google-apis-cloudasset_v1 0.51.0 → 0.53.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/lib/google/apis/cloudasset_v1/classes.rb +115 -108
- data/lib/google/apis/cloudasset_v1/gem_version.rb +3 -3
- data/lib/google/apis/cloudasset_v1/service.rb +89 -84
- data/lib/google/apis/cloudasset_v1.rb +2 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 996096adfb401ed86d0100f336f1063e014dee96ff10ba9cd5e5759c227a32c0
|
4
|
+
data.tar.gz: 9904d5c6f0bd34086a226b3b729cd7363172d5796ac908242d98cb8c5b8f9ced
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 65842f064eb935bdab86ab49ac73574dc8d24df62bf678fd7d5918083aaea5558eb0ad7a482a57e13bc491ddaecee520d1a12b08f06b820f35cb97656a796e88
|
7
|
+
data.tar.gz: 66c35c39603c74444d014a668cdbd7d4770c376aa73abc2de8ef6361baebc1f9c47aae6574bd422d7b1c9af8d7083a219ea47be9cca78df90c8cf07abf140189
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,14 @@
|
|
1
1
|
# Release history for google-apis-cloudasset_v1
|
2
2
|
|
3
|
+
### v0.53.0 (2023-02-12)
|
4
|
+
|
5
|
+
* Regenerated from discovery document revision 20230204
|
6
|
+
|
7
|
+
### v0.52.0 (2023-01-22)
|
8
|
+
|
9
|
+
* Regenerated from discovery document revision 20230114
|
10
|
+
* Regenerated using generator version 0.11.1
|
11
|
+
|
3
12
|
### v0.51.0 (2022-12-07)
|
4
13
|
|
5
14
|
* Regenerated from discovery document revision 20221201
|
@@ -51,7 +51,7 @@ module Google
|
|
51
51
|
end
|
52
52
|
|
53
53
|
# Represents the metadata of the longrunning operation for the
|
54
|
-
# AnalyzeIamPolicyLongrunning
|
54
|
+
# AnalyzeIamPolicyLongrunning RPC.
|
55
55
|
class AnalyzeIamPolicyLongrunningMetadata
|
56
56
|
include Google::Apis::Core::Hashable
|
57
57
|
|
@@ -164,7 +164,7 @@ module Google
|
|
164
164
|
include Google::Apis::Core::Hashable
|
165
165
|
|
166
166
|
# The list of analyses returned from performing the intended resource move
|
167
|
-
# analysis. The analysis is grouped by different Cloud services.
|
167
|
+
# analysis. The analysis is grouped by different Google Cloud services.
|
168
168
|
# Corresponds to the JSON property `moveAnalysis`
|
169
169
|
# @return [Array<Google::Apis::CloudassetV1::MoveAnalysis>]
|
170
170
|
attr_accessor :move_analysis
|
@@ -277,8 +277,8 @@ module Google
|
|
277
277
|
end
|
278
278
|
|
279
279
|
# This organization policy message is a modified version of the one defined in
|
280
|
-
# the
|
281
|
-
# original organization policy with some new fields for analysis purpose.
|
280
|
+
# the Organization Policy system. This message contains several fields defined
|
281
|
+
# in the original organization policy with some new fields for analysis purpose.
|
282
282
|
class AnalyzerOrgPolicy
|
283
283
|
include Google::Apis::Core::Hashable
|
284
284
|
|
@@ -365,7 +365,7 @@ module Google
|
|
365
365
|
# resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-
|
366
366
|
# platform-resource-hierarchy), a resource outside the Google Cloud resource
|
367
367
|
# hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy
|
368
|
-
# (e.g.
|
368
|
+
# (e.g. IAM policy), or a relationship (e.g. an INSTANCE_TO_INSTANCEGROUP
|
369
369
|
# relationship). See [Supported asset types](https://cloud.google.com/asset-
|
370
370
|
# inventory/docs/supported-asset-types) for more information.
|
371
371
|
class Asset
|
@@ -464,9 +464,9 @@ module Google
|
|
464
464
|
# ancestors. An asset can be any resource in the Google Cloud [resource
|
465
465
|
# hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-
|
466
466
|
# resource-hierarchy), a resource outside the Google Cloud resource hierarchy (
|
467
|
-
# such as Google Kubernetes Engine clusters and objects), or a policy (e.g.
|
468
|
-
#
|
469
|
-
#
|
467
|
+
# such as Google Kubernetes Engine clusters and objects), or a policy (e.g. IAM
|
468
|
+
# policy). See [Supported asset types](https://cloud.google.com/asset-inventory/
|
469
|
+
# docs/supported-asset-types) for more information.
|
470
470
|
# Corresponds to the JSON property `relatedAsset`
|
471
471
|
# @return [Google::Apis::CloudassetV1::RelatedAsset]
|
472
472
|
attr_accessor :related_asset
|
@@ -489,9 +489,10 @@ module Google
|
|
489
489
|
# has a target outside of the `ServicePerimeter`, the request will be blocked.
|
490
490
|
# Otherwise the request is allowed. There are two types of Service Perimeter -
|
491
491
|
# Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google
|
492
|
-
# Cloud project can only belong to a single regular Service
|
493
|
-
# Perimeter Bridges can contain only Google Cloud projects as
|
494
|
-
# Google Cloud project may belong to multiple Service
|
492
|
+
# Cloud project or VPC network can only belong to a single regular Service
|
493
|
+
# Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as
|
494
|
+
# members, a single Google Cloud project may belong to multiple Service
|
495
|
+
# Perimeter Bridges.
|
495
496
|
# Corresponds to the JSON property `servicePerimeter`
|
496
497
|
# @return [Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter]
|
497
498
|
attr_accessor :service_perimeter
|
@@ -779,22 +780,22 @@ module Google
|
|
779
780
|
# kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-
|
780
781
|
# project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:`emailid``: An
|
781
782
|
# email address that represents a Google group. For example, `admins@example.com`
|
782
|
-
# . * `
|
783
|
-
#
|
784
|
-
#
|
785
|
-
#
|
786
|
-
# the
|
787
|
-
#
|
788
|
-
#
|
783
|
+
# . * `domain:`domain``: The G Suite domain (primary) that represents all the
|
784
|
+
# users of that domain. For example, `google.com` or `example.com`. * `deleted:
|
785
|
+
# user:`emailid`?uid=`uniqueid``: An email address (plus unique identifier)
|
786
|
+
# representing a user that has been recently deleted. For example, `alice@
|
787
|
+
# example.com?uid=123456789012345678901`. If the user is recovered, this value
|
788
|
+
# reverts to `user:`emailid`` and the recovered user retains the role in the
|
789
|
+
# binding. * `deleted:serviceAccount:`emailid`?uid=`uniqueid``: An email address
|
790
|
+
# (plus unique identifier) representing a service account that has been recently
|
791
|
+
# deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=
|
789
792
|
# 123456789012345678901`. If the service account is undeleted, this value
|
790
793
|
# reverts to `serviceAccount:`emailid`` and the undeleted service account
|
791
794
|
# retains the role in the binding. * `deleted:group:`emailid`?uid=`uniqueid``:
|
792
795
|
# An email address (plus unique identifier) representing a Google group that has
|
793
796
|
# been recently deleted. For example, `admins@example.com?uid=
|
794
797
|
# 123456789012345678901`. If the group is recovered, this value reverts to `
|
795
|
-
# group:`emailid`` and the recovered group retains the role in the binding.
|
796
|
-
# domain:`domain``: The G Suite domain (primary) that represents all the users
|
797
|
-
