@maxim_mazurok/gapi.client.cloudasset-v1beta1 0.0.20230421 → 0.0.20230429
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.d.ts +601 -301
- package/package.json +1 -1
- package/tests.ts +1 -1
package/index.d.ts
CHANGED
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
// This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually.
|
|
10
10
|
// In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator
|
|
11
11
|
// Generated from: https://cloudasset.googleapis.com/$discovery/rest?version=v1beta1
|
|
12
|
-
// Revision:
|
|
12
|
+
// Revision: 20230429
|
|
13
13
|
|
|
14
14
|
/// <reference types="gapi.client" />
|
|
15
15
|
|
|
@@ -24,58 +24,72 @@ declare namespace gapi.client {
|
|
|
24
24
|
namespace cloudasset {
|
|
25
25
|
interface AnalyzeIamPolicyLongrunningMetadata {
|
|
26
26
|
/** Output only. The time the operation was created. */
|
|
27
|
-
createTime?:
|
|
27
|
+
createTime?:
|
|
28
|
+
string;
|
|
28
29
|
}
|
|
29
30
|
// tslint:disable-next-line:no-empty-interface
|
|
30
31
|
interface AnalyzeIamPolicyLongrunningResponse {
|
|
31
32
|
}
|
|
32
33
|
interface Asset {
|
|
33
34
|
/** Please also refer to the [access level user guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). */
|
|
34
|
-
accessLevel?:
|
|
35
|
+
accessLevel?:
|
|
36
|
+
GoogleIdentityAccesscontextmanagerV1AccessLevel;
|
|
35
37
|
/** Please also refer to the [access policy user guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies). */
|
|
36
|
-
accessPolicy?:
|
|
38
|
+
accessPolicy?:
|
|
39
|
+
GoogleIdentityAccesscontextmanagerV1AccessPolicy;
|
|
37
40
|
/** The type of the asset. Example: `compute.googleapis.com/Disk` See [Supported asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) for more information. */
|
|
38
|
-
assetType?:
|
|
41
|
+
assetType?:
|
|
42
|
+
string;
|
|
39
43
|
/**
|
|
40
44
|
* A representation of the IAM policy set on a Google Cloud resource. There can be a maximum of one IAM policy set on any given resource. In addition, IAM policies inherit their
|
|
41
45
|
* granted access scope from any policies set on parent resources in the resource hierarchy. Therefore, the effectively policy is the union of both the policy set on this resource and
|
|
42
46
|
* each policy set on all of the resource's ancestry resource levels in the hierarchy. See [this topic](https://cloud.google.com/iam/help/allow-policies/inheritance) for more
|
|
43
47
|
* information.
|
|
44
48
|
*/
|
|
45
|
-
iamPolicy?:
|
|
49
|
+
iamPolicy?:
|
|
50
|
+
Policy;
|
|
46
51
|
/**
|
|
47
52
|
* The full name of the asset. Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` See [Resource
|
|
48
53
|
* names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more information.
|
|
49
54
|
*/
|
|
50
|
-
name?:
|
|
55
|
+
name?:
|
|
56
|
+
string;
|
|
51
57
|
/**
|
|
52
58
|
* A representation of an [organization policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). There can be more than one
|
|
53
59
|
* organization policy with different constraints set on a given resource.
|
|
54
60
|
*/
|
|
55
|
-
orgPolicy?:
|
|
61
|
+
orgPolicy?:
|
|
62
|
+
GoogleCloudOrgpolicyV1Policy[];
|
|
56
63
|
/** A representation of the resource. */
|
|
57
|
-
resource?:
|
|
64
|
+
resource?:
|
|
65
|
+
Resource;
|
|
58
66
|
/** Please also refer to the [service perimeter user guide](https://cloud.google.com/vpc-service-controls/docs/overview). */
|
|
59
|
-
servicePerimeter?:
|
|
67
|
+
servicePerimeter?:
|
|
68
|
+
GoogleIdentityAccesscontextmanagerV1ServicePerimeter;
|
|
60
69
|
}
|
|
61
70
|
interface AuditConfig {
|
|
62
71
|
/** The configuration for logging of each type of permission. */
|
|
63
|
-
auditLogConfigs?:
|
|
72
|
+
auditLogConfigs?:
|
|
73
|
+
AuditLogConfig[];
|
|
64
74
|
/**
|
|
65
75
|
* Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all
|
|
66
76
|
* services.
|
|
67
77
|
*/
|
|
68
|
-
service?:
|
|
78
|
+
service?:
|
|
79
|
+
string;
|
|
69
80
|
}
|
|
70
81
|
interface AuditLogConfig {
|
|
71
82
|
/** Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. */
|
|
72
|
-
exemptedMembers?:
|
|
83
|
+
exemptedMembers?:
|
|
84
|
+
string[];
|
|
73
85
|
/** The log type that this config enables. */
|
|
74
|
-
logType?:
|
|
86
|
+
logType?:
|
|
87
|
+
string;
|
|
75
88
|
}
|
|
76
89
|
interface BatchGetAssetsHistoryResponse {
|
|
77
90
|
/** A list of assets with valid time windows. */
|
|
78
|
-
assets?:
|
|
91
|
+
assets?:
|
|
92
|
+
TemporalAsset[];
|
|
79
93
|
}
|
|
80
94
|
interface Binding {
|
|
81
95
|
/**
|
|
@@ -83,7 +97,8 @@ declare namespace gapi.client {
|
|
|
83
97
|
* then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which
|
|
84
98
|
* resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
|
85
99
|
*/
|
|
86
|
-
condition?:
|
|
100
|
+
condition?:
|
|
101
|
+
Expr;
|
|
87
102
|
/**
|
|
88
103
|
* Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on
|
|
89
104
|
* the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service
|
|
@@ -100,146 +115,185 @@ declare namespace gapi.client {
|
|
|
100
115
|
* has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group
|
|
101
116
|
* retains the role in the binding.
|
|
102
117
|
*/
|
|
103
|
-
members?:
|
|
118
|
+
members?:
|
|
119
|
+
string[];
|
|
104
120
|
/** Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. */
|
|
105
|
-
role?:
|
|
121
|
+
role?:
|
|
122
|
+
string;
|
|
106
123
|
}
|
|
107
124
|
interface ExportAssetsRequest {
|
|
108
125
|
/**
|
|
109
126
|
* A list of asset types of which to take a snapshot for. For example: "google.compute.Disk". If specified, only matching assets will be returned. See [Introduction to Cloud Asset
|
|
110
127
|
* Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview) for all supported asset types.
|
|
111
128
|
*/
|
|
112
|
-
assetTypes?:
|
|
129
|
+
assetTypes?:
|
|
130
|
+
string[];
|
|
113
131
|
/** Asset content type. If not specified, no content but the asset name will be returned. */
|
|
114
|
-
contentType?:
|
|
132
|
+
contentType?:
|
|
133
|
+
string;
|
|
115
134
|
/** Required. Output configuration indicating where the results will be output to. All results will be in newline delimited JSON format. */
|
|
116
|
-
outputConfig?:
|
|
135
|
+
outputConfig?:
|
|
136
|
+
OutputConfig;
|
|
117
137
|
/**
|
|
118
138
|
* Timestamp to take an asset snapshot. This can only be set to a timestamp between 2018-10-02 UTC (inclusive) and the current time. If not specified, the current time will be used.
|
|
119
139
|
* Due to delays in resource data collection and indexing, there is a volatile window during which running the same query may get different results.
|
|
120
140
|
*/
|
|
121
|
-
readTime?:
|
|
141
|
+
readTime?:
|
|
142
|
+
string;
|
|
122
143
|
}
|
|
123
144
|
interface Expr {
|
|
124
145
|
/** Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. */
|
|
125
|
-
description?:
|
|
146
|
+
description?:
|
|
147
|
+
string;
|
|
126
148
|
/** Textual representation of an expression in Common Expression Language syntax. */
|
|
127
|
-
expression?:
|
|
149
|
+
expression?:
|
|
150
|
+
string;
|
|
128
151
|
/** Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. */
|
|
129
|
-
location?:
|
|
152
|
+
location?:
|
|
153
|
+
string;
|
|
130
154
|
/** Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. */
|
|
131
|
-
title?:
|
|
155
|
+
title?:
|
|
156
|
+
string;
|
|
132
157
|
}
|
|
133
158
|
interface GcsDestination {
|
|
134
159
|
/**
|
|
135
160
|
* The URI of the Cloud Storage object. It's the same URI that is used by gsutil. For example: "gs://bucket_name/object_name". See [Viewing and Editing Object
|
|
136
161
|
* Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) for more information.
|
|
137
162
|
*/
|
|
138
|
-
uri?:
|
|
163
|
+
uri?:
|
|
164
|
+
string;
|
|
139
165
|
/**
|
|
140
166
|
* The URI prefix of all generated Cloud Storage objects. For example: "gs://bucket_name/object_name_prefix". Each object URI is in format: "gs://bucket_name/object_name_prefix// and
|
|
141
167
|
* only contains assets for that type. starts from 0. For example: "gs://bucket_name/object_name_prefix/google.compute.disk/0" is the first shard of output objects containing all
|
|
142
168
|
* google.compute.disk assets. An INVALID_ARGUMENT error will be returned if file with the same name "gs://bucket_name/object_name_prefix" already exists.
