Interface AssetServiceGrpc.AsyncService (3.60.0)

public static interface AssetServiceGrpc.AsyncService

Asset service definition.

Methods

analyzeIamPolicy(AnalyzeIamPolicyRequest request, StreamObserver<AnalyzeIamPolicyResponse> responseObserver)

public default void analyzeIamPolicy(AnalyzeIamPolicyRequest request, StreamObserver<AnalyzeIamPolicyResponse> responseObserver)

Analyzes IAM policies to answer which identities have what accesses on which resources.

Parameters
Name Description
request AnalyzeIamPolicyRequest
responseObserver io.grpc.stub.StreamObserver<AnalyzeIamPolicyResponse>

analyzeIamPolicyLongrunning(AnalyzeIamPolicyLongrunningRequest request, StreamObserver<Operation> responseObserver)

public default void analyzeIamPolicyLongrunning(AnalyzeIamPolicyLongrunningRequest request, StreamObserver<Operation> responseObserver)

Analyzes IAM policies asynchronously to answer which identities have what accesses on which resources, and writes the analysis results to a Google Cloud Storage or a BigQuery destination. For Cloud Storage destination, the output format is the JSON format that represents a AnalyzeIamPolicyResponse. This method implements the google.longrunning.Operation, which allows you to track the operation status. We recommend intervals of at least 2 seconds with exponential backoff retry to poll the operation result. The metadata contains the metadata for the long-running operation.

Parameters
Name Description
request AnalyzeIamPolicyLongrunningRequest
responseObserver io.grpc.stub.StreamObserver<Operation>

analyzeMove(AnalyzeMoveRequest request, StreamObserver<AnalyzeMoveResponse> responseObserver)

public default void analyzeMove(AnalyzeMoveRequest request, StreamObserver<AnalyzeMoveResponse> responseObserver)

Analyze moving a resource to a specified destination without kicking off the actual move. The analysis is best effort depending on the user's permissions of viewing different hierarchical policies and configurations. The policies and configuration are subject to change before the actual resource migration takes place.

Parameters
Name Description
request AnalyzeMoveRequest
responseObserver io.grpc.stub.StreamObserver<AnalyzeMoveResponse>

analyzeOrgPolicies(AnalyzeOrgPoliciesRequest request, StreamObserver<AnalyzeOrgPoliciesResponse> responseObserver)

public default void analyzeOrgPolicies(AnalyzeOrgPoliciesRequest request, StreamObserver<AnalyzeOrgPoliciesResponse> responseObserver)

Analyzes organization policies under a scope.

Parameters
Name Description
request AnalyzeOrgPoliciesRequest
responseObserver io.grpc.stub.StreamObserver<AnalyzeOrgPoliciesResponse>

analyzeOrgPolicyGovernedAssets(AnalyzeOrgPolicyGovernedAssetsRequest request, StreamObserver<AnalyzeOrgPolicyGovernedAssetsResponse> responseObserver)

public default void analyzeOrgPolicyGovernedAssets(AnalyzeOrgPolicyGovernedAssetsRequest request, StreamObserver<AnalyzeOrgPolicyGovernedAssetsResponse> responseObserver)

Analyzes organization policies governed assets (Google Cloud resources or policies) under a scope. This RPC supports custom constraints and the following canned constraints:

  • constraints/ainotebooks.accessMode
  • constraints/ainotebooks.disableFileDownloads
  • constraints/ainotebooks.disableRootAccess
  • constraints/ainotebooks.disableTerminal
  • constraints/ainotebooks.environmentOptions
  • constraints/ainotebooks.requireAutoUpgradeSchedule
  • constraints/ainotebooks.restrictVpcNetworks
  • constraints/compute.disableGuestAttributesAccess
  • constraints/compute.disableInstanceDataAccessApis
  • constraints/compute.disableNestedVirtualization
  • constraints/compute.disableSerialPortAccess
  • constraints/compute.disableSerialPortLogging
  • constraints/compute.disableVpcExternalIpv6
  • constraints/compute.requireOsLogin
  • constraints/compute.requireShieldedVm
  • constraints/compute.restrictLoadBalancerCreationForTypes
  • constraints/compute.restrictProtocolForwardingCreationForTypes
  • constraints/compute.restrictXpnProjectLienRemoval
  • constraints/compute.setNewProjectDefaultToZonalDNSOnly
  • constraints/compute.skipDefaultNetworkCreation
  • constraints/compute.trustedImageProjects
  • constraints/compute.vmCanIpForward
  • constraints/compute.vmExternalIpAccess
  • constraints/gcp.detailedAuditLoggingMode
  • constraints/gcp.resourceLocations
  • constraints/iam.allowedPolicyMemberDomains
  • constraints/iam.automaticIamGrantsForDefaultServiceAccounts
  • constraints/iam.disableServiceAccountCreation
  • constraints/iam.disableServiceAccountKeyCreation
  • constraints/iam.disableServiceAccountKeyUpload
  • constraints/iam.restrictCrossProjectServiceAccountLienRemoval
  • constraints/iam.serviceAccountKeyExpiryHours
  • constraints/resourcemanager.accessBoundaries
  • constraints/resourcemanager.allowedExportDestinations
  • constraints/sql.restrictAuthorizedNetworks
  • constraints/sql.restrictNoncompliantDiagnosticDataAccess
  • constraints/sql.restrictNoncompliantResourceCreation
  • constraints/sql.restrictPublicIp
  • constraints/storage.publicAccessPrevention
  • constraints/storage.restrictAuthTypes
  • constraints/storage.uniformBucketLevelAccess This RPC only returns either resources of types supported by search APIs or IAM policies.
Parameters
Name Description
request AnalyzeOrgPolicyGovernedAssetsRequest
responseObserver io.grpc.stub.StreamObserver<AnalyzeOrgPolicyGovernedAssetsResponse>