# of that domain. For example, `google.com` or `example.com`.
|
798
|
+
# group:`emailid`` and the recovered group retains the role in the binding.
|
798
799
|
# Corresponds to the JSON property `members`
|
799
800
|
# @return [Array<String>]
|
800
801
|
attr_accessor :members
|
@@ -1245,7 +1246,7 @@ module Google
|
|
1245
1246
|
class GcsDestination
|
1246
1247
|
include Google::Apis::Core::Hashable
|
1247
1248
|
|
1248
|
-
# The
|
1249
|
+
# The URI of the Cloud Storage object. It's the same URI that is used by gsutil.
|
1249
1250
|
# Example: "gs://bucket_name/object_name". See [Viewing and Editing Object
|
1250
1251
|
# Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) for
|
1251
1252
|
# more information. If the specified Cloud Storage object already exists and
|
@@ -1255,8 +1256,8 @@ module Google
|
|
1255
1256
|
# @return [String]
|
1256
1257
|
attr_accessor :uri
|
1257
1258
|
|
1258
|
-
# The
|
1259
|
-
# bucket_name/object_name_prefix". Each object
|
1259
|
+
# The URI prefix of all generated Cloud Storage objects. Example: "gs://
|
1260
|
+
# bucket_name/object_name_prefix". Each object URI is in format: "gs://
|
1260
1261
|
# bucket_name/object_name_prefix// and only contains assets for that type.
|
1261
1262
|
# starts from 0. Example: "gs://bucket_name/object_name_prefix/compute.
|
1262
1263
|
# googleapis.com/Disk/0" is the first shard of output objects containing all
|
@@ -1363,14 +1364,14 @@ module Google
|
|
1363
1364
|
end
|
1364
1365
|
end
|
1365
1366
|
|
1366
|
-
# Represents a
|
1367
|
-
# policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint.
|
1367
|
+
# Represents a Google Cloud asset(resource or IAM policy) governed by the
|
1368
|
+
# organization policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint.
|
1368
1369
|
class GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset
|
1369
1370
|
include Google::Apis::Core::Hashable
|
1370
1371
|
|
1371
1372
|
# This organization policy message is a modified version of the one defined in
|
1372
|
-
# the
|
1373
|
-
# original organization policy with some new fields for analysis purpose.
|
1373
|
+
# the Organization Policy system. This message contains several fields defined
|
1374
|
+
# in the original organization policy with some new fields for analysis purpose.
|
1374
1375
|
# Corresponds to the JSON property `consolidatedPolicy`
|
1375
1376
|
# @return [Google::Apis::CloudassetV1::AnalyzerOrgPolicy]
|
1376
1377
|
attr_accessor :consolidated_policy
|
@@ -1381,7 +1382,7 @@ module Google
|
|
1381
1382
|
# @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy]
|
1382
1383
|
attr_accessor :governed_iam_policy
|
1383
1384
|
|
1384
|
-
# The
|
1385
|
+
# The Google Cloud resources governed by the organization policies of the
|
1385
1386
|
# AnalyzeOrgPolicyGovernedAssetsRequest.constraint.
|
1386
1387
|
# Corresponds to the JSON property `governedResource`
|
1387
1388
|
# @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource]
|
@@ -1488,7 +1489,7 @@ module Google
|
|
1488
1489
|
end
|
1489
1490
|
end
|
1490
1491
|
|
1491
|
-
# The
|
1492
|
+
# The Google Cloud resources governed by the organization policies of the
|
1492
1493
|
# AnalyzeOrgPolicyGovernedAssetsRequest.constraint.
|
1493
1494
|
class GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource
|
1494
1495
|
include Google::Apis::Core::Hashable
|
@@ -1501,7 +1502,7 @@ module Google
|
|
1501
1502
|
attr_accessor :folders
|
1502
1503
|
|
1503
1504
|
# The [full resource name] (https://cloud.google.com/asset-inventory/docs/
|
1504
|
-
# resource-name-format) of the
|
1505
|
+
# resource-name-format) of the Google Cloud resource.
|
1505
1506
|
# Corresponds to the JSON property `fullResourceName`
|
1506
1507
|
# @return [String]
|
1507
1508
|
attr_accessor :full_resource_name
|
@@ -1636,7 +1637,7 @@ module Google
|
|
1636
1637
|
attr_accessor :display_name
|
1637
1638
|
|
1638
1639
|
# A `Constraint` that allows or disallows a list of string values, which are
|
1639
|
-
# configured by an
|
1640
|
+
# configured by an organization's policy administrator with a `Policy`.
|
1640
1641
|
# Corresponds to the JSON property `listConstraint`
|
1641
1642
|
# @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1ListConstraint]
|
1642
1643
|
attr_accessor :list_constraint
|
@@ -1671,7 +1672,7 @@ module Google
|
|
1671
1672
|
# @return [String]
|
1672
1673
|
attr_accessor :action_type
|
1673
1674
|
|
1674
|
-
# Organization
|
1675
|
+
# Organization Policy condition/expression. For example: `resource.instanceName.
|
1675
1676
|
# matches("[production|test]_.*_(\d)+")'` or, `resource.management.auto_upgrade =
|
1676
1677
|
# = true`
|
1677
1678
|
# Corresponds to the JSON property `condition`
|
@@ -1754,7 +1755,7 @@ module Google
|
|
1754
1755
|
class GoogleCloudAssetV1GcsDestination
|
1755
1756
|
include Google::Apis::Core::Hashable
|
1756
1757
|
|
1757
|
-
# Required. The
|
1758
|
+
# Required. The URI of the Cloud Storage object. It's the same URI that is used
|
1758
1759
|
# by gsutil. Example: "gs://bucket_name/object_name". See [Viewing and Editing
|
1759
1760
|
# Object Metadata](https://cloud.google.com/storage/docs/viewing-editing-
|
1760
1761
|
# metadata) for more information. If the specified Cloud Storage object already
|
@@ -1780,8 +1781,8 @@ module Google
|
|
1780
1781
|
include Google::Apis::Core::Hashable
|
1781
1782
|
|
1782
1783
|
# This organization policy message is a modified version of the one defined in
|
1783
|
-
# the
|
1784
|
-
# original organization policy with some new fields for analysis purpose.
|
1784
|
+
# the Organization Policy system. This message contains several fields defined
|
1785
|
+
# in the original organization policy with some new fields for analysis purpose.
|
1785
1786
|
# Corresponds to the JSON property `consolidatedPolicy`
|
1786
1787
|
# @return [Google::Apis::CloudassetV1::AnalyzerOrgPolicy]
|
1787
1788
|
attr_accessor :consolidated_policy
|
@@ -1882,7 +1883,7 @@ module Google
|
|
1882
1883
|
end
|
1883
1884
|
|
1884
1885
|
# A `Constraint` that allows or disallows a list of string values, which are
|
1885
|
-
# configured by an
|
1886
|
+
# configured by an organization's policy administrator with a `Policy`.
|
1886
1887
|
class GoogleCloudAssetV1ListConstraint
|
1887
1888
|
include Google::Apis::Core::Hashable
|
1888
1889
|
|
@@ -2071,8 +2072,8 @@ module Google
|
|
2071
2072
|
# resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-
|
2072
2073
|
# platform-resource-hierarchy), a resource outside the Google Cloud resource
|
2073
2074
|
# hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy
|
2074
|
-
# (e.g.
|
2075
|
-
#
|
2075
|
+
# (e.g. IAM policy). See [Supported asset types](https://cloud.google.com/asset-
|
2076
|
+
# inventory/docs/supported-asset-types) for more information.
|
2076
2077
|
class GoogleCloudAssetV1p7beta1Asset
|
2077
2078
|
include Google::Apis::Core::Hashable
|
2078
2079
|
|