|
|
143
169
|
*/
|
|
144
|
-
uriPrefix?:
|
|
170
|
+
uriPrefix?:
|
|
171
|
+
string;
|
|
145
172
|
}
|
|
146
173
|
interface GoogleCloudAssetV1p7beta1Asset {
|
|
147
174
|
/** Please also refer to the [access level user guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). */
|
|
148
|
-
accessLevel?:
|
|
175
|
+
accessLevel?:
|
|
176
|
+
GoogleIdentityAccesscontextmanagerV1AccessLevel;
|
|
149
177
|
/** Please also refer to the [access policy user guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies). */
|
|
150
|
-
accessPolicy?:
|
|
178
|
+
accessPolicy?:
|
|
179
|
+
GoogleIdentityAccesscontextmanagerV1AccessPolicy;
|
|
151
180
|
/**
|
|
152
181
|
* The ancestry path of an asset in Google Cloud [resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), represented as a list of
|
|
153
182
|
* relative resource names. An ancestry path starts with the closest ancestor in the hierarchy and ends at root. If the asset is a project, folder, or organization, the ancestry path
|
|
154
183
|
* starts from the asset itself. Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
|
|
155
184
|
*/
|
|
156
|
-
ancestors?:
|
|
185
|
+
ancestors?:
|
|
186
|
+
string[];
|
|
157
187
|
/** The type of the asset. Example: `compute.googleapis.com/Disk` See [Supported asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) for more information. */
|
|
158
|
-
assetType?:
|
|
188
|
+
assetType?:
|
|
189
|
+
string;
|
|
159
190
|
/**
|
|
160
191
|
* A representation of the IAM policy set on a Google Cloud resource. There can be a maximum of one IAM policy set on any given resource. In addition, IAM policies inherit their
|
|
161
192
|
* granted access scope from any policies set on parent resources in the resource hierarchy. Therefore, the effectively policy is the union of both the policy set on this resource and
|
|
162
193
|
* each policy set on all of the resource's ancestry resource levels in the hierarchy. See [this topic](https://cloud.google.com/iam/help/allow-policies/inheritance) for more
|
|
163
194
|
* information.
|
|
164
195
|
*/
|
|
165
|
-
iamPolicy?:
|
|
196
|
+
iamPolicy?:
|
|
197
|
+
Policy;
|
|
166
198
|
/**
|
|
167
199
|
* The full name of the asset. Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` See [Resource
|
|
168
200
|
* names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more information.
|
|
169
201
|
*/
|
|
170
|
-
name?:
|
|
202
|
+
name?:
|
|
203
|
+
string;
|
|
171
204
|
/**
|
|
172
205
|
* A representation of an [organization policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). There can be more than one
|
|
173
206
|
* organization policy with different constraints set on a given resource.
|
|
174
207
|
*/
|
|
175
|
-
orgPolicy?:
|
|
208
|
+
orgPolicy?:
|
|
209
|
+
GoogleCloudOrgpolicyV1Policy[];
|
|
176
210
|
/** The related assets of the asset of one relationship type. One asset only represents one type of relationship. */
|
|
177
|
-
relatedAssets?:
|
|
211
|
+
relatedAssets?:
|
|
212
|
+
GoogleCloudAssetV1p7beta1RelatedAssets;
|
|
178
213
|
/** A representation of the resource. */
|
|
179
|
-
resource?:
|
|
214
|
+
resource?:
|
|
215
|
+
GoogleCloudAssetV1p7beta1Resource;
|
|
180
216
|
/** Please also refer to the [service perimeter user guide](https://cloud.google.com/vpc-service-controls/docs/overview). */
|
|
181
|
-
servicePerimeter?:
|
|
217
|
+
servicePerimeter?:
|
|
218
|
+
GoogleIdentityAccesscontextmanagerV1ServicePerimeter;
|
|
182
219
|
/** The last update timestamp of an asset. update_time is updated when create/update/delete operation is performed. */
|
|
183
|
-
updateTime?:
|
|
220
|
+
updateTime?:
|
|
221
|
+
string;
|
|
184
222
|
}
|
|
185
223
|
interface GoogleCloudAssetV1p7beta1RelatedAsset {
|
|
186
224
|
/**
|
|
187
225
|
* The ancestors of an asset in Google Cloud [resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), represented as a list of relative
|
|
188
226
|
* resource names. An ancestry path starts with the closest ancestor in the hierarchy and ends at root. Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
|
|
189
227
|
*/
|
|
190
|
-
ancestors?:
|
|
228
|
+
ancestors?:
|
|
229
|
+
string[];
|
|
191
230
|
/**
|
|
192
231
|
* The full name of the asset. Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` See [Resource
|
|
193
232
|
* names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more information.
|
|
194
233
|
*/
|
|
195
|
-
asset?:
|
|
234
|
+
asset?:
|
|
235
|
+
string;
|
|
196
236
|
/** The type of the asset. Example: `compute.googleapis.com/Disk` See [Supported asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) for more information. */
|
|
197
|
-
assetType?:
|
|
237
|
+
assetType?:
|
|
238
|
+
string;
|
|
198
239
|
}
|
|
199
240
|
interface GoogleCloudAssetV1p7beta1RelatedAssets {
|
|
200
241
|
/** The peer resources of the relationship. */
|
|
201
|
-
assets?:
|
|
242
|
+
assets?:
|
|
243
|
+
GoogleCloudAssetV1p7beta1RelatedAsset[];
|
|
202
244
|
/** The detailed relation attributes. */
|
|
203
|
-
relationshipAttributes?:
|
|
245
|
+
relationshipAttributes?:
|
|
246
|
+
GoogleCloudAssetV1p7beta1RelationshipAttributes;
|
|
204
247
|
}
|
|
205
248
|
interface GoogleCloudAssetV1p7beta1RelationshipAttributes {
|
|
206
249
|
/** The detail of the relationship, e.g. `contains`, `attaches` */
|
|
207
|
-
action?:
|
|
250
|
+
action?:
|
|
251
|
+
string;
|
|
208
252
|
/** The source asset type. Example: `compute.googleapis.com/Instance` */
|
|
209
|
-
sourceResourceType?:
|
|
253
|
+
sourceResourceType?:
|
|
254
|
+
string;
|
|
210
255
|
/** The target asset type. Example: `compute.googleapis.com/Disk` */
|
|
211
|
-
targetResourceType?:
|
|
256
|
+
targetResourceType?:
|
|
257
|
+
string;
|
|
212
258
|
/** The unique identifier of the relationship type. Example: `INSTANCE_TO_INSTANCEGROUP` */
|
|
213
|
-
type?:
|
|
259
|
+
type?:
|
|
260
|
+
string;
|
|
214
261
|
}
|
|
215
262
|
interface GoogleCloudAssetV1p7beta1Resource {
|
|
216
263
|
/** The content of the resource, in which some sensitive fields are removed and may not be present. */
|
|
217
|
-
data?:
|
|
264
|
+
data?:
|
|
265
|
+
{ [P in string]: any };
|
|
218
266
|
/**
|
|
219
267
|
* The URL of the discovery document containing the resource's JSON schema. Example: `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This value is unspecified for
|
|
220
268
|
* resources that do not have an API based on a discovery document, such as Cloud Bigtable.
|
|
221
269
|
*/
|
|
222
|
-
discoveryDocumentUri?:
|
|
270
|
+
discoveryDocumentUri?:
|
|
271
|
+
string;
|
|
223
272
|
/**
|
|
224
273
|
* The JSON schema name listed in the discovery document. Example: `Project` This value is unspecified for resources that do not have an API based on a discovery document, such as
|
|
225
274
|
* Cloud Bigtable.
|
|
226
275
|
*/
|
|
227
|
-
discoveryName?:
|
|
276
|
+
discoveryName?:
|
|
277
|
+
string;
|
|
228
278
|
/** The location of the resource in Google Cloud, such as its zone and region. For more information, see https://cloud.google.com/about/locations/. */
|
|
229
|
-
location?:
|
|
279
|
+
location?:
|
|
280
|
+
string;
|
|
230
281
|
/**
|
|
231
282
|
* The full name of the immediate parent of this resource. See [Resource Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more information. For Google
|
|
232
283
|
* Cloud assets, this value is the parent resource defined in the [IAM policy hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). Example:
|
|
233
284
|
* `//cloudresourcemanager.googleapis.com/projects/my_project_123` For third-party assets, this field may be set differently.
|
|
234
285
|
*/
|
|
235
|
-
parent?:
|
|
286
|
+
parent?:
|
|
287
|
+
string;
|
|
236
288
|
/**
|
|
237
289
|
* The REST URL for accessing the resource. An HTTP `GET` request using this URL returns the resource itself. Example:
|
|
238
290
|
* `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` This value is unspecified for resources without a REST API.
|
|
239
291
|
*/
|
|
240
|
-
resourceUrl?:
|
|
292
|
+
resourceUrl?:
|
|
293
|
+
string;
|
|
241
294
|
/** The API version. Example: `v1` */
|
|
242
|
-
version?:
|
|
295
|
+
version?:
|
|
296
|
+
string;
|
|
243
297
|
}
|
|
244
298
|
interface GoogleCloudOrgpolicyV1BooleanPolicy {
|
|
245
299
|
/**
|
|
@@ -254,15 +308,19 @@ declare namespace gapi.client {
|
|
|
254
308
|
* enforced. Example 3 (RestoreDefault): `organizations/foo` has a `Policy` with: {enforced: true} `projects/bar` has a `Policy` with: {RestoreDefault: {}} The constraint at
|
|
255
309
|
* `organizations/foo` is enforced. The constraint at `projects/bar` is not enforced, because `constraint_default` for the `Constraint` is `ALLOW`.
|
|
256
310
|
*/
|
|
257
|
-
enforced?:
|
|
311
|
+
enforced?:
|
|
312
|
+
boolean;
|
|
258
313
|
}
|
|
259
314
|
interface GoogleCloudOrgpolicyV1ListPolicy {
|
|
260
315
|
/** List of values allowed at this resource. Can only be set if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. */
|
|
261
|
-
allowedValues?:
|
|
316
|
+
allowedValues?:
|
|
317
|
+
string[];
|
|
262
318
|
/** The policy all_values state. */
|
|
263
|
-
allValues?:
|
|
319
|
+
allValues?:
|
|
320
|
+
string;
|
|
264
321
|
/** List of values denied at this resource. Can only be set if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. */
|
|
265
|
-
deniedValues?:
|
|
322
|
+
deniedValues?:
|
|
323
|
+
string[];
|
|
266
324
|
/**
|
|
267
325
|
* Determines the inheritance behavior for this `Policy`. By default, a `ListPolicy` set at a resource supersedes any `Policy` set anywhere up the resource hierarchy. However, if
|
|
268
326
|
* `inherit_from_parent` is set to `true`, then the values from the effective `Policy` of the parent resource are inherited, meaning the values set in this `Policy` are added to the
|
|
@@ -289,68 +347,85 @@ declare namespace gapi.client {
|
|
|
289
347
|
* `Policy` with: {allowed_values: "under:projects/P3"} {denied_values: "under:folders/F2"} The accepted values at `organizations/foo` are `organizations/O1`, `folders/F1`,
|
|
290
348
|
* `folders/F2`, `projects/P1`, `projects/P2`, `projects/P3`. The accepted values at `projects/bar` are `organizations/O1`, `folders/F1`, `projects/P1`.
