google-apis-cloudasset_v1p4beta1 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.yardopts +13 -0
- data/CHANGELOG.md +7 -0
- data/LICENSE.md +202 -0
- data/OVERVIEW.md +96 -0
- data/lib/google-apis-cloudasset_v1p4beta1.rb +15 -0
- data/lib/google/apis/cloudasset_v1p4beta1.rb +36 -0
- data/lib/google/apis/cloudasset_v1p4beta1/classes.rb +887 -0
- data/lib/google/apis/cloudasset_v1p4beta1/gem_version.rb +28 -0
- data/lib/google/apis/cloudasset_v1p4beta1/representations.rb +377 -0
- data/lib/google/apis/cloudasset_v1p4beta1/service.rb +226 -0
- metadata +76 -0
@@ -0,0 +1,28 @@
|
|
1
|
+
# Copyright 2020 Google LLC
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
module Google
|
16
|
+
module Apis
|
17
|
+
module CloudassetV1p4beta1
|
18
|
+
# Version of the google-apis-cloudasset_v1p4beta1 gem
|
19
|
+
GEM_VERSION = "0.1.0"
|
20
|
+
|
21
|
+
# Version of the code generator used to generate this client
|
22
|
+
GENERATOR_VERSION = "0.1.1"
|
23
|
+
|
24
|
+
# Revision of the discovery document this client was generated from
|
25
|
+
REVISION = "20201106"
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,377 @@
|
|
1
|
+
# Copyright 2020 Google LLC
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require 'date'
|
16
|
+
require 'google/apis/core/base_service'
|
17
|
+
require 'google/apis/core/json_representation'
|
18
|
+
require 'google/apis/core/hashable'
|
19
|
+
require 'google/apis/errors'
|
20
|
+
|
21
|
+
module Google
|
22
|
+
module Apis
|
23
|
+
module CloudassetV1p4beta1
|
24
|
+
|
25
|
+
class AccessSelector
|
26
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
27
|
+
|
28
|
+
include Google::Apis::Core::JsonObjectSupport
|
29
|
+
end
|
30
|
+
|
31
|
+
class AnalyzeIamPolicyResponse
|
32
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
33
|
+
|
34
|
+
include Google::Apis::Core::JsonObjectSupport
|
35
|
+
end
|
36
|
+
|
37
|
+
class Binding
|
38
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
39
|
+
|
40
|
+
include Google::Apis::Core::JsonObjectSupport
|
41
|
+
end
|
42
|
+
|
43
|
+
class ExportIamPolicyAnalysisRequest
|
44
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
45
|
+
|
46
|
+
include Google::Apis::Core::JsonObjectSupport
|
47
|
+
end
|
48
|
+
|
49
|
+
class Expr
|
50
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
51
|
+
|
52
|
+
include Google::Apis::Core::JsonObjectSupport
|
53
|
+
end
|
54
|
+
|
55
|
+
class GcsDestination
|
56
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
57
|
+
|
58
|
+
include Google::Apis::Core::JsonObjectSupport
|
59
|
+
end
|
60
|
+
|
61
|
+
class GoogleCloudAssetV1p4beta1Access
|
62
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
63
|
+
|
64
|
+
include Google::Apis::Core::JsonObjectSupport
|
65
|
+
end
|
66
|
+
|
67
|
+
class GoogleCloudAssetV1p4beta1AccessControlList
|
68
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
69
|
+
|
70
|
+
include Google::Apis::Core::JsonObjectSupport
|
71
|
+
end
|
72
|
+
|
73
|
+
class GoogleCloudAssetV1p4beta1AnalysisState
|
74
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
75
|
+
|
76
|
+
include Google::Apis::Core::JsonObjectSupport
|
77
|
+
end
|
78
|
+
|
79
|
+
class GoogleCloudAssetV1p4beta1Edge
|
80
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
81
|
+
|
82
|
+
include Google::Apis::Core::JsonObjectSupport
|
83
|
+
end
|
84
|
+
|
85
|
+
class GoogleCloudAssetV1p4beta1Identity
|
86
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
87
|
+
|
88
|
