google-cloud-asset-v1 0.11.0 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 46d2dae780be9b911cc5c6669adddec0675b5eaabcde6d6298044932e1b2140e
-  data.tar.gz: d29b266276dfb3c6698f5a2c18f2ed8309df3b29be64df68fa376110c1a39322
+  metadata.gz: 891090c6919656207064a14b1101e602479a7006bbf90e28e8940736d6a06054
+  data.tar.gz: 53ccaba37d8c75b556e5d99ea2a3303a09c6088a06faf41979380efbd1afc258
 SHA512:
-  metadata.gz: c75af2b681517e3ead7f999240db55f809cd6cba6cfc78a91680eceb79a33c0b680ef8cd3b0e5f6deb033944a682dbc15ba345dfe1c079fc9af5ba7f5a421c2b
-  data.tar.gz: 0ea7430442e24daeeb1a3201379a81e7645a30181d94368922642aa14421bd6510215f596ff17bf6c90a4dfb19acb569c8dfa739fef1ef8df8b4e8a88c93d5eb
+  metadata.gz: dcf71ccf88416d2e4baa789c5b0f7882f70753d60cdd2d35db170bef50350e1a40d325fbd45378eac33e330bc3137349e72706e0100d0cc513c4ef20061207bd
+  data.tar.gz: c132e6b6d39104a421332d9e2e4fbdecdb138cecf9ebaee94a5425760316626114e76adde474dc9f8b35c062f28a53aa90f837ad7469093edde4899d4befdf2f

data/lib/google/cloud/asset/v1/asset_service/client.rb

@@ -67,6 +67,14 @@ module Google
 
                 default_config.rpcs.export_assets.timeout = 60.0
 
+                default_config.rpcs.list_assets.timeout = 60.0
+                default_config.rpcs.list_assets.retry_policy = {
+                  initial_delay: 0.1,
+              max_delay: 60.0,
+              multiplier: 1.3,
+              retry_codes: [4, 14]
+                }
+
                 default_config.rpcs.batch_get_assets_history.timeout = 60.0
                 default_config.rpcs.batch_get_assets_history.retry_policy = {
                   initial_delay: 0.1,
@@ -335,6 +343,112 @@ module Google
               raise ::Google::Cloud::Error.from_error(e)
             end
 
