cloudasset/v1 library

Cloud Asset API - v1

The Cloud Asset API manages the history and inventory of Google Cloud resources.

For more information, see cloud.google.com/asset-inventory/docs/quickstart

Create an instance of CloudAssetApi to access these resources:

Classes

AccessSelector
Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control.
AnalyzeIamPolicyLongrunningRequest
A request message for AssetService.AnalyzeIamPolicyLongrunning.
AnalyzeIamPolicyResponse
A response message for AssetService.AnalyzeIamPolicy.
AnalyzeMoveResponse
The response message for resource move analysis.
AnalyzeOrgPoliciesResponse
The response message for AssetService.AnalyzeOrgPolicies.
AnalyzeOrgPolicyGovernedAssetsResponse
The response message for AssetService.AnalyzeOrgPolicyGovernedAssets.
AnalyzeOrgPolicyGovernedContainersResponse
The response message for AssetService.AnalyzeOrgPolicyGovernedContainers.
AnalyzerOrgPolicy
This organization policy message is a modified version of the one defined in the Organization Policy system.
AnalyzerOrgPolicyConstraint
The organization policy constraint definition.
Asset
An asset in Google Cloud.
AssetsResource
AttachedResource
Attached resource representation, which is defined by the corresponding service provider.
AuditConfig
Specifies the audit configuration for a service.
BatchGetAssetsHistoryResponse
Batch get assets history response.
BatchGetEffectiveIamPoliciesResponse
A response message for AssetService.BatchGetEffectiveIamPolicies.
BigQueryDestination
A BigQuery destination for exporting assets to.
Binding
Associates members, or principals, with a role.
CloudAssetApi
The Cloud Asset API manages the history and inventory of Google Cloud resources.
ConditionContext
The IAM conditions context.
ConditionEvaluation
The condition evaluation.
CreateFeedRequest
Create asset feed request.
EffectiveIamPoliciesResource
EffectiveIamPolicy
The effective IAM policies on one resource.
EffectiveTagDetails
The effective tags and the ancestor resources from which they were inherited.
Explanation
Explanation about the IAM policy search result.
ExportAssetsRequest
Export asset request.
Feed
An asset feed used to export asset updates to a destinations.
FeedOutputConfig
Output configuration for asset feed destination.
FeedsResource
GcsDestination
A Cloud Storage location.
GoogleCloudAssetV1Access
An IAM role or permission under analysis.
GoogleCloudAssetV1AccessControlList
An access control list, derived from the above IAM policy binding, which contains a set of resources and accesses.
GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset
Represents a Google Cloud asset(resource or IAM policy) governed by the organization policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint.
GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy
The IAM policies governed by the organization policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint.
GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource
The Google Cloud resources governed by the organization policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint.
GoogleCloudAssetV1BigQueryDestination
A BigQuery destination.
GoogleCloudAssetV1Constraint
The definition of a constraint.
GoogleCloudAssetV1CustomConstraint
The definition of a custom constraint.
GoogleCloudAssetV1Edge
A directional edge.
GoogleCloudAssetV1GcsDestination
A Cloud Storage location.
GoogleCloudAssetV1GovernedContainer
The organization/folder/project resource governed by organization policies of AnalyzeOrgPolicyGovernedContainersRequest.constraint.
GoogleCloudAssetV1Identity
An identity under analysis.
GoogleCloudAssetV1IdentityList
The identities and group edges.
GoogleCloudAssetV1ListConstraint
A Constraint that allows or disallows a list of string values, which are configured by an organization's policy administrator with a Policy.
GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination
BigQuery destination.
GoogleCloudAssetV1Resource
A Google Cloud resource under analysis.
GoogleCloudAssetV1Rule
This rule message is a customized version of the one defined in the Organization Policy system.
GoogleCloudOrgpolicyV1Policy
Defines a Cloud Organization Policy which is used to specify Constraints for configurations of Cloud Platform resources.
GoogleIdentityAccesscontextmanagerV1AccessLevel
An AccessLevel is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied.
GoogleIdentityAccesscontextmanagerV1ApiOperation
Identification for an API Operation.
GoogleIdentityAccesscontextmanagerV1BasicLevel
BasicLevel is an AccessLevel using a set of recommended features.
GoogleIdentityAccesscontextmanagerV1Condition
A condition necessary for an AccessLevel to be granted.
GoogleIdentityAccesscontextmanagerV1CustomLevel
CustomLevel is an AccessLevel using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
GoogleIdentityAccesscontextmanagerV1DevicePolicy
DevicePolicy specifies device specific restrictions necessary to acquire a given access level.
GoogleIdentityAccesscontextmanagerV1EgressFrom
Defines the conditions under which an EgressPolicy matches a request.
GoogleIdentityAccesscontextmanagerV1EgressPolicy
Policy for egress from perimeter.
GoogleIdentityAccesscontextmanagerV1EgressTo
Defines the conditions under which an EgressPolicy matches a request.
GoogleIdentityAccesscontextmanagerV1IngressFrom
Defines the conditions under which an IngressPolicy matches a request.
GoogleIdentityAccesscontextmanagerV1IngressPolicy
Policy for ingress into ServicePerimeter.
GoogleIdentityAccesscontextmanagerV1IngressTo
Defines the conditions under which an IngressPolicy matches a request.
GoogleIdentityAccesscontextmanagerV1ServicePerimeter
ServicePerimeter describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the ServicePerimeter.
GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig
ServicePerimeterConfig specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.
GoogleIdentityAccesscontextmanagerV1VpcNetworkSource
The originating network source in Google Cloud.
IamPolicyAnalysis
An analysis message to group the query and results.
IamPolicyAnalysisOutputConfig
Output configuration for export IAM policy analysis destination.
IamPolicyAnalysisQuery
IAM policy analysis query message.
IamPolicyAnalysisResult
IAM Policy analysis result, consisting of one IAM policy binding and derived access control lists.
IamPolicyAnalysisState
Represents the detailed state of an entity under analysis, such as a resource, an identity or an access.
IamPolicySearchResult
A result of IAM Policy search, containing information of an IAM policy.
IdentitySelector
Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly.
Inventory
This API resource represents the available inventory data for a Compute Engine virtual machine (VM) instance at a given point in time.
Item
A single piece of inventory on a VM.
ListAssetsResponse
ListAssets response.
ListFeedsResponse
ListSavedQueriesResponse
Response of listing saved queries.
MoveAnalysis
A message to group the analysis information.
MoveAnalysisResult
An analysis result including blockers and warnings.
MoveImpact
A message to group impacts of moving the target resource.
Operation
This resource represents a long-running operation that is the result of a network API call.
OperationsResource
Options
Contains query options.
OrgPolicyResult
The organization policy result to the query.
OutputConfig
Output configuration for export assets destination.
PartitionSpec
Specifications of BigQuery partitioned table as export destination.
Permissions
IAM permissions
Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
PolicyInfo
The IAM policy and its attached resource.
PubsubDestination
A Pub/Sub destination.
QueryAssetsOutputConfig
Output configuration query assets.
QueryAssetsRequest
QueryAssets request.
QueryAssetsResponse
QueryAssets response.
QueryContent
The query content.
QueryResult
Execution results of the query.
RelatedAsset
An asset identifier in Google Cloud which contains its name, type and ancestors.
RelatedAssets
This message only presents for the purpose of backward-compatibility.
RelatedResource
The detailed related resource.
RelatedResources
The related resources of the primary resource.
RelationshipAttributes
This message only presents for the purpose of backward-compatibility.
Resource
A representation of a Google Cloud resource.
ResourceSearchResult
A result of Resource Search, containing information of a cloud resource.
ResourceSelector
Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects.
SavedQueriesResource
SavedQuery
A saved query which can be shared with others or used later.
SearchAllIamPoliciesResponse
Search all IAM policies response.
SearchAllResourcesResponse
Search all resources response.
SoftwarePackage
Software package information of the operating system.
TableFieldSchema
A field in TableSchema.
TableSchema
BigQuery Compatible table schema.
Tag
The key and value for a tag.
TemporalAsset
An asset in Google Cloud and its temporal metadata, including the time window when it was observed and its status during that window.
TimeWindow
A time window specified by its start_time and end_time.
UpdateFeedRequest
Update asset feed request.
V1Resource
VersionedResource
Resource representation as defined by the corresponding service providing the resource for a given API version.
WindowsApplication
Contains information about a Windows application that is retrieved from the Windows Registry.
WindowsUpdatePackage
Details related to a Windows Update package.