+
include Google::Apis::Core::JsonObjectSupport
|
89
|
+
end
|
90
|
+
|
91
|
+
class GoogleCloudAssetV1p4beta1IdentityList
|
92
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
93
|
+
|
94
|
+
include Google::Apis::Core::JsonObjectSupport
|
95
|
+
end
|
96
|
+
|
97
|
+
class GoogleCloudAssetV1p4beta1Resource
|
98
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
99
|
+
|
100
|
+
include Google::Apis::Core::JsonObjectSupport
|
101
|
+
end
|
102
|
+
|
103
|
+
class IamPolicyAnalysis
|
104
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
105
|
+
|
106
|
+
include Google::Apis::Core::JsonObjectSupport
|
107
|
+
end
|
108
|
+
|
109
|
+
class IamPolicyAnalysisOutputConfig
|
110
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
111
|
+
|
112
|
+
include Google::Apis::Core::JsonObjectSupport
|
113
|
+
end
|
114
|
+
|
115
|
+
class IamPolicyAnalysisQuery
|
116
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
117
|
+
|
118
|
+
include Google::Apis::Core::JsonObjectSupport
|
119
|
+
end
|
120
|
+
|
121
|
+
class IamPolicyAnalysisResult
|
122
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
123
|
+
|
124
|
+
include Google::Apis::Core::JsonObjectSupport
|
125
|
+
end
|
126
|
+
|
127
|
+
class IdentitySelector
|
128
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
129
|
+
|
130
|
+
include Google::Apis::Core::JsonObjectSupport
|
131
|
+
end
|
132
|
+
|
133
|
+
class Operation
|
134
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
135
|
+
|
136
|
+
include Google::Apis::Core::JsonObjectSupport
|
137
|
+
end
|
138
|
+
|
139
|
+
class Options
|
140
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
141
|
+
|
142
|
+
include Google::Apis::Core::JsonObjectSupport
|
143
|
+
end
|
144
|
+
|
145
|
+
class ResourceSelector
|
146
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
147
|
+
|
148
|
+
include Google::Apis::Core::JsonObjectSupport
|
149
|
+
end
|
150
|
+
|
151
|
+
class Status
|
152
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
153
|
+
|
154
|
+
include Google::Apis::Core::JsonObjectSupport
|
155
|
+
end
|
156
|
+
|
157
|
+
class AccessSelector
|
158
|
+
# @private
|
159
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
160
|
+
collection :permissions, as: 'permissions'
|
161
|
+
collection :roles, as: 'roles'
|
162
|
+
end
|
163
|
+
end
|
164
|
+
|
165
|
+
class AnalyzeIamPolicyResponse
|
166
|
+
# @private
|
167
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
168
|
+
property :fully_explored, as: 'fullyExplored'
|
169
|
+
property :main_analysis, as: 'mainAnalysis', class: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysis, decorator: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysis::Representation
|
170
|
+
|
171
|
+
collection :non_critical_errors, as: 'nonCriticalErrors', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState::Representation
|
172
|
+
|
173
|
+
collection :service_account_impersonation_analysis, as: 'serviceAccountImpersonationAnalysis', class: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysis, decorator: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysis::Representation
|
174
|
+
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
class Binding
|
179
|
+
# @private
|
180
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
181
|
+
property :condition, as: 'condition', class: Google::Apis::CloudassetV1p4beta1::Expr, decorator: Google::Apis::CloudassetV1p4beta1::Expr::Representation
|
182
|
+
|
183
|
+
