google-cloud-asset-v1 0.5.3 → 0.9.0

data/lib/google/cloud/asset/v1/asset_service_pb.rb

@@ -26,6 +26,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "google.cloud.asset.v1.ExportAssetsResponse" do
       optional :read_time, :message, 1, "google.protobuf.Timestamp"
       optional :output_config, :message, 2, "google.cloud.asset.v1.OutputConfig"
+      optional :output_result, :message, 3, "google.cloud.asset.v1.OutputResult"
     end
     add_message "google.cloud.asset.v1.BatchGetAssetsHistoryRequest" do
       optional :parent, :string, 1
@@ -63,6 +64,14 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
         optional :bigquery_destination, :message, 2, "google.cloud.asset.v1.BigQueryDestination"
       end
     end
+    add_message "google.cloud.asset.v1.OutputResult" do
+      oneof :result do
+        optional :gcs_result, :message, 1, "google.cloud.asset.v1.GcsOutputResult"
+      end
+    end
+    add_message "google.cloud.asset.v1.GcsOutputResult" do
+      repeated :uris, :string, 1
+    end
     add_message "google.cloud.asset.v1.GcsDestination" do
       oneof :object_uri do
         optional :uri, :string, 1
@@ -73,6 +82,16 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :dataset, :string, 1
       optional :table, :string, 2
       optional :force, :bool, 3
+      optional :partition_spec, :message, 4, "google.cloud.asset.v1.PartitionSpec"
+      optional :separate_tables_per_asset_type, :bool, 5
+    end
+    add_message "google.cloud.asset.v1.PartitionSpec" do
+      optional :partition_key, :enum, 1, "google.cloud.asset.v1.PartitionSpec.PartitionKey"
+    end
+    add_enum "google.cloud.asset.v1.PartitionSpec.PartitionKey" do
+      value :PARTITION_KEY_UNSPECIFIED, 0
+      value :READ_TIME, 1
+      value :REQUEST_TIME, 2
     end
     add_message "google.cloud.asset.v1.PubsubDestination" do
       optional :topic, :string, 1
@@ -112,12 +131,78 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :results, :message, 1, "google.cloud.asset.v1.IamPolicySearchResult"
       optional :next_page_token, :string, 2
     end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery" do
+      optional :scope, :string, 1
+      optional :resource_selector, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector"
+      optional :identity_selector, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector"
+      optional :access_selector, :message, 4, "google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector"
+      optional :options, :message, 5, "google.cloud.asset.v1.IamPolicyAnalysisQuery.Options"
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector" do
+      optional :full_resource_name, :string, 1
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector" do
+      optional :identity, :string, 1
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector" do
+      repeated :roles, :string, 1
+      repeated :permissions, :string, 2
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.Options" do
+      optional :expand_groups, :bool, 1
+      optional :expand_roles, :bool, 2
+      optional :expand_resources, :bool, 3
+      optional :output_resource_edges, :bool, 4
+      optional :output_group_edges, :bool, 5
+      optional :analyze_service_account_impersonation, :bool, 6
+    end
+    add_message "google.cloud.asset.v1.AnalyzeIamPolicyRequest" do
+      optional :analysis_query, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisQuery"
+      optional :execution_timeout, :message, 2, "google.protobuf.Duration"
+    end
+    add_message "google.cloud.asset.v1.AnalyzeIamPolicyResponse" do
+      optional :main_analysis, :message, 1, "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis"
+      repeated :service_account_impersonation_analysis, :message, 2, "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis"
+      optional :fully_explored, :bool, 3
+    end
+    add_message "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis" do
+      optional :analysis_query, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisQuery"
+      repeated :analysis_results, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisResult"
+      optional :fully_explored, :bool, 3
+      repeated :non_critical_errors, :message, 5, "google.cloud.asset.v1.IamPolicyAnalysisState"
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig" do
+      oneof :destination do
+        optional :gcs_destination, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination"
+        optional :bigquery_destination, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination"