+            ##
+            # Lists assets with time and resource types and returns paged results in
+            # response.
+            #
+            # @overload list_assets(request, options = nil)
+            #   Pass arguments to `list_assets` via a request object, either of type
+            #   {::Google::Cloud::Asset::V1::ListAssetsRequest} or an equivalent Hash.
+            #
+            #   @param request [::Google::Cloud::Asset::V1::ListAssetsRequest, ::Hash]
+            #     A request object representing the call parameters. Required. To specify no
+            #     parameters, or to keep all the default parameter values, pass an empty Hash.
+            #   @param options [::Gapic::CallOptions, ::Hash]
+            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
+            #
+            # @overload list_assets(parent: nil, read_time: nil, asset_types: nil, content_type: nil, page_size: nil, page_token: nil)
+            #   Pass arguments to `list_assets` via keyword arguments. Note that at
+            #   least one keyword argument is required. To specify no parameters, or to keep all
+            #   the default parameter values, pass an empty Hash as a request object (see above).
+            #
+            #   @param parent [::String]
+            #     Required. Name of the organization or project the assets belong to. Format:
+            #     "organizations/[organization-number]" (such as "organizations/123"),
+            #     "projects/[project-id]" (such as "projects/my-project-id"), or
+            #     "projects/[project-number]" (such as "projects/12345").
+            #   @param read_time [::Google::Protobuf::Timestamp, ::Hash]
+            #     Timestamp to take an asset snapshot. This can only be set to a timestamp
+            #     between the current time and the current time minus 35 days (inclusive).
+            #     If not specified, the current time will be used. Due to delays in resource
+            #     data collection and indexing, there is a volatile window during which
+            #     running the same query may get different results.
+            #   @param asset_types [::Array<::String>]
+            #     A list of asset types to take a snapshot for. For example:
+            #     "compute.googleapis.com/Disk".
+            #
+            #     Regular expression is also supported. For example:
+            #
+            #     * "compute.googleapis.com.*" snapshots resources whose asset type starts
+            #     with "compute.googleapis.com".
+            #     * ".*Instance" snapshots resources whose asset type ends with "Instance".
+            #     * ".*Instance.*" snapshots resources whose asset type contains "Instance".
+            #
+            #     See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
+            #     regular expression syntax. If the regular expression does not match any
+            #     supported asset type, an INVALID_ARGUMENT error will be returned.
+            #
+            #     If specified, only matching assets will be returned, otherwise, it will
+            #     snapshot all asset types. See [Introduction to Cloud Asset
+            #     Inventory](https://cloud.google.com/asset-inventory/docs/overview)
+            #     for all supported asset types.
+            #   @param content_type [::Google::Cloud::Asset::V1::ContentType]
+            #     Asset content type. If not specified, no content but the asset name will
+            #     be returned.
+            #   @param page_size [::Integer]
+            #     The maximum number of assets to be returned in a single response. Default
+            #     is 100, minimum is 1, and maximum is 1000.
+            #   @param page_token [::String]
+            #     The `next_page_token` returned from the previous `ListAssetsResponse`, or
+            #     unspecified for the first `ListAssetsRequest`. It is a continuation of a
+            #     prior `ListAssets` call, and the API should return the next page of assets.
+            #
+            # @yield [response, operation] Access the result along with the RPC operation
+            # @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Asset::V1::Asset>]
+            # @yieldparam operation [::GRPC::ActiveCall::Operation]
+            #
+            # @return [::Gapic::PagedEnumerable<::Google::Cloud::Asset::V1::Asset>]
+            #
+            # @raise [::Google::Cloud::Error] if the RPC is aborted.
+            #
+            def list_assets request, options = nil
+              raise ::ArgumentError, "request must be provided" if request.nil?
+
+              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Asset::V1::ListAssetsRequest
+
+              # Converts hash and nil to an options object
+              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+
+              # Customize the options with defaults
+              metadata = @config.rpcs.list_assets.metadata.to_h
+
+              # Set x-goog-api-client and x-goog-user-project headers
+              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                lib_name: @config.lib_name, lib_version: @config.lib_version,
+                gapic_version: ::Google::Cloud::Asset::V1::VERSION
+              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+
+              header_params = {
+                "parent" => request.parent
+              }
+              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
+              metadata[:"x-goog-request-params"] ||= request_params_header
+
+              options.apply_defaults timeout:      @config.rpcs.list_assets.timeout,
+                                     metadata:     metadata,
+                                     retry_policy: @config.rpcs.list_assets.retry_policy
+              options.apply_defaults metadata:     @config.metadata,
+                                     retry_policy: @config.retry_policy
+
+              @asset_service_stub.call_rpc :list_assets, request, options: options do |response, operation|
+                response = ::Gapic::PagedEnumerable.new @asset_service_stub, :list_assets, request, response, operation, options
+                yield response, operation if block_given?
+                return response
+              end
+            rescue ::GRPC::BadStatus => e
+              raise ::Google::Cloud::Error.from_error(e)
+            end
+
             ##
             # Batch gets the update history of assets that overlap a time window.
             # For IAM_POLICY content, this API outputs history when the asset and its
@@ -811,7 +925,7 @@ module Google
             #   @param scope [::String]
             #     Required. A scope can be a project, a folder, or an organization. The search is
             #     limited to the resources within the `scope`. The caller must be granted the
-            #     [`cloudasset.assets.searchAllResources`](http://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
+            #     [`cloudasset.assets.searchAllResources`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
             #     permission on the desired scope.
             #
             #     The allowed values are:
@@ -822,36 +936,41 @@ module Google
             #     * organizations/\\{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
             #   @param query [::String]
             #     Optional. The query statement. See [how to construct a
-            #     query](http://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query)
+            #     query](https://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query)
             #     for more information. If not specified or empty, it will search all the
-            #     resources within the specified `scope`. Note that the query string is
-            #     compared against each Cloud IAM policy binding, including its members,
-            #     roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
-            #     contain the bindings that match your query. To learn more about the IAM
-            #     policy structure, see [IAM policy
-            #     doc](https://cloud.google.com/iam/docs/policies#structure).
+            #     resources within the specified `scope`.
             #
             #     Examples:
             #
             #     * `name:Important` to find Cloud resources whose name contains
             #       "Important" as a word.
+            #     * `name=Important` to find the Cloud resource whose name is exactly
+            #       "Important".
             #     * `displayName:Impor*` to find Cloud resources whose display name
-            #       contains "Impor" as a prefix.
-            #     * `description:*por*` to find Cloud resources whose description
-            #       contains "por" as a substring.
-            #     * `location:us-west*` to find Cloud resources whose location is
-            #       prefixed with "us-west".
+            #       contains "Impor" as a prefix of any word in the field.
+            #     * `location:us-west*` to find Cloud resources whose location contains both
+            #       "us" and "west" as prefixes.
             #     * `labels:prod` to find Cloud resources whose labels contain "prod" as
             #       a key or value.
             #     * `labels.env:prod` to find Cloud resources that have a label "env"
             #       and its value is "prod".
