google-cloud-asset-v1 0.12.0 → 0.14.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +8 -8
- data/README.md +1 -1
- data/lib/google/cloud/asset/v1/asset_service/client.rb +233 -86
- data/lib/google/cloud/asset/v1/asset_service/operations.rb +31 -22
- data/lib/google/cloud/asset/v1/asset_service_pb.rb +41 -0
- data/lib/google/cloud/asset/v1/asset_service_services_pb.rb +7 -1
- data/lib/google/cloud/asset/v1/assets_pb.rb +15 -2
- data/lib/google/cloud/asset/v1/version.rb +1 -1
- data/lib/google/identity/accesscontextmanager/v1/access_level_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb +60 -0
- data/proto_docs/google/cloud/asset/v1/asset_service.rb +167 -3
- data/proto_docs/google/cloud/asset/v1/assets.rb +98 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_level.rb +2 -2
- data/proto_docs/google/identity/accesscontextmanager/v1/access_policy.rb +1 -1
- data/proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb +328 -2
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d23289f05b8a078cd8c757cca3adc7016839554e57eaa015503d9fb588720c24
|
|
4
|
+
data.tar.gz: 34c663c90be473fcb2157705edd1690dd1d68790bbe3a5fe43400d68cc917522
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8f13a32a9dbc259de82f09a988f812334c9622f48ed44203a1939bd4d6052e2ce3a5b688680d143ba56d35c43bc1ffb2238f3ffc6e2c383e59110b6e7d42d332
|
|
7
|
+
data.tar.gz: afa78794e6c1e9f77e7d78915a74fcb6f7038c2a7c80d30c8171d3793fd176a1c1443ea080766f638e87dbb5335bc98bdc719eacf6af3f830189d503f8eb5b9c
|
data/AUTHENTICATION.md
CHANGED
|
@@ -66,11 +66,11 @@ The environment variables that google-cloud-asset-v1
|
|
|
66
66
|
checks for credentials are configured on the service Credentials class (such as
|
|
67
67
|
{::Google::Cloud::Asset::V1::AssetService::Credentials}):
|
|
68
68
|
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
69
|
+
* `ASSET_CREDENTIALS` - Path to JSON file, or JSON contents
|
|
70
|
+
* `ASSET_KEYFILE` - Path to JSON file, or JSON contents
|
|
71
|
+
* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
|
|
72
|
+
* `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
|
|
73
|
+
* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
|
|
74
74
|
|
|
75
75
|
```ruby
|
|
76
76
|
require "google/cloud/asset/v1"
|
|
@@ -82,8 +82,8 @@ client = ::Google::Cloud::Asset::V1::AssetService::Client.new
|
|
|
82
82
|
|
|
83
83
|
### Configuration
|
|
84
84
|
|
|
85
|
-
The **Credentials JSON** can be configured instead of
|
|
86
|
-
environment
|
|
85
|
+
The path to the **Credentials JSON** file can be configured instead of storing
|
|
86
|
+
it in an environment variable. Either on an individual client initialization:
|
|
87
87
|
|
|
88
88
|
```ruby
|
|
89
89
|
require "google/cloud/asset/v1"
|
|
@@ -93,7 +93,7 @@ client = ::Google::Cloud::Asset::V1::AssetService::Client.new do |config|
|
|
|
93
93
|
end
|
|
94
94
|
```
|
|
95
95
|
|
|
96
|
-
Or
|
|
96
|
+
Or globally for all clients:
|
|
97
97
|
|
|
98
98
|
```ruby
|
|
99
99
|
require "google/cloud/asset/v1"
|
data/README.md
CHANGED
|
@@ -33,7 +33,7 @@ In order to use this library, you first need to go through the following steps:
|
|
|
33
33
|
require "google/cloud/asset/v1"
|
|
34
34
|
|
|
35
35
|
client = ::Google::Cloud::Asset::V1::AssetService::Client.new
|
|
36
|
-
request =
|
|
36
|
+
request = ::Google::Cloud::Asset::V1::ExportAssetsRequest.new # (request fields as keyword arguments...)