analyzeOrgPolicyGovernedContainers(AnalyzeOrgPolicyGovernedContainersRequest request, StreamObserver<AnalyzeOrgPolicyGovernedContainersResponse> responseObserver)

public default void analyzeOrgPolicyGovernedContainers(AnalyzeOrgPolicyGovernedContainersRequest request, StreamObserver<AnalyzeOrgPolicyGovernedContainersResponse> responseObserver)

Analyzes organization policies governed containers (projects, folders or organization) under a scope.

Parameters
Name Description
request AnalyzeOrgPolicyGovernedContainersRequest
responseObserver io.grpc.stub.StreamObserver<AnalyzeOrgPolicyGovernedContainersResponse>

batchGetAssetsHistory(BatchGetAssetsHistoryRequest request, StreamObserver<BatchGetAssetsHistoryResponse> responseObserver)

public default void batchGetAssetsHistory(BatchGetAssetsHistoryRequest request, StreamObserver<BatchGetAssetsHistoryResponse> responseObserver)

Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.

Parameters
Name Description
request BatchGetAssetsHistoryRequest
responseObserver io.grpc.stub.StreamObserver<BatchGetAssetsHistoryResponse>

batchGetEffectiveIamPolicies(BatchGetEffectiveIamPoliciesRequest request, StreamObserver<BatchGetEffectiveIamPoliciesResponse> responseObserver)

public default void batchGetEffectiveIamPolicies(BatchGetEffectiveIamPoliciesRequest request, StreamObserver<BatchGetEffectiveIamPoliciesResponse> responseObserver)

Gets effective IAM policies for a batch of resources.

Parameters
Name Description
request BatchGetEffectiveIamPoliciesRequest
responseObserver io.grpc.stub.StreamObserver<BatchGetEffectiveIamPoliciesResponse>

createFeed(CreateFeedRequest request, StreamObserver<Feed> responseObserver)

public default void createFeed(CreateFeedRequest request, StreamObserver<Feed> responseObserver)

Creates a feed in a parent project/folder/organization to listen to its asset updates.

Parameters
Name Description
request CreateFeedRequest
responseObserver io.grpc.stub.StreamObserver<Feed>

createSavedQuery(CreateSavedQueryRequest request, StreamObserver<SavedQuery> responseObserver)

public default void createSavedQuery(CreateSavedQueryRequest request, StreamObserver<SavedQuery> responseObserver)

Creates a saved query in a parent project/folder/organization.

Parameters
Name Description
request CreateSavedQueryRequest
responseObserver io.grpc.stub.StreamObserver<SavedQuery>

deleteFeed(DeleteFeedRequest request, StreamObserver<Empty> responseObserver)

public default void deleteFeed(DeleteFeedRequest request, StreamObserver<Empty> responseObserver)

Deletes an asset feed.

Parameters
Name Description
request DeleteFeedRequest
responseObserver io.grpc.stub.StreamObserver<Empty>

deleteSavedQuery(DeleteSavedQueryRequest request, StreamObserver<Empty> responseObserver)

public default void deleteSavedQuery(DeleteSavedQueryRequest request, StreamObserver<Empty> responseObserver)

Deletes a saved query.

Parameters
Name Description
request DeleteSavedQueryRequest
responseObserver io.grpc.stub.StreamObserver<Empty>

exportAssets(ExportAssetsRequest request, StreamObserver<Operation> responseObserver)

public default void exportAssets(ExportAssetsRequest request, StreamObserver<Operation> responseObserver)

Exports assets with time and resource types to a given Cloud Storage location/BigQuery table. For Cloud Storage location destinations, the output format is newline-delimited JSON. Each line represents a google.cloud.asset.v1.Asset in the JSON format; for BigQuery table destinations, the output table stores the fields in asset Protobuf as columns. This API implements the google.longrunning.Operation API, which allows you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.

