google-cloud-asset-v1 0.13.0 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +8 -8
- data/README.md +1 -1
- data/lib/google/cloud/asset/v1/asset_service/client.rb +250 -86
- data/lib/google/cloud/asset/v1/asset_service/operations.rb +31 -22
- data/lib/google/cloud/asset/v1/asset_service_pb.rb +44 -0
- data/lib/google/cloud/asset/v1/asset_service_services_pb.rb +7 -1
- data/lib/google/cloud/asset/v1/assets_pb.rb +31 -0
- data/lib/google/cloud/asset/v1/version.rb +1 -1
- data/lib/google/identity/accesscontextmanager/v1/access_level_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb +60 -0
- data/proto_docs/google/cloud/asset/v1/asset_service.rb +206 -3
- data/proto_docs/google/cloud/asset/v1/assets.rb +140 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_level.rb +2 -2
- data/proto_docs/google/identity/accesscontextmanager/v1/access_policy.rb +1 -1
- data/proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb +328 -2
- metadata +4 -4
@@ -82,7 +82,7 @@ module Google
|
|
82
82
|
# Create credentials
|
83
83
|
credentials = @config.credentials
|
84
84
|
credentials ||= Credentials.default scope: @config.scope
|
85
|
-
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
85
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
86
86
|
credentials = Credentials.new credentials, scope: @config.scope
|
87
87
|
end
|
88
88
|
@quota_project_id = @config.quota_project
|
@@ -169,7 +169,9 @@ module Google
|
|
169
169
|
options.apply_defaults timeout: @config.rpcs.list_operations.timeout,
|
170
170
|
metadata: metadata,
|
171
171
|
retry_policy: @config.rpcs.list_operations.retry_policy
|
172
|
-
|
172
|
+
|
173
|
+
options.apply_defaults timeout: @config.timeout,
|
174
|
+
metadata: @config.metadata,
|
173
175
|
retry_policy: @config.retry_policy
|
174
176
|
|
175
177
|
@operations_stub.call_rpc :list_operations, request, options: options do |response, operation|
|
@@ -239,7 +241,9 @@ module Google
|
|
239
241
|
options.apply_defaults timeout: @config.rpcs.get_operation.timeout,
|
240
242
|
metadata: metadata,
|
241
243
|
retry_policy: @config.rpcs.get_operation.retry_policy
|
242
|
-
|
244
|
+
|
245
|
+
options.apply_defaults timeout: @config.timeout,
|
246
|
+
metadata: @config.metadata,
|
243
247
|
retry_policy: @config.retry_policy
|
244
248
|
|
245
249
|
@operations_stub.call_rpc :get_operation, request, options: options do |response, operation|
|
@@ -309,7 +313,9 @@ module Google
|
|
309
313
|
options.apply_defaults timeout: @config.rpcs.delete_operation.timeout,
|
310
314
|
metadata: metadata,
|
311
315
|
retry_policy: @config.rpcs.delete_operation.retry_policy
|
312
|
-
|
316
|
+
|
317
|
+
options.apply_defaults timeout: @config.timeout,
|
318
|
+
metadata: @config.metadata,
|
313
319
|
retry_policy: @config.retry_policy
|
314
320
|
|
315
321
|
@operations_stub.call_rpc :delete_operation, request, options: options do |response, operation|
|
@@ -384,7 +390,9 @@ module Google
|
|
384
390
|
options.apply_defaults timeout: @config.rpcs.cancel_operation.timeout,
|
385
391
|
metadata: metadata,
|
386
392
|
retry_policy: @config.rpcs.cancel_operation.retry_policy
|
387
|
-
|
393
|
+
|
394
|
+
options.apply_defaults timeout: @config.timeout,
|
395
|
+
metadata: @config.metadata,
|
388
396
|
retry_policy: @config.retry_policy
|
389
397
|
|
390
398
|
@operations_stub.call_rpc :cancel_operation, request, options: options do |response, operation|
|
@@ -456,7 +464,9 @@ module Google
|
|
456
464
|
options.apply_defaults timeout: @config.rpcs.wait_operation.timeout,
|
457
465
|
metadata: metadata,
|
458
466
|
retry_policy: @config.rpcs.wait_operation.retry_policy
|
459
|
-
|
467
|
+
|
468
|
+
options.apply_defaults timeout: @config.timeout,
|
469
|
+
metadata: @config.metadata,
|
460
470
|
retry_policy: @config.retry_policy
|
461
471
|
|
462
472
|
@operations_stub.call_rpc :wait_operation, request, options: options do |response, operation|