|
|
37
37
|
response = client.export_assets request
|
|
38
38
|
```
|
|
39
39
|
|
|
@@ -41,13 +41,12 @@ module Google
|
|
|
41
41
|
# See {::Google::Cloud::Asset::V1::AssetService::Client::Configuration}
|
|
42
42
|
# for a description of the configuration fields.
|
|
43
43
|
#
|
|
44
|
-
#
|
|
44
|
+
# @example
|
|
45
45
|
#
|
|
46
|
-
#
|
|
47
|
-
#
|
|
48
|
-
#
|
|
49
|
-
#
|
|
50
|
-
# end
|
|
46
|
+
# # Modify the configuration for all AssetService clients
|
|
47
|
+
# ::Google::Cloud::Asset::V1::AssetService::Client.configure do |config|
|
|
48
|
+
# config.timeout = 10.0
|
|
49
|
+
# end
|
|
51
50
|
#
|
|
52
51
|
# @yield [config] Configure the Client client.
|
|
53
52
|
# @yieldparam config [Client::Configuration]
|
|
@@ -69,70 +68,46 @@ module Google
|
|
|
69
68
|
|
|
70
69
|
default_config.rpcs.list_assets.timeout = 60.0
|
|
71
70
|
default_config.rpcs.list_assets.retry_policy = {
|
|
72
|
-
initial_delay: 0.1,
|
|
73
|
-
max_delay: 60.0,
|
|
74
|
-
multiplier: 1.3,
|
|
75
|
-
retry_codes: [4, 14]
|
|
71
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
|
|
76
72
|
}
|
|
77
73
|
|
|
78
74
|
default_config.rpcs.batch_get_assets_history.timeout = 60.0
|
|
79
75
|
default_config.rpcs.batch_get_assets_history.retry_policy = {
|
|
80
|
-
initial_delay: 0.1,
|
|
81
|
-
max_delay: 60.0,
|
|
82
|
-
multiplier: 1.3,
|
|
83
|
-
retry_codes: [4, 14]
|
|
76
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
|
|
84
77
|
}
|
|
85
78
|
|
|
86
79
|
default_config.rpcs.create_feed.timeout = 60.0
|
|
87
80
|
|
|
88
81
|
default_config.rpcs.get_feed.timeout = 60.0
|
|
89
82
|
default_config.rpcs.get_feed.retry_policy = {
|
|
90
|
-
initial_delay: 0.1,
|
|
91
|
-
max_delay: 60.0,
|
|
92
|
-
multiplier: 1.3,
|
|
93
|
-
retry_codes: [4, 14]
|
|
83
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
|
|
94
84
|
}
|
|
95
85
|
|
|
96
86
|
default_config.rpcs.list_feeds.timeout = 60.0
|
|
97
87
|
default_config.rpcs.list_feeds.retry_policy = {
|
|
98
|
-
initial_delay: 0.1,
|
|
99
|
-
max_delay: 60.0,
|
|
100
|
-
multiplier: 1.3,
|
|
101
|
-
retry_codes: [4, 14]
|
|
88
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
|
|
102
89
|
}
|
|
103
90
|
|
|
104
91
|
default_config.rpcs.update_feed.timeout = 60.0
|
|
105
92
|
|
|
106
93
|
default_config.rpcs.delete_feed.timeout = 60.0
|
|
107
94
|
default_config.rpcs.delete_feed.retry_policy = {
|
|
108
|
-
initial_delay: 0.1,
|
|
109
|
-
max_delay: 60.0,
|
|
110
|
-
multiplier: 1.3,
|
|
111
|
-
retry_codes: [4, 14]
|
|
95
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
|
|
112
96
|
}
|
|
113
97
|
|
|
114
|
-
default_config.rpcs.search_all_resources.timeout =
|
|
98
|
+
default_config.rpcs.search_all_resources.timeout = 30.0
|
|
115
99
|
default_config.rpcs.search_all_resources.retry_policy = {
|
|
116
|
-
initial_delay: 0.1,
|
|
117
|
-
max_delay: 60.0,
|
|
118
|
-
multiplier: 1.3,
|
|
119
|
-
retry_codes: [4, 14]
|
|
100
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
|
|
120
101
|
}
|
|
121
102
|
|
|
122
|
-
default_config.rpcs.search_all_iam_policies.timeout =
|
|
103
|
+
default_config.rpcs.search_all_iam_policies.timeout = 30.0
|
|
123
104
|
default_config.rpcs.search_all_iam_policies.retry_policy = {
|
|
124
|
-
initial_delay: 0.1,
|
|
125
|
-
max_delay: 60.0,
|
|
126
|
-
multiplier: 1.3,
|
|
127
|
-
retry_codes: [4, 14]
|
|
105
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
|
|
128
106
|
}
|
|
129
107
|
|
|
130
108
|
default_config.rpcs.analyze_iam_policy.timeout = 300.0
|
|
131
109
|
default_config.rpcs.analyze_iam_policy.retry_policy = {
|
|
132
|
-
initial_delay: 0.1,
|
|
133
|
-
max_delay: 60.0,
|
|
134
|
-
multiplier: 1.3,
|
|
135
|
-
retry_codes: [14]
|
|
110
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14]
