google-cloud-asset-v1 0.4.3 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +4 -0
- data/lib/google/cloud/asset/v1/asset_service/client.rb +357 -106
- data/lib/google/cloud/asset/v1/asset_service/operations.rb +1 -1
- data/lib/google/cloud/asset/v1/asset_service_pb.rb +120 -0
- data/lib/google/cloud/asset/v1/asset_service_services_pb.rb +39 -21
- data/lib/google/cloud/asset/v1/assets_pb.rb +59 -2
- data/lib/google/cloud/asset/v1/version.rb +1 -1
- data/proto_docs/google/cloud/asset/v1/asset_service.rb +593 -108
- data/proto_docs/google/cloud/asset/v1/assets.rb +258 -34
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/rpc/code.rb +185 -0
- data/proto_docs/google/rpc/status.rb +1 -1
- metadata +6 -4
@@ -32,9 +32,34 @@ module Google
|
|
32
32
|
# @!attribute [rw] asset
|
33
33
|
# @return [::Google::Cloud::Asset::V1::Asset]
|
34
34
|
# An asset in Google Cloud.
|
35
|
+
# @!attribute [rw] prior_asset_state
|
36
|
+
# @return [::Google::Cloud::Asset::V1::TemporalAsset::PriorAssetState]
|
37
|
+
# State of prior_asset.
|
38
|
+
# @!attribute [rw] prior_asset
|
39
|
+
# @return [::Google::Cloud::Asset::V1::Asset]
|
40
|
+
# Prior copy of the asset. Populated if prior_asset_state is PRESENT.
|
41
|
+
# Currently this is only set for responses in Real-Time Feed.
|
35
42
|
class TemporalAsset
|
36
43
|
include ::Google::Protobuf::MessageExts
|
37
44
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
45
|
+
|
46
|
+
# State of prior asset.
|
47
|
+
module PriorAssetState
|
48
|
+
# prior_asset is not applicable for the current asset.
|
49
|
+
PRIOR_ASSET_STATE_UNSPECIFIED = 0
|
50
|
+
|
51
|
+
# prior_asset is populated correctly.
|
52
|
+
PRESENT = 1
|
53
|
+
|
54
|
+
# Failed to set prior_asset.
|
55
|
+
INVALID = 2
|
56
|
+
|
57
|
+
# Current asset is the first known state.
|
58
|
+
DOES_NOT_EXIST = 3
|
59
|
+
|
60
|
+
# prior_asset is a deletion.
|
61
|
+
DELETED = 4
|
62
|
+
end
|
38
63
|
end
|
39
64
|
|
40
65
|
# A time window specified by its `start_time` and `end_time`.
|
@@ -54,10 +79,17 @@ module Google
|
|
54
79
|
# [resource
|
55
80
|
# hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy),
|
56
81
|
# a resource outside the Google Cloud resource hierarchy (such as Google
|
57
|
-
# Kubernetes Engine clusters and objects), or a Cloud IAM policy.
|
82
|
+
# Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy).
