google-cloud-asset-v1 0.13.0 → 0.15.0

data/lib/google/cloud/asset/v1/asset_service/operations.rb

@@ -82,7 +82,7 @@ module Google
               # Create credentials
               credentials = @config.credentials
               credentials ||= Credentials.default scope: @config.scope
-              if credentials.is_a?(String) || credentials.is_a?(Hash)
+              if credentials.is_a?(::String) || credentials.is_a?(::Hash)
                 credentials = Credentials.new credentials, scope: @config.scope
               end
               @quota_project_id = @config.quota_project
@@ -169,7 +169,9 @@ module Google
               options.apply_defaults timeout:      @config.rpcs.list_operations.timeout,
                                      metadata:     metadata,
                                      retry_policy: @config.rpcs.list_operations.retry_policy
-              options.apply_defaults metadata:     @config.metadata,
+
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
                                      retry_policy: @config.retry_policy
 
               @operations_stub.call_rpc :list_operations, request, options: options do |response, operation|
@@ -239,7 +241,9 @@ module Google
               options.apply_defaults timeout:      @config.rpcs.get_operation.timeout,
                                      metadata:     metadata,
                                      retry_policy: @config.rpcs.get_operation.retry_policy
-              options.apply_defaults metadata:     @config.metadata,
+
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
                                      retry_policy: @config.retry_policy
 
               @operations_stub.call_rpc :get_operation, request, options: options do |response, operation|
@@ -309,7 +313,9 @@ module Google
               options.apply_defaults timeout:      @config.rpcs.delete_operation.timeout,
                                      metadata:     metadata,
                                      retry_policy: @config.rpcs.delete_operation.retry_policy
-              options.apply_defaults metadata:     @config.metadata,
+
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
                                      retry_policy: @config.retry_policy
 
               @operations_stub.call_rpc :delete_operation, request, options: options do |response, operation|
@@ -384,7 +390,9 @@ module Google
               options.apply_defaults timeout:      @config.rpcs.cancel_operation.timeout,
                                      metadata:     metadata,
                                      retry_policy: @config.rpcs.cancel_operation.retry_policy
-              options.apply_defaults metadata:     @config.metadata,
+
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
                                      retry_policy: @config.retry_policy
 
               @operations_stub.call_rpc :cancel_operation, request, options: options do |response, operation|
@@ -456,7 +464,9 @@ module Google
               options.apply_defaults timeout:      @config.rpcs.wait_operation.timeout,
                                      metadata:     metadata,
                                      retry_policy: @config.rpcs.wait_operation.retry_policy
-              options.apply_defaults metadata:     @config.metadata,
+
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
                                      retry_policy: @config.retry_policy
 
               @operations_stub.call_rpc :wait_operation, request, options: options do |response, operation|
@@ -481,22 +491,21 @@ module Google
             # Configuration can be applied globally to all clients, or to a single client
             # on construction.
             #
-            # # Examples
-            #
-            # To modify the global config, setting the timeout for list_operations
-            # to 20 seconds, and all remaining timeouts to 10 seconds:
-            #
-            #     ::Google::Longrunning::Operations::Client.configure do |config|
-            #       config.timeout = 10.0
-            #       config.rpcs.list_operations.timeout = 20.0
-            #     end
-            #
-            # To apply the above configuration only to a new client:
-            #
-            #     client = ::Google::Longrunning::Operations::Client.new do |config|
-            #       config.timeout = 10.0
-            #       config.rpcs.list_operations.timeout = 20.0
-            #     end
+            # @example
+            #
+            #   # Modify the global config, setting the timeout for
+            #   # list_operations to 20 seconds,
+            #   # and all remaining timeouts to 10 seconds.
+            #   ::Google::Longrunning::Operations::Client.configure do |config|
+            #     config.timeout = 10.0
+            #     config.rpcs.list_operations.timeout = 20.0
+            #   end
+            #
+            #   # Apply the above configuration only to a new client.
+            #   client = ::Google::Longrunning::Operations::Client.new do |config|
+            #     config.timeout = 10.0
+            #     config.rpcs.list_operations.timeout = 20.0
+            #   end
             #
             # @!attribute [rw] endpoint
             #   The hostname or hostname:port of the service endpoint.

