google-cloud-asset-v1 0.13.0 → 0.15.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +8 -8
- data/README.md +1 -1
- data/lib/google/cloud/asset/v1/asset_service/client.rb +250 -86
- data/lib/google/cloud/asset/v1/asset_service/operations.rb +31 -22
- data/lib/google/cloud/asset/v1/asset_service_pb.rb +44 -0
- data/lib/google/cloud/asset/v1/asset_service_services_pb.rb +7 -1
- data/lib/google/cloud/asset/v1/assets_pb.rb +31 -0
- data/lib/google/cloud/asset/v1/version.rb +1 -1
- data/lib/google/identity/accesscontextmanager/v1/access_level_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb +60 -0
- data/proto_docs/google/cloud/asset/v1/asset_service.rb +206 -3
- data/proto_docs/google/cloud/asset/v1/assets.rb +140 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_level.rb +2 -2
- data/proto_docs/google/identity/accesscontextmanager/v1/access_policy.rb +1 -1
- data/proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb +328 -2
- metadata +4 -4
@@ -82,7 +82,7 @@ module Google
|
|
82
82
|
# Create credentials
|
83
83
|
credentials = @config.credentials
|
84
84
|
credentials ||= Credentials.default scope: @config.scope
|
85
|
-
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
85
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
86
86
|
credentials = Credentials.new credentials, scope: @config.scope
|
87
87
|
end
|
88
88
|
@quota_project_id = @config.quota_project
|
@@ -169,7 +169,9 @@ module Google
|
|
169
169
|
options.apply_defaults timeout: @config.rpcs.list_operations.timeout,
|
170
170
|
metadata: metadata,
|
171
171
|
retry_policy: @config.rpcs.list_operations.retry_policy
|
172
|
-
|
172
|
+
|
173
|
+
options.apply_defaults timeout: @config.timeout,
|
174
|
+
metadata: @config.metadata,
|
173
175
|
retry_policy: @config.retry_policy
|
174
176
|
|
175
177
|
@operations_stub.call_rpc :list_operations, request, options: options do |response, operation|
|
@@ -239,7 +241,9 @@ module Google
|
|
239
241
|
options.apply_defaults timeout: @config.rpcs.get_operation.timeout,
|
240
242
|
metadata: metadata,
|
241
243
|
retry_policy: @config.rpcs.get_operation.retry_policy
|
242
|
-
|
244
|
+
|
245
|
+
options.apply_defaults timeout: @config.timeout,
|
246
|
+
metadata: @config.metadata,
|
243
247
|
retry_policy: @config.retry_policy
|
244
248
|
|
245
249
|
@operations_stub.call_rpc :get_operation, request, options: options do |response, operation|
|
@@ -309,7 +313,9 @@ module Google
|
|
309
313
|
options.apply_defaults timeout: @config.rpcs.delete_operation.timeout,
|
310
314
|
metadata: metadata,
|
311
315
|
retry_policy: @config.rpcs.delete_operation.retry_policy
|
312
|
-
|
316
|
+
|
317
|
+
options.apply_defaults timeout: @config.timeout,
|
318
|
+
metadata: @config.metadata,
|
313
319
|
retry_policy: @config.retry_policy
|
314
320
|
|
315
321
|
@operations_stub.call_rpc :delete_operation, request, options: options do |response, operation|
|
@@ -384,7 +390,9 @@ module Google
|
|
384
390
|
options.apply_defaults timeout: @config.rpcs.cancel_operation.timeout,
|
385
391
|
metadata: metadata,
|
386
392
|
retry_policy: @config.rpcs.cancel_operation.retry_policy
|
387
|
-
|
393
|
+
|
394
|
+
options.apply_defaults timeout: @config.timeout,
|
395
|
+
metadata: @config.metadata,
|
388
396
|
retry_policy: @config.retry_policy
|
389
397
|
|
390
398
|
@operations_stub.call_rpc :cancel_operation, request, options: options do |response, operation|
|
@@ -456,7 +464,9 @@ module Google
|
|
456
464
|
options.apply_defaults timeout: @config.rpcs.wait_operation.timeout,
|
457
465
|
metadata: metadata,
|
458
466
|
retry_policy: @config.rpcs.wait_operation.retry_policy
|
459
|
-
|
467
|
+
|
468
|
+
options.apply_defaults timeout: @config.timeout,
|
469
|
+
metadata: @config.metadata,
|
460
470
|
retry_policy: @config.retry_policy
|
461
471
|
|
462
472
|
@operations_stub.call_rpc :wait_operation, request, options: options do |response, operation|
|
@@ -481,22 +491,21 @@ module Google
|
|
481
491
|
# Configuration can be applied globally to all clients, or to a single client
|
482
492
|
# on construction.
|
483
493
|
#
|
484
|
-
#
|
485
|
-
#
|
486
|
-
#
|
487
|
-
# to 20 seconds,
|
488
|
-
#
|
489
|
-
#
|
490
|
-
#
|
491
|
-
#
|
492
|
-
#
|
493
|
-
#
|
494
|
-
#
|
495
|
-
#
|
496
|
-
#
|
497
|
-
#
|
498
|
-
#
|
499
|
-
# end
|
494
|
+
# @example
|
495
|
+
#
|
496
|
+
# # Modify the global config, setting the timeout for
|
497
|
+
# # list_operations to 20 seconds,
|
498
|
+
# # and all remaining timeouts to 10 seconds.
|
499
|
+
# ::Google::Longrunning::Operations::Client.configure do |config|
|
500
|
+
# config.timeout = 10.0
|
501
|
+
# config.rpcs.list_operations.timeout = 20.0
|
502
|
+
# end
|
503
|
+
#
|
504
|
+
# # Apply the above configuration only to a new client.
|
505
|
+
# client = ::Google::Longrunning::Operations::Client.new do |config|
|
506
|
+
# config.timeout = 10.0
|
507
|
+
# config.rpcs.list_operations.timeout = 20.0
|
508
|
+
# end
|
500
509
|
#
|
501
510
|
# @!attribute [rw] endpoint
|
502
511
|
# The hostname or hostname:port of the service endpoint.
|
@@ -14,15 +14,20 @@ require 'google/protobuf/empty_pb'
|
|
14
14
|
require 'google/protobuf/field_mask_pb'
|
15
15
|
require 'google/protobuf/struct_pb'
|
16
16
|
require 'google/protobuf/timestamp_pb'
|
17
|
+
require 'google/rpc/status_pb'
|
17
18
|
require 'google/type/expr_pb'
|
18
19
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
19
20
|
add_file("google/cloud/asset/v1/asset_service.proto", :syntax => :proto3) do
|
21
|
+
add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningMetadata" do
|
22
|
+
optional :create_time, :message, 1, "google.protobuf.Timestamp"
|
23
|
+
end
|
20
24
|
add_message "google.cloud.asset.v1.ExportAssetsRequest" do
|
21
25
|
optional :parent, :string, 1
|
22
26
|
optional :read_time, :message, 2, "google.protobuf.Timestamp"
|
23
27
|
repeated :asset_types, :string, 3
|
24
28
|
optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
|
25
29
|
optional :output_config, :message, 5, "google.cloud.asset.v1.OutputConfig"
|
30
|
+
repeated :relationship_types, :string, 6
|
26
31
|
end
|
27
32
|
add_message "google.cloud.asset.v1.ExportAssetsResponse" do
|
28
33
|
optional :read_time, :message, 1, "google.protobuf.Timestamp"
|
@@ -36,6 +41,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
36
41
|
optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
|
37
42
|
optional :page_size, :int32, 5
|
38
43
|
optional :page_token, :string, 6
|
44
|
+
repeated :relationship_types, :string, 7
|
39
45
|
end
|
40
46
|
add_message "google.cloud.asset.v1.ListAssetsResponse" do
|
41
47
|
optional :read_time, :message, 1, "google.protobuf.Timestamp"
|
@@ -47,6 +53,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
47
53
|
repeated :asset_names, :string, 2
|
48
54
|
optional :content_type, :enum, 3, "google.cloud.asset.v1.ContentType"
|
49
55
|
optional :read_time_window, :message, 4, "google.cloud.asset.v1.TimeWindow"
|
56
|
+
repeated :relationship_types, :string, 5
|
50
57
|
end
|
51
58
|
add_message "google.cloud.asset.v1.BatchGetAssetsHistoryResponse" do
|
52
59
|
repeated :assets, :message, 1, "google.cloud.asset.v1.TemporalAsset"
|
@@ -122,6 +129,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
122
129
|
optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
|
123
130
|
optional :feed_output_config, :message, 5, "google.cloud.asset.v1.FeedOutputConfig"
|
124
131
|
optional :condition, :message, 6, "google.type.Expr"
|
132
|
+
repeated :relationship_types, :string, 7
|
125
133
|
end
|
126
134
|
add_message "google.cloud.asset.v1.SearchAllResourcesRequest" do
|
127
135
|
optional :scope, :string, 1
|
@@ -130,6 +138,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
130
138
|
optional :page_size, :int32, 4
|
131
139
|
optional :page_token, :string, 5
|
132
140
|
optional :order_by, :string, 6
|
141
|
+
optional :read_mask, :message, 8, "google.protobuf.FieldMask"
|
133
142
|
end
|
134
143
|
add_message "google.cloud.asset.v1.SearchAllResourcesResponse" do
|
135
144
|
repeated :results, :message, 1, "google.cloud.asset.v1.ResourceSearchResult"
|
@@ -218,6 +227,33 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
218
227
|
end
|
219
228
|
add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse" do
|
220
229
|
end
|
230
|
+
add_message "google.cloud.asset.v1.AnalyzeMoveRequest" do
|
231
|
+
optional :resource, :string, 1
|
232
|
+
optional :destination_parent, :string, 2
|
233
|
+
optional :view, :enum, 3, "google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView"
|
234
|
+
end
|
235
|
+
add_enum "google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView" do
|
236
|
+
value :ANALYSIS_VIEW_UNSPECIFIED, 0
|
237
|
+
value :FULL, 1
|
238
|
+
value :BASIC, 2
|
239
|
+
end
|
240
|
+
add_message "google.cloud.asset.v1.AnalyzeMoveResponse" do
|
241
|
+
repeated :move_analysis, :message, 1, "google.cloud.asset.v1.MoveAnalysis"
|
242
|
+
end
|
243
|
+
add_message "google.cloud.asset.v1.MoveAnalysis" do
|
244
|
+
optional :display_name, :string, 1
|
245
|
+
oneof :result do
|
246
|
+
optional :analysis, :message, 2, "google.cloud.asset.v1.MoveAnalysisResult"
|
247
|
+
optional :error, :message, 3, "google.rpc.Status"
|
248
|
+
end
|
249
|
+
end
|
250
|
+
add_message "google.cloud.asset.v1.MoveAnalysisResult" do
|
251
|
+
repeated :blockers, :message, 1, "google.cloud.asset.v1.MoveImpact"
|
252
|
+
repeated :warnings, :message, 2, "google.cloud.asset.v1.MoveImpact"
|
253
|
+
end
|
254
|
+
add_message "google.cloud.asset.v1.MoveImpact" do
|
255
|
+
optional :detail, :string, 1
|
256
|
+
end
|
221
257
|
add_enum "google.cloud.asset.v1.ContentType" do
|
222
258
|
value :CONTENT_TYPE_UNSPECIFIED, 0
|
223
259
|
value :RESOURCE, 1
|
@@ -225,6 +261,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
225
261
|
value :ORG_POLICY, 4
|
226
262
|
value :ACCESS_POLICY, 5
|
227
263
|
value :OS_INVENTORY, 6
|
264
|
+
value :RELATIONSHIP, 7
|
228
265
|
end
|
229
266
|
end
|
230
267
|
end
|
@@ -233,6 +270,7 @@ module Google
|
|
233
270
|
module Cloud
|
234
271
|
module Asset
|
235
272
|
module V1
|
273
|
+
AnalyzeIamPolicyLongrunningMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningMetadata").msgclass
|
236
274
|
ExportAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsRequest").msgclass
|
237
275
|
ExportAssetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsResponse").msgclass
|
238
276
|
ListAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ListAssetsRequest").msgclass
|
@@ -274,6 +312,12 @@ module Google
|
|
274
312
|
IamPolicyAnalysisOutputConfig::BigQueryDestination::PartitionKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey").enummodule
|
275
313
|
AnalyzeIamPolicyLongrunningRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningRequest").msgclass
|
276
314
|
AnalyzeIamPolicyLongrunningResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse").msgclass
|
315
|
+
AnalyzeMoveRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveRequest").msgclass
|
316
|
+
AnalyzeMoveRequest::AnalysisView = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveRequest.AnalysisView").enummodule
|
317
|
+
AnalyzeMoveResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeMoveResponse").msgclass
|
318
|
+
MoveAnalysis = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveAnalysis").msgclass
|
319
|
+
MoveAnalysisResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveAnalysisResult").msgclass
|
320
|
+
MoveImpact = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.MoveImpact").msgclass
|
277
321
|
ContentType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ContentType").enummodule
|
278
322
|
end
|
279
323
|
end
|
@@ -87,8 +87,14 @@ module Google
|
|
87
87
|
# [google.longrunning.Operation][google.longrunning.Operation], which allows you to track the operation
|
88
88
|
# status. We recommend intervals of at least 2 seconds with exponential
|
89
89
|
# backoff retry to poll the operation result. The metadata contains the
|
90
|
-
#
|
90
|
+
# metadata for the long-running operation.
|
91
91
|
rpc :AnalyzeIamPolicyLongrunning, ::Google::Cloud::Asset::V1::AnalyzeIamPolicyLongrunningRequest, ::Google::Longrunning::Operation
|
92
|
+
# Analyze moving a resource to a specified destination without kicking off
|
93
|
+
# the actual move. The analysis is best effort depending on the user's
|
94
|
+
# permissions of viewing different hierarchical policies and configurations.
|
95
|
+
# The policies and configuration are subject to change before the actual
|
96
|
+
# resource migration takes place.
|
97
|
+
rpc :AnalyzeMove, ::Google::Cloud::Asset::V1::AnalyzeMoveRequest, ::Google::Cloud::Asset::V1::AnalyzeMoveResponse
|
92
98
|
end
|
93
99
|
|
94
100
|
Stub = Service.rpc_stub_class
|
@@ -43,6 +43,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
43
43
|
optional :iam_policy, :message, 4, "google.iam.v1.Policy"
|
44
44
|
repeated :org_policy, :message, 6, "google.cloud.orgpolicy.v1.Policy"
|
45
45
|
optional :os_inventory, :message, 12, "google.cloud.osconfig.v1.Inventory"
|
46
|
+
optional :related_assets, :message, 13, "google.cloud.asset.v1.RelatedAssets"
|
46
47
|
repeated :ancestors, :string, 10
|
47
48
|
oneof :access_context_policy do
|
48
49
|
optional :access_policy, :message, 7, "google.identity.accesscontextmanager.v1.AccessPolicy"
|
@@ -59,6 +60,21 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
59
60
|
optional :data, :message, 6, "google.protobuf.Struct"
|
60
61
|
optional :location, :string, 8
|
61
62
|
end
|
63
|
+
add_message "google.cloud.asset.v1.RelatedAssets" do
|
64
|
+
optional :relationship_attributes, :message, 1, "google.cloud.asset.v1.RelationshipAttributes"
|
65
|
+
repeated :assets, :message, 2, "google.cloud.asset.v1.RelatedAsset"
|
66
|
+
end
|
67
|
+
add_message "google.cloud.asset.v1.RelationshipAttributes" do
|
68
|
+
optional :type, :string, 4
|
69
|
+
optional :source_resource_type, :string, 1
|
70
|
+
optional :target_resource_type, :string, 2
|
71
|
+
optional :action, :string, 3
|
72
|
+
end
|
73
|
+
add_message "google.cloud.asset.v1.RelatedAsset" do
|
74
|
+
optional :asset, :string, 1
|
75
|
+
optional :asset_type, :string, 2
|
76
|
+
repeated :ancestors, :string, 3
|
77
|
+
end
|
62
78
|
add_message "google.cloud.asset.v1.ResourceSearchResult" do
|
63
79
|
optional :name, :string, 1
|
64
80
|
optional :asset_type, :string, 2
|
@@ -76,8 +92,18 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
76
92
|
optional :state, :string, 13
|
77
93
|
optional :additional_attributes, :message, 9, "google.protobuf.Struct"
|
78
94
|
optional :parent_full_resource_name, :string, 19
|
95
|
+
repeated :versioned_resources, :message, 16, "google.cloud.asset.v1.VersionedResource"
|
96
|
+
repeated :attached_resources, :message, 20, "google.cloud.asset.v1.AttachedResource"
|
79
97
|
optional :parent_asset_type, :string, 103
|
80
98
|
end
|
99
|
+
add_message "google.cloud.asset.v1.VersionedResource" do
|
100
|
+
optional :version, :string, 1
|
101
|
+
optional :resource, :message, 2, "google.protobuf.Struct"
|
102
|
+
end
|
103
|
+
add_message "google.cloud.asset.v1.AttachedResource" do
|
104
|
+
optional :asset_type, :string, 1
|
105
|
+
repeated :versioned_resources, :message, 3, "google.cloud.asset.v1.VersionedResource"
|
106
|
+
end
|
81
107
|
add_message "google.cloud.asset.v1.IamPolicySearchResult" do
|
82
108
|
optional :resource, :string, 1
|
83
109
|
optional :asset_type, :string, 5
|
@@ -154,7 +180,12 @@ module Google
|
|
154
180
|
TimeWindow = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.TimeWindow").msgclass
|
155
181
|
Asset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.Asset").msgclass
|
156
182
|
Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.Resource").msgclass
|
183
|
+
RelatedAssets = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelatedAssets").msgclass
|
184
|
+
RelationshipAttributes = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelationshipAttributes").msgclass
|
185
|
+
RelatedAsset = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.RelatedAsset").msgclass
|
157
186
|
ResourceSearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ResourceSearchResult").msgclass
|
187
|
+
VersionedResource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.VersionedResource").msgclass
|
188
|
+
AttachedResource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AttachedResource").msgclass
|
158
189
|
IamPolicySearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult").msgclass
|
159
190
|
IamPolicySearchResult::Explanation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation").msgclass
|
160
191
|
IamPolicySearchResult::Explanation::Permissions = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions").msgclass
|
@@ -3,6 +3,7 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
+
require 'google/api/resource_pb'
|
6
7
|
require 'google/protobuf/timestamp_pb'
|
7
8
|
require 'google/api/annotations_pb'
|
8
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
@@ -27,11 +28,60 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
27
28
|
repeated :access_levels, :string, 2
|
28
29
|
repeated :restricted_services, :string, 4
|
29
30
|
optional :vpc_accessible_services, :message, 10, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices"
|
31
|
+
repeated :ingress_policies, :message, 8, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy"
|
32
|
+
repeated :egress_policies, :message, 9, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy"
|
30
33
|
end
|
31
34
|
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices" do
|
32
35
|
optional :enable_restriction, :bool, 1
|
33
36
|
repeated :allowed_services, :string, 2
|
34
37
|
end
|
38
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector" do
|
39
|
+
oneof :kind do
|
40
|
+
optional :method, :string, 1
|
41
|
+
optional :permission, :string, 2
|
42
|
+
end
|
43
|
+
end
|
44
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation" do
|
45
|
+
optional :service_name, :string, 1
|
46
|
+
repeated :method_selectors, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector"
|
47
|
+
end
|
48
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource" do
|
49
|
+
oneof :source do
|
50
|
+
optional :access_level, :string, 1
|
51
|
+
optional :resource, :string, 2
|
52
|
+
end
|
53
|
+
end
|
54
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
|
55
|
+
repeated :resources, :string, 1
|
56
|
+
repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
57
|
+
end
|
58
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom" do
|
59
|
+
repeated :sources, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource"
|
60
|
+
repeated :identities, :string, 2
|
61
|
+
optional :identity_type, :enum, 3, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
|
62
|
+
end
|
63
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo" do
|
64
|
+
repeated :operations, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
65
|
+
repeated :resources, :string, 2
|
66
|
+
end
|
67
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy" do
|
68
|
+
optional :ingress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom"
|
69
|
+
optional :ingress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo"
|
70
|
+
end
|
71
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
|
72
|
+
optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
|
73
|
+
optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
|
74
|
+
end
|
75
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom" do
|
76
|
+
repeated :identities, :string, 1
|
77
|
+
optional :identity_type, :enum, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
|
78
|
+
end
|
79
|
+
add_enum "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType" do
|
80
|
+
value :IDENTITY_TYPE_UNSPECIFIED, 0
|
81
|
+
value :ANY_IDENTITY, 1
|
82
|
+
value :ANY_USER_ACCOUNT, 2
|
83
|
+
value :ANY_SERVICE_ACCOUNT, 3
|
84
|
+
end
|
35
85
|
end
|
36
86
|
end
|
37
87
|
|
@@ -43,6 +93,16 @@ module Google
|
|
43
93
|
ServicePerimeter::PerimeterType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType").enummodule
|
44
94
|
ServicePerimeterConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig").msgclass
|
45
95
|
ServicePerimeterConfig::VpcAccessibleServices = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices").msgclass
|
96
|
+
ServicePerimeterConfig::MethodSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector").msgclass
|
97
|
+
ServicePerimeterConfig::ApiOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation").msgclass
|
98
|
+
ServicePerimeterConfig::IngressSource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource").msgclass
|
99
|
+
ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
|
100
|
+
ServicePerimeterConfig::IngressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom").msgclass
|
101
|
+
ServicePerimeterConfig::IngressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo").msgclass
|
102
|
+
ServicePerimeterConfig::IngressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy").msgclass
|
103
|
+
ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
|
104
|
+
ServicePerimeterConfig::EgressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom").msgclass
|
105
|
+
ServicePerimeterConfig::IdentityType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType").enummodule
|
46
106
|
end
|
47
107
|
end
|
48
108
|
end
|
@@ -21,6 +21,16 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module Asset
|
23
23
|
module V1
|
24
|
+
# Represents the metadata of the longrunning operation for the
|
25
|
+
# AnalyzeIamPolicyLongrunning rpc.
|
26
|
+
# @!attribute [r] create_time
|
27
|
+
# @return [::Google::Protobuf::Timestamp]
|
28
|
+
# Output only. The time the operation was created.
|
29
|
+
class AnalyzeIamPolicyLongrunningMetadata
|
30
|
+
include ::Google::Protobuf::MessageExts
|
31
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
32
|
+
end
|
33
|
+
|
24
34
|
# Export asset request.
|
25
35
|
# @!attribute [rw] parent
|
26
36
|
# @return [::String]
|
@@ -62,6 +72,23 @@ module Google
|
|
62
72
|
# @!attribute [rw] output_config
|
63
73
|
# @return [::Google::Cloud::Asset::V1::OutputConfig]
|
64
74
|
# Required. Output configuration indicating where the results will be output to.
|
75
|
+
# @!attribute [rw] relationship_types
|
76
|
+
# @return [::Array<::String>]
|
77
|
+
# A list of relationship types to export, for example:
|
78
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
79
|
+
# content_type=RELATIONSHIP.
|
80
|
+
# * If specified:
|
81
|
+
# it snapshots specified relationships. It returns an error if
|
82
|
+
# any of the [relationship_types] doesn't belong to the supported
|
83
|
+
# relationship types of the [asset_types] or if any of the [asset_types]
|
84
|
+
# doesn't belong to the source types of the [relationship_types].
|
85
|
+
# * Otherwise:
|
86
|
+
# it snapshots the supported relationships for all [asset_types] or returns
|
87
|
+
# an error if any of the [asset_types] has no relationship support.
|
88
|
+
# An unspecified asset types field means all supported asset_types.
|
89
|
+
# See [Introduction to Cloud Asset
|
90
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all
|
91
|
+
# supported asset types and relationship types.
|
65
92
|
class ExportAssetsRequest
|
66
93
|
include ::Google::Protobuf::MessageExts
|
67
94
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -135,6 +162,23 @@ module Google
|
|
135
162
|
# The `next_page_token` returned from the previous `ListAssetsResponse`, or
|
136
163
|
# unspecified for the first `ListAssetsRequest`. It is a continuation of a
|
137
164
|
# prior `ListAssets` call, and the API should return the next page of assets.
|
165
|
+
# @!attribute [rw] relationship_types
|
166
|
+
# @return [::Array<::String>]
|
167
|
+
# A list of relationship types to output, for example:
|
168
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
169
|
+
# content_type=RELATIONSHIP.
|
170
|
+
# * If specified:
|
171
|
+
# it snapshots specified relationships. It returns an error if
|
172
|
+
# any of the [relationship_types] doesn't belong to the supported
|
173
|
+
# relationship types of the [asset_types] or if any of the [asset_types]
|
174
|
+
# doesn't belong to the source types of the [relationship_types].
|
175
|
+
# * Otherwise:
|
176
|
+
# it snapshots the supported relationships for all [asset_types] or returns
|
177
|
+
# an error if any of the [asset_types] has no relationship support.
|
178
|
+
# An unspecified asset types field means all supported asset_types.
|
179
|
+
# See [Introduction to Cloud Asset
|
180
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview)
|
181
|
+
# for all supported asset types and relationship types.
|
138
182
|
class ListAssetsRequest
|
139
183
|
include ::Google::Protobuf::MessageExts
|
140
184
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -184,6 +228,24 @@ module Google
|
|
184
228
|
# If start_time is not set, the snapshot of the assets at end_time will be
|
185
229
|
# returned. The returned results contain all temporal assets whose time
|
186
230
|
# window overlap with read_time_window.
|
231
|
+
# @!attribute [rw] relationship_types
|
232
|
+
# @return [::Array<::String>]
|
233
|
+
# Optional. A list of relationship types to output, for example:
|
234
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
235
|
+
# content_type=RELATIONSHIP.
|
236
|
+
# * If specified:
|
237
|
+
# it outputs specified relationships' history on the [asset_names]. It
|
238
|
+
# returns an error if any of the [relationship_types] doesn't belong to the
|
239
|
+
# supported relationship types of the [asset_names] or if any of the
|
240
|
+
# [asset_names]'s types doesn't belong to the source types of the
|
241
|
+
# [relationship_types].
|
242
|
+
# * Otherwise:
|
243
|
+
# it outputs the supported relationships' history on the [asset_names] or
|
244
|
+
# returns an error if any of the [asset_names]'s types has no relationship
|
245
|
+
# support.
|
246
|
+
# See [Introduction to Cloud Asset
|
247
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all
|
248
|
+
# supported asset types and relationship types.
|
187
249
|
class BatchGetAssetsHistoryRequest
|
188
250
|
include ::Google::Protobuf::MessageExts
|
189
251
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -518,8 +580,26 @@ module Google
