diff options
Diffstat (limited to 'google/cloud/asset')
-rw-r--r-- | google/cloud/asset/BUILD.bazel | 1 | ||||
-rw-r--r-- | google/cloud/asset/artman_cloudasset_v1.yaml | 35 | ||||
-rw-r--r-- | google/cloud/asset/artman_cloudasset_v1beta1.yaml | 35 | ||||
-rw-r--r-- | google/cloud/asset/asset_v1.yaml | 50 | ||||
-rw-r--r-- | google/cloud/asset/asset_v1beta1.yaml | 56 | ||||
-rw-r--r-- | google/cloud/asset/v1/asset_service.proto | 171 | ||||
-rw-r--r-- | google/cloud/asset/v1/assets.proto | 118 | ||||
-rw-r--r-- | google/cloud/asset/v1/cloudasset_gapic.yaml | 142 | ||||
-rw-r--r-- | google/cloud/asset/v1beta1/BUILD.bazel | 142 | ||||
-rw-r--r-- | google/cloud/asset/v1beta1/asset_service.proto | 182 | ||||
-rw-r--r-- | google/cloud/asset/v1beta1/assets.proto | 117 | ||||
-rw-r--r-- | google/cloud/asset/v1beta1/cloudasset_gapic.yaml | 146 |
12 files changed, 1195 insertions, 0 deletions
diff --git a/google/cloud/asset/BUILD.bazel b/google/cloud/asset/BUILD.bazel new file mode 100644 index 000000000..1e5b8c2af --- /dev/null +++ b/google/cloud/asset/BUILD.bazel @@ -0,0 +1 @@ +exports_files(glob(["*.yaml"]))
\ No newline at end of file diff --git a/google/cloud/asset/artman_cloudasset_v1.yaml b/google/cloud/asset/artman_cloudasset_v1.yaml new file mode 100644 index 000000000..53429a5d8 --- /dev/null +++ b/google/cloud/asset/artman_cloudasset_v1.yaml @@ -0,0 +1,35 @@ +common: + # Keep the api_name asset, otherwise Java code gen will be broken. + api_name: asset + api_version: v1 + organization_name: google-cloud + proto_deps: + - name: google-common-protos + src_proto_paths: + - v1 + service_yaml: asset_v1.yaml + gapic_yaml: v1/cloudasset_gapic.yaml +artifacts: +- name: gapic_config + type: GAPIC_CONFIG +- name: java_gapic + type: GAPIC + language: JAVA +- name: python_gapic + type: GAPIC + language: PYTHON +- name: nodejs_gapic + type: GAPIC + language: NODEJS +- name: php_gapic + type: GAPIC + language: PHP +- name: go_gapic + type: GAPIC + language: GO +- name: ruby_gapic + type: GAPIC + language: RUBY +- name: csharp_gapic + type: GAPIC + language: CSHARP diff --git a/google/cloud/asset/artman_cloudasset_v1beta1.yaml b/google/cloud/asset/artman_cloudasset_v1beta1.yaml new file mode 100644 index 000000000..c3278c500 --- /dev/null +++ b/google/cloud/asset/artman_cloudasset_v1beta1.yaml @@ -0,0 +1,35 @@ +common: + # Keep the api_name asset, otherwise Java code gen will be broken. + api_name: asset + api_version: v1beta1 + organization_name: google-cloud + proto_deps: + - name: google-common-protos + src_proto_paths: + - v1beta1 + service_yaml: asset_v1beta1.yaml + gapic_yaml: v1beta1/cloudasset_gapic.yaml +artifacts: +- name: gapic_config + type: GAPIC_CONFIG +- name: java_gapic + type: GAPIC + language: JAVA +- name: python_gapic + type: GAPIC + language: PYTHON +- name: nodejs_gapic + type: GAPIC + language: NODEJS +- name: php_gapic + type: GAPIC + language: PHP +- name: go_gapic + type: GAPIC + language: GO +- name: ruby_gapic + type: GAPIC + language: RUBY +- name: csharp_gapic + type: GAPIC + language: CSHARP diff --git a/google/cloud/asset/asset_v1.yaml b/google/cloud/asset/asset_v1.yaml new file mode 100644 index 000000000..71c62ee8d --- /dev/null +++ b/google/cloud/asset/asset_v1.yaml @@ -0,0 +1,50 @@ +type: google.api.Service +config_version: 3 +name: cloudasset.googleapis.com +title: Cloud Asset API + +apis: +- name: google.cloud.asset.v1.AssetService + +documentation: + summary: The cloud asset API manages the history and inventory of cloud resources. + overview: |- + # Cloud Asset API + + The Cloud Asset API keeps a history of Google Cloud Platform (GCP) asset + metadata, and allows GCP users to download a dump of all asset metadata for + the resource types listed below within an organization or a project at a + given timestamp. + + Read more documents here: + https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview + +backend: + rules: + - selector: google.longrunning.Operations.GetOperation + deadline: 60.0 + - selector: google.cloud.asset.v1.AssetService.ExportAssets + deadline: 600.0 + - selector: google.cloud.asset.v1.AssetService.BatchGetAssetsHistory + deadline: 600.0 + +http: + rules: + - selector: google.longrunning.Operations.GetOperation + get: '/v1beta1/{name=projects/*/operations/*/**}' + additional_bindings: + - get: '/v1beta1/{name=folders/*/operations/*/**}' + + - get: '/v1beta1/{name=organizations/*/operations/*/**}' + + - get: '/v1p1alpha1/{name=*/*/operations/*/**}' + + - get: '/v1/{name=*/*/operations/*/**}' + + +authentication: + rules: + - selector: '*' + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform diff --git a/google/cloud/asset/asset_v1beta1.yaml b/google/cloud/asset/asset_v1beta1.yaml new file mode 100644 index 000000000..d1edc78b9 --- /dev/null +++ b/google/cloud/asset/asset_v1beta1.yaml @@ -0,0 +1,56 @@ +type: google.api.Service +config_version: 3 +name: cloudasset.googleapis.com +title: Cloud Asset API + +apis: +- name: google.cloud.asset.v1beta1.AssetService + +documentation: + summary: The cloud asset API manages the history and inventory of cloud resources. + overview: |- + # Cloud Asset API + + The Cloud Asset API keeps a history of Google Cloud Platform (GCP) asset + metadata, and allows GCP users to download a dump of all asset metadata for + the resource