105
|
+
# BigQuery Standard SQL](http://cloud/bigquery/docs/reference/standard-sql/
|
1106
|
+
# enabling-standard-sql). If the query execution finishes within timeout and
|
1107
|
+
# there's no pagination, the full query results will be returned in the `
|
1108
|
+
# QueryAssetsResponse`. Otherwise, full query results can be obtained by issuing
|
1109
|
+
# extra requests with the `job_reference` from the a previous `QueryAssets` call.
|
1110
|
+
# Note, the query result has approximately 10 GB limitation enforced by
|
1111
|
+
# BigQuery https://cloud.google.com/bigquery/docs/best-practices-performance-
|
1112
|
+
# output, queries return larger results will result in errors.
|
1113
|
+
# @param [String] parent
|
1114
|
+
# Required. The relative name of the root asset. This can only be an
|
1115
|
+
# organization number (such as "organizations/123"), a project ID (such as "
|
1116
|
+
# projects/my-project-id"), or a project number (such as "projects/12345"), or a
|
1117
|
+
# folder number (such as "folders/123"). Only assets belonging to the `parent`
|
1118
|
+
# will be returned.
|
1119
|
+
# @param [Google::Apis::CloudassetV1::QueryAssetsRequest] query_assets_request_object
|
1120
|
+
# @param [String] fields
|
1121
|
+
# Selector specifying which fields to include in a partial response.
|
1122
|
+
# @param [String] quota_user
|
1123
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
1124
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
1125
|
+
# @param [Google::Apis::RequestOptions] options
|
1126
|
+
# Request-specific options
|
1127
|
+
#
|
1128
|
+
# @yield [result, err] Result & error if block supplied
|
1129
|
+
# @yieldparam result [Google::Apis::CloudassetV1::QueryAssetsResponse] parsed result object
|
1130
|
+
# @yieldparam err [StandardError] error object if request failed
|
1131
|
+
#
|
1132
|
+
# @return [Google::Apis::CloudassetV1::QueryAssetsResponse]
|
1133
|
+
#
|
1134
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
1135
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
1136
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
1137
|
+
def query_assets(parent, query_assets_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
1138
|
+
command = make_simple_command(:post, 'v1/{+parent}:queryAssets', options)
|
1139
|
+
command.request_representation = Google::Apis::CloudassetV1::QueryAssetsRequest::Representation
|
1140
|
+
command.request_object = query_assets_request_object
|
1141
|
+
command.response_representation = Google::Apis::CloudassetV1::QueryAssetsResponse::Representation
|
1142
|
+
command.response_class = Google::Apis::CloudassetV1::QueryAssetsResponse
|
1143
|
+
command.params['parent'] = parent unless parent.nil?
|
1144
|
+
command.query['fields'] = fields unless fields.nil?
|
1145
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
1146
|
+
execute_or_queue_command(command, &block)
|
1147
|
+
end
|
1148
|
+
|
934
1149
|
# Searches all IAM policies within the specified scope, such as a project,
|
935
1150
|
# folder, or organization. The caller must be granted the `cloudasset.assets.
|
936
1151
|
# searchAllIamPolicies` permission on the desired scope, otherwise the request
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-cloudasset_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.51.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-12-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -58,7 +58,7 @@ licenses:
|
|
58
58
|
metadata:
|
59
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
60
60
|
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1/CHANGELOG.md
|
61
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.51.0
|
62
62
|
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1
|
63
63
|
post_install_message:
|
64
64
|
rdoc_options: []
|