collection :members, as: 'members'
|
184
|
+
property :role, as: 'role'
|
185
|
+
end
|
186
|
+
end
|
187
|
+
|
188
|
+
class ExportIamPolicyAnalysisRequest
|
189
|
+
# @private
|
190
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
191
|
+
property :analysis_query, as: 'analysisQuery', class: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisQuery, decorator: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisQuery::Representation
|
192
|
+
|
193
|
+
property :options, as: 'options', class: Google::Apis::CloudassetV1p4beta1::Options, decorator: Google::Apis::CloudassetV1p4beta1::Options::Representation
|
194
|
+
|
195
|
+
property :output_config, as: 'outputConfig', class: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisOutputConfig, decorator: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisOutputConfig::Representation
|
196
|
+
|
197
|
+
end
|
198
|
+
end
|
199
|
+
|
200
|
+
class Expr
|
201
|
+
# @private
|
202
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
203
|
+
property :description, as: 'description'
|
204
|
+
property :expression, as: 'expression'
|
205
|
+
property :location, as: 'location'
|
206
|
+
property :title, as: 'title'
|
207
|
+
end
|
208
|
+
end
|
209
|
+
|
210
|
+
class GcsDestination
|
211
|
+
# @private
|
212
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
213
|
+
property :uri, as: 'uri'
|
214
|
+
end
|
215
|
+
end
|
216
|
+
|
217
|
+
class GoogleCloudAssetV1p4beta1Access
|
218
|
+
# @private
|
219
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
220
|
+
property :analysis_state, as: 'analysisState', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState::Representation
|
221
|
+
|
222
|
+
property :permission, as: 'permission'
|
223
|
+
property :role, as: 'role'
|
224
|
+
end
|
225
|
+
end
|
226
|
+
|
227
|
+
class GoogleCloudAssetV1p4beta1AccessControlList
|
228
|
+
# @private
|
229
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
230
|
+
collection :accesses, as: 'accesses', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Access, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Access::Representation
|
231
|
+
|
232
|
+
collection :resource_edges, as: 'resourceEdges', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Edge, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Edge::Representation
|
233
|
+
|
234
|
+
collection :resources, as: 'resources', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Resource, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Resource::Representation
|
235
|
+
|
236
|
+
end
|
237
|
+
end
|
238
|
+
|
239
|
+
class GoogleCloudAssetV1p4beta1AnalysisState
|
240
|
+
# @private
|
241
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
242
|
+
property :cause, as: 'cause'
|
243
|
+
property :code, as: 'code'
|
244
|
+
end
|
245
|
+
end
|
246
|
+
|
247
|
+
class GoogleCloudAssetV1p4beta1Edge
|
248
|
+
# @private
|
249
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
250
|
+
property :source_node, as: 'sourceNode'
|
251
|
+
property :target_node, as: 'targetNode'
|
252
|
+
end
|
253
|
+
end
|
254
|
+
|
255
|
+
class GoogleCloudAssetV1p4beta1Identity
|
256
|
+
# @private
|
257
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
258
|
+
property :analysis_state, as: 'analysisState', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState::Representation
|
259
|
+
|
260
|
+
property :name, as: 'name'
|
261
|
+
end
|
262
|
+
end
|
263
|
+
|
264
|
+
class GoogleCloudAssetV1p4beta1IdentityList
|