|
|
136
111
|
}
|
|
137
112
|
|
|
138
113
|
default_config.rpcs.analyze_iam_policy_longrunning.timeout = 60.0
|
|
@@ -166,19 +141,15 @@ module Google
|
|
|
166
141
|
##
|
|
167
142
|
# Create a new AssetService client object.
|
|
168
143
|
#
|
|
169
|
-
#
|
|
170
|
-
#
|
|
171
|
-
# To create a new AssetService client with the default
|
|
172
|
-
# configuration:
|
|
144
|
+
# @example
|
|
173
145
|
#
|
|
174
|
-
#
|
|
146
|
+
# # Create a client using the default configuration
|
|
147
|
+
# client = ::Google::Cloud::Asset::V1::AssetService::Client.new
|
|
175
148
|
#
|
|
176
|
-
#
|
|
177
|
-
#
|
|
178
|
-
#
|
|
179
|
-
#
|
|
180
|
-
# config.timeout = 10.0
|
|
181
|
-
# end
|
|
149
|
+
# # Create a client using a custom configuration
|
|
150
|
+
# client = ::Google::Cloud::Asset::V1::AssetService::Client.new do |config|
|
|
151
|
+
# config.timeout = 10.0
|
|
152
|
+
# end
|
|
182
153
|
#
|
|
183
154
|
# @yield [config] Configure the AssetService client.
|
|
184
155
|
# @yieldparam config [Client::Configuration]
|
|
@@ -198,14 +169,13 @@ module Google
|
|
|
198
169
|
|
|
199
170
|
# Create credentials
|
|
200
171
|
credentials = @config.credentials
|
|
201
|
-
# Use self-signed JWT if the
|
|
172
|
+
# Use self-signed JWT if the endpoint is unchanged from default,
|
|
202
173
|
# but only if the default endpoint does not have a region prefix.
|
|
203
|
-
enable_self_signed_jwt = @config.
|
|
204
|
-
@config.endpoint == Client.configure.endpoint &&
|
|
174
|
+
enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
|
|
205
175
|
!@config.endpoint.split(".").first.include?("-")
|
|
206
176
|
credentials ||= Credentials.default scope: @config.scope,
|
|
207
177
|
enable_self_signed_jwt: enable_self_signed_jwt
|
|
208
|
-
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
|
178
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
|
209
179
|
credentials = Credentials.new credentials, scope: @config.scope
|
|
210
180
|
end
|
|
211
181
|
@quota_project_id = @config.quota_project
|
|
@@ -331,7 +301,9 @@ module Google
|
|
|
331
301
|
options.apply_defaults timeout: @config.rpcs.export_assets.timeout,
|
|
332
302
|
metadata: metadata,
|
|
333
303
|
retry_policy: @config.rpcs.export_assets.retry_policy
|
|
334
|
-
|
|
304
|
+
|
|
305
|
+
options.apply_defaults timeout: @config.timeout,
|
|
306
|
+
metadata: @config.metadata,
|
|
335
307
|
retry_policy: @config.retry_policy
|
|
336
308
|
|
|
337
309
|
@asset_service_stub.call_rpc :export_assets, request, options: options do |response, operation|
|
|
@@ -437,7 +409,9 @@ module Google
|
|
|
437
409
|
options.apply_defaults timeout: @config.rpcs.list_assets.timeout,
|
|
438
410
|
metadata: metadata,
|
|
439
411
|
retry_policy: @config.rpcs.list_assets.retry_policy
|
|
440
|
-
|
|
412
|
+
|
|
413
|
+
options.apply_defaults timeout: @config.timeout,
|
|
414
|
+
metadata: @config.metadata,
|
|
441
415
|
retry_policy: @config.retry_policy
|
|
442
416
|
|
|
443
417
|
@asset_service_stub.call_rpc :list_assets, request, options: options do |response, operation|
|
|
@@ -530,7 +504,9 @@ module Google
|
|
|
530
504
|
options.apply_defaults timeout: @config.rpcs.batch_get_assets_history.timeout,
|
|
531
505
|
metadata: metadata,
|
|
532
506
|
retry_policy: @config.rpcs.batch_get_assets_history.retry_policy
|
|
533
|
-
|
|
507
|
