google-cloud-asset-v1 0.4.3 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +4 -0
- data/lib/google/cloud/asset/v1/asset_service/client.rb +357 -106
- data/lib/google/cloud/asset/v1/asset_service/operations.rb +1 -1
- data/lib/google/cloud/asset/v1/asset_service_pb.rb +120 -0
- data/lib/google/cloud/asset/v1/asset_service_services_pb.rb +39 -21
- data/lib/google/cloud/asset/v1/assets_pb.rb +59 -2
- data/lib/google/cloud/asset/v1/version.rb +1 -1
- data/proto_docs/google/cloud/asset/v1/asset_service.rb +593 -108
- data/proto_docs/google/cloud/asset/v1/assets.rb +258 -34
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/rpc/code.rb +185 -0
- data/proto_docs/google/rpc/status.rb +1 -1
- metadata +6 -4
@@ -32,9 +32,34 @@ module Google
|
|
32
32
|
# @!attribute [rw] asset
|
33
33
|
# @return [::Google::Cloud::Asset::V1::Asset]
|
34
34
|
# An asset in Google Cloud.
|
35
|
+
# @!attribute [rw] prior_asset_state
|
36
|
+
# @return [::Google::Cloud::Asset::V1::TemporalAsset::PriorAssetState]
|
37
|
+
# State of prior_asset.
|
38
|
+
# @!attribute [rw] prior_asset
|
39
|
+
# @return [::Google::Cloud::Asset::V1::Asset]
|
40
|
+
# Prior copy of the asset. Populated if prior_asset_state is PRESENT.
|
41
|
+
# Currently this is only set for responses in Real-Time Feed.
|
35
42
|
class TemporalAsset
|
36
43
|
include ::Google::Protobuf::MessageExts
|
37
44
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
45
|
+
|
46
|
+
# State of prior asset.
|
47
|
+
module PriorAssetState
|
48
|
+
# prior_asset is not applicable for the current asset.
|
49
|
+
PRIOR_ASSET_STATE_UNSPECIFIED = 0
|
50
|
+
|
51
|
+
# prior_asset is populated correctly.
|
52
|
+
PRESENT = 1
|
53
|
+
|
54
|
+
# Failed to set prior_asset.
|
55
|
+
INVALID = 2
|
56
|
+
|
57
|
+
# Current asset is the first known state.
|
58
|
+
DOES_NOT_EXIST = 3
|
59
|
+
|
60
|
+
# prior_asset is a deletion.
|
61
|
+
DELETED = 4
|
62
|
+
end
|
38
63
|
end
|
39
64
|
|
40
65
|
# A time window specified by its `start_time` and `end_time`.
|
@@ -54,10 +79,17 @@ module Google
|
|
54
79
|
# [resource
|
55
80
|
# hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy),
|
56
81
|
# a resource outside the Google Cloud resource hierarchy (such as Google
|
57
|
-
# Kubernetes Engine clusters and objects), or a Cloud IAM policy.
|
82
|
+
# Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy).