types listed below within an organization or a project at a + given timestamp. + + Read more documents here: + https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview + +backend: + rules: + - selector: google.longrunning.Operations.GetOperation + deadline: 60.0 + - selector: google.cloud.asset.v1beta1.AssetService.ExportAssets + deadline: 600.0 + - selector: google.cloud.asset.v1beta1.AssetService.BatchGetAssetsHistory + deadline: 600.0 + +http: + rules: + - selector: google.longrunning.Operations.GetOperation + get: '/v1alpha1/{name=projects/*/operations/*/*}' + additional_bindings: + - get: '/v1alpha1/{name=organizations/*/operations/*/*}' + + - get: '/v1alpha2/{name=projects/*/operations/*/*}' + + - get: '/v1alpha2/{name=organizations/*/operations/*/*}' + + - get: '/v1beta1/{name=projects/*/operations/*/*}' + + - get: '/v1beta1/{name=folders/*/operations/*/*}' + + - get: '/v1beta1/{name=organizations/*/operations/*/*}' + + - get: '/v1/{name=*/*/operations/*/*}' + + +authentication: + rules: + - selector: '*' + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform diff --git a/google/cloud/asset/v1/asset_service.proto b/google/cloud/asset/v1/asset_service.proto new file mode 100644 index 000000000..0dfc2898b --- /dev/null +++ b/google/cloud/asset/v1/asset_service.proto @@ -0,0 +1,171 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.asset.v1; + +import "google/api/annotations.proto"; +import "google/cloud/asset/v1/assets.proto"; +import "google/longrunning/operations.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.Asset.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1;asset"; +option java_multiple_files = true; +option java_outer_classname = "AssetServiceProto"; +option java_package = "com.google.cloud.asset.v1"; +option php_namespace = "Google\\Cloud\\Asset\\V1"; + + +// Asset service definition. +service AssetService { + // Exports assets with time and resource types to a given Cloud Storage + // location. The output format is newline-delimited JSON. + // This API implements the [google.longrunning.Operation][google.longrunning.Operation] API allowing you + // to keep track of the export. + rpc ExportAssets(ExportAssetsRequest) returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{parent=*/*}:exportAssets" + body: "*" + }; + } + + // Batch gets the update history of assets that overlap a time window. + // For RESOURCE content, this API outputs history with asset in both + // non-delete or deleted status. + // For IAM_POLICY content, this API outputs history when the asset and its + // attached IAM POLICY both exist. This can create gaps in the output history. + // If a specified asset does not exist, this API returns an INVALID_ARGUMENT + // error. + rpc BatchGetAssetsHistory(BatchGetAssetsHistoryRequest) returns (BatchGetAssetsHistoryResponse) { + option (google.api.http) = { + get: "/v1/{parent=*/*}:batchGetAssetsHistory" + }; + } +} + +// Export asset request. +message ExportAssetsRequest { + // Required. The relative name of the root asset. This can only be an + // organization number (such as "organizations/123"), a project ID (such as + // "projects/my-project-id"), or a project number (such as "projects/12345"), + // or a folder number (such as "folders/123"). + string parent = 1; + + // Timestamp to take an asset snapshot. This can only be set to a timestamp + // between 2018-10-02 UTC (inclusive) and the current time. If not specified, + // the current time will be used. Due to delays in resource data collection + // and indexing, there is a volatile window during which running the same + // query may get different results. + google.protobuf.Timestamp read_time = 2; + + // A list of asset types of which to take a snapshot for. For example: + // "compute.googleapis.com/Disk". If specified, only matching assets will be returned. + // See [Introduction to Cloud Asset + // Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview) + // for all supported asset types. + repeated string asset_types = 3; + + // Asset content type. If not specified, no content but the asset name will be + // returned. + ContentType content_type = 4; + + // Required. Output configuration indicating where the results will be output + // to. All results will be in newline delimited JSON format. + OutputConfig output_config = 5; +} + +// The export asset response. This message is returned by the +// [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation] method in the returned +// [google.longrunning.Operation.response][google.longrunning.Operation.response] field. +message ExportAssetsResponse { + // Time the snapshot was taken. + google.protobuf.Timestamp read_time = 1; + + // Output configuration indicating where the results were output to. + // All results are in JSON format. + OutputConfig output_config = 2; +} + +// Batch get assets history request. +message BatchGetAssetsHistoryRequest { + // Required. The relative name of the root asset. It can only be an + // organization number (such as "organizations/123"), a project ID (such as + // "projects/my-project-id")", or a project number (such as "projects/12345"). + string parent = 1; + + // A list of the full names of the assets. For example: + // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + // See [Resource + // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + // and [Resource Name Format](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/resource-name-format) + // for more info. + // + // The request becomes a no-op if the asset name list is empty, and the max + // size of the asset name list is 100 in one request. + repeated string asset_names = 2; + + // Required. The content type. + ContentType content_type = 3; + + // Optional. The time window for the asset history. Both start_time and + // end_time are optional and if set, it must be after 2018-10-02 UTC. If + // end_time is not set, it is default to current timestamp. If start_time is + // not set, the snapshot of the assets at end_time will be returned. The + // returned results contain all temporal assets whose time window overlap with + // read_time_window. + TimeWindow read_time_window = 4; +} + +// Batch get assets history response. +message BatchGetAssetsHistoryResponse { + // A list of assets with valid time windows. + repeated TemporalAsset assets = 1; +} + +// Output configuration for export assets destination. +message OutputConfig { + // Asset export destination. + oneof destination { + // Destination on Cloud Storage. + GcsDestination gcs_destination = 1; + } +} + +// A Cloud Storage location. +message GcsDestination { + // Required. + oneof object_uri { + // The uri of the Cloud Storage object. It's the same uri that is used by + // gsutil. For example: "gs://bucket_name/object_name". See [Viewing and + // Editing Object + // Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) + // for more information. + string uri = 1; + } +} + +// Asset content type. +enum ContentType { + // Unspecified content type. + CONTENT_TYPE_UNSPECIFIED = 0; + + // Resource metadata. + RESOURCE = 1; + + // The actual IAM policy set on a resource. + IAM_POLICY = 2; +} diff --git a/google/cloud/asset/v1/assets.proto b/google/cloud/asset/v1/assets.proto new file mode 100644 index 000000000..f6a8108c0 --- /dev/null +++ b/google/cloud/asset/v1/assets.proto @@ -0,0 +1,118 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.asset.v1; + +import "google/api/annotations.proto"; +import "google/iam/v1/policy.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.Asset.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1;asset"; +option java_multiple_files = true; +option java_outer_classname = "AssetProto"; +option java_package = "com.google.cloud.asset.v1"; +option php_namespace = "Google\\Cloud\\Asset\\V1"; + + +// Temporal asset. In addition to the asset, the temporal asset includes the +// status of the asset and valid from and to time of it. +message TemporalAsset { + // The time window when the asset data and state was observed. + TimeWindow window = 1; + + // If the asset is deleted or not. + bool deleted = 2; + + // Asset. + Asset asset = 3; +} + +// A time window of (start_time, end_time]. +message TimeWindow { + // Start time of the time window (exclusive). + google.protobuf.Timestamp start_time = 1; + + // End time of the time window (inclusive). + // Current timestamp if not specified. + google.protobuf.Timestamp end_time = 2; +} + +// Cloud asset. This includes all Google Cloud Platform resources, +// Cloud IAM policies, and other non-GCP assets. +message Asset { + // The full name of the asset. For example: + // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + // See [Resource + // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + // for more information. + string name = 1; + + // Type of the asset. Example: "compute.googleapis.com/Disk". + string asset_type = 2; + + // Representation of the resource. + Resource resource = 3; + + // Representation of the actual Cloud IAM policy set on a cloud resource. For + // each resource, there must be at most one Cloud IAM policy set on it. + google.iam.v1.Policy iam_policy = 4; +} + +// Representation of a cloud resource. +message Resource { + // The API version. Example: "v1". + string version = 1; + + // The URL of the discovery document containing the resource's JSON schema. + // For example: + // `"https://www.googleapis.com/discovery/v1/apis/compute/v1/rest"`. + // It will be left unspecified for resources without a discovery-based API, + // such as Cloud Bigtable. + string discovery_document_uri = 2; + + // The JSON schema name listed in the discovery document. + // Example: "Project". It will be left unspecified for resources (such as + // Cloud Bigtable) without a discovery-based API. + string discovery_name = 3; + + // The REST URL for accessing the resource. An HTTP GET operation using this + // URL returns the resource itself. + // Example: + // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123`. + // It will be left unspecified for resources without a REST API. + string resource_url = 4; + + // The full name of the immediate parent of this resource. See + // [Resource + // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + // for more information. + // + // For GCP assets, it is the parent resource defined in the [Cloud IAM policy + // hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). + // For example: + // `"//cloudresourcemanager.googleapis.com/projects/my_project_123"`. + // + // For third-party assets, it is up to the users to define. + string parent = 5; + + // The content of the resource, in which