+
|
|
508
|
+
options.apply_defaults timeout: @config.timeout,
|
|
509
|
+
metadata: @config.metadata,
|
|
534
510
|
retry_policy: @config.retry_policy
|
|
535
511
|
|
|
536
512
|
@asset_service_stub.call_rpc :batch_get_assets_history, request, options: options do |response, operation|
|
|
@@ -610,7 +586,9 @@ module Google
|
|
|
610
586
|
options.apply_defaults timeout: @config.rpcs.create_feed.timeout,
|
|
611
587
|
metadata: metadata,
|
|
612
588
|
retry_policy: @config.rpcs.create_feed.retry_policy
|
|
613
|
-
|
|
589
|
+
|
|
590
|
+
options.apply_defaults timeout: @config.timeout,
|
|
591
|
+
metadata: @config.metadata,
|
|
614
592
|
retry_policy: @config.retry_policy
|
|
615
593
|
|
|
616
594
|
@asset_service_stub.call_rpc :create_feed, request, options: options do |response, operation|
|
|
@@ -679,7 +657,9 @@ module Google
|
|
|
679
657
|
options.apply_defaults timeout: @config.rpcs.get_feed.timeout,
|
|
680
658
|
metadata: metadata,
|
|
681
659
|
retry_policy: @config.rpcs.get_feed.retry_policy
|
|
682
|
-
|
|
660
|
+
|
|
661
|
+
options.apply_defaults timeout: @config.timeout,
|
|
662
|
+
metadata: @config.metadata,
|
|
683
663
|
retry_policy: @config.retry_policy
|
|
684
664
|
|
|
685
665
|
@asset_service_stub.call_rpc :get_feed, request, options: options do |response, operation|
|
|
@@ -747,7 +727,9 @@ module Google
|
|
|
747
727
|
options.apply_defaults timeout: @config.rpcs.list_feeds.timeout,
|
|
748
728
|
metadata: metadata,
|
|
749
729
|
retry_policy: @config.rpcs.list_feeds.retry_policy
|
|
750
|
-
|
|
730
|
+
|
|
731
|
+
options.apply_defaults timeout: @config.timeout,
|
|
732
|
+
metadata: @config.metadata,
|
|
751
733
|
retry_policy: @config.retry_policy
|
|
752
734
|
|
|
753
735
|
@asset_service_stub.call_rpc :list_feeds, request, options: options do |response, operation|
|
|
@@ -821,7 +803,9 @@ module Google
|
|
|
821
803
|
options.apply_defaults timeout: @config.rpcs.update_feed.timeout,
|
|
822
804
|
metadata: metadata,
|
|
823
805
|
retry_policy: @config.rpcs.update_feed.retry_policy
|
|
824
|
-
|
|
806
|
+
|
|
807
|
+
options.apply_defaults timeout: @config.timeout,
|
|
808
|
+
metadata: @config.metadata,
|
|
825
809
|
retry_policy: @config.retry_policy
|
|
826
810
|
|
|
827
811
|
@asset_service_stub.call_rpc :update_feed, request, options: options do |response, operation|
|
|
@@ -890,7 +874,9 @@ module Google
|
|
|
890
874
|
options.apply_defaults timeout: @config.rpcs.delete_feed.timeout,
|
|
891
875
|
metadata: metadata,
|
|
892
876
|
retry_policy: @config.rpcs.delete_feed.retry_policy
|
|
893
|
-
|
|
877
|
+
|
|
878
|
+
options.apply_defaults timeout: @config.timeout,
|
|
879
|
+
metadata: @config.metadata,
|
|
894
880
|
retry_policy: @config.retry_policy
|
|
895
881
|
|
|
896
882
|
@asset_service_stub.call_rpc :delete_feed, request, options: options do |response, operation|
|
|
@@ -917,7 +903,7 @@ module Google
|
|
|
917
903
|
# @param options [::Gapic::CallOptions, ::Hash]
|
|
918
904
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
919
905
|
#
|
|
920
|
-
# @overload search_all_resources(scope: nil, query: nil, asset_types: nil, page_size: nil, page_token: nil, order_by: nil)
|
|
906
|
+
# @overload search_all_resources(scope: nil, query: nil, asset_types: nil, page_size: nil, page_token: nil, order_by: nil, read_mask: nil)