265
|
+
# @private
|
266
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
267
|
+
collection :group_edges, as: 'groupEdges', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Edge, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Edge::Representation
|
268
|
+
|
269
|
+
collection :identities, as: 'identities', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Identity, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1Identity::Representation
|
270
|
+
|
271
|
+
end
|
272
|
+
end
|
273
|
+
|
274
|
+
class GoogleCloudAssetV1p4beta1Resource
|
275
|
+
# @private
|
276
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
277
|
+
property :analysis_state, as: 'analysisState', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AnalysisState::Representation
|
278
|
+
|
279
|
+
property :full_resource_name, as: 'fullResourceName'
|
280
|
+
end
|
281
|
+
end
|
282
|
+
|
283
|
+
class IamPolicyAnalysis
|
284
|
+
# @private
|
285
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
286
|
+
property :analysis_query, as: 'analysisQuery', class: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisQuery, decorator: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisQuery::Representation
|
287
|
+
|
288
|
+
collection :analysis_results, as: 'analysisResults', class: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisResult, decorator: Google::Apis::CloudassetV1p4beta1::IamPolicyAnalysisResult::Representation
|
289
|
+
|
290
|
+
property :fully_explored, as: 'fullyExplored'
|
291
|
+
end
|
292
|
+
end
|
293
|
+
|
294
|
+
class IamPolicyAnalysisOutputConfig
|
295
|
+
# @private
|
296
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
297
|
+
property :gcs_destination, as: 'gcsDestination', class: Google::Apis::CloudassetV1p4beta1::GcsDestination, decorator: Google::Apis::CloudassetV1p4beta1::GcsDestination::Representation
|
298
|
+
|
299
|
+
end
|
300
|
+
end
|
301
|
+
|
302
|
+
class IamPolicyAnalysisQuery
|
303
|
+
# @private
|
304
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
305
|
+
property :access_selector, as: 'accessSelector', class: Google::Apis::CloudassetV1p4beta1::AccessSelector, decorator: Google::Apis::CloudassetV1p4beta1::AccessSelector::Representation
|
306
|
+
|
307
|
+
property :identity_selector, as: 'identitySelector', class: Google::Apis::CloudassetV1p4beta1::IdentitySelector, decorator: Google::Apis::CloudassetV1p4beta1::IdentitySelector::Representation
|
308
|
+
|
309
|
+
property :parent, as: 'parent'
|
310
|
+
property :resource_selector, as: 'resourceSelector', class: Google::Apis::CloudassetV1p4beta1::ResourceSelector, decorator: Google::Apis::CloudassetV1p4beta1::ResourceSelector::Representation
|
311
|
+
|
312
|
+
end
|
313
|
+
end
|
314
|
+
|
315
|
+
class IamPolicyAnalysisResult
|
316
|
+
# @private
|
317
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
318
|
+
collection :access_control_lists, as: 'accessControlLists', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AccessControlList, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1AccessControlList::Representation
|
319
|
+
|
320
|
+
property :attached_resource_full_name, as: 'attachedResourceFullName'
|
321
|
+
property :fully_explored, as: 'fullyExplored'
|
322
|
+
property :iam_binding, as: 'iamBinding', class: Google::Apis::CloudassetV1p4beta1::Binding, decorator: Google::Apis::CloudassetV1p4beta1::Binding::Representation
|
323
|
+
|
324
|
+