Parameters
Name Description
request ExportAssetsRequest
responseObserver io.grpc.stub.StreamObserver<Operation>

getFeed(GetFeedRequest request, StreamObserver<Feed> responseObserver)

public default void getFeed(GetFeedRequest request, StreamObserver<Feed> responseObserver)

Gets details about an asset feed.

Parameters
Name Description
request GetFeedRequest
responseObserver io.grpc.stub.StreamObserver<Feed>

getSavedQuery(GetSavedQueryRequest request, StreamObserver<SavedQuery> responseObserver)

public default void getSavedQuery(GetSavedQueryRequest request, StreamObserver<SavedQuery> responseObserver)

Gets details about a saved query.

Parameters
Name Description
request GetSavedQueryRequest
responseObserver io.grpc.stub.StreamObserver<SavedQuery>

listAssets(ListAssetsRequest request, StreamObserver<ListAssetsResponse> responseObserver)

public default void listAssets(ListAssetsRequest request, StreamObserver<ListAssetsResponse> responseObserver)

Lists assets with time and resource types and returns paged results in response.

Parameters
Name Description
request ListAssetsRequest
responseObserver io.grpc.stub.StreamObserver<ListAssetsResponse>

listFeeds(ListFeedsRequest request, StreamObserver<ListFeedsResponse> responseObserver)

public default void listFeeds(ListFeedsRequest request, StreamObserver<ListFeedsResponse> responseObserver)

Lists all asset feeds in a parent project/folder/organization.

Parameters
Name Description
request ListFeedsRequest
responseObserver io.grpc.stub.StreamObserver<ListFeedsResponse>

listSavedQueries(ListSavedQueriesRequest request, StreamObserver<ListSavedQueriesResponse> responseObserver)

public default void listSavedQueries(ListSavedQueriesRequest request, StreamObserver<ListSavedQueriesResponse> responseObserver)

Lists all saved queries in a parent project/folder/organization.

Parameters
Name Description
request ListSavedQueriesRequest
responseObserver io.grpc.stub.StreamObserver<ListSavedQueriesResponse>

queryAssets(QueryAssetsRequest request, StreamObserver<QueryAssetsResponse> responseObserver)

public default void queryAssets(QueryAssetsRequest request, StreamObserver<QueryAssetsResponse> responseObserver)

Issue a job that queries assets using a SQL statement compatible with BigQuery SQL. If the query execution finishes within timeout and there's no pagination, the full query results will be returned in the QueryAssetsResponse. Otherwise, full query results can be obtained by issuing extra requests with the job_reference from the a previous QueryAssets call. Note, the query result has approximately 10 GB limitation enforced by BigQuery. Queries return larger results will result in errors.

Parameters
Name Description
request QueryAssetsRequest
responseObserver io.grpc.stub.StreamObserver<QueryAssetsResponse>

searchAllIamPolicies(SearchAllIamPoliciesRequest request, StreamObserver<SearchAllIamPoliciesResponse> responseObserver)

public default void searchAllIamPolicies(SearchAllIamPoliciesRequest request, StreamObserver<SearchAllIamPoliciesResponse> responseObserver)

Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the cloudasset.assets.searchAllIamPolicies permission on the desired scope, otherwise the request will be rejected.

Parameters
Name Description
request SearchAllIamPoliciesRequest
responseObserver io.grpc.stub.StreamObserver<SearchAllIamPoliciesResponse>

searchAllResources(SearchAllResourcesRequest request, StreamObserver<SearchAllResourcesResponse> responseObserver)

public default void searchAllResources(SearchAllResourcesRequest request, StreamObserver<SearchAllResourcesResponse> responseObserver)

Searches all Google Cloud resources within the specified scope, such as a project, folder, or organization. The caller must be granted the cloudasset.assets.searchAllResources permission on the desired scope, otherwise the request will be rejected.

Parameters
Name Description
request SearchAllResourcesRequest
responseObserver io.grpc.stub.StreamObserver<SearchAllResourcesResponse>

updateFeed(UpdateFeedRequest request, StreamObserver<Feed> responseObserver)

public default void updateFeed(UpdateFeedRequest request, StreamObserver<Feed> responseObserver)

Updates an asset feed configuration.

Parameters
Name Description
request UpdateFeedRequest
responseObserver io.grpc.stub.StreamObserver<Feed>

updateSavedQuery(UpdateSavedQueryRequest request, StreamObserver<SavedQuery> responseObserver)

public default void updateSavedQuery(UpdateSavedQueryRequest request, StreamObserver<SavedQuery> responseObserver)

Updates a saved query.

Parameters
Name Description
request UpdateSavedQueryRequest
responseObserver io.grpc.stub.StreamObserver<SavedQuery>