|
|
921
907
|
# Pass arguments to `search_all_resources` via keyword arguments. Note that at
|
|
922
908
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
923
909
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
@@ -959,8 +945,8 @@ module Google
|
|
|
959
945
|
# encryption key whose name contains the word "key".
|
|
960
946
|
# * `state:ACTIVE` to find Cloud resources whose state contains "ACTIVE" as a
|
|
961
947
|
# word.
|
|
962
|
-
# * `NOT state:ACTIVE` to find
|
|
963
|
-
#
|
|
948
|
+
# * `NOT state:ACTIVE` to find Cloud resources whose state doesn't contain
|
|
949
|
+
# "ACTIVE" as a word.
|
|
964
950
|
# * `createTime<1609459200` to find Cloud resources that were created before
|
|
965
951
|
# "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
|
|
966
952
|
# "2021-01-01 00:00:00 UTC" in seconds.
|
|
@@ -1006,6 +992,7 @@ module Google
|
|
|
1006
992
|
# to indicate descending order. Redundant space characters are ignored.
|
|
1007
993
|
# Example: "location DESC, name".
|
|
1008
994
|
# Only singular primitive fields in the response are sortable:
|
|
995
|
+
#
|
|
1009
996
|
# * name
|
|
1010
997
|
# * assetType
|
|
1011
998
|
# * project
|
|
@@ -1018,9 +1005,39 @@ module Google
|
|
|
1018
1005
|
# * state
|
|
1019
1006
|
# * parentFullResourceName
|
|
1020
1007
|
# * parentAssetType
|
|
1008
|
+
#
|
|
1021
1009
|
# All the other fields such as repeated fields (e.g., `networkTags`), map
|
|
1022
1010
|
# fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`)
|
|
1023
1011
|
# are not supported.
|
|
1012
|
+
# @param read_mask [::Google::Protobuf::FieldMask, ::Hash]
|
|
1013
|
+
# Optional. A comma-separated list of fields specifying which fields to be returned in
|
|
1014
|
+
# ResourceSearchResult. Only '*' or combination of top level fields can be
|
|
1015
|
+
# specified. Field names of both snake_case and camelCase are supported.
|
|
1016
|
+
# Examples: `"*"`, `"name,location"`, `"name,versionedResources"`.
|
|
1017
|
+
#
|
|
1018
|
+
# The read_mask paths must be valid field paths listed but not limited to
|
|
1019
|
+
# (both snake_case and camelCase are supported):
|
|
1020
|
+
#
|
|
1021
|
+
# * name
|
|
1022
|
+
# * assetType
|
|
1023
|
+
# * project
|
|
1024
|
+
# * displayName
|
|
1025
|
+
# * description
|
|
1026
|
+
# * location
|
|
1027
|
+
# * labels
|
|
1028
|
+
# * networkTags
|
|
1029
|
+
# * kmsKey
|
|
1030
|
+
# * createTime
|
|
1031
|
+
# * updateTime
|
|
1032
|
+
# * state
|
|
1033
|
+
# * additionalAttributes
|
|
1034
|
+
# * versionedResources
|
|
1035
|
+
#
|
|
1036
|
+
# If read_mask is not specified, all fields except versionedResources will
|
|
1037
|
+
# be returned.
|
|
1038
|
+
# If only '*' is specified, all fields including versionedResources will be
|
|
1039
|
+
# returned.
|
|
1040
|
+
# Any invalid field path will trigger INVALID_ARGUMENT error.
|
|
1024
1041
|
#
|
|
1025
1042
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
1026
1043
|
# @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Asset::V1::ResourceSearchResult>]
|
|
@@ -1056,7 +1073,9 @@ module Google
|
|
|
1056
1073
|
options.apply_defaults timeout: @config.rpcs.search_all_resources.timeout,
|
|
1057
1074
|
metadata: metadata,
|
|
1058
1075
|
retry_policy: @config.rpcs.search_all_resources.retry_policy
|
|
1059
|
-
|
|
1076
|
+
|
|
1077
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1078
|
+
metadata: @config.metadata,
|
|
1060
1079
|
retry_policy: @config.retry_policy
|
|
1061
1080
|
|
|
1062
1081
|
@asset_service_stub.call_rpc :search_all_resources, request, options: options do |response, operation|
|
|
@@ -1084,7 +1103,7 @@ module Google
|
|
|
1084
1103
|
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1085
1104
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
1086
1105
|
#
|
|
1087
|
-
# @overload search_all_iam_policies(scope: nil, query: nil, page_size: nil, page_token: nil)
|
|
1106
|
+
# @overload search_all_iam_policies(scope: nil, query: nil, page_size: nil, page_token: nil, asset_types: nil, order_by: nil)