property :identity_list, as: 'identityList', class: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1IdentityList, decorator: Google::Apis::CloudassetV1p4beta1::GoogleCloudAssetV1p4beta1IdentityList::Representation
|
325
|
+
|
326
|
+
end
|
327
|
+
end
|
328
|
+
|
329
|
+
class IdentitySelector
|
330
|
+
# @private
|
331
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
332
|
+
property :identity, as: 'identity'
|
333
|
+
end
|
334
|
+
end
|
335
|
+
|
336
|
+
class Operation
|
337
|
+
# @private
|
338
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
339
|
+
property :done, as: 'done'
|
340
|
+
property :error, as: 'error', class: Google::Apis::CloudassetV1p4beta1::Status, decorator: Google::Apis::CloudassetV1p4beta1::Status::Representation
|
341
|
+
|
342
|
+
hash :metadata, as: 'metadata'
|
343
|
+
property :name, as: 'name'
|
344
|
+
hash :response, as: 'response'
|
345
|
+
end
|
346
|
+
end
|
347
|
+
|
348
|
+
class Options
|
349
|
+
# @private
|
350
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
351
|
+
property :analyze_service_account_impersonation, as: 'analyzeServiceAccountImpersonation'
|
352
|
+
property :expand_groups, as: 'expandGroups'
|
353
|
+
property :expand_resources, as: 'expandResources'
|
354
|
+
property :expand_roles, as: 'expandRoles'
|
355
|
+
property :output_group_edges, as: 'outputGroupEdges'
|
356
|
+
property :output_resource_edges, as: 'outputResourceEdges'
|
357
|
+
end
|
358
|
+
end
|
359
|
+
|
360
|
+
class ResourceSelector
|
361
|
+
# @private
|
362
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
363
|
+
property :full_resource_name, as: 'fullResourceName'
|
364
|
+
end
|
365
|
+
end
|
366
|
+
|
367
|
+
class Status
|
368
|
+
# @private
|
369
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
370
|
+
property :code, as: 'code'
|
371
|
+
collection :details, as: 'details'
|
372
|
+
property :message, as: 'message'
|
373
|
+
end
|
374
|
+
end
|
375
|
+
end
|
376
|
+
end
|
377
|
+
end
|
@@ -0,0 +1,226 @@
|
|
1
|
+
# Copyright 2020 Google LLC
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require 'google/apis/core/base_service'
|
16
|
+
require 'google/apis/core/json_representation'
|
17
|
+
require 'google/apis/core/hashable'
|
18
|
+
require 'google/apis/errors'
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Apis
|
22
|
+
module CloudassetV1p4beta1
|
23
|
+
# Cloud Asset API
|
24
|
+
#
|
25
|
+
# The cloud asset API manages the history and inventory of cloud resources.
|
26
|
+
#
|
27
|
+
# @example
|
28
|
+
# require 'google/apis/cloudasset_v1p4beta1'
|
29
|
+
#
|
30
|
+
# Cloudasset = Google::Apis::CloudassetV1p4beta1 # Alias the module
|
31
|
+
# service = Cloudasset::CloudAssetService.new
|
32
|
+
#
|
33
|
+
# @see https://cloud.google.com/asset-inventory/docs/quickstart
|
34
|
+
class CloudAssetService < Google::Apis::Core::BaseService
|
35
|
+
# @return [String]
|
36
|
+
# API key. Your API key identifies your project and provides you with API access,
|
37
|
+
# quota, and reports. Required unless you provide an OAuth 2.0 token.
|
38
|
+
attr_accessor :key
|
39
|
+
|
40
|
+
# @return [String]
|
41
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
42
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
43
|
+
attr_accessor :quota_user
|
44
|
+
|
45
|
+
def initialize
|
46
|
+
super('https://cloudasset.googleapis.com/', '',
|
47
|
+
client_name: 'google-apis-cloudasset_v1p4beta1',
|
48
|
+
client_version: Google::Apis::CloudassetV1p4beta1::GEM_VERSION)
|
49
|
+
@batch_path = 'batch'