|
@@ -481,22 +491,21 @@ module Google
|
|
481
491
|
# Configuration can be applied globally to all clients, or to a single client
|
482
492
|
# on construction.
|
483
493
|
#
|
484
|
-
#
|
485
|
-
#
|
486
|
-
#
|
487
|
-
# to 20 seconds,
|
488
|
-
#
|
489
|
-
#
|
490
|
-
#
|
491
|
-
#
|
492
|
-
#
|
493
|
-
#
|
494
|
-
#
|
495
|
-
#
|
496
|
-
#
|
497
|
-
#
|
498
|
-
#
|
499
|
-
# end
|
494
|
+
# @example
|
495
|
+
#
|
496
|
+
# # Modify the global config, setting the timeout for
|
497
|
+
# # list_operations to 20 seconds,
|
498
|
+
# # and all remaining timeouts to 10 seconds.
|
499
|
+
# ::Google::Longrunning::Operations::Client.configure do |config|
|
500
|
+
# config.timeout = 10.0
|
501
|
+
# config.rpcs.list_operations.timeout = 20.0
|
502
|
+
# end
|
503
|
+
#
|
504
|
+
# # Apply the above configuration only to a new client.
|
505
|
+
# client = ::Google::Longrunning::Operations::Client.new do |config|
|
506
|
+
# config.timeout = 10.0
|
507
|
+
# config.rpcs.list_operations.timeout = 20.0
|
508
|
+
# end
|
500
509
|
#
|
501
510
|
# @!attribute [rw] endpoint
|
502
511
|
# The hostname or hostname:port of the service endpoint.
|
@@ -14,15 +14,20 @@ require 'google/protobuf/empty_pb'
|
|
14
14
|
require 'google/protobuf/field_mask_pb'
|
15
15
|
require 'google/protobuf/struct_pb'
|
16
16
|
require 'google/protobuf/timestamp_pb'
|
17
|
+
require 'google/rpc/status_pb'
|
17
18
|
require 'google/type/expr_pb'
|
18
19
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
19
20
|
add_file("google/cloud/asset/v1/asset_service.proto", :syntax => :proto3) do
|
21
|
+
add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningMetadata" do
|
22
|
+
optional :create_time, :message, 1, "google.protobuf.Timestamp"
|
23
|
+
end
|
20
24
|
add_message "google.cloud.asset.v1.ExportAssetsRequest" do
|
21
25
|
optional :parent, :string, 1
|
22
26
|
optional :read_time, :message, 2, "google.protobuf.Timestamp"
|
23
27
|
repeated :asset_types, :string, 3
|
24
28
|
optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
|
25
29
|
optional :output_config, :message, 5, "google.cloud.asset.v1.OutputConfig"
|
30
|
+
repeated :relationship_types, :string, 6
|
26
31
|
end
|
27
32
|
add_message "google.cloud.asset.v1.ExportAssetsResponse" do
|
28
33
|
optional :read_time, :message, 1, "google.protobuf.Timestamp"
|
@@ -36,6 +41,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
36
41
|
optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
|
37
42
|
optional :page_size, :int32, 5
|
38
43
|
optional :page_token, :string, 6
|
44
|
+
repeated :relationship_types, :string, 7
|
39
45
|
end
|
40
46
|
add_message "google.cloud.asset.v1.ListAssetsResponse" do
|
41
47
|
optional :read_time, :message, 1, "google.protobuf.Timestamp"
|
@@ -47,6 +53,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
47
53
|
repeated :asset_names, :string, 2
|
48
54
|
optional :content_type, :enum, 3, "google.cloud.asset.v1.ContentType"
|
49
55
|
optional :read_time_window, :message, 4, "google.cloud.asset.v1.TimeWindow"
|
56
|
+
repeated :relationship_types, :string, 5
|
50
57
|
end
|
51
58
|
add_message "google.cloud.asset.v1.BatchGetAssetsHistoryResponse" do
|
52
59
|
repeated :assets, :message, 1, "google.cloud.asset.v1.TemporalAsset"
|
@@ -122,6 +129,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
122
129
|
optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
|
123
130
|
optional :feed_output_config, :message, 5, "google.cloud.asset.v1.FeedOutputConfig"
|
124
131
|
optional :condition, :message, 6, "google.type.Expr"
|
132
|
+
repeated :relationship_types, :string, 7
|
125
133
|
end
|
126
134
|
add_message "google.cloud.asset.v1.SearchAllResourcesRequest" do
|
127
135
|
optional :scope, :string, 1
|
@@ -130,6 +138,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
130
138
|
optional :page_size, :int32, 4
|
131
139
|
optional :page_token, :string, 5
|
132
140
|
optional :order_by, :string, 6
|
141
|
+
optional :read_mask, :message, 8, "google.protobuf.FieldMask"
|
133
142
|
end
|
134
143
|
add_message "google.cloud.asset.v1.SearchAllResourcesResponse" do
|
135
144
|