some sensitive fields are scrubbed + // away and may not be present. + google.protobuf.Struct data = 6; +} diff --git a/google/cloud/asset/v1/cloudasset_gapic.yaml b/google/cloud/asset/v1/cloudasset_gapic.yaml new file mode 100644 index 000000000..9d60f1042 --- /dev/null +++ b/google/cloud/asset/v1/cloudasset_gapic.yaml @@ -0,0 +1,142 @@ +type: com.google.api.codegen.ConfigProto +config_schema_version: 1.0.0 +# The settings of generated code in a specific language. +language_settings: + java: + package_name: com.google.cloud.asset.v1 + python: + package_name: google.cloud.asset_v1.gapic + go: + package_name: cloud.google.com/go/asset/apiv1 + csharp: + package_name: Google.Cloud.Asset.V1 + ruby: + package_name: Google::Cloud::Asset::V1 + php: + package_name: Google\Cloud\Asset\V1 + nodejs: + package_name: asset.v1 +# A list of API interface configurations. +interfaces: + # The fully qualified name of the API interface. +- name: google.cloud.asset.v1.AssetService + # A list of resource collection configurations. + # Consists of a name_pattern and an entity_name. + # The name_pattern is a pattern to describe the names of the resources of this + # collection, using the platform's conventions for URI patterns. A generator + # may use this to generate methods to compose and decompose such names. The + # pattern should use named placeholders as in `shelves/{shelf}/books/{book}`; + # those will be taken as hints for the parameter names of the generated + # methods. If empty, no name methods are generated. + # The entity_name is the name to be used as a basis for generated methods and + # classes. + collections: + - name_pattern: projects/{project} + entity_name: project + language_overrides: + - language: csharp + common_resource_name: Google.Api.Gax.ResourceNames.ProjectName + # Definition for retryable codes. + retry_codes_def: + - name: idempotent + retry_codes: + - DEADLINE_EXCEEDED + - UNAVAILABLE + - name: non_idempotent + retry_codes: [] + # Definition for retry/backoff parameters. + retry_params_def: + - name: default + initial_retry_delay_millis: 100 + retry_delay_multiplier: 1.3 + max_retry_delay_millis: 60000 + initial_rpc_timeout_millis: 20000 + rpc_timeout_multiplier: 1 + max_rpc_timeout_millis: 20000 + total_timeout_millis: 600000 + # A list of method configurations. + # Common properties: + # + # name - The simple name of the method. + # + # flattening - Specifies the configuration for parameter flattening. + # Describes the parameter groups for which a generator should produce method + # overloads which allow a client to directly pass request message fields as + # method parameters. This information may or may not be used, depending on + # the target language. + # Consists of groups, which each represent a list of parameters to be + # flattened. Each parameter listed must be a field of the request message. + # + # required_fields - Fields that are always required for a request to be + # valid. + # + # resource_name_treatment - An enum that specifies how to treat the resource + # name formats defined in the field_name_patterns and + # response_field_name_patterns fields. + # UNSET: default value + # NONE: the collection configs will not be used by the generated code. + # VALIDATE: string fields will be validated by the client against the + # specified resource name formats. + # STATIC_TYPES: the client will use generated types for resource names. + # + # page_streaming - Specifies the configuration for paging. + # Describes information for generating a method which transforms a paging + # list RPC into a stream of resources. + # Consists of a request and a response. + # The request specifies request information of the list method. It defines + # which fields match the paging pattern in the request. The request consists + # of a page_size_field and a token_field. The page_size_field is the name of + # the optional field specifying the maximum number of elements to be + # returned in the response. The token_field is the name of the field in the + # request containing the page token. + # The response specifies response information of the list method. It defines + # which fields match the paging pattern in the response. The response + # consists of a token_field and a resources_field. The token_field is the + # name of the field in the response containing the next page token. The + # resources_field is the name of the field in the response containing the + # list of resources belonging to the page. + # + # retry_codes_name - Specifies the configuration for retryable codes. The + # name must be defined in interfaces.retry_codes_def. + # + # retry_params_name - Specifies the configuration for retry/backoff + # parameters. The name must be defined in interfaces.retry_params_def. + # + # field_name_patterns - Maps the field name of the request type to + # entity_name of interfaces.collections. + # Specifies the string pattern that the field must follow. + # + # timeout_millis - Specifies the default timeout for a non-retrying call. If + # the call is retrying, refer to retry_params_name instead. + methods: + - name: ExportAssets + required_fields: + - parent + - output_config + retry_codes_name: non_idempotent + retry_params_name: default + resource_name_treatment: STATIC_TYPES + long_running: + return_type: google.cloud.asset.v1.ExportAssetsResponse + metadata_type: google.cloud.asset.v1.ExportAssetsRequest + initial_poll_delay_millis: 500 + poll_delay_multiplier: 1.5 + max_poll_delay_millis: 5000 + total_poll_timeout_millis: 300000 + timeout_millis: 600000 + - name: BatchGetAssetsHistory + required_fields: + - parent + - content_type + - read_time_window + retry_codes_name: idempotent + retry_params_name: default + resource_name_treatment: STATIC_TYPES + timeout_millis: 600000 +resource_name_generation: +- message_name: ExportAssetsRequest + field_entity_map: + parent: project +- message_name: BatchGetAssetsHistoryRequest + field_entity_map: + parent: project diff --git a/google/cloud/asset/v1beta1/BUILD.bazel b/google/cloud/asset/v1beta1/BUILD.bazel new file mode 100644 index 000000000..c78dc9961 --- /dev/null +++ b/google/cloud/asset/v1beta1/BUILD.bazel @@ -0,0 +1,142 @@ +# This is an API workspace, having public visibility by default makes perfect sense. +package(default_visibility = ["//visibility:public"]) + +############################################################################## +# Common +############################################################################## +load("@com_google_api_codegen//rules_gapic:gapic.bzl", "proto_library_with_info") + +proto_library( + name = "asset_proto", + srcs = [ + "asset_service.proto", + "assets.proto", + ], + deps = [ + "//google/api:annotations_proto", + "//google/iam/v1:policy_proto", + "//google/longrunning:operations_proto", + "@com_google_protobuf//:any_proto", + "@com_google_protobuf//:struct_proto", + "@com_google_protobuf//:timestamp_proto", + ], +) + +proto_library_with_info( + name = "asset_proto_with_info", + deps = [":asset_proto"], +) + +############################################################################## +# Java +############################################################################## +load("@io_grpc_grpc_java//:java_grpc_library.bzl", "java_grpc_library") +load("@com_google_api_codegen//rules_gapic:gapic.bzl", "proto_library_with_info") +load("@com_google_api_codegen//rules_gapic/java:java_gapic.bzl", "java_gapic_library") +load("@com_google_api_codegen//rules_gapic/java:java_gapic_pkg.bzl", "java_gapic_assembly_gradle_pkg") + +_JAVA_GRPC_DEPS = [ + "@com_google_api_grpc_proto_google_common_protos//jar", + "@com_google_api_grpc_proto_google_iam_v1//jar", +] + +java_proto_library( + name = "asset_java_proto", + deps = [":asset_proto"], +) + +java_grpc_library( + name = "asset_java_grpc", + srcs = [":asset_proto"], + deps = [":asset_java_proto"] + _JAVA_GRPC_DEPS, +) + +java_gapic_library( + name = "asset_java_gapic", + src = ":asset_proto_with_info", + gapic_yaml = "cloudasset_gapic.yaml", + service_yaml = "//google/cloud/asset:asset_v1beta1.yaml", + test_deps = [":asset_java_grpc"], + deps = [":asset_java_proto"] + _JAVA_GRPC_DEPS, +) + +# TODO: configure flattened methods in AssetServiceClient so +# com.google.cloud.asset.v1beta1.AssetServiceClientTest has actual methods to test (now it is empty, +# and Bazel does not allow to run empty test classes (test classes without test methods)). +# +#[java_test( +# name = test_name, +# test_class = test_name, +# runtime_deps = [ +# ":asset_java_gapic_test", +# ], +#) for test_name in [ +# "com.google.cloud.asset.v1beta1.AssetServiceClientTest", +#]] + +# Opensource Packages +java_gapic_assembly_gradle_pkg( + name = "google-cloud-asset-v1beta1-java", + client_deps = [":asset_java_gapic"], + client_group = "com.google.cloud", + client_test_deps = [":asset_java_gapic_test"], + grpc_deps = [":asset_java_grpc"], + grpc_group = "com.google.api.grpc", + proto_deps = [ + ":asset_java_proto", + ":asset_proto", + ] + _JAVA_GRPC_DEPS, + version = "0.0.0-SNAPSHOT", +) + +############################################################################## +# Go +############################################################################## +load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library") +load("@com_google_api_codegen//rules_gapic/go:go_gapic.bzl", "go_gapic_srcjar", "go_gapic_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") +load("@com_google_api_codegen//rules_gapic/go:go_gapic_pkg.bzl", "go_gapic_assembly_pkg") + +go_proto_library( + name = "asset_go_proto", + compilers = ["@io_bazel_rules_go//proto:go_grpc"], + importpath = "google.golang.org/genproto/googleapis/cloud/asset/v1beta1", + protos = [":asset_proto_with_info"], + deps = [ + "//google/api:annotations_go_proto", + "//google/iam/v1:iam_go_proto", + "//google/longrunning:longrunning_go_proto", + ], +) + +go_gapic_library( + name = "asset_go_gapic", + src = ":asset_proto_with_info", + gapic_yaml = "cloudasset_gapic.yaml", + importpath = "cloud.google.com/go/asset/apiv1beta1", + service_yaml = "//google/cloud/asset:asset_v1beta1.yaml", + deps = [ + ":asset_go_proto", + "//google/longrunning:longrunning_go_gapic", + "//google/longrunning:longrunning_go_proto", + "@com_google_cloud_go//longrunning:go_default_library", + ], +) + +go_test( + name = "asset_go_gapic_test", + srcs = [":asset_go_gapic_srcjar_test"], + embed = [":asset_go_gapic"], + importpath = "cloud.google.com/go/asset/apiv1beta1", +) + +# Opensource Packages +go_gapic_assembly_pkg( + name = "gapi-cloud-asset-v1beta1-go", + deps = [ + ":asset_go_gapic", + ":asset_go_gapic_srcjar-smoke-test.srcjar", + ":asset_go_gapic_srcjar-test.srcjar", + ":asset_go_proto", + ], +) diff --git a/google/cloud/asset/v1beta1/asset_service.proto b/google/cloud/asset/v1beta1/asset_service.proto new file mode 100644 index 000000000..8e2d1b0a3 --- /dev/null +++ b/google/cloud/asset/v1beta1/asset_service.proto @@ -0,0 +1,182 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.asset.v1beta1; + +import "google/api/annotations.proto"; +import "google/cloud/asset/v1beta1/assets.proto"; +import "google/longrunning/operations.