|
83
|
+
# See [Supported asset
|
84
|
+
# types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
85
|
+
# for more information.
|
86
|
+
# @!attribute [rw] update_time
|
87
|
+
# @return [::Google::Protobuf::Timestamp]
|
88
|
+
# The last update timestamp of an asset. update_time is updated when
|
89
|
+
# create/update/delete operation is performed.
|
58
90
|
# @!attribute [rw] name
|
59
91
|
# @return [::String]
|
60
|
-
# The full name of the asset.
|
92
|
+
# The full name of the asset. Example:
|
61
93
|
# `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`
|
62
94
|
#
|
63
95
|
# See [Resource
|
@@ -65,7 +97,7 @@ module Google
|
|
65
97
|
# for more information.
|
66
98
|
# @!attribute [rw] asset_type
|
67
99
|
# @return [::String]
|
68
|
-
# The type of the asset.
|
100
|
+
# The type of the asset. Example: `compute.googleapis.com/Disk`
|
69
101
|
#
|
70
102
|
# See [Supported asset
|
71
103
|
# types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
@@ -92,10 +124,16 @@ module Google
|
|
92
124
|
# set on a given resource.
|
93
125
|
# @!attribute [rw] access_policy
|
94
126
|
# @return [::Google::Identity::AccessContextManager::V1::AccessPolicy]
|
127
|
+
# Please also refer to the [access policy user
|
128
|
+
# guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies).
|
95
129
|
# @!attribute [rw] access_level
|
96
130
|
# @return [::Google::Identity::AccessContextManager::V1::AccessLevel]
|
131
|
+
# Please also refer to the [access level user
|
132
|
+
# guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels).
|
97
133
|
# @!attribute [rw] service_perimeter
|
98
134
|
# @return [::Google::Identity::AccessContextManager::V1::ServicePerimeter]
|
135
|
+
# Please also refer to the [service perimeter user
|
136
|
+
# guide](https://cloud.google.com/vpc-service-controls/docs/overview).
|
99
137
|
# @!attribute [rw] ancestors
|
100
138
|
# @return [::Array<::String>]
|
101
139
|
# The ancestry path of an asset in Google Cloud [resource
|
@@ -105,7 +143,7 @@ module Google
|
|
105
143
|
# is a project, folder, or organization, the ancestry path starts from the
|
106
144
|
# asset itself.
|
107
145
|
#
|
108
|
-
#
|
146
|
+
# Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
|
109
147
|
class Asset
|
110
148
|
include ::Google::Protobuf::MessageExts
|
111
149
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -114,18 +152,18 @@ module Google
