RubyGems - google-cloud-asset-v1 - Versions diffs - 0.6.0 → 0.6.1 - Mend

google-cloud-asset-v1 0.6.0 → 0.6.1

Files changed (9) hide show

checksums.yaml +4 -4
data/lib/google/cloud/asset/v1/asset_service/client.rb +0 -194
data/lib/google/cloud/asset/v1/asset_service_pb.rb +0 -107
data/lib/google/cloud/asset/v1/asset_service_services_pb.rb +0 -13
data/lib/google/cloud/asset/v1/assets_pb.rb +2 -47
data/lib/google/cloud/asset/v1/version.rb +1 -1
data/proto_docs/google/cloud/asset/v1/asset_service.rb +0 -426
data/proto_docs/google/cloud/asset/v1/assets.rb +0 -176
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 47903709aadc0bfaa500654626a56c96aae048c5b901a5b0c60d79e6186ae997
-  data.tar.gz: 720eb8288342eb67e1d314ac048500bea99c7f8c6a71d1edd941048ecfac1134
+  metadata.gz: 7601e08b3f6d242baec633460a4e82037603a86284c15071dda3595e20984b4d
+  data.tar.gz: 5dddf6f643e226cc7a0c9d070bd755a9735fad69d33ad1237070b80d38276a24
 SHA512:
-  metadata.gz: 9eaef8da1ab7e67c1efa41f4f31c88587508eb2350e2d703833967a1cb66d10a2e44e30d6af121d290a5e6f97671b8cef4c1d020965674bcdef919edc31faa6a
-  data.tar.gz: 5aa1b26f56d54da1627fefc83a3d6bc2bd74ae9b058ec943aa162183f1624ba0b922b0c79a60869640545a43b67cec442d8e1d77048209e3f60f60150ff1520f
+  metadata.gz: 5ee7a713b523233cdc7b35f12ae891388713619ca96743a8e3b1d3c30bdefd09a3be70ec00c0ada079c0a93ab85d890d1d3c7e11b7b266b51ba9d7406765ad5e
+  data.tar.gz: b3d0f7fa841d88066fe72e4835cd33891a0fb9be93ce60a80a221647bf4850e72901ee5b429c36aa733983648083d024d3118044a00099ca6e1d31dc236395e6