             #     * `labels.env:*` to find Cloud resources that have a label "env".
+            #     * `kmsKey:key` to find Cloud resources encrypted with a customer-managed
+            #       encryption key whose name contains the word "key".
+            #     * `state:ACTIVE` to find Cloud resources whose state contains "ACTIVE" as a
+            #       word.
+            #     * `NOT state:ACTIVE` to find \\{\\{gcp_name}} resources whose state
+            #       doesn't contain "ACTIVE" as a word.
+            #     * `createTime<1609459200` to find Cloud resources that were created before
+            #       "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
+            #       "2021-01-01 00:00:00 UTC" in seconds.
+            #     * `updateTime>1609459200` to find Cloud resources that were updated after
+            #       "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
+            #       "2021-01-01 00:00:00 UTC" in seconds.
             #     * `Important` to find Cloud resources that contain "Important" as a word
             #       in any of the searchable fields.
-            #     * `Impor*` to find Cloud resources that contain "Impor" as a prefix
-            #       in any of the searchable fields.
-            #     * `*por*` to find Cloud resources that contain "por" as a substring in
-            #       any of the searchable fields.
+            #     * `Impor*` to find Cloud resources that contain "Impor" as a prefix of any
+            #       word in any of the searchable fields.
             #     * `Important location:(us-west1 OR global)` to find Cloud
             #       resources that contain "Important" as a word in any of the searchable
             #       fields and are also located in the "us-west1" region or the "global"
@@ -860,6 +979,17 @@ module Google
             #     Optional. A list of asset types that this request searches for. If empty, it will
             #     search all the [searchable asset
             #     types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).
+            #
+            #     Regular expressions are also supported. For example:
+            #
+            #     * "compute.googleapis.com.*" snapshots resources whose asset type starts
+            #     with "compute.googleapis.com".
+            #     * ".*Instance" snapshots resources whose asset type ends with "Instance".
+            #     * ".*Instance.*" snapshots resources whose asset type contains "Instance".
+            #
+            #     See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
+            #     regular expression syntax. If the regular expression does not match any
+            #     supported asset type, an INVALID_ARGUMENT error will be returned.
             #   @param page_size [::Integer]
             #     Optional. The page size for search result pagination. Page size is capped at 500 even
             #     if a larger value is given. If set to zero, server will pick an appropriate
@@ -871,12 +1001,24 @@ module Google
             #     the previous response. The values of all other method parameters, must be
             #     identical to those in the previous call.
             #   @param order_by [::String]
-            #     Optional. A comma separated list of fields specifying the sorting order of the
+            #     Optional. A comma-separated list of fields specifying the sorting order of the
             #     results. The default order is ascending. Add " DESC" after the field name
             #     to indicate descending order. Redundant space characters are ignored.
-            #     Example: "location DESC, name". Only string fields in the response are
-            #     sortable, including `name`, `displayName`, `description`, `location`. All
-            #     the other fields such as repeated fields (e.g., `networkTags`), map
+            #     Example: "location DESC, name".
+            #     Only singular primitive fields in the response are sortable:
+            #       * name
+            #       * assetType
+            #       * project
+            #       * displayName
+            #       * description
+            #       * location
+            #       * kmsKey
+            #       * createTime
+            #       * updateTime
+            #       * state
+            #       * parentFullResourceName
+            #       * parentAssetType
+            #     All the other fields such as repeated fields (e.g., `networkTags`), map
             #     fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`)
             #     are not supported.
             #
@@ -951,7 +1093,7 @@ module Google
             #     Required. A scope can be a project, a folder, or an organization. The search is
             #     limited to the IAM policies within the `scope`. The caller must be granted
             #     the
-            #     [`cloudasset.assets.searchAllIamPolicies`](http://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
+            #     [`cloudasset.assets.searchAllIamPolicies`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
             #     permission on the desired scope.
             #
             #     The allowed values are:
@@ -964,7 +1106,12 @@ module Google
             #     Optional. The query statement. See [how to construct a
             #     query](https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query)
             #     for more information. If not specified or empty, it will search all the
-            #     IAM policies within the specified `scope`.
+            #     IAM policies within the specified `scope`. Note that the query string is
+            #     compared against each Cloud IAM policy binding, including its members,
+            #     roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
+            #     contain the bindings that match your query. To learn more about the IAM
+            #     policy structure, see [IAM policy
+            #     doc](https://cloud.google.com/iam/docs/policies#structure).
             #
             #     Examples:
             #
@@ -972,18 +1119,25 @@ module Google
             #       "amy@gmail.com".
             #     * `policy:roles/compute.admin` to find IAM policy bindings that specify
             #       the Compute Admin role.
+            #     * `policy:comp*` to find IAM policy bindings that contain "comp" as a
+            #       prefix of any word in the binding.
             #     * `policy.role.permissions:storage.buckets.update` to find IAM policy
             #       bindings that specify a role containing "storage.buckets.update"
             #       permission. Note that if callers don't have `iam.roles.get` access to a
             #       role's included permissions, policy bindings that specify this role will
             #       be dropped from the search results.
+            #     * `policy.role.permissions:upd*` to find IAM policy bindings that specify a
+            #       role containing "upd" as a prefix of any word in the role permission.
+            #       Note that if callers don't have `iam.roles.get` access to a role's
+            #       included permissions, policy bindings that specify this role will be
+            #       dropped from the search results.
             #     * `resource:organizations/123456` to find IAM policy bindings
             #       that are set on "organizations/123456".
+            #     * `resource=//cloudresourcemanager.googleapis.com/projects/myproject` to
+            #       find IAM policy bindings that are set on the project named "myproject".
             #     * `Important` to find IAM policy bindings that contain "Important" as a
             #       word in any of the searchable fields (except for the included
             #       permissions).
-            #     * `*por*` to find IAM policy bindings that contain "por" as a substring
-            #       in any of the searchable fields (except for the included permissions).
             #     * `resource:(instance1 OR instance2) policy:amy` to find
             #       IAM policy bindings that are set on resources "instance1" or
             #       "instance2" and also specify user "amy".
@@ -1341,6 +1495,11 @@ module Google
                 #
                 attr_reader :export_assets
                 ##
+                # RPC-specific configuration for `list_assets`
+                # @return [::Gapic::Config::Method]
+                #
+                attr_reader :list_assets
+                ##
                 # RPC-specific configuration for `batch_get_assets_history`
                 # @return [::Gapic::Config::Method]
                 #
@@ -1395,6 +1554,8 @@ module Google
                 def initialize parent_rpcs = nil
                   export_assets_config = parent_rpcs.export_assets if parent_rpcs.respond_to? :export_assets
                   @export_assets = ::Gapic::Config::Method.new export_assets_config
+                  list_assets_config = parent_rpcs.list_assets if parent_rpcs.respond_to? :list_assets
+                  @list_assets = ::Gapic::Config::Method.new list_assets_config
                   batch_get_assets_history_config = parent_rpcs.batch_get_assets_history if parent_rpcs.respond_to? :batch_get_assets_history
                   @batch_get_assets_history = ::Gapic::Config::Method.new batch_get_assets_history_config
                   create_feed_config = parent_rpcs.create_feed if parent_rpcs.respond_to? :create_feed