|
50
|
+
end
|
51
|
+
|
52
|
+
# Analyzes IAM policies to answer which identities have what accesses on which
|
53
|
+
# resources.
|
54
|
+
# @param [String] parent
|
55
|
+
# Required. The relative name of the root asset. Only resources and IAM policies
|
56
|
+
# within the parent will be analyzed. This can only be an organization number (
|
57
|
+
# such as "organizations/123"), a folder number (such as "folders/123"), a
|
58
|
+
# project ID (such as "projects/my-project-id"), or a project number (such as "
|
59
|
+
# projects/12345"). To know how to get organization id, visit [here ](https://
|
60
|
+
# cloud.google.com/resource-manager/docs/creating-managing-organization#
|
61
|
+
# retrieving_your_organization_id). To know how to get folder or project id,
|
62
|
+
# visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-
|
63
|
+
# folders#viewing_or_listing_folders_and_projects).
|
64
|
+
# @param [Array<String>, String] analysis_query_access_selector_permissions
|
65
|
+
# Optional. The permissions to appear in result.
|
66
|
+
# @param [Array<String>, String] analysis_query_access_selector_roles
|
67
|
+
# Optional. The roles to appear in result.
|
68
|
+
# @param [String] analysis_query_identity_selector_identity
|
69
|
+
# Required. The identity appear in the form of members in [IAM policy binding](
|
70
|
+
# https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of
|
71
|
+
# supported forms are: "user:mike@example.com", "group:admins@example.com", "
|
72
|
+
# domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com".
|
73
|
+
# Notice that wildcard characters (such as * and ?) are not supported. You must
|
74
|
+
# give a specific identity.
|
75
|
+
# @param [String] analysis_query_resource_selector_full_resource_name
|
76
|
+
# Required. The [full resource name](https://cloud.google.com/asset-inventory/
|
77
|
+
# docs/resource-name-format) of a resource of [supported resource types](https://
|
78
|
+
# cloud.google.com/asset-inventory/docs/supported-asset-types#
|
79
|
+
# analyzable_asset_types).
|
80
|
+
# @param [Boolean] options_analyze_service_account_impersonation
|
81
|
+
# Optional. If true, the response will include access analysis from identities
|
82
|
+
# to resources via service account impersonation. This is a very expensive
|
83
|
+
# operation, because many derived queries will be executed. We highly recommend
|
84
|
+
# you use AssetService.ExportIamPolicyAnalysis rpc instead. For example, if the
|
85
|
+
# request analyzes for which resources user A has permission P, and there's an
|
86
|
+
# IAM policy states user A has iam.serviceAccounts.getAccessToken permission to
|
87
|
+
# a service account SA, and there's another IAM policy states service account SA
|
88
|
+
# has permission P to a GCP folder F, then user A potentially has access to the
|
89
|
+
# GCP folder F. And those advanced analysis results will be included in
|
90
|
+
# AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another
|
91
|
+
# example, if the request analyzes for who has permission P to a GCP folder F,
|
92
|
+
# and there's an IAM policy states user A has iam.serviceAccounts.actAs
|
93
|
+
# permission to a service account SA, and there's another IAM policy states
|
94
|
+
# service account SA has permission P to the GCP folder F, then user A
|
95
|
+
# potentially has access to the GCP folder F. And those advanced analysis
|
96
|
+
# results will be included in AnalyzeIamPolicyResponse.
|
97
|
+
# service_account_impersonation_analysis. Default is false.
|
98
|
+
# @param [String] options_execution_timeout
|
99
|
+
# Optional. Amount of time executable has to complete. See JSON representation
|
100
|
+
# of [Duration](https://developers.google.com/protocol-buffers/docs/proto3#json).
|
101
|
+
# If this field is set with a value less than the RPC deadline, and the
|
102
|
+
# execution of your query hasn't finished in the specified execution timeout,
|
103
|
+
# you will get a response with partial result. Otherwise, your query's execution
|
104
|
+
# will continue until the RPC deadline. If it's not finished until then, you
|
105
|
+
# will get a DEADLINE_EXCEEDED error. Default is empty.
|
106
|
+
# @param [Boolean] options_expand_groups
|
107
|
+
# Optional. If true, the identities section of the result will expand any Google
|
108
|
+
# groups appearing in an IAM policy binding. If identity_selector is specified,
|
109
|
+
# the identity in the result will be determined by the selector, and this flag
|
110
|
+
# will have no effect. Default is false.
|
111
|
+
# @param [Boolean] options_expand_resources
|