|
|
291
349
|
*/
|
|
292
|
-
inheritFromParent?:
|
|
350
|
+
inheritFromParent?:
|
|
351
|
+
boolean;
|
|
293
352
|
/**
|
|
294
353
|
* Optional. The Google Cloud Console will try to default to a configuration that matches the value specified in this `Policy`. If `suggested_value` is not set, it will inherit the
|
|
295
354
|
* value specified higher in the hierarchy, unless `inherit_from_parent` is `false`.
|
|
296
355
|
*/
|
|
297
|
-
suggestedValue?:
|
|
356
|
+
suggestedValue?:
|
|
357
|
+
string;
|
|
298
358
|
}
|
|
299
359
|
interface GoogleCloudOrgpolicyV1Policy {
|
|
300
360
|
/** For boolean `Constraints`, whether to enforce the `Constraint` or not. */
|
|
301
|
-
booleanPolicy?:
|
|
361
|
+
booleanPolicy?:
|
|
362
|
+
GoogleCloudOrgpolicyV1BooleanPolicy;
|
|
302
363
|
/**
|
|
303
364
|
* The name of the `Constraint` the `Policy` is configuring, for example, `constraints/serviceuser.services`. A [list of available
|
|
304
365
|
* constraints](/resource-manager/docs/organization-policy/org-policy-constraints) is available. Immutable after creation.
|
|
305
366
|
*/
|
|
306
|
-
constraint?:
|
|
367
|
+
constraint?:
|
|
368
|
+
string;
|
|
307
369
|
/**
|
|
308
370
|
* An opaque tag indicating the current version of the `Policy`, used for concurrency control. When the `Policy` is returned from either a `GetPolicy` or a `ListOrgPolicy` request,
|
|
309
371
|
* this `etag` indicates the version of the current `Policy` to use when executing a read-modify-write loop. When the `Policy` is returned from a `GetEffectivePolicy` request, the
|
|
310
372
|
* `etag` will be unset. When the `Policy` is used in a `SetOrgPolicy` method, use the `etag` value that was returned from a `GetOrgPolicy` request as part of a read-modify-write loop
|
|
311
373
|
* for concurrency control. Not setting the `etag`in a `SetOrgPolicy` request will result in an unconditional write of the `Policy`.
|
|
312
374
|
*/
|
|
313
|
-
etag?:
|
|
375
|
+
etag?:
|
|
376
|
+
string;
|
|
314
377
|
/** List of values either allowed or disallowed. */
|
|
315
|
-
listPolicy?:
|
|
378
|
+
listPolicy?:
|
|
379
|
+
GoogleCloudOrgpolicyV1ListPolicy;
|
|
316
380
|
/** Restores the default behavior of the constraint; independent of `Constraint` type. */
|
|
317
|
-
restoreDefault?:
|
|
381
|
+
restoreDefault?:
|
|
382
|
+
any;
|
|
318
383
|
/**
|
|
319
384
|
* The time stamp the `Policy` was previously updated. This is set by the server, not specified by the caller, and represents the last time a call to `SetOrgPolicy` was made for that
|
|
320
385
|
* `Policy`. Any value set by the client will be ignored.
|
|
321
386
|
*/
|
|
322
|
-
updateTime?:
|
|
387
|
+
updateTime?:
|
|
388
|
+
string;
|
|
323
389
|
/** Version of the `Policy`. Default version is 0; */
|
|
324
|
-
version?:
|
|
390
|
+
version?:
|
|
391
|
+
number;
|
|
325
392
|
}
|
|
326
393
|
// tslint:disable-next-line:no-empty-interface
|
|
327
394
|
interface GoogleCloudOrgpolicyV1RestoreDefault {
|
|
328
395
|
}
|
|
329
396
|
interface GoogleIdentityAccesscontextmanagerV1AccessLevel {
|
|
330
397
|
/** A `BasicLevel` composed of `Conditions`. */
|
|
331
|
-
basic?:
|
|
398
|
+
basic?:
|
|
399
|
+
GoogleIdentityAccesscontextmanagerV1BasicLevel;
|
|
332
400
|
/** A `CustomLevel` written in the Common Expression Language. */
|
|
333
|
-
custom?:
|
|
401
|
+
custom?:
|
|
402
|
+
GoogleIdentityAccesscontextmanagerV1CustomLevel;
|
|
334
403
|
/** Description of the `AccessLevel` and its use. Does not affect behavior. */
|
|
335
|
-
description?:
|
|
404
|
+
description?:
|
|
405
|
+
string;
|
|
336
406
|
/**
|
|
337
407
|
* Resource name for the `AccessLevel`. Format: `accessPolicies/{access_policy}/accessLevels/{access_level}`. The `access_level` component must begin with a letter, followed by
|
|
338
408
|
* alphanumeric characters or `_`. Its maximum length is 50 characters. After you create an `AccessLevel`, you cannot change its `name`.
|
|
339
409
|
*/
|
|
340
|
-
name?:
|
|
410
|
+
name?:
|
|
411
|
+
string;
|
|
341
412
|
/** Human readable title. Must be unique within the Policy. */
|
|
342
|
-
title?:
|
|
413
|
+
title?:
|
|
414
|
+
string;
|
|
343
415
|
}
|
|
344
416
|
interface GoogleIdentityAccesscontextmanagerV1AccessPolicy {
|
|
345
417
|
/**
|
|
346
418
|
* Output only. An opaque identifier for the current version of the `AccessPolicy`. This will always be a strongly validated etag, meaning that two Access Polices will be identical if
|
|
347
419
|
* and only if their etags are identical. Clients should not expect this to be in any specific format.
|
|
348
420
|
*/
|
|
349
|
-
etag?:
|
|
421
|
+
etag?:
|
|
422
|
+
string;
|
|
350
423
|
/** Output only. Resource name of the `AccessPolicy`. Format: `accessPolicies/{access_policy}` */
|
|
351
|
-
name?:
|
|
424
|
+
name?:
|
|
425
|
+
string;
|
|
352
426
|
/** Required. The parent of this `AccessPolicy` in the Cloud Resource Hierarchy. Currently immutable once created. Format: `organizations/{organization_id}` */
|
|
353
|
-
parent?:
|
|
427
|
+
parent?:
|
|
428
|
+
string;
|
|
354
429
|
/**
|
|
355
430
|
* The scopes of a policy define which resources an ACM policy can restrict, and where ACM resources can be referenced. For example, a policy with scopes=["folders/123"] has the
|
|
356
431
|
* following behavior: - vpcsc perimeters can only restrict projects within folders/123 - access levels can only be referenced by resources within folders/123. If empty, there are no
|
|
@@ -358,90 +433,113 @@ declare namespace gapi.client {
|
|
|
358
433
|
* (attempting to create a second policy which includes "folders/123" will result in an error). Currently, scopes cannot be modified after a policy is created. Currently, policies can
|
|
359
434
|
* only have a single scope. Format: list of `folders/{folder_number}` or `projects/{project_number}`
|
|
360
435
|
*/
|
|
361
|
-
scopes?:
|
|
436
|
+
scopes?:
|
|
437
|
+
string[];
|
|
362
438
|
/** Required. Human readable title. Does not affect behavior. */
|
|
363
|
-
title?:
|
|
439
|
+
title?:
|
|
440
|
+
string;
|
|
364
441
|
}
|
|
365
442
|
interface GoogleIdentityAccesscontextmanagerV1ApiOperation {
|
|
366
443
|
/**
|
|
367
444
|
* API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the
|
|
368
445
|
* `method` field will allow all methods AND permissions for the service specified in `service_name`.
|
|
369
446
|
*/
|
|
370
|
-
methodSelectors?:
|
|
447
|
+
methodSelectors?:
|
|
448
|
+
GoogleIdentityAccesscontextmanagerV1MethodSelector[];
|
|
371
449
|
/**
|
|
372
450
|
* The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods
|
|
373
451
|
* AND permissions for all services.
|
|
374
452
|
*/
|
|
375
|
-
serviceName?:
|
|
453
|
+
serviceName?:
|
|
454
|
+
string;
|
|
376
455
|
}
|
|
377
456
|
interface GoogleIdentityAccesscontextmanagerV1BasicLevel {
|
|
378
457
|
/**
|
|
379
458
|
* How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the
|
|
380
459
|
* `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.
|
|
381
460
|
*/
|
|
382
|
-
combiningFunction?:
|
|
461
|
+
combiningFunction?:
|
|
462
|
+
string;
|
|
383
463
|
/** Required. A list of requirements for the `AccessLevel` to be granted. */
|
|
384
|
-
conditions?:
|
|
464
|
+
conditions?:
|
|
465
|
+
GoogleIdentityAccesscontextmanagerV1Condition[];
|
|
385
466
|
}
|
|
386
467
|
interface GoogleIdentityAccesscontextmanagerV1Condition {
|
|
387
468
|
/** Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed. */
|
|
388
|
-
devicePolicy?:
|
|
469
|
+
devicePolicy?:
|
|
470
|
+
GoogleIdentityAccesscontextmanagerV1DevicePolicy;
|
|
389
471
|
/**
|
|
390
472
|
* CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host
|
|
391
473
|
* bits must be zero) or the input is considered malformed. For example, "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted whereas
|
|
392
474
|
* "2001:db8::1/32" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed.
|
|
393
475
|
*/
|
|
394
|
-
ipSubnetworks?:
|
|
476
|
+
ipSubnetworks?:
|
|
477
|
+
string[];
|
|
395
478
|
/**
|
|
396
479
|
* The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request
|
|
397
480
|
* may come from any user.
|
|
398
481
|
*/
|
|
399
|
-
members?:
|
|
482
|
+
members?:
|
|
483
|
+
string[];
|
|
400
484
|
/**
|
|
401
485
|
* Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields, each field must be false for the Condition overall to be satisfied. Defaults to
|
|
402
486
|
* false.
