From c9d818e4c53707d51395a33e6fc1b202126d6a29 Mon Sep 17 00:00:00 2001 From: Yoshi Automation Bot Date: Fri, 8 May 2020 01:02:50 -0700 Subject: [PATCH] feat: add orgpolicy and accesscontextmanager (via synth) (#26) --- .coveragerc | 16 + .flake8 | 16 + .github/ISSUE_TEMPLATE/bug_report.md | 3 +- CONTRIBUTING.rst | 15 +- MANIFEST.in | 16 + docs/index.rst | 2 + docs/multiprocessing.rst | 7 + .../asset_v1/gapic/asset_service_client.py | 305 +++++-------- .../gapic/asset_service_client_config.py | 22 +- google/cloud/asset_v1/gapic/enums.py | 137 +++++- .../asset_service_grpc_transport.py | 46 +- .../cloud/asset_v1/proto/asset_service_pb2.py | 133 +++--- google/cloud/asset_v1/proto/assets_pb2.py | 274 ++++++++--- google/cloud/asset_v1/types.py | 8 + .../gapic/asset_service_client.py | 104 ++--- google/cloud/asset_v1beta1/gapic/enums.py | 12 +- .../asset_service_grpc_transport.py | 37 +- .../asset_v1beta1/proto/asset_service_pb2.py | 6 +- .../gapic/asset_service_client.py | 21 +- .../proto/asset_service_pb2.py | 156 ++++--- .../cloud/asset_v1p1beta1/proto/assets_pb2.py | 425 ++++++++++++++++-- .../gapic/asset_service_client.py | 197 ++++---- .../gapic/asset_service_client_config.py | 18 +- .../asset_service_grpc_transport.py | 26 +- .../proto/asset_service_pb2.py | 11 +- .../gapic/asset_service_client.py | 106 +++-- .../gapic/asset_service_client_config.py | 8 +- google/cloud/asset_v1p4beta1/gapic/enums.py | 150 ++++--- .../asset_service_grpc_transport.py | 28 +- .../proto/asset_service_pb2.py | 16 +- noxfile.py | 1 - setup.cfg | 16 + setup.py | 2 + synth.metadata | 57 ++- synth.py | 78 +++- .../gapic/v1/test_asset_service_client_v1.py | 82 ++-- .../test_asset_service_client_v1beta1.py | 24 +- .../test_asset_service_client_v1p2beta1.py | 66 +-- .../test_asset_service_client_v1p4beta1.py | 84 ++-- 39 files changed, 1702 insertions(+), 1029 deletions(-) create mode 100644 docs/multiprocessing.rst diff --git a/.coveragerc b/.coveragerc index b178b094..dd39c854 100644 --- a/.coveragerc +++ b/.coveragerc @@ -1,3 +1,19 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # Generated by synthtool. DO NOT EDIT! [run] branch = True diff --git a/.flake8 b/.flake8 index 0268ecc9..20fe9bda 100644 --- a/.flake8 +++ b/.flake8 @@ -1,3 +1,19 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # Generated by synthtool. DO NOT EDIT! [flake8] ignore = E203, E266, E501, W503 diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index ced4aa04..12397f69 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -11,8 +11,7 @@ Thanks for stopping by to let us know something could be better! Please run down the following list and make sure you've tried the usual "quick fixes": - Search the issues already opened: https://github.com/googleapis/python-asset/issues - - Search the issues on our "catch-all" repository: https://github.com/googleapis/google-cloud-python - - Search StackOverflow: http://stackoverflow.com/questions/tagged/google-cloud-platform+python + - Search StackOverflow: https://stackoverflow.com/questions/tagged/google-cloud-platform+python If you are still having issues, please be sure to include as much information as possible: diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst index 9dc28398..7a32c4a3 100644 --- a/CONTRIBUTING.rst +++ b/CONTRIBUTING.rst @@ -22,7 +22,7 @@ In order to add a feature: documentation. - The feature must work fully on the following CPython versions: 2.7, - 3.5, 3.6, and 3.7 on both UNIX and Windows. + 3.5, 3.6, 3.7 and 3.8 on both UNIX and Windows. - The feature must not add unnecessary dependencies (where "unnecessary" is of course subjective, but new dependencies should @@ -214,26 +214,18 @@ We support: - `Python 3.5`_ - `Python 3.6`_ - `Python 3.7`_ +- `Python 3.8`_ .. _Python 3.5: https://docs.python.org/3.5/ .. _Python 3.6: https://docs.python.org/3.6/ .. _Python 3.7: https://docs.python.org/3.7/ +.. _Python 3.8: https://docs.python.org/3.8/ Supported versions can be found in our ``noxfile.py`` `config`_. .. _config: https://github.com/googleapis/python-asset/blob/master/noxfile.py -We explicitly decided not to support `Python 2.5`_ due to `decreased usage`_ -and lack of continuous integration `support`_. - -.. _Python 2.5: https://docs.python.org/2.5/ -.. _decreased usage: https://caremad.io/2013/10/a-look-at-pypi-downloads/ -.. _support: https://blog.travis-ci.com/2013-11-18-upcoming-build-environment-updates/ - -We have `dropped 2.6`_ as a supported version as well since Python 2.6 is no -longer supported by the core development team. - Python 2.7 support is deprecated. All code changes should maintain Python 2.7 compatibility until January 1, 2020. We also explicitly decided to support Python 3 beginning with version @@ -247,7 +239,6 @@ We also explicitly decided to support Python 3 beginning with version .. _prominent: https://docs.djangoproject.com/en/1.9/faq/install/#what-python-version-can-i-use-with-django .. _projects: http://flask.pocoo.org/docs/0.10/python3/ .. _Unicode literal support: https://www.python.org/dev/peps/pep-0414/ -.. _dropped 2.6: https://github.com/googleapis/google-cloud-python/issues/995 ********** Versioning diff --git a/MANIFEST.in b/MANIFEST.in index cd011be2..68855abc 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,3 +1,19 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # Generated by synthtool. DO NOT EDIT! include README.rst LICENSE recursive-include google *.json *.proto diff --git a/docs/index.rst b/docs/index.rst index dc07fbc5..2647d988 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -1,5 +1,7 @@ .. include:: README.rst +.. include:: multiprocessing.rst + Api Reference ------------- diff --git a/docs/multiprocessing.rst b/docs/multiprocessing.rst new file mode 100644 index 00000000..1cb29d4c --- /dev/null +++ b/docs/multiprocessing.rst @@ -0,0 +1,7 @@ +.. note:: + + Because this client uses :mod:`grpcio` library, it is safe to + share instances across threads. In multiprocessing scenarios, the best + practice is to create client instances *after* the invocation of + :func:`os.fork` by :class:`multiprocessing.Pool` or + :class:`multiprocessing.Process`. diff --git a/google/cloud/asset_v1/gapic/asset_service_client.py b/google/cloud/asset_v1/gapic/asset_service_client.py index 1e5cafbf..dd625c88 100644 --- a/google/cloud/asset_v1/gapic/asset_service_client.py +++ b/google/cloud/asset_v1/gapic/asset_service_client.py @@ -203,6 +203,76 @@ def __init__( self._inner_api_calls = {} # Service calls + def delete_feed( + self, + name, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Deletes an asset feed. + + Example: + >>> from google.cloud import asset_v1 + >>> + >>> client = asset_v1.AssetServiceClient() + >>> + >>> # TODO: Initialize `name`: + >>> name = '' + >>> + >>> client.delete_feed(name) + + Args: + name (str): Required. The name of the feed and it must be in the format of: + projects/project_number/feeds/feed_id + folders/folder_number/feeds/feed_id + organizations/organization_number/feeds/feed_id + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "delete_feed" not in self._inner_api_calls: + self._inner_api_calls[ + "delete_feed" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.delete_feed, + default_retry=self._method_configs["DeleteFeed"].retry, + default_timeout=self._method_configs["DeleteFeed"].timeout, + client_info=self._client_info, + ) + + request = asset_service_pb2.DeleteFeedRequest(name=name) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("name", name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + self._inner_api_calls["delete_feed"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + def export_assets( self, parent, @@ -215,12 +285,10 @@ def export_assets( metadata=None, ): """ - Additional information regarding long-running operations. In - particular, this specifies the types that are returned from long-running - operations. - - Required for methods that return ``google.longrunning.Operation``; - invalid otherwise. + Exports assets with time and resource types to a given Cloud Storage + location. The output format is newline-delimited JSON. This API + implements the ``google.longrunning.Operation`` API allowing you to keep + track of the export. Example: >>> from google.cloud import asset_v1 @@ -255,10 +323,10 @@ def export_assets( If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1.types.OutputConfig` read_time (Union[dict, ~google.cloud.asset_v1.types.Timestamp]): Timestamp to take an asset snapshot. This can only be set to a timestamp - between 2018-10-02 UTC (inclusive) and the current time. If not specified, - the current time will be used. Due to delays in resource data collection - and indexing, there is a volatile window during which running the same - query may get different results. + between the current time and the current time minus 35 days (inclusive). + If not specified, the current time will be used. Due to delays in resource + data collection and indexing, there is a volatile window during which + running the same query may get different results. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1.types.Timestamp` @@ -332,57 +400,55 @@ def export_assets( def batch_get_assets_history( self, parent, - content_type, - read_time_window, + content_type=None, + read_time_window=None, asset_names=None, retry=google.api_core.gapic_v1.method.DEFAULT, timeout=google.api_core.gapic_v1.method.DEFAULT, metadata=None, ): """ - JSON name of this field. The value is set by protocol compiler. If - the user has set a "json_name" option on this field, that option's value - will be used. Otherwise, it's deduced from the field's name by - converting it to camelCase. + Batch gets the update history of assets that overlap a time window. + For RESOURCE content, this API outputs history with asset in both + non-delete or deleted status. For IAM_POLICY content, this API outputs + history when the asset and its attached IAM POLICY both exist. This can + create gaps in the output history. If a specified asset does not exist, + this API returns an INVALID_ARGUMENT error. Example: >>> from google.cloud import asset_v1 - >>> from google.cloud.asset_v1 import enums >>> >>> client = asset_v1.AssetServiceClient() >>> >>> # TODO: Initialize `parent`: >>> parent = '' >>> - >>> # TODO: Initialize `content_type`: - >>> content_type = enums.ContentType.CONTENT_TYPE_UNSPECIFIED - >>> - >>> # TODO: Initialize `read_time_window`: - >>> read_time_window = {} - >>> - >>> response = client.batch_get_assets_history(parent, content_type, read_time_window) + >>> response = client.batch_get_assets_history(parent) Args: parent (str): Required. The relative name of the root asset. It can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id")", or a project number (such as "projects/12345"). - content_type (~google.cloud.asset_v1.types.ContentType): Optional. The content type. - read_time_window (Union[dict, ~google.cloud.asset_v1.types.TimeWindow]): Manages long-running operations with an API service. + asset_names (list[str]): A list of the full names of the assets. For example: + ``//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1``. + See `Resource + Names `__ + and `Resource Name + Format `__ + for more info. - When an API method normally takes long time to complete, it can be - designed to return ``Operation`` to the client, and the client can use - this interface to receive the real response asynchronously by polling - the operation resource, or pass the operation resource to another API - (such as Google Cloud Pub/Sub API) to receive the response. Any API - service that returns long-running operations should implement the - ``Operations`` interface so developers can have a consistent client - experience. + The request becomes a no-op if the asset name list is empty, and the max + size of the asset name list is 100 in one request. + content_type (~google.cloud.asset_v1.types.ContentType): Optional. The content type. + read_time_window (Union[dict, ~google.cloud.asset_v1.types.TimeWindow]): Optional. The time window for the asset history. Both start_time and + end_time are optional and if set, it must be after the current time + minus 35 days. If end_time is not set, it is default to current + timestamp. If start_time is not set, the snapshot of the assets at + end_time will be returned. The returned results contain all temporal + assets whose time window overlap with read_time_window. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1.types.TimeWindow` - asset_names (list[str]): The resource has one pattern, but the API owner expects to add more - later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents - that from being necessary once there are multiple patterns.) retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -415,9 +481,9 @@ def batch_get_assets_history( request = asset_service_pb2.BatchGetAssetsHistoryRequest( parent=parent, + asset_names=asset_names, content_type=content_type, read_time_window=read_time_window, - asset_names=asset_names, ) if metadata is None: metadata = [] @@ -473,37 +539,11 @@ def create_feed( "projects/12345"). feed_id (str): Required. This is the client-assigned asset feed identifier and it needs to be unique under a specific parent project/folder/organization. - feed (Union[dict, ~google.cloud.asset_v1.types.Feed]): Each of the definitions above may have "options" attached. These are - just annotations which may cause code to be generated slightly - differently or may contain hints for code that manipulates protocol - messages. - - Clients may define custom options as extensions of the \*Options - messages. These extensions may not yet be known at parsing time, so the - parser cannot store the values in them. Instead it stores them in a - field in the \*Options message called uninterpreted_option. This field - must have the same name across all \*Options messages. We then use this - field to populate the extensions when we build a descriptor, at which - point all protos have been parsed and so all extensions are known. - - Extension numbers for custom options may be chosen as follows: - - - For options which will only be used within a single application or - organization, or for experimental options, use field numbers 50000 - through 99999. It is up to you to ensure that you do not use the same - number for multiple options. - - For options which will be published and used publicly by multiple - independent entities, e-mail - protobuf-global-extension-registry@google.com to reserve extension - numbers. Simply provide your project name (e.g. Objective-C plugin) - and your project website (if available) -- there's no need to