google_api_cloud_asset v0.14.0 API Reference
Modules
API client metadata for GoogleApi.CloudAsset.V1.
API calls for all endpoints tagged Feeds
.
API calls for all endpoints tagged Operations
.
API calls for all endpoints tagged V1
.
Handle Tesla connections for GoogleApi.CloudAsset.V1.
An asset in Google Cloud. An asset can be any resource in the Google Cloud resource hierarchy, a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy). See Supported asset types for more information.
Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
Provides the configuration for logging a type of permissions. Example
Batch get assets history response.
A BigQuery destination for exporting assets to.
Associates members
with a role
.
Create asset feed request.
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance
Explanation about the IAM policy search result.
Export asset request.
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.
An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.
Output configuration for asset feed destination.
A Cloud Storage location.
Used in policy_type
to specify how boolean_policy
will behave at this
resource.
Used in policy_type
to specify how list_policy
behaves at this
resource.
Defines a Cloud Organization Policy
which is used to specify Constraints
for configurations of Cloud Platform resources.
Ignores policies set above this resource and restores the
constraint_default
enforcement behavior of the specific Constraint
at
this resource.
An AccessLevel
is a label that can be applied to requests to Google Cloud
services, along with a list of requirements necessary for the label to be
applied.
AccessPolicy
is a container for AccessLevels
(which define the necessary
attributes to use Google Cloud services) and ServicePerimeters
(which
define regions of services able to freely pass data within a perimeter). An
access policy is globally visible within an organization, and the
restrictions it specifies apply to all projects within an organization.
BasicLevel
is an AccessLevel
using a set of recommended features.
A condition necessary for an AccessLevel
to be granted. The Condition is an
AND over its fields. So a Condition is true if: 1) the request IP is from one
of the listed subnetworks AND 2) the originating device complies with the
listed device policy AND 3) all listed access levels are granted AND 4) the
request was sent at a time allowed by the DateTimeRestriction.
CustomLevel
is an AccessLevel
using the Cloud Common Expression Language
to represent the necessary conditions for the level to apply to a request.
See CEL spec at: https://github.com/google/cel-spec
DevicePolicy
specifies device specific restrictions necessary to acquire a
given access level. A DevicePolicy
specifies requirements for requests from
devices to be granted access levels, it does not do any enforcement on the
device. DevicePolicy
acts as an AND over all specified fields, and each
repeated field is an OR over its elements. Any unset fields are ignored. For
example, if the proto is { os_type : DESKTOP_WINDOWS, os_type :
DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be
true for requests originating from encrypted Linux desktops and encrypted
Windows desktops.
A restriction on the OS type and version of devices making requests.
ServicePerimeter
describes a set of Google Cloud resources which can freely
import and export data amongst themselves, but not export outside of the
ServicePerimeter
. If a request with a source within this ServicePerimeter
has a target outside of the ServicePerimeter
, the request will be blocked.
Otherwise the request is allowed. There are two types of Service Perimeter -
Regular and Bridge. Regular Service Perimeters cannot overlap, a single
Google Cloud project can only belong to a single regular Service Perimeter.
Service Perimeter Bridges can contain only Google Cloud projects as members,
a single Google Cloud project may belong to multiple Service Perimeter
Bridges.
ServicePerimeterConfig
specifies a set of Google Cloud resources that
describe specific Service Perimeter configuration.
Specifies how APIs are allowed to communicate within the Service Perimeter.
A result of IAM Policy search, containing information of an IAM policy.
This resource represents a long-running operation that is the result of a network API call.
Output configuration for export assets destination.
IAM permissions
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
A Pub/Sub destination.
A representation of a Google Cloud resource.
A result of Resource Search, containing information of a cloud resource.
Search all IAM policies response.
Search all resources response.
The Status
type defines a logical error model that is suitable for
different programming environments, including REST APIs and RPC APIs. It is
used by gRPC. Each Status
message contains
three pieces of data: error code, error message, and error details.
An asset in Google Cloud and its temporal metadata, including the time window when it was observed and its status during that window.
A time window specified by its start_time
and end_time
.
Update asset feed request.