183 lines
6.6 KiB
183 lines
6.6 KiB
6 years ago
|
// Copyright 2018 Google LLC.
|
||
|
//
|
||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
// you may not use this file except in compliance with the License.
|
||
|
// You may obtain a copy of the License at
|
||
|
//
|
||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||
|
//
|
||
|
// Unless required by applicable law or agreed to in writing, software
|
||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
// See the License for the specific language governing permissions and
|
||
|
// limitations under the License.
|
||
|
//
|
||
|
|
||
|
syntax = "proto3";
|
||
|
|
||
|
package google.cloud.asset.v1beta1;
|
||
|
|
||
|
import "google/api/annotations.proto";
|
||
|
import "google/cloud/asset/v1beta1/assets.proto";
|
||
|
import "google/longrunning/operations.proto";
|
||
|
import "google/protobuf/timestamp.proto";
|
||
|
|
||
|
option csharp_namespace = "Google.Cloud.Asset.V1Beta1";
|
||
|
option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1beta1;asset";
|
||
|
option java_multiple_files = true;
|
||
|
option java_outer_classname = "AssetServiceProto";
|
||
|
option java_package = "com.google.cloud.asset.v1beta1";
|
||
|
option php_namespace = "Google\\Cloud\\Asset\\V1beta1";
|
||
|
|
||
|
// Asset service definition.
|
||
|
service AssetService {
|
||
|
// Exports assets with time and resource types to a given Cloud Storage
|
||
|
// location. The output format is newline-delimited JSON.
|
||
|
// This API implements the
|
||
|
// [google.longrunning.Operation][google.longrunning.Operation] API allowing
|
||
|
// you to keep track of the export.
|
||
|
rpc ExportAssets(ExportAssetsRequest) returns (google.longrunning.Operation) {
|
||
|
option (google.api.http) = {
|
||
|
post: "/v1beta1/{parent=projects/*}:exportAssets"
|
||
|
body: "*"
|
||
|
additional_bindings {
|
||
|
post: "/v1beta1/{parent=folders/*}:exportAssets"
|
||
|
body: "*"
|
||
|
}
|
||
|
additional_bindings {
|
||
|
post: "/v1beta1/{parent=organizations/*}:exportAssets"
|
||
|
body: "*"
|
||
|
}
|
||
|
};
|
||
|
}
|
||
|
|
||
|
// Batch gets the update history of assets that overlap a time window.
|
||
|
// For RESOURCE content, this API outputs history with asset in both
|
||
|
// non-delete or deleted status.
|
||
|
// For IAM_POLICY content, this API outputs history when the asset and its
|
||
|
// attached IAM POLICY both exist. This can create gaps in the output history.
|
||
|
rpc BatchGetAssetsHistory(BatchGetAssetsHistoryRequest)
|
||
|
returns (BatchGetAssetsHistoryResponse) {
|
||
|
option (google.api.http) = {
|
||
|
get: "/v1beta1/{parent=projects/*}:batchGetAssetsHistory"
|
||
|
additional_bindings {
|
||
|
get: "/v1beta1/{parent=organizations/*}:batchGetAssetsHistory"
|
||
|
}
|
||
|
};
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Export asset request.
|
||
|
message ExportAssetsRequest {
|
||
|
// Required. The relative name of the root asset. This can only be an
|
||
|
// organization number (such as "organizations/123"), a project ID (such as
|
||
|
// "projects/my-project-id"), a project number (such as "projects/12345"), or
|
||
|
// a folder number (such as "folders/123").
|
||
|
string parent = 1;
|
||
|
|
||
|
// Timestamp to take an asset snapshot. This can only be set to a timestamp
|
||
|
// between 2018-10-02 UTC (inclusive) and the current time. If not specified,
|
||
|
// the current time will be used. Due to delays in resource data collection
|
||
|
// and indexing, there is a volatile window during which running the same
|
||
|
// query may get different results.
