@maxim_mazurok/gapi.client.cloudasset-v1 0.0.20221021 → 0.0.20221114

package/index.d.ts

@@ -9,7 +9,7 @@
 // This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually.
 // In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator
 // Generated from: https://cloudasset.googleapis.com/$discovery/rest?version=v1
-// Revision: 20221021
+// Revision: 20221114
 
 /// <reference types="gapi.client" />
 
@@ -61,6 +61,60 @@ declare namespace gapi.client {
             /** The list of analyses returned from performing the intended resource move analysis. The analysis is grouped by different Cloud services. */
             moveAnalysis?: MoveAnalysis[];
         }
+        interface AnalyzeOrgPoliciesResponse {
+            /** The definition of the constraint in the request. */
+            constraint?: AnalyzerOrgPolicyConstraint;
+            /** The page token to fetch the next page for AnalyzeOrgPoliciesResponse.org_policy_results. */
+            nextPageToken?: string;
+            /** The organization policies under the AnalyzeOrgPoliciesRequest.scope with the AnalyzeOrgPoliciesRequest.constraint. */
+            orgPolicyResults?: OrgPolicyResult[];
+        }
+        interface AnalyzeOrgPolicyGovernedAssetsResponse {
+            /** The definition of the constraint in the request. */
+            constraint?: AnalyzerOrgPolicyConstraint;
+            /** The list of the analyzed governed assets. */
+            governedAssets?: GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset[];
+            /** The page token to fetch the next page for AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets. */
+            nextPageToken?: string;
+        }
+        interface AnalyzeOrgPolicyGovernedContainersResponse {
+            /** The definition of the constraint in the request. */
+            constraint?: AnalyzerOrgPolicyConstraint;
+            /** The list of the analyzed governed containers. */
+            governedContainers?: GoogleCloudAssetV1GovernedContainer[];
+            /** The page token to fetch the next page for AnalyzeOrgPolicyGovernedContainersResponse.governed_containers. */
+            nextPageToken?: string;
+        }
+        interface AnalyzerOrgPolicy {
+            /**
+             * The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of an organization/folder/project resource where this organization policy applies to.
+             * For any user defined org policies, this field has the same value as the [attached_resource] field. Only for default policy, this field has the different value.
+             */
+            appliedResource?: string;
+            /**
+             * The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of an organization/folder/project resource where this organization policy is set.
+             * Notice that some type of constraints are defined with default policy. This field will be empty for them.
+             */
+            attachedResource?: string;
+            /**
+             * If `inherit_from_parent` is true, Rules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are
+             * inherited, and this policy becomes the effective root for evaluation.
+             */
+            inheritFromParent?: boolean;
+            /**
+             * Ignores policies set above this resource and restores the default behavior of the constraint at this resource. This field can be set in policies for either list or boolean
+             * constraints. If set, `rules` must be empty and `inherit_from_parent` must be set to false.
+             */
+            reset?: boolean;
+            /** List of rules for this organization policy. */
+            rules?: GoogleCloudAssetV1Rule[];
+        }
+        interface AnalyzerOrgPolicyConstraint {
+            /** The definition of the custom constraint. */
+            customConstraint?: GoogleCloudAssetV1CustomConstraint;
+            /** The definition of the canned constraint defined by Google. */
+            googleDefinedConstraint?: GoogleCloudAssetV1Constraint;
+        }
         interface Asset {
             /** Please also refer to the [access level user guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). */
             accessLevel?: GoogleIdentityAccesscontextmanagerV1AccessLevel;
@@ -375,6 +429,64 @@ declare namespace gapi.client {
             /** The resources that match one of the following conditions: - The resource_selector, if it is specified in request; - Otherwise, resources reachable from the policy attached resource. */
             resources?: GoogleCloudAssetV1Resource[];
         }
+        interface GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset {
+            /**
+             * The consolidated policy for the analyzed asset. The consolidated policy is computed by merging and evaluating AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.policy_bundle. The
+             * evaluation will respect the organization policy [hierarchy rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy).
+             */
+            consolidatedPolicy?: AnalyzerOrgPolicy;
+            /** An IAM policy governed by the organization policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint. */
+            governedIamPolicy?: GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy;
+            /** A GCP resource governed by the organization policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint. */
+            governedResource?: GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource;
+            /**
+             * The ordered list of all organization policies from the AnalyzeOrgPoliciesResponse.OrgPolicyResult.consolidated_policy.attached_resource to the scope specified in the request. If the
+             * constraint is defined with default policy, it will also appear in the list.