data/lib/google/cloud/asset/v1/asset_service_pb.rb

@@ -12,6 +12,7 @@ require 'google/longrunning/operations_pb'
 require 'google/protobuf/duration_pb'
 require 'google/protobuf/empty_pb'
 require 'google/protobuf/field_mask_pb'
+require 'google/protobuf/struct_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/type/expr_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
@@ -28,6 +29,19 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :output_config, :message, 2, "google.cloud.asset.v1.OutputConfig"
       optional :output_result, :message, 3, "google.cloud.asset.v1.OutputResult"
     end
+    add_message "google.cloud.asset.v1.ListAssetsRequest" do
+      optional :parent, :string, 1
+      optional :read_time, :message, 2, "google.protobuf.Timestamp"
+      repeated :asset_types, :string, 3
+      optional :content_type, :enum, 4, "google.cloud.asset.v1.ContentType"
+      optional :page_size, :int32, 5
+      optional :page_token, :string, 6
+    end
+    add_message "google.cloud.asset.v1.ListAssetsResponse" do
+      optional :read_time, :message, 1, "google.protobuf.Timestamp"
+      repeated :assets, :message, 2, "google.cloud.asset.v1.Asset"
+      optional :next_page_token, :string, 3
+    end
     add_message "google.cloud.asset.v1.BatchGetAssetsHistoryRequest" do
       optional :parent, :string, 1
       repeated :asset_names, :string, 2
@@ -137,6 +151,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :identity_selector, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector"
       optional :access_selector, :message, 4, "google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector"
       optional :options, :message, 5, "google.cloud.asset.v1.IamPolicyAnalysisQuery.Options"
+      optional :condition_context, :message, 6, "google.cloud.asset.v1.IamPolicyAnalysisQuery.ConditionContext"
     end
     add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector" do
       optional :full_resource_name, :string, 1
@@ -156,6 +171,11 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :output_group_edges, :bool, 5
       optional :analyze_service_account_impersonation, :bool, 6
     end
+    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.ConditionContext" do
+      oneof :TimeContext do
+        optional :access_time, :message, 1, "google.protobuf.Timestamp"
+      end
+    end
     add_message "google.cloud.asset.v1.AnalyzeIamPolicyRequest" do
       optional :analysis_query, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisQuery"
       optional :execution_timeout, :message, 2, "google.protobuf.Duration"
@@ -213,6 +233,8 @@ module Google
       module V1
         ExportAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsRequest").msgclass
         ExportAssetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportAssetsResponse").msgclass
+        ListAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ListAssetsRequest").msgclass
+        ListAssetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ListAssetsResponse").msgclass
         BatchGetAssetsHistoryRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.BatchGetAssetsHistoryRequest").msgclass
         BatchGetAssetsHistoryResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.BatchGetAssetsHistoryResponse").msgclass
         CreateFeedRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.CreateFeedRequest").msgclass
@@ -240,6 +262,7 @@ module Google
         IamPolicyAnalysisQuery::IdentitySelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector").msgclass
         IamPolicyAnalysisQuery::AccessSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector").msgclass
         IamPolicyAnalysisQuery::Options = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.Options").msgclass
+        IamPolicyAnalysisQuery::ConditionContext = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.ConditionContext").msgclass
         AnalyzeIamPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyRequest").msgclass
         AnalyzeIamPolicyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse").msgclass
         AnalyzeIamPolicyResponse::IamPolicyAnalysis = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis").msgclass

data/lib/google/cloud/asset/v1/asset_service_services_pb.rb

@@ -27,7 +27,7 @@ module Google
           # Asset service definition.
           class Service
 
-            include GRPC::GenericService
+            include ::GRPC::GenericService
 
             self.marshal_class_method = :encode
             self.unmarshal_class_method = :decode
@@ -44,6 +44,9 @@ module Google
             # result. For regular-size resource parent, the export operation usually
             # finishes within 5 minutes.
             rpc :ExportAssets, ::Google::Cloud::Asset::V1::ExportAssetsRequest, ::Google::Longrunning::Operation
+            # Lists assets with time and resource types and returns paged results in
+            # response.
+            rpc :ListAssets, ::Google::Cloud::Asset::V1::ListAssetsRequest, ::Google::Cloud::Asset::V1::ListAssetsResponse
             # Batch gets the update history of assets that overlap a time window.
             # For IAM_POLICY content, this API outputs history when the asset and its
             # attached IAM POLICY both exist. This can create gaps in the output history.

data/lib/google/cloud/asset/v1/assets_pb.rb

@@ -63,12 +63,20 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :name, :string, 1
       optional :asset_type, :string, 2
       optional :project, :string, 3
+      repeated :folders, :string, 17
+      optional :organization, :string, 18
       optional :display_name, :string, 4
       optional :description, :string, 5
       optional :location, :string, 6
       map :labels, :string, :string, 7
       repeated :network_tags, :string, 8
+      optional :kms_key, :string, 10
+      optional :create_time, :message, 11, "google.protobuf.Timestamp"
+      optional :update_time, :message, 12, "google.protobuf.Timestamp"
+      optional :state, :string, 13
       optional :additional_attributes, :message, 9, "google.protobuf.Struct"
+      optional :parent_full_resource_name, :string, 19
+      optional :parent_asset_type, :string, 103
     end
     add_message "google.cloud.asset.v1.IamPolicySearchResult" do
       optional :resource, :string, 1
@@ -86,6 +94,15 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :code, :enum, 1, "google.rpc.Code"
       optional :cause, :string, 2
     end
+    add_message "google.cloud.asset.v1.ConditionEvaluation" do
+      optional :evaluation_value, :enum, 1, "google.cloud.asset.v1.ConditionEvaluation.EvaluationValue"
+    end
+    add_enum "google.cloud.asset.v1.ConditionEvaluation.EvaluationValue" do
+      value :EVALUATION_VALUE_UNSPECIFIED, 0
+      value :TRUE, 1
+      value :FALSE, 2
+      value :CONDITIONAL, 3
+    end
     add_message "google.cloud.asset.v1.IamPolicyAnalysisResult" do
       optional :attached_resource_full_name, :string, 1
       optional :iam_binding, :message, 2, "google.iam.v1.Binding"
@@ -116,6 +133,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :resources, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisResult.Resource"
       repeated :accesses, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisResult.Access"
       repeated :resource_edges, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisResult.Edge"
+      optional :condition_evaluation, :message, 4, "google.cloud.asset.v1.ConditionEvaluation"
     end
     add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList" do
       repeated :identities, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisResult.Identity"
@@ -138,6 +156,8 @@ module Google
         IamPolicySearchResult::Explanation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation").msgclass
         IamPolicySearchResult::Explanation::Permissions = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions").msgclass
         IamPolicyAnalysisState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisState").msgclass
+        ConditionEvaluation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ConditionEvaluation").msgclass
+        ConditionEvaluation::EvaluationValue = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ConditionEvaluation.EvaluationValue").enummodule
         IamPolicyAnalysisResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult").msgclass
         IamPolicyAnalysisResult::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Resource").msgclass
         IamPolicyAnalysisResult::Access = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Access").msgclass