data/lib/google/cloud/asset/v1/asset_service/client.rb CHANGED

@@ -119,16 +119,6 @@ module Google
                   retry_codes:   [4, 14]
                 }
-                default_config.rpcs.analyze_iam_policy.timeout = 300.0
-                default_config.rpcs.analyze_iam_policy.retry_policy = {
-                  initial_delay: 0.1,
-                  max_delay:     60.0,
-                  multiplier:    1.3,
-                  retry_codes:   [14]
-                }
-                default_config.rpcs.export_iam_policy_analysis.timeout = 60.0
                 default_config
               end
               yield @configure if block_given?
@@ -1038,176 +1028,6 @@ module Google
               raise ::Google::Cloud::Error.from_error(e)
             end
-            ##
-            # Analyzes IAM policies to answer which identities have what accesses on
-            # which resources.
-            #
-            # @overload analyze_iam_policy(request, options = nil)
-            #   Pass arguments to `analyze_iam_policy` via a request object, either of type
-            #   {::Google::Cloud::Asset::V1::AnalyzeIamPolicyRequest} or an equivalent Hash.
-            #
-            #   @param request [::Google::Cloud::Asset::V1::AnalyzeIamPolicyRequest, ::Hash]
-            #     A request object representing the call parameters. Required. To specify no
-            #     parameters, or to keep all the default parameter values, pass an empty Hash.
-            #   @param options [::Gapic::CallOptions, ::Hash]
-            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
-            #
-            # @overload analyze_iam_policy(analysis_query: nil, execution_timeout: nil)
-            #   Pass arguments to `analyze_iam_policy` via keyword arguments. Note that at
-            #   least one keyword argument is required. To specify no parameters, or to keep all
-            #   the default parameter values, pass an empty Hash as a request object (see above).
-            #
-            #   @param analysis_query [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery, ::Hash]
-            #     The request query.
-            #   @param execution_timeout [::Google::Protobuf::Duration, ::Hash]
-            #     Amount of time executable has to complete.  See JSON representation of
-            #     [Duration](https://developers.google.com/protocol-buffers/docs/proto3#json).
-            #
-            #     If this field is set with a value less than the RPC deadline, and the
-            #     execution of your query hasn't finished in the specified
-            #     execution timeout,  you will get a response with partial result.
-            #     Otherwise, your query's execution will continue until the RPC deadline.
-            #     If it's not finished until then, you will get a  DEADLINE_EXCEEDED error.
-            #
-            #     Default is empty.
-            #
-            #     (-- We had discussion of whether we should have this field in the    --)
-            #     (-- request or use the RPC deadline instead. We finally choose this  --)
-            #     (-- approach for the following reasons (detailed in                  --)
-            #     (-- go/analyze-iam-policy-deadlines):                                --)
-            #     (-- * HTTP clients have very limited support of the RPC deadline.    --)
-            #     (--   There is an X-Server-Timeout header introduced in 2019/09, but --)
-            #     (--   only implemented in the C++ HTTP server library.               --)
-            #     (-- * The purpose of the RPC deadline is for RPC clients to          --)
-            #     (--   communicate its max waiting time to the server. This deadline  --)
-            #     (--   could be further propagated to the downstream servers. It is   --)
-            #     (--   mainly used for servers to cancel the request processing       --)
-            #     (--   to avoid resource wasting. Overloading the RPC deadline for    --)
-            #     (--   other purposes could make our backend system harder to reason  --)
-            #     (--   about.                                                         --)
-            #
-            # @yield [response, operation] Access the result along with the RPC operation
-            # @yieldparam response [::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse]
-            # @yieldparam operation [::GRPC::ActiveCall::Operation]
-            #
-            # @return [::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse]
-            #
-            # @raise [::Google::Cloud::Error] if the RPC is aborted.
-            #
-            def analyze_iam_policy request, options = nil
-              raise ::ArgumentError, "request must be provided" if request.nil?
-              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Asset::V1::AnalyzeIamPolicyRequest
-              # Converts hash and nil to an options object
-              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
-              # Customize the options with defaults
-              metadata = @config.rpcs.analyze_iam_policy.metadata.to_h
-              # Set x-goog-api-client and x-goog-user-project headers
-              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
-                lib_name: @config.lib_name, lib_version: @config.lib_version,
-                gapic_version: ::Google::Cloud::Asset::V1::VERSION
-              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
-              header_params = {
-                "analysis_query.scope" => request.analysis_query.scope
-              }
-              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
-              metadata[:"x-goog-request-params"] ||= request_params_header
-              options.apply_defaults timeout:      @config.rpcs.analyze_iam_policy.timeout,
-                                     metadata:     metadata,
-                                     retry_policy: @config.rpcs.analyze_iam_policy.retry_policy
-              options.apply_defaults metadata:     @config.metadata,
-                                     retry_policy: @config.retry_policy
-              @asset_service_stub.call_rpc :analyze_iam_policy, request, options: options do |response, operation|
-                yield response, operation if block_given?
-                return response
-              end
-            rescue ::GRPC::BadStatus => e
-              raise ::Google::Cloud::Error.from_error(e)
-            end
-            ##
-            # Exports the answers of which identities have what accesses on which
-            # resources to a Google Cloud Storage or a BigQuery destination. For Cloud
-            # Storage destination, the output format is the JSON format that represents a
-            # {::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse google.cloud.asset.v1.AnalyzeIamPolicyResponse}.
-            # This method implements the
-            # {::Google::Longrunning::Operation google.longrunning.Operation}, which allows
-            # you to track the export status. We recommend intervals of at least 2
-            # seconds with exponential retry to poll the export operation result. The
-            # metadata contains the request to help callers to map responses to requests.
-            #
-            # @overload export_iam_policy_analysis(request, options = nil)
-            #   Pass arguments to `export_iam_policy_analysis` via a request object, either of type
-            #   {::Google::Cloud::Asset::V1::ExportIamPolicyAnalysisRequest} or an equivalent Hash.
-            #
-            #   @param request [::Google::Cloud::Asset::V1::ExportIamPolicyAnalysisRequest, ::Hash]
-            #     A request object representing the call parameters. Required. To specify no
-            #     parameters, or to keep all the default parameter values, pass an empty Hash.
-            #   @param options [::Gapic::CallOptions, ::Hash]
-            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
-            #
-            # @overload export_iam_policy_analysis(analysis_query: nil, output_config: nil)
-            #   Pass arguments to `export_iam_policy_analysis` via keyword arguments. Note that at
-            #   least one keyword argument is required. To specify no parameters, or to keep all
-            #   the default parameter values, pass an empty Hash as a request object (see above).
-            #
-            #   @param analysis_query [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery, ::Hash]
-            #     The request query.
-            #   @param output_config [::Google::Cloud::Asset::V1::IamPolicyAnalysisOutputConfig, ::Hash]
-            #     Output configuration indicating where the results will be output to.
-            #
-            # @yield [response, operation] Access the result along with the RPC operation
-            # @yieldparam response [::Gapic::Operation]
-            # @yieldparam operation [::GRPC::ActiveCall::Operation]
-            #
-            # @return [::Gapic::Operation]
-            #
-            # @raise [::Google::Cloud::Error] if the RPC is aborted.
-            #
-            def export_iam_policy_analysis request, options = nil
-              raise ::ArgumentError, "request must be provided" if request.nil?
-              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Asset::V1::ExportIamPolicyAnalysisRequest
-              # Converts hash and nil to an options object
-              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
-              # Customize the options with defaults
-              metadata = @config.rpcs.export_iam_policy_analysis.metadata.to_h
-              # Set x-goog-api-client and x-goog-user-project headers
-              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
-                lib_name: @config.lib_name, lib_version: @config.lib_version,
-                gapic_version: ::Google::Cloud::Asset::V1::VERSION
-              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
-              header_params = {
-                "analysis_query.scope" => request.analysis_query.scope
-              }
-              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
-              metadata[:"x-goog-request-params"] ||= request_params_header
-              options.apply_defaults timeout:      @config.rpcs.export_iam_policy_analysis.timeout,
-                                     metadata:     metadata,
-                                     retry_policy: @config.rpcs.export_iam_policy_analysis.retry_policy
-              options.apply_defaults metadata:     @config.metadata,
-                                     retry_policy: @config.retry_policy
-              @asset_service_stub.call_rpc :export_iam_policy_analysis, request, options: options do |response, operation|
-                response = ::Gapic::Operation.new response, @operations_client, options: options
-                yield response, operation if block_given?
-                return response
-              end
-            rescue ::GRPC::BadStatus => e
-              raise ::Google::Cloud::Error.from_error(e)
-            end
             ##
             # Configuration class for the AssetService API.
             #
@@ -1389,16 +1209,6 @@ module Google
                 # @return [::Gapic::Config::Method]
                 #
                 attr_reader :search_all_iam_policies
-                ##
-                # RPC-specific configuration for `analyze_iam_policy`
-                # @return [::Gapic::Config::Method]
-                #
-                attr_reader :analyze_iam_policy
-                ##
-                # RPC-specific configuration for `export_iam_policy_analysis`
-                # @return [::Gapic::Config::Method]
-                #
-                attr_reader :export_iam_policy_analysis
                 # @private
                 def initialize parent_rpcs = nil
@@ -1420,10 +1230,6 @@ module Google
                   @search_all_resources = ::Gapic::Config::Method.new search_all_resources_config
                   search_all_iam_policies_config = parent_rpcs&.search_all_iam_policies if parent_rpcs&.respond_to? :search_all_iam_policies
                   @search_all_iam_policies = ::Gapic::Config::Method.new search_all_iam_policies_config
-                  analyze_iam_policy_config = parent_rpcs&.analyze_iam_policy if parent_rpcs&.respond_to? :analyze_iam_policy
-                  @analyze_iam_policy = ::Gapic::Config::Method.new analyze_iam_policy_config
-                  export_iam_policy_analysis_config = parent_rpcs&.export_iam_policy_analysis if parent_rpcs&.respond_to? :export_iam_policy_analysis
-                  @export_iam_policy_analysis = ::Gapic::Config::Method.new export_iam_policy_analysis_config
                   yield self if block_given?
                 end