|
83
|
+
# See [Supported asset
|
84
|
+
# types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
85
|
+
# for more information.
|
86
|
+
# @!attribute [rw] update_time
|
87
|
+
# @return [::Google::Protobuf::Timestamp]
|
88
|
+
# The last update timestamp of an asset. update_time is updated when
|
89
|
+
# create/update/delete operation is performed.
|
58
90
|
# @!attribute [rw] name
|
59
91
|
# @return [::String]
|
60
|
-
# The full name of the asset.
|
92
|
+
# The full name of the asset. Example:
|
61
93
|
# `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`
|
62
94
|
#
|
63
95
|
# See [Resource
|
@@ -65,7 +97,7 @@ module Google
|
|
65
97
|
# for more information.
|
66
98
|
# @!attribute [rw] asset_type
|
67
99
|
# @return [::String]
|
68
|
-
# The type of the asset.
|
100
|
+
# The type of the asset. Example: `compute.googleapis.com/Disk`
|
69
101
|
#
|
70
102
|
# See [Supported asset
|
71
103
|
# types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
@@ -92,10 +124,16 @@ module Google
|
|
92
124
|
# set on a given resource.
|
93
125
|
# @!attribute [rw] access_policy
|
94
126
|
# @return [::Google::Identity::AccessContextManager::V1::AccessPolicy]
|
127
|
+
# Please also refer to the [access policy user
|
128
|
+
# guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies).
|
95
129
|
# @!attribute [rw] access_level
|
96
130
|
# @return [::Google::Identity::AccessContextManager::V1::AccessLevel]
|
131
|
+
# Please also refer to the [access level user
|
132
|
+
# guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels).
|
97
133
|
# @!attribute [rw] service_perimeter
|
98
134
|
# @return [::Google::Identity::AccessContextManager::V1::ServicePerimeter]
|
135
|
+
# Please also refer to the [service perimeter user
|
136
|
+
# guide](https://cloud.google.com/vpc-service-controls/docs/overview).
|
99
137
|
# @!attribute [rw] ancestors
|
100
138
|
# @return [::Array<::String>]
|
101
139
|
# The ancestry path of an asset in Google Cloud [resource
|
@@ -105,7 +143,7 @@ module Google
|
|
105
143
|
# is a project, folder, or organization, the ancestry path starts from the
|
106
144
|
# asset itself.
|
107
145
|
#
|
108
|
-
#
|
146
|
+
# Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
|
109
147
|
class Asset
|
110
148
|
include ::Google::Protobuf::MessageExts
|
111
149
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -114,18 +152,18 @@ module Google