112
|
+
# Optional. If true, the resource section of the result will expand any resource
|
113
|
+
# attached to an IAM policy to include resources lower in the resource hierarchy.
|
114
|
+
# For example, if the request analyzes for which resources user A has
|
115
|
+
# permission P, and the results include an IAM policy with P on a GCP folder,
|
116
|
+
# the results will also include resources in that folder with permission P. If
|
117
|
+
# resource_selector is specified, the resource section of the result will be
|
118
|
+
# determined by the selector, and this flag will have no effect. Default is
|
119
|
+
# false.
|
120
|
+
# @param [Boolean] options_expand_roles
|
121
|
+
# Optional. If true, the access section of result will expand any roles
|
122
|
+
# appearing in IAM policy bindings to include their permissions. If
|
123
|
+
# access_selector is specified, the access section of the result will be
|
124
|
+
# determined by the selector, and this flag will have no effect. Default is
|
125
|
+
# false.
|
126
|
+
# @param [Boolean] options_output_group_edges
|
127
|
+
# Optional. If true, the result will output group identity edges, starting from
|
128
|
+
# the binding's group members, to any expanded identities. Default is false.
|
129
|
+
# @param [Boolean] options_output_resource_edges
|
130
|
+
# Optional. If true, the result will output resource edges, starting from the
|
131
|
+
# policy attached resource, to any expanded resources. Default is false.
|
132
|
+
# @param [String] fields
|
133
|
+
# Selector specifying which fields to include in a partial response.
|
134
|
+
# @param [String] quota_user
|
135
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
136
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
137
|
+
# @param [Google::Apis::RequestOptions] options
|
138
|
+
# Request-specific options
|
139
|
+
#
|
140
|
+
# @yield [result, err] Result & error if block supplied
|
141
|
+
# @yieldparam result [Google::Apis::CloudassetV1p4beta1::AnalyzeIamPolicyResponse] parsed result object
|
142
|
+
# @yieldparam err [StandardError] error object if request failed
|
143
|
+
#
|
144
|
+
# @return [Google::Apis::CloudassetV1p4beta1::AnalyzeIamPolicyResponse]
|
145
|
+
#
|
146
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
147
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
148
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
149
|
+
def analyze_iam_policy(parent, analysis_query_access_selector_permissions: nil, analysis_query_access_selector_roles: nil, analysis_query_identity_selector_identity: nil, analysis_query_resource_selector_full_resource_name: nil, options_analyze_service_account_impersonation: nil, options_execution_timeout: nil, options_expand_groups: nil, options_expand_resources: nil, options_expand_roles: nil, options_output_group_edges: nil, options_output_resource_edges: nil, fields: nil, quota_user: nil, options: nil, &block)
|
150
|
+
command = make_simple_command(:get, 'v1p4beta1/{+parent}:analyzeIamPolicy', options)
|
151
|
+
command.response_representation = Google::Apis::CloudassetV1p4beta1::AnalyzeIamPolicyResponse::Representation
|
152
|
+
command.response_class = Google::Apis::CloudassetV1p4beta1::AnalyzeIamPolicyResponse
|
153
|
+
command.params['parent'] = parent unless parent.nil?
|
154
|
+
command.query['analysisQuery.accessSelector.permissions'] = analysis_query_access_selector_permissions unless analysis_query_access_selector_permissions.nil?
|
155
|
+
command.query['analysisQuery.accessSelector.roles'] = analysis_query_access_selector_roles unless analysis_query_access_selector_roles.nil?
|
156
|
+
command.query['analysisQuery.identitySelector.identity'] = analysis_query_identity_selector_identity unless analysis_query_identity_selector_identity.nil?
|
157
|
+
command.query['analysisQuery.resourceSelector.fullResourceName'] = analysis_query_resource_selector_full_resource_name unless analysis_query_resource_selector_full_resource_name.nil?
|
158
|
+
command.query['options.analyzeServiceAccountImpersonation'] = options_analyze_service_account_impersonation unless options_analyze_service_account_impersonation.nil?
|
159
|
+
command.query['options.executionTimeout'] = options_execution_timeout unless options_execution_timeout.nil?
|
160
|
+
command.query['options.expandGroups'] = options_expand_groups unless options_expand_groups.nil?
|
161
|
+
command.query['options.expandResources'] = options_expand_resources unless options_expand_resources.nil?
|
162
|
+
command.query['options.expandRoles'] = options_expand_roles unless options_expand_roles.nil?