+             */
+            policyBundle?: AnalyzerOrgPolicy[];
+        }
+        interface GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy {
+            /**
+             * The full resource name of the resource associated with this IAM policy. Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. See [Cloud Asset
+             * Inventory Resource Name Format](https://cloud.google.com/asset-inventory/docs/resource-name-format) for more information.
+             */
+            attachedResource?: string;
+            /**
+             * The folder(s) that this IAM policy belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs(directly or cascadingly) to one or more
+             * folders.
+             */
+            folders?: string[];
+            /**
+             * The organization that this IAM policy belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM policy belongs(directly or cascadingly) to
+             * an organization.
+             */
+            organization?: string;
+            /** The IAM policy directly set on the given resource. */
+            policy?: Policy;
+            /** The project that this IAM policy belongs to, in the form of projects/{PROJECT_NUMBER}. This field is available when the IAM policy belongs to a project. */
+            project?: string;
+        }
+        interface GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource {
+            /**
+             * The folder(s) that this resource belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the resource belongs(directly or cascadingly) to one or more
+             * folders.
+             */
+            folders?: string[];
+            /** The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the GCP resource. */
+            fullResourceName?: string;
+            /**
+             * The organization that this resource belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the resource belongs(directly or cascadingly) to an
+             * organization.
+             */
+            organization?: string;
+            /**
+             * The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the parent of
+             * AnalyzeOrgPolicyGovernedAssetsResponse.GovernedResource.full_resource_name.
+             */
+            parent?: string;
+            /** The project that this resource belongs to, in the form of projects/{PROJECT_NUMBER}. This field is available when the resource belongs to a project. */
+            project?: string;
+        }
         interface GoogleCloudAssetV1BigQueryDestination {
             /**
              * Required. The BigQuery dataset in format "projects/projectId/datasets/datasetId", to which the analysis results should be exported. If this dataset does not exist, the export call
@@ -397,6 +509,42 @@ declare namespace gapi.client {
              */
             writeDisposition?: string;
         }
+        // tslint:disable-next-line:no-empty-interface
+        interface GoogleCloudAssetV1BooleanConstraint {
+        }
+        interface GoogleCloudAssetV1Constraint {
+            /** Defines this constraint as being a BooleanConstraint. */
+            booleanConstraint?: any;
+            /** The evaluation behavior of this constraint in the absence of 'Policy'. */
+            constraintDefault?: string;
+            /** Detailed description of what this `Constraint` controls as well as how and where it is enforced. */
+            description?: string;
+            /** The human readable name of the constraint. */
+            displayName?: string;
+            /** Defines this constraint as being a ListConstraint. */
+            listConstraint?: GoogleCloudAssetV1ListConstraint;
+            /** The unique name of the constraint. Format of the name should be * `constraints/{constraint_name}` For example, `constraints/compute.disableSerialPortAccess`. */
+            name?: string;
+        }
+        interface GoogleCloudAssetV1CustomConstraint {
+            /** Allow or deny type. */
+            actionType?: string;
+            /** Organization policy condition/expression. For example: `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, `resource.management.auto_upgrade == true` */
+            condition?: string;
+            /** Detailed information about this custom policy constraint. */
+            description?: string;
+            /** One line display name for the UI. */
+            displayName?: string;
+            /** All the operations being applied for this constraint. */
+            methodTypes?: string[];
+            /**
+             * Name of the constraint. This is unique within the organization. Format of the name should be * `organizations/{organization_id}/customConstraints/{custom_constraint_id}` Example :
+             * "organizations/123/customConstraints/custom.createOnlyE2TypeVms"
+             */
+            name?: string;
+            /** The Resource Instance type on which this policy applies to. Format will be of the form : "/" Example: * `compute.googleapis.com/Instance`. */
+            resourceTypes?: string[];
+        }
         interface GoogleCloudAssetV1Edge {
             /** The source node of the edge. For example, it could be a full resource name for a resource node or an email of an identity. */
             sourceNode?: string;
@@ -411,6 +559,26 @@ declare namespace gapi.client {
              */
             uri?: string;
         }
+        interface GoogleCloudAssetV1GovernedContainer {
+            /**
+             * The consolidated organization policy for the analyzed resource. The consolidated organization policy is computed by merging and evaluating
+             * AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.policy_bundle. The evaluation will respect the organization policy [hierarchy
+             * rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy).