|
|
114
152
|
# A representation of a Google Cloud resource.
|
115
153
|
# @!attribute [rw] version
|
116
154
|
# @return [::String]
|
117
|
-
# The API version.
|
155
|
+
# The API version. Example: `v1`
|
118
156
|
# @!attribute [rw] discovery_document_uri
|
119
157
|
# @return [::String]
|
120
158
|
# The URL of the discovery document containing the resource's JSON schema.
|
121
|
-
#
|
159
|
+
# Example:
|
122
160
|
# `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest`
|
123
161
|
#
|
124
162
|
# This value is unspecified for resources that do not have an API based on a
|
125
163
|
# discovery document, such as Cloud Bigtable.
|
126
164
|
# @!attribute [rw] discovery_name
|
127
165
|
# @return [::String]
|
128
|
-
# The JSON schema name listed in the discovery document.
|
166
|
+
# The JSON schema name listed in the discovery document. Example:
|
129
167
|
# `Project`
|
130
168
|
#
|
131
169
|
# This value is unspecified for resources that do not have an API based on a
|
@@ -133,7 +171,7 @@ module Google
|
|
133
171
|
# @!attribute [rw] resource_url
|
134
172
|
# @return [::String]
|
135
173
|
# The REST URL for accessing the resource. An HTTP `GET` request using this
|
136
|
-
# URL returns the resource itself.
|
174
|
+
# URL returns the resource itself. Example:
|
137
175
|
# `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123`
|
138
176
|
#
|
139
177
|
# This value is unspecified for resources without a REST API.
|
@@ -147,7 +185,7 @@ module Google
|
|
147
185
|
# For Google Cloud assets, this value is the parent resource defined in the
|
148
186
|
# [Cloud IAM policy
|
149
187
|
# hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy).
|
150
|
-
#
|
188
|
+
# Example:
|
151
189
|
# `//cloudresourcemanager.googleapis.com/projects/my_project_123`
|
152
190
|
#
|
153
191
|
# For third-party assets, this field may be set differently.
|
@@ -164,7 +202,7 @@ module Google
|
|
164
202
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
165
203
|
end
|
166
204
|
|
167
|
-
# A result of Resource Search, containing information of a cloud
|
205
|
+
# A result of Resource Search, containing information of a cloud resource.
|
168
206
|
# @!attribute [rw] name
|
169
207
|
# @return [::String]
|
170
208
|
# The full resource name of this resource. Example:
|
@@ -175,8 +213,8 @@ module Google
|
|
175
213
|
#
|
176
214
|
# To search against the `name`:
|
177
215
|
#
|
178
|
-
# * use a field query. Example: `name
|
179
|
-
# * use a free text query. Example: `
|
216
|
+
# * use a field query. Example: `name:instance1`
|
217
|
+
# * use a free text query. Example: `instance1`
|
180
218
|
# @!attribute [rw] asset_type
|
181
219
|
# @return [::String]
|
182
220
|
# The type of this resource. Example: `compute.googleapis.com/Disk`.
|
@@ -198,7 +236,7 @@ module Google
|
|
198
236
|
#
|
199
237
|
# To search against the `display_name`:
|
200
238
|
#
|
201
|
-
# * use a field query. Example: `displayName
|
239
|
+
# * use a field query. Example: `displayName:"My Instance"`
|
202
240
|
# * use a free text query. Example: `"My Instance"`
|
203
241
|
# @!attribute [rw] description
|
204
242
|
# @return [::String]
|
@@ -207,7 +245,7 @@ module Google
|
|
207
245
|
#
|
208
246
|
# To search against the `description`:
|
209
247
|
#
|
210
|
-
# * use a field query. Example: `description
|
248
|
+
# * use a field query. Example: `description:"*important instance*"`
|
211
249
|
# * use a free text query. Example: `"*important instance*"`
|
212
250
|
# @!attribute [rw] location
|
213
251
|
# @return [::String]
|
@@ -216,8 +254,8 @@ module Google
|
|
216
254
|
#
|
217
255
|
# To search against the `location`:
|
218
256
|
#
|
219
|
-
# * use a field query. Example: `location
|
220
|
-
# * use a free text query. Example: `
|
257
|
+
# * use a field query. Example: `location:us-west*`
|
258
|
+
# * use a free text query. Example: `us-west*`
|
221
259
|
# @!attribute [rw] labels
|
222
260
|
# @return [::Google::Protobuf::Map{::String => ::String}]
|
223
261
|
# Labels associated with this resource. See [Labelling and grouping GCP
|
@@ -226,11 +264,11 @@ module Google
|
|
226
264
|
#
|
227
265
|