data/lib/google/cloud/asset/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module Asset
       module V1
-        VERSION = "0.11.0"
+        VERSION = "0.12.0"
       end
     end
   end

data/proto_docs/google/cloud/asset/v1/asset_service.rb

@@ -88,6 +88,75 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # ListAssets request.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of the organization or project the assets belong to. Format:
+        #     "organizations/[organization-number]" (such as "organizations/123"),
+        #     "projects/[project-id]" (such as "projects/my-project-id"), or
+        #     "projects/[project-number]" (such as "projects/12345").
+        # @!attribute [rw] read_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Timestamp to take an asset snapshot. This can only be set to a timestamp
+        #     between the current time and the current time minus 35 days (inclusive).
+        #     If not specified, the current time will be used. Due to delays in resource
+        #     data collection and indexing, there is a volatile window during which
+        #     running the same query may get different results.
+        # @!attribute [rw] asset_types
+        #   @return [::Array<::String>]
+        #     A list of asset types to take a snapshot for. For example:
+        #     "compute.googleapis.com/Disk".
+        #
+        #     Regular expression is also supported. For example:
+        #
+        #     * "compute.googleapis.com.*" snapshots resources whose asset type starts
+        #     with "compute.googleapis.com".
+        #     * ".*Instance" snapshots resources whose asset type ends with "Instance".
+        #     * ".*Instance.*" snapshots resources whose asset type contains "Instance".
+        #
+        #     See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
+        #     regular expression syntax. If the regular expression does not match any
+        #     supported asset type, an INVALID_ARGUMENT error will be returned.
+        #
+        #     If specified, only matching assets will be returned, otherwise, it will
+        #     snapshot all asset types. See [Introduction to Cloud Asset
+        #     Inventory](https://cloud.google.com/asset-inventory/docs/overview)
+        #     for all supported asset types.
+        # @!attribute [rw] content_type
+        #   @return [::Google::Cloud::Asset::V1::ContentType]
+        #     Asset content type. If not specified, no content but the asset name will
+        #     be returned.
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     The maximum number of assets to be returned in a single response. Default
+        #     is 100, minimum is 1, and maximum is 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     The `next_page_token` returned from the previous `ListAssetsResponse`, or
+        #     unspecified for the first `ListAssetsRequest`. It is a continuation of a
+        #     prior `ListAssets` call, and the API should return the next page of assets.
+        class ListAssetsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # ListAssets response.
+        # @!attribute [rw] read_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Time the snapshot was taken.
+        # @!attribute [rw] assets
+        #   @return [::Array<::Google::Cloud::Asset::V1::Asset>]
+        #     Assets.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     Token to retrieve the next page of results. It expires 72 hours after the
+        #     page token for the first page is generated. Set to empty if there are no
+        #     remaining results.
+        class ListAssetsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Batch get assets history request.
         # @!attribute [rw] parent
         #   @return [::String]
@@ -253,6 +322,10 @@ module Google
         #     Editing Object
         #     Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
         #     for more information.
+        #
+        #     If the specified Cloud Storage object already exists and there is no
+        #     [hold](https://cloud.google.com/storage/docs/object-holds), it will be
+        #     overwritten with the exported result.
         # @!attribute [rw] uri_prefix
         #   @return [::String]
         #     The uri prefix of all generated Cloud Storage objects. Example:
@@ -457,7 +530,7 @@ module Google
         #   @return [::String]
         #     Required. A scope can be a project, a folder, or an organization. The search is
         #     limited to the resources within the `scope`. The caller must be granted the
-        #     [`cloudasset.assets.searchAllResources`](http://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
+        #     [`cloudasset.assets.searchAllResources`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
         #     permission on the desired scope.
         #
         #     The allowed values are:
@@ -469,36 +542,41 @@ module Google
         # @!attribute [rw] query
         #   @return [::String]
         #     Optional. The query statement. See [how to construct a
-        #     query](http://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query)
+        #     query](https://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query)
         #     for more information. If not specified or empty, it will search all the
-        #     resources within the specified `scope`. Note that the query string is
-        #     compared against each Cloud IAM policy binding, including its members,
-        #     roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
-        #     contain the bindings that match your query. To learn more about the IAM
-        #     policy structure, see [IAM policy
-        #     doc](https://cloud.google.com/iam/docs/policies#structure).
+        #     resources within the specified `scope`.
         #
         #     Examples:
         #
         #     * `name:Important` to find Cloud resources whose name contains
         #       "Important" as a word.
+        #     * `name=Important` to find the Cloud resource whose name is exactly
+        #       "Important".
         #     * `displayName:Impor*` to find Cloud resources whose display name
-        #       contains "Impor" as a prefix.
-        #     * `description:*por*` to find Cloud resources whose description
-        #       contains "por" as a substring.
-        #     * `location:us-west*` to find Cloud resources whose location is
-        #       prefixed with "us-west".
+        #       contains "Impor" as a prefix of any word in the field.
+        #     * `location:us-west*` to find Cloud resources whose location contains both
+        #       "us" and "west" as prefixes.
         #     * `labels:prod` to find Cloud resources whose labels contain "prod" as
         #       a key or value.
         #     * `labels.env:prod` to find Cloud resources that have a label "env"
         #       and its value is "prod".
         #     * `labels.env:*` to find Cloud resources that have a label "env".
+        #     * `kmsKey:key` to find Cloud resources encrypted with a customer-managed
+        #       encryption key whose name contains the word "key".
+        #     * `state:ACTIVE` to find Cloud resources whose state contains "ACTIVE" as a
+        #       word.
+        #     * `NOT state:ACTIVE` to find \\{\\{gcp_name}} resources whose state
+        #       doesn't contain "ACTIVE" as a word.
+        #     * `createTime<1609459200` to find Cloud resources that were created before
+        #       "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
+        #       "2021-01-01 00:00:00 UTC" in seconds.
+        #     * `updateTime>1609459200` to find Cloud resources that were updated after
+        #       "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
+        #       "2021-01-01 00:00:00 UTC" in seconds.
         #     * `Important` to find Cloud resources that contain "Important" as a word
         #       in any of the searchable fields.