@@ -2172,9 +2173,10 @@ module Google
|
|
2172
2173
|
# has a target outside of the `ServicePerimeter`, the request will be blocked.
|
2173
2174
|
# Otherwise the request is allowed. There are two types of Service Perimeter -
|
2174
2175
|
# Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google
|
2175
|
-
# Cloud project can only belong to a single regular Service
|
2176
|
-
# Perimeter Bridges can contain only Google Cloud projects as
|
2177
|
-
# Google Cloud project may belong to multiple Service
|
2176
|
+
# Cloud project or VPC network can only belong to a single regular Service
|
2177
|
+
# Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as
|
2178
|
+
# members, a single Google Cloud project may belong to multiple Service
|
2179
|
+
# Perimeter Bridges.
|
2178
2180
|
# Corresponds to the JSON property `servicePerimeter`
|
2179
2181
|
# @return [Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter]
|
2180
2182
|
attr_accessor :service_perimeter
|
@@ -2209,9 +2211,9 @@ module Google
|
|
2209
2211
|
# An asset can be any resource in the Google Cloud [resource hierarchy](https://
|
2210
2212
|
# cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), a
|
2211
2213
|
# resource outside the Google Cloud resource hierarchy (such as Google
|
2212
|
-
# Kubernetes Engine clusters and objects), or a policy (e.g.
|
2213
|
-
#
|
2214
|
-
#
|
2214
|
+
# Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). See [
|
2215
|
+
# Supported asset types](https://cloud.google.com/asset-inventory/docs/supported-
|
2216
|
+
# asset-types) for more information.
|
2215
2217
|
class GoogleCloudAssetV1p7beta1RelatedAsset
|
2216
2218
|
include Google::Apis::Core::Hashable
|
2217
2219
|
|
@@ -2350,7 +2352,7 @@ module Google
|
|
2350
2352
|
# The full name of the immediate parent of this resource. See [Resource Names](
|
2351
2353
|
# https://cloud.google.com/apis/design/resource_names#full_resource_name) for
|
2352
2354
|
# more information. For Google Cloud assets, this value is the parent resource
|
2353
|
-
# defined in the [
|
2355
|
+
# defined in the [IAM policy hierarchy](https://cloud.google.com/iam/docs/
|
2354
2356
|
# overview#policy_hierarchy). Example: `//cloudresourcemanager.googleapis.com/
|
2355
2357
|
# projects/my_project_123` For third-party assets, this field may be set
|
2356
2358
|
# differently.
|
@@ -3229,10 +3231,11 @@ module Google
|
|
3229
3231
|
|
3230
3232
|
# A Google Cloud resource that is allowed to ingress the perimeter. Requests
|
3231
3233
|
# from these resources will be allowed to access perimeter data. Currently only
|
3232
|
-
# projects are allowed.
|
3233
|
-
#
|
3234
|
-
#
|
3235
|
-
#
|
3234
|
+
# projects and VPCs are allowed. Project format: `projects/`project_number`` VPC
|
3235
|
+
# network format: `//compute.googleapis.com/projects/`PROJECT_ID`/global/
|
3236
|
+
# networks/`NAME``. The project may be in any Google Cloud organization, not
|
3237
|
+
# just the organization that the perimeter is defined in. `*` is not allowed,
|
3238
|
+
# the case of allowing all Google Cloud resources only is not supported.
|
3236
3239
|
# Corresponds to the JSON property `resource`
|
3237
3240
|
# @return [String]
|
3238
3241
|
attr_accessor :resource
|
@@ -3351,9 +3354,10 @@ module Google
|
|
3351
3354
|
# has a target outside of the `ServicePerimeter`, the request will be blocked.
|
3352
3355
|
# Otherwise the request is allowed. There are two types of Service Perimeter -
|
3353
3356
|
# Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google
|
3354
|
-
# Cloud project can only belong to a single regular Service
|
3355
|
-
# Perimeter Bridges can contain only Google Cloud projects as
|
3356
|
-
# Google Cloud project may belong to multiple Service
|
3357
|
+
# Cloud project or VPC network can only belong to a single regular Service
|
3358
|
+
# Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as
|
3359
|
+
# members, a single Google Cloud project may belong to multiple Service
|
3360
|
+
# Perimeter Bridges.
|
3357
3361
|
class GoogleIdentityAccesscontextmanagerV1ServicePerimeter
|
3358
3362
|
include Google::Apis::Core::Hashable
|
3359
3363
|
|
@@ -3370,11 +3374,11 @@ module Google
|
|
3370
3374
|
# @return [String]
|
3371
3375
|
attr_accessor :name
|
3372
3376
|
|
3373
|
-
# Perimeter type indicator. A single project is allowed to be a
|
3374
|
-
# regular perimeter, but multiple service perimeter bridges. A
|
3375
|
-
# a included in a perimeter bridge without being included in
|
3376
|
-
# For perimeter bridges, the restricted service list as well
|
3377
|
-
# lists must be empty.
|
3377
|
+
# Perimeter type indicator. A single project or VPC network is allowed to be a
|
3378
|
+
# member of single regular perimeter, but multiple service perimeter bridges. A
|
3379
|
+
# project cannot be a included in a perimeter bridge without being included in
|
3380
|
+
# regular perimeter. For perimeter bridges, the restricted service list as well
|
3381
|
+
# as access level lists must be empty.
|
3378
3382
|
# Corresponds to the JSON property `perimeterType`
|
3379
3383
|
# @return [String]
|
3380
3384
|
attr_accessor :perimeter_type
|
@@ -3457,7 +3461,9 @@ module Google
|
|
3457
3461
|
attr_accessor :ingress_policies
|
3458
3462
|
|
3459
3463
|
# A list of Google Cloud resources that are inside of the service perimeter.
|
3460
|
-
# Currently only projects are allowed.
|
3464
|
+
# Currently only projects and VPCs are allowed. Project format: `projects/`
|
3465
|
+
# project_number`` VPC network format: `//compute.googleapis.com/projects/`
|
3466
|
+
# PROJECT_ID`/global/networks/`NAME``.
|
3461
3467
|
# Corresponds to the JSON property `resources`
|
3462
3468
|
# @return [Array<String>]
|
3463
3469
|
attr_accessor :resources
|
@@ -3790,8 +3796,8 @@ module Google
|
|
3790
3796
|
# @return [Google::Apis::CloudassetV1::Policy]
|
3791
3797
|
attr_accessor :policy
|
3792
3798
|
|
3793
|
-
# The project that the associated
|
3794
|
-
# projects/`PROJECT_NUMBER`. If an IAM policy is set on a resource (like VM
|
3799
|
+
# The project that the associated Google Cloud resource belongs to, in the form
|
3800
|
+
# of projects/`PROJECT_NUMBER`. If an IAM policy is set on a resource (like VM
|
3795
3801
|
# instance, Cloud Storage bucket), the project field will indicate the project
|
3796
3802
|
# that contains the resource. If an IAM policy is set on a folder or orgnization,
|
3797
3803
|
# this field will be empty. To search against the `project`: * specify the `
|
@@ -4038,7 +4044,7 @@ module Google
|
|
4038
4044
|
# @return [Google::Apis::CloudassetV1::MoveAnalysisResult]
|
4039
4045
|
attr_accessor :analysis
|
4040
4046
|
|
4041
|
-
# The user friendly display name of the analysis. E.g. IAM,
|
4047
|
+
# The user friendly display name of the analysis. E.g. IAM, organization policy
|
4042
4048
|
# etc.
|
4043
4049
|
# Corresponds to the JSON property `displayName`
|
4044
4050
|
# @return [String]
|