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.Asset.V1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1beta1;asset"; +option java_multiple_files = true; +option java_outer_classname = "AssetServiceProto"; +option java_package = "com.google.cloud.asset.v1beta1"; +option php_namespace = "Google\\Cloud\\Asset\\V1beta1"; + +// Asset service definition. +service AssetService { + // Exports assets with time and resource types to a given Cloud Storage + // location. The output format is newline-delimited JSON. + // This API implements the + // [google.longrunning.Operation][google.longrunning.Operation] API allowing + // you to keep track of the export. + rpc ExportAssets(ExportAssetsRequest) returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1beta1/{parent=projects/*}:exportAssets" + body: "*" + additional_bindings { + post: "/v1beta1/{parent=folders/*}:exportAssets" + body: "*" + } + additional_bindings { + post: "/v1beta1/{parent=organizations/*}:exportAssets" + body: "*" + } + }; + } + + // Batch gets the update history of assets that overlap a time window. + // For RESOURCE content, this API outputs history with asset in both + // non-delete or deleted status. + // For IAM_POLICY content, this API outputs history when the asset and its + // attached IAM POLICY both exist. This can create gaps in the output history. + rpc BatchGetAssetsHistory(BatchGetAssetsHistoryRequest) + returns (BatchGetAssetsHistoryResponse) { + option (google.api.http) = { + get: "/v1beta1/{parent=projects/*}:batchGetAssetsHistory" + additional_bindings { + get: "/v1beta1/{parent=organizations/*}:batchGetAssetsHistory" + } + }; + } +} + +// Export asset request. +message ExportAssetsRequest { + // Required. The relative name of the root asset. This can only be an + // organization number (such as "organizations/123"), a project ID (such as + // "projects/my-project-id"), a project number (such as "projects/12345"), or + // a folder number (such as "folders/123"). + string parent = 1; + + // Timestamp to take an asset snapshot. This can only be set to a timestamp + // between 2018-10-02 UTC (inclusive) and the current time. If not specified, + // the current time will be used. Due to delays in resource data collection + // and indexing, there is a volatile window during which running the same + // query may get different results. + google.protobuf.Timestamp read_time = 2; + + // A list of asset types of which to take a snapshot for. For example: + // "google.compute.Disk". If specified, only matching assets will be returned. + // See [Introduction to Cloud Asset + // Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview) + // for all supported asset types. + repeated string asset_types = 3; + + // Asset content type. If not specified, no content but the asset name will be + // returned. + ContentType content_type = 4; + + // Required. Output configuration indicating where the results will be output + // to. All results will be in newline delimited JSON format. + OutputConfig output_config = 5; +} + +// The export asset response. This message is returned by the +// [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation] +// method in the returned +// [google.longrunning.Operation.response][google.longrunning.Operation.response] +// field. +message ExportAssetsResponse { + // Time the snapshot was taken. + google.protobuf.Timestamp read_time = 1; + + // Output configuration indicating where the results were output to. + // All results are in JSON format. + OutputConfig output_config = 2; +} + +// Batch get assets history request. +message BatchGetAssetsHistoryRequest { + // Required. The relative name of the root asset. It can only be an + // organization number (such as "organizations/123"), a project ID (such as + // "projects/my-project-id")", or a project number (such as "projects/12345"). + string parent = 1; + + // A list of the full names of the assets. For example: + // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + // See [Resource + // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + // for more info. + // + // The request becomes a no-op if the asset name list is empty, and the max + // size of the asset name list is 100 in one request. + repeated string asset_names = 2; + + // Required. The content type. + ContentType content_type = 3; + + // Optional. The time window for the asset history. Both start_time and + // end_time are optional and if set, it must be after 2018-10-02 UTC. If + // end_time is not set, it is default to current timestamp. If start_time is + // not set, the snapshot of the assets at end_time will be returned. The + // returned results contain all temporal assets whose time window overlap with + // read_time_window. + TimeWindow read_time_window = 4; +} + +// Batch get assets history response. +message BatchGetAssetsHistoryResponse { + // A list of assets with valid time windows. + repeated TemporalAsset assets = 1; +} + +// Output configuration for export assets destination. +message OutputConfig { + // Asset export destination. + oneof destination { + // Destination on Cloud Storage. + GcsDestination gcs_destination = 1; + } +} + +// A Cloud Storage location. +message GcsDestination { + // Required. + oneof object_uri { + // The uri of the Cloud Storage object. It's the same uri that is used by + // gsutil. For example: "gs://bucket_name/object_name". See [Viewing and + // Editing Object + // Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) + // for more information. + string uri = 1; + } +} + +// Asset content type. +enum ContentType { + // Unspecified content type. + CONTENT_TYPE_UNSPECIFIED = 0; + + // Resource metadata. + RESOURCE = 1; + + // The actual IAM policy set on a resource. + IAM_POLICY = 2; +} diff --git a/google/cloud/asset/v1beta1/assets.proto b/google/cloud/asset/v1beta1/assets.proto new file mode 100644 index 000000000..84db977b9 --- /dev/null +++ b/google/cloud/asset/v1beta1/assets.proto @@ -0,0 +1,117 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.asset.v1beta1; + +import "google/api/annotations.proto"; +import "google/iam/v1/policy.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.Asset.V1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1beta1;asset"; +option java_multiple_files = true; +option java_outer_classname = "AssetProto"; +option java_package = "com.google.cloud.asset.v1beta1"; +option php_namespace = "Google\\Cloud\\Asset\\V1beta1"; + +// Temporal asset. In addition to the asset, the temporal asset includes the +// status of the asset and valid from and to time of it. +message TemporalAsset { + // The time window when the asset data and state was observed. + TimeWindow window = 1; + + // If the asset is deleted or not. + bool deleted = 2; + + // Asset. + Asset asset = 3; +} + +// A time window of (start_time, end_time]. +message TimeWindow { + // Start time of the time window (exclusive). + google.protobuf.Timestamp start_time = 1; + + // End time of the time window (inclusive). + // Current timestamp if not specified. + google.protobuf.Timestamp end_time = 2; +} + +// Cloud asset. This includes all Google Cloud Platform resources, +// Cloud IAM policies, and other non-GCP assets. +message Asset { + // The full name of the asset. For example: + // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. + // See [Resource + // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + // for more information. + string name = 1; + + // Type of the asset. Example: "google.compute.Disk". + string asset_type = 2; + + // Representation of the resource. + Resource resource = 3; + + // Representation of the actual Cloud IAM policy set on a cloud resource. For + // each resource, there must be at most one Cloud IAM policy set on it. + google.iam.v1.Policy iam_policy = 4; +} + +// Representation of a cloud resource. +message Resource { + // The API version. Example: "v1". + string version = 1; + + // The URL of the discovery document containing the resource's JSON schema. + // For example: + // `"https://www.googleapis.com/discovery/v1/apis/compute/v1/rest"`. + // It will be left unspecified for resources without a discovery-based API, + // such as Cloud Bigtable. + string discovery_document_uri = 2; + + // The JSON schema name listed in the discovery document. + // Example: "Project". It will be left unspecified for resources (such as + // Cloud Bigtable) without a discovery-based API. + string discovery_name = 3; + + // The REST URL for accessing the resource. An HTTP GET operation using this + // URL returns the resource itself. + // Example: + // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123`. + // It will be left unspecified for resources without a REST API. + string resource_url = 4; + + // The full name of the immediate parent of this resource. See + // [Resource + // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) + // for more information. + // + // For GCP assets, it is the parent resource defined in the [Cloud IAM policy + // hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). + // For example: + // `"//cloudresourcemanager.googleapis.com/projects/my_project_123"`. + // + // For third-party assets, it is up to the users to define. + string parent = 5; + + // The content of the resource, in which some sensitive fields are scrubbed + // away and may not be present. + google.protobuf.Struct data = 6; +} diff --git a/google/cloud/asset/v1beta1/cloudasset_gapic.yaml b/google/cloud/asset/v1beta1/cloudasset_gapic.yaml new file mode 100644 index 000000000..d88a59238 --- /dev/null +++ b/google/cloud/asset/v1beta1/cloudasset_gapic.yaml @@ -0,0 +1,146 @@ +type: com.google.api.codegen.ConfigProto +config_schema_version: 1.0.0 +# The settings of generated code in a specific language. +language_settings: + java: + package_name: com.google.cloud.asset.v1beta1 + python: + package_name: google.cloud.asset_v1beta1.gapic + go: + package_name: cloud.google.com/go/asset/apiv1beta1 + csharp: + package_name: Google.Cloud.Asset.V1Beta1 + ruby: + package_name: Google::Cloud::Asset::V1beta1 + php: + package_name: Google\Cloud\Asset\V1beta1 + nodejs: + package_name: asset.v1beta1 +# A list of API interface configurations. +interfaces: + # The fully qualified name of the API interface. +- name: google.cloud.asset.v1beta1.AssetService + # A list of resource collection configurations. + # Consists of a name_pattern and an entity_name. + # The name_pattern is a pattern to describe the names of the resources of this + # collection, using the platform's conventions for URI patterns. A generator + # may use this to generate methods to compose and decompose such names. The + # pattern should use named placeholders as in `shelves/{shelf}/books/{book}`; + # those will be taken as hints for the parameter names of the generated + # methods. If empty, no name methods are generated. + # The entity_name is the name to be used as a basis for generated methods and + # classes. + collections: + - name_pattern: projects/{project} + entity_name: project + language_overrides: + - language: csharp + common_resource_name: Google.Api.Gax.ResourceNames.ProjectName + # Definition for retryable codes. + retry_codes_def: + - name: idempotent + retry_codes: + - DEADLINE_EXCEEDED + - UNAVAILABLE + - name: non_idempotent + retry_codes: [] + # Definition for retry/backoff parameters. + retry_params_def: + - name: default + initial_retry_delay_millis: 100 + retry_delay_multiplier: 1.3 + max_retry_delay_millis: 60000 + initial_rpc_timeout_millis: 20000 + rpc_timeout_multiplier: 1 + max_rpc_timeout_millis: 20000 + total_timeout_millis: 600000 + # A list of method configurations. + # Common properties: + # + # name - The simple name of the method. + # + # flattening - Specifies the configuration for parameter flattening. + # Describes the parameter groups for which a generator should produce method + # overloads which allow a client to directly pass request message fields as + # method parameters. This information may or may not be used, depending on + # the target language. + # Consists of groups, which each represent a list of parameters to be + # flattened. Each parameter listed must be a field of the request message. + # + # required_fields - Fields that are always required for a request to be + # valid. + # + # resource_name_treatment - An enum that specifies how to treat the resource + # name formats defined in the field_name_patterns and + # response_field_name_patterns fields. + # UNSET: default value + # NONE: the collection configs will not be used by the generated code. + # VALIDATE: string fields will be validated by the client against the + # specified resource name formats. + # STATIC_TYPES: the client will use generated types for resource names. + # + # page_streaming - Specifies the configuration for paging. + # Describes information for generating a method which transforms a paging + # list RPC into a stream of resources. + # Consists of a request and a response. + # The request specifies request information of the list method. It defines + # which fields match the paging pattern in the request. The request consists + # of a page_size_field and a token_field. The page_size_field is the name of + # the optional field specifying the maximum number of elements to be + # returned in the response. The token_field is the name of the field in the + # request containing the page token. + # The response specifies response information of the list method. It defines + # which fields match the paging pattern in the response. The response + # consists of a token_field and a resources_field. The token_field is the + # name of the field in the response containing the next page token. The + # resources_field is the name of the field in the response containing the + # list of resources belonging to the page. + # + # retry_codes_name - Specifies the configuration for retryable codes. The + # name must be defined in interfaces.retry_codes_def. + # + # retry_params_name - Specifies the configuration for retry/backoff + # parameters. The name must be defined in interfaces.retry_params_def. + # + # field_name_patterns - Maps the field name of the request type to + # entity_name of interfaces.collections. + # Specifies the string pattern that the field must follow. + # + # timeout_millis - Specifies the default timeout for a non-retrying call. If + # the call is retrying, refer to retry_params_name instead. + methods: + - name: ExportAssets + required_fields: + - parent + - output_config + retry_codes_name: non_idempotent + retry_params_name: default + field_name_patterns: + parent: project + resource_name_treatment: STATIC_TYPES + long_running: + return_type: google.cloud.asset.v1beta1.ExportAssetsResponse + metadata_type: google.cloud.asset.v1beta1.ExportAssetsRequest + initial_poll_delay_millis: 500 + poll_delay_multiplier: 1.5 + max_poll_delay_millis: 5000 + total_poll_timeout_millis: 300000 + timeout_millis: 600000 + - name: BatchGetAssetsHistory + required_fields: + - parent + - content_type + - read_time_window + retry_codes_name: idempotent + retry_params_name: default + field_name_patterns: + parent: project + resource_name_treatment: STATIC_TYPES + timeout_millis: 600000 +resource_name_generation: +- message_name: ExportAssetsRequest + field_entity_map: + parent: project +- message_name: BatchGetAssetsHistoryRequest + field_entity_map: + parent: project |