|
|
403
487
|
*/
|
|
404
|
-
negate?:
|
|
488
|
+
negate?:
|
|
489
|
+
boolean;
|
|
405
490
|
/** The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes. */
|
|
406
|
-
regions?:
|
|
491
|
+
regions?:
|
|
492
|
+
string[];
|
|
407
493
|
/**
|
|
408
494
|
* A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must
|
|
409
495
|
* be granted for the Condition to be true. Example: "`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME"`
|
|
410
496
|
*/
|
|
411
|
-
requiredAccessLevels?:
|
|
497
|
+
requiredAccessLevels?:
|
|
498
|
+
string[];
|
|
412
499
|
}
|
|
413
500
|
interface GoogleIdentityAccesscontextmanagerV1CustomLevel {
|
|
414
501
|
/** Required. A Cloud CEL expression evaluating to a boolean. */
|
|
415
|
-
expr?:
|
|
502
|
+
expr?:
|
|
503
|
+
Expr;
|
|
416
504
|
}
|
|
417
505
|
interface GoogleIdentityAccesscontextmanagerV1DevicePolicy {
|
|
418
506
|
/** Allowed device management levels, an empty list allows all management levels. */
|
|
419
|
-
allowedDeviceManagementLevels?:
|
|
507
|
+
allowedDeviceManagementLevels?:
|
|
508
|
+
string[];
|
|
420
509
|
/** Allowed encryptions statuses, an empty list allows all statuses. */
|
|
421
|
-
allowedEncryptionStatuses?:
|
|
510
|
+
allowedEncryptionStatuses?:
|
|
511
|
+
string[];
|
|
422
512
|
/** Allowed OS versions, an empty list allows all types and all versions. */
|
|
423
|
-
osConstraints?:
|
|
513
|
+
osConstraints?:
|
|
514
|
+
GoogleIdentityAccesscontextmanagerV1OsConstraint[];
|
|
424
515
|
/** Whether the device needs to be approved by the customer admin. */
|
|
425
|
-
requireAdminApproval?:
|
|
516
|
+
requireAdminApproval?:
|
|
517
|
+
boolean;
|
|
426
518
|
/** Whether the device needs to be corp owned. */
|
|
427
|
-
requireCorpOwned?:
|
|
519
|
+
requireCorpOwned?:
|
|
520
|
+
boolean;
|
|
428
521
|
/** Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`. */
|
|
429
|
-
requireScreenlock?:
|
|
522
|
+
requireScreenlock?:
|
|
523
|
+
boolean;
|
|
430
524
|
}
|
|
431
525
|
interface GoogleIdentityAccesscontextmanagerV1EgressFrom {
|
|
432
526
|
/**
|
|
433
527
|
* A list of identities that are allowed access through this [EgressPolicy]. Should be in the format of email address. The email address should represent individual user or service
|
|
434
528
|
* account only.
|
|
435
529
|
*/
|
|
436
|
-
identities?:
|
|
530
|
+
identities?:
|
|
531
|
+
string[];
|
|
437
532
|
/** Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. */
|
|
438
|
-
identityType?:
|
|
533
|
+
identityType?:
|
|
534
|
+
string;
|
|
439
535
|
}
|
|
440
536
|
interface GoogleIdentityAccesscontextmanagerV1EgressPolicy {
|
|
441
537
|
/** Defines conditions on the source of a request causing this EgressPolicy to apply. */
|
|
442
|
-
egressFrom?:
|
|
538
|
+
egressFrom?:
|
|
539
|
+
GoogleIdentityAccesscontextmanagerV1EgressFrom;
|
|
443
540
|
/** Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply. */
|
|
444
|
-
egressTo?:
|
|
541
|
+
egressTo?:
|
|
542
|
+
GoogleIdentityAccesscontextmanagerV1EgressTo;
|
|
445
543
|
}
|
|
446
544
|
interface GoogleIdentityAccesscontextmanagerV1EgressTo {
|
|
447
545
|
/**
|
|
@@ -449,31 +547,39 @@ declare namespace gapi.client {
|
|
|
449
547
|
* the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path).
|
|
450
548
|
* Currently '*' is not allowed.
|
|
451
549
|
*/
|
|
452
|
-
externalResources?:
|
|
550
|
+
externalResources?:
|
|
551
|
+
string[];
|
|
453
552
|
/** A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list. */
|
|
454
|
-
operations?:
|
|
553
|
+
operations?:
|
|
554
|
+
GoogleIdentityAccesscontextmanagerV1ApiOperation[];
|
|
455
555
|
/**
|
|
456
556
|
* A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it
|
|
457
557
|
* contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.
|
|
458
558
|
*/
|
|
459
|
-
resources?:
|
|
559
|
+
resources?:
|
|
560
|
+
string[];
|
|
460
561
|
}
|
|
461
562
|
interface GoogleIdentityAccesscontextmanagerV1IngressFrom {
|
|
462
563
|
/**
|
|
463
564
|
* A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service
|
|
464
565
|
* account only.
|
|
465
566
|
*/
|
|
466
|
-
identities?:
|
|
567
|
+
identities?:
|
|
568
|
+
string[];
|
|
467
569
|
/** Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access. */
|
|
468
|
-
identityType?:
|
|
570
|
+
identityType?:
|
|
571
|
+
string;
|
|
469
572
|
/** Sources that this IngressPolicy authorizes access from. */
|
|
470
|
-
sources?:
|
|
573
|
+
sources?:
|
|
574
|
+
GoogleIdentityAccesscontextmanagerV1IngressSource[];
|
|
471
575
|
}
|
|
472
576
|
interface GoogleIdentityAccesscontextmanagerV1IngressPolicy {
|
|
473
577
|
/** Defines the conditions on the source of a request causing this IngressPolicy to apply. */
|
|
474
|
-
ingressFrom?:
|
|
578
|
+
ingressFrom?:
|
|
579
|
+
GoogleIdentityAccesscontextmanagerV1IngressFrom;
|
|
475
580
|
/** Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply. */
|
|
476
|
-
ingressTo?:
|
|
581
|
+
ingressTo?:
|
|
582
|
+
GoogleIdentityAccesscontextmanagerV1IngressTo;
|
|
477
583
|
}
|
|
478
584
|
interface GoogleIdentityAccesscontextmanagerV1IngressSource {
|
|
479
585
|
/**
|
|
@@ -482,72 +588,88 @@ declare namespace gapi.client {
|
|
|
482
588
|
* calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources
|
|
483
589
|
* will be allowed.
|
|
484
590
|
*/
|
|
485
|
-
accessLevel?:
|
|
591
|
+
accessLevel?:
|
|
592
|
+
string;
|
|
486
593
|
/**
|
|
487
594
|
* A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are
|
|
488
595
|
* allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google
|
|
489
596
|
* Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported.
|
|
490
597
|
*/
|
|
491
|
-
resource?:
|
|
598
|
+
resource?:
|
|
599
|
+
string;
|
|
492
600
|
}
|
|
493
601
|
interface GoogleIdentityAccesscontextmanagerV1IngressTo {
|
|
494
602
|
/** A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter. */
|
|
495
|
-
operations?:
|
|
603
|
+
operations?:
|
|
604
|
+
GoogleIdentityAccesscontextmanagerV1ApiOperation[];
|
|
496
605
|
/**
|
|
497
606
|
* A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding
|
|
498
607
|
* IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.
|
|
499
608
|
*/
|
|
500
|
-
resources?:
|
|
609
|
+
resources?:
|
|
610
|
+
string[];
|
|
501
611
|
}
|
|
502
612
|
interface GoogleIdentityAccesscontextmanagerV1MethodSelector {
|
|
503
613
|
/**
|
|
504
614
|
* Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are
|
|
505
615
|
* allowed.
|
|
506
616
|
*/
|
|
507
|
-
method?:
|
|
617
|
+
method?:
|
|
618
|
+
string;
|
|
508
619
|
/** Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation. */
|
|
509
|
-
permission?:
|
|
620
|
+
permission?:
|
|
621
|
+
string;
|
|
510
622
|
}
|
|
511
623
|
interface GoogleIdentityAccesscontextmanagerV1OsConstraint {
|
|
512
624
|
/** The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `"major.minor.patch"`. Examples: `"10.5.301"`, `"9.2.1"`. */
|
|
513
|
-
minimumVersion?:
|
|
625
|
+
minimumVersion?:
|
|
626
|
+
string;
|
|
514
627
|
/** Required. The allowed OS type. */
|
|
515
|
-
osType?:
|
|
628
|
+
osType?:
|
|
629
|
+
string;
|
|
516
630
|
/**
|
|
517
631
|
* Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller
|
|
518
632
|
* has permission to call the API targeted by the request.
|
|
519
633
|
*/
|
|
520
|
-
requireVerifiedChromeOs?:
|
|
634
|
+
requireVerifiedChromeOs?:
|
|
635
|
+
boolean;
|
|
521
636
|
}
|
|
522
637
|
interface GoogleIdentityAccesscontextmanagerV1ServicePerimeter {
|
|
523
638
|
/** Description of the `ServicePerimeter` and its use. Does not affect behavior. */
|
|
524
|
-
description?:
|
|
639
|
+
description?:
|
|
640
|
+
string;
|
|
525
641
|
/**
|
|
526
642
|
* Resource name for the `ServicePerimeter`. Format: `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The `service_perimeter` component must begin with a letter,
|
|
527
643
|
* followed by alphanumeric characters or `_`. After you create a `ServicePerimeter`, you cannot change its `name`.
|
|
528
644
|
*/
|
|
529
|
-
name?:
|
|
645
|
+
name?:
|
|
646
|
+
string;
|
|
530
647
|
/**
|
|
531
648
|
* Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a
|
|
532
649
|
* included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.
|
|
533
650
|
*/
|
|
534
|
-
perimeterType?:
|
|
651
|
+
perimeterType?:
|
|
652
|
+
string;
|
|
535
653
|
/**
|
|
536
654
|
* Proposed (or dry run) ServicePerimeter configuration. This configuration allows to specify and test ServicePerimeter configuration without enforcing actual access restrictions. Only
|
|
537
655
|
* allowed to be set when the "use_explicit_dry_run_spec" flag is set.