repeated :results, :message, 1, "google.cloud.asset.v1.ResourceSearchResult"
|
@@ -218,6 +227,33 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
218
227
|
end
|
219
228
|
add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse" do
|
220
229
|
end
|
230
|
+
add_message "google.cloud.asset.v1.AnalyzeMoveRequest" do
|
231
|
+
optional :resource, :string, 1
|
232
|
+
optional :destination_parent, :string, 2
|
233
|
+
optional :view, :enum, 3, "google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView"
|
234
|
+
end
|
235
|
+
add_enum "google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView" do
|
236
|
+
value :ANALYSIS_VIEW_UNSPECIFIED, 0
|
237
|
+
value :FULL, 1
|
238
|
+
value :BASIC, 2
|
239
|
+
end
|
240
|
+
add_message "google.cloud.asset.v1.AnalyzeMoveResponse" do
|
241
|
+
repeated :move_analysis, :message, 1, "google.cloud.asset.v1.MoveAnalysis"
|
242
|
+
end
|
243
|
+
add_message "google.cloud.asset.v1.MoveAnalysis" do
|
244
|
+
optional :display_name, :string, 1
|
245
|
+
oneof :result do
|
246
|
+
optional :analysis, :message, 2, "google.cloud.asset.v1.MoveAnalysisResult"
|
247
|
+
optional :error, :message, 3, "google.rpc.Status"
|
248
|
+
end
|
249
|
+
end
|
250
|
+
add_message "google.cloud.asset.v1.MoveAnalysisResult" do
|
251
|
+
repeated :blockers, :message, 1, "google.cloud.asset.v1.MoveImpact"
|
252
|
+
repeated :warnings, :message, 2, "google.cloud.asset.v1.MoveImpact"
|
253
|
+
end
|
254
|
+
add_message "google.cloud.asset.v1.MoveImpact" do
|
255
|
+
optional :detail, :string, 1
|
256
|
+
end
|
221
257
|
add_enum "google.cloud.asset.v1.ContentType" do
|
222
258
|
value :CONTENT_TYPE_UNSPECIFIED, 0
|
223
259
|
value :RESOURCE, 1
|
@@ -225,6 +261,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
225
261
|
value :ORG_POLICY, 4
|
226
262
|
value :ACCESS_POLICY, 5
|
227
263
|
value :OS_INVENTORY, 6
|
264
|
+
value :RELATIONSHIP, 7
|
228
265
|
end
|
229
266
|
end
|
230
267
|
end
|
@@ -233,6 +270,7 @@ module Google
|
|
233
270
|
module Cloud
|
234
271
|
module Asset
|
235
272
|
module V1
|
273
|
+
AnalyzeIamPolicyLongrunningMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningMetadata").msgclass
|
236
274
|
ExportAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsRequest").msgclass
|
237
275
|
ExportAssetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsResponse").msgclass
|
238
276
|
ListAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ListAssetsRequest").msgclass
|
@@ -274,6 +312,12 @@ module Google
|
|
274
312
|
IamPolicyAnalysisOutputConfig::BigQueryDestination::PartitionKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey").enummodule
|
275
313
|
AnalyzeIamPolicyLongrunningRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningRequest").msgclass
|
276
314
|
AnalyzeIamPolicyLongrunningResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse").msgclass
|
315
|
+
AnalyzeMoveRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveRequest").msgclass
|
316
|
+
AnalyzeMoveRequest::AnalysisView = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView").enummodule
|
317
|
+
AnalyzeMoveResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveResponse").msgclass
|
318
|
+
MoveAnalysis = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveAnalysis").msgclass
|
319
|
+
MoveAnalysisResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveAnalysisResult").msgclass
|
320
|
+
MoveImpact = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveImpact").msgclass
|
277
321
|
ContentType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ContentType").enummodule
|
278
322
|
end
|
279
323
|
end
|
@@ -87,8 +87,14 @@ module Google
|
|
87
87
|
# [google.longrunning.Operation][google.longrunning.Operation], which allows you to track the operation
|
88
88
|
# status. We recommend intervals of at least 2 seconds with exponential
|
89
89
|
# backoff retry to poll the operation result. The metadata contains the
|
90
|
-
#
|
90
|
+
# metadata for the long-running operation.
|
91
91
|
rpc :AnalyzeIamPolicyLongrunning, ::Google::Cloud::Asset::V1::AnalyzeIamPolicyLongrunningRequest, ::Google::Longrunning::Operation