-        #     * `Impor*` to find Cloud resources that contain "Impor" as a prefix
-        #       in any of the searchable fields.
-        #     * `*por*` to find Cloud resources that contain "por" as a substring in
-        #       any of the searchable fields.
+        #     * `Impor*` to find Cloud resources that contain "Impor" as a prefix of any
+        #       word in any of the searchable fields.
         #     * `Important location:(us-west1 OR global)` to find Cloud
         #       resources that contain "Important" as a word in any of the searchable
         #       fields and are also located in the "us-west1" region or the "global"
@@ -508,6 +586,17 @@ module Google
         #     Optional. A list of asset types that this request searches for. If empty, it will
         #     search all the [searchable asset
         #     types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).
+        #
+        #     Regular expressions are also supported. For example:
+        #
+        #     * "compute.googleapis.com.*" snapshots resources whose asset type starts
+        #     with "compute.googleapis.com".
+        #     * ".*Instance" snapshots resources whose asset type ends with "Instance".
+        #     * ".*Instance.*" snapshots resources whose asset type contains "Instance".
+        #
+        #     See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
+        #     regular expression syntax. If the regular expression does not match any
+        #     supported asset type, an INVALID_ARGUMENT error will be returned.
         # @!attribute [rw] page_size
         #   @return [::Integer]
         #     Optional. The page size for search result pagination. Page size is capped at 500 even
@@ -522,12 +611,24 @@ module Google
         #     identical to those in the previous call.
         # @!attribute [rw] order_by
         #   @return [::String]
-        #     Optional. A comma separated list of fields specifying the sorting order of the
+        #     Optional. A comma-separated list of fields specifying the sorting order of the
         #     results. The default order is ascending. Add " DESC" after the field name
         #     to indicate descending order. Redundant space characters are ignored.
-        #     Example: "location DESC, name". Only string fields in the response are
-        #     sortable, including `name`, `displayName`, `description`, `location`. All
-        #     the other fields such as repeated fields (e.g., `networkTags`), map
+        #     Example: "location DESC, name".
+        #     Only singular primitive fields in the response are sortable:
+        #       * name
+        #       * assetType
+        #       * project
+        #       * displayName
+        #       * description
+        #       * location
+        #       * kmsKey
+        #       * createTime
+        #       * updateTime
+        #       * state
+        #       * parentFullResourceName
+        #       * parentAssetType
+        #     All the other fields such as repeated fields (e.g., `networkTags`), map
         #     fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`)
         #     are not supported.
         class SearchAllResourcesRequest
@@ -556,7 +657,7 @@ module Google
         #     Required. A scope can be a project, a folder, or an organization. The search is
         #     limited to the IAM policies within the `scope`. The caller must be granted
         #     the
-        #     [`cloudasset.assets.searchAllIamPolicies`](http://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
+        #     [`cloudasset.assets.searchAllIamPolicies`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
         #     permission on the desired scope.
         #
         #     The allowed values are:
@@ -570,7 +671,12 @@ module Google
         #     Optional. The query statement. See [how to construct a
         #     query](https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query)
         #     for more information. If not specified or empty, it will search all the
-        #     IAM policies within the specified `scope`.
+        #     IAM policies within the specified `scope`. Note that the query string is
+        #     compared against each Cloud IAM policy binding, including its members,
+        #     roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
+        #     contain the bindings that match your query. To learn more about the IAM
+        #     policy structure, see [IAM policy
+        #     doc](https://cloud.google.com/iam/docs/policies#structure).
         #
         #     Examples:
         #
@@ -578,18 +684,25 @@ module Google
         #       "amy@gmail.com".
         #     * `policy:roles/compute.admin` to find IAM policy bindings that specify
         #       the Compute Admin role.
+        #     * `policy:comp*` to find IAM policy bindings that contain "comp" as a
+        #       prefix of any word in the binding.
         #     * `policy.role.permissions:storage.buckets.update` to find IAM policy
         #       bindings that specify a role containing "storage.buckets.update"
         #       permission. Note that if callers don't have `iam.roles.get` access to a
         #       role's included permissions, policy bindings that specify this role will
         #       be dropped from the search results.
+        #     * `policy.role.permissions:upd*` to find IAM policy bindings that specify a
+        #       role containing "upd" as a prefix of any word in the role permission.
+        #       Note that if callers don't have `iam.roles.get` access to a role's
+        #       included permissions, policy bindings that specify this role will be
+        #       dropped from the search results.
         #     * `resource:organizations/123456` to find IAM policy bindings
         #       that are set on "organizations/123456".
+        #     * `resource=//cloudresourcemanager.googleapis.com/projects/myproject` to
+        #       find IAM policy bindings that are set on the project named "myproject".
         #     * `Important` to find IAM policy bindings that contain "Important" as a
         #       word in any of the searchable fields (except for the included
         #       permissions).
-        #     * `*por*` to find IAM policy bindings that contain "por" as a substring
-        #       in any of the searchable fields (except for the included permissions).
         #     * `resource:(instance1 OR instance2) policy:amy` to find
         #       IAM policy bindings that are set on resources "instance1" or
         #       "instance2" and also specify user "amy".
@@ -625,7 +738,7 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # IAM policy analysis query message.
+        # ## IAM policy analysis query message.
         # @!attribute [rw] scope
         #   @return [::String]
         #     Required. The relative name of the root asset. Only resources and IAM policies within
@@ -652,6 +765,9 @@ module Google
         # @!attribute [rw] options
         #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery::Options]
         #     Optional. The query options.
+        # @!attribute [rw] condition_context
+        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery::ConditionContext]
+        #     Optional. The hypothetical context for IAM conditions evaluation.
         class IamPolicyAnalysisQuery
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -791,6 +907,17 @@ module Google
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
+
+          # The IAM conditions context.
+          # @!attribute [rw] access_time
+          #   @return [::Google::Protobuf::Timestamp]
+          #     The hypothetical access timestamp to evaluate IAM conditions. Note that
+          #     this value must not be earlier than the current time; otherwise, an
+          #     INVALID_ARGUMENT error will be returned.
+          class ConditionContext
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
         end
 
         # A request message for {::Google::Cloud::Asset::V1::AssetService::Client#analyze_iam_policy AssetService.AnalyzeIamPolicy}.
@@ -868,9 +995,14 @@ module Google
           # @!attribute [rw] uri
           #   @return [::String]
           #     Required. The uri of the Cloud Storage object. It's the same uri that is used by
-          #     gsutil. For example: "gs://bucket_name/object_name". See
-          #     [Quickstart: Using the gsutil tool]
-          #     (https://cloud.google.com/storage/docs/quickstart-gsutil) for examples.
+          #     gsutil. Example: "gs://bucket_name/object_name". See [Viewing and
+          #     Editing Object
+          #     Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
+          #     for more information.
+          #
+          #     If the specified Cloud Storage object already exists and there is no
+          #     [hold](https://cloud.google.com/storage/docs/object-holds), it will be
+          #     overwritten with the analysis result.
           class GcsDestination
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/asset/v1/assets.rb

@@ -79,7 +79,8 @@ module Google
         # [resource
         # hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy),
         # a resource outside the Google Cloud resource hierarchy (such as Google
-        # Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy).
+        # Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy),
+        # or a relationship (e.g. an INSTANCE_TO_INSTANCEGROUP relationship).
         # See [Supported asset
         # types](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
         # for more information.
@@ -230,14 +231,40 @@ module Google
         # @!attribute [rw] project
         #   @return [::String]
         #     The project that this resource belongs to, in the form of
-        #     projects/\\{PROJECT_NUMBER}.
+        #     projects/\\{PROJECT_NUMBER}. This field is available when the resource
+        #     belongs to a project.
         #
-        #     To search against the `project`:
+        #     To search against `project`:
         #
+        #     * use a field query. Example: `project:12345`
+        #     * use a free text query. Example: `12345`
         #     * specify the `scope` field as this project in your search request.
+        # @!attribute [rw] folders
+        #   @return [::Array<::String>]
+        #     The folder(s) that this resource belongs to, in the form of
+        #     folders/\\{FOLDER_NUMBER}. This field is available when the resource
+        #     belongs to one or more folders.
+        #
+        #     To search against `folders`:
+        #
+        #     * use a field query. Example: `folders:(123 OR 456)`
+        #     * use a free text query. Example: `123`
+        #     * specify the `scope` field as this folder in your search request.
+        # @!attribute [rw] organization
+        #   @return [::String]
+        #     The organization that this resource belongs to, in the form of
+        #     organizations/\\{ORGANIZATION_NUMBER}. This field is available when the
+        #     resource belongs to an organization.
+        #
+        #     To search against `organization`:
+        #
+        #     * use a field query. Example: `organization:123`
+        #     * use a free text query. Example: `123`
+        #     * specify the `scope` field as this organization in your search request.
         # @!attribute [rw] display_name
         #   @return [::String]
-        #     The display name of this resource.
+        #     The display name of this resource. This field is available only when the
+        #     resource's proto contains it.
         #
         #     To search against the `display_name`:
         #
@@ -246,16 +273,18 @@ module Google
         # @!attribute [rw] description
         #   @return [::String]
         #     One or more paragraphs of text description of this resource. Maximum length
-        #     could be up to 1M bytes.
+        #     could be up to 1M bytes. This field is available only when the resource's
+        #     proto contains it.
         #
         #     To search against the `description`:
         #
-        #     * use a field query. Example: `description:"*important instance*"`
-        #     * use a free text query. Example: `"*important instance*"`
+        #     * use a field query. Example: `description:"important instance"`
+        #     * use a free text query. Example: `"important instance"`
         # @!attribute [rw] location
         #   @return [::String]
         #     Location can be `global`, regional like `us-east1`, or zonal like
-        #     `us-west1-b`.
+        #     `us-west1-b`. This field is available only when the resource's proto
+        #     contains it.
         #
         #     To search against the `location`:
         #
@@ -265,7 +294,8 @@ module Google
         #   @return [::Google::Protobuf::Map{::String => ::String}]
         #     Labels associated with this resource. See [Labelling and grouping GCP
         #     resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources)
-        #     for more information.
+        #     for more information. This field is available only when the resource's
+        #     proto contains it.
         #
         #     To search against the `labels`:
         #
@@ -279,12 +309,73 @@ module Google
         #     Network tags associated with this resource. Like labels, network tags are a
         #     type of annotations used to group GCP resources. See [Labelling GCP
         #     resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources)
-        #     for more information.
+        #     for more information. This field is available only when the resource's
+        #     proto contains it.
         #
         #     To search against the `network_tags`:
         #
         #     * use a field query. Example: `networkTags:internal`
         #     * use a free text query. Example: `internal`
+        # @!attribute [rw] kms_key
+        #   @return [::String]
+        #     The Cloud KMS
+        #     [CryptoKey](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys?hl=en)
+        #     name or
+        #     [CryptoKeyVersion](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions?hl=en)
+        #     name. This field is available only when the resource's proto contains it.
+        #
+        #     To search against the `kms_key`:
+        #
+        #     * use a field query. Example: `kmsKey:key`
+        #     * use a free text query. Example: `key`
+        # @!attribute [rw] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     The create timestamp of this resource, at which the resource was created.
+        #     The granularity is in seconds. Timestamp.nanos will always be 0. This field
+        #     is available only when the resource's proto contains it.
+        #
+        #     To search against `create_time`:
+        #
+        #     * use a field query.
+        #         - value in seconds since unix epoch. Example: `createTime > 1609459200`
+        #         - value in date string. Example: `createTime > 2021-01-01`
+        #         - value in date-time string (must be quoted). Example: `createTime >
+        #         "2021-01-01T00:00:00"`
