Introduction to Cloud Asset Inventory

Cloud Asset Inventory is a storage service that keeps a five week history of Google Cloud Platform (GCP) asset metadata. It allows you to export all asset metadata at a certain timestamp or timeframe.

Features

Export asset metadata at a timestamp

The Cloud Asset API allows you to export all the asset metadata at a given timestamp to a Cloud Storage file.

Export asset history

The Cloud Asset API can get the history of multiple assets for a given timeframe. This shows you all the create, delete, and update events for the specifed assets over time.

Supported resource types

The Cloud Asset API currently supports the following resource types in GCP:

Cloud Key Management Service

  • google.cloud.kms.KeyRing

  • google.cloud.kms.CryptoKey

  • google.cloud.kms.CryptoKeyVersion

Resource Manager

  • google.cloud.resourcemanager.Organization

  • google.cloud.resourcemanager.Folder

  • google.cloud.resourcemanager.Project

Compute Engine

  • google.compute.Autoscaler

  • google.compute.BackendBucket

  • google.compute.BackendService

  • google.compute.Disk

  • google.compute.Firewall

  • google.compute.ForwardingRule

  • google.compute.HealthCheck

  • google.compute.HttpHealthCheck

  • google.compute.HttpsHealthCheck

  • google.compute.Image

  • google.compute.Instance

  • google.compute.InstanceGroup

  • google.compute.InstanceGroupManager

  • google.compute.InstanceTemplate

  • google.compute.License

  • google.compute.Network

  • google.compute.Project

  • google.compute.Route

  • google.compute.Router

  • google.compute.Snapshot

  • google.compute.SslCertificate

  • google.compute.Subnetwork

  • google.compute.TargetHttpProxy

  • google.compute.TargetHttpsProxy

  • google.compute.TargetInstance

  • google.compute.TargetPool

  • google.compute.TargetTcpProxy

  • google.compute.TargetSslProxy

  • google.compute.TargetVpnGateway

  • google.compute.UrlMap

  • google.compute.VpnTunnel

App Engine

  • google.appengine.Application

  • google.appengine.Service

  • google.appengine.Version

Google Kubernetes Engine

  • google.container.Cluster

Cloud Billing

  • google.cloud.billing.BillingAccount

Cloud Storage

  • google.cloud.storage.Bucket

Cloud DNS

  • google.cloud.dns.ManagedZone

  • google.cloud.dns.Policy

Cloud Spanner

Note that Cloud Spanner asset change history can be incomplete, and data freshness can be stale for up to an hour.

  • google.spanner.Instance

  • google.spanner.Database

BigQuery

Note that BigQuery asset metadata and change history might be incomplete.

  • google.cloud.bigquery.Dataset

  • google.cloud.bigquery.Table

Cloud Identity and Access Management

  • google.iam.Role

  • google.iam.ServiceAccount

Cloud Pub/Sub

  • google.pubsub.Topic
  • google.pubsub.Subscription

Cloud Dataproc

  • google.cloud.dataproc.Cluster

  • google.cloud.dataproc.Job

Cloud SQL

Note that Cloud SQL asset change history can be incomplete, and data freshness can be stale for up to an hour.

  • google.cloud.sql.Instance

Supported policy types

The Cloud Asset API currently supports the following policy types in GCP:

Key Concepts

Asset

An asset refers to a GCP resource. Examples of resources include Compute Engine virtual machines (VMs), Cloud Storage buckets, and App Engine instances. An asset contains resource metadata and additional metadata set on a resource, such as a Cloud Identity and Access Management (Cloud IAM) policy.

Asset content type

Cloud Asset Inventory supports the following asset content types:

  • Resource: Resource metadata of a GCP asset.

  • IAM Policy: Metadata of the Cloud IAM policy set on a GCP asset.

Asset snapshot

An asset snapshot is the set of available assets under a Resource Manager project or organization at a timestamp.

Asset history

For a given asset, asset history includes all metadata create, delete, and update events between timestamp T1 and T2.

API reference

REST API documentation

RPC API documentation

Next steps

Was this page helpful? Let us know how we did:

Send feedback about...

Resource Manager Documentation