+             */
+            consolidatedPolicy?: AnalyzerOrgPolicy;
+            /** The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of an organization/folder/project resource. */
+            fullResourceName?: string;
+            /**
+             * The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the parent of
+             * AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.full_resource_name.
+             */
+            parent?: string;
+            /**
+             * The ordered list of all organization policies from the AnalyzeOrgPoliciesResponse.OrgPolicyResult.consolidated_policy.attached_resource. to the scope specified in the request. If
+             * the constraint is defined with default policy, it will also appear in the list.
+             */
+            policyBundle?: AnalyzerOrgPolicy[];
+        }
         interface GoogleCloudAssetV1Identity {
             /** The analysis state of this identity. */
             analysisState?: IamPolicyAnalysisState;
@@ -433,6 +601,18 @@ declare namespace gapi.client {
              */
             identities?: GoogleCloudAssetV1Identity[];
         }
+        interface GoogleCloudAssetV1ListConstraint {
+            /**
+             * Indicates whether values grouped into categories can be used in `Policy.allowed_values` and `Policy.denied_values`. For example, `"in:Python"` would match any value in the 'Python'
+             * group.
+             */
+            supportsIn?: boolean;
+            /**
+             * Indicates whether subtrees of Cloud Resource Manager resource hierarchy can be used in `Policy.allowed_values` and `Policy.denied_values`. For example, `"under:folders/123"` would
+             * match any resource under the 'folders/123' folder.
+             */
+            supportsUnder?: boolean;
+        }
         interface GoogleCloudAssetV1p7beta1Asset {
             /** Please also refer to the [access level user guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). */
             accessLevel?: GoogleIdentityAccesscontextmanagerV1AccessLevel;
@@ -531,12 +711,42 @@ declare namespace gapi.client {
             /** The API version. Example: `v1` */
             version?: string;
         }
+        interface GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination {
+            /** Required. The BigQuery dataset where the query results will be saved. It has the format of "projects/{projectId}/datasets/{datasetId}". */
+            dataset?: string;
+            /** Required. The BigQuery table where the query results will be saved. If this table does not exist, a new table with the given name will be created. */
+            table?: string;
+            /**
+             * Specifies the action that occurs if the destination table or partition already exists. The following values are supported: * WRITE_TRUNCATE: If the table or partition already
+             * exists, BigQuery overwrites the entire table or all the partitions data. * WRITE_APPEND: If the table or partition already exists, BigQuery appends the data to the table or the
+             * latest partition. * WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. The default value is WRITE_EMPTY.
+             */
+            writeDisposition?: string;
+        }
         interface GoogleCloudAssetV1Resource {
             /** The analysis state of this resource. */
             analysisState?: IamPolicyAnalysisState;
             /** The [full resource name](https://cloud.google.com/asset-inventory/docs/resource-name-format) */
             fullResourceName?: string;
         }
+        interface GoogleCloudAssetV1Rule {
+            /** Setting this to true means that all values are allowed. This field can be set only in Policies for list constraints. */
+            allowAll?: boolean;
+            /** The evaluating condition for this rule. */
+            condition?: Expr;
+            /** Setting this to true means that all values are denied. This field can be set only in Policies for list constraints. */
+            denyAll?: boolean;
+            /** If `true`, then the `Policy` is enforced. If `false`, then any configuration is acceptable. This field can be set only in Policies for boolean constraints. */
+            enforce?: boolean;
+            /** List of values to be used for this PolicyRule. This field can be set only in Policies for list constraints. */
+            values?: GoogleCloudAssetV1StringValues;
+        }
+        interface GoogleCloudAssetV1StringValues {
+            /** List of values allowed at this resource. */
+            allowedValues?: string[];
+            /** List of values denied at this resource. */
+            deniedValues?: string[];
+        }
         interface GoogleCloudOrgpolicyV1BooleanPolicy {
             /**
              * If `true`, then the `Policy` is enforced. If `false`, then any configuration is acceptable. Suppose you have a `Constraint` `constraints/compute.disableSerialPortAccess` with
@@ -630,8 +840,8 @@ declare namespace gapi.client {
             /** Description of the `AccessLevel` and its use. Does not affect behavior. */
             description?: string;
             /**
-             * Required. Resource name for the Access Level. The `short_name` component must begin with a letter and only include alphanumeric and '_'. Format:
-             * `accessPolicies/{access_policy}/accessLevels/{access_level}`. The maximum length of the `access_level` component is 50 characters.