explain - how you intend to use them. Usually you only need one extension - number. You can declare multiple options with only one extension - number by putting them in a sub-message. See the Custom Options - section of the docs for examples: - https://developers.google.com/protocol-buffers/docs/proto#options If - this turns out to be popular, a web service will be set up to - automatically assign option numbers. + feed (Union[dict, ~google.cloud.asset_v1.types.Feed]): Required. The feed details. The field ``name`` must be empty and it + will be generated in the format of: + projects/project_number/feeds/feed_id + folders/folder_number/feeds/feed_id + organizations/organization_number/feeds/feed_id If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1.types.Feed` @@ -572,21 +612,16 @@ def get_feed( >>> >>> client = asset_v1.AssetServiceClient() >>> - >>> name = client.feed_path('[PROJECT]', '[FEED]') + >>> # TODO: Initialize `name`: + >>> name = '' >>> >>> response = client.get_feed(name) Args: - name (str): The resource type. It must be in the format of - {service_name}/{resource_type_kind}. The ``resource_type_kind`` must be - singular and must not include version numbers. - - Example: ``storage.googleapis.com/Bucket`` - - The value of the resource_type_kind must follow the regular expression - /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and - should use PascalCase (UpperCamelCase). The maximum number of characters - allowed for the ``resource_type_kind`` is 100. + name (str): Required. The name of the Feed and it must be in the format of: + projects/project_number/feeds/feed_id + folders/folder_number/feeds/feed_id + organizations/organization_number/feeds/feed_id retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -732,36 +767,17 @@ def update_feed( >>> response = client.update_feed(feed, update_mask) Args: - feed (Union[dict, ~google.cloud.asset_v1.types.Feed]): See ``HttpRule``. + feed (Union[dict, ~google.cloud.asset_v1.types.Feed]): Required. The new values of feed details. It must match an existing + feed and the field ``name`` must be in the format of: + projects/project_number/feeds/feed_id or + folders/folder_number/feeds/feed_id or + organizations/organization_number/feeds/feed_id. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1.types.Feed` - update_mask (Union[dict, ~google.cloud.asset_v1.types.FieldMask]): A URL/resource name that uniquely identifies the type of the - serialized protocol buffer message. This string must contain at least - one "/" character. The last segment of the URL's path must represent the - fully qualified name of the type (as in - ``path/google.protobuf.Duration``). The name should be in a canonical - form (e.g., leading "." is not accepted). - - In practice, teams usually precompile into the binary all types that - they expect it to use in the context of Any. However, for URLs which use - the scheme ``http``, ``https``, or no scheme, one can optionally set up - a type server that maps type URLs to message definitions as follows: - - - If no scheme is provided, ``https`` is assumed. - - An HTTP GET on the URL must yield a ``google.protobuf.Type`` value in - binary format, or produce an error. - - Applications are allowed to cache lookup results based on the URL, or - have them precompiled into a binary to avoid any lookup. Therefore, - binary compatibility needs to be preserved on changes to types. (Use - versioned type names to manage breaking changes.) - - Note: this functionality is not currently available in the official - protobuf release, and it is not used for type URLs beginning with - type.googleapis.com. - - Schemes other than ``http``, ``https`` (or the empty scheme) might be - used with implementation specific semantics. + update_mask (Union[dict, ~google.cloud.asset_v1.types.FieldMask]): Required. Only updates the ``feed`` fields indicated by this mask. + The field mask must not be empty, and it must not contain fields that + are immutable or only set by the server. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1.types.FieldMask` @@ -814,78 +830,3 @@ def update_feed( return self._inner_api_calls["update_feed"]( request, retry=retry, timeout=timeout, metadata=metadata ) - - def delete_feed( - self, - name, - retry=google.api_core.gapic_v1.method.DEFAULT, - timeout=google.api_core.gapic_v1.method.DEFAULT, - metadata=None, - ): - """ - Deletes an asset feed. - - Example: - >>> from google.cloud import asset_v1 - >>> - >>> client = asset_v1.AssetServiceClient() - >>> - >>> name = client.feed_path('[PROJECT]', '[FEED]') - >>> - >>> client.delete_feed(name) - - Args: - name (str): A list of the full names of the assets. For example: - ``//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1``. - See `Resource - Names `__ - and `Resource Name - Format `__ - for more info. - - The request becomes a no-op if the asset name