Google Cloud Asset Inventory v1 API - Namespace Google.Cloud.Asset.V1 (3.10.0)

Represents the metadata of the longrunning operation for the AnalyzeIamPolicyLongrunning RPC.

A request message for [AssetService.AnalyzeIamPolicyLongrunning][google.cloud.asset.v1.AssetService.AnalyzeIamPolicyLongrunning].

A response message for [AssetService.AnalyzeIamPolicyLongrunning][google.cloud.asset.v1.AssetService.AnalyzeIamPolicyLongrunning].

A request message for [AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy].

A response message for [AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy].

Container for nested types declared in the AnalyzeIamPolicyResponse message type.

An analysis message to group the query and results.

The request message for performing resource move analysis.

Container for nested types declared in the AnalyzeMoveRequest message type.

The response message for resource move analysis.

A request message for [AssetService.AnalyzeOrgPolicies][google.cloud.asset.v1.AssetService.AnalyzeOrgPolicies].

The response message for [AssetService.AnalyzeOrgPolicies][google.cloud.asset.v1.AssetService.AnalyzeOrgPolicies].

Container for nested types declared in the AnalyzeOrgPoliciesResponse message type.

The organization policy result to the query.

A request message for [AssetService.AnalyzeOrgPolicyGovernedAssets][google.cloud.asset.v1.AssetService.AnalyzeOrgPolicyGovernedAssets].

The response message for [AssetService.AnalyzeOrgPolicyGovernedAssets][google.cloud.asset.v1.AssetService.AnalyzeOrgPolicyGovernedAssets].

Container for nested types declared in the AnalyzeOrgPolicyGovernedAssetsResponse message type.

Represents a Google Cloud asset(resource or IAM policy) governed by the organization policies of the [AnalyzeOrgPolicyGovernedAssetsRequest.constraint][google.cloud.asset.v1.AnalyzeOrgPolicyGovernedAssetsRequest.constraint].

The IAM policies governed by the organization policies of the [AnalyzeOrgPolicyGovernedAssetsRequest.constraint][google.cloud.asset.v1.AnalyzeOrgPolicyGovernedAssetsRequest.constraint].

The Google Cloud resources governed by the organization policies of the [AnalyzeOrgPolicyGovernedAssetsRequest.constraint][google.cloud.asset.v1.AnalyzeOrgPolicyGovernedAssetsRequest.constraint].

A request message for [AssetService.AnalyzeOrgPolicyGovernedContainers][google.cloud.asset.v1.AssetService.AnalyzeOrgPolicyGovernedContainers].

The response message for [AssetService.AnalyzeOrgPolicyGovernedContainers][google.cloud.asset.v1.AssetService.AnalyzeOrgPolicyGovernedContainers].

Container for nested types declared in the AnalyzeOrgPolicyGovernedContainersResponse message type.

The organization/folder/project resource governed by organization policies of [AnalyzeOrgPolicyGovernedContainersRequest.constraint][google.cloud.asset.v1.AnalyzeOrgPolicyGovernedContainersRequest.constraint].

This organization policy message is a modified version of the one defined in the Organization Policy system. This message contains several fields defined in the original organization policy with some new fields for analysis purpose.

Container for nested types declared in the AnalyzerOrgPolicy message type.

This rule message is a customized version of the one defined in the Organization Policy system. In addition to the fields defined in the original organization policy, it contains additional field(s) under specific circumstances to support analysis results.

Container for nested types declared in the Rule message type.

The string values for the list constraints.

The organization policy constraint definition.

Container for nested types declared in the AnalyzerOrgPolicyConstraint message type.

The definition of a constraint.

Container for nested types declared in the Constraint message type.

A Constraint that is either enforced or not.

For example a constraint constraints/compute.disableSerialPortAccess. If it is enforced on a VM instance, serial port connections will not be opened to that instance.

A Constraint that allows or disallows a list of string values, which are configured by an organization's policy administrator with a Policy.

The definition of a custom constraint.

Container for nested types declared in the CustomConstraint message type.

An asset in Google Cloud. An asset can be any resource in the Google Cloud resource hierarchy, a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy), or a relationship (e.g. an INSTANCE_TO_INSTANCEGROUP relationship). See Supported asset types for more information.

Asset service definition.

Base class for server-side implementations of AssetService

Client for AssetService

AssetService client wrapper, for convenient use.

Builder class for AssetServiceClient to provide simple configuration of credentials, endpoint etc.

AssetService client wrapper implementation, for convenient use.

Settings for AssetServiceClient instances.

Attached resource representation, which is defined by the corresponding service provider. It represents an attached resource's payload.

Batch get assets history request.

Batch get assets history response.

A request message for [AssetService.BatchGetEffectiveIamPolicies][google.cloud.asset.v1.AssetService.BatchGetEffectiveIamPolicies].

A response message for [AssetService.BatchGetEffectiveIamPolicies][google.cloud.asset.v1.AssetService.BatchGetEffectiveIamPolicies].

Container for nested types declared in the BatchGetEffectiveIamPoliciesResponse message type.

The effective IAM policies on one resource.

Container for nested types declared in the EffectiveIamPolicy message type.

The IAM policy and its attached resource.

A BigQuery destination for exporting assets to.

The condition evaluation.

Container for nested types declared in the ConditionEvaluation message type.

Create asset feed request.

Request to create a saved query.

Request to delete a saved query.

The effective tags and the ancestor resources from which they were inherited.

Export asset request.

The export asset response. This message is returned by the [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation] method in the returned [google.longrunning.Operation.response][google.longrunning.Operation.response] field.