+      end
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination" do
+      optional :uri, :string, 1
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination" do
+      optional :dataset, :string, 1
+      optional :table_prefix, :string, 2
+      optional :partition_key, :enum, 3, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey"
+      optional :write_disposition, :string, 4
+    end
+    add_enum "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey" do
+      value :PARTITION_KEY_UNSPECIFIED, 0
+      value :REQUEST_TIME, 1
+    end
+    add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningRequest" do
+      optional :analysis_query, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisQuery"
+      optional :output_config, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig"
+    end
+    add_message "google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse" do
+    end
     add_enum "google.cloud.asset.v1.ContentType" do
       value :CONTENT_TYPE_UNSPECIFIED, 0
       value :RESOURCE, 1
       value :IAM_POLICY, 2
       value :ORG_POLICY, 4
       value :ACCESS_POLICY, 5
+      value :OS_INVENTORY, 6
     end
   end
 end
@@ -137,8 +222,12 @@ module Google
         UpdateFeedRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.UpdateFeedRequest").msgclass
         DeleteFeedRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.DeleteFeedRequest").msgclass
         OutputConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.OutputConfig").msgclass
+        OutputResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.OutputResult").msgclass
+        GcsOutputResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.GcsOutputResult").msgclass
         GcsDestination = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.GcsDestination").msgclass
         BigQueryDestination = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.BigQueryDestination").msgclass
+        PartitionSpec = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.PartitionSpec").msgclass
+        PartitionSpec::PartitionKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.PartitionSpec.PartitionKey").enummodule
         PubsubDestination = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.PubsubDestination").msgclass
         FeedOutputConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.FeedOutputConfig").msgclass
         Feed = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.Feed").msgclass
@@ -146,6 +235,20 @@ module Google
         SearchAllResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.SearchAllResourcesResponse").msgclass
         SearchAllIamPoliciesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.SearchAllIamPoliciesRequest").msgclass
         SearchAllIamPoliciesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.SearchAllIamPoliciesResponse").msgclass
+        IamPolicyAnalysisQuery = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery").msgclass
+        IamPolicyAnalysisQuery::ResourceSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector").msgclass
+        IamPolicyAnalysisQuery::IdentitySelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector").msgclass
+        IamPolicyAnalysisQuery::AccessSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector").msgclass
+        IamPolicyAnalysisQuery::Options = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.Options").msgclass
+        AnalyzeIamPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyRequest").msgclass
+        AnalyzeIamPolicyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse").msgclass
+        AnalyzeIamPolicyResponse::IamPolicyAnalysis = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis").msgclass
+        IamPolicyAnalysisOutputConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig").msgclass
+        IamPolicyAnalysisOutputConfig::GcsDestination = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination").msgclass
+        IamPolicyAnalysisOutputConfig::BigQueryDestination = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination").msgclass
+        IamPolicyAnalysisOutputConfig::BigQueryDestination::PartitionKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey").enummodule
+        AnalyzeIamPolicyLongrunningRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningRequest").msgclass
+        AnalyzeIamPolicyLongrunningResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyLongrunningResponse").msgclass
         ContentType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ContentType").enummodule
       end
     end