@@ -4182,19 +4188,19 @@ module Google
|
|
4182
4188
|
# Optional. If true, the response will include access analysis from identities
|
4183
4189
|
# to resources via service account impersonation. This is a very expensive
|
4184
4190
|
# operation, because many derived queries will be executed. We highly recommend
|
4185
|
-
# you use AssetService.AnalyzeIamPolicyLongrunning
|
4191
|
+
# you use AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, if
|
4186
4192
|
# the request analyzes for which resources user A has permission P, and there's
|
4187
4193
|
# an IAM policy states user A has iam.serviceAccounts.getAccessToken permission
|
4188
4194
|
# to a service account SA, and there's another IAM policy states service account
|
4189
|
-
# SA has permission P to a
|
4190
|
-
# the
|
4191
|
-
# AnalyzeIamPolicyResponse.service_account_impersonation_analysis.
|
4192
|
-
# example, if the request analyzes for who has permission P to a
|
4193
|
-
# and there's an IAM policy states user A has iam.
|
4194
|
-
# permission to a service account SA, and there's another
|
4195
|
-
# service account SA has permission P to the
|
4196
|
-
# potentially has access to the
|
4197
|
-
# results will be included in AnalyzeIamPolicyResponse.
|
4195
|
+
# SA has permission P to a Google Cloud folder F, then user A potentially has
|
4196
|
+
# access to the Google Cloud folder F. And those advanced analysis results will
|
4197
|
+
# be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis.
|
4198
|
+
# Another example, if the request analyzes for who has permission P to a Google
|
4199
|
+
# Cloud folder F, and there's an IAM policy states user A has iam.
|
4200
|
+
# serviceAccounts.actAs permission to a service account SA, and there's another
|
4201
|
+
# IAM policy states service account SA has permission P to the Google Cloud
|
4202
|
+
# folder F, then user A potentially has access to the Google Cloud folder F. And
|
4203
|
+
# those advanced analysis results will be included in AnalyzeIamPolicyResponse.
|
4198
4204
|
# service_account_impersonation_analysis. Only the following permissions are
|
4199
4205
|
# considered in this analysis: * `iam.serviceAccounts.actAs` * `iam.
|
4200
4206
|
# serviceAccounts.signBlob` * `iam.serviceAccounts.signJwt` * `iam.
|
@@ -4220,17 +4226,18 @@ module Google
|
|
4220
4226
|
# specified, the resource section of the result will expand any resource
|
4221
4227
|
# attached to an IAM policy to include resources lower in the resource hierarchy.
|
4222
4228
|
# For example, if the request analyzes for which resources user A has
|
4223
|
-
# permission P, and the results include an IAM policy with P on a
|
4224
|
-
# the results will also include resources in that folder with permission
|
4225
|
-
# true and IamPolicyAnalysisQuery.resource_selector is specified, the
|
4226
|
-
# section of the result will expand the specified resource to include
|
4227
|
-
# lower in the resource hierarchy. Only project or lower resources are
|
4228
|
-
# Folder and organization
|
4229
|
-
# For example, if the request analyzes for which users have permission P
|
4230
|
-
#
|
4231
|
-
# have permission P on that project or any lower resource. If true,
|
4232
|
-
# max expansion per resource is 1000 for AssetService.
|
4233
|
-
# 100000 for AssetService.AnalyzeIamPolicyLongrunning][].
|
4229
|
+
# permission P, and the results include an IAM policy with P on a Google Cloud
|
4230
|
+
# folder, the results will also include resources in that folder with permission
|
4231
|
+
# P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the
|
4232
|
+
# resource section of the result will expand the specified resource to include
|
4233
|
+
# resources lower in the resource hierarchy. Only project or lower resources are
|
4234
|
+
# supported. Folder and organization resources cannot be used together with this
|
4235
|
+
# option. For example, if the request analyzes for which users have permission P
|
4236
|
+
# on a Google Cloud project with this option enabled, the results will include
|
4237
|
+
# all users who have permission P on that project or any lower resource. If true,
|
4238
|
+
# the default max expansion per resource is 1000 for AssetService.
|
4239
|
+
# AnalyzeIamPolicy][] and 100000 for AssetService.AnalyzeIamPolicyLongrunning][].
|
4240
|
+
# Default is false.
|
4234
4241
|
# Corresponds to the JSON property `expandResources`
|
4235
4242
|
# @return [Boolean]
|
4236
4243
|
attr_accessor :expand_resources
|
@@ -4281,8 +4288,8 @@ module Google
|
|
4281
4288
|
include Google::Apis::Core::Hashable
|
4282
4289
|
|
4283
4290
|
# This organization policy message is a modified version of the one defined in
|
4284
|
-
# the
|
4285
|
-
# original organization policy with some new fields for analysis purpose.
|
4291
|
+
# the Organization Policy system. This message contains several fields defined
|
4292
|
+
# in the original organization policy with some new fields for analysis purpose.
|
4286
4293
|
# Corresponds to the JSON property `consolidatedPolicy`
|
4287
4294
|
# @return [Google::Apis::CloudassetV1::AnalyzerOrgPolicy]
|
4288
4295
|
attr_accessor :consolidated_policy
|
@@ -4807,9 +4814,9 @@ module Google
|
|
4807
4814
|
# ancestors. An asset can be any resource in the Google Cloud [resource
|
4808
4815
|
# hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-
|
4809
4816
|
# resource-hierarchy), a resource outside the Google Cloud resource hierarchy (
|
4810
|
-
# such as Google Kubernetes Engine clusters and objects), or a policy (e.g.
|
4811
|
-
#
|
4812
|
-
#
|
4817
|
+
# such as Google Kubernetes Engine clusters and objects), or a policy (e.g. IAM
|
4818
|
+
# policy). See [Supported asset types](https://cloud.google.com/asset-inventory/
|
4819
|
+
# docs/supported-asset-types) for more information.
|
4813
4820
|
class RelatedAsset
|
4814
4821
|
include Google::Apis::Core::Hashable
|
4815
4822
|
|
@@ -5006,7 +5013,7 @@ module Google
|
|
5006
5013
|
# The full name of the immediate parent of this resource. See [Resource Names](
|
5007
5014
|
# https://cloud.google.com/apis/design/resource_names#full_resource_name) for
|
5008
5015
|
# more information. For Google Cloud assets, this value is the parent resource
|
5009
|
-
# defined in the [
|
5016
|
+
# defined in the [IAM policy hierarchy](https://cloud.google.com/iam/docs/
|
5010
5017
|
# overview#policy_hierarchy). Example: `//cloudresourcemanager.googleapis.com/
|
5011
5018
|
# projects/my_project_123` For third-party assets, this field may be set
|
5012
5019
|
# differently.
|
@@ -5044,7 +5051,7 @@ module Google
|
|
5044
5051
|
end
|
5045
5052
|
|
5046
5053
|
# A result of Resource Search, containing information of a cloud resource. Next
|
5047
|
-
# ID:
|
5054
|
+
# ID: 32
|
5048
5055
|
class ResourceSearchResult
|
5049
5056
|
include Google::Apis::Core::Hashable
|
5050
5057
|
|
@@ -5052,14 +5059,14 @@ module Google
|
|
5052
5059
|