|
||
|
google.protobuf.Timestamp read_time = 2;
|
||
|
|
||
|
// A list of asset types of which to take a snapshot for. For example:
|
||
|
// "google.compute.Disk". If specified, only matching assets will be returned.
|
||
|
// See [Introduction to Cloud Asset
|
||
|
// Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview)
|
||
|
// for all supported asset types.
|
||
|
repeated string asset_types = 3;
|
||
|
|
||
|
// Asset content type. If not specified, no content but the asset name will be
|
||
|
// returned.
|
||
|
ContentType content_type = 4;
|
||
|
|
||
|
// Required. Output configuration indicating where the results will be output
|
||
|
// to. All results will be in newline delimited JSON format.
|
||
|
OutputConfig output_config = 5;
|
||
|
}
|
||
|
|
||
|
// The export asset response. This message is returned by the
|
||
|
// [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation]
|
||
|
// method in the returned
|
||
|
// [google.longrunning.Operation.response][google.longrunning.Operation.response]
|
||
|
// field.
|
||
|
message ExportAssetsResponse {
|
||
|
// Time the snapshot was taken.
|
||
|
google.protobuf.Timestamp read_time = 1;
|
||
|
|
||
|
// Output configuration indicating where the results were output to.
|
||
|
// All results are in JSON format.
|
||
|
OutputConfig output_config = 2;
|
||
|
}
|
||
|
|
||
|
// Batch get assets history request.
|
||
|
message BatchGetAssetsHistoryRequest {
|
||
|
// Required. The relative name of the root asset. It can only be an
|
||
|
// organization number (such as "organizations/123"), a project ID (such as
|
||
|
// "projects/my-project-id")", or a project number (such as "projects/12345").
|
||
|
string parent = 1;
|
||
|
|
||
|
// A list of the full names of the assets. For example:
|
||
|
// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`.
|
||
|
// See [Resource
|
||
|
// Names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
|
||
|
// for more info.
|
||
|
//
|
||
|
// The request becomes a no-op if the asset name list is empty, and the max
|
||
|
// size of the asset name list is 100 in one request.
|
||
|
repeated string asset_names = 2;
|
||
|
|
||
|
// Required. The content type.
|
||
|
ContentType content_type = 3;
|
||
|
|
||
|
// Optional. The time window for the asset history. Both start_time and
|
||
|
// end_time are optional and if set, it must be after 2018-10-02 UTC. If
|
||
|
// end_time is not set, it is default to current timestamp. If start_time is
|
||
|
// not set, the snapshot of the assets at end_time will be returned. The
|
||
|
// returned results contain all temporal assets whose time window overlap with
|
||
|
// read_time_window.
|
||
|
TimeWindow read_time_window = 4;
|
||
|
}
|
||
|
|
||
|
// Batch get assets history response.
|
||
|
message BatchGetAssetsHistoryResponse {
|
||
|
// A list of assets with valid time windows.
|
||
|
repeated TemporalAsset assets = 1;
|
||
|
}
|
||
|
|
||
|
// Output configuration for export assets destination.
|
||
|
message OutputConfig {
|
||
|
// Asset export destination.
|
||
|
oneof destination {
|
||
|
// Destination on Cloud Storage.
|
||
|
GcsDestination gcs_destination = 1;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// A Cloud Storage location.
|
||
|
message GcsDestination {
|
||
|
// Required.
|
||
|
oneof object_uri {
|
||
|
// The uri of the Cloud Storage object. It's the same uri that is used by
|
||
|
// gsutil. For example: "gs://bucket_name/object_name". See [Viewing and
|
||
|
// Editing Object
|
||
|
// Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
|
||
|
// for more information.
|
||
|
string uri = 1;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Asset content type.
|
||
|
enum ContentType {
|
||
|
// Unspecified content type.
|
||
|
CONTENT_TYPE_UNSPECIFIED = 0;
|
||
|
|
||
|
// Resource metadata.
|
||
|
RESOURCE = 1;
|
||
|
|
||
|
// The actual IAM policy set on a resource.
|
||
|
IAM_POLICY = 2;
|
||
|
}
|