data/lib/google/cloud/asset/v1/asset_service_services_pb.rb

@@ -36,15 +36,14 @@ module Google
             # Exports assets with time and resource types to a given Cloud Storage
             # location/BigQuery table. For Cloud Storage location destinations, the
             # output format is newline-delimited JSON. Each line represents a
-            # [google.cloud.asset.v1.Asset][google.cloud.asset.v1.Asset] in the JSON
-            # format; for BigQuery table destinations, the output table stores the fields
-            # in asset proto as columns. This API implements the
-            # [google.longrunning.Operation][google.longrunning.Operation] API , which
-            # allows you to keep track of the export. We recommend intervals of at least
-            # 2 seconds with exponential retry to poll the export operation result. For
-            # regular-size resource parent, the export operation usually finishes within
-            # 5 minutes.
-            rpc :ExportAssets, Google::Cloud::Asset::V1::ExportAssetsRequest, Google::Longrunning::Operation
+            # [google.cloud.asset.v1.Asset][google.cloud.asset.v1.Asset] in the JSON format; for BigQuery table
+            # destinations, the output table stores the fields in asset proto as columns.
+            # This API implements the [google.longrunning.Operation][google.longrunning.Operation] API
+            # , which allows you to keep track of the export. We recommend intervals of
+            # at least 2 seconds with exponential retry to poll the export operation
+            # result. For regular-size resource parent, the export operation usually
+            # finishes within 5 minutes.
+            rpc :ExportAssets, ::Google::Cloud::Asset::V1::ExportAssetsRequest, ::Google::Longrunning::Operation
             # Batch gets the update history of assets that overlap a time window.
             # For IAM_POLICY content, this API outputs history when the asset and its
             # attached IAM POLICY both exist. This can create gaps in the output history.
@@ -52,28 +51,41 @@ module Google
             # deleted status.
             # If a specified asset does not exist, this API returns an INVALID_ARGUMENT
             # error.
-            rpc :BatchGetAssetsHistory, Google::Cloud::Asset::V1::BatchGetAssetsHistoryRequest, Google::Cloud::Asset::V1::BatchGetAssetsHistoryResponse
+            rpc :BatchGetAssetsHistory, ::Google::Cloud::Asset::V1::BatchGetAssetsHistoryRequest, ::Google::Cloud::Asset::V1::BatchGetAssetsHistoryResponse
             # Creates a feed in a parent project/folder/organization to listen to its
             # asset updates.
-            rpc :CreateFeed, Google::Cloud::Asset::V1::CreateFeedRequest, Google::Cloud::Asset::V1::Feed
+            rpc :CreateFeed, ::Google::Cloud::Asset::V1::CreateFeedRequest, ::Google::Cloud::Asset::V1::Feed
             # Gets details about an asset feed.
-            rpc :GetFeed, Google::Cloud::Asset::V1::GetFeedRequest, Google::Cloud::Asset::V1::Feed
+            rpc :GetFeed, ::Google::Cloud::Asset::V1::GetFeedRequest, ::Google::Cloud::Asset::V1::Feed
             # Lists all asset feeds in a parent project/folder/organization.
-            rpc :ListFeeds, Google::Cloud::Asset::V1::ListFeedsRequest, Google::Cloud::Asset::V1::ListFeedsResponse
+            rpc :ListFeeds, ::Google::Cloud::Asset::V1::ListFeedsRequest, ::Google::Cloud::Asset::V1::ListFeedsResponse
             # Updates an asset feed configuration.
-            rpc :UpdateFeed, Google::Cloud::Asset::V1::UpdateFeedRequest, Google::Cloud::Asset::V1::Feed
+            rpc :UpdateFeed, ::Google::Cloud::Asset::V1::UpdateFeedRequest, ::Google::Cloud::Asset::V1::Feed
             # Deletes an asset feed.
-            rpc :DeleteFeed, Google::Cloud::Asset::V1::DeleteFeedRequest, Google::Protobuf::Empty
-            # Searches all the resources within the given accessible scope (e.g., a
-            # project, a folder or an organization). Callers should have
-            # cloud.assets.SearchAllResources permission upon the requested scope,
+            rpc :DeleteFeed, ::Google::Cloud::Asset::V1::DeleteFeedRequest, ::Google::Protobuf::Empty
+            # Searches all Cloud resources within the specified scope, such as a project,
+            # folder, or organization. The caller must be granted the
+            # `cloudasset.assets.searchAllResources` permission on the desired scope,
             # otherwise the request will be rejected.
-            rpc :SearchAllResources, Google::Cloud::Asset::V1::SearchAllResourcesRequest, Google::Cloud::Asset::V1::SearchAllResourcesResponse
-            # Searches all the IAM policies within the given accessible scope (e.g., a
-            # project, a folder or an organization). Callers should have
-            # cloud.assets.SearchAllIamPolicies permission upon the requested scope,
+            rpc :SearchAllResources, ::Google::Cloud::Asset::V1::SearchAllResourcesRequest, ::Google::Cloud::Asset::V1::SearchAllResourcesResponse
+            # Searches all IAM policies within the specified scope, such as a project,
+            # folder, or organization. The caller must be granted the
+            # `cloudasset.assets.searchAllIamPolicies` permission on the desired scope,
             # otherwise the request will be rejected.
-            rpc :SearchAllIamPolicies, Google::Cloud::Asset::V1::SearchAllIamPoliciesRequest, Google::Cloud::Asset::V1::SearchAllIamPoliciesResponse
+            rpc :SearchAllIamPolicies, ::Google::Cloud::Asset::V1::SearchAllIamPoliciesRequest, ::Google::Cloud::Asset::V1::SearchAllIamPoliciesResponse
+            # Analyzes IAM policies to answer which identities have what accesses on
+            # which resources.
+            rpc :AnalyzeIamPolicy, ::Google::Cloud::Asset::V1::AnalyzeIamPolicyRequest, ::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse
+            # Analyzes IAM policies asynchronously to answer which identities have what
+            # accesses on which resources, and writes the analysis results to a Google
+            # Cloud Storage or a BigQuery destination. For Cloud Storage destination, the
+            # output format is the JSON format that represents a
+            # [AnalyzeIamPolicyResponse][google.cloud.asset.v1.AnalyzeIamPolicyResponse]. This method implements the
+            # [google.longrunning.Operation][google.longrunning.Operation], which allows you to track the operation
+            # status. We recommend intervals of at least 2 seconds with exponential
+            # backoff retry to poll the operation result. The metadata contains the
+            # request to help callers to map responses to requests.
+            rpc :AnalyzeIamPolicyLongrunning, ::Google::Cloud::Asset::V1::AnalyzeIamPolicyLongrunningRequest, ::Google::Longrunning::Operation
           end
 