|
|
538
656
|
*/
|
|
539
|
-
spec?:
|
|
657
|
+
spec?:
|
|
658
|
+
GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig;
|
|
540
659
|
/** Current ServicePerimeter configuration. Specifies sets of resources, restricted services and access levels that determine perimeter content and boundaries. */
|
|
541
|
-
status?:
|
|
660
|
+
status?:
|
|
661
|
+
GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig;
|
|
542
662
|
/** Human readable title. Must be unique within the Policy. */
|
|
543
|
-
title?:
|
|
663
|
+
title?:
|
|
664
|
+
string;
|
|
544
665
|
/**
|
|
545
666
|
* Use explicit dry run spec flag. Ordinarily, a dry-run spec implicitly exists for all Service Perimeters, and that spec is identical to the status for those Service Perimeters. When
|
|
546
667
|
* this flag is set, it inhibits the generation of the implicit spec, thereby allowing the user to explicitly provide a configuration ("spec") to use in a dry-run version of the
|
|
547
668
|
* Service Perimeter. This allows the user to test changes to the enforced config ("status") without actually enforcing them. This testing is done through analyzing the differences
|
|
548
669
|
* between currently enforced and suggested restrictions. use_explicit_dry_run_spec must bet set to True if any of the fields in the spec are set to non-default values.
|
|
549
670
|
*/
|
|
550
|
-
useExplicitDryRunSpec?:
|
|
671
|
+
useExplicitDryRunSpec?:
|
|
672
|
+
boolean;
|
|
551
673
|
}
|
|
552
674
|
interface GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig {
|
|
553
675
|
/**
|
|
@@ -555,75 +677,91 @@ declare namespace gapi.client {
|
|
|
555
677
|
* `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google
|
|
556
678
|
* Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
|
|
557
679
|
*/
|
|
558
|
-
accessLevels?:
|
|
680
|
+
accessLevels?:
|
|
681
|
+
string[];
|
|
559
682
|
/**
|
|
560
683
|
* List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants
|
|
561
684
|
* it. Must be empty for a perimeter bridge.
|
|
562
685
|
*/
|
|
563
|
-
egressPolicies?:
|
|
686
|
+
egressPolicies?:
|
|
687
|
+
GoogleIdentityAccesscontextmanagerV1EgressPolicy[];
|
|
564
688
|
/**
|
|
565
689
|
* List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy
|
|
566
690
|
* grants it. Must be empty for a perimeter bridge.
|
|
567
691
|
*/
|
|
568
|
-
ingressPolicies?:
|
|
692
|
+
ingressPolicies?:
|
|
693
|
+
GoogleIdentityAccesscontextmanagerV1IngressPolicy[];
|
|
569
694
|
/**
|
|
570
695
|
* A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network
|
|
571
696
|
* format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`.
|
|
572
697
|
*/
|
|
573
|
-
resources?:
|
|
698
|
+
resources?:
|
|
699
|
+
string[];
|
|
574
700
|
/**
|
|
575
701
|
* Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the
|
|
576
702
|
* perimeter must meet the perimeter's access restrictions.
|
|
577
703
|
*/
|
|
578
|
-
restrictedServices?:
|
|
704
|
+
restrictedServices?:
|
|
705
|
+
string[];
|
|
579
706
|
/** Configuration for APIs allowed within Perimeter. */
|
|
580
|
-
vpcAccessibleServices?:
|
|
707
|
+
vpcAccessibleServices?:
|
|
708
|
+
GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices;
|
|
581
709
|
}
|
|
582
710
|
interface GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices {
|
|
583
711
|
/**
|
|
584
712
|
* The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the
|
|
585
713
|
* 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
|
|
586
714
|
*/
|
|
587
|
-
allowedServices?:
|
|
715
|
+
allowedServices?:
|
|
716
|
+
string[];
|
|
588
717
|
/** Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'. */
|
|
589
|
-
enableRestriction?:
|
|
718
|
+
enableRestriction?:
|
|
719
|
+
boolean;
|
|
590
720
|
}
|
|
591
721
|
interface Operation {
|
|
592
722
|
/** If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available. */
|
|
593
|
-
done?:
|
|
723
|
+
done?:
|
|
724
|
+
boolean;
|
|
594
725
|
/** The error result of the operation in case of failure or cancellation. */
|
|
595
|
-
error?:
|
|
726
|
+
error?:
|
|
727
|
+
Status;
|
|
596
728
|
/**
|
|
597
729
|
* Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such
|
|
598
730
|
* metadata. Any method that returns a long-running operation should document the metadata type, if any.
|
|
599
731
|
*/
|
|
600
|
-
metadata?:
|
|
732
|
+
metadata?:
|
|
733
|
+
{ [P in string]: any };
|
|
601
734
|
/**
|
|
602
735
|
* The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending
|
|
603
736
|
* with `operations/{unique_id}`.
|
|
604
737
|
*/
|
|
605
|
-
name?:
|
|
738
|
+
name?:
|
|
739
|
+
string;
|
|
606
740
|
/**
|
|
607
741
|
* The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the
|
|
608
742
|
* original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the
|
|
609
743
|
* original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
|
|
610
744
|
*/
|
|
611
|
-
response?:
|
|
745
|
+
response?:
|
|
746
|
+
{ [P in string]: any };
|
|
612
747
|
}
|
|
613
748
|
interface OutputConfig {
|
|
614
749
|
/** Destination on Cloud Storage. */
|
|
615
|
-
gcsDestination?:
|
|
750
|
+
gcsDestination?:
|
|
751
|
+
GcsDestination;
|
|
616
752
|
}
|
|
617
753
|
interface Policy {
|
|
618
754
|
/** Specifies cloud audit logging configuration for this policy. */
|
|
619
|
-
auditConfigs?:
|
|
755
|
+
auditConfigs?:
|
|
756
|
+
AuditConfig[];
|
|
620
757
|
/**
|
|
621
758
|
* Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings`
|
|
622
759
|
* must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a
|
|
623
760
|
* principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another
|
|
624
761
|
* 1,450 principals to the `bindings` in the `Policy`.
|
|
625
762
|
*/
|
|
626
|
-
bindings?:
|
|
763
|
+
bindings?:
|
|
764
|
+
Binding[];
|
|
627
765
|
/**
|
|
628
766
|
* `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make
|
|
629
767
|
* use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems
|
|
@@ -631,7 +769,8 @@ declare namespace gapi.client {
|
|
|
631
769
|
* Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1`
|
|
632
770
|
* policy, and all of the conditions in the version `3` policy are lost.
|
|
633
771
|
*/
|
|
634
|
-
etag?:
|
|
772
|
+
etag?:
|
|
773
|
+
string;
|
|
635
774
|
/**
|
|
636
775
|
* Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings
|
|
637
776
|
* must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a
|
|
@@ -640,87 +779,114 @@ declare namespace gapi.client {
|
|
|
640
779
|
* policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave
|
|
641
780
|
* the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
|
642
781
|
*/
|
|
643
|
-
version?:
|
|
782
|
+
version?:
|
|
783
|
+
number;
|
|
644
784
|
}
|
|
645
785
|
interface Resource {
|
|
646
786
|
/** The content of the resource, in which some sensitive fields are removed and may not be present. */
|
|
647
|
-
data?:
|
|
787
|
+
data?:
|
|
788
|
+
{ [P in string]: any };
|
|
648
789
|
/**
|
|
649
790
|
* The URL of the discovery document containing the resource's JSON schema. Example: `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This value is unspecified for
|
|
650
791
|
* resources that do not have an API based on a discovery document, such as Cloud Bigtable.
|
|
651
792
|
*/
|
|
652
|
-
discoveryDocumentUri?:
|
|
793
|
+
discoveryDocumentUri?:
|
|
794
|
+
string;
|
|
653
795
|
/**
|
|
654
796
|
* The JSON schema name listed in the discovery document. Example: `Project` This value is unspecified for resources that do not have an API based on a discovery document, such as
|
|
655
797
|
* Cloud Bigtable.
|
|
656
798
|
*/
|
|
657
|
-
discoveryName?:
|
|
799
|
+
discoveryName?:
|
|
800
|
+
string;
|
|
658
801
|
/**
|
|
659
802
|
* The full name of the immediate parent of this resource. See [Resource Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more information. For Google
|
|
660
803
|
* Cloud assets, this value is the parent resource defined in the [IAM policy hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). Example:
|
|
661
804
|
* `//cloudresourcemanager.googleapis.com/projects/my_project_123` For third-party assets, this field may be set differently.
|
|
662
805
|
*/
|
|
663
|
-
parent?:
|
|
806
|
+
parent?:
|
|
807
|
+
string;
|
|
664
808
|
/**
|
|
665
809
|
* The REST URL for accessing the resource. An HTTP `GET` request using this URL returns the resource itself. Example:
|
|
666
810
|
* `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` This value is unspecified for resources without a REST API.
|
|
667
811
|
*/
|
|
668
|
-
resourceUrl?:
|
|
812
|
+
resourceUrl?:
|
|
813
|
+
string;
|
|
669
814
|
/** The API version. Example: `v1` */
|
|
670
|
-
version?:
|
|
815
|
+
version?:
|
|
816
|
+
string;
|
|
671
817
|
}
|
|
672
818
|
interface Status {
|
|
673
819
|
/** The status code, which should be an enum value of google.rpc.Code. */
|
|
674
|
-
code?:
|
|
820
|
+
code?:
|
|
821
|
+
number;
|
|
675
822
|
/** A list of messages that carry the error details. There is a common set of message types for APIs to use. */
|
|
676
|
-
details?:
|
|
823
|
+
details?:
|
|
824
|
+
Array<{ [P in string]: any }>;
|
|
677
825
|
/**
|
|
678
826
|
* A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the
|
|
679
827
|
* client.