Typedefs

AuditLogConfig = $AuditLogConfig
Provides the configuration for logging a type of permissions.
Date = $Date
Represents a whole or partial calendar date, such as a birthday.
Empty = $Empty
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.
Expr = $Expr
Represents a textual expression in the Common Expression Language (CEL) syntax.
GoogleCloudAssetV1BooleanConstraint = $Empty
A Constraint that is either enforced or not.
GoogleCloudAssetV1StringValues = $StringValues
The string values for the list constraints.
GoogleCloudOrgpolicyV1BooleanPolicy = $BooleanPolicy
Used in policy_type to specify how boolean_policy will behave at this resource.
GoogleCloudOrgpolicyV1ListPolicy = $ListPolicy
Used in policy_type to specify how list_policy behaves at this resource.
GoogleCloudOrgpolicyV1RestoreDefault = $Empty
Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource.
GoogleIdentityAccesscontextmanagerV1AccessPolicy = $AccessPolicy
AccessPolicy is a container for AccessLevels (which define the necessary attributes to use Google Cloud services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter).
GoogleIdentityAccesscontextmanagerV1EgressSource = $EgressSource
The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.
GoogleIdentityAccesscontextmanagerV1IngressSource = $IngressSource
The source that IngressPolicy authorizes access from.
GoogleIdentityAccesscontextmanagerV1MethodSelector = $MethodSelector
An allowed method or permission of a service specified in ApiOperation.
GoogleIdentityAccesscontextmanagerV1OsConstraint = $OsConstraint
A restriction on the OS type and version of devices making requests.
GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices = $VpcAccessibleServices
Specifies how APIs are allowed to communicate within the Service Perimeter.
GoogleIdentityAccesscontextmanagerV1VpcSubNetwork = $VpcSubNetwork
Sub-segment ranges inside of a VPC Network.
OsInfo = $OsInfo
Operating system information for the VM.
Status = $Status
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs.
VersionedPackage = $VersionedPackage
Information related to the a standard versioned package.
WindowsQuickFixEngineeringPackage = $WindowsQuickFixEngineeringPackage
Information related to a Quick Fix Engineering package.
WindowsUpdateCategory = $WindowsUpdateCategory
Categories specified by the Windows Update.
ZypperPatch = $ZypperPatch
Details related to a Zypper Patch.

Exceptions / Errors

ApiRequestError
Represents a general error reported by the API endpoint.
DetailedApiRequestError
Represents a specific error reported by the API endpoint.