# To search against the `labels`:
|
228
266
|
#
|
229
|
-
# * use a field query
|
230
|
-
# - query on any label's key or value. Example: `labels
|
231
|
-
# - query by a given label. Example: `labels.env
|
232
|
-
# - query by a given label'
|
233
|
-
# * use a free text query. Example: `
|
267
|
+
# * use a field query:
|
268
|
+
# - query on any label's key or value. Example: `labels:prod`
|
269
|
+
# - query by a given label. Example: `labels.env:prod`
|
270
|
+
# - query by a given label's existence. Example: `labels.env:*`
|
271
|
+
# * use a free text query. Example: `prod`
|
234
272
|
# @!attribute [rw] network_tags
|
235
273
|
# @return [::Array<::String>]
|
236
274
|
# Network tags associated with this resource. Like labels, network tags are a
|
@@ -240,19 +278,29 @@ module Google
|
|
240
278
|
#
|
241
279
|
# To search against the `network_tags`:
|
242
280
|
#
|
243
|
-
# * use a field query. Example: `networkTags
|
244
|
-
# * use a free text query. Example: `
|
281
|
+
# * use a field query. Example: `networkTags:internal`
|
282
|
+
# * use a free text query. Example: `internal`
|
245
283
|
# @!attribute [rw] additional_attributes
|
246
284
|
# @return [::Google::Protobuf::Struct]
|
247
|
-
# The additional attributes of this resource. The attributes may
|
248
|
-
# one resource type to another. Examples: `projectId` for Project,
|
249
|
-
# `dnsName` for DNS ManagedZone.
|
285
|
+
# The additional searchable attributes of this resource. The attributes may
|
286
|
+
# vary from one resource type to another. Examples: `projectId` for Project,
|
287
|
+
# `dnsName` for DNS ManagedZone. This field contains a subset of the resource
|
288
|
+
# metadata fields that are returned by the List or Get APIs provided by the
|
289
|
+
# corresponding GCP service (e.g., Compute Engine). see [API references and
|
290
|
+
# supported searchable
|
291
|
+
# attributes](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types)
|
292
|
+
# for more information.
|
293
|
+
#
|
294
|
+
# You can search values of these fields through free text search. However,
|
295
|
+
# you should not consume the field programically as the field names and
|
296
|
+
# values may change as the GCP service updates to a new incompatible API
|
297
|
+
# version.
|
250
298
|
#
|
251
299
|
# To search against the `additional_attributes`:
|
252
300
|
#
|
253
301
|
# * use a free text query to match the attributes values. Example: to search
|
254
302
|
# `additional_attributes = { dnsName: "foobar" }`, you can issue a query
|
255
|
-
# `
|
303
|
+
# `foobar`.
|
256
304
|
class ResourceSearchResult
|
257
305
|
include ::Google::Protobuf::MessageExts
|
258
306
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -279,7 +327,7 @@ module Google
|
|
279
327
|
#
|
280
328
|
# To search against the `resource`:
|
281
329
|
#
|
282
|
-
# * use a field query. Example: `resource
|
330
|
+
# * use a field query. Example: `resource:organizations/123`
|
283
331
|
# @!attribute [rw] project
|
284
332
|
# @return [::String]
|
285
333
|
# The project that the associated GCP resource belongs to, in the form of
|
@@ -300,13 +348,13 @@ module Google
|
|
300
348
|
#
|
301
349
|
# To search against the `policy` bindings:
|
302
350
|
#
|
303
|
-
# * use a field query
|
351
|
+
# * use a field query:
|
304
352
|
# - query by the policy contained members. Example:
|
305
|
-
# `policy
|
353
|
+
# `policy:amy@gmail.com`
|
306
354
|
# - query by the policy contained roles. Example:
|
307
|
-
# `policy
|
308
|
-
# - query by the policy contained roles'
|
309
|
-
# `policy.role.permissions
|
355
|
+
# `policy:roles/compute.admin`
|
356
|
+
# - query by the policy contained roles' included permissions. Example:
|
357
|
+
# `policy.role.permissions:compute.instances.create`
|
310
358
|
# @!attribute [rw] explanation
|
311
359
|
# @return [::Google::Cloud::Asset::V1::IamPolicySearchResult::Explanation]
|
312
360
|
# Explanation about the IAM policy search result. It contains additional
|
@@ -320,7 +368,7 @@ module Google
|
|
320
368
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::Asset::V1::IamPolicySearchResult::Explanation::Permissions}]