An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.

Resource name for the Feed resource.

Output configuration for asset feed destination.

A Cloud Storage location.

A Cloud Storage output result.

Get asset feed request.

Request to get a saved query.

Output configuration for export IAM policy analysis destination.

Container for nested types declared in the IamPolicyAnalysisOutputConfig message type.

A BigQuery destination.

Container for nested types declared in the BigQueryDestination message type.

A Cloud Storage location.

IAM policy analysis query message.

Container for nested types declared in the IamPolicyAnalysisQuery message type.

Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10.

The IAM conditions context.

Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly.

Contains query options.

Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects.

IAM Policy analysis result, consisting of one IAM policy binding and derived access control lists.

Container for nested types declared in the IamPolicyAnalysisResult message type.

An IAM role or permission under analysis.

An access control list, derived from the above IAM policy binding, which contains a set of resources and accesses. May include one item from each set to compose an access control entry.

NOTICE that there could be multiple access control lists for one IAM policy binding. The access control lists are created based on resource and access combinations.

For example, assume we have the following cases in one IAM policy binding:

• Permission P1 and P2 apply to resource R1 and R2;
• Permission P3 applies to resource R2 and R3;

This will result in the following access control lists:

• AccessControlList 1: [R1, R2], [P1, P2]
• AccessControlList 2: [R2, R3], [P3]

A directional edge.

An identity under analysis.

The identities and group edges.

A Google Cloud resource under analysis.

Represents the detailed state of an entity under analysis, such as a resource, an identity or an access.

A result of IAM Policy search, containing information of an IAM policy.

Container for nested types declared in the IamPolicySearchResult message type.

Explanation about the IAM policy search result.

Container for nested types declared in the Explanation message type.

IAM permissions

ListAssets request.

ListAssets response.

List asset feeds request.

Request to list saved queries.

Response of listing saved queries.

A message to group the analysis information.

An analysis result including blockers and warnings.

A message to group impacts of moving the target resource.

Output configuration for export assets destination.

Output result of export assets.

Specifications of BigQuery partitioned table as export destination.

Container for nested types declared in the PartitionSpec message type.

A Pub/Sub destination.

Output configuration query assets.

Container for nested types declared in the QueryAssetsOutputConfig message type.

BigQuery destination.

QueryAssets request.

QueryAssets response.

Execution results of the query.

The result is formatted as rows represented by BigQuery compatible [schema]. When pagination is necessary, it will contains the page token to retrieve the results of following pages.

An asset identifier in Google Cloud which contains its name, type and ancestors. An asset can be any resource in the Google Cloud resource hierarchy, a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). See Supported asset types for more information.

DEPRECATED. This message only presents for the purpose of backward-compatibility. The server will never populate this message in responses. The detailed related assets with the relationship_type.

The detailed related resource.

The related resources of the primary resource.

DEPRECATED. This message only presents for the purpose of backward-compatibility. The server will never populate this message in responses. The relationship attributes which include type, source_resource_type, target_resource_type and action.

A representation of a Google Cloud resource.

A result of Resource Search, containing information of a cloud resource. Next ID: 34

A saved query which can be shared with others or used later.

Container for nested types declared in the SavedQuery message type.

The query content.

Resource name for the SavedQuery resource.

Search all IAM policies request.

Search all IAM policies response.

Search all resources request.

Search all resources response.

A field in TableSchema.

BigQuery Compatible table schema.

The key and value for a tag.

An asset in Google Cloud and its temporal metadata, including the time window when it was observed and its status during that window.

Container for nested types declared in the TemporalAsset message type.

A time window specified by its start_time and end_time.

Update asset feed request.

Request to update a saved query.

Resource representation as defined by the corresponding service providing the resource for a given API version.

View enum for supporting partial analysis responses.

Enum of possible cases for the "governed_asset" oneof.

Enum of possible cases for the "kind" oneof.

Enum of possible cases for the "constraint_definition" oneof.

Enum of possible cases for the "constraint_type" oneof.

Specifies the default behavior in the absence of any Policy for the Constraint. This must not be CONSTRAINT_DEFAULT_UNSPECIFIED.

Allow or deny type.

The operation in which this constraint will be applied. For example: If the constraint applies only when create VMs, the method_types will be "CREATE" only. If the constraint applied when create or delete VMs, the method_types will be "CREATE" and "DELETE".

Enum of possible cases for the "access_context_policy" oneof.

Value of this expression.

Asset content type.

The possible contents of FeedName.

Enum of possible cases for the "destination" oneof.

Enum of possible cases for the "object_uri" oneof.

Enum of possible cases for the "destination" oneof.

This enum determines the partition key column for the bigquery tables. Partitioning can improve query performance and reduce query cost by filtering partitions. Refer to https://cloud.google.com/bigquery/docs/partitioned-tables for details.

Enum of possible cases for the "TimeContext" oneof.

Enum of possible cases for the "oneof_access" oneof.

Enum of possible cases for the "result" oneof.

Enum of possible cases for the "destination" oneof.

Enum of possible cases for the "result" oneof.

This enum is used to determine the partition key column when exporting assets to BigQuery partitioned table(s). Note that, if the partition key is a timestamp column, the actual partition is based on its date value (expressed in UTC. see details in https://cloud.google.com/bigquery/docs/partitioned-tables#date_timestamp_partitioned_tables).

Enum of possible cases for the "query" oneof.

Enum of possible cases for the "time" oneof.

Enum of possible cases for the "response" oneof.

Enum of possible cases for the "query_content" oneof.

The possible contents of SavedQueryName.

State of prior asset.