data/lib/google/cloud/asset/v1/asset_service_pb.rb CHANGED

@@ -121,96 +121,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :results, :message, 1, "google.cloud.asset.v1.IamPolicySearchResult"
       optional :next_page_token, :string, 2
     end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery" do
-      optional :scope, :string, 1
-      optional :resource_selector, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector"
-      optional :identity_selector, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector"
-      optional :access_selector, :message, 4, "google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector"
-      optional :options, :message, 5, "google.cloud.asset.v1.IamPolicyAnalysisQuery.Options"
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector" do
-      optional :full_resource_name, :string, 1
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector" do
-      optional :identity, :string, 1
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector" do
-      repeated :roles, :string, 1
-      repeated :permissions, :string, 2
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisQuery.Options" do
-      optional :expand_groups, :bool, 1
-      optional :expand_roles, :bool, 2
-      optional :expand_resources, :bool, 3
-      optional :output_resource_edges, :bool, 4
-      optional :output_group_edges, :bool, 5
-      optional :analyze_service_account_impersonation, :bool, 6
-      optional :max_fanouts_per_group, :int32, 7
-      optional :max_fanouts_per_resource, :int32, 8
-    end
-    add_message "google.cloud.asset.v1.AnalyzeIamPolicyRequest" do
-      optional :analysis_query, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisQuery"
-      optional :execution_timeout, :message, 2, "google.protobuf.Duration"
-    end
-    add_message "google.cloud.asset.v1.AnalyzeIamPolicyResponse" do
-      optional :main_analysis, :message, 1, "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis"
-      repeated :service_account_impersonation_analysis, :message, 2, "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis"
-      optional :fully_explored, :bool, 3
-    end
-    add_message "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis" do
-      optional :analysis_query, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisQuery"
-      repeated :analysis_results, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisResult"
-      optional :fully_explored, :bool, 3
-      repeated :stats, :message, 4, "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats"
-      repeated :non_critical_errors, :message, 5, "google.cloud.asset.v1.IamPolicyAnalysisState"
-    end
-    add_message "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats" do
-      optional :node_type, :enum, 1, "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType"
-      optional :node_subtype, :string, 2
-      optional :discovered_node_count, :int32, 3
-      optional :matched_node_count, :int32, 4
-      optional :explored_node_count, :int32, 5
-      optional :capped_node_count, :int32, 6
-      optional :permision_denied_node_count, :int32, 7
-      optional :execution_timeout_node_count, :int32, 8
-    end
-    add_enum "google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType" do
-      value :NODE_TYPE_UNSPECIFIED, 0
-      value :BINDING, 1
-      value :IDENTITY, 2
-      value :RESOURCE, 3
-      value :ACCESS, 4
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig" do
-      oneof :destination do
-        optional :gcs_destination, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination"
-        optional :bigquery_destination, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination"
-      end
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination" do
-      optional :uri, :string, 1
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination" do
-      optional :dataset, :string, 1
-      optional :table_prefix, :string, 2
-      optional :partition_key, :enum, 3, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey"
-      optional :write_mode, :enum, 4, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode"
-    end
-    add_enum "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey" do
-      value :PARTITION_KEY_UNSPECIFIED, 0
-      value :REQUEST_TIME, 1
-    end
-    add_enum "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode" do
-      value :WRITE_MODE_UNSPECIFIED, 0
-      value :ABORT, 1
-      value :OVERWRITE, 2
-    end
-    add_message "google.cloud.asset.v1.ExportIamPolicyAnalysisRequest" do
-      optional :analysis_query, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisQuery"
-      optional :output_config, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisOutputConfig"
-    end
-    add_message "google.cloud.asset.v1.ExportIamPolicyAnalysisResponse" do
-    end
     add_enum "google.cloud.asset.v1.ContentType" do
       value :CONTENT_TYPE_UNSPECIFIED, 0
       value :RESOURCE, 1
@@ -247,23 +157,6 @@ module Google
         SearchAllResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.SearchAllResourcesResponse").msgclass
         SearchAllIamPoliciesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.SearchAllIamPoliciesRequest").msgclass
         SearchAllIamPoliciesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.SearchAllIamPoliciesResponse").msgclass
-        IamPolicyAnalysisQuery = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery").msgclass
-        IamPolicyAnalysisQuery::ResourceSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.ResourceSelector").msgclass
-        IamPolicyAnalysisQuery::IdentitySelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.IdentitySelector").msgclass
-        IamPolicyAnalysisQuery::AccessSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.AccessSelector").msgclass
-        IamPolicyAnalysisQuery::Options = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisQuery.Options").msgclass
-        AnalyzeIamPolicyRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyRequest").msgclass
-        AnalyzeIamPolicyResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse").msgclass
-        AnalyzeIamPolicyResponse::IamPolicyAnalysis = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis").msgclass
-        AnalyzeIamPolicyResponse::IamPolicyAnalysis::Stats = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats").msgclass
-        AnalyzeIamPolicyResponse::IamPolicyAnalysis::Stats::NodeType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.AnalyzeIamPolicyResponse.IamPolicyAnalysis.Stats.NodeType").enummodule
-        IamPolicyAnalysisOutputConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig").msgclass
-        IamPolicyAnalysisOutputConfig::GcsDestination = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.GcsDestination").msgclass
-        IamPolicyAnalysisOutputConfig::BigQueryDestination = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination").msgclass
-        IamPolicyAnalysisOutputConfig::BigQueryDestination::PartitionKey = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.PartitionKey").enummodule
-        IamPolicyAnalysisOutputConfig::BigQueryDestination::WriteMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisOutputConfig.BigQueryDestination.WriteMode").enummodule
-        ExportIamPolicyAnalysisRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportIamPolicyAnalysisRequest").msgclass
-        ExportIamPolicyAnalysisResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ExportIamPolicyAnalysisResponse").msgclass
         ContentType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.ContentType").enummodule
       end
     end