           Stub = Service.rpc_stub_class

data/lib/google/cloud/asset/v1/assets_pb.rb

@@ -3,17 +3,18 @@
 
 require 'google/protobuf'
 
-require 'google/api/annotations_pb'
 require 'google/api/resource_pb'
 require 'google/cloud/orgpolicy/v1/orgpolicy_pb'
 require 'google/iam/v1/policy_pb'
 require 'google/identity/accesscontextmanager/v1/access_level_pb'
 require 'google/identity/accesscontextmanager/v1/access_policy_pb'
+require 'google/cloud/osconfig/v1/inventory_pb'
 require 'google/identity/accesscontextmanager/v1/service_perimeter_pb'
 require 'google/protobuf/any_pb'
 require 'google/protobuf/struct_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/rpc/code_pb'
+require 'google/api/annotations_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/cloud/asset/v1/assets.proto", :syntax => :proto3) do
     add_message "google.cloud.asset.v1.TemporalAsset" do
@@ -41,6 +42,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :resource, :message, 3, "google.cloud.asset.v1.Resource"
       optional :iam_policy, :message, 4, "google.iam.v1.Policy"
       repeated :org_policy, :message, 6, "google.cloud.orgpolicy.v1.Policy"
+      optional :os_inventory, :message, 12, "google.cloud.osconfig.v1.Inventory"
       repeated :ancestors, :string, 10
       oneof :access_context_policy do
         optional :access_policy, :message, 7, "google.identity.accesscontextmanager.v1.AccessPolicy"
@@ -80,6 +82,45 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions" do
       repeated :permissions, :string, 1
     end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisState" do
+      optional :code, :enum, 1, "google.rpc.Code"
+      optional :cause, :string, 2
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult" do
+      optional :attached_resource_full_name, :string, 1
+      optional :iam_binding, :message, 2, "google.iam.v1.Binding"
+      repeated :access_control_lists, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList"
+      optional :identity_list, :message, 4, "google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList"
+      optional :fully_explored, :bool, 5
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Resource" do
+      optional :full_resource_name, :string, 1
+      optional :analysis_state, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisState"
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Access" do
+      optional :analysis_state, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisState"
+      oneof :oneof_access do
+        optional :role, :string, 1
+        optional :permission, :string, 2
+      end
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Identity" do
+      optional :name, :string, 1
+      optional :analysis_state, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisState"
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Edge" do
+      optional :source_node, :string, 1
+      optional :target_node, :string, 2
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList" do
+      repeated :resources, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisResult.Resource"
+      repeated :accesses, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisResult.Access"
+      repeated :resource_edges, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisResult.Edge"
+    end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList" do
+      repeated :identities, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisResult.Identity"
+      repeated :group_edges, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisResult.Edge"
+    end
   end
 end
 
@@ -96,6 +137,14 @@ module Google
         IamPolicySearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult").msgclass
         IamPolicySearchResult::Explanation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation").msgclass
         IamPolicySearchResult::Explanation::Permissions = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions").msgclass
+        IamPolicyAnalysisState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisState").msgclass
+        IamPolicyAnalysisResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult").msgclass
+        IamPolicyAnalysisResult::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Resource").msgclass
+        IamPolicyAnalysisResult::Access = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Access").msgclass
+        IamPolicyAnalysisResult::Identity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Identity").msgclass
+        IamPolicyAnalysisResult::Edge = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Edge").msgclass
+        IamPolicyAnalysisResult::AccessControlList = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList").msgclass
+        IamPolicyAnalysisResult::IdentityList = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList").msgclass
       end
     end
   end

data/lib/google/cloud/asset/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module Asset
       module V1
-        VERSION = "0.5.3"
+        VERSION = "0.9.0"
       end
     end
   end