|
92
|
+
# Analyze moving a resource to a specified destination without kicking off
|
93
|
+
# the actual move. The analysis is best effort depending on the user's
|
94
|
+
# permissions of viewing different hierarchical policies and configurations.
|
95
|
+
# The policies and configuration are subject to change before the actual
|
96
|
+
# resource migration takes place.
|
97
|
+
rpc :AnalyzeMove, ::Google::Cloud::Asset::V1::AnalyzeMoveRequest, ::Google::Cloud::Asset::V1::AnalyzeMoveResponse
|
92
98
|
end
|
93
99
|
|
94
100
|
Stub = Service.rpc_stub_class
|
@@ -43,6 +43,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
43
43
|
optional :iam_policy, :message, 4, "google.iam.v1.Policy"
|
44
44
|
repeated :org_policy, :message, 6, "google.cloud.orgpolicy.v1.Policy"
|
45
45
|
optional :os_inventory, :message, 12, "google.cloud.osconfig.v1.Inventory"
|
46
|
+
optional :related_assets, :message, 13, "google.cloud.asset.v1.RelatedAssets"
|
46
47
|
repeated :ancestors, :string, 10
|
47
48
|
oneof :access_context_policy do
|
48
49
|
optional :access_policy, :message, 7, "google.identity.accesscontextmanager.v1.AccessPolicy"
|
@@ -59,6 +60,21 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
59
60
|
optional :data, :message, 6, "google.protobuf.Struct"
|
60
61
|
optional :location, :string, 8
|
61
62
|
end
|
63
|
+
add_message "google.cloud.asset.v1.RelatedAssets" do
|
64
|
+
optional :relationship_attributes, :message, 1, "google.cloud.asset.v1.RelationshipAttributes"
|
65
|
+
repeated :assets, :message, 2, "google.cloud.asset.v1.RelatedAsset"
|
66
|
+
end
|
67
|
+
add_message "google.cloud.asset.v1.RelationshipAttributes" do
|
68
|
+
optional :type, :string, 4
|
69
|
+
optional :source_resource_type, :string, 1
|
70
|
+
optional :target_resource_type, :string, 2
|
71
|
+
optional :action, :string, 3
|
72
|
+
end
|
73
|
+
add_message "google.cloud.asset.v1.RelatedAsset" do
|
74
|
+
optional :asset, :string, 1
|
75
|
+
optional :asset_type, :string, 2
|
76
|
+
repeated :ancestors, :string, 3
|
77
|
+
end
|
62
78
|
add_message "google.cloud.asset.v1.ResourceSearchResult" do
|
63
79
|
optional :name, :string, 1
|
64
80
|
optional :asset_type, :string, 2
|
@@ -76,8 +92,18 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
76
92
|
optional :state, :string, 13
|
77
93
|
optional :additional_attributes, :message, 9, "google.protobuf.Struct"
|
78
94
|
optional :parent_full_resource_name, :string, 19
|
95
|
+
repeated :versioned_resources, :message, 16, "google.cloud.asset.v1.VersionedResource"
|
96
|
+
repeated :attached_resources, :message, 20, "google.cloud.asset.v1.AttachedResource"
|
79
97
|
optional :parent_asset_type, :string, 103
|
80
98
|
end
|
99
|
+
add_message "google.cloud.asset.v1.VersionedResource" do
|
100
|
+
optional :version, :string, 1
|
101
|
+
optional :resource, :message, 2, "google.protobuf.Struct"
|
102
|
+
end
|
103
|
+
add_message "google.cloud.asset.v1.AttachedResource" do
|
104
|
+
optional :asset_type, :string, 1
|
105
|
+
repeated :versioned_resources, :message, 3, "google.cloud.asset.v1.VersionedResource"
|
106
|
+
end
|
81
107
|
add_message "google.cloud.asset.v1.IamPolicySearchResult" do
|
82
108
|
optional :resource, :string, 1
|
83
109
|
optional :asset_type, :string, 5
|
@@ -154,7 +180,12 @@ module Google
|
|
154
180
|
TimeWindow = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.TimeWindow").msgclass
|
155
181
|
Asset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.Asset").msgclass
|
156
182
|
Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.Resource").msgclass
|
183
|
+
RelatedAssets = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelatedAssets").msgclass
|
184
|
+
RelationshipAttributes = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelationshipAttributes").msgclass
|
185
|
+
RelatedAsset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelatedAsset").msgclass
|
157
186
|
ResourceSearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ResourceSearchResult").msgclass
|
187
|
+
VersionedResource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.VersionedResource").msgclass
|
188
|
+
AttachedResource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AttachedResource").msgclass
|
158
189
|
IamPolicySearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult").msgclass
|
159
190
|
IamPolicySearchResult::Explanation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation").msgclass
|
160
191
|
IamPolicySearchResult::Explanation::Permissions = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions").msgclass
|
@@ -3,6 +3,7 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
+
require 'google/api/resource_pb'
|
6
7
|
require 'google/protobuf/timestamp_pb'
|
7
8
|
require 'google/api/annotations_pb'
|
8
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
@@ -27,11 +28,60 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
27
28
|
repeated :access_levels, :string, 2
|
28
29
|
repeated :restricted_services, :string, 4
|
29
30
|
optional :vpc_accessible_services, :message, 10, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices"
|
31
|
+
repeated :ingress_policies, :message, 8, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy"
|
32
|
+
repeated :egress_policies, :message, 9, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy"
|
30
33
|
end
|
31
34
|
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices" do
|
32
35
|
optional :enable_restriction, :bool, 1
|
33
36
|
repeated :allowed_services, :string, 2
|
34
37
|
end
|
38
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector" do
|
39
|
+
oneof :kind do
|
40
|
+
optional :method, :string, 1
|
41
|
+
optional :permission, :string, 2
|
42
|
+
end
|
43
|
+
end
|
44
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation" do
|
45
|
+
optional :service_name, :string, 1
|
46
|
+
repeated :method_selectors, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector"
|
47
|
+
end
|
48
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource" do
|
49
|
+
oneof :source do
|
50
|
+
optional :access_level, :string, 1
|
51
|
+
optional :resource, :string, 2
|
52
|
+
end
|
53
|
+
end
|
54
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
|
55
|
+
repeated :resources, :string, 1
|
56
|
+
repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
57
|
+
end
|
58
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom" do
|
59
|
+
repeated :sources, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource"
|
60
|
+
repeated :identities, :string, 2
|
61
|
+
optional :identity_type, :enum, 3, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
|
62
|
+
end
|
63
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo" do
|
64
|
+
repeated :operations, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
65
|
+
repeated :resources, :string, 2
|
66
|
+
end
|
67
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy" do
|
68
|
+
optional :ingress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom"
|
69
|
+
optional :ingress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo"
|
70
|
+
end
|
71
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
|
72
|
+
optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
|
73
|
+
optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
|
74
|
+
end
|
75
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom" do
|
76
|
+
repeated :identities, :string, 1
|
77
|
+
optional :identity_type, :enum, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
|
78
|
+
end
|
79
|
+
add_enum "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType" do
|
80
|
+
value :IDENTITY_TYPE_UNSPECIFIED, 0
|
81
|
+
value :ANY_IDENTITY, 1
|
82
|
+
value :ANY_USER_ACCOUNT, 2
|
83
|
+
value :ANY_SERVICE_ACCOUNT, 3
|
84
|
+
end
|
35
85
|
end
|
36
86
|
end
|
37
87
|
|
@@ -43,6 +93,16 @@ module Google
|
|
43
93
|
ServicePerimeter::PerimeterType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType").enummodule
|
44
94
|
ServicePerimeterConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig").msgclass
|
45
95
|
ServicePerimeterConfig::VpcAccessibleServices = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices").msgclass
|
96
|
+
ServicePerimeterConfig::MethodSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector").msgclass
|
97
|
+
ServicePerimeterConfig::ApiOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation").msgclass
|
98
|
+
ServicePerimeterConfig::IngressSource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource").msgclass
|
99
|
+
ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
|
100
|
+
ServicePerimeterConfig::IngressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom").msgclass
|
101
|
+
ServicePerimeterConfig::IngressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo").msgclass
|
102
|
+
ServicePerimeterConfig::IngressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy").msgclass
|
103
|
+
ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
|
104
|
+
ServicePerimeterConfig::EgressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom").msgclass
|
105
|
+
ServicePerimeterConfig::IdentityType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType").enummodule
|
46
106
|
end
|
47
107
|
end
|
48
108
|
end
|
@@ -21,6 +21,16 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module Asset
|
23
23
|
module V1
|
24
|
+
# Represents the metadata of the longrunning operation for the
|
25
|
+
# AnalyzeIamPolicyLongrunning rpc.
|
26
|
+
# @!attribute [r] create_time
|
27
|
+
# @return [::Google::Protobuf::Timestamp]
|
28
|
+
# Output only. The time the operation was created.
|
29
|
+
class AnalyzeIamPolicyLongrunningMetadata
|
30
|
+
include ::Google::Protobuf::MessageExts
|
31
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
32
|
+
end
|
33
|
+
|
24
34
|
# Export asset request.
|
25
35
|
# @!attribute [rw] parent
|
26
36
|
# @return [::String]
|
@@ -62,6 +72,23 @@ module Google
|
|
62
72
|
# @!attribute [rw] output_config
|
63
73
|
# @return [::Google::Cloud::Asset::V1::OutputConfig]
|
64
74
|
# Required. Output configuration indicating where the results will be output to.
|
75
|
+
# @!attribute [rw] relationship_types
|
76
|
+
# @return [::Array<::String>]
|
77
|
+
# A list of relationship types to export, for example:
|
78
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
79
|
+
# content_type=RELATIONSHIP.
|
80
|
+
# * If specified:
|
81
|
+
# it snapshots specified relationships. It returns an error if
|
82
|
+
# any of the [relationship_types] doesn't belong to the supported
|
83
|
+
# relationship types of the [asset_types] or if any of the [asset_types]
|
84
|
+
# doesn't belong to the source types of the [relationship_types].
|
85
|
+
# * Otherwise:
|
86
|
+
# it snapshots the supported relationships for all [asset_types] or returns
|
87
|
+
# an error if any of the [asset_types] has no relationship support.
|
88
|
+
# An unspecified asset types field means all supported asset_types.
|
89
|
+
# See [Introduction to Cloud Asset
|
90
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all
|
91
|
+
# supported asset types and relationship types.
|
65
92
|
class ExportAssetsRequest
|
66
93
|
include ::Google::Protobuf::MessageExts
|
67
94
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -135,6 +162,23 @@ module Google
|
|
135
162
|
# The `next_page_token` returned from the previous `ListAssetsResponse`, or
|
136
163
|
# unspecified for the first `ListAssetsRequest`. It is a continuation of a
|
137
164
|
# prior `ListAssets` call, and the API should return the next page of assets.
|
165
|
+
# @!attribute [rw] relationship_types
|
166
|
+
# @return [::Array<::String>]
|
167
|
+
# A list of relationship types to output, for example:
|
168
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
169
|
+
# content_type=RELATIONSHIP.
|
170
|
+
# * If specified:
|
171
|
+
# it snapshots specified relationships. It returns an error if
|
172
|
+
# any of the [relationship_types] doesn't belong to the supported
|
173
|
+
# relationship types of the [asset_types] or if any of the [asset_types]
|
174
|
+
# doesn't belong to the source types of the [relationship_types].
|
175
|
+
# * Otherwise:
|
176
|
+
# it snapshots the supported relationships for all [asset_types] or returns
|
177
|
+
# an error if any of the [asset_types] has no relationship support.
|
178
|
+
# An unspecified asset types field means all supported asset_types.
|
179
|
+
# See [Introduction to Cloud Asset
|
180
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview)
|
181
|
+
# for all supported asset types and relationship types.
|
138
182
|
class ListAssetsRequest
|
139
183
|
include ::Google::Protobuf::MessageExts
|
140
184
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -184,6 +228,24 @@ module Google
|
|
184
228
|
# If start_time is not set, the snapshot of the assets at end_time will be
|
185
229
|
# returned. The returned results contain all temporal assets whose time
|
186
230
|
# window overlap with read_time_window.
|
231
|
+
# @!attribute [rw] relationship_types
|
232
|
+
# @return [::Array<::String>]
|
233
|
+
# Optional. A list of relationship types to output, for example:
|
234
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
235
|
+
# content_type=RELATIONSHIP.
|
236
|
+
# * If specified:
|
237
|
+
# it outputs specified relationships' history on the [asset_names]. It
|
238
|
+
# returns an error if any of the [relationship_types] doesn't belong to the
|
239
|
+
# supported relationship types of the [asset_names] or if any of the
|
240
|
+
# [asset_names]'s types doesn't belong to the source types of the
|
241
|
+
# [relationship_types].
|
242
|
+
# * Otherwise:
|
243
|
+
# it outputs the supported relationships' history on the [asset_names] or
|
244
|
+
# returns an error if any of the [asset_names]'s types has no relationship
|
245
|
+
# support.
|
246
|
+
# See [Introduction to Cloud Asset
|
247
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all
|
248
|
+
# supported asset types and relationship types.
|
187
249
|
class BatchGetAssetsHistoryRequest
|
188
250
|
include ::Google::Protobuf::MessageExts
|
189
251
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -518,8 +580,26 @@ module Google