|
|
518
580
|
# optional.
|
519
581
|
#
|
520
582
|
# See our [user
|
521
|
-
# guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes
|
583
|
+
# guide](https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes-with-condition)
|
522
584
|
# for detailed instructions.
|
585
|
+
# @!attribute [rw] relationship_types
|
586
|
+
# @return [::Array<::String>]
|
587
|
+
# A list of relationship types to output, for example:
|
588
|
+
# `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
|
589
|
+
# content_type=RELATIONSHIP.
|
590
|
+
# * If specified:
|
591
|
+
# it outputs specified relationship updates on the [asset_names] or the
|
592
|
+
# [asset_types]. It returns an error if any of the [relationship_types]
|
593
|
+
# doesn't belong to the supported relationship types of the [asset_names] or
|
594
|
+
# [asset_types], or any of the [asset_names] or the [asset_types] doesn't
|
595
|
+
# belong to the source types of the [relationship_types].
|
596
|
+
# * Otherwise:
|
597
|
+
# it outputs the supported relationships of the types of [asset_names] and
|
598
|
+
# [asset_types] or returns an error if any of the [asset_names] or the
|
599
|
+
# [asset_types] has no replationship support.
|
600
|
+
# See [Introduction to Cloud Asset
|
601
|
+
# Inventory](https://cloud.google.com/asset-inventory/docs/overview)
|
602
|
+
# for all supported asset types and relationship types.
|
523
603
|
class Feed
|
524
604
|
include ::Google::Protobuf::MessageExts
|
525
605
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -565,8 +645,8 @@ module Google
|
|
565
645
|
# encryption key whose name contains the word "key".
|
566
646
|
# * `state:ACTIVE` to find Cloud resources whose state contains "ACTIVE" as a
|
567
647
|
# word.
|
568
|
-
# * `NOT state:ACTIVE` to find
|
569
|
-
#
|
648
|
+
# * `NOT state:ACTIVE` to find Cloud resources whose state doesn't contain
|
649
|
+
# "ACTIVE" as a word.
|
570
650
|
# * `createTime<1609459200` to find Cloud resources that were created before
|
571
651
|
# "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
|
572
652
|
# "2021-01-01 00:00:00 UTC" in seconds.
|
@@ -616,6 +696,7 @@ module Google
|
|
616
696
|
# to indicate descending order. Redundant space characters are ignored.
|
617
697
|
# Example: "location DESC, name".
|
618
698
|
# Only singular primitive fields in the response are sortable:
|
699
|
+
#
|
619
700
|
# * name
|
620
701
|
# * assetType
|
621
702
|
# * project
|
@@ -628,9 +709,40 @@ module Google
|
|
628
709
|
# * state
|
629
710
|
# * parentFullResourceName
|
630
711
|
# * parentAssetType
|
712
|
+
#
|
631
713
|
# All the other fields such as repeated fields (e.g., `networkTags`), map
|
632
714
|
# fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`)
|
633
715
|
# are not supported.
|
716
|
+
# @!attribute [rw] read_mask
|
717
|
+
# @return [::Google::Protobuf::FieldMask]
|
718
|
+
# Optional. A comma-separated list of fields specifying which fields to be returned in
|
719
|
+
# ResourceSearchResult. Only '*' or combination of top level fields can be
|
720
|
+
# specified. Field names of both snake_case and camelCase are supported.
|
721
|
+
# Examples: `"*"`, `"name,location"`, `"name,versionedResources"`.
|
722
|
+
#
|
723
|
+
# The read_mask paths must be valid field paths listed but not limited to
|
724
|
+
# (both snake_case and camelCase are supported):
|
725
|
+
#
|
726
|
+
# * name
|
727
|
+
# * assetType
|
728
|
+
# * project
|
729
|
+
# * displayName
|
730
|
+
# * description
|
731
|
+
# * location
|
732
|
+
# * labels
|
733
|
+
# * networkTags
|
734
|
+
# * kmsKey
|
735
|
+
# * createTime
|
736
|
+
# * updateTime
|
737
|
+
# * state
|
738
|
+
# * additionalAttributes
|
739
|
+
# * versionedResources
|
740
|
+
#
|
741
|
+
# If read_mask is not specified, all fields except versionedResources will
|
742
|
+
# be returned.
|
743
|
+
# If only '*' is specified, all fields including versionedResources will be
|
744
|
+
# returned.
|
745
|
+
# Any invalid field path will trigger INVALID_ARGUMENT error.
|
634
746
|
class SearchAllResourcesRequest
|
635
747
|
include ::Google::Protobuf::MessageExts
|
636
748
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1114,6 +1226,94 @@ module Google