|
|
114
152
|
# A representation of a Google Cloud resource.
|
115
153
|
# @!attribute [rw] version
|
116
154
|
# @return [::String]
|
117
|
-
# The API version.
|
155
|
+
# The API version. Example: `v1`
|
118
156
|
# @!attribute [rw] discovery_document_uri
|
119
157
|
# @return [::String]
|
120
158
|
# The URL of the discovery document containing the resource's JSON schema.
|
121
|
-
#
|
159
|
+
# Example:
|
122
160
|
# `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest`
|
123
161
|
#
|
124
162
|
# This value is unspecified for resources that do not have an API based on a
|
125
163
|
# discovery document, such as Cloud Bigtable.
|
126
164
|
# @!attribute [rw] discovery_name
|
127
165
|
# @return [::String]
|
128
|
-
# The JSON schema name listed in the discovery document.
|
166
|
+
# The JSON schema name listed in the discovery document. Example:
|
129
167
|
# `Project`
|
130
168
|
#
|
131
169
|
# This value is unspecified for resources that do not have an API based on a
|
@@ -133,7 +171,7 @@ module Google
|
|
133
171
|
# @!attribute [rw] resource_url
|
134
172
|
# @return [::String]
|
135
173
|
# The REST URL for accessing the resource. An HTTP `GET` request using this
|
136
|
-
# URL returns the resource itself.
|
174
|
+
# URL returns the resource itself. Example:
|
137
175
|
# `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123`
|
138
176
|
#
|
139
177
|
# This value is unspecified for resources without a REST API.
|
@@ -147,7 +185,7 @@ module Google
|
|
147
185
|
# For Google Cloud assets, this value is the parent resource defined in the
|
148
186
|
# [Cloud IAM policy
|
149
187
|
# hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy).
|
150
|
-
#
|
188
|
+
# Example:
|
151
189
|
# `//cloudresourcemanager.googleapis.com/projects/my_project_123`
|
152
190
|
#
|
153
191
|
# For third-party assets, this field may be set differently.
|
@@ -164,7 +202,7 @@ module Google
|
|
164
202
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
165
203
|
end
|
166
204
|
|
167
|
-
# A result of Resource Search, containing information of a cloud
|
205
|
+
# A result of Resource Search, containing information of a cloud resource.
|
168
206
|
# @!attribute [rw] name
|
169
207
|
# @return [::String]
|
170
208
|
# The full resource name of this resource. Example:
|
@@ -175,8 +213,8 @@ module Google
|
|
175
213
|
#
|
176
214
|
# To search against the `name`:
|
177
215
|
#
|
178
|
-
# * use a field query. Example: `name
|
179
|
-
# * use a free text query. Example: `
|
216
|
+
# * use a field query. Example: `name:instance1`
|
217
|
+
# * use a free text query. Example: `instance1`
|
180
218
|
# @!attribute [rw] asset_type
|
181
219
|
# @return [::String]
|
182
220
|
# The type of this resource. Example: `compute.googleapis.com/Disk`.
|
@@ -198,7 +236,7 @@ module Google
|
|
198
236
|
#
|
199
237
|
# To search against the `display_name`:
|
200
238
|
#
|
201
|
-
# * use a field query. Example: `displayName
|
239
|
+
# * use a field query. Example: `displayName:"My Instance"`
|
202
240
|
# * use a free text query. Example: `"My Instance"`
|
203
241
|
# @!attribute [rw] description
|
204
242
|
# @return [::String]
|
@@ -207,7 +245,7 @@ module Google
|
|
207
245
|
#
|
208
246
|
# To search against the `description`:
|
209
247
|
#
|
210
|
-
# * use a field query. Example: `description
|
248
|
+
# * use a field query. Example: `description:"*important instance*"`
|
211
249
|
# * use a free text query. Example: `"*important instance*"`
|
212
250
|
# @!attribute [rw] location
|
213
251
|
# @return [::String]
|
@@ -216,8 +254,8 @@ module Google
|
|
216
254
|
#
|
217
255
|
# To search against the `location`:
|
218
256
|
#
|
219
|
-
# * use a field query. Example: `location
|
220
|
-
# * use a free text query. Example: `
|
257
|
+
# * use a field query. Example: `location:us-west*`
|
258
|
+
# * use a free text query. Example: `us-west*`
|
221
259
|
# @!attribute [rw] labels
|
222
260
|
# @return [::Google::Protobuf::Map{::String => ::String}]
|
223
261
|
# Labels associated with this resource. See [Labelling and grouping GCP
|
@@ -226,11 +264,11 @@ module Google
|
|
226
264
|
#
|
227
265
|