data/lib/google/cloud/asset/v1/asset_service_services_pb.rb CHANGED

@@ -73,19 +73,6 @@ module Google
             # `cloudasset.assets.searchAllIamPolicies` permission on the desired scope,
             # otherwise the request will be rejected.
             rpc :SearchAllIamPolicies, Google::Cloud::Asset::V1::SearchAllIamPoliciesRequest, Google::Cloud::Asset::V1::SearchAllIamPoliciesResponse
-            # Analyzes IAM policies to answer which identities have what accesses on
-            # which resources.
-            rpc :AnalyzeIamPolicy, Google::Cloud::Asset::V1::AnalyzeIamPolicyRequest, Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse
-            # Exports the answers of which identities have what accesses on which
-            # resources to a Google Cloud Storage or a BigQuery destination. For Cloud
-            # Storage destination, the output format is the JSON format that represents a
-            # [google.cloud.asset.v1.AnalyzeIamPolicyResponse][google.cloud.asset.v1.AnalyzeIamPolicyResponse].
-            # This method implements the
-            # [google.longrunning.Operation][google.longrunning.Operation], which allows
-            # you to track the export status. We recommend intervals of at least 2
-            # seconds with exponential retry to poll the export operation result. The
-            # metadata contains the request to help callers to map responses to requests.
-            rpc :ExportIamPolicyAnalysis, Google::Cloud::Asset::V1::ExportIamPolicyAnalysisRequest, Google::Longrunning::Operation
           end
           Stub = Service.rpc_stub_class

data/lib/google/cloud/asset/v1/assets_pb.rb CHANGED

@@ -9,9 +9,11 @@ require 'google/iam/v1/policy_pb'
 require 'google/identity/accesscontextmanager/v1/access_level_pb'
 require 'google/identity/accesscontextmanager/v1/access_policy_pb'
 require 'google/identity/accesscontextmanager/v1/service_perimeter_pb'
+require 'google/protobuf/any_pb'
 require 'google/protobuf/struct_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/rpc/code_pb'
+require 'google/api/annotations_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/cloud/asset/v1/assets.proto", :syntax => :proto3) do
     add_message "google.cloud.asset.v1.TemporalAsset" do
@@ -78,45 +80,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions" do
       repeated :permissions, :string, 1
     end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisState" do
-      optional :code, :enum, 1, "google.rpc.Code"
-      optional :cause, :string, 2
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult" do
-      optional :attached_resource_full_name, :string, 1
-      optional :iam_binding, :message, 2, "google.iam.v1.Binding"
-      repeated :access_control_lists, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList"
-      optional :identity_list, :message, 4, "google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList"
-      optional :fully_explored, :bool, 5
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Resource" do
-      optional :full_resource_name, :string, 1
-      optional :analysis_state, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisState"
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Access" do
-      optional :analysis_state, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisState"
-      oneof :oneof_access do
-        optional :role, :string, 1
-        optional :permission, :string, 2
-      end
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Identity" do
-      optional :name, :string, 1
-      optional :analysis_state, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisState"
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.Edge" do
-      optional :source_node, :string, 1
-      optional :target_node, :string, 2
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList" do
-      repeated :resources, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisResult.Resource"
-      repeated :accesses, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisResult.Access"
-      repeated :resource_edges, :message, 3, "google.cloud.asset.v1.IamPolicyAnalysisResult.Edge"
-    end
-    add_message "google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList" do
-      repeated :identities, :message, 1, "google.cloud.asset.v1.IamPolicyAnalysisResult.Identity"
-      repeated :group_edges, :message, 2, "google.cloud.asset.v1.IamPolicyAnalysisResult.Edge"
-    end
   end
 end
@@ -133,14 +96,6 @@ module Google
         IamPolicySearchResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult").msgclass
         IamPolicySearchResult::Explanation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation").msgclass
         IamPolicySearchResult::Explanation::Permissions = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicySearchResult.Explanation.Permissions").msgclass
-        IamPolicyAnalysisState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisState").msgclass
-        IamPolicyAnalysisResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult").msgclass
-        IamPolicyAnalysisResult::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Resource").msgclass
-        IamPolicyAnalysisResult::Access = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Access").msgclass
-        IamPolicyAnalysisResult::Identity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Identity").msgclass
-        IamPolicyAnalysisResult::Edge = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.Edge").msgclass
-        IamPolicyAnalysisResult::AccessControlList = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.AccessControlList").msgclass
-        IamPolicyAnalysisResult::IdentityList = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.asset.v1.IamPolicyAnalysisResult.IdentityList").msgclass
       end
     end
   end

data/lib/google/cloud/asset/v1/version.rb CHANGED

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module Asset
       module V1
-        VERSION = "0.6.0"
+        VERSION = "0.6.1"
       end
     end
   end