+        # @!attribute [rw] update_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     The last update timestamp of this resource, at which the resource was last
+        #     modified or deleted. The granularity is in seconds. Timestamp.nanos will
+        #     always be 0. This field is available only when the resource's proto
+        #     contains it.
+        #
+        #     To search against `update_time`:
+        #
+        #     * use a field query.
+        #         - value in seconds since unix epoch. Example: `updateTime < 1609459200`
+        #         - value in date string. Example: `updateTime < 2021-01-01`
+        #         - value in date-time string (must be quoted). Example: `updateTime <
+        #         "2021-01-01T00:00:00"`
+        # @!attribute [rw] state
+        #   @return [::String]
+        #     The state of this resource. Different resources types have different state
+        #     definitions that are mapped from various fields of different resource
+        #     types. This field is available only when the resource's proto contains it.
+        #
+        #     Example:
+        #     If the resource is an instance provided by Compute Engine,
+        #     its state will include PROVISIONING, STAGING, RUNNING, STOPPING,
+        #     SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. See `status` definition
+        #     in [API
+        #     Reference](https://cloud.google.com/compute/docs/reference/rest/v1/instances).
+        #     If the resource is a project provided by Cloud Resource Manager, its state
+        #     will include LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED and
+        #     DELETE_IN_PROGRESS. See `lifecycleState` definition in [API
+        #     Reference](https://cloud.google.com/resource-manager/reference/rest/v1/projects).
+        #
+        #     To search against the `state`:
+        #
+        #     * use a field query. Example: `state:RUNNING`
+        #     * use a free text query. Example: `RUNNING`
         # @!attribute [rw] additional_attributes
         #   @return [::Google::Protobuf::Struct]
         #     The additional searchable attributes of this resource. The attributes may
@@ -294,7 +385,7 @@ module Google
         #     corresponding GCP service (e.g., Compute Engine). see [API references and
         #     supported searchable
         #     attributes](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types)
-        #     for more information.
+        #     to see which fields are included.
         #
         #     You can search values of these fields through free text search. However,
         #     you should not consume the field programically as the field names and
@@ -306,6 +397,25 @@ module Google
         #     * use a free text query to match the attributes values. Example: to search
         #       `additional_attributes = { dnsName: "foobar" }`, you can issue a query
         #       `foobar`.
+        # @!attribute [rw] parent_full_resource_name
+        #   @return [::String]
+        #     The full resource name of this resource's parent, if it has one.
+        #     To search against the `parent_full_resource_name`:
+        #
+        #     * use a field query. Example:
+        #     `parentFullResourceName:"project-name"`
+        #     * use a free text query. Example:
+        #     `project-name`
+        # @!attribute [rw] parent_asset_type
+        #   @return [::String]
+        #     The type of this resource's immediate parent, if there is one.
+        #
+        #     To search against the `parent_asset_type`:
+        #
+        #     * use a field query. Example:
+        #     `parentAssetType:"cloudresourcemanager.googleapis.com/Project"`
+        #     * use a free text query. Example:
+        #     `cloudresourcemanager.googleapis.com/Project`
         class ResourceSearchResult
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -339,7 +449,7 @@ module Google
         #     projects/\\{PROJECT_NUMBER}. If an IAM policy is set on a resource (like VM
         #     instance, Cloud Storage bucket), the project field will indicate the
         #     project that contains the resource. If an IAM policy is set on a folder or
-        #     orgnization, the project field will be empty.
+        #     orgnization, this field will be empty.
         #
         #     To search against the `project`:
         #
@@ -420,6 +530,32 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # The Condition evaluation.
+        # @!attribute [rw] evaluation_value
+        #   @return [::Google::Cloud::Asset::V1::ConditionEvaluation::EvaluationValue]
+        #     The evaluation result.
+        class ConditionEvaluation
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Value of this expression.
+          module EvaluationValue
+            # Reserved for future use.
+            EVALUATION_VALUE_UNSPECIFIED = 0
+
+            # The evaluation result is `true`.
+            TRUE = 1
+
+            # The evaluation result is `false`.
+            FALSE = 2
+
+            # The evaluation result is `conditional` when the condition expression
+            # contains variables that are either missing input values or have not been
+            # supported by Analyzer yet.
+            CONDITIONAL = 3
+          end
+        end
+
         # IAM Policy analysis result, consisting of one IAM policy binding and derived
         # access control lists.
         # @!attribute [rw] attached_resource_full_name
@@ -542,6 +678,10 @@ module Google
           #     the full resource name of a parent resource and {::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Edge#target_node Edge.target_node}
           #     contains the full resource name of a child resource. This field is
           #     present only if the output_resource_edges option is enabled in request.
+          # @!attribute [rw] condition_evaluation
+          #   @return [::Google::Cloud::Asset::V1::ConditionEvaluation]
+          #     Condition evaluation for this AccessControlList, if there is a condition
+          #     defined in the above IAM policy binding.
           class AccessControlList
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods

metadata

@@ -1,29 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-asset-v1
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.12.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-09 00:00:00.000000000 Z
+date: 2021-06-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.5'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 2.a
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.5'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 2.a
 - !ruby/object:Gem::Dependency
   name: google-cloud-errors
   requirement: !ruby/object:Gem::Requirement
@@ -47,7 +53,7 @@ dependencies:
         version: 0.6.10
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.a
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -57,7 +63,7 @@ dependencies:
         version: 0.6.10
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.a
 - !ruby/object:Gem::Dependency
   name: google-style
   requirement: !ruby/object:Gem::Requirement
@@ -242,7 +248,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.13
+rubygems_version: 3.2.17
 signing_key: 
 specification_version: 4
 summary: API Client library for the Cloud Asset V1 API