|
|
1114
1226
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1115
1227
|
end
|
1116
1228
|
|
1229
|
+
# The request message for performing resource move analysis.
|
1230
|
+
# @!attribute [rw] resource
|
1231
|
+
# @return [::String]
|
1232
|
+
# Required. Name of the resource to perform the analysis against.
|
1233
|
+
# Only GCP Project are supported as of today. Hence, this can only be Project
|
1234
|
+
# ID (such as "projects/my-project-id") or a Project Number (such as
|
1235
|
+
# "projects/12345").
|
1236
|
+
# @!attribute [rw] destination_parent
|
1237
|
+
# @return [::String]
|
1238
|
+
# Required. Name of the GCP Folder or Organization to reparent the target
|
1239
|
+
# resource. The analysis will be performed against hypothetically moving the
|
1240
|
+
# resource to this specified desitination parent. This can only be a Folder
|
1241
|
+
# number (such as "folders/123") or an Organization number (such as
|
1242
|
+
# "organizations/123").
|
1243
|
+
# @!attribute [rw] view
|
1244
|
+
# @return [::Google::Cloud::Asset::V1::AnalyzeMoveRequest::AnalysisView]
|
1245
|
+
# Analysis view indicating what information should be included in the
|
1246
|
+
# analysis response. If unspecified, the default view is FULL.
|
1247
|
+
class AnalyzeMoveRequest
|
1248
|
+
include ::Google::Protobuf::MessageExts
|
1249
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1250
|
+
|
1251
|
+
# View enum for supporting partial analysis responses.
|
1252
|
+
module AnalysisView
|
1253
|
+
# The default/unset value.
|
1254
|
+
# The API will default to the FULL view.
|
1255
|
+
ANALYSIS_VIEW_UNSPECIFIED = 0
|
1256
|
+
|
1257
|
+
# Full analysis including all level of impacts of the specified resource
|
1258
|
+
# move.
|
1259
|
+
FULL = 1
|
1260
|
+
|
1261
|
+
# Basic analysis only including blockers which will prevent the specified
|
1262
|
+
# resource move at runtime.
|
1263
|
+
BASIC = 2
|
1264
|
+
end
|
1265
|
+
end
|
1266
|
+
|
1267
|
+
# The response message for resource move analysis.
|
1268
|
+
# @!attribute [rw] move_analysis
|
1269
|
+
# @return [::Array<::Google::Cloud::Asset::V1::MoveAnalysis>]
|
1270
|
+
# The list of analyses returned from performing the intended resource move
|
1271
|
+
# analysis. The analysis is grouped by different Cloud services.
|
1272
|
+
class AnalyzeMoveResponse
|
1273
|
+
include ::Google::Protobuf::MessageExts
|
1274
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1275
|
+
end
|
1276
|
+
|
1277
|
+
# A message to group the analysis information.
|
1278
|
+
# @!attribute [rw] display_name
|
1279
|
+
# @return [::String]
|
1280
|
+
# The user friendly display name of the analysis. E.g. IAM, Organization
|
1281
|
+
# Policy etc.
|
1282
|
+
# @!attribute [rw] analysis
|
1283
|
+
# @return [::Google::Cloud::Asset::V1::MoveAnalysisResult]
|
1284
|
+
# Analysis result of moving the target resource.
|
1285
|
+
# @!attribute [rw] error
|
1286
|
+
# @return [::Google::Rpc::Status]
|
1287
|
+
# Description of error encountered when performing the analysis.
|
1288
|
+
class MoveAnalysis
|
1289
|
+
include ::Google::Protobuf::MessageExts
|
1290
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1291
|
+
end
|
1292
|
+
|
1293
|
+
# An analysis result including blockers and warnings.
|
1294
|
+
# @!attribute [rw] blockers
|
1295
|
+
# @return [::Array<::Google::Cloud::Asset::V1::MoveImpact>]
|
1296
|
+
# Blocking information that would prevent the target resource from moving
|
1297
|
+
# to the specified destination at runtime.
|
1298
|
+
# @!attribute [rw] warnings
|
1299
|
+
# @return [::Array<::Google::Cloud::Asset::V1::MoveImpact>]
|
1300
|
+
# Warning information indicating that moving the target resource to the
|
1301
|
+
# specified destination might be unsafe. This can include important policy
|
1302
|
+
# information and configuration changes, but will not block moves at runtime.
|
1303
|
+
class MoveAnalysisResult
|
1304
|
+
include ::Google::Protobuf::MessageExts
|
1305
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1306
|
+
end
|
1307
|
+
|
1308
|
+
# A message to group impacts of moving the target resource.
|
1309
|
+
# @!attribute [rw] detail
|
1310
|
+
# @return [::String]
|
1311
|
+
# User friendly impact detail in a free form message.
|
1312
|
+
class MoveImpact
|
1313
|
+
include ::Google::Protobuf::MessageExts
|
1314
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1315
|
+
end
|
1316
|
+
|
1117
1317
|
# Asset content type.
|
1118
1318
|
module ContentType
|
1119
1319
|
# Unspecified content type.
|
@@ -1133,6 +1333,9 @@ module Google
|
|
1133
1333
|
|
1134
1334
|
# The runtime OS Inventory information.
|
1135
1335
|
OS_INVENTORY = 6
|
1336
|
+
|
1337
|
+
# The related resources.
|
1338
|
+
RELATIONSHIP = 7
|
1136
1339
|
end
|
1137
1340
|
end
|
1138
1341
|
end
|