data/proto_docs/google/cloud/asset/v1/asset_service.rb CHANGED

@@ -545,432 +545,6 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
-        # IAM policy analysis query message.
-        # @!attribute [rw] scope
-        #   @return [::String]
-        #     The relative name of the root asset. Only resources and IAM policies within
-        #     the scope will be analyzed.
-        #
-        #     This can only be an organization number (such as "organizations/123"), a
-        #     folder number (such as "folders/123"), a project ID (such as
-        #     "projects/my-project-id"), or a project number (such as "projects/12345").
-        #
-        #     To know how to get organization id, visit [here
-        #     ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id).
-        #
-        #     To know how to get folder or project id, visit [here
-        #     ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).
-        # @!attribute [rw] resource_selector
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery::ResourceSelector]
-        #     Specifies a resource for analysis.
-        # @!attribute [rw] identity_selector
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery::IdentitySelector]
-        #     Specifies an identity for analysis.
-        # @!attribute [rw] access_selector
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery::AccessSelector]
-        #     Specifies roles or permissions for analysis. This is optional.
-        # @!attribute [rw] options
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery::Options]
-        #     The query options.
-        class IamPolicyAnalysisQuery
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-          # Specifies the resource to analyze for access policies, which may be set
-          # directly on the resource, or on ancestors such as organizations, folders or
-          # projects.
-          # @!attribute [rw] full_resource_name
-          #   @return [::String]
-          #     The [full resource name]
-          #     (https://cloud.google.com/asset-inventory/docs/resource-name-format)
-          #     of a resource of [supported resource
-          #     types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
-          class ResourceSelector
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # Specifies an identity for which to determine resource access, based on
-          # roles assigned either directly to them or to the groups they belong to,
-          # directly or indirectly.
-          # @!attribute [rw] identity
-          #   @return [::String]
-          #     The identity appear in the form of members in
-          #     [IAM policy
-          #     binding](https://cloud.google.com/iam/reference/rest/v1/Binding).
-          #
-          #     The examples of supported forms are:
-          #     "user:mike@example.com",
-          #     "group:admins@example.com",
-          #     "domain:google.com",
-          #     "serviceAccount:my-project-id@appspot.gserviceaccount.com".
-          #
-          #     Notice that wildcard characters (such as * and ?) are not supported.
-          #     You must give a specific identity.
-          class IdentitySelector
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # Specifies roles and/or permissions to analyze, to determine both the
-          # identities possessing them and the resources they control. If multiple
-          # values are specified, results will include roles or permissions matching
-          # any of them.
-          # @!attribute [rw] roles
-          #   @return [::Array<::String>]
-          #     The roles to appear in result.
-          # @!attribute [rw] permissions
-          #   @return [::Array<::String>]
-          #     The permissions to appear in result.
-          class AccessSelector
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # Contains query options.
-          # @!attribute [rw] expand_groups
-          #   @return [::Boolean]
-          #     If true, the identities section of the result will expand any
-          #     Google groups appearing in an IAM policy binding.
-          #
-          #     If
-          #     {::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery#identity_selector google.cloud.asset.v1.IamPolicyAnalysisQuery.identity_selector}
-          #     is specified, the identity in the result will be determined by the
-          #     selector, and this flag is not allowed to set.
-          #
-          #     Default is false.
-          # @!attribute [rw] expand_roles
-          #   @return [::Boolean]
-          #     If true, the access section of result will expand any roles
-          #     appearing in IAM policy bindings to include their permissions.
-          #
-          #     If
-          #     {::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery#access_selector google.cloud.asset.v1.IamPolicyAnalysisQuery.access_selector}
-          #     is specified, the access section of the result will be determined by the
-          #     selector, and this flag is not allowed to set.
-          #
-          #     Default is false.
-          # @!attribute [rw] expand_resources
-          #   @return [::Boolean]
-          #     If true and
-          #     {::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery#resource_selector google.cloud.asset.v1.IamPolicyAnalysisQuery.resource_selector}
-          #     is not specified, the resource section of the result will expand any
-          #     resource attached to an IAM policy to include resources lower in the
-          #     resource hierarchy.
-          #
-          #     For example, if the request analyzes for which resources user A has
-          #     permission P, and the results include an IAM policy with P on a GCP
-          #     folder, the results will also include resources in that folder with
-          #     permission P.
-          #
-          #     If true and
-          #     {::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery#resource_selector google.cloud.asset.v1.IamPolicyAnalysisQuery.resource_selector}
-          #     is specified, the resource section of the result will expand the
-          #     specified resource to include resources lower in the resource hierarchy.
-          #
-          #     For example, if the request analyzes for which users have permission P on
-          #     a GCP folder with this option enabled, the results will include all users
-          #     who have permission P on that folder or any lower resource(ex. project).
-          #
-          #     Default is false.
-          # @!attribute [rw] output_resource_edges
-          #   @return [::Boolean]
-          #     If true, the result will output resource edges, starting
-          #     from the policy attached resource, to any expanded resources.
-          #     Default is false.
-          # @!attribute [rw] output_group_edges
-          #   @return [::Boolean]
-          #     If true, the result will output group identity edges, starting
-          #     from the binding's group members, to any expanded identities.
-          #     Default is false.
-          # @!attribute [rw] analyze_service_account_impersonation
-          #   @return [::Boolean]
-          #     If true, the response will include access analysis from identities to
-          #     resources via service account impersonation. This is a very expensive
-          #     operation, because many derived queries will be executed. We highly
-          #     recommend you use