|
|
1088
1107
|
# Pass arguments to `search_all_iam_policies` via keyword arguments. Note that at
|
|
1089
1108
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1090
1109
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
@@ -1141,6 +1160,10 @@ module Google
|
|
|
1141
1160
|
# * `resource:(instance1 OR instance2) policy:amy` to find
|
|
1142
1161
|
# IAM policy bindings that are set on resources "instance1" or
|
|
1143
1162
|
# "instance2" and also specify user "amy".
|
|
1163
|
+
# * `roles:roles/compute.admin` to find IAM policy bindings that specify the
|
|
1164
|
+
# Compute Admin role.
|
|
1165
|
+
# * `memberTypes:user` to find IAM policy bindings that contain the "user"
|
|
1166
|
+
# member type.
|
|
1144
1167
|
# @param page_size [::Integer]
|
|
1145
1168
|
# Optional. The page size for search result pagination. Page size is capped at 500 even
|
|
1146
1169
|
# if a larger value is given. If set to zero, server will pick an appropriate
|
|
@@ -1151,6 +1174,34 @@ module Google
|
|
|
1151
1174
|
# this method. `page_token` must be the value of `next_page_token` from the
|
|
1152
1175
|
# previous response. The values of all other method parameters must be
|
|
1153
1176
|
# identical to those in the previous call.
|
|
1177
|
+
# @param asset_types [::Array<::String>]
|
|
1178
|
+
# Optional. A list of asset types that the IAM policies are attached to. If empty, it
|
|
1179
|
+
# will search the IAM policies that are attached to all the [searchable asset
|
|
1180
|
+
# types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).
|
|
1181
|
+
#
|
|
1182
|
+
# Regular expressions are also supported. For example:
|
|
1183
|
+
#
|
|
1184
|
+
# * "compute.googleapis.com.*" snapshots IAM policies attached to asset type
|
|
1185
|
+
# starts with "compute.googleapis.com".
|
|
1186
|
+
# * ".*Instance" snapshots IAM policies attached to asset type ends with
|
|
1187
|
+
# "Instance".
|
|
1188
|
+
# * ".*Instance.*" snapshots IAM policies attached to asset type contains
|
|
1189
|
+
# "Instance".
|
|
1190
|
+
#
|
|
1191
|
+
# See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
|
|
1192
|
+
# regular expression syntax. If the regular expression does not match any
|
|
1193
|
+
# supported asset type, an INVALID_ARGUMENT error will be returned.
|
|
1194
|
+
# @param order_by [::String]
|
|
1195
|
+
# Optional. A comma-separated list of fields specifying the sorting order of the
|
|
1196
|
+
# results. The default order is ascending. Add " DESC" after the field name
|
|
1197
|
+
# to indicate descending order. Redundant space characters are ignored.
|
|
1198
|
+
# Example: "assetType DESC, resource".
|
|
1199
|
+
# Only singular primitive fields in the response are sortable:
|
|
1200
|
+
# * resource
|
|
1201
|
+
# * assetType
|
|
1202
|
+
# * project
|
|
1203
|
+
# All the other fields such as repeated fields (e.g., `folders`) and
|
|
1204
|
+
# non-primitive fields (e.g., `policy`) are not supported.
|
|
1154
1205
|
#
|
|
1155
1206
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
1156
1207
|
# @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Asset::V1::IamPolicySearchResult>]
|
|
@@ -1186,7 +1237,9 @@ module Google
|
|
|
1186
1237
|
options.apply_defaults timeout: @config.rpcs.search_all_iam_policies.timeout,
|
|
1187
1238
|
metadata: metadata,
|
|
1188
1239
|
retry_policy: @config.rpcs.search_all_iam_policies.retry_policy
|
|
1189
|
-
|
|
1240
|
+
|
|
1241
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1242
|
+
metadata: @config.metadata,
|
|
1190
1243
|
retry_policy: @config.retry_policy
|
|
1191
1244
|
|
|
1192
1245
|
@asset_service_stub.call_rpc :search_all_iam_policies, request, options: options do |response, operation|
|
|
@@ -1265,7 +1318,9 @@ module Google
|
|
|
1265
1318
|
options.apply_defaults timeout: @config.rpcs.analyze_iam_policy.timeout,
|
|
1266
1319
|
metadata: metadata,
|
|
1267
1320
|
retry_policy: @config.rpcs.analyze_iam_policy.retry_policy
|
|
1268
|
-
|
|
1321
|
+
|
|
1322
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1323
|
+
metadata: @config.metadata,
|
|
1269
1324
|
retry_policy: @config.retry_policy
|
|
1270
1325
|
|
|
1271
1326
|
@asset_service_stub.call_rpc :analyze_iam_policy, request, options: options do |response, operation|