data/lib/google/cloud/osconfig/v1/inventory_pb.rb

@@ -0,0 +1,108 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/osconfig/v1/inventory.proto
+
+require 'google/protobuf'
+
+require 'google/protobuf/timestamp_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/osconfig/v1/inventory.proto", :syntax => :proto3) do
+    add_message "google.cloud.osconfig.v1.Inventory" do
+      optional :os_info, :message, 1, "google.cloud.osconfig.v1.Inventory.OsInfo"
+      map :items, :string, :message, 2, "google.cloud.osconfig.v1.Inventory.Item"
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.OsInfo" do
+      optional :hostname, :string, 9
+      optional :long_name, :string, 2
+      optional :short_name, :string, 3
+      optional :version, :string, 4
+      optional :architecture, :string, 5
+      optional :kernel_version, :string, 6
+      optional :kernel_release, :string, 7
+      optional :osconfig_agent_version, :string, 8
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.Item" do
+      optional :id, :string, 1
+      optional :origin_type, :enum, 2, "google.cloud.osconfig.v1.Inventory.Item.OriginType"
+      optional :create_time, :message, 8, "google.protobuf.Timestamp"
+      optional :update_time, :message, 9, "google.protobuf.Timestamp"
+      optional :type, :enum, 5, "google.cloud.osconfig.v1.Inventory.Item.Type"
+      oneof :details do
+        optional :installed_package, :message, 6, "google.cloud.osconfig.v1.Inventory.SoftwarePackage"
+        optional :available_package, :message, 7, "google.cloud.osconfig.v1.Inventory.SoftwarePackage"
+      end
+    end
+    add_enum "google.cloud.osconfig.v1.Inventory.Item.OriginType" do
+      value :ORIGIN_TYPE_UNSPECIFIED, 0
+      value :INVENTORY_REPORT, 1
+    end
+    add_enum "google.cloud.osconfig.v1.Inventory.Item.Type" do
+      value :TYPE_UNSPECIFIED, 0
+      value :INSTALLED_PACKAGE, 1
+      value :AVAILABLE_PACKAGE, 2
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.SoftwarePackage" do
+      oneof :details do
+        optional :yum_package, :message, 1, "google.cloud.osconfig.v1.Inventory.VersionedPackage"
+        optional :apt_package, :message, 2, "google.cloud.osconfig.v1.Inventory.VersionedPackage"
+        optional :zypper_package, :message, 3, "google.cloud.osconfig.v1.Inventory.VersionedPackage"
+        optional :googet_package, :message, 4, "google.cloud.osconfig.v1.Inventory.VersionedPackage"
+        optional :zypper_patch, :message, 5, "google.cloud.osconfig.v1.Inventory.ZypperPatch"
+        optional :wua_package, :message, 6, "google.cloud.osconfig.v1.Inventory.WindowsUpdatePackage"
+        optional :qfe_package, :message, 7, "google.cloud.osconfig.v1.Inventory.WindowsQuickFixEngineeringPackage"
+        optional :cos_package, :message, 8, "google.cloud.osconfig.v1.Inventory.VersionedPackage"
+      end
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.VersionedPackage" do
+      optional :package_name, :string, 4
+      optional :architecture, :string, 2
+      optional :version, :string, 3
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.WindowsUpdatePackage" do
+      optional :title, :string, 1
+      optional :description, :string, 2
+      repeated :categories, :message, 3, "google.cloud.osconfig.v1.Inventory.WindowsUpdatePackage.WindowsUpdateCategory"
+      repeated :kb_article_ids, :string, 4
+      optional :support_url, :string, 11
+      repeated :more_info_urls, :string, 5
+      optional :update_id, :string, 6
+      optional :revision_number, :int32, 7
+      optional :last_deployment_change_time, :message, 10, "google.protobuf.Timestamp"
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.WindowsUpdatePackage.WindowsUpdateCategory" do
+      optional :id, :string, 1
+      optional :name, :string, 2
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.ZypperPatch" do
+      optional :patch_name, :string, 5
+      optional :category, :string, 2
+      optional :severity, :string, 3
+      optional :summary, :string, 4
+    end
+    add_message "google.cloud.osconfig.v1.Inventory.WindowsQuickFixEngineeringPackage" do
+      optional :caption, :string, 1
+      optional :description, :string, 2
+      optional :hot_fix_id, :string, 3
+      optional :install_time, :message, 5, "google.protobuf.Timestamp"
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module OsConfig
+      module V1
+        Inventory = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory").msgclass
+        Inventory::OsInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.OsInfo").msgclass
+        Inventory::Item = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.Item").msgclass
+        Inventory::Item::OriginType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.Item.OriginType").enummodule
+        Inventory::Item::Type = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.Item.Type").enummodule
+        Inventory::SoftwarePackage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.SoftwarePackage").msgclass
+        Inventory::VersionedPackage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.VersionedPackage").msgclass
+        Inventory::WindowsUpdatePackage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.WindowsUpdatePackage").msgclass
+        Inventory::WindowsUpdatePackage::WindowsUpdateCategory = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.WindowsUpdatePackage.WindowsUpdateCategory").msgclass
+        Inventory::ZypperPatch = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.ZypperPatch").msgclass
+        Inventory::WindowsQuickFixEngineeringPackage = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1.Inventory.WindowsQuickFixEngineeringPackage").msgclass
+      end
+    end
+  end
+end