data/lib/google/cloud/asset/v1/asset_service_pb.rb

@@ -14,15 +14,20 @@ require 'google/protobuf/empty_pb'
 require 'google/protobuf/field_mask_pb'
 require 'google/protobuf/struct_pb'
 require 'google/protobuf/timestamp_pb'
+require 'google/rpc/status_pb'
 require 'google/type/expr_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/cloud/asset/v1/asset_service.proto", :syntax => :proto3) do
+    add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningMetadata" do
+      optional :create_time, :message, 1, "google.protobuf.Timestamp"
+    end
     add_message "google.cloud.asset.v1.ExportAssetsRequest" do
       optional :parent, :string, 1
       optional :read_time, :message, 2, "google.protobuf.Timestamp"
       repeated :asset_types, :string, 3
       optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
       optional :output_config, :message, 5, "google.cloud.asset.v1.OutputConfig"
+      repeated :relationship_types, :string, 6
     end
     add_message "google.cloud.asset.v1.ExportAssetsResponse" do
       optional :read_time, :message, 1, "google.protobuf.Timestamp"
@@ -36,6 +41,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
       optional :page_size, :int32, 5
       optional :page_token, :string, 6
+      repeated :relationship_types, :string, 7
     end
     add_message "google.cloud.asset.v1.ListAssetsResponse" do
       optional :read_time, :message, 1, "google.protobuf.Timestamp"
@@ -47,6 +53,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :asset_names, :string, 2
       optional :content_type, :enum, 3, "google.cloud.asset.v1.ContentType"
       optional :read_time_window, :message, 4, "google.cloud.asset.v1.TimeWindow"
+      repeated :relationship_types, :string, 5
     end
     add_message "google.cloud.asset.v1.BatchGetAssetsHistoryResponse" do
       repeated :assets, :message, 1, "google.cloud.asset.v1.TemporalAsset"
@@ -122,6 +129,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
       optional :feed_output_config, :message, 5, "google.cloud.asset.v1.FeedOutputConfig"
       optional :condition, :message, 6, "google.type.Expr"
+      repeated :relationship_types, :string, 7
     end
     add_message "google.cloud.asset.v1.SearchAllResourcesRequest" do
       optional :scope, :string, 1
@@ -130,6 +138,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :page_size, :int32, 4
       optional :page_token, :string, 5
       optional :order_by, :string, 6
+      optional :read_mask, :message, 8, "google.protobuf.FieldMask"
     end
     add_message "google.cloud.asset.v1.SearchAllResourcesResponse" do
       repeated :results, :message, 1, "google.cloud.asset.v1.ResourceSearchResult"
@@ -218,6 +227,33 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     end
     add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse" do
     end
+    add_message "google.cloud.asset.v1.AnalyzeMoveRequest" do
+      optional :resource, :string, 1
+      optional :destination_parent, :string, 2
+      optional :view, :enum, 3, "google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView"
+    end
+    add_enum "google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView" do
+      value :ANALYSIS_VIEW_UNSPECIFIED, 0
+      value :FULL, 1
+      value :BASIC, 2
+    end
+    add_message "google.cloud.asset.v1.AnalyzeMoveResponse" do
+      repeated :move_analysis, :message, 1, "google.cloud.asset.v1.MoveAnalysis"
+    end
+    add_message "google.cloud.asset.v1.MoveAnalysis" do
+      optional :display_name, :string, 1
+      oneof :result do
+        optional :analysis, :message, 2, "google.cloud.asset.v1.MoveAnalysisResult"
+        optional :error, :message, 3, "google.rpc.Status"
+      end
+    end
+    add_message "google.cloud.asset.v1.MoveAnalysisResult" do
+      repeated :blockers, :message, 1, "google.cloud.asset.v1.MoveImpact"
+      repeated :warnings, :message, 2, "google.cloud.asset.v1.MoveImpact"
+    end
+    add_message "google.cloud.asset.v1.MoveImpact" do
+      optional :detail, :string, 1
+    end
     add_enum "google.cloud.asset.v1.ContentType" do
       value :CONTENT_TYPE_UNSPECIFIED, 0
       value :RESOURCE, 1
@@ -225,6 +261,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :ORG_POLICY, 4
       value :ACCESS_POLICY, 5
       value :OS_INVENTORY, 6
+      value :RELATIONSHIP, 7
     end
   end
 end
@@ -233,6 +270,7 @@ module Google
   module Cloud
     module Asset
       module V1
+        AnalyzeIamPolicyLongrunningMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningMetadata").msgclass
         ExportAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsRequest").msgclass
         ExportAssetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsResponse").msgclass
         ListAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ListAssetsRequest").msgclass
@@ -274,6 +312,12 @@ module Google
         IamPolicyAnalysisOutputConfig::BigQueryDestination::PartitionKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey").enummodule
         AnalyzeIamPolicyLongrunningRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningRequest").msgclass
         AnalyzeIamPolicyLongrunningResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse").msgclass
+        AnalyzeMoveRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveRequest").msgclass
+        AnalyzeMoveRequest::AnalysisView = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView").enummodule
+        AnalyzeMoveResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveResponse").msgclass
+        MoveAnalysis = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveAnalysis").msgclass
+        MoveAnalysisResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveAnalysisResult").msgclass
+        MoveImpact = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveImpact").msgclass
         ContentType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ContentType").enummodule
       end
     end

data/lib/google/cloud/asset/v1/asset_service_services_pb.rb

@@ -87,8 +87,14 @@ module Google
             # [google.longrunning.Operation][google.longrunning.Operation], which allows you to track the operation
             # status. We recommend intervals of at least 2 seconds with exponential
             # backoff retry to poll the operation result. The metadata contains the
-            # request to help callers to map responses to requests.
+            # metadata for the long-running operation.
             rpc :AnalyzeIamPolicyLongrunning, ::Google::Cloud::Asset::V1::AnalyzeIamPolicyLongrunningRequest, ::Google::Longrunning::Operation
+            # Analyze moving a resource to a specified destination without kicking off
+            # the actual move. The analysis is best effort depending on the user's
+            # permissions of viewing different hierarchical policies and configurations.
+            # The policies and configuration are subject to change before the actual
+            # resource migration takes place.
+            rpc :AnalyzeMove, ::Google::Cloud::Asset::V1::AnalyzeMoveRequest, ::Google::Cloud::Asset::V1::AnalyzeMoveResponse
           end
 
           Stub = Service.rpc_stub_class

data/lib/google/cloud/asset/v1/assets_pb.rb

@@ -43,6 +43,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :iam_policy, :message, 4, "google.iam.v1.Policy"
       repeated :org_policy, :message, 6, "google.cloud.orgpolicy.v1.Policy"
       optional :os_inventory, :message, 12, "google.cloud.osconfig.v1.Inventory"
+      optional :related_assets, :message, 13, "google.cloud.asset.v1.RelatedAssets"
       repeated :ancestors, :string, 10
       oneof :access_context_policy do
         optional :access_policy, :message, 7, "google.identity.accesscontextmanager.v1.AccessPolicy"
@@ -59,6 +60,21 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :data, :message, 6, "google.protobuf.Struct"
       optional :location, :string, 8
     end
+    add_message "google.cloud.asset.v1.RelatedAssets" do
+      optional :relationship_attributes, :message, 1, "google.cloud.asset.v1.RelationshipAttributes"
+      repeated :assets, :message, 2, "google.cloud.asset.v1.RelatedAsset"
+    end
+    add_message "google.cloud.asset.v1.RelationshipAttributes" do
+      optional :type, :string, 4
+      optional :source_resource_type, :string, 1
+      optional :target_resource_type, :string, 2
+      optional :action, :string, 3
+    end
+    add_message "google.cloud.asset.v1.RelatedAsset" do
+      optional :asset, :string, 1
+      optional :asset_type, :string, 2
+      repeated :ancestors, :string, 3
+    end
     add_message "google.cloud.asset.v1.ResourceSearchResult" do
       optional :name, :string, 1
       optional :asset_type, :string, 2
@@ -76,8 +92,18 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :state, :string, 13
       optional :additional_attributes, :message, 9, "google.protobuf.Struct"
       optional :parent_full_resource_name, :string, 19
+      repeated :versioned_resources, :message, 16, "google.cloud.asset.v1.VersionedResource"
+      repeated :attached_resources, :message, 20, "google.cloud.asset.v1.AttachedResource"
       optional :parent_asset_type, :string, 103
     end
+    add_message "google.cloud.asset.v1.VersionedResource" do
+      optional :version, :string, 1
+      optional :resource, :message, 2, "google.protobuf.Struct"
+    end
+    add_message "google.cloud.asset.v1.AttachedResource" do
+      optional :asset_type, :string, 1
+      repeated :versioned_resources, :message, 3, "google.cloud.asset.v1.VersionedResource"
+    end
     add_message "google.cloud.asset.v1.IamPolicySearchResult" do
       optional :resource, :string, 1
       optional :asset_type, :string, 5
@@ -154,7 +180,12 @@ module Google
         TimeWindow = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.TimeWindow").msgclass
         Asset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.Asset").msgclass
         Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.Resource").msgclass
+        RelatedAssets = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelatedAssets").msgclass
+        RelationshipAttributes = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelationshipAttributes").msgclass
+        RelatedAsset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelatedAsset").msgclass
         ResourceSearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ResourceSearchResult").msgclass
+        VersionedResource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.VersionedResource").msgclass
+        AttachedResource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AttachedResource").msgclass
         IamPolicySearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult").msgclass
         IamPolicySearchResult::Explanation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation").msgclass
         IamPolicySearchResult::Explanation::Permissions = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions").msgclass

data/lib/google/cloud/asset/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module Asset
       module V1
-        VERSION = "0.13.0"
+        VERSION = "0.15.0"
       end
     end
   end

data/lib/google/identity/accesscontextmanager/v1/access_level_pb.rb

@@ -3,6 +3,7 @@
 
 require 'google/protobuf'
 
+require 'google/api/resource_pb'
 require 'google/identity/accesscontextmanager/type/device_resources_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/type/expr_pb'

data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb

@@ -3,6 +3,7 @@
 
 require 'google/protobuf'
 
+require 'google/api/resource_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/api/annotations_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do

data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb

@@ -3,6 +3,7 @@
 
 require 'google/protobuf'
 
+require 'google/api/resource_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/api/annotations_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
@@ -27,11 +28,60 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :access_levels, :string, 2
       repeated :restricted_services, :string, 4
       optional :vpc_accessible_services, :message, 10, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices"
+      repeated :ingress_policies, :message, 8, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy"
+      repeated :egress_policies, :message, 9, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy"
     end
     add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices" do
       optional :enable_restriction, :bool, 1
       repeated :allowed_services, :string, 2
     end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector" do
+      oneof :kind do
+        optional :method, :string, 1
+        optional :permission, :string, 2
+      end
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation" do
+      optional :service_name, :string, 1
+      repeated :method_selectors, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector"
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource" do
+      oneof :source do
+        optional :access_level, :string, 1
+        optional :resource, :string, 2
+      end
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
+      repeated :resources, :string, 1
+      repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom" do
+      repeated :sources, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource"
+      repeated :identities, :string, 2
+      optional :identity_type, :enum, 3, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo" do
+      repeated :operations, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
+      repeated :resources, :string, 2
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy" do
+      optional :ingress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom"
+      optional :ingress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo"
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
+      optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
+      optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom" do
+      repeated :identities, :string, 1
+      optional :identity_type, :enum, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
+    end
+    add_enum "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType" do
+      value :IDENTITY_TYPE_UNSPECIFIED, 0
+      value :ANY_IDENTITY, 1
+      value :ANY_USER_ACCOUNT, 2
+      value :ANY_SERVICE_ACCOUNT, 3
+    end
   end
 end
 
@@ -43,6 +93,16 @@ module Google
         ServicePerimeter::PerimeterType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType").enummodule
         ServicePerimeterConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig").msgclass
         ServicePerimeterConfig::VpcAccessibleServices = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices").msgclass
+        ServicePerimeterConfig::MethodSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector").msgclass
+        ServicePerimeterConfig::ApiOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation").msgclass
+        ServicePerimeterConfig::IngressSource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource").msgclass
+        ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
+        ServicePerimeterConfig::IngressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom").msgclass
+        ServicePerimeterConfig::IngressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo").msgclass
+        ServicePerimeterConfig::IngressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy").msgclass
+        ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
+        ServicePerimeterConfig::EgressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom").msgclass
+        ServicePerimeterConfig::IdentityType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType").enummodule
       end
     end
   end

data/proto_docs/google/cloud/asset/v1/asset_service.rb

@@ -21,6 +21,16 @@ module Google
   module Cloud
     module Asset
       module V1
+        # Represents the metadata of the longrunning operation for the
+        # AnalyzeIamPolicyLongrunning rpc.
+        # @!attribute [r] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time the operation was created.
+        class AnalyzeIamPolicyLongrunningMetadata
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Export asset request.
         # @!attribute [rw] parent
         #   @return [::String]
@@ -62,6 +72,23 @@ module Google
         # @!attribute [rw] output_config
         #   @return [::Google::Cloud::Asset::V1::OutputConfig]
         #     Required. Output configuration indicating where the results will be output to.
+        # @!attribute [rw] relationship_types
+        #   @return [::Array<::String>]
+        #     A list of relationship types to export, for example:
+        #     `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
+        #     content_type=RELATIONSHIP.
+        #     * If specified:
+        #     it snapshots specified relationships. It returns an error if
+        #     any of the [relationship_types] doesn't belong to the supported
+        #     relationship types of the [asset_types] or if any of the [asset_types]
+        #     doesn't belong to the source types of the [relationship_types].
+        #     * Otherwise:
+        #     it snapshots the supported relationships for all [asset_types] or returns
+        #     an error if any of the [asset_types] has no relationship support.
+        #     An unspecified asset types field means all supported asset_types.
+        #     See [Introduction to Cloud Asset
+        #     Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all
+        #     supported asset types and relationship types.
         class ExportAssetsRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -135,6 +162,23 @@ module Google
         #     The `next_page_token` returned from the previous `ListAssetsResponse`, or
         #     unspecified for the first `ListAssetsRequest`. It is a continuation of a
         #     prior `ListAssets` call, and the API should return the next page of assets.
+        # @!attribute [rw] relationship_types
+        #   @return [::Array<::String>]
+        #     A list of relationship types to output, for example:
+        #     `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
+        #     content_type=RELATIONSHIP.
+        #     * If specified:
+        #     it snapshots specified relationships. It returns an error if
+        #     any of the [relationship_types] doesn't belong to the supported
+        #     relationship types of the [asset_types] or if any of the [asset_types]
+        #     doesn't belong to the source types of the [relationship_types].
+        #     * Otherwise:
+        #     it snapshots the supported relationships for all [asset_types] or returns
+        #     an error if any of the [asset_types] has no relationship support.
+        #     An unspecified asset types field means all supported asset_types.
+        #     See [Introduction to Cloud Asset
+        #     Inventory](https://cloud.google.com/asset-inventory/docs/overview)
+        #     for all supported asset types and relationship types.
         class ListAssetsRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -184,6 +228,24 @@ module Google
         #     If start_time is not set, the snapshot of the assets at end_time will be
         #     returned. The returned results contain all temporal assets whose time
         #     window overlap with read_time_window.
+        # @!attribute [rw] relationship_types
+        #   @return [::Array<::String>]
+        #     Optional. A list of relationship types to output, for example:
+        #     `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
+        #     content_type=RELATIONSHIP.
+        #     * If specified:
+        #     it outputs specified relationships' history on the [asset_names]. It
+        #     returns an error if any of the [relationship_types] doesn't belong to the
+        #     supported relationship types of the [asset_names] or if any of the
+        #     [asset_names]'s types doesn't belong to the source types of the
+        #     [relationship_types].
+        #     * Otherwise:
+        #     it outputs the supported relationships' history on the [asset_names] or
+        #     returns an error if any of the [asset_names]'s types has no relationship
+        #     support.
+        #     See [Introduction to Cloud Asset
+        #     Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all
+        #     supported asset types and relationship types.
         class BatchGetAssetsHistoryRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -518,8 +580,26 @@ module Google
         #     optional.
         #
         #     See our [user
-        #     guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes#feed_with_condition)
+        #     guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes-with-condition)
         #     for detailed instructions.
+        # @!attribute [rw] relationship_types
+        #   @return [::Array<::String>]
+        #     A list of relationship types to output, for example:
+        #     `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
+        #     content_type=RELATIONSHIP.
+        #     * If specified:
+        #     it outputs specified relationship updates on the [asset_names] or the
+        #     [asset_types]. It returns an error if any of the [relationship_types]
+        #     doesn't belong to the supported relationship types of the [asset_names] or
+        #     [asset_types], or any of the [asset_names] or the [asset_types] doesn't
+        #     belong to the source types of the [relationship_types].
+        #     * Otherwise:
+        #     it outputs the supported relationships of the types of [asset_names] and
+        #     [asset_types] or returns an error if any of the [asset_names] or the
+        #     [asset_types] has no replationship support.
+        #     See [Introduction to Cloud Asset
+        #     Inventory](https://cloud.google.com/asset-inventory/docs/overview)
+        #     for all supported asset types and relationship types.
         class Feed
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -565,8 +645,8 @@ module Google
         #       encryption key whose name contains the word "key".
         #     * `state:ACTIVE` to find Cloud resources whose state contains "ACTIVE" as a
         #       word.
-        #     * `NOT state:ACTIVE` to find \\{\\{gcp_name}} resources whose state
-        #       doesn't contain "ACTIVE" as a word.
+        #     * `NOT state:ACTIVE` to find Cloud resources whose state doesn't contain
+        #       "ACTIVE" as a word.
         #     * `createTime<1609459200` to find Cloud resources that were created before
         #       "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
         #       "2021-01-01 00:00:00 UTC" in seconds.
@@ -616,6 +696,7 @@ module Google
         #     to indicate descending order. Redundant space characters are ignored.
         #     Example: "location DESC, name".
         #     Only singular primitive fields in the response are sortable:
+        #
         #       * name
         #       * assetType
         #       * project
@@ -628,9 +709,40 @@ module Google
         #       * state
         #       * parentFullResourceName
         #       * parentAssetType
+        #
         #     All the other fields such as repeated fields (e.g., `networkTags`), map
         #     fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`)
         #     are not supported.
+        # @!attribute [rw] read_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     Optional. A comma-separated list of fields specifying which fields to be returned in
+        #     ResourceSearchResult. Only '*' or combination of top level fields can be
+        #     specified. Field names of both snake_case and camelCase are supported.
+        #     Examples: `"*"`, `"name,location"`, `"name,versionedResources"`.
+        #
+        #     The read_mask paths must be valid field paths listed but not limited to
+        #     (both snake_case and camelCase are supported):
+        #
+        #       * name
+        #       * assetType
+        #       * project
+        #       * displayName
+        #       * description
+        #       * location
+        #       * labels
+        #       * networkTags
+        #       * kmsKey
+        #       * createTime
+        #       * updateTime
+        #       * state
+        #       * additionalAttributes
+        #       * versionedResources
+        #
+        #     If read_mask is not specified, all fields except versionedResources will
+        #     be returned.
+        #     If only '*' is specified, all fields including versionedResources will be
+        #     returned.
+        #     Any invalid field path will trigger INVALID_ARGUMENT error.
         class SearchAllResourcesRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1114,6 +1226,94 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # The request message for performing resource move analysis.
+        # @!attribute [rw] resource
+        #   @return [::String]
+        #     Required. Name of the resource to perform the analysis against.
+        #     Only GCP Project are supported as of today. Hence, this can only be Project
+        #     ID (such as "projects/my-project-id") or a Project Number (such as
+        #     "projects/12345").
+        # @!attribute [rw] destination_parent
+        #   @return [::String]
+        #     Required. Name of the GCP Folder or Organization to reparent the target
+        #     resource. The analysis will be performed against hypothetically moving the
+        #     resource to this specified desitination parent. This can only be a Folder
+        #     number (such as "folders/123") or an Organization number (such as
+        #     "organizations/123").
+        # @!attribute [rw] view
+        #   @return [::Google::Cloud::Asset::V1::AnalyzeMoveRequest::AnalysisView]
+        #     Analysis view indicating what information should be included in the
+        #     analysis response. If unspecified, the default view is FULL.
+        class AnalyzeMoveRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # View enum for supporting partial analysis responses.
+          module AnalysisView
+            # The default/unset value.
+            # The API will default to the FULL view.
+            ANALYSIS_VIEW_UNSPECIFIED = 0
+
+            # Full analysis including all level of impacts of the specified resource
+            # move.
+            FULL = 1
+
+            # Basic analysis only including blockers which will prevent the specified
+            # resource move at runtime.
+            BASIC = 2
+          end
+        end
+
+        # The response message for resource move analysis.
+        # @!attribute [rw] move_analysis
+        #   @return [::Array<::Google::Cloud::Asset::V1::MoveAnalysis>]
+        #     The list of analyses returned from performing the intended resource move
+        #     analysis. The analysis is grouped by different Cloud services.
+        class AnalyzeMoveResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # A message to group the analysis information.
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     The user friendly display name of the analysis. E.g. IAM, Organization
+        #     Policy etc.
+        # @!attribute [rw] analysis
+        #   @return [::Google::Cloud::Asset::V1::MoveAnalysisResult]
+        #     Analysis result of moving the target resource.
+        # @!attribute [rw] error
+        #   @return [::Google::Rpc::Status]
+        #     Description of error encountered when performing the analysis.
+        class MoveAnalysis
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # An analysis result including blockers and warnings.
+        # @!attribute [rw] blockers
+        #   @return [::Array<::Google::Cloud::Asset::V1::MoveImpact>]
+        #     Blocking information that would prevent the target resource from moving
+        #     to the specified destination at runtime.
+        # @!attribute [rw] warnings
+        #   @return [::Array<::Google::Cloud::Asset::V1::MoveImpact>]
+        #     Warning information indicating that moving the target resource to the
+        #     specified destination might be unsafe. This can include important policy
+        #     information and configuration changes, but will not block moves at runtime.
+        class MoveAnalysisResult
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # A message to group impacts of moving the target resource.
+        # @!attribute [rw] detail
+        #   @return [::String]
+        #     User friendly impact detail in a free form message.
+        class MoveImpact
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Asset content type.
         module ContentType
           # Unspecified content type.
@@ -1133,6 +1333,9 @@ module Google
 
           # The runtime OS Inventory information.
           OS_INVENTORY = 6
+
+          # The related resources.
+          RELATIONSHIP = 7
         end
       end
     end