|
|
680
828
|
*/
|
|
681
|
-
message?:
|
|
829
|
+
message?:
|
|
830
|
+
string;
|
|
682
831
|
}
|
|
683
832
|
interface TemporalAsset {
|
|
684
833
|
/** An asset in Google Cloud. */
|
|
685
|
-
asset?:
|
|
834
|
+
asset?:
|
|
835
|
+
Asset;
|
|
686
836
|
/** Whether the asset has been deleted or not. */
|
|
687
|
-
deleted?:
|
|
837
|
+
deleted?:
|
|
838
|
+
boolean;
|
|
688
839
|
/** The time window when the asset data and state was observed. */
|
|
689
|
-
window?:
|
|
840
|
+
window?:
|
|
841
|
+
TimeWindow;
|
|
690
842
|
}
|
|
691
843
|
interface TimeWindow {
|
|
692
844
|
/** End time of the time window (inclusive). If not specified, the current timestamp is used instead. */
|
|
693
|
-
endTime?:
|
|
845
|
+
endTime?:
|
|
846
|
+
string;
|
|
694
847
|
/** Start time of the time window (exclusive). */
|
|
695
|
-
startTime?:
|
|
848
|
+
startTime?:
|
|
849
|
+
string;
|
|
696
850
|
}
|
|
697
851
|
interface OperationsResource {
|
|
698
852
|
/** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
|
|
699
853
|
get(request?: {
|
|
700
854
|
/** V1 error format. */
|
|
701
|
-
"$.xgafv"?:
|
|
855
|
+
"$.xgafv"?:
|
|
856
|
+
string;
|
|
702
857
|
/** OAuth access token. */
|
|
703
|
-
access_token?:
|
|
858
|
+
access_token?:
|
|
859
|
+
string;
|
|
704
860
|
/** Data format for response. */
|
|
705
|
-
alt?:
|
|
861
|
+
alt?:
|
|
862
|
+
string;
|
|
706
863
|
/** JSONP */
|
|
707
|
-
callback?:
|
|
864
|
+
callback?:
|
|
865
|
+
string;
|
|
708
866
|
/** Selector specifying which fields to include in a partial response. */
|
|
709
|
-
fields?:
|
|
867
|
+
fields?:
|
|
868
|
+
string;
|
|
710
869
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
711
|
-
key?:
|
|
870
|
+
key?:
|
|
871
|
+
string;
|
|
712
872
|
/** The name of the operation resource. */
|
|
713
|
-
name:
|
|
873
|
+
name:
|
|
874
|
+
string;
|
|
714
875
|
/** OAuth 2.0 token for the current user. */
|
|
715
|
-
oauth_token?:
|
|
876
|
+
oauth_token?:
|
|
877
|
+
string;
|
|
716
878
|
/** Returns response with indentations and line breaks. */
|
|
717
|
-
prettyPrint?:
|
|
879
|
+
prettyPrint?:
|
|
880
|
+
boolean;
|
|
718
881
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
719
|
-
quotaUser?:
|
|
882
|
+
quotaUser?:
|
|
883
|
+
string;
|
|
720
884
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
721
|
-
upload_protocol?:
|
|
885
|
+
upload_protocol?:
|
|
886
|
+
string;
|
|
722
887
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
723
|
-
uploadType?:
|
|
888
|
+
uploadType?:
|
|
889
|
+
string;
|
|
724
890
|
}): Request<Operation>;
|
|
725
891
|
}
|
|
726
892
|
interface FoldersResource {
|
|
@@ -731,94 +897,132 @@ declare namespace gapi.client {
|
|
|
731
897
|
*/
|
|
732
898
|
exportAssets(request: {
|
|
733
899
|
/** V1 error format. */
|
|
734
|
-
"$.xgafv"?:
|
|
900
|
+
"$.xgafv"?:
|
|
901
|
+
string;
|
|
735
902
|
/** OAuth access token. */
|
|
736
|
-
access_token?:
|
|
903
|
+
access_token?:
|
|
904
|
+
string;
|
|
737
905
|
/** Data format for response. */
|
|
738
|
-
alt?:
|
|
906
|
+
alt?:
|
|
907
|
+
string;
|
|
739
908
|
/** JSONP */
|
|
740
|
-
callback?:
|
|
909
|
+
callback?:
|
|
910
|
+
string;
|
|
741
911
|
/** Selector specifying which fields to include in a partial response. */
|
|
742
|
-
fields?:
|
|
912
|
+
fields?:
|
|
913
|
+
string;
|
|
743
914
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
744
|
-
key?:
|
|
915
|
+
key?:
|
|
916
|
+
string;
|
|
745
917
|
/** OAuth 2.0 token for the current user. */
|
|
746
|
-
oauth_token?:
|
|
918
|
+
oauth_token?:
|
|
919
|
+
string;
|
|
747
920
|
/**
|
|
748
921
|
* Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), a project
|
|
749
922
|
* number (such as "projects/12345"), or a folder number (such as "folders/123").
|
|
750
923
|
*/
|
|
751
|
-
parent:
|
|
924
|
+
parent:
|
|
925
|
+
string;
|
|
752
926
|
/** Returns response with indentations and line breaks. */
|
|
753
|
-
prettyPrint?:
|
|
927
|
+
prettyPrint?:
|
|
928
|
+
boolean;
|
|
754
929
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
755
|
-
quotaUser?:
|
|
930
|
+
quotaUser?:
|
|
931
|
+
string;
|
|
756
932
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
757
|
-
upload_protocol?:
|
|
933
|
+
upload_protocol?:
|
|
934
|
+
string;
|
|
758
935
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
759
|
-
uploadType?:
|
|
936
|
+
uploadType?:
|
|
937
|
+
string;
|
|
760
938
|
/** Request body */
|
|
761
|
-
resource:
|
|
939
|
+
resource:
|
|
940
|
+
ExportAssetsRequest;
|
|
762
941
|
}): Request<Operation>;
|
|
763
942
|
exportAssets(request: {
|
|
764
943
|
/** V1 error format. */
|
|
765
|
-
"$.xgafv"?:
|
|
944
|
+
"$.xgafv"?:
|
|
945
|
+
string;
|
|
766
946
|
/** OAuth access token. */
|
|
767
|
-
access_token?:
|
|
947
|
+
access_token?:
|
|
948
|
+
string;
|
|
768
949
|
/** Data format for response. */
|
|
769
|
-
alt?:
|
|
950
|
+
alt?:
|
|
951
|
+
string;
|
|
770
952
|
/** JSONP */
|
|
771
|
-
callback?:
|
|
953
|
+
callback?:
|
|
954
|
+
string;
|
|
772
955
|
/** Selector specifying which fields to include in a partial response. */
|
|
773
|
-
fields?:
|
|
956
|
+
fields?:
|
|
957
|
+
string;
|
|
774
958
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
775
|
-
key?:
|
|
959
|
+
key?:
|
|
960
|
+
string;
|
|
776
961
|
/** OAuth 2.0 token for the current user. */
|
|
777
|
-
oauth_token?:
|
|
962
|
+
oauth_token?:
|
|
963
|
+
string;
|
|
778
964
|
/**
|
|
779
965
|
* Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), a project
|
|
780
966
|
* number (such as "projects/12345"), or a folder number (such as "folders/123").
|
|
781
967
|
*/
|
|
782
|
-
parent:
|
|
968
|
+
parent:
|
|
969
|
+
string;
|
|
783
970
|
/** Returns response with indentations and line breaks. */
|
|
784
|
-
prettyPrint?:
|
|
971
|
+
prettyPrint?:
|
|
972
|
+
boolean;
|
|
785
973
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
786
|
-
quotaUser?:
|
|
974
|
+
quotaUser?:
|
|
975
|
+
string;
|
|
787
976
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
788
|
-
upload_protocol?:
|
|
977
|
+
upload_protocol?:
|
|
978
|
+
string;
|
|
789
979
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
790
|
-
uploadType?:
|
|
980
|
+
uploadType?:
|
|
981
|
+
string;
|
|
791
982
|
},
|
|
792
983
|
body: ExportAssetsRequest): Request<Operation>;
|
|
793
|
-
operations:
|
|
984
|
+
operations:
|
|
985
|
+
OperationsResource;
|
|
794
986
|
}
|
|
795
987
|
interface OperationsResource {
|
|
796
988
|
/** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
|
|
797
989
|
get(request?: {
|
|
798
990
|
/** V1 error format. */
|
|
799
|
-
"$.xgafv"?:
|
|
991
|
+
"$.xgafv"?:
|
|
992
|
+
string;
|
|
800
993
|
/** OAuth access token. */
|
|
801
|
-
access_token?:
|
|
994
|
+
access_token?:
|
|
995
|
+
string;
|
|
802
996
|
/** Data format for response. */
|
|
803
|
-
alt?:
|
|
997
|
+
alt?:
|
|
998
|
+
string;
|
|
804
999
|
/** JSONP */
|
|
805
|
-
callback?:
|
|
1000
|
+
callback?:
|
|
1001
|
+
string;
|
|
806
1002
|
/** Selector specifying which fields to include in a partial response. */
|
|
807
|
-
fields?:
|
|
1003
|
+
fields?:
|
|
1004
|
+
string;
|
|
808
1005
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
809
|
-
key?:
|
|
1006
|
+
key?:
|
|
1007
|
+
string;
|
|
810
1008
|
/** The name of the operation resource. */
|
|
811
|
-
name:
|
|
1009
|
+
name:
|
|
1010
|
+
string;
|
|
812
1011
|
/** OAuth 2.0 token for the current user. */
|
|
813
|
-
oauth_token?:
|
|
1012
|
+
oauth_token?:
|
|
1013
|
+
string;
|
|
814
1014
|
/** Returns response with indentations and line breaks. */
|
|
815
|
-
prettyPrint?:
|
|
1015
|
+
prettyPrint?:
|
|
1016
|
+
boolean;
|
|
816
1017
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
817
|
-
quotaUser?:
|
|
1018
|
+
quotaUser?:
|
|
1019
|
+
string;
|
|
818
1020
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
819
|
-
upload_protocol?:
|
|
1021
|
+
upload_protocol?:
|
|
1022
|
+
string;
|
|
820
1023
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
821
|
-
uploadType?:
|
|
1024
|
+
uploadType?:
|
|
1025
|
+
string;
|
|
822
1026
|
}): Request<Operation>;
|
|
823
1027
|
}
|
|
824
1028
|
interface OrganizationsResource {
|
|
@@ -829,44 +1033,60 @@ declare namespace gapi.client {
|
|
|
829
1033
|
*/
|
|
830
1034
|
batchGetAssetsHistory(request?: {
|
|
831
1035
|
/** V1 error format. */
|
|
832
|
-
"$.xgafv"?:
|
|
1036
|
+
"$.xgafv"?:
|
|
1037
|
+
string;
|
|
833
1038
|
/** OAuth access token. */
|
|
834
|
-
access_token?:
|
|
1039
|
+
access_token?:
|
|
1040
|
+
string;
|
|
835
1041
|
/** Data format for response. */
|
|
836
|
-
alt?:
|
|
1042
|
+
alt?:
|
|
1043
|
+
string;
|
|
837
1044
|
/**
|
|
838
1045
|
* A list of the full names of the assets. For example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. See [Resource
|
|
839
1046
|
* Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more info. The request becomes a no-op if the asset name list is empty, and the max size of
|
|
840
1047
|
* the asset name list is 100 in one request.