data/proto_docs/google/api/resource.rb

@@ -43,12 +43,12 @@ module Google
     #
     # The ResourceDescriptor Yaml config will look like:
     #
-    #    resources:
-    #    - type: "pubsub.googleapis.com/Topic"
-    #      name_descriptor:
-    #        - pattern: "projects/\\{project}/topics/\\{topic}"
-    #          parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #          parent_name_extractor: "projects/\\{project}"
+    #     resources:
+    #     - type: "pubsub.googleapis.com/Topic"
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
     #
     # Sometimes, resources have multiple patterns, typically because they can
     # live under multiple parents.
@@ -183,15 +183,24 @@ module Google
     #         }
     # @!attribute [rw] plural
     #   @return [::String]
-    #     The plural name used in the resource name, such as 'projects' for
-    #     the name of 'projects/\\{project}'. It is the same concept of the `plural`
-    #     field in k8s CRD spec
+    #     The plural name used in the resource name and permission names, such as
+    #     'projects' for the resource name of 'projects/\\{project}' and the permission
+    #     name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
+    #     concept of the `plural` field in k8s CRD spec
     #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #
+    #     Note: The plural form is required even for singleton resources. See
+    #     https://aip.dev/156
     # @!attribute [rw] singular
     #   @return [::String]
     #     The same concept of the `singular` field in k8s CRD spec
     #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
     #     Such as "project" for the `resourcemanager.googleapis.com/Project` type.
+    # @!attribute [rw] style
+    #   @return [::Array<::Google::Api::ResourceDescriptor::Style>]
+    #     Style flag(s) for this resource.
+    #     These indicate that a resource is expected to conform to a given
+    #     style. See the specific style flags for additional information.
     class ResourceDescriptor
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -211,6 +220,22 @@ module Google
         # that from being necessary once there are multiple patterns.)
         FUTURE_MULTI_PATTERN = 2
       end
+
+      # A flag representing a specific style that a resource claims to conform to.
+      module Style
+        # The unspecified value. Do not use.
+        STYLE_UNSPECIFIED = 0
+
+        # This resource is intended to be "declarative-friendly".
+        #
+        # Declarative-friendly resources must be more strictly consistent, and
+        # setting this to true communicates to tools that this resource should
+        # adhere to declarative-friendly expectations.
+        #
+        # Note: This is used by the API linter (linter.aip.dev) to enable
+        # additional checks.
+        DECLARATIVE_FRIENDLY = 1
+      end
     end
 
     # Defines a proto annotation that describes a string field that refers to
@@ -226,6 +251,17 @@ module Google
     #             type: "pubsub.googleapis.com/Topic"
     #           }];
     #         }
+    #
+    #     Occasionally, a field may reference an arbitrary resource. In this case,
+    #     APIs use the special value * in their resource reference.
+    #
+    #     Example:
+    #
+    #         message GetIamPolicyRequest {
+    #           string resource = 2 [(google.api.resource_reference) = {
+    #             type: "*"
+    #           }];
+    #         }
     # @!attribute [rw] child_type
     #   @return [::String]
     #     The resource type of a child collection that the annotated field
@@ -234,11 +270,11 @@ module Google
     #
     #     Example:
     #
-    #       message ListLogEntriesRequest {
-    #         string parent = 1 [(google.api.resource_reference) = {
-    #           child_type: "logging.googleapis.com/LogEntry"
-    #         };
-    #       }
+    #         message ListLogEntriesRequest {
+    #           string parent = 1 [(google.api.resource_reference) = {
+    #             child_type: "logging.googleapis.com/LogEntry"
+    #           };
+    #         }
     class ResourceReference
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods