kratos/third_party/google/cloud/asset/v1beta1/asset_service.proto

183 lines
6.6 KiB

// Copyright 2018 Google LLC.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
syntax = "proto3";
package google.cloud.asset.v1beta1;
import "google/api/annotations.proto";
import "google/cloud/asset/v1beta1/assets.proto";
import "google/longrunning/operations.proto";
import "google/protobuf/timestamp.proto";
option csharp_namespace = "Google.Cloud.Asset.V1Beta1";
option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1beta1;asset";
option java_multiple_files = true;
option java_outer_classname = "AssetServiceProto";
option java_package = "com.google.cloud.asset.v1beta1";
option php_namespace = "Google\\Cloud\\Asset\\V1beta1";
// Asset service definition.
service AssetService {
// Exports assets with time and resource types to a given Cloud Storage
// location. The output format is newline-delimited JSON.
// This API implements the
// [google.longrunning.Operation][google.longrunning.Operation] API allowing
// you to keep track of the export.
rpc ExportAssets(ExportAssetsRequest) returns (google.longrunning.Operation) {
option (google.api.http) = {
post: "/v1beta1/{parent=projects/*}:exportAssets"
body: "*"
additional_bindings {
post: "/v1beta1/{parent=folders/*}:exportAssets"
body: "*"
}
additional_bindings {
post: "/v1beta1/{parent=organizations/*}:exportAssets"
body: "*"
}
};
}
// Batch gets the update history of assets that overlap a time window.
// For RESOURCE content, this API outputs history with asset in both
// non-delete or deleted status.
// For IAM_POLICY content, this API outputs history when the asset and its
// attached IAM POLICY both exist. This can create gaps in the output history.
rpc BatchGetAssetsHistory(BatchGetAssetsHistoryRequest)
returns (BatchGetAssetsHistoryResponse) {
option (google.api.http) = {
get: "/v1beta1/{parent=projects/*}:batchGetAssetsHistory"
additional_bindings {
get: "/v1beta1/{parent=organizations/*}:batchGetAssetsHistory"
}
};
}
}
// Export asset request.
message ExportAssetsRequest {
// Required. The relative name of the root asset. This can only be an
// organization number (such as "organizations/123"), a project ID (such as
// "projects/my-project-id"), a project number (such as "projects/12345"), or
// a folder number (such as "folders/123").
string parent = 1;
// Timestamp to take an asset snapshot. This can only be set to a timestamp
// between 2018-10-02 UTC (inclusive) and the current time. If not specified,
// the current time will be used. Due to delays in resource data collection
// and indexing, there is a volatile window during which running the same
// query may get different results.
google.protobuf.Timestamp read_time = 2;
// A list of asset types of which to take a snapshot for. For example:
// "google.compute.Disk". If specified, only matching assets will be returned.
// See [Introduction to Cloud Asset
// Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview)
// for all supported asset types.
repeated string asset_types = 3;
// Asset content type. If not specified, no content but the asset name will be
// returned.
ContentType content_type = 4;
// Required. Output configuration indicating where the results will be output
// to. All results will be in newline delimited JSON format.
OutputConfig output_config = 5;
}
// The export asset response. This message is returned by the
// [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation]
// method in the returned
// [google.longrunning.Operation.response][google.longrunning.Operation.response]
// field.
message ExportAssetsResponse {
// Time the snapshot was taken.
google.protobuf.Timestamp read_time = 1;
// Output configuration indicating where the results were output to.
// All results are in JSON format.
OutputConfig output_config = 2;
}
// Batch get assets history request.
message BatchGetAssetsHistoryRequest {
// Required. The relative name of the root asset. It can only be an
// organization number (such as "organizations/123"), a project ID (such as
// "projects/my-project-id")", or a project number (such as "projects/12345").
string parent = 1;
// A list of the full names of the assets. For example:
// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`.
// See [Resource
// Names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
// for more info.
//
// The request becomes a no-op if the asset name list is empty, and the max
// size of the asset name list is 100 in one request.
repeated string asset_names = 2;
// Required. The content type.
ContentType content_type = 3;
// Optional. The time window for the asset history. Both start_time and
// end_time are optional and if set, it must be after 2018-10-02 UTC. If
// end_time is not set, it is default to current timestamp. If start_time is
// not set, the snapshot of the assets at end_time will be returned. The
// returned results contain all temporal assets whose time window overlap with
// read_time_window.
TimeWindow read_time_window = 4;
}
// Batch get assets history response.
message BatchGetAssetsHistoryResponse {
// A list of assets with valid time windows.
repeated TemporalAsset assets = 1;
}
// Output configuration for export assets destination.
message OutputConfig {
// Asset export destination.
oneof destination {
// Destination on Cloud Storage.
GcsDestination gcs_destination = 1;
}
}
// A Cloud Storage location.
message GcsDestination {
// Required.
oneof object_uri {
// The uri of the Cloud Storage object. It's the same uri that is used by
// gsutil. For example: "gs://bucket_name/object_name". See [Viewing and
// Editing Object
// Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
// for more information.
string uri = 1;
}
}
// Asset content type.
enum ContentType {
// Unspecified content type.
CONTENT_TYPE_UNSPECIFIED = 0;
// Resource metadata.
RESOURCE = 1;
// The actual IAM policy set on a resource.
IAM_POLICY = 2;
}