# from one resource type to another. Examples: `projectId` for Project, `dnsName`
|
5053
5060
|
# for DNS ManagedZone. This field contains a subset of the resource metadata
|
5054
5061
|
# fields that are returned by the List or Get APIs provided by the corresponding
|
5055
|
-
#
|
5062
|
+
# Google Cloud service (e.g., Compute Engine). see [API references and supported
|
5056
5063
|
# searchable attributes](https://cloud.google.com/asset-inventory/docs/supported-
|
5057
5064
|
# asset-types#searchable_asset_types) to see which fields are included. You can
|
5058
5065
|
# search values of these fields through free text search. However, you should
|
5059
5066
|
# not consume the field programically as the field names and values may change
|
5060
|
-
# as the
|
5061
|
-
# against the `additional_attributes`: * Use a free text query to match
|
5062
|
-
# attributes values. Example: to search `additional_attributes = ` dnsName: "
|
5067
|
+
# as the Google Cloud service updates to a new incompatible API version. To
|
5068
|
+
# search against the `additional_attributes`: * Use a free text query to match
|
5069
|
+
# the attributes values. Example: to search `additional_attributes = ` dnsName: "
|
5063
5070
|
# foobar" ``, you can issue a query `foobar`.
|
5064
5071
|
# Corresponds to the JSON property `additionalAttributes`
|
5065
5072
|
# @return [Hash<String,Object>]
|
@@ -5122,8 +5129,8 @@ module Google
|
|
5122
5129
|
# projects.locations.keyRings.cryptoKeys) name or [CryptoKeyVersion](https://
|
5123
5130
|
# cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.
|
5124
5131
|
# cryptoKeys.cryptoKeyVersions) name. This field only presents for the purpose
|
5125
|
-
# of backward compatibility. Please use the `kms_keys` field to retrieve
|
5126
|
-
# information. This field is available only when the resource's Protobuf
|
5132
|
+
# of backward compatibility. Please use the `kms_keys` field to retrieve Cloud
|
5133
|
+
# KMS key information. This field is available only when the resource's Protobuf
|
5127
5134
|
# contains it and will only be populated for [these resource types](https://
|
5128
5135
|
# cloud.google.com/asset-inventory/docs/legacy-field-names#
|
5129
5136
|
# resource_types_with_the_to_be_deprecated_kmskey_field) for backward compatible
|
@@ -5143,7 +5150,7 @@ module Google
|
|
5143
5150
|
# @return [Array<String>]
|
5144
5151
|
attr_accessor :kms_keys
|
5145
5152
|
|
5146
|
-
# Labels associated with this resource. See [Labelling and grouping
|
5153
|
+
# Labels associated with this resource. See [Labelling and grouping Google Cloud
|
5147
5154
|
# resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-
|
5148
5155
|
# your-google-cloud-platform-resources) for more information. This field is
|
5149
5156
|
# available only when the resource's Protobuf contains it. To search against the
|
@@ -5174,12 +5181,12 @@ module Google
|
|
5174
5181
|
attr_accessor :name
|
5175
5182
|
|
5176
5183
|
# Network tags associated with this resource. Like labels, network tags are a
|
5177
|
-
# type of annotations used to group
|
5178
|
-
# https://cloud.google.com/blog/products/gcp/labelling-
|
5179
|
-
# cloud-platform-resources) for more information. This
|
5180
|
-
# when the resource's Protobuf contains it. To search
|
5181
|
-
# * Use a field query. Example: `networkTags:
|
5182
|
-
# Example: `internal`
|
5184
|
+
# type of annotations used to group Google Cloud resources. See [Labelling
|
5185
|
+
# Google Cloud resources](https://cloud.google.com/blog/products/gcp/labelling-
|
5186
|
+
# and-grouping-your-google-cloud-platform-resources) for more information. This
|
5187
|
+
# field is available only when the resource's Protobuf contains it. To search
|
5188
|
+
# against the `network_tags`: * Use a field query. Example: `networkTags:
|
5189
|
+
# internal` * Use a free text query. Example: `internal`
|
5183
5190
|
# Corresponds to the JSON property `networkTags`
|
5184
5191
|
# @return [Array<String>]
|
5185
5192
|
attr_accessor :network_tags
|
@@ -5234,7 +5241,7 @@ module Google
|
|
5234
5241
|
# include PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED,
|
5235
5242
|
# REPAIRING, and TERMINATED. See `status` definition in [API Reference](https://
|
5236
5243
|
# cloud.google.com/compute/docs/reference/rest/v1/instances). If the resource is
|
5237
|
-
# a project provided by
|
5244
|
+
# a project provided by Resource Manager, its state will include
|
5238
5245
|
# LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED and DELETE_IN_PROGRESS.
|
5239
5246
|
# See `lifecycleState` definition in [API Reference](https://cloud.google.com/
|
5240
5247
|
# resource-manager/reference/rest/v1/projects). To search against the `state`: *
|
@@ -5424,8 +5431,8 @@ module Google
|
|
5424
5431
|
# @return [String]
|
5425
5432
|
attr_accessor :next_page_token
|
5426
5433
|
|
5427
|
-
# A list of
|
5428
|
-
# the associated resource is returned along with the policy.
|
5434
|
+
# A list of IAM policies that match the search query. Related information such
|
5435
|
+
# as the associated resource is returned along with the policy.
|
5429
5436
|
# Corresponds to the JSON property `results`
|
5430
5437
|
# @return [Array<Google::Apis::CloudassetV1::IamPolicySearchResult>]
|
5431
5438
|
attr_accessor :results
|
@@ -5658,7 +5665,7 @@ module Google
|
|
5658
5665
|
# resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-
|
5659
5666
|
# platform-resource-hierarchy), a resource outside the Google Cloud resource
|
5660
5667
|
# hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy
|
5661
|
-
# (e.g.
|
5668
|
+
# (e.g. IAM policy), or a relationship (e.g. an INSTANCE_TO_INSTANCEGROUP
|
5662
5669
|
# relationship). See [Supported asset types](https://cloud.google.com/asset-
|
5663
5670
|
# inventory/docs/supported-asset-types) for more information.
|
5664
5671
|
# Corresponds to the JSON property `asset`
|
@@ -5675,7 +5682,7 @@ module Google
|
|
5675
5682
|
# resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-
|
5676
5683
|
# platform-resource-hierarchy), a resource outside the Google Cloud resource
|
5677
5684
|
# hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy
|
5678
|
-
# (e.g.
|
5685
|
+
# (e.g. IAM policy), or a relationship (e.g. an INSTANCE_TO_INSTANCEGROUP
|
5679
5686
|
# relationship). See [Supported asset types](https://cloud.google.com/asset-
|
5680
5687
|
# inventory/docs/supported-asset-types) for more information.
|
5681
5688
|
# Corresponds to the JSON property `priorAsset`
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module CloudassetV1
|
18
18
|
# Version of the google-apis-cloudasset_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.53.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
|
-
GENERATOR_VERSION = "0.11.
|
22
|
+
GENERATOR_VERSION = "0.11.1"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20230204"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