|
|
518
580
|
# optional.
|
519
581
|
#
|
520
582
|
# See our [user
|
521
|
-
# guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes
|
583
|
+
# guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes-with-condition)
|
522
584
|
# for detailed instructions.
|
585
|
+
# @!attribute [rw] relationship_types
|
586
|
+
# @return [::Array<::String>]
|
587
|
+
# A list of relationship types to output, for example:
|
588
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
589
|
+
# content_type=RELATIONSHIP.
|
590
|
+
# * If specified:
|
591
|
+
# it outputs specified relationship updates on the [asset_names] or the
|
592
|
+
# [asset_types]. It returns an error if any of the [relationship_types]
|
593
|
+
# doesn't belong to the supported relationship types of the [asset_names] or
|
594
|
+
# [asset_types], or any of the [asset_names] or the [asset_types] doesn't
|
595
|
+
# belong to the source types of the [relationship_types].
|
596
|
+
# * Otherwise:
|
597
|
+
# it outputs the supported relationships of the types of [asset_names] and
|
598
|
+
# [asset_types] or returns an error if any of the [asset_names] or the
|
599
|
+
# [asset_types] has no replationship support.
|
600
|
+
# See [Introduction to Cloud Asset
|
601
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview)
|
602
|
+
# for all supported asset types and relationship types.
|
523
603
|
class Feed
|
524
604
|
include ::Google::Protobuf::MessageExts
|
525
605
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -565,8 +645,8 @@ module Google
|
|
565
645
|
# encryption key whose name contains the word "key".
|
566
646
|
# * `state:ACTIVE` to find Cloud resources whose state contains "ACTIVE" as a
|
567
647
|
# word.
|
568
|
-
# * `NOT state:ACTIVE` to find
|
569
|
-
#
|
648
|
+
# * `NOT state:ACTIVE` to find Cloud resources whose state doesn't contain
|
649
|
+
# "ACTIVE" as a word.
|
570
650
|
# * `createTime<1609459200` to find Cloud resources that were created before
|
571
651
|
# "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
|
572
652
|
# "2021-01-01 00:00:00 UTC" in seconds.
|
@@ -616,6 +696,7 @@ module Google
|
|
616
696
|
# to indicate descending order. Redundant space characters are ignored.
|
617
697
|
# Example: "location DESC, name".
|
618
698
|
# Only singular primitive fields in the response are sortable:
|
699
|
+
#
|
619
700
|
# * name
|
620
701
|
# * assetType
|
621
702
|
# * project
|
@@ -628,9 +709,40 @@ module Google
|
|
628
709
|
# * state
|
629
710
|
# * parentFullResourceName
|
630
711
|
# * parentAssetType
|
712
|
+
#
|
631
713
|
# All the other fields such as repeated fields (e.g., `networkTags`), map
|
632
714
|
# fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`)
|
633
715
|
# are not supported.
|
716
|
+
# @!attribute [rw] read_mask
|
717
|
+
# @return [::Google::Protobuf::FieldMask]
|
718
|
+
# Optional. A comma-separated list of fields specifying which fields to be returned in
|
719
|
+
# ResourceSearchResult. Only '*' or combination of top level fields can be
|
720
|
+
# specified. Field names of both snake_case and camelCase are supported.
|
721
|
+
# Examples: `"*"`, `"name,location"`, `"name,versionedResources"`.
|
722
|
+
#
|
723
|
+
# The read_mask paths must be valid field paths listed but not limited to
|
724
|
+
# (both snake_case and camelCase are supported):
|
725
|
+
#
|
726
|
+
# * name
|
727
|
+
# * assetType
|
728
|
+
# * project
|
729
|
+
# * displayName
|
730
|
+
# * description
|
731
|
+
# * location
|
732
|
+
# * labels
|
733
|
+
# * networkTags
|
734
|
+
# * kmsKey
|
735
|
+
# * createTime
|
736
|
+
# * updateTime
|
737
|
+
# * state
|
738
|
+
# * additionalAttributes
|
739
|
+
# * versionedResources
|
740
|
+
#
|
741
|
+
# If read_mask is not specified, all fields except versionedResources will
|
742
|
+
# be returned.
|
743
|
+
# If only '*' is specified, all fields including versionedResources will be
|
744
|
+
# returned.
|
745
|
+
# Any invalid field path will trigger INVALID_ARGUMENT error.
|
634
746
|
class SearchAllResourcesRequest
|
635
747
|
include ::Google::Protobuf::MessageExts
|
636
748
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1114,6 +1226,94 @@ module Google