|
|
841
1048
|
*/
|
|
842
|
-
assetNames?:
|
|
1049
|
+
assetNames?:
|
|
1050
|
+
string | string[];
|
|
843
1051
|
/** JSONP */
|
|
844
|
-
callback?:
|
|
1052
|
+
callback?:
|
|
1053
|
+
string;
|
|
845
1054
|
/** Optional. The content type. */
|
|
846
|
-
contentType?:
|
|
1055
|
+
contentType?:
|
|
1056
|
+
string;
|
|
847
1057
|
/** Selector specifying which fields to include in a partial response. */
|
|
848
|
-
fields?:
|
|
1058
|
+
fields?:
|
|
1059
|
+
string;
|
|
849
1060
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
850
|
-
key?:
|
|
1061
|
+
key?:
|
|
1062
|
+
string;
|
|
851
1063
|
/** OAuth 2.0 token for the current user. */
|
|
852
|
-
oauth_token?:
|
|
1064
|
+
oauth_token?:
|
|
1065
|
+
string;
|
|
853
1066
|
/**
|
|
854
1067
|
* Required. The relative name of the root asset. It can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id")", or a
|
|
855
1068
|
* project number (such as "projects/12345").
|
|
856
1069
|
*/
|
|
857
|
-
parent:
|
|
1070
|
+
parent:
|
|
1071
|
+
string;
|
|
858
1072
|
/** Returns response with indentations and line breaks. */
|
|
859
|
-
prettyPrint?:
|
|
1073
|
+
prettyPrint?:
|
|
1074
|
+
boolean;
|
|
860
1075
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
861
|
-
quotaUser?:
|
|
1076
|
+
quotaUser?:
|
|
1077
|
+
string;
|
|
862
1078
|
/** End time of the time window (inclusive). If not specified, the current timestamp is used instead. */
|
|
863
|
-
"readTimeWindow.endTime"?:
|
|
1079
|
+
"readTimeWindow.endTime"?:
|
|
1080
|
+
string;
|
|
864
1081
|
/** Start time of the time window (exclusive). */
|
|
865
|
-
"readTimeWindow.startTime"?:
|
|
1082
|
+
"readTimeWindow.startTime"?:
|
|
1083
|
+
string;
|
|
866
1084
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
867
|
-
upload_protocol?:
|
|
1085
|
+
upload_protocol?:
|
|
1086
|
+
string;
|
|
868
1087
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
869
|
-
uploadType?:
|
|
1088
|
+
uploadType?:
|
|
1089
|
+
string;
|
|
870
1090
|
}): Request<BatchGetAssetsHistoryResponse>;
|
|
871
1091
|
/**
|
|
872
1092
|
* Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API
|
|
@@ -875,94 +1095,132 @@ declare namespace gapi.client {
|
|
|
875
1095
|
*/
|
|
876
1096
|
exportAssets(request: {
|
|
877
1097
|
/** V1 error format. */
|
|
878
|
-
"$.xgafv"?:
|
|
1098
|
+
"$.xgafv"?:
|
|
1099
|
+
string;
|
|
879
1100
|
/** OAuth access token. */
|
|
880
|
-
access_token?:
|
|
1101
|
+
access_token?:
|
|
1102
|
+
string;
|
|
881
1103
|
/** Data format for response. */
|
|
882
|
-
alt?:
|
|
1104
|
+
alt?:
|
|
1105
|
+
string;
|
|
883
1106
|
/** JSONP */
|
|
884
|
-
callback?:
|
|
1107
|
+
callback?:
|
|
1108
|
+
string;
|
|
885
1109
|
/** Selector specifying which fields to include in a partial response. */
|
|
886
|
-
fields?:
|
|
1110
|
+
fields?:
|
|
1111
|
+
string;
|
|
887
1112
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
888
|
-
key?:
|
|
1113
|
+
key?:
|
|
1114
|
+
string;
|
|
889
1115
|
/** OAuth 2.0 token for the current user. */
|
|
890
|
-
oauth_token?:
|
|
1116
|
+
oauth_token?:
|
|
1117
|
+
string;
|
|
891
1118
|
/**
|
|
892
1119
|
* Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), a project
|
|
893
1120
|
* number (such as "projects/12345"), or a folder number (such as "folders/123").
|
|
894
1121
|
*/
|
|
895
|
-
parent:
|
|
1122
|
+
parent:
|
|
1123
|
+
string;
|
|
896
1124
|
/** Returns response with indentations and line breaks. */
|
|
897
|
-
prettyPrint?:
|
|
1125
|
+
prettyPrint?:
|
|
1126
|
+
boolean;
|
|
898
1127
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
899
|
-
quotaUser?:
|
|
1128
|
+
quotaUser?:
|
|
1129
|
+
string;
|
|
900
1130
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
901
|
-
upload_protocol?:
|
|
1131
|
+
upload_protocol?:
|
|
1132
|
+
string;
|
|
902
1133
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
903
|
-
uploadType?:
|
|
1134
|
+
uploadType?:
|
|
1135
|
+
string;
|
|
904
1136
|
/** Request body */
|
|
905
|
-
resource:
|
|
1137
|
+
resource:
|
|
1138
|
+
ExportAssetsRequest;
|
|
906
1139
|
}): Request<Operation>;
|
|
907
1140
|
exportAssets(request: {
|
|
908
1141
|
/** V1 error format. */
|
|
909
|
-
"$.xgafv"?:
|
|
1142
|
+
"$.xgafv"?:
|
|
1143
|
+
string;
|
|
910
1144
|
/** OAuth access token. */
|
|
911
|
-
access_token?:
|
|
1145
|
+
access_token?:
|
|
1146
|
+
string;
|
|
912
1147
|
/** Data format for response. */
|
|
913
|
-
alt?:
|
|
1148
|
+
alt?:
|
|
1149
|
+
string;
|
|
914
1150
|
/** JSONP */
|
|
915
|
-
callback?:
|
|
1151
|
+
callback?:
|
|
1152
|
+
string;
|
|
916
1153
|
/** Selector specifying which fields to include in a partial response. */
|
|
917
|
-
fields?:
|
|
1154
|
+
fields?:
|
|
1155
|
+
string;
|
|
918
1156
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
919
|
-
key?:
|
|
1157
|
+
key?:
|
|
1158
|
+
string;
|
|
920
1159
|
/** OAuth 2.0 token for the current user. */
|
|
921
|
-
oauth_token?:
|
|
1160
|
+
oauth_token?:
|
|
1161
|
+
string;
|
|
922
1162
|
/**
|
|
923
1163
|
* Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), a project
|
|
924
1164
|
* number (such as "projects/12345"), or a folder number (such as "folders/123").
|
|
925
1165
|
*/
|
|
926
|
-
parent:
|
|
1166
|
+
parent:
|
|
1167
|
+
string;
|
|
927
1168
|
/** Returns response with indentations and line breaks. */
|
|
928
|
-
prettyPrint?:
|
|
1169
|
+
prettyPrint?:
|
|
1170
|
+
boolean;
|
|
929
1171
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
930
|
-
quotaUser?:
|
|
1172
|
+
quotaUser?:
|
|
1173
|
+
string;
|
|
931
1174
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
932
|
-
upload_protocol?:
|
|
1175
|
+
upload_protocol?:
|
|
1176
|
+
string;
|
|
933
1177
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
934
|
-
uploadType?:
|
|
1178
|
+
uploadType?:
|
|
1179
|
+
string;
|
|
935
1180
|
},
|
|
936
1181
|
body: ExportAssetsRequest): Request<Operation>;
|
|
937
|
-
operations:
|
|
1182
|
+
operations:
|
|
1183
|
+
OperationsResource;
|
|
938
1184
|
}
|
|
939
1185
|
interface OperationsResource {
|
|
940
1186
|
/** Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service. */
|
|
941
1187
|
get(request?: {
|
|
942
1188
|
/** V1 error format. */
|
|
943
|
-
"$.xgafv"?:
|
|
1189
|
+
"$.xgafv"?:
|
|
1190
|
+
string;
|
|
944
1191
|
/** OAuth access token. */
|
|
945
|
-
access_token?:
|
|
1192
|
+
access_token?:
|
|
1193
|
+
string;
|
|
946
1194
|
/** Data format for response. */
|
|
947
|
-
alt?:
|
|
1195
|
+
alt?:
|
|
1196
|
+
string;
|
|
948
1197
|
/** JSONP */
|
|
949
|
-
callback?:
|
|
1198
|
+
callback?:
|
|
1199
|
+
string;
|
|
950
1200
|
/** Selector specifying which fields to include in a partial response. */
|
|
951
|
-
fields?:
|
|
1201
|
+
fields?:
|
|
1202
|
+
string;
|
|
952
1203
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
953
|
-
key?:
|
|
1204
|
+
key?:
|
|
1205
|
+
string;
|
|
954
1206
|
/** The name of the operation resource. */
|
|
955
|
-
name:
|
|
1207
|
+
name:
|
|
1208
|
+
string;
|
|
956
1209
|
/** OAuth 2.0 token for the current user. */
|
|
957
|
-
oauth_token?:
|
|
1210
|
+
oauth_token?:
|
|
1211
|
+
string;
|
|
958
1212
|
/** Returns response with indentations and line breaks. */
|
|
959
|
-
prettyPrint?:
|
|
1213
|
+
prettyPrint?:
|
|
1214
|
+
boolean;
|
|
960
1215
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
961
|
-
quotaUser?:
|
|
1216
|
+
quotaUser?:
|
|
1217
|
+
string;
|
|
962
1218
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
963
|
-
upload_protocol?:
|
|
1219
|
+
upload_protocol?:
|
|
1220
|
+
string;
|
|
964
1221
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
965
|
-
uploadType?:
|
|
1222
|
+
uploadType?:
|
|
1223
|
+
string;
|
|
966
1224
|
}): Request<Operation>;
|
|
967
1225
|
}
|
|
968
1226
|
interface ProjectsResource {
|
|
@@ -973,44 +1231,60 @@ declare namespace gapi.client {
|
|
|
973
1231
|
*/
|
|
974
1232
|
batchGetAssetsHistory(request?: {
|
|
975
1233
|
/** V1 error format. */
|
|
976
|
-
"$.xgafv"?:
|
|
1234
|
+
"$.xgafv"?:
|
|
1235
|
+
string;
|
|
977
1236
|
/** OAuth access token. */
|
|
978
|
-
access_token?:
|
|
1237
|
+
access_token?:
|
|
1238
|
+
string;
|
|
979
1239
|
/** Data format for response. */
|
|
980
|
-
alt?:
|
|
1240
|
+
alt?:
|
|
1241
|
+
string;
|
|
981
1242
|
/**
|
|
982
1243
|
* A list of the full names of the assets. For example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. See [Resource
|
|
983
1244
|
* Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) for more info. The request becomes a no-op if the asset name list is empty, and the max size of
|
|
984
1245
|
* the asset name list is 100 in one request.