-          #     {::Google::Cloud::Asset::V1::AssetService::Client#export_iam_policy_analysis google.cloud.asset.v1.AssetService.ExportIamPolicyAnalysis}
-          #     rpc instead.
-          #
-          #     For example, if the request analyzes for which resources user A has
-          #     permission P, and there's an IAM policy states user A has
-          #     iam.serviceAccounts.getAccessToken permission to a service account SA,
-          #     and there's another IAM policy states service account SA has permission P
-          #     to a GCP folder F, then user A potentially has access to the GCP folder
-          #     F. And those advanced analysis results will be included in
-          #     {::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse#service_account_impersonation_analysis google.cloud.asset.v1.AnalyzeIamPolicyResponse.service_account_impersonation_analysis}.
-          #
-          #     Another example, if the request analyzes for who has
-          #     permission P to a GCP folder F, and there's an IAM policy states user A
-          #     has iam.serviceAccounts.actAs permission to a service account SA, and
-          #     there's another IAM policy states service account SA has permission P to
-          #     the GCP folder F, then user A potentially has access to the GCP folder
-          #     F. And those advanced analysis results will be included in
-          #     {::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse#service_account_impersonation_analysis google.cloud.asset.v1.AnalyzeIamPolicyResponse.service_account_impersonation_analysis}.
-          #
-          #     Default is false.
-          # @!attribute [rw] max_fanouts_per_group
-          #   @return [::Integer]
-          #     The maximum number of fanouts per group when [expand_groups][expand_groups]
-          #     is enabled. This internal field is to help load testing and determine a
-          #     proper value, and won't be public in the future.
-          # @!attribute [rw] max_fanouts_per_resource
-          #   @return [::Integer]
-          #     The maximum number of fanouts per parent resource, such as
-          #     GCP Project etc., when [expand_resources][] is enabled. This internal
-          #     field is to help load testing and determine a proper value, and won't be
-          #     public in the future.
-          class Options
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-        end
-        # A request message for
-        # {::Google::Cloud::Asset::V1::AssetService::Client#analyze_iam_policy google.cloud.asset.v1.AssetService.AnalyzeIamPolicy}.
-        # @!attribute [rw] analysis_query
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery]
-        #     The request query.
-        # @!attribute [rw] execution_timeout
-        #   @return [::Google::Protobuf::Duration]
-        #     Amount of time executable has to complete.  See JSON representation of
-        #     [Duration](https://developers.google.com/protocol-buffers/docs/proto3#json).
-        #
-        #     If this field is set with a value less than the RPC deadline, and the
-        #     execution of your query hasn't finished in the specified
-        #     execution timeout,  you will get a response with partial result.
-        #     Otherwise, your query's execution will continue until the RPC deadline.
-        #     If it's not finished until then, you will get a  DEADLINE_EXCEEDED error.
-        #
-        #     Default is empty.
-        #
-        #     (-- We had discussion of whether we should have this field in the    --)
-        #     (-- request or use the RPC deadline instead. We finally choose this  --)
-        #     (-- approach for the following reasons (detailed in                  --)
-        #     (-- go/analyze-iam-policy-deadlines):                                --)
-        #     (-- * HTTP clients have very limited support of the RPC deadline.    --)
-        #     (--   There is an X-Server-Timeout header introduced in 2019/09, but --)
-        #     (--   only implemented in the C++ HTTP server library.               --)
-        #     (-- * The purpose of the RPC deadline is for RPC clients to          --)
-        #     (--   communicate its max waiting time to the server. This deadline  --)
-        #     (--   could be further propagated to the downstream servers. It is   --)
-        #     (--   mainly used for servers to cancel the request processing       --)
-        #     (--   to avoid resource wasting. Overloading the RPC deadline for    --)
-        #     (--   other purposes could make our backend system harder to reason  --)
-        #     (--   about.                                                         --)
-        class AnalyzeIamPolicyRequest
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-        end
-        # A response message for
-        # {::Google::Cloud::Asset::V1::AssetService::Client#analyze_iam_policy google.cloud.asset.v1.AssetService.AnalyzeIamPolicy}.
-        # @!attribute [rw] main_analysis
-        #   @return [::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse::IamPolicyAnalysis]
-        #     The main analysis that matches the original request.
-        # @!attribute [rw] service_account_impersonation_analysis
-        #   @return [::Array<::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse::IamPolicyAnalysis>]
-        #     The service account impersonation analysis if
-        #     [google.cloud.asset.v1.AnalyzeIamPolicyRequest.analyze_service_account_impersonation][google.cloud.asset.v1.AnalyzeIamPolicyRequest.analyze_service_account_impersonation]
-        #     is enabled.
-        # @!attribute [rw] fully_explored
-        #   @return [::Boolean]
-        #     Represents whether all entries in the [main_analysis][main_analysis] and
-        #     [service_account_impersonation_analysis][] have been fully explored to
-        #     answer the query in the request.
-        class AnalyzeIamPolicyResponse
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-          # An analysis message to group the query and results.
-          # @!attribute [rw] analysis_query
-          #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery]
-          #     The analysis query.
-          # @!attribute [rw] analysis_results
-          #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult>]
-          #     A list of {::Google::Cloud::Asset::V1::IamPolicyAnalysisResult google.cloud.asset.v1.IamPolicyAnalysisResult}
-          #     that matches the analysis query, or empty if no result is found.
-          # @!attribute [rw] fully_explored
-          #   @return [::Boolean]
-          #     Represents whether all entries in the
-          #     [analysis_results][analysis_results] have been fully explored to answer
-          #     the query.
-          # @!attribute [rw] stats
-          #   @return [::Array<::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse::IamPolicyAnalysis::Stats>]
-          #     The stats of how the analysis has been explored.
-          # @!attribute [rw] non_critical_errors
-          #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisState>]
-          #     A list of non-critical errors happened during the query handling.
-          class IamPolicyAnalysis
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-            # A stats message that contains a set of analysis metrics.
-            #
-            # Here are some equations to show relationships of the explicitly specified
-            # metrics with other implicit metrics:
-            # * node_count = discovered_node_count + undiscovered_node_count(implicit)
-            # * discovered_node_count = explored_node_count +
-            # unexplored_node_count(implicit)
-            # * explored_node_count = capped_node_count + uncapped_node_count(implicit)
-            # * unexplored_node_count(implicit) = permission_denied_node_count +
-            # execution_timeout_node_count + other_unexplored_node_count(implicit)
-            # * discovered_node_count = matched_node_count +
-            # unmatched_node_count(implicit)
-            # @!attribute [rw] node_type
-            #   @return [::Google::Cloud::Asset::V1::AnalyzeIamPolicyResponse::IamPolicyAnalysis::Stats::NodeType]
-            #     Node type.
-            # @!attribute [rw] node_subtype
-            #   @return [::String]
-            #     The subtype of a node, such as:
-            #     * For Identity: Group, User, ServiceAccount etc.
-            #     * For Resource: resource type name, such as
-            #     cloudresourcemanager.googleapis.com/Organization, etc.
-            #     * For Access: Role or Permission
-            # @!attribute [rw] discovered_node_count
-            #   @return [::Integer]
-            #     The count of discovered nodes.
-            # @!attribute [rw] matched_node_count
-            #   @return [::Integer]
-            #     The count of nodes that match the query. These nodes form a sub-graph
-            #     of discovered nodes.
-            # @!attribute [rw] explored_node_count
-            #   @return [::Integer]
-            #     The count of explored nodes.
-            # @!attribute [rw] capped_node_count
-            #   @return [::Integer]
-            #     The count of nodes that get explored, but are capped by max fanout
-            #     setting.
-            # @!attribute [rw] permision_denied_node_count
-            #   @return [::Integer]
-            #     The count of unexplored nodes caused by permission denied error.
-            # @!attribute [rw] execution_timeout_node_count
-            #   @return [::Integer]
-            #     The count of unexplored nodes caused by execution timeout.
-            class Stats
-              include ::Google::Protobuf::MessageExts
-              extend ::Google::Protobuf::MessageExts::ClassMethods
-              # Type of the node.
-              module NodeType
-                # Unspecified node type.
-                NODE_TYPE_UNSPECIFIED = 0
-                # IAM Policy Binding node type.
-                BINDING = 1
-                # Identity node type.
-                IDENTITY = 2
-                # Resource node type.
-                RESOURCE = 3
-                # Access node type.
-                ACCESS = 4
-              end
-            end
-          end
-        end
-        # Output configuration for export IAM policy analysis destination.
-        # @!attribute [rw] gcs_destination
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisOutputConfig::GcsDestination]
-        #     Destination on Cloud Storage.
-        # @!attribute [rw] bigquery_destination
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisOutputConfig::BigQueryDestination]
-        #     Destination on BigQuery.
-        class IamPolicyAnalysisOutputConfig
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-          # A Cloud Storage location.
-          # @!attribute [rw] uri
-          #   @return [::String]
-          #     The uri of the Cloud Storage object. It's the same uri that is used by
-          #     gsutil. For example: "gs://bucket_name/object_name". See [Viewing and
-          #     Editing Object
-          #     Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
-          #     for more information.
-          class GcsDestination
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # A BigQuery destination.
-          # @!attribute [rw] dataset
-          #   @return [::String]
-          #     The BigQuery dataset in format "projects/projectId/datasets/datasetId",
-          #     to which the analysis results should be exported. If this dataset does
-          #     not exist, the export call will return an INVALID_ARGUMENT error.
-          # @!attribute [rw] table_prefix
-          #   @return [::String]
-          #     The prefix of the BigQuery tables to which the analysis results will be
-          #     written. Tables will be created based on this table_prefix if not exist:
-          #     * <table_prefix>_analysis table will contain export operation's metadata.
-          #     * <table_prefix>_analysis_result will contain all the
-          #       [IamPolicyAnalysisResult][].
-          #     When [partition_key] is specified, both tables will be partitioned based
-          #     on the [partition_key].
-          # @!attribute [rw] partition_key
-          #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisOutputConfig::BigQueryDestination::PartitionKey]
-          #     The partition key for BigQuery partitioned table.
-          # @!attribute [rw] write_mode
-          #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisOutputConfig::BigQueryDestination::WriteMode]
-          #     The write mode when table exists. WriteMode is ignored when no existing
-          #     tables, or no existing partitions are found.
-          class BigQueryDestination
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-            # This enum determines the partition key column for the bigquery tables.
-            # Partitioning can improve query performance and reduce query cost by
-            # filtering partitions. Refer to
-            # https://cloud.google.com/bigquery/docs/partitioned-tables for details.
-            module PartitionKey
-              # Unspecified partition key. Tables won't be partitioned using this
-              # option.
-              PARTITION_KEY_UNSPECIFIED = 0
-              # The time when the request is received. If specified as partition key,
-              # the result table(s) is partitoned by the RequestTime column, an
-              # additional timestamp column representing when the request was received.
-              REQUEST_TIME = 1
-            end
-            # Write mode types if table exists.
-            module WriteMode
-              # Unspecified write mode. We expect one of the following valid modes must
-              # be specified when table or partition exists.
-              WRITE_MODE_UNSPECIFIED = 0
-              # Abort the export when table or partition exists.
-              ABORT = 1
-              # Overwrite the table when table exists. When partitioned, overwrite
-              # the existing partition.
-              OVERWRITE = 2
-            end
-          end
-        end
-        # A request message for [AssetService.ExportIamPolicyAnalysis][].
-        # @!attribute [rw] analysis_query
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisQuery]
-        #     The request query.
-        # @!attribute [rw] output_config
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisOutputConfig]
-        #     Output configuration indicating where the results will be output to.
-        class ExportIamPolicyAnalysisRequest
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-        end
-        # The export IAM policy analysis response.
-        class ExportIamPolicyAnalysisResponse
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-        end
         # Asset content type.
         module ContentType
           # Unspecified content type.