|
321
369
|
# The map from roles to their included permissions that match the
|
322
370
|
# permission query (i.e., a query containing `policy.role.permissions:`).
|
323
|
-
# Example: if query `policy.role.permissions
|
371
|
+
# Example: if query `policy.role.permissions:compute.disk.get`
|
324
372
|
# matches a policy binding that contains owner role, the
|
325
373
|
# matched_permissions will be `{"roles/owner": ["compute.disk.get"]}`. The
|
326
374
|
# roles can also be found in the returned `policy` bindings. Note that the
|
@@ -348,6 +396,182 @@ module Google
|
|
348
396
|
end
|
349
397
|
end
|
350
398
|
end
|
399
|
+
|
400
|
+
# Represents the detailed state of an entity under analysis, such as a
|
401
|
+
# resource, an identity or an access.
|
402
|
+
# @!attribute [rw] code
|
403
|
+
# @return [::Google::Rpc::Code]
|
404
|
+
# The Google standard error code that best describes the state.
|
405
|
+
# For example:
|
406
|
+
# - OK means the analysis on this entity has been successfully finished;
|
407
|
+
# - PERMISSION_DENIED means an access denied error is encountered;
|
408
|
+
# - DEADLINE_EXCEEDED means the analysis on this entity hasn't been started
|
409
|
+
# in time;
|
410
|
+
# @!attribute [rw] cause
|
411
|
+
# @return [::String]
|
412
|
+
# The human-readable description of the cause of failure.
|
413
|
+
class IamPolicyAnalysisState
|
414
|
+
include ::Google::Protobuf::MessageExts
|
415
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
416
|
+
end
|
417
|
+
|
418
|
+
# IAM Policy analysis result, consisting of one IAM policy binding and derived
|
419
|
+
# access control lists.
|
420
|
+
# @!attribute [rw] attached_resource_full_name
|
421
|
+
# @return [::String]
|
422
|
+
# The [full resource
|
423
|
+
# name](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
424
|
+
# of the resource to which the [iam_binding][iam_binding] policy attaches.
|
425
|
+
# (-- api-linter: core::0122::name-suffix=disabled
|
426
|
+
# aip.dev/not-precedent: full_resource_name is a public notion in GCP.
|
427
|
+
# --)
|
428
|
+
# @!attribute [rw] iam_binding
|
429
|
+
# @return [::Google::Iam::V1::Binding]
|
430
|
+
# The Cloud IAM policy binding under analysis.
|
431
|
+
# @!attribute [rw] access_control_lists
|
432
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::AccessControlList>]
|
433
|
+
# The access control lists derived from the [iam_binding][iam_binding] that
|
434
|
+
# match or potentially match resource and access selectors specified in the
|
435
|
+
# request.
|
436
|
+
# @!attribute [rw] identity_list
|
437
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::IdentityList]