# To search against the `labels`:
|
228
266
|
#
|
229
|
-
# * use a field query
|
230
|
-
# - query on any label's key or value. Example: `labels
|
231
|
-
# - query by a given label. Example: `labels.env
|
232
|
-
# - query by a given label'
|
233
|
-
# * use a free text query. Example: `
|
267
|
+
# * use a field query:
|
268
|
+
# - query on any label's key or value. Example: `labels:prod`
|
269
|
+
# - query by a given label. Example: `labels.env:prod`
|
270
|
+
# - query by a given label's existence. Example: `labels.env:*`
|
271
|
+
# * use a free text query. Example: `prod`
|
234
272
|
# @!attribute [rw] network_tags
|
235
273
|
# @return [::Array<::String>]
|
236
274
|
# Network tags associated with this resource. Like labels, network tags are a
|
@@ -240,19 +278,29 @@ module Google
|
|
240
278
|
#
|
241
279
|
# To search against the `network_tags`:
|
242
280
|
#
|
243
|
-
# * use a field query. Example: `networkTags
|
244
|
-
# * use a free text query. Example: `
|
281
|
+
# * use a field query. Example: `networkTags:internal`
|
282
|
+
# * use a free text query. Example: `internal`
|
245
283
|
# @!attribute [rw] additional_attributes
|
246
284
|
# @return [::Google::Protobuf::Struct]
|
247
|
-
# The additional attributes of this resource. The attributes may
|
248
|
-
# one resource type to another. Examples: `projectId` for Project,
|
249
|
-
# `dnsName` for DNS ManagedZone.
|
285
|
+
# The additional searchable attributes of this resource. The attributes may
|
286
|
+
# vary from one resource type to another. Examples: `projectId` for Project,
|
287
|
+
# `dnsName` for DNS ManagedZone. This field contains a subset of the resource
|
288
|
+
# metadata fields that are returned by the List or Get APIs provided by the
|
289
|
+
# corresponding GCP service (e.g., Compute Engine). see [API references and
|
290
|
+
# supported searchable
|
291
|
+
# attributes](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types)
|
292
|
+
# for more information.
|
293
|
+
#
|
294
|
+
# You can search values of these fields through free text search. However,
|
295
|
+
# you should not consume the field programically as the field names and
|
296
|
+
# values may change as the GCP service updates to a new incompatible API
|
297
|
+
# version.
|
250
298
|
#
|
251
299
|
# To search against the `additional_attributes`:
|
252
300
|
#
|
253
301
|
# * use a free text query to match the attributes values. Example: to search
|
254
302
|
# `additional_attributes = { dnsName: "foobar" }`, you can issue a query
|
255
|
-
# `
|
303
|
+
# `foobar`.
|
256
304
|
class ResourceSearchResult
|
257
305
|
include ::Google::Protobuf::MessageExts
|
258
306
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -279,7 +327,7 @@ module Google
|
|
279
327
|
#
|
280
328
|
# To search against the `resource`:
|
281
329
|
#
|
282
|
-
# * use a field query. Example: `resource
|
330
|
+
# * use a field query. Example: `resource:organizations/123`
|
283
331
|
# @!attribute [rw] project
|
284
332
|
# @return [::String]
|
285
333
|
# The project that the associated GCP resource belongs to, in the form of
|
@@ -300,13 +348,13 @@ module Google
|
|
300
348
|
#
|
301
349
|
# To search against the `policy` bindings:
|
302
350
|
#
|
303
|
-
# * use a field query
|
351
|
+
# * use a field query:
|
304
352
|
# - query by the policy contained members. Example:
|
305
|
-
# `policy
|
353
|
+
# `policy:amy@gmail.com`
|
306
354
|
# - query by the policy contained roles. Example:
|
307
|
-
# `policy
|
308
|
-
# - query by the policy contained roles'
|
309
|
-
# `policy.role.permissions
|
355
|
+
# `policy:roles/compute.admin`
|
356
|
+
# - query by the policy contained roles' included permissions. Example:
|
357
|
+
# `policy.role.permissions:compute.instances.create`
|
310
358
|
# @!attribute [rw] explanation
|
311
359
|
# @return [::Google::Cloud::Asset::V1::IamPolicySearchResult::Explanation]
|
312
360
|
# Explanation about the IAM policy search result. It contains additional
|
@@ -320,7 +368,7 @@ module Google
|
|
320
368
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::Asset::V1::IamPolicySearchResult::Explanation::Permissions}]