@@ -22,7 +22,8 @@ module Google
|
|
22
22
|
module CloudassetV1
|
23
23
|
# Cloud Asset API
|
24
24
|
#
|
25
|
-
# The
|
25
|
+
# The Cloud Asset API manages the history and inventory of Google Cloud
|
26
|
+
# resources.
|
26
27
|
#
|
27
28
|
# @example
|
28
29
|
# require 'google/apis/cloudasset_v1'
|
@@ -387,8 +388,8 @@ module Google
|
|
387
388
|
# @param [String] saved_query_id
|
388
389
|
# Required. The ID to use for the saved query, which must be unique in the
|
389
390
|
# specified parent. It will become the final component of the saved query's
|
390
|
-
# resource name. This value should be 4-63 characters, and valid characters are
|
391
|
-
# a-z
|
391
|
+
# resource name. This value should be 4-63 characters, and valid characters are `
|
392
|
+
# a-z-`. Notice that this field is required in the saved query creation, and the
|
392
393
|
# `name` field of the `saved_query` will be ignored.
|
393
394
|
# @param [String] fields
|
394
395
|
# Selector specifying which fields to include in a partial response.
|
@@ -607,19 +608,19 @@ module Google
|
|
607
608
|
# Optional. If true, the response will include access analysis from identities
|
608
609
|
# to resources via service account impersonation. This is a very expensive
|
609
610
|
# operation, because many derived queries will be executed. We highly recommend
|
610
|
-
# you use AssetService.AnalyzeIamPolicyLongrunning
|
611
|
+
# you use AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, if
|
611
612
|
# the request analyzes for which resources user A has permission P, and there's
|
612
613
|
# an IAM policy states user A has iam.serviceAccounts.getAccessToken permission
|
613
614
|
# to a service account SA, and there's another IAM policy states service account
|
614
|
-
# SA has permission P to a
|
615
|
-
# the
|
616
|
-
# AnalyzeIamPolicyResponse.service_account_impersonation_analysis.
|
617
|
-
# example, if the request analyzes for who has permission P to a
|
618
|
-
# and there's an IAM policy states user A has iam.
|
619
|
-
# permission to a service account SA, and there's another
|
620
|
-
# service account SA has permission P to the
|
621
|
-
# potentially has access to the
|
622
|
-
# results will be included in AnalyzeIamPolicyResponse.
|
615
|
+
# SA has permission P to a Google Cloud folder F, then user A potentially has
|
616
|
+
# access to the Google Cloud folder F. And those advanced analysis results will
|
617
|
+
# be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis.
|
618
|
+
# Another example, if the request analyzes for who has permission P to a Google
|
619
|
+
# Cloud folder F, and there's an IAM policy states user A has iam.
|
620
|
+
# serviceAccounts.actAs permission to a service account SA, and there's another
|
621
|
+
# IAM policy states service account SA has permission P to the Google Cloud
|
622
|
+
# folder F, then user A potentially has access to the Google Cloud folder F. And
|
623
|
+
# those advanced analysis results will be included in AnalyzeIamPolicyResponse.
|
623
624
|
# service_account_impersonation_analysis. Only the following permissions are
|
624
625
|
# considered in this analysis: * `iam.serviceAccounts.actAs` * `iam.
|
625
626
|
# serviceAccounts.signBlob` * `iam.serviceAccounts.signJwt` * `iam.
|
@@ -637,17 +638,18 @@ module Google
|
|
637
638
|
# specified, the resource section of the result will expand any resource
|
638
639
|
# attached to an IAM policy to include resources lower in the resource hierarchy.
|
639
640
|
# For example, if the request analyzes for which resources user A has
|
640
|
-
# permission P, and the results include an IAM policy with P on a
|
641
|
-
# the results will also include resources in that folder with permission
|
642
|
-
# true and IamPolicyAnalysisQuery.resource_selector is specified, the
|
643
|
-
# section of the result will expand the specified resource to include
|
644
|
-
# lower in the resource hierarchy. Only project or lower resources are
|
645
|
-
# Folder and organization
|
646
|
-
# For example, if the request analyzes for which users have permission P
|
647
|
-
#
|
648
|
-
# have permission P on that project or any lower resource. If true,
|
649
|
-
# max expansion per resource is 1000 for AssetService.
|
650
|
-
# 100000 for AssetService.AnalyzeIamPolicyLongrunning][].
|
641
|
+
# permission P, and the results include an IAM policy with P on a Google Cloud
|
642
|
+
# folder, the results will also include resources in that folder with permission
|
643
|
+
# P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the
|
644
|
+
# resource section of the result will expand the specified resource to include
|
645
|
+
# resources lower in the resource hierarchy. Only project or lower resources are
|
646
|
+
