[BindServiceMethod(typeof(AssetService), "BindService")]
public abstract class AssetService.AssetServiceBase
Reference documentation and code samples for the Google Cloud Asset Inventory v1 API class AssetService.AssetServiceBase.
Base class for server-side implementations of AssetService
Namespace
Google.Cloud.Asset.V1Assembly
Google.Cloud.Asset.V1.dll
Methods
AnalyzeIamPolicy(AnalyzeIamPolicyRequest, ServerCallContext)
public virtual Task<AnalyzeIamPolicyResponse> AnalyzeIamPolicy(AnalyzeIamPolicyRequest request, ServerCallContext context)
Analyzes IAM policies to answer which identities have what accesses on which resources.
Parameters | |
---|---|
Name | Description |
request | AnalyzeIamPolicyRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAnalyzeIamPolicyResponse | The response to send back to the client (wrapped by a task). |
AnalyzeIamPolicyLongrunning(AnalyzeIamPolicyLongrunningRequest, ServerCallContext)
public virtual Task<Operation> AnalyzeIamPolicyLongrunning(AnalyzeIamPolicyLongrunningRequest request, ServerCallContext context)
Analyzes IAM policies asynchronously to answer which identities have what accesses on which resources, and writes the analysis results to a Google Cloud Storage or a BigQuery destination. For Cloud Storage destination, the output format is the JSON format that represents a [AnalyzeIamPolicyResponse][google.cloud.asset.v1.AnalyzeIamPolicyResponse]. This method implements the [google.longrunning.Operation][google.longrunning.Operation], which allows you to track the operation status. We recommend intervals of at least 2 seconds with exponential backoff retry to poll the operation result. The metadata contains the metadata for the long-running operation.
Parameters | |
---|---|
Name | Description |
request | AnalyzeIamPolicyLongrunningRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation | The response to send back to the client (wrapped by a task). |
AnalyzeMove(AnalyzeMoveRequest, ServerCallContext)
public virtual Task<AnalyzeMoveResponse> AnalyzeMove(AnalyzeMoveRequest request, ServerCallContext context)
Analyze moving a resource to a specified destination without kicking off the actual move. The analysis is best effort depending on the user's permissions of viewing different hierarchical policies and configurations. The policies and configuration are subject to change before the actual resource migration takes place.
Parameters | |
---|---|
Name | Description |
request | AnalyzeMoveRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAnalyzeMoveResponse | The response to send back to the client (wrapped by a task). |
AnalyzeOrgPolicies(AnalyzeOrgPoliciesRequest, ServerCallContext)
public virtual Task<AnalyzeOrgPoliciesResponse> AnalyzeOrgPolicies(AnalyzeOrgPoliciesRequest request, ServerCallContext context)
Analyzes organization policies under a scope.
Parameters | |
---|---|
Name | Description |
request | AnalyzeOrgPoliciesRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAnalyzeOrgPoliciesResponse | The response to send back to the client (wrapped by a task). |
AnalyzeOrgPolicyGovernedAssets(AnalyzeOrgPolicyGovernedAssetsRequest, ServerCallContext)
public virtual Task<AnalyzeOrgPolicyGovernedAssetsResponse> AnalyzeOrgPolicyGovernedAssets(AnalyzeOrgPolicyGovernedAssetsRequest request, ServerCallContext context)
Analyzes organization policies governed assets (Google Cloud resources or policies) under a scope. This RPC supports custom constraints and the following canned constraints:
- constraints/ainotebooks.accessMode
- constraints/ainotebooks.disableFileDownloads
- constraints/ainotebooks.disableRootAccess
- constraints/ainotebooks.disableTerminal
- constraints/ainotebooks.environmentOptions
- constraints/ainotebooks.requireAutoUpgradeSchedule
- constraints/ainotebooks.restrictVpcNetworks
- constraints/compute.disableGuestAttributesAccess
- constraints/compute.disableInstanceDataAccessApis
- constraints/compute.disableNestedVirtualization
- constraints/compute.disableSerialPortAccess
- constraints/compute.disableSerialPortLogging
- constraints/compute.disableVpcExternalIpv6
- constraints/compute.requireOsLogin
- constraints/compute.requireShieldedVm
- constraints/compute.restrictLoadBalancerCreationForTypes
- constraints/compute.restrictProtocolForwardingCreationForTypes
- constraints/compute.restrictXpnProjectLienRemoval
- constraints/compute.setNewProjectDefaultToZonalDNSOnly
- constraints/compute.skipDefaultNetworkCreation
- constraints/compute.trustedImageProjects
- constraints/compute.vmCanIpForward
- constraints/compute.vmExternalIpAccess
- constraints/gcp.detailedAuditLoggingMode
- constraints/gcp.resourceLocations
- constraints/iam.allowedPolicyMemberDomains
- constraints/iam.automaticIamGrantsForDefaultServiceAccounts
- constraints/iam.disableServiceAccountCreation
- constraints/iam.disableServiceAccountKeyCreation
- constraints/iam.disableServiceAccountKeyUpload
- constraints/iam.restrictCrossProjectServiceAccountLienRemoval
- constraints/iam.serviceAccountKeyExpiryHours
- constraints/resourcemanager.accessBoundaries
- constraints/resourcemanager.allowedExportDestinations
- constraints/sql.restrictAuthorizedNetworks
- constraints/sql.restrictNoncompliantDiagnosticDataAccess
- constraints/sql.restrictNoncompliantResourceCreation
- constraints/sql.restrictPublicIp
- constraints/storage.publicAccessPrevention
- constraints/storage.restrictAuthTypes
- constraints/storage.uniformBucketLevelAccess
This RPC only returns either resources of types supported by search APIs or IAM policies.