|
|
1114
1226
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1115
1227
|
end
|
1116
1228
|
|
1229
|
+
# The request message for performing resource move analysis.
|
1230
|
+
# @!attribute [rw] resource
|
1231
|
+
# @return [::String]
|
1232
|
+
# Required. Name of the resource to perform the analysis against.
|
1233
|
+
# Only GCP Project are supported as of today. Hence, this can only be Project
|
1234
|
+
# ID (such as "projects/my-project-id") or a Project Number (such as
|
1235
|
+
# "projects/12345").
|
1236
|
+
# @!attribute [rw] destination_parent
|
1237
|
+
# @return [::String]
|
1238
|
+
# Required. Name of the GCP Folder or Organization to reparent the target
|
1239
|
+
# resource. The analysis will be performed against hypothetically moving the
|
1240
|
+
# resource to this specified desitination parent. This can only be a Folder
|
1241
|
+
# number (such as "folders/123") or an Organization number (such as
|
1242
|
+
# "organizations/123").
|
1243
|
+
# @!attribute [rw] view
|
1244
|
+
# @return [::Google::Cloud::Asset::V1::AnalyzeMoveRequest::AnalysisView]
|
1245
|
+
# Analysis view indicating what information should be included in the
|
1246
|
+
# analysis response. If unspecified, the default view is FULL.
|
1247
|
+
class AnalyzeMoveRequest
|
1248
|
+
include ::Google::Protobuf::MessageExts
|
1249
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1250
|
+
|
1251
|
+
# View enum for supporting partial analysis responses.
|
1252
|
+
module AnalysisView
|
1253
|
+
# The default/unset value.
|
1254
|
+
# The API will default to the FULL view.
|
1255
|
+
ANALYSIS_VIEW_UNSPECIFIED = 0
|
1256
|
+
|
1257
|
+
# Full analysis including all level of impacts of the specified resource
|
1258
|
+
# move.
|
1259
|
+
FULL = 1
|
1260
|
+
|
1261
|
+
# Basic analysis only including blockers which will prevent the specified
|
1262
|
+
# resource move at runtime.
|
1263
|
+
BASIC = 2
|
1264
|
+
end
|
1265
|
+
end
|
1266
|
+
|
1267
|
+
# The response message for resource move analysis.
|
1268
|
+
# @!attribute [rw] move_analysis
|
1269
|
+
# @return [::Array<::Google::Cloud::Asset::V1::MoveAnalysis>]
|
1270
|
+
# The list of analyses returned from performing the intended resource move
|
1271
|
+
# analysis. The analysis is grouped by different Cloud services.
|
1272
|
+
class AnalyzeMoveResponse
|
1273
|
+
include ::Google::Protobuf::MessageExts
|
1274
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1275
|
+
end
|
1276
|
+
|
1277
|
+
# A message to group the analysis information.
|
1278
|
+
# @!attribute [rw] display_name
|
1279
|
+
# @return [::String]
|
1280
|
+
# The user friendly display name of the analysis. E.g. IAM, Organization
|
1281
|
+
# Policy etc.
|
1282
|
+
# @!attribute [rw] analysis
|
1283
|
+
# @return [::Google::Cloud::Asset::V1::MoveAnalysisResult]
|
1284
|
+
# Analysis result of moving the target resource.
|
1285
|
+
# @!attribute [rw] error
|
1286
|
+
# @return [::Google::Rpc::Status]
|
1287
|
+
# Description of error encountered when performing the analysis.
|
1288
|
+
class MoveAnalysis
|
1289
|
+
include ::Google::Protobuf::MessageExts
|
1290
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1291
|
+
end
|
1292
|
+
|
1293
|
+
# An analysis result including blockers and warnings.
|
1294
|
+
# @!attribute [rw] blockers
|
1295
|
+
# @return [::Array<::Google::Cloud::Asset::V1::MoveImpact>]
|
1296
|
+
# Blocking information that would prevent the target resource from moving
|
1297
|
+
# to the specified destination at runtime.
|
1298
|
+
# @!attribute [rw] warnings
|
1299
|
+
# @return [::Array<::Google::Cloud::Asset::V1::MoveImpact>]
|
1300
|
+
# Warning information indicating that moving the target resource to the
|
1301
|
+
# specified destination might be unsafe. This can include important policy
|
1302
|
+
# information and configuration changes, but will not block moves at runtime.
|
1303
|
+
class MoveAnalysisResult
|
1304
|
+
include ::Google::Protobuf::MessageExts
|
1305
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1306
|
+
end
|
1307
|
+
|
1308
|
+
# A message to group impacts of moving the target resource.
|
1309
|
+
# @!attribute [rw] detail
|
1310
|
+
# @return [::String]
|
1311
|
+
# User friendly impact detail in a free form message.
|
1312
|
+
class MoveImpact
|
1313
|
+
include ::Google::Protobuf::MessageExts
|
1314
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1315
|
+
end
|
1316
|
+
|
1117
1317
|
# Asset content type.
|
1118
1318
|
module ContentType
|
1119
1319
|
# Unspecified content type.
|
@@ -1133,6 +1333,9 @@ module Google
|
|
1133
1333
|
|
1134
1334
|
# The runtime OS Inventory information.
|
1135
1335
|
OS_INVENTORY = 6
|
1336
|
+
|
1337
|
+
# The related resources.
|
1338
|
+
RELATIONSHIP = 7
|
1136
1339
|
end
|
1137
1340
|
end
|
1138
1341
|
end
|