|
|
@@ -1285,7 +1340,7 @@ module Google
|
|
|
1285
1340
|
# {::Google::Longrunning::Operation google.longrunning.Operation}, which allows you to track the operation
|
|
1286
1341
|
# status. We recommend intervals of at least 2 seconds with exponential
|
|
1287
1342
|
# backoff retry to poll the operation result. The metadata contains the
|
|
1288
|
-
#
|
|
1343
|
+
# metadata for the long-running operation.
|
|
1289
1344
|
#
|
|
1290
1345
|
# @overload analyze_iam_policy_longrunning(request, options = nil)
|
|
1291
1346
|
# Pass arguments to `analyze_iam_policy_longrunning` via a request object, either of type
|
|
@@ -1341,7 +1396,9 @@ module Google
|
|
|
1341
1396
|
options.apply_defaults timeout: @config.rpcs.analyze_iam_policy_longrunning.timeout,
|
|
1342
1397
|
metadata: metadata,
|
|
1343
1398
|
retry_policy: @config.rpcs.analyze_iam_policy_longrunning.retry_policy
|
|
1344
|
-
|
|
1399
|
+
|
|
1400
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1401
|
+
metadata: @config.metadata,
|
|
1345
1402
|
retry_policy: @config.retry_policy
|
|
1346
1403
|
|
|
1347
1404
|
@asset_service_stub.call_rpc :analyze_iam_policy_longrunning, request, options: options do |response, operation|
|
|
@@ -1353,6 +1410,90 @@ module Google
|
|
|
1353
1410
|
raise ::Google::Cloud::Error.from_error(e)
|
|
1354
1411
|
end
|
|
1355
1412
|
|
|
1413
|
+
##
|
|
1414
|
+
# Analyze moving a resource to a specified destination without kicking off
|
|
1415
|
+
# the actual move. The analysis is best effort depending on the user's
|
|
1416
|
+
# permissions of viewing different hierarchical policies and configurations.
|
|
1417
|
+
# The policies and configuration are subject to change before the actual
|
|
1418
|
+
# resource migration takes place.
|
|
1419
|
+
#
|
|
1420
|
+
# @overload analyze_move(request, options = nil)
|
|
1421
|
+
# Pass arguments to `analyze_move` via a request object, either of type
|
|
1422
|
+
# {::Google::Cloud::Asset::V1::AnalyzeMoveRequest} or an equivalent Hash.
|
|
1423
|
+
#
|
|
1424
|
+
# @param request [::Google::Cloud::Asset::V1::AnalyzeMoveRequest, ::Hash]
|
|
1425
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1426
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1427
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1428
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
1429
|
+
#
|
|
1430
|
+
# @overload analyze_move(resource: nil, destination_parent: nil, view: nil)
|
|
1431
|
+
# Pass arguments to `analyze_move` via keyword arguments. Note that at
|
|
1432
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1433
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1434
|
+
#
|
|
1435
|
+
# @param resource [::String]
|
|
1436
|
+
# Required. Name of the resource to perform the analysis against.
|
|
1437
|
+
# Only GCP Project are supported as of today. Hence, this can only be Project
|
|
1438
|
+
# ID (such as "projects/my-project-id") or a Project Number (such as
|
|
1439
|
+
# "projects/12345").
|
|
1440
|
+
# @param destination_parent [::String]
|
|
1441
|
+
# Required. Name of the GCP Folder or Organization to reparent the target
|
|
1442
|
+
# resource. The analysis will be performed against hypothetically moving the
|
|
1443
|
+
# resource to this specified desitination parent. This can only be a Folder
|
|
1444
|
+
# number (such as "folders/123") or an Organization number (such as
|
|
1445
|
+
# "organizations/123").
|
|
1446
|
+
# @param view [::Google::Cloud::Asset::V1::AnalyzeMoveRequest::AnalysisView]
|
|
1447
|
+
# Analysis view indicating what information should be included in the
|
|
1448
|
+
# analysis response. If unspecified, the default view is FULL.
|
|
1449
|
+
#
|
|
1450
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
1451
|
+
# @yieldparam response [::Google::Cloud::Asset::V1::AnalyzeMoveResponse]
|
|
1452
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
1453
|
+
#
|
|
1454
|
+
# @return [::Google::Cloud::Asset::V1::AnalyzeMoveResponse]
|
|
1455
|
+
#
|
|
1456
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
1457
|
+
#
|
|
1458
|
+
def analyze_move request, options = nil
|
|
1459
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1460
|
+
|
|
1461
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Asset::V1::AnalyzeMoveRequest
|
|
1462
|
+
|
|
1463
|
+
# Converts hash and nil to an options object
|
|
1464
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1465
|
+
|
|
1466
|
+
# Customize the options with defaults
|
|
1467
|
+
metadata = @config.rpcs.analyze_move.metadata.to_h
|
|
1468
|
+
|
|
1469
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
1470
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1471
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1472
|
+
gapic_version: ::Google::Cloud::Asset::V1::VERSION
|
|
1473
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1474
|
+
|
|
1475
|
+
header_params = {
|
|
1476
|
+
"resource" => request.resource
|
|
1477
|
+
}
|
|
1478
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
1479
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
1480
|
+
|
|
1481
|
+
options.apply_defaults timeout: @config.rpcs.analyze_move.timeout,
|
|
1482
|
+
metadata: metadata,
|
|
1483
|
+
retry_policy: @config.rpcs.analyze_move.retry_policy
|
|
1484
|
+
|
|
1485
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1486
|
+
metadata: @config.metadata,
|
|
1487
|
+
retry_policy: @config.retry_policy
|
|
1488
|
+
|
|
1489
|
+
@asset_service_stub.call_rpc :analyze_move, request, options: options do |response, operation|
|
|
1490
|
+
yield response, operation if block_given?