Parameters | |
---|---|
Name | Description |
request | AnalyzeOrgPolicyGovernedAssetsRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAnalyzeOrgPolicyGovernedAssetsResponse | The response to send back to the client (wrapped by a task). |
AnalyzeOrgPolicyGovernedContainers(AnalyzeOrgPolicyGovernedContainersRequest, ServerCallContext)
public virtual Task<AnalyzeOrgPolicyGovernedContainersResponse> AnalyzeOrgPolicyGovernedContainers(AnalyzeOrgPolicyGovernedContainersRequest request, ServerCallContext context)
Analyzes organization policies governed containers (projects, folders or organization) under a scope.
Parameters | |
---|---|
Name | Description |
request | AnalyzeOrgPolicyGovernedContainersRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAnalyzeOrgPolicyGovernedContainersResponse | The response to send back to the client (wrapped by a task). |
BatchGetAssetsHistory(BatchGetAssetsHistoryRequest, ServerCallContext)
public virtual Task<BatchGetAssetsHistoryResponse> BatchGetAssetsHistory(BatchGetAssetsHistoryRequest request, ServerCallContext context)
Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.
Parameters | |
---|---|
Name | Description |
request | BatchGetAssetsHistoryRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskBatchGetAssetsHistoryResponse | The response to send back to the client (wrapped by a task). |
BatchGetEffectiveIamPolicies(BatchGetEffectiveIamPoliciesRequest, ServerCallContext)
public virtual Task<BatchGetEffectiveIamPoliciesResponse> BatchGetEffectiveIamPolicies(BatchGetEffectiveIamPoliciesRequest request, ServerCallContext context)
Gets effective IAM policies for a batch of resources.
Parameters | |
---|---|
Name | Description |
request | BatchGetEffectiveIamPoliciesRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskBatchGetEffectiveIamPoliciesResponse | The response to send back to the client (wrapped by a task). |
CreateFeed(CreateFeedRequest, ServerCallContext)
public virtual Task<Feed> CreateFeed(CreateFeedRequest request, ServerCallContext context)
Creates a feed in a parent project/folder/organization to listen to its asset updates.
Parameters | |
---|---|
Name | Description |
request | CreateFeedRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskFeed | The response to send back to the client (wrapped by a task). |
CreateSavedQuery(CreateSavedQueryRequest, ServerCallContext)
public virtual Task<SavedQuery> CreateSavedQuery(CreateSavedQueryRequest request, ServerCallContext context)
Creates a saved query in a parent project/folder/organization.
Parameters | |
---|---|
Name | Description |
request | CreateSavedQueryRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskSavedQuery | The response to send back to the client (wrapped by a task). |
DeleteFeed(DeleteFeedRequest, ServerCallContext)
public virtual Task<Empty> DeleteFeed(DeleteFeedRequest request, ServerCallContext context)
Deletes an asset feed.
Parameters | |
---|---|
Name | Description |
request | DeleteFeedRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskEmpty | The response to send back to the client (wrapped by a task). |
DeleteSavedQuery(DeleteSavedQueryRequest, ServerCallContext)
public virtual Task<Empty> DeleteSavedQuery(DeleteSavedQueryRequest request, ServerCallContext context)
Deletes a saved query.
Parameters | |
---|---|
Name | Description |
request | DeleteSavedQueryRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskEmpty | The response to send back to the client (wrapped by a task). |
ExportAssets(ExportAssetsRequest, ServerCallContext)
public virtual Task<Operation> ExportAssets(ExportAssetsRequest request, ServerCallContext context)
Exports assets with time and resource types to a given Cloud Storage location/BigQuery table. For Cloud Storage location destinations, the output format is newline-delimited JSON. Each line represents a [google.cloud.asset.v1.Asset][google.cloud.asset.v1.Asset] in the JSON format; for BigQuery table destinations, the output table stores the fields in asset Protobuf as columns. This API implements the [google.longrunning.Operation][google.longrunning.Operation] API, which allows you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.