# supported. Folder and organization resources cannot be used together with this
|
647
|
+
# option. For example, if the request analyzes for which users have permission P
|
648
|
+
# on a Google Cloud project with this option enabled, the results will include
|
649
|
+
# all users who have permission P on that project or any lower resource. If true,
|
650
|
+
# the default max expansion per resource is 1000 for AssetService.
|
651
|
+
# AnalyzeIamPolicy][] and 100000 for AssetService.AnalyzeIamPolicyLongrunning][].
|
652
|
+
# Default is false.
|
651
653
|
# @param [Boolean] analysis_query_options_expand_roles
|
652
654
|
# Optional. If true, the access section of result will expand any roles
|
653
655
|
# appearing in IAM policy bindings to include their permissions. If
|
@@ -780,14 +782,15 @@ module Google
|
|
780
782
|
# and configuration are subject to change before the actual resource migration
|
781
783
|
# takes place.
|
782
784
|
# @param [String] resource
|
783
|
-
# Required. Name of the resource to perform the analysis against. Only
|
784
|
-
#
|
785
|
-
# "projects/my-project-id") or a
|
785
|
+
# Required. Name of the resource to perform the analysis against. Only Google
|
786
|
+
# Cloud projects are supported as of today. Hence, this can only be a project ID
|
787
|
+
# (such as "projects/my-project-id") or a project number (such as "projects/
|
788
|
+
# 12345").
|
786
789
|
# @param [String] destination_parent
|
787
|
-
# Required. Name of the
|
788
|
-
# resource. The analysis will be performed against hypothetically moving
|
789
|
-
# resource to this specified desitination parent. This can only be a
|
790
|
-
# number (such as "folders/123") or an
|
790
|
+
# Required. Name of the Google Cloud folder or organization to reparent the
|
791
|
+
# target resource. The analysis will be performed against hypothetically moving
|
792
|
+
# the resource to this specified desitination parent. This can only be a folder
|
793
|
+
# number (such as "folders/123") or an organization number (such as "
|
791
794
|
# organizations/123").
|
792
795
|
# @param [String] view
|
793
796
|
# Analysis view indicating what information should be included in the analysis
|
@@ -873,9 +876,9 @@ module Google
|
|
873
876
|
execute_or_queue_command(command, &block)
|
874
877
|
end
|
875
878
|
|
876
|
-
# Analyzes organization policies governed assets (
|
877
|
-
# under a scope. This RPC supports custom constraints and the
|
878
|
-
# canned constraints: * storage.uniformBucketLevelAccess * iam.
|
879
|
+
# Analyzes organization policies governed assets (Google Cloud resources or
|
880
|
+
# policies) under a scope. This RPC supports custom constraints and the
|
881
|
+
# following 10 canned constraints: * storage.uniformBucketLevelAccess * iam.
|
879
882
|
# disableServiceAccountKeyCreation * iam.allowedPolicyMemberDomains * compute.
|
880
883
|
# vmExternalIpAccess * appengine.enforceServiceAccountActAsCheck * gcp.
|
881
884
|
# resourceLocations * compute.trustedImageProjects * compute.
|
@@ -1194,16 +1197,16 @@ module Google
|
|
1194
1197
|
# google.com/asset-inventory/docs/searching-iam-policies#
|
1195
1198
|
# how_to_construct_a_query) for more information. If not specified or empty, it
|
1196
1199
|
# will search all the IAM policies within the specified `scope`. Note that the
|
1197
|
-
# query string is compared against each
|
1198
|
-
# principals, roles, and
|
1199
|
-
#
|
1200
|
-
#
|
1201
|
-
#
|
1202
|
-
#
|
1203
|
-
#
|
1204
|
-
#
|
1205
|
-
#
|
1206
|
-
#
|
1200
|
+
# query string is compared against each IAM policy binding, including its
|
1201
|
+
# principals, roles, and IAM conditions. The returned IAM policies will only
|
1202
|
+
# contain the bindings that match your query. To learn more about the IAM policy
|
1203
|
+
# structure, see the [IAM policy documentation](https://cloud.google.com/iam/
|
1204
|
+
# help/allow-policies/structure). Examples: * `policy:amy@gmail.com` to find IAM
|
1205
|
+
# policy bindings that specify user "amy@gmail.com". * `policy:roles/compute.
|
1206
|
+
# admin` to find IAM policy bindings that specify the Compute Admin role. * `
|
1207
|
+
# policy:comp*` to find IAM policy bindings that contain "comp" as a prefix of
|
1208
|
+
# any word in the binding. * `policy.role.permissions:storage.buckets.update` to
|
1209
|
+
# find IAM policy bindings that specify a role containing "storage.buckets.
|
1207
1210
|
# update" permission. Note that if callers don't have `iam.roles.get` access to
|
1208
1211
|
# a role's included permissions, policy bindings that specify this role will be
|
1209
1212
|
# dropped from the search results. * `policy.role.permissions:upd*` to find IAM
|
@@ -1253,10 +1256,10 @@ module Google
|
|
1253
1256
|
execute_or_queue_command(command, &block)