|
|
985
1246
|
*/
|
|
986
|
-
assetNames?:
|
|
1247
|
+
assetNames?:
|
|
1248
|
+
string | string[];
|
|
987
1249
|
/** JSONP */
|
|
988
|
-
callback?:
|
|
1250
|
+
callback?:
|
|
1251
|
+
string;
|
|
989
1252
|
/** Optional. The content type. */
|
|
990
|
-
contentType?:
|
|
1253
|
+
contentType?:
|
|
1254
|
+
string;
|
|
991
1255
|
/** Selector specifying which fields to include in a partial response. */
|
|
992
|
-
fields?:
|
|
1256
|
+
fields?:
|
|
1257
|
+
string;
|
|
993
1258
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
994
|
-
key?:
|
|
1259
|
+
key?:
|
|
1260
|
+
string;
|
|
995
1261
|
/** OAuth 2.0 token for the current user. */
|
|
996
|
-
oauth_token?:
|
|
1262
|
+
oauth_token?:
|
|
1263
|
+
string;
|
|
997
1264
|
/**
|
|
998
1265
|
* Required. The relative name of the root asset. It can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id")", or a
|
|
999
1266
|
* project number (such as "projects/12345").
|
|
1000
1267
|
*/
|
|
1001
|
-
parent:
|
|
1268
|
+
parent:
|
|
1269
|
+
string;
|
|
1002
1270
|
/** Returns response with indentations and line breaks. */
|
|
1003
|
-
prettyPrint?:
|
|
1271
|
+
prettyPrint?:
|
|
1272
|
+
boolean;
|
|
1004
1273
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
1005
|
-
quotaUser?:
|
|
1274
|
+
quotaUser?:
|
|
1275
|
+
string;
|
|
1006
1276
|
/** End time of the time window (inclusive). If not specified, the current timestamp is used instead. */
|
|
1007
|
-
"readTimeWindow.endTime"?:
|
|
1277
|
+
"readTimeWindow.endTime"?:
|
|
1278
|
+
string;
|
|
1008
1279
|
/** Start time of the time window (exclusive). */
|
|
1009
|
-
"readTimeWindow.startTime"?:
|
|
1280
|
+
"readTimeWindow.startTime"?:
|
|
1281
|
+
string;
|
|
1010
1282
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
1011
|
-
upload_protocol?:
|
|
1283
|
+
upload_protocol?:
|
|
1284
|
+
string;
|
|
1012
1285
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
1013
|
-
uploadType?:
|
|
1286
|
+
uploadType?:
|
|
1287
|
+
string;
|
|
1014
1288
|
}): Request<BatchGetAssetsHistoryResponse>;
|
|
1015
1289
|
/**
|
|
1016
1290
|
* Exports assets with time and resource types to a given Cloud Storage location. The output format is newline-delimited JSON. This API implements the google.longrunning.Operation API
|
|
@@ -1019,66 +1293,92 @@ declare namespace gapi.client {
|
|
|
1019
1293
|
*/
|
|
1020
1294
|
exportAssets(request: {
|
|
1021
1295
|
/** V1 error format. */
|
|
1022
|
-
"$.xgafv"?:
|
|
1296
|
+
"$.xgafv"?:
|
|
1297
|
+
string;
|
|
1023
1298
|
/** OAuth access token. */
|
|
1024
|
-
access_token?:
|
|
1299
|
+
access_token?:
|
|
1300
|
+
string;
|
|
1025
1301
|
/** Data format for response. */
|
|
1026
|
-
alt?:
|
|
1302
|
+
alt?:
|
|
1303
|
+
string;
|
|
1027
1304
|
/** JSONP */
|
|
1028
|
-
callback?:
|
|
1305
|
+
callback?:
|
|
1306
|
+
string;
|
|
1029
1307
|
/** Selector specifying which fields to include in a partial response. */
|
|
1030
|
-
fields?:
|
|
1308
|
+
fields?:
|
|
1309
|
+
string;
|
|
1031
1310
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
1032
|
-
key?:
|
|
1311
|
+
key?:
|
|
1312
|
+
string;
|
|
1033
1313
|
/** OAuth 2.0 token for the current user. */
|
|
1034
|
-
oauth_token?:
|
|
1314
|
+
oauth_token?:
|
|
1315
|
+
string;
|
|
1035
1316
|
/**
|
|
1036
1317
|
* Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), a project
|
|
1037
1318
|
* number (such as "projects/12345"), or a folder number (such as "folders/123").
|
|
1038
1319
|
*/
|
|
1039
|
-
parent:
|
|
1320
|
+
parent:
|
|
1321
|
+
string;
|
|
1040
1322
|
/** Returns response with indentations and line breaks. */
|
|
1041
|
-
prettyPrint?:
|
|
1323
|
+
prettyPrint?:
|
|
1324
|
+
boolean;
|
|
1042
1325
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
1043
|
-
quotaUser?:
|
|
1326
|
+
quotaUser?:
|
|
1327
|
+
string;
|
|
1044
1328
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
1045
|
-
upload_protocol?:
|
|
1329
|
+
upload_protocol?:
|
|
1330
|
+
string;
|
|
1046
1331
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
1047
|
-
uploadType?:
|
|
1332
|
+
uploadType?:
|
|
1333
|
+
string;
|
|
1048
1334
|
/** Request body */
|
|
1049
|
-
resource:
|
|
1335
|
+
resource:
|
|
1336
|
+
ExportAssetsRequest;
|
|
1050
1337
|
}): Request<Operation>;
|
|
1051
1338
|
exportAssets(request: {
|
|
1052
1339
|
/** V1 error format. */
|
|
1053
|
-
"$.xgafv"?:
|
|
1340
|
+
"$.xgafv"?:
|
|
1341
|
+
string;
|
|
1054
1342
|
/** OAuth access token. */
|
|
1055
|
-
access_token?:
|
|
1343
|
+
access_token?:
|
|
1344
|
+
string;
|
|
1056
1345
|
/** Data format for response. */
|
|
1057
|
-
alt?:
|
|
1346
|
+
alt?:
|
|
1347
|
+
string;
|
|
1058
1348
|
/** JSONP */
|
|
1059
|
-
callback?:
|
|
1349
|
+
callback?:
|
|
1350
|
+
string;
|
|
1060
1351
|
/** Selector specifying which fields to include in a partial response. */
|
|
1061
|
-
fields?:
|
|
1352
|
+
fields?:
|
|
1353
|
+
string;
|
|
1062
1354
|
/** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
|
|
1063
|
-
key?:
|
|
1355
|
+
key?:
|
|
1356
|
+
string;
|
|
1064
1357
|
/** OAuth 2.0 token for the current user. */
|
|
1065
|
-
oauth_token?:
|
|
1358
|
+
oauth_token?:
|
|
1359
|
+
string;
|
|
1066
1360
|
/**
|
|
1067
1361
|
* Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), a project
|
|
1068
1362
|
* number (such as "projects/12345"), or a folder number (such as "folders/123").
|
|
1069
1363
|
*/
|
|
1070
|
-
parent:
|
|
1364
|
+
parent:
|
|
1365
|
+
string;
|
|
1071
1366
|
/** Returns response with indentations and line breaks. */
|
|
1072
|
-
prettyPrint?:
|
|
1367
|
+
prettyPrint?:
|
|
1368
|
+
boolean;
|
|
1073
1369
|
/** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
|
|
1074
|
-
quotaUser?:
|
|
1370
|
+
quotaUser?:
|
|
1371
|
+
string;
|
|
1075
1372
|
/** Upload protocol for media (e.g. "raw", "multipart"). */
|
|
1076
|
-
upload_protocol?:
|
|
1373
|
+
upload_protocol?:
|
|
1374
|
+
string;
|
|
1077
1375
|
/** Legacy upload protocol for media (e.g. "media", "multipart"). */
|
|
1078
|
-
uploadType?:
|
|
1376
|
+
uploadType?:
|
|
1377
|
+
string;
|
|
1079
1378
|
},
|
|
1080
1379
|
body: ExportAssetsRequest): Request<Operation>;
|
|
1081
|
-
operations:
|
|
1380
|
+
operations:
|
|
1381
|
+
OperationsResource;
|
|
1082
1382
|
}
|
|
1083
1383
|
|
|
1084
1384
|
const folders: FoldersResource;
|