data/proto_docs/google/cloud/asset/v1/assets.rb CHANGED

@@ -396,182 +396,6 @@ module Google
             end
           end
         end
-        # Represents the detailed state of an entity under analysis, such as a
-        # resource, an identity or an access.
-        # @!attribute [rw] code
-        #   @return [::Google::Rpc::Code]
-        #     The Google standard error code that best describes the state.
-        #     For example:
-        #     - OK means the analysis on this entity has been successfully finished;
-        #     - PERMISSION_DENIED means an access denied error is encountered;
-        #     - DEADLINE_EXCEEDED means the analysis on this entity hasn't been started
-        #     in time;
-        # @!attribute [rw] cause
-        #   @return [::String]
-        #     The human-readable description of the cause of failure.
-        class IamPolicyAnalysisState
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-        end
-        # IAM Policy analysis result, consisting of one IAM policy binding and derived
-        # access control lists.
-        # @!attribute [rw] attached_resource_full_name
-        #   @return [::String]
-        #     The [full resource
-        #     name](https://cloud.google.com/asset-inventory/docs/resource-name-format)
-        #     of the resource to which the [iam_binding][iam_binding] policy attaches.
-        #     (-- api-linter: core::0122::name-suffix=disabled
-        #         aip.dev/not-precedent: full_resource_name is a public notion in GCP.
-        #         --)
-        # @!attribute [rw] iam_binding
-        #   @return [::Google::Iam::V1::Binding]
-        #     The Cloud IAM policy binding under analysis.
-        # @!attribute [rw] access_control_lists
-        #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::AccessControlList>]
-        #     The access control lists derived from the [iam_binding][iam_binding] that
-        #     match or potentially match resource and access selectors specified in the
-        #     request.
-        # @!attribute [rw] identity_list
-        #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::IdentityList]
-        #     The identity list derived from members of the [iam_binding][iam_binding]
-        #     that match or potentially match identity selector specified in the request.
-        # @!attribute [rw] fully_explored
-        #   @return [::Boolean]
-        #     Represents whether all analyses on the [iam_binding][iam_binding] have
-        #     successfully finished.
-        class IamPolicyAnalysisResult
-          include ::Google::Protobuf::MessageExts
-          extend ::Google::Protobuf::MessageExts::ClassMethods
-          # A Google Cloud resource under analysis.
-          # @!attribute [rw] full_resource_name
-          #   @return [::String]
-          #     The [full resource
-          #     name](https://cloud.google.com/asset-inventory/docs/resource-name-format)
-          #     (-- api-linter: core::0122::name-suffix=disabled
-          #         aip.dev/not-precedent: full_resource_name is a public notion in GCP.
-          #         --)
-          # @!attribute [rw] analysis_state
-          #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
-          #     The analysis state of this resource.
-          class Resource
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # An IAM role or permission under analysis.
-          # @!attribute [rw] role
-          #   @return [::String]
-          #     The role.
-          # @!attribute [rw] permission
-          #   @return [::String]
-          #     The permission.
-          # @!attribute [rw] analysis_state
-          #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
-          #     The analysis state of this access.
-          class Access
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # An identity under analysis.
-          # (-- api-linter: core::0123::resource-annotation=disabled
-          #     aip.dev/not-precedent: Identity name is not a resource. --)
-          # @!attribute [rw] name
-          #   @return [::String]
-          #     The identity name in any form of members appear in
-          #     [IAM policy
-          #     binding](https://cloud.google.com/iam/reference/rest/v1/Binding), such
-          #     as:
-          #     - user:foo@google.com
-          #     - group:group1@google.com
-          #     - serviceAccount:s1@prj1.iam.gserviceaccount.com
-          #     - projectOwner:some_project_id
-          #     - domain:google.com
-          #     - allUsers
-          #     - etc.
-          # @!attribute [rw] analysis_state
-          #   @return [::Google::Cloud::Asset::V1::IamPolicyAnalysisState]
-          #     The analysis state of this identity.
-          class Identity
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # A directional edge.
-          # @!attribute [rw] source_node
-          #   @return [::String]
-          #     The source node of the edge. For example, it could be a full resource
-          #     name for a resource node or an email of an identity.
-          # @!attribute [rw] target_node
-          #   @return [::String]
-          #     The target node of the edge. For example, it could be a full resource
-          #     name for a resource node or an email of an identity.
-          class Edge
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # An access control list, derived from the above IAM policy binding, which
-          # contains a set of resources and accesses. May include one
-          # item from each set to compose an access control entry.
-          #
-          # NOTICE that there could be multiple access control lists for one IAM policy
-          # binding. The access control lists are created based on resource and access
-          # combinations.
-          #
-          # For example, assume we have the following cases in one IAM policy binding:
-          # - Permission P1 and P2 apply to resource R1 and R2;
-          # - Permission P3 applies to resource R2 and R3;
-          #
-          # This will result in the following access control lists:
-          # - AccessControlList 1: [R1, R2], [P1, P2]
-          # - AccessControlList 2: [R2, R3], [P3]
-          # @!attribute [rw] resources
-          #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Resource>]
-          #     The resources that match one of the following conditions:
-          #     - The resource_selector, if it is specified in request;
-          #     - Otherwise, resources reachable from the policy attached resource.
-          # @!attribute [rw] accesses
-          #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Access>]
-          #     The accesses that match one of the following conditions:
-          #     - The access_selector, if it is specified in request;
-          #     - Otherwise, access specifiers reachable from the policy binding's role.
-          # @!attribute [rw] resource_edges
-          #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Edge>]
-          #     Resource edges of the graph starting from the policy attached
-          #     resource to any descendant resources. The [Edge.source_node][] contains
-          #     the full resource name of a parent resource and [Edge.target_node][]
-          #     contains the full resource name of a child resource. This field is
-          #     present only if the output_resource_edges option is enabled in request.
-          class AccessControlList
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-          # The identities and group edges.
-          # @!attribute [rw] identities
-          #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Identity>]
-          #     Only the identities that match one of the following conditions will be
-          #     presented:
-          #     - The identity_selector, if it is specified in request;
-          #     - Otherwise, identities reachable from the policy binding's members.
-          # @!attribute [rw] group_edges
-          #   @return [::Array<::Google::Cloud::Asset::V1::IamPolicyAnalysisResult::Edge>]
-          #     Group identity edges of the graph starting from the binding's
-          #     group members to any node of the [identities][]. The [Edge.source_node][]
-          #     contains a group, such as `group:parent@google.com`. The
-          #     [Edge.target_node][] contains a member of the group,
-          #     such as `group:child@google.com` or `user:foo@google.com`.
-          #     This field is present only if the output_group_edges option is enabled in
-          #     request.
-          class IdentityList
-            include ::Google::Protobuf::MessageExts
-            extend ::Google::Protobuf::MessageExts::ClassMethods
-          end
-        end
       end
     end
   end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-asset-v1
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.6.1
 platform: ruby
 authors:
 - Google LLC
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-09-03 00:00:00.000000000 Z
+date: 2020-09-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common