|
|
1491
|
+
return response
|
|
1492
|
+
end
|
|
1493
|
+
rescue ::GRPC::BadStatus => e
|
|
1494
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1495
|
+
end
|
|
1496
|
+
|
|
1356
1497
|
##
|
|
1357
1498
|
# Configuration class for the AssetService API.
|
|
1358
1499
|
#
|
|
@@ -1366,22 +1507,21 @@ module Google
|
|
|
1366
1507
|
# Configuration can be applied globally to all clients, or to a single client
|
|
1367
1508
|
# on construction.
|
|
1368
1509
|
#
|
|
1369
|
-
#
|
|
1370
|
-
#
|
|
1371
|
-
# To modify the global config, setting the timeout for export_assets
|
|
1372
|
-
# to 20 seconds, and all remaining timeouts to 10 seconds:
|
|
1373
|
-
#
|
|
1374
|
-
# ::Google::Cloud::Asset::V1::AssetService::Client.configure do |config|
|
|
1375
|
-
# config.timeout = 10.0
|
|
1376
|
-
# config.rpcs.export_assets.timeout = 20.0
|
|
1377
|
-
# end
|
|
1510
|
+
# @example
|
|
1378
1511
|
#
|
|
1379
|
-
#
|
|
1512
|
+
# # Modify the global config, setting the timeout for
|
|
1513
|
+
# # export_assets to 20 seconds,
|
|
1514
|
+
# # and all remaining timeouts to 10 seconds.
|
|
1515
|
+
# ::Google::Cloud::Asset::V1::AssetService::Client.configure do |config|
|
|
1516
|
+
# config.timeout = 10.0
|
|
1517
|
+
# config.rpcs.export_assets.timeout = 20.0
|
|
1518
|
+
# end
|
|
1380
1519
|
#
|
|
1381
|
-
#
|
|
1382
|
-
#
|
|
1383
|
-
#
|
|
1384
|
-
#
|
|
1520
|
+
# # Apply the above configuration only to a new client.
|
|
1521
|
+
# client = ::Google::Cloud::Asset::V1::AssetService::Client.new do |config|
|
|
1522
|
+
# config.timeout = 10.0
|
|
1523
|
+
# config.rpcs.export_assets.timeout = 20.0
|
|
1524
|
+
# end
|
|
1385
1525
|
#
|
|
1386
1526
|
# @!attribute [rw] endpoint
|
|
1387
1527
|
# The hostname or hostname:port of the service endpoint.
|
|
@@ -1549,6 +1689,11 @@ module Google
|
|
|
1549
1689
|
# @return [::Gapic::Config::Method]
|
|
1550
1690
|
#
|
|
1551
1691
|
attr_reader :analyze_iam_policy_longrunning
|
|
1692
|
+
##
|
|
1693
|
+
# RPC-specific configuration for `analyze_move`
|
|
1694
|
+
# @return [::Gapic::Config::Method]
|
|
1695
|
+
#
|
|
1696
|
+
attr_reader :analyze_move
|
|
1552
1697
|
|
|
1553
1698
|
# @private
|
|
1554
1699
|
def initialize parent_rpcs = nil
|
|
@@ -1576,6 +1721,8 @@ module Google
|
|
|
1576
1721
|
@analyze_iam_policy = ::Gapic::Config::Method.new analyze_iam_policy_config
|
|
1577
1722
|
analyze_iam_policy_longrunning_config = parent_rpcs.analyze_iam_policy_longrunning if parent_rpcs.respond_to? :analyze_iam_policy_longrunning
|
|
1578
1723
|
@analyze_iam_policy_longrunning = ::Gapic::Config::Method.new analyze_iam_policy_longrunning_config
|
|
1724
|
+
analyze_move_config = parent_rpcs.analyze_move if parent_rpcs.respond_to? :analyze_move
|
|
1725
|
+
@analyze_move = ::Gapic::Config::Method.new analyze_move_config
|
|
1579
1726
|
|
|
1580
1727
|
yield self if block_given?
|
|
1581
1728
|
end
|