|
321
369
|
# The map from roles to their included permissions that match the
|
322
370
|
# permission query (i.e., a query containing `policy.role.permissions:`).
|
323
|
-
# Example: if query `policy.role.permissions
|
371
|
+
# Example: if query `policy.role.permissions:compute.disk.get`
|
324
372
|
# matches a policy binding that contains owner role, the
|
325
373
|
# matched_permissions will be `{"roles/owner": ["compute.disk.get"]}`. The
|
326
374
|
# roles can also be found in the returned `policy` bindings. Note that the
|
@@ -348,6 +396,182 @@ module Google
|
|
348
396
|
end
|
349
397
|
end
|
350
398
|
end
|
399
|
+
|
400
|
+
# Represents the detailed state of an entity under analysis, such as a
|
401
|
+
# resource, an identity or an access.
|
402
|
+
# @!attribute [rw] code
|
403
|
+
# @return [::Google::Rpc::Code]
|
404
|
+
# The Google standard error code that best describes the state.
|
405
|
+
# For example:
|
406
|
+
# - OK means the analysis on this entity has been successfully finished;
|
407
|
+
# - PERMISSION_DENIED means an access denied error is encountered;
|
408
|
+
# - DEADLINE_EXCEEDED means the analysis on this entity hasn't been started
|
409
|
+
# in time;
|
410
|
+
# @!attribute [rw] cause
|
411
|
+
# @return [::String]
|
412
|
+
# The human-readable description of the cause of failure.
|
413
|
+
class IamPolicyAnalysisState
|
414
|
+
include ::Google::Protobuf::MessageExts
|
415
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
416
|
+
end
|
417
|
+
|
418
|
+
# IAM Policy analysis result, consisting of one IAM policy binding and derived
|
419
|
+
# access control lists.
|
420
|
+
# @!attribute [rw] attached_resource_full_name
|
421
|
+
# @return [::String]
|
422
|
+
# The [full resource
|
423
|
+
# name](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
424
|
+
# of the resource to which the [iam_binding][iam_binding] policy attaches.
|
425
|
+
# (-- api-linter: core::0122::name-suffix=disabled
|
426
|
+
# aip.dev/not-precedent: full_resource_name is a public notion in GCP.
|
427
|
+
# --)
|
428
|
+
# @!attribute [rw] iam_binding
|
429
|
+
# @return [::Google::Iam::V1::Binding]
|
430
|
+
# The Cloud IAM policy binding under analysis.
|
431
|
+
# @!attribute [rw] access_control_lists
|
432
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::AccessControlList>]
|
433
|
+
# The access control lists derived from the [iam_binding][iam_binding] that
|
434
|
+
# match or potentially match resource and access selectors specified in the
|
435
|
+
# request.
|
436
|
+
# @!attribute [rw] identity_list
|
437
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::IdentityList]