|
163
|
+
command.query['options.outputGroupEdges'] = options_output_group_edges unless options_output_group_edges.nil?
|
164
|
+
command.query['options.outputResourceEdges'] = options_output_resource_edges unless options_output_resource_edges.nil?
|
165
|
+
command.query['fields'] = fields unless fields.nil?
|
166
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
167
|
+
execute_or_queue_command(command, &block)
|
168
|
+
end
|
169
|
+
|
170
|
+
# Exports the answers of which identities have what accesses on which resources
|
171
|
+
# to a Google Cloud Storage destination. The output format is the JSON format
|
172
|
+
# that represents a AnalyzeIamPolicyResponse in the JSON format. This method
|
173
|
+
# implements the google.longrunning.Operation, which allows you to keep track of
|
174
|
+
# the export. We recommend intervals of at least 2 seconds with exponential
|
175
|
+
# retry to poll the export operation result. The metadata contains the request
|
176
|
+
# to help callers to map responses to requests.
|
177
|
+
# @param [String] parent
|
178
|
+
# Required. The relative name of the root asset. Only resources and IAM policies
|
179
|
+
# within the parent will be analyzed. This can only be an organization number (
|
180
|
+
# such as "organizations/123"), a folder number (such as "folders/123"), a
|
181
|
+
# project ID (such as "projects/my-project-id"), or a project number (such as "
|
182
|
+
# projects/12345"). To know how to get organization id, visit [here ](https://
|
183
|
+
# cloud.google.com/resource-manager/docs/creating-managing-organization#
|
184
|
+
# retrieving_your_organization_id). To know how to get folder or project id,
|
185
|
+
# visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-
|
186
|
+
# folders#viewing_or_listing_folders_and_projects).
|
187
|
+
# @param [Google::Apis::CloudassetV1p4beta1::ExportIamPolicyAnalysisRequest] export_iam_policy_analysis_request_object
|
188
|
+
# @param [String] fields
|
189
|
+
# Selector specifying which fields to include in a partial response.
|
190
|
+
# @param [String] quota_user
|
191
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
192
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
193
|
+
# @param [Google::Apis::RequestOptions] options
|
194
|
+
# Request-specific options
|
195
|
+
#
|
196
|
+
# @yield [result, err] Result & error if block supplied
|
197
|
+
# @yieldparam result [Google::Apis::CloudassetV1p4beta1::Operation] parsed result object
|
198
|
+
# @yieldparam err [StandardError] error object if request failed
|
199
|
+
#
|
200
|
+
# @return [Google::Apis::CloudassetV1p4beta1::Operation]
|
201
|
+
#
|
202
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
203
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
204
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
205
|
+
def export_iam_policy_analysis(parent, export_iam_policy_analysis_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
206
|
+
command = make_simple_command(:post, 'v1p4beta1/{+parent}:exportIamPolicyAnalysis', options)
|
207
|
+
command.request_representation = Google::Apis::CloudassetV1p4beta1::ExportIamPolicyAnalysisRequest::Representation
|
208
|
+
command.request_object = export_iam_policy_analysis_request_object
|
209
|
+
command.response_representation = Google::Apis::CloudassetV1p4beta1::Operation::Representation
|
210
|
+
command.response_class = Google::Apis::CloudassetV1p4beta1::Operation
|
211
|
+
command.params['parent'] = parent unless parent.nil?
|
212
|
+
command.query['fields'] = fields unless fields.nil?
|
213
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
214
|
+
execute_or_queue_command(command, &block)
|
215
|
+
end
|
216
|
+
|
217
|
+
protected
|
218
|
+
|
219
|
+
def apply_command_defaults(command)
|
220
|
+
command.query['key'] = key unless key.nil?
|
221
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
222
|
+
end
|
223
|
+
end
|
224
|
+
end
|
225
|
+
end
|
226
|
+
end
|