|
438
|
+
# The identity list derived from members of the [iam_binding][iam_binding]
|
439
|
+
# that match or potentially match identity selector specified in the request.
|
440
|
+
# @!attribute [rw] fully_explored
|
441
|
+
# @return [::Boolean]
|
442
|
+
# Represents whether all analyses on the [iam_binding][iam_binding] have
|
443
|
+
# successfully finished.
|
444
|
+
class IamPolicyAnalysisResult
|
445
|
+
include ::Google::Protobuf::MessageExts
|
446
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
447
|
+
|
448
|
+
# A Google Cloud resource under analysis.
|
449
|
+
# @!attribute [rw] full_resource_name
|
450
|
+
# @return [::String]
|
451
|
+
# The [full resource
|
452
|
+
# name](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
453
|
+
# (-- api-linter: core::0122::name-suffix=disabled
|
454
|
+
# aip.dev/not-precedent: full_resource_name is a public notion in GCP.
|
455
|
+
# --)
|
456
|
+
# @!attribute [rw] analysis_state
|
457
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
|
458
|
+
# The analysis state of this resource.
|
459
|
+
class Resource
|
460
|
+
include ::Google::Protobuf::MessageExts
|
461
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
462
|
+
end
|
463
|
+
|
464
|
+
# An IAM role or permission under analysis.
|
465
|
+
# @!attribute [rw] role
|
466
|
+
# @return [::String]
|
467
|
+
# The role.
|
468
|
+
# @!attribute [rw] permission
|
469
|
+
# @return [::String]
|
470
|
+
# The permission.
|
471
|
+
# @!attribute [rw] analysis_state
|
472
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
|
473
|
+
# The analysis state of this access.
|
474
|
+
class Access
|
475
|
+
include ::Google::Protobuf::MessageExts
|
476
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
477
|
+
end
|
478
|
+
|
479
|
+
# An identity under analysis.
|
480
|
+
# (-- api-linter: core::0123::resource-annotation=disabled
|
481
|
+
# aip.dev/not-precedent: Identity name is not a resource. --)
|
482
|
+
# @!attribute [rw] name
|
483
|
+
# @return [::String]
|
484
|
+
# The identity name in any form of members appear in
|
485
|
+
# [IAM policy
|
486
|
+
# binding](https://cloud.google.com/iam/reference/rest/v1/Binding), such
|
487
|
+
# as:
|
488
|
+
# - user:foo@google.com
|
489
|
+
# - group:group1@google.com
|
490
|
+
# - serviceAccount:s1@prj1.iam.gserviceaccount.com
|
491
|
+
# - projectOwner:some_project_id
|
492
|
+
# - domain:google.com
|
493
|
+
# - allUsers
|
494
|
+
# - etc.
|
495
|
+
# @!attribute [rw] analysis_state
|
496
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
|
497
|
+
# The analysis state of this identity.
|
498
|
+
class Identity
|
499
|
+
include ::Google::Protobuf::MessageExts
|
500
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
501
|
+
end
|
502
|
+
|
503
|
+
# A directional edge.
|
504
|
+
# @!attribute [rw] source_node
|
505
|
+
# @return [::String]
|
506
|
+
# The source node of the edge. For example, it could be a full resource
|
507
|
+
# name for a resource node or an email of an identity.
|
508
|
+
# @!attribute [rw] target_node
|
509
|
+
# @return [::String]
|
510
|
+
# The target node of the edge. For example, it could be a full resource
|
511
|
+
# name for a resource node or an email of an identity.
|
512
|
+
class Edge
|
513
|
+
include ::Google::Protobuf::MessageExts
|
514
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
515
|
+
end
|
516
|
+
|
517
|
+
# An access control list, derived from the above IAM policy binding, which
|
518
|
+
# contains a set of resources and accesses. May include one
|
519
|
+
# item from each set to compose an access control entry.
|
520
|
+
#
|
521
|
+
# NOTICE that there could be multiple access control lists for one IAM policy
|
522
|
+
# binding. The access control lists are created based on resource and access
|
523
|
+
# combinations.
|
524
|
+
#
|
525
|
+
# For example, assume we have the following cases in one IAM policy binding:
|
526
|
+
# - Permission P1 and P2 apply to resource R1 and R2;
|
527
|
+
# - Permission P3 applies to resource R2 and R3;
|
528
|
+
#
|
529
|
+
# This will result in the following access control lists:
|
530
|
+
# - AccessControlList 1: [R1, R2], [P1, P2]
|
531
|
+
# - AccessControlList 2: [R2, R3], [P3]
|
532
|
+
# @!attribute [rw] resources
|
533
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Resource>]
|
534
|
+
# The resources that match one of the following conditions:
|
535
|
+
# - The resource_selector, if it is specified in request;
|
536
|
+
# - Otherwise, resources reachable from the policy attached resource.
|
537
|
+
# @!attribute [rw] accesses
|
538
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Access>]
|
539
|
+
# The accesses that match one of the following conditions:
|
540
|
+
# - The access_selector, if it is specified in request;
|
541
|
+
# - Otherwise, access specifiers reachable from the policy binding's role.
|
542
|
+
# @!attribute [rw] resource_edges
|
543
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Edge>]
|
544
|
+
# Resource edges of the graph starting from the policy attached
|
545
|
+
# resource to any descendant resources. The [Edge.source_node][] contains
|
546
|
+
# the full resource name of a parent resource and [Edge.target_node][]
|
547
|
+
# contains the full resource name of a child resource. This field is
|
548
|
+
# present only if the output_resource_edges option is enabled in request.
|
549
|
+
class AccessControlList
|
550
|
+
include ::Google::Protobuf::MessageExts
|
551
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
552
|
+
end
|
553
|
+
|
554
|
+
# The identities and group edges.
|
555
|
+
# @!attribute [rw] identities
|
556
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Identity>]
|
557
|
+
# Only the identities that match one of the following conditions will be
|
558
|
+
# presented:
|
559
|
+
# - The identity_selector, if it is specified in request;
|
560
|
+
# - Otherwise, identities reachable from the policy binding's members.
|
561
|
+
# @!attribute [rw] group_edges
|
562
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Edge>]