|
438
|
+
# The identity list derived from members of the [iam_binding][iam_binding]
|
439
|
+
# that match or potentially match identity selector specified in the request.
|
440
|
+
# @!attribute [rw] fully_explored
|
441
|
+
# @return [::Boolean]
|
442
|
+
# Represents whether all analyses on the [iam_binding][iam_binding] have
|
443
|
+
# successfully finished.
|
444
|
+
class IamPolicyAnalysisResult
|
445
|
+
include ::Google::Protobuf::MessageExts
|
446
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
447
|
+
|
448
|
+
# A Google Cloud resource under analysis.
|
449
|
+
# @!attribute [rw] full_resource_name
|
450
|
+
# @return [::String]
|
451
|
+
# The [full resource
|
452
|
+
# name](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
453
|
+
# (-- api-linter: core::0122::name-suffix=disabled
|
454
|
+
# aip.dev/not-precedent: full_resource_name is a public notion in GCP.
|
455
|
+
# --)
|
456
|
+
# @!attribute [rw] analysis_state
|
457
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
|
458
|
+
# The analysis state of this resource.
|
459
|
+
class Resource
|
460
|
+
include ::Google::Protobuf::MessageExts
|
461
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
462
|
+
end
|
463
|
+
|
464
|
+
# An IAM role or permission under analysis.
|
465
|
+
# @!attribute [rw] role
|
466
|
+
# @return [::String]
|
467
|
+
# The role.
|
468
|
+
# @!attribute [rw] permission
|
469
|
+
# @return [::String]
|
470
|
+
# The permission.
|
471
|
+
# @!attribute [rw] analysis_state
|
472
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
|
473
|
+
# The analysis state of this access.
|
474
|
+
class Access
|
475
|
+
include ::Google::Protobuf::MessageExts
|
476
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
477
|
+
end
|
478
|
+
|
479
|
+
# An identity under analysis.
|
480
|
+
# (-- api-linter: core::0123::resource-annotation=disabled
|
481
|
+
# aip.dev/not-precedent: Identity name is not a resource. --)
|
482
|
+
# @!attribute [rw] name
|
483
|
+
# @return [::String]
|
484
|
+
# The identity name in any form of members appear in
|
485
|
+
# [IAM policy
|
486
|
+
# binding](https://cloud.google.com/iam/reference/rest/v1/Binding), such
|
487
|
+
# as:
|
488
|
+
# - user:foo@google.com
|
489
|
+
# - group:group1@google.com
|
490
|
+
# - serviceAccount:s1@prj1.iam.gserviceaccount.com
|
491
|
+
# - projectOwner:some_project_id
|
492
|
+
# - domain:google.com
|
493
|
+
# - allUsers
|
494
|
+
# - etc.
|
495
|
+
# @!attribute [rw] analysis_state
|
496
|
+
# @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
|
497
|
+
# The analysis state of this identity.
|
498
|
+
class Identity
|
499
|
+
include ::Google::Protobuf::MessageExts
|
500
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
501
|
+
end
|
502
|
+
|
503
|
+
# A directional edge.
|
504
|
+
# @!attribute [rw] source_node
|
505
|
+
# @return [::String]
|
506
|
+
# The source node of the edge. For example, it could be a full resource
|
507
|
+
# name for a resource node or an email of an identity.
|
508
|
+
# @!attribute [rw] target_node
|
509
|
+
# @return [::String]
|
510
|
+
# The target node of the edge. For example, it could be a full resource
|
511
|
+
# name for a resource node or an email of an identity.
|
512
|
+
class Edge
|
513
|
+
include ::Google::Protobuf::MessageExts
|
514
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
515
|
+
end
|
516
|
+
|
517
|
+
# An access control list, derived from the above IAM policy binding, which
|
518
|
+
# contains a set of resources and accesses. May include one
|
519
|
+
# item from each set to compose an access control entry.
|
520
|
+
#
|
521
|
+
# NOTICE that there could be multiple access control lists for one IAM policy
|
522
|
+
# binding. The access control lists are created based on resource and access
|
523
|
+
# combinations.
|
524
|
+
#
|
525
|
+
# For example, assume we have the following cases in one IAM policy binding:
|
526
|
+
# - Permission P1 and P2 apply to resource R1 and R2;
|
527
|
+
# - Permission P3 applies to resource R2 and R3;
|
528
|
+
#
|
529
|
+
# This will result in the following access control lists:
|
530
|
+
# - AccessControlList 1: [R1, R2], [P1, P2]
|
531
|
+
# - AccessControlList 2: [R2, R3], [P3]
|
532
|
+
# @!attribute [rw] resources
|
533
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Resource>]
|
534
|
+
# The resources that match one of the following conditions:
|
535
|
+
# - The resource_selector, if it is specified in request;
|
536
|
+
# - Otherwise, resources reachable from the policy attached resource.
|
537
|
+
# @!attribute [rw] accesses
|
538
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Access>]
|
539
|
+
# The accesses that match one of the following conditions:
|
540
|
+
# - The access_selector, if it is specified in request;
|
541
|
+
# - Otherwise, access specifiers reachable from the policy binding's role.
|
542
|
+
# @!attribute [rw] resource_edges
|
543
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Edge>]
|
544
|
+
# Resource edges of the graph starting from the policy attached
|
545
|
+
# resource to any descendant resources. The [Edge.source_node][] contains
|
546
|
+
# the full resource name of a parent resource and [Edge.target_node][]
|
547
|
+
# contains the full resource name of a child resource. This field is
|
548
|
+
# present only if the output_resource_edges option is enabled in request.
|
549
|
+
class AccessControlList
|
550
|
+
include ::Google::Protobuf::MessageExts
|
551
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
552
|
+
end
|
553
|
+
|
554
|
+
# The identities and group edges.
|
555
|
+
# @!attribute [rw] identities
|
556
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Identity>]