+             * Resource name for the `AccessLevel`. Format: `accessPolicies/{access_policy}/accessLevels/{access_level}`. The `access_level` component must begin with a letter, followed by
+             * alphanumeric characters or `_`. Its maximum length is 50 characters. After you create an `AccessLevel`, you cannot change its `name`.
              */
             name?: string;
             /** Human readable title. Must be unique within the Policy. */
@@ -819,8 +1029,8 @@ declare namespace gapi.client {
             /** Description of the `ServicePerimeter` and its use. Does not affect behavior. */
             description?: string;
             /**
-             * Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and '_'. Format:
-             * `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`
+             * Resource name for the `ServicePerimeter`. Format: `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The `service_perimeter` component must begin with a letter,
+             * followed by alphanumeric characters or `_`. After you create a `ServicePerimeter`, you cannot change its `name`.
              */
             name?: string;
             /**
@@ -1113,6 +1323,18 @@ declare namespace gapi.client {
             /** Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false. */
             outputResourceEdges?: boolean;
         }
+        interface OrgPolicyResult {
+            /**
+             * The consolidated organization policy for the analyzed resource. The consolidated organization policy is computed by merging and evaluating AnalyzeOrgPoliciesResponse.policy_bundle.
+             * The evaluation will respect the organization policy [hierarchy rules](https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy).
+             */
+            consolidatedPolicy?: AnalyzerOrgPolicy;
+            /**
+             * The ordered list of all organization policies from the AnalyzeOrgPoliciesResponse.OrgPolicyResult.consolidated_policy.attached_resource. to the scope specified in the request. If
+             * the constraint is defined with default policy, it will also appear in the list.
+             */
+            policyBundle?: AnalyzerOrgPolicy[];
+        }
         interface OsInfo {
             /** The system architecture of the operating system. */
             architecture?: string;
@@ -1183,10 +1405,72 @@ declare namespace gapi.client {
             /** The name of the Pub/Sub topic to publish to. Example: `projects/PROJECT_ID/topics/TOPIC_ID`. */
             topic?: string;
         }
+        interface QueryAssetsOutputConfig {
+            /** BigQuery destination where the query results will be saved. */
+            bigqueryDestination?: GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination;
+        }
+        interface QueryAssetsRequest {
+            /** Optional. Reference to the query job, which is from the `QueryAssetsResponse` of previous `QueryAssets` call. */
+            jobReference?: string;
+            /**
+             * Optional. Destination where the query results will be saved. When this field is specified, the query results won't be saved in the [QueryAssetsResponse.query_result]. Instead
+             * [QueryAssetsResponse.output_config] will be set. Meanwhile, [QueryAssetsResponse.job_reference] will be set and can be used to check the status of the query job when passed to a
+             * following [QueryAssets] API call.
+             */
+            outputConfig?: QueryAssetsOutputConfig;
+            /**
+             * Optional. The maximum number of rows to return in the results. Responses are limited to 10 MB and 1000 rows. By default, the maximum row count is 1000. When the byte or row count
+             * limit is reached, the rest of the query results will be paginated. The field will be ignored when [output_config] is specified.
+             */
+            pageSize?: number;
+            /** Optional. A page token received from previous `QueryAssets`. The field will be ignored when [output_config] is specified. */
+            pageToken?: string;
+            /** Optional. Queries cloud assets as they appeared at the specified point in time. */
+            readTime?: string;
+            /**
+             * Optional. [start_time] is required. [start_time] must be less than [end_time] Defaults [end_time] to now if [start_time] is set and [end_time] isn't. Maximum permitted time range is
+             * 7 days.
+             */
+            readTimeWindow?: TimeWindow;
+            /** Optional. A SQL statement that's compatible with [BigQuery Standard SQL](http://cloud/bigquery/docs/reference/standard-sql/enabling-standard-sql). */
+            statement?: string;
+            /**
+             * Optional. Specifies the maximum amount of time that the client is willing to wait for the query to complete. By default, this limit is 5 min for the first query, and 1 minute for
+             * the following queries. If the query is complete, the `done` field in the `QueryAssetsResponse` is true, otherwise false. Like BigQuery [jobs.query
+             * API](https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query#queryrequest) The call is not guaranteed to wait for the specified timeout; it typically returns after
+             * around 200 seconds (200,000 milliseconds), even if the query is not complete. The field will be ignored when [output_config] is specified.
+             */
+            timeout?: string;
+        }
+        interface QueryAssetsResponse {
+            /**
+             * The query response, which can be either an `error` or a valid `response`. If `done` == `false` and the query result is being saved in a output, the output_config field will be set.