|
563
|
+
# Group identity edges of the graph starting from the binding's
|
564
|
+
# group members to any node of the [identities][]. The [Edge.source_node][]
|
565
|
+
# contains a group, such as `group:parent@google.com`. The
|
566
|
+
# [Edge.target_node][] contains a member of the group,
|
567
|
+
# such as `group:child@google.com` or `user:foo@google.com`.
|
568
|
+
# This field is present only if the output_group_edges option is enabled in
|
569
|
+
# request.
|
570
|
+
class IdentityList
|
571
|
+
include ::Google::Protobuf::MessageExts
|
572
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
573
|
+
end
|
574
|
+
end
|
351
575
|
end
|
352
576
|
end
|
353
577
|
end
|
@@ -0,0 +1,98 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Protobuf
|
22
|
+
# A Duration represents a signed, fixed-length span of time represented
|
23
|
+
# as a count of seconds and fractions of seconds at nanosecond
|
24
|
+
# resolution. It is independent of any calendar and concepts like "day"
|
25
|
+
# or "month". It is related to Timestamp in that the difference between
|
26
|
+
# two Timestamp values is a Duration and it can be added or subtracted
|
27
|
+
# from a Timestamp. Range is approximately +-10,000 years.
|
28
|
+
#
|
29
|
+
# # Examples
|
30
|
+
#
|
31
|
+
# Example 1: Compute Duration from two Timestamps in pseudo code.
|
32
|
+
#
|
33
|
+
# Timestamp start = ...;
|
34
|
+
# Timestamp end = ...;
|
35
|
+
# Duration duration = ...;
|
36
|
+
#
|
37
|
+
# duration.seconds = end.seconds - start.seconds;
|
38
|
+
# duration.nanos = end.nanos - start.nanos;
|
39
|
+
#
|
40
|
+
# if (duration.seconds < 0 && duration.nanos > 0) {
|
41
|
+
# duration.seconds += 1;
|
42
|
+
# duration.nanos -= 1000000000;
|
43
|
+
# } else if (duration.seconds > 0 && duration.nanos < 0) {
|
44
|
+
# duration.seconds -= 1;
|
45
|
+
# duration.nanos += 1000000000;
|
46
|
+
# }
|
47
|
+
#
|
48
|
+
# Example 2: Compute Timestamp from Timestamp + Duration in pseudo code.
|
49
|
+
#
|
50
|
+
# Timestamp start = ...;
|
51
|
+
# Duration duration = ...;
|
52
|
+
# Timestamp end = ...;
|
53
|
+
#
|
54
|
+
# end.seconds = start.seconds + duration.seconds;
|
55
|
+
# end.nanos = start.nanos + duration.nanos;
|
56
|
+
#
|
57
|
+
# if (end.nanos < 0) {
|
58
|
+
# end.seconds -= 1;
|
59
|
+
# end.nanos += 1000000000;
|
60
|
+
# } else if (end.nanos >= 1000000000) {
|
61
|
+
# end.seconds += 1;
|
62
|
+
# end.nanos -= 1000000000;
|
63
|
+
# }
|
64
|
+
#
|
65
|
+
# Example 3: Compute Duration from datetime.timedelta in Python.
|
66
|
+
#
|
67
|
+
# td = datetime.timedelta(days=3, minutes=10)
|
68
|
+
# duration = Duration()
|
69
|
+
# duration.FromTimedelta(td)
|
70
|
+
#
|
71
|
+
# # JSON Mapping
|
72
|
+
#
|
73
|
+
# In JSON format, the Duration type is encoded as a string rather than an
|
74
|
+
# object, where the string ends in the suffix "s" (indicating seconds) and
|
75
|
+
# is preceded by the number of seconds, with nanoseconds expressed as
|
76
|
+
# fractional seconds. For example, 3 seconds with 0 nanoseconds should be
|
77
|
+
# encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should
|
78
|
+
# be expressed in JSON format as "3.000000001s", and 3 seconds and 1
|
79
|
+
# microsecond should be expressed in JSON format as "3.000001s".
|
80
|
+
# @!attribute [rw] seconds
|
81
|
+
# @return [::Integer]
|
82
|
+
# Signed seconds of the span of time. Must be from -315,576,000,000
|
83
|
+
# to +315,576,000,000 inclusive. Note: these bounds are computed from:
|
84
|
+
# 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
|
85
|
+
# @!attribute [rw] nanos
|
86
|
+
# @return [::Integer]
|
87
|
+
# Signed fractions of a second at nanosecond resolution of the span
|
88
|
+
# of time. Durations less than one second are represented with a 0
|
89
|
+
# `seconds` field and a positive or negative `nanos` field. For durations
|
90
|
+
# of one second or more, a non-zero value for the `nanos` field must be
|
91
|
+
# of the same sign as the `seconds` field. Must be from -999,999,999
|
92
|
+
# to +999,999,999 inclusive.
|
93
|
+
class Duration
|
94
|
+
include ::Google::Protobuf::MessageExts
|
95
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|