|
1254
1257
|
end
|
1255
1258
|
|
1256
|
-
# Searches all Cloud resources within the specified scope, such as a
|
1257
|
-
# folder, or organization. The caller must be granted the `cloudasset.
|
1258
|
-
# searchAllResources` permission on the desired scope, otherwise the
|
1259
|
-
# will be rejected.
|
1259
|
+
# Searches all Google Cloud resources within the specified scope, such as a
|
1260
|
+
# project, folder, or organization. The caller must be granted the `cloudasset.
|
1261
|
+
# assets.searchAllResources` permission on the desired scope, otherwise the
|
1262
|
+
# request will be rejected.
|
1260
1263
|
# @param [String] scope
|
1261
1264
|
# Required. A scope can be a project, a folder, or an organization. The search
|
1262
1265
|
# is limited to the resources within the `scope`. The caller must be granted the
|
@@ -1302,38 +1305,40 @@ module Google
|
|
1302
1305
|
# google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query)
|
1303
1306
|
# for more information. If not specified or empty, it will search all the
|
1304
1307
|
# resources within the specified `scope`. Examples: * `name:Important` to find
|
1305
|
-
# Cloud resources whose name contains "Important" as a word. * `name=
|
1306
|
-
# to find the Cloud resource whose name is exactly "Important".
|
1307
|
-
# Impor*` to find Cloud resources whose display name
|
1308
|
-
# prefix of any word in the field. * `location:us-west*`
|
1309
|
-
# whose location contains both "us" and "west" as
|
1310
|
-
# find Cloud resources whose labels contain "
|
1311
|
-
#
|
1312
|
-
#
|
1313
|
-
# kmsKey:key` to find
|
1314
|
-
#
|
1315
|
-
#
|
1316
|
-
# to
|
1317
|
-
#
|
1318
|
-
#
|
1319
|
-
#
|
1320
|
-
#
|
1321
|
-
# relationships
|
1322
|
-
#
|
1323
|
-
#
|
1324
|
-
#
|
1325
|
-
#
|
1326
|
-
# "ACTIVE" as a word. * `
|
1327
|
-
#
|
1328
|
-
#
|
1329
|
-
#
|
1330
|
-
#
|
1331
|
-
#
|
1332
|
-
# of
|
1308
|
+
# Google Cloud resources whose name contains "Important" as a word. * `name=
|
1309
|
+
# Important` to find the Google Cloud resource whose name is exactly "Important".
|
1310
|
+
# * `displayName:Impor*` to find Google Cloud resources whose display name
|
1311
|
+
# contains "Impor" as a prefix of any word in the field. * `location:us-west*`
|
1312
|
+
# to find Google Cloud resources whose location contains both "us" and "west" as
|
1313
|
+
# prefixes. * `labels:prod` to find Google Cloud resources whose labels contain "
|
1314
|
+
# prod" as a key or value. * `labels.env:prod` to find Google Cloud resources
|
1315
|
+
# that have a label "env" and its value is "prod". * `labels.env:*` to find
|
1316
|
+
# Google Cloud resources that have a label "env". * `kmsKey:key` to find Google
|
1317
|
+
# Cloud resources encrypted with a customer-managed encryption key whose name
|
1318
|
+
# contains "key" as a word. This field is deprecated. Please use the `kmsKeys`
|
1319
|
+
# field to retrieve Cloud KMS key information. * `kmsKeys:key` to find Google
|
1320
|
+
# Cloud resources encrypted with customer-managed encryption keys whose name
|
1321
|
+
# contains the word "key". * `relationships:instance-group-1` to find Google
|
1322
|
+
# Cloud resources that have relationships with "instance-group-1" in the related
|
1323
|
+
# resource name. * `relationships:INSTANCE_TO_INSTANCEGROUP` to find Compute
|
1324
|
+
# Engine instances that have relationships of type "INSTANCE_TO_INSTANCEGROUP". *
|
1325
|
+
# `relationships.INSTANCE_TO_INSTANCEGROUP:instance-group-1` to find Compute
|
1326
|
+
# Engine instances that have relationships with "instance-group-1" in the
|
1327
|
+
# Compute Engine instance group resource name, for relationship type "
|
1328
|
+
# INSTANCE_TO_INSTANCEGROUP". * `state:ACTIVE` to find Google Cloud resources
|
1329
|
+
# whose state contains "ACTIVE" as a word. * `NOT state:ACTIVE` to find Google
|
1330
|
+
# Cloud resources whose state doesn't contain "ACTIVE" as a word. * `createTime<
|
1331
|
+
# 1609459200` to find Google Cloud resources that were created before "2021-01-
|
1332
|
+
# 01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00
|
1333
|
+
# UTC" in seconds. * `updateTime>1609459200` to find Google Cloud resources that
|
1334
|
+
# were updated after "2021-01-01 00:00:00 UTC". 1609459200 is the epoch
|
1335
|
+
# timestamp of "2021-01-01 00:00:00 UTC" in seconds. * `Important` to find
|
1336
|
+
# Google Cloud resources that contain "Important" as a word in any of the
|
1337
|
+
# searchable fields. * `Impor*` to find Google Cloud resources that contain "
|
1333
1338
|
# Impor" as a prefix of any word in any of the searchable fields. * `Important
|
1334
|
-
# location:(us-west1 OR global)` to find Cloud resources that contain "
|
1335
|
-
# as a word in any of the searchable fields and are also located in
|
1336
|
-
# west1" region or the "global" location.
|
1339
|
+
# location:(us-west1 OR global)` to find Google Cloud resources that contain "
|
1340
|
+
# Important" as a word in any of the searchable fields and are also located in
|
1341
|
+
# the "us-west1" region or the "global" location.
|
1337
1342
|
# @param [String] read_mask
|
1338
1343
|
# Optional. A comma-separated list of fields specifying which fields to be
|
1339
1344
|
# returned in ResourceSearchResult. Only '*' or combination of top level fields
|
@@ -1343,11 +1348,11 @@ module Google
|
|
1343
1348
|
# camelCase are supported): * name * assetType * project * displayName *
|
1344
1349
|
# description * location * tagKeys * tagValues * tagValueIds * labels *
|
1345
1350
|
# networkTags * kmsKey (This field is deprecated. Please use the `kmsKeys` field
|
1346
|
-
# to retrieve KMS key information.) * kmsKeys * createTime * updateTime *
|
1347
|
-
# additionalAttributes * versionedResources If read_mask is not
|
1348
|
-
# fields except versionedResources will be returned. If only '*'
|
1349
|
-
# all fields including versionedResources will be returned. Any
|
1350
|
-
# path will trigger INVALID_ARGUMENT error.
|
1351
|
+
# to retrieve Cloud KMS key information.) * kmsKeys * createTime * updateTime *
|
1352
|
+
# state * additionalAttributes * versionedResources If read_mask is not
|
1353
|
+
# specified, all fields except versionedResources will be returned. If only '*'
|
1354
|
+
# is specified, all fields including versionedResources will be returned. Any
|
1355
|
+
# invalid field path will trigger INVALID_ARGUMENT error.
|
1351
1356
|
# @param [String] fields
|
1352
1357
|
# Selector specifying which fields to include in a partial response.
|
1353
1358
|
# @param [String] quota_user
|
@@ -21,7 +21,8 @@ module Google
|
|
21
21
|
module Apis
|
22
22
|
# Cloud Asset API
|
23
23
|
#
|
24
|
-
# The
|
24
|
+
# The Cloud Asset API manages the history and inventory of Google Cloud
|
25
|
+
# resources.
|
25
26
|
#
|
26
27
|
# @see https://cloud.google.com/asset-inventory/docs/quickstart
|
27
28
|
module CloudassetV1
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-cloudasset_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.53.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-02-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -58,7 +58,7 @@ licenses:
|
|
58
58
|
metadata:
|
59
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
60
60
|
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1/CHANGELOG.md
|
61
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudasset_v1/v0.53.0
|
62
62
|
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudasset_v1
|
63
63
|
post_install_message:
|
64
64
|
rdoc_options: []
|
@@ -75,7 +75,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
75
75
|
- !ruby/object:Gem::Version
|
76
76
|
version: '0'
|
77
77
|
requirements: []
|
78
|
-
rubygems_version: 3.
|
78
|
+
rubygems_version: 3.4.2
|
79
79
|
signing_key:
|
80
80
|
specification_version: 4
|
81
81
|
summary: Simple REST client for Cloud Asset API V1
|