+             * If `done` == `true`, exactly one of `error`, `query_result` or `output_config` will be set.
+             */
+            done?: boolean;
+            /** Error status. */
+            error?: Status;
+            /** Reference to a query job. */
+            jobReference?: string;
+            /** Output configuration which indicates instead of being returned in API response on the fly, the query result will be saved in a specific output. */
+            outputConfig?: QueryAssetsOutputConfig;
+            /** Result of the query. */
+            queryResult?: QueryResult;
+        }
         interface QueryContent {
             /** An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy rpc or the AssetService.AnalyzeIamPolicyLongrunning rpc. */
             iamPolicyAnalysisQuery?: IamPolicyAnalysisQuery;
         }
+        interface QueryResult {
+            /** Token to retrieve the next page of the results. */
+            nextPageToken?: string;
+            /** Each row hold a query result in the format of `Struct`. */
+            rows?: Array<{ [P in string]: any }>;
+            /** Describes the format of the [rows]. */
+            schema?: TableSchema;
+            /** Total rows of the whole query results. */
+            totalRows?: string;
+        }
         interface RelatedAsset {
             /**
              * The ancestors of an asset in Google Cloud [resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), represented as a list of relative
@@ -1474,6 +1758,23 @@ declare namespace gapi.client {
              */
             message?: string;
         }
+        interface TableFieldSchema {
+            /** The field name. The name must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_), and must start with a letter or underscore. The maximum length is 128 characters. */
+            field?: string;
+            /** Describes the nested schema fields if the type property is set to RECORD. */
+            fields?: TableFieldSchema[];
+            /** The field mode. Possible values include NULLABLE, REQUIRED and REPEATED. The default value is NULLABLE. */
+            mode?: string;
+            /**
+             * The field data type. Possible values include * STRING * BYTES * INTEGER * FLOAT * BOOLEAN * TIMESTAMP * DATE * TIME * DATETIME * GEOGRAPHY, * NUMERIC, * BIGNUMERIC, * RECORD (where
+             * RECORD indicates that the field contains a nested schema).
+             */
+            type?: string;
+        }
+        interface TableSchema {
+            /** Describes the fields in a table. */
+            fields?: TableFieldSchema[];
+        }
         interface TemporalAsset {
             /** An asset in Google Cloud. */
             asset?: Asset;
@@ -2392,6 +2693,136 @@ declare namespace gapi.client {
                 /** Analysis view indicating what information should be included in the analysis response. If unspecified, the default view is FULL. */
                 view?: string;
             }): Request<AnalyzeMoveResponse>;
+            /** Analyzes organization policies under a scope. */
+            analyzeOrgPolicies(request?: {
+                /** V1 error format. */
+                "$.xgafv"?: string;
+                /** OAuth access token. */
+                access_token?: string;
+                /** Data format for response. */
+                alt?: string;
+                /** JSONP */
+                callback?: string;
+                /** Required. The name of the constraint to analyze organization policies for. The response only contains analyzed organization policies for the provided constraint. */
+                constraint?: string;
+                /** Selector specifying which fields to include in a partial response. */
+                fields?: string;
+                /**
+                 * The expression to filter AnalyzeOrgPoliciesResponse.org_policy_results. The only supported field is `consolidated_policy.attached_resource`, and the only supported operator is
+                 * `=`. Example: consolidated_policy.attached_resource="//cloudresourcemanager.googleapis.com/folders/001" will return the org policy results of"folders/001".
+                 */
+                filter?: string;
+                /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+                key?: string;
+                /** OAuth 2.0 token for the current user. */
+                oauth_token?: string;
+                /** The maximum number of items to return per page. If unspecified, AnalyzeOrgPoliciesResponse.org_policy_results will contain 20 items with a maximum of 200. */
+                pageSize?: number;
+                /** The pagination token to retrieve the next page. */
+                pageToken?: string;
+                /** Returns response with indentations and line breaks. */
+                prettyPrint?: boolean;
+                /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+                quotaUser?: string;
+                /**
+                 * Required. The organization to scope the request. Only organization policies within the scope will be analyzed. * organizations/{ORGANIZATION_NUMBER} (e.g.,
+                 * "organizations/123456")
+                 */
+                scope: string;
+                /** Upload protocol for media (e.g. "raw", "multipart"). */
+                upload_protocol?: string;
+                /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+                uploadType?: string;
+            }): Request<AnalyzeOrgPoliciesResponse>;
+            /**
+             * Analyzes organization policies governed assets (GCP resources or policies) under a scope. This RPC supports custom constraints and the following 10 canned constraints: *
+             * storage.uniformBucketLevelAccess * iam.disableServiceAccountKeyCreation * iam.allowedPolicyMemberDomains * compute.vmExternalIpAccess * appengine.enforceServiceAccountActAsCheck *
+             * gcp.resourceLocations * compute.trustedImageProjects * compute.skipDefaultNetworkCreation * compute.requireOsLogin * compute.disableNestedVirtualization This RPC only returns
+             * either: * resources of types supported by [searchable asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types), or * IAM policies.