|
557
|
+
# Only the identities that match one of the following conditions will be
|
558
|
+
# presented:
|
559
|
+
# - The identity_selector, if it is specified in request;
|
560
|
+
# - Otherwise, identities reachable from the policy binding's members.
|
561
|
+
# @!attribute [rw] group_edges
|
562
|
+
# @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Edge>]
|
563
|
+
# Group identity edges of the graph starting from the binding's
|
564
|
+
# group members to any node of the [identities][]. The [Edge.source_node][]
|
565
|
+
# contains a group, such as `group:parent@google.com`. The
|
566
|
+
# [Edge.target_node][] contains a member of the group,
|
567
|
+
# such as `group:child@google.com` or `user:foo@google.com`.
|
568
|
+
# This field is present only if the output_group_edges option is enabled in
|
569
|
+
# request.
|
570
|
+
class IdentityList
|
571
|
+
include ::Google::Protobuf::MessageExts
|
572
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
573
|
+
end
|
574
|
+
end
|
351
575
|
end
|
352
576
|
end
|
353
577
|
end
|
@@ -0,0 +1,98 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Protobuf
|
22
|
+
# A Duration represents a signed, fixed-length span of time represented
|
23
|
+
# as a count of seconds and fractions of seconds at nanosecond
|
24
|
+
# resolution. It is independent of any calendar and concepts like "day"
|
25
|
+
# or "month". It is related to Timestamp in that the difference between
|
26
|
+
# two Timestamp values is a Duration and it can be added or subtracted
|
27
|
+
# from a Timestamp. Range is approximately +-10,000 years.
|
28
|
+
#
|
29
|
+
# # Examples
|
30
|
+
#
|
31
|
+
# Example 1: Compute Duration from two Timestamps in pseudo code.
|
32
|
+
#
|
33
|
+
# Timestamp start = ...;
|
34
|
+
# Timestamp end = ...;
|
35
|
+
# Duration duration = ...;
|
36
|
+
#
|
37
|
+
# duration.seconds = end.seconds - start.seconds;
|
38
|
+
# duration.nanos = end.nanos - start.nanos;
|
39
|
+
#
|
40
|
+
# if (duration.seconds < 0 && duration.nanos > 0) {
|
41
|
+
# duration.seconds += 1;
|
42
|
+
# duration.nanos -= 1000000000;
|
43
|
+
# } else if (duration.seconds > 0 && duration.nanos < 0) {
|
44
|
+
# duration.seconds -= 1;
|
45
|
+
# duration.nanos += 1000000000;
|
46
|
+
# }
|
47
|
+
#
|
48
|
+
# Example 2: Compute Timestamp from Timestamp + Duration in pseudo code.
|
49
|
+
#
|
50
|
+
# Timestamp start = ...;
|
51
|
+
# Duration duration = ...;
|
52
|
+
# Timestamp end = ...;
|
53
|
+
#
|
54
|
+
# end.seconds = start.seconds + duration.seconds;
|
55
|
+
# end.nanos = start.nanos + duration.nanos;
|
56
|
+
#
|
57
|
+
# if (end.nanos < 0) {
|
58
|
+
# end.seconds -= 1;
|
59
|
+
# end.nanos += 1000000000;
|
60
|
+
# } else if (end.nanos >= 1000000000) {
|
61
|
+
# end.seconds += 1;
|
62
|
+
# end.nanos -= 1000000000;
|
63
|
+
# }
|
64
|
+
#
|
65
|
+
# Example 3: Compute Duration from datetime.timedelta in Python.
|
66
|
+
#
|
67
|
+
# td = datetime.timedelta(days=3, minutes=10)
|
68
|
+
# duration = Duration()
|
69
|
+
# duration.FromTimedelta(td)
|
70
|
+
#
|
71
|
+
# # JSON Mapping
|
72
|
+
#
|
73
|
+
# In JSON format, the Duration type is encoded as a string rather than an
|
74
|
+
# object, where the string ends in the suffix "s" (indicating seconds) and
|
75
|
+
# is preceded by the number of seconds, with nanoseconds expressed as
|
76
|
+
# fractional seconds. For example, 3 seconds with 0 nanoseconds should be
|
77
|
+
# encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should
|
78
|
+
# be expressed in JSON format as "3.000000001s", and 3 seconds and 1
|
79
|
+
# microsecond should be expressed in JSON format as "3.000001s".
|
80
|
+
# @!attribute [rw] seconds
|
81
|
+
# @return [::Integer]
|
82
|
+
# Signed seconds of the span of time. Must be from -315,576,000,000
|
83
|
+
# to +315,576,000,000 inclusive. Note: these bounds are computed from:
|
84
|
+
# 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
|
85
|
+
# @!attribute [rw] nanos
|
86
|
+
# @return [::Integer]
|
87
|
+
# Signed fractions of a second at nanosecond resolution of the span
|
88
|
+
# of time. Durations less than one second are represented with a 0
|
89
|
+
# `seconds` field and a positive or negative `nanos` field. For durations
|
90
|
+
# of one second or more, a non-zero value for the `nanos` field must be
|
91
|
+
# of the same sign as the `seconds` field. Must be from -999,999,999
|
92
|
+
# to +999,999,999 inclusive.
|
93
|
+
class Duration
|
94
|
+
include ::Google::Protobuf::MessageExts
|
95
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|