Parameters | |
---|---|
Name | Description |
request | ExportAssetsRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskOperation | The response to send back to the client (wrapped by a task). |
GetFeed(GetFeedRequest, ServerCallContext)
public virtual Task<Feed> GetFeed(GetFeedRequest request, ServerCallContext context)
Gets details about an asset feed.
Parameters | |
---|---|
Name | Description |
request | GetFeedRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskFeed | The response to send back to the client (wrapped by a task). |
GetSavedQuery(GetSavedQueryRequest, ServerCallContext)
public virtual Task<SavedQuery> GetSavedQuery(GetSavedQueryRequest request, ServerCallContext context)
Gets details about a saved query.
Parameters | |
---|---|
Name | Description |
request | GetSavedQueryRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskSavedQuery | The response to send back to the client (wrapped by a task). |
ListAssets(ListAssetsRequest, ServerCallContext)
public virtual Task<ListAssetsResponse> ListAssets(ListAssetsRequest request, ServerCallContext context)
Lists assets with time and resource types and returns paged results in response.
Parameters | |
---|---|
Name | Description |
request | ListAssetsRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListAssetsResponse | The response to send back to the client (wrapped by a task). |
ListFeeds(ListFeedsRequest, ServerCallContext)
public virtual Task<ListFeedsResponse> ListFeeds(ListFeedsRequest request, ServerCallContext context)
Lists all asset feeds in a parent project/folder/organization.
Parameters | |
---|---|
Name | Description |
request | ListFeedsRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListFeedsResponse | The response to send back to the client (wrapped by a task). |
ListSavedQueries(ListSavedQueriesRequest, ServerCallContext)
public virtual Task<ListSavedQueriesResponse> ListSavedQueries(ListSavedQueriesRequest request, ServerCallContext context)
Lists all saved queries in a parent project/folder/organization.
Parameters | |
---|---|
Name | Description |
request | ListSavedQueriesRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListSavedQueriesResponse | The response to send back to the client (wrapped by a task). |
QueryAssets(QueryAssetsRequest, ServerCallContext)
public virtual Task<QueryAssetsResponse> QueryAssets(QueryAssetsRequest request, ServerCallContext context)
Issue a job that queries assets using a SQL statement compatible with BigQuery SQL.
If the query execution finishes within timeout and there's no pagination,
the full query results will be returned in the QueryAssetsResponse
.
Otherwise, full query results can be obtained by issuing extra requests
with the job_reference
from the a previous QueryAssets
call.
Note, the query result has approximately 10 GB limitation enforced by BigQuery. Queries return larger results will result in errors.
Parameters | |
---|---|
Name | Description |
request | QueryAssetsRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskQueryAssetsResponse | The response to send back to the client (wrapped by a task). |
SearchAllIamPolicies(SearchAllIamPoliciesRequest, ServerCallContext)
public virtual Task<SearchAllIamPoliciesResponse> SearchAllIamPolicies(SearchAllIamPoliciesRequest request, ServerCallContext context)
Searches all IAM policies within the specified scope, such as a project,
folder, or organization. The caller must be granted the
cloudasset.assets.searchAllIamPolicies
permission on the desired scope,
otherwise the request will be rejected.
Parameters | |
---|---|
Name | Description |
request | SearchAllIamPoliciesRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskSearchAllIamPoliciesResponse | The response to send back to the client (wrapped by a task). |
SearchAllResources(SearchAllResourcesRequest, ServerCallContext)
public virtual Task<SearchAllResourcesResponse> SearchAllResources(SearchAllResourcesRequest request, ServerCallContext context)
Searches all Google Cloud resources within the specified scope, such as a
project, folder, or organization. The caller must be granted the
cloudasset.assets.searchAllResources
permission on the desired scope,
otherwise the request will be rejected.
Parameters | |
---|---|
Name | Description |
request | SearchAllResourcesRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskSearchAllResourcesResponse | The response to send back to the client (wrapped by a task). |
UpdateFeed(UpdateFeedRequest, ServerCallContext)
public virtual Task<Feed> UpdateFeed(UpdateFeedRequest request, ServerCallContext context)
Updates an asset feed configuration.
Parameters | |
---|---|
Name | Description |
request | UpdateFeedRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskFeed | The response to send back to the client (wrapped by a task). |
UpdateSavedQuery(UpdateSavedQueryRequest, ServerCallContext)
public virtual Task<SavedQuery> UpdateSavedQuery(UpdateSavedQueryRequest request, ServerCallContext context)
Updates a saved query.
Parameters | |
---|---|
Name | Description |
request | UpdateSavedQueryRequest The request received from the client. |
context | ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskSavedQuery | The response to send back to the client (wrapped by a task). |