+             */
+            analyzeOrgPolicyGovernedAssets(request?: {
+                /** V1 error format. */
+                "$.xgafv"?: string;
+                /** OAuth access token. */
+                access_token?: string;
+                /** Data format for response. */
+                alt?: string;
+                /** JSONP */
+                callback?: string;
+                /** Required. The name of the constraint to analyze governed assets for. The analysis only contains analyzed organization policies for the provided constraint. */
+                constraint?: string;
+                /** Selector specifying which fields to include in a partial response. */
+                fields?: string;
+                /**
+                 * The expression to filter the governed assets in result. The only supported fields for governed resources are `governed_resource.project` and `governed_resource.folders`. The
+                 * only supported fields for governed iam policies are `governed_iam_policy.project` and `governed_iam_policy.folders`. The only supported operator is `=`. Example 1:
+                 * governed_resource.project="projects/12345678" filter will return all governed resources under projects/12345678 including the project ifself, if applicable. Example 2:
+                 * governed_iam_policy.folders="folders/12345678" filter will return all governed iam policies under folders/12345678, if applicable.
+                 */
+                filter?: string;
+                /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+                key?: string;
+                /** OAuth 2.0 token for the current user. */
+                oauth_token?: string;
+                /** The maximum number of items to return per page. If unspecified, AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets will contain 100 items with a maximum of 200. */
+                pageSize?: number;
+                /** The pagination token to retrieve the next page. */
+                pageToken?: string;
+                /** Returns response with indentations and line breaks. */
+                prettyPrint?: boolean;
+                /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+                quotaUser?: string;
+                /**
+                 * Required. The organization to scope the request. Only organization policies within the scope will be analyzed. The output assets will also be limited to the ones governed by
+                 * those in-scope organization policies. * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
+                 */
+                scope: string;
+                /** Upload protocol for media (e.g. "raw", "multipart"). */
+                upload_protocol?: string;
+                /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+                uploadType?: string;
+            }): Request<AnalyzeOrgPolicyGovernedAssetsResponse>;
+            /** Analyzes organization policies governed containers (projects, folders or organization) under a scope. */
+            analyzeOrgPolicyGovernedContainers(request?: {
+                /** V1 error format. */
+                "$.xgafv"?: string;
+                /** OAuth access token. */
+                access_token?: string;
+                /** Data format for response. */
+                alt?: string;
+                /** JSONP */
+                callback?: string;
+                /** Required. The name of the constraint to analyze governed containers for. The analysis only contains organization policies for the provided constraint. */
+                constraint?: string;
+                /** Selector specifying which fields to include in a partial response. */
+                fields?: string;
+                /**
+                 * The expression to filter the governed containers in result. The only supported field is `parent`, and the only supported operator is `=`. Example:
+                 * parent="//cloudresourcemanager.googleapis.com/folders/001" will return all containers under "folders/001".
+                 */
+                filter?: string;
+                /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+                key?: string;
+                /** OAuth 2.0 token for the current user. */
+                oauth_token?: string;
+                /** The maximum number of items to return per page. If unspecified, AnalyzeOrgPolicyGovernedContainersResponse.governed_containers will contain 100 items with a maximum of 200. */
+                pageSize?: number;
+                /** The pagination token to retrieve the next page. */
+                pageToken?: string;
+                /** Returns response with indentations and line breaks. */
+                prettyPrint?: boolean;
+                /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+                quotaUser?: string;
+                /**
+                 * Required. The organization to scope the request. Only organization policies within the scope will be analyzed. The output containers will also be limited to the ones governed by
+                 * those in-scope organization policies. * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
+                 */
+                scope: string;
+                /** Upload protocol for media (e.g. "raw", "multipart"). */
+                upload_protocol?: string;
+                /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+                uploadType?: string;
+            }): Request<AnalyzeOrgPolicyGovernedContainersResponse>;
             /**
              * Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can
              * create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an
@@ -2513,6 +2944,73 @@ declare namespace gapi.client {
                 uploadType?: string;
             },
             body: ExportAssetsRequest): Request<Operation>;
+            /**
+             * Issue a job that queries assets using a SQL statement compatible with [BigQuery Standard SQL](http://cloud/bigquery/docs/reference/standard-sql/enabling-standard-sql). If the query
+             * execution finishes within timeout and there's no pagination, the full query results will be returned in the `QueryAssetsResponse`. Otherwise, full query results can be obtained by
+             * issuing extra requests with the `job_reference` from the a previous `QueryAssets` call. Note, the query result has approximately 10 GB limitation enforced by BigQuery
+             * https://cloud.google.com/bigquery/docs/best-practices-performance-output, queries return larger results will result in errors.
+             */
+            queryAssets(request: {
+                /** V1 error format. */
+                "$.xgafv"?: string;
+                /** OAuth access token. */
+                access_token?: string;
+                /** Data format for response. */
+                alt?: string;
+                /** JSONP */
+                callback?: string;
+                /** Selector specifying which fields to include in a partial response. */
+                fields?: string;
+                /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+                key?: string;
+                /** OAuth 2.0 token for the current user. */
+                oauth_token?: string;
+                /**
+                 * Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), or a
+                 * project number (such as "projects/12345"), or a folder number (such as "folders/123"). Only assets belonging to the `parent` will be returned.
+                 */
+                parent: string;
+                /** Returns response with indentations and line breaks. */
+                prettyPrint?: boolean;
+                /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+                quotaUser?: string;
+                /** Upload protocol for media (e.g. "raw", "multipart"). */
+                upload_protocol?: string;
+                /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+                uploadType?: string;
+                /** Request body */
+                resource: QueryAssetsRequest;
+            }): Request<QueryAssetsResponse>;
+            queryAssets(request: {
+                /** V1 error format. */
+                "$.xgafv"?: string;
+                /** OAuth access token. */
+                access_token?: string;
+                /** Data format for response. */
+                alt?: string;
+                /** JSONP */
+                callback?: string;
+                /** Selector specifying which fields to include in a partial response. */
+                fields?: string;
+                /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+                key?: string;
+                /** OAuth 2.0 token for the current user. */
+                oauth_token?: string;
+                /**
+                 * Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), or a
+                 * project number (such as "projects/12345"), or a folder number (such as "folders/123"). Only assets belonging to the `parent` will be returned.
+                 */
+                parent: string;
+                /** Returns response with indentations and line breaks. */
+                prettyPrint?: boolean;
+                /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+                quotaUser?: string;
+                /** Upload protocol for media (e.g. "raw", "multipart"). */
+                upload_protocol?: string;
+                /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+                uploadType?: string;
+            },
+            body: QueryAssetsRequest): Request<QueryAssetsResponse>;
             /**
              * Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the `cloudasset.assets.searchAllIamPolicies` permission
              * on the desired scope, otherwise the request will be rejected.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@maxim_mazurok/gapi.client.cloudasset-v1",
-  "version": "0.0.20221021",
+  "version": "0.0.20221114",
   "description": "TypeScript typings for Cloud Asset API v1",
   "license": "MIT",
   "author": {

package/readme.md

@@ -146,6 +146,21 @@ Analyze moving a resource to a specified destination without kicking off the act
 */
 await gapi.client.cloudasset.analyzeMove({ resource: "resource",  });
 
+/*
+Analyzes organization policies under a scope.
+*/
+await gapi.client.cloudasset.analyzeOrgPolicies({ scope: "scope",  });
+
+/*
+Analyzes organization policies governed assets (GCP resources or policies) under a scope. This RPC supports custom constraints and the following 10 canned constraints: * storage.uniformBucketLevelAccess * iam.disableServiceAccountKeyCreation * iam.allowedPolicyMemberDomains * compute.vmExternalIpAccess * appengine.enforceServiceAccountActAsCheck * gcp.resourceLocations * compute.trustedImageProjects * compute.skipDefaultNetworkCreation * compute.requireOsLogin * compute.disableNestedVirtualization This RPC only returns either: * resources of types supported by [searchable asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types), or * IAM policies.
+*/
+await gapi.client.cloudasset.analyzeOrgPolicyGovernedAssets({ scope: "scope",  });
+
+/*
+Analyzes organization policies governed containers (projects, folders or organization) under a scope.
+*/
+await gapi.client.cloudasset.analyzeOrgPolicyGovernedContainers({ scope: "scope",  });
+
 /*
 Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.
 */
@@ -156,6 +171,11 @@ Exports assets with time and resource types to a given Cloud Storage location/Bi
 */
 await gapi.client.cloudasset.exportAssets({ parent: "parent",  });
 
+/*
+Issue a job that queries assets using a SQL statement compatible with [BigQuery Standard SQL](http://cloud/bigquery/docs/reference/standard-sql/enabling-standard-sql). If the query execution finishes within timeout and there's no pagination, the full query results will be returned in the `QueryAssetsResponse`. Otherwise, full query results can be obtained by issuing extra requests with the `job_reference` from the a previous `QueryAssets` call. Note, the query result has approximately 10 GB limitation enforced by BigQuery https://cloud.google.com/bigquery/docs/best-practices-performance-output, queries return larger results will result in errors.
+*/
+await gapi.client.cloudasset.queryAssets({ parent: "parent",  });
+
 /*
 Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the `cloudasset.assets.searchAllIamPolicies` permission on the desired scope, otherwise the request will be rejected.
 */

package/tests.ts

@@ -3,7 +3,7 @@
 // This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually.
 // In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator
 
-// Revision: 20221021
+// Revision: 20221114
 
 gapi.load('client', async () => {
     /** now we can use gapi.client */
@@ -301,6 +301,35 @@ gapi.load('client', async () => {
             resource: "Test string",
             view: "Test string",
         });
+        /** Analyzes organization policies under a scope. */
+        await gapi.client.cloudasset.v1.analyzeOrgPolicies({
+            constraint: "Test string",
+            filter: "Test string",
+            pageSize: 42,
+            pageToken: "Test string",
+            scope: "Test string",
+        });
+        /**
+         * Analyzes organization policies governed assets (GCP resources or policies) under a scope. This RPC supports custom constraints and the following 10 canned constraints: *
+         * storage.uniformBucketLevelAccess * iam.disableServiceAccountKeyCreation * iam.allowedPolicyMemberDomains * compute.vmExternalIpAccess * appengine.enforceServiceAccountActAsCheck *
+         * gcp.resourceLocations * compute.trustedImageProjects * compute.skipDefaultNetworkCreation * compute.requireOsLogin * compute.disableNestedVirtualization This RPC only returns either: *
+         * resources of types supported by [searchable asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types), or * IAM policies.
+         */
+        await gapi.client.cloudasset.v1.analyzeOrgPolicyGovernedAssets({
+            constraint: "Test string",
+            filter: "Test string",
+            pageSize: 42,
+            pageToken: "Test string",
+            scope: "Test string",
+        });
+        /** Analyzes organization policies governed containers (projects, folders or organization) under a scope. */
+        await gapi.client.cloudasset.v1.analyzeOrgPolicyGovernedContainers({
+            constraint: "Test string",
+            filter: "Test string",
+            pageSize: 42,
+            pageToken: "Test string",
+            scope: "Test string",
+        });
         /**
          * Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can
          * create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an
@@ -347,6 +376,33 @@ gapi.load('client', async () => {
                 "Test string"
             ],
         });
+        /**
+         * Issue a job that queries assets using a SQL statement compatible with [BigQuery Standard SQL](http://cloud/bigquery/docs/reference/standard-sql/enabling-standard-sql). If the query
+         * execution finishes within timeout and there's no pagination, the full query results will be returned in the `QueryAssetsResponse`. Otherwise, full query results can be obtained by
+         * issuing extra requests with the `job_reference` from the a previous `QueryAssets` call. Note, the query result has approximately 10 GB limitation enforced by BigQuery
+         * https://cloud.google.com/bigquery/docs/best-practices-performance-output, queries return larger results will result in errors.
+         */
+        await gapi.client.cloudasset.v1.queryAssets({
+            parent: "Test string",
+        }, {
+            jobReference: "Test string",
+            outputConfig: {
+                bigqueryDestination: {
+                    dataset: "Test string",
+                    table: "Test string",
+                    writeDisposition: "Test string",
+                },
+            },
+            pageSize: 42,
+            pageToken: "Test string",
+            readTime: "Test string",
+            readTimeWindow: {
+                endTime: "Test string",
+                startTime: "Test string",
+            },
+            statement: "Test string",
+            timeout: "Test string",
+        });
         /**
          * Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the `cloudasset.assets.searchAllIamPolicies` permission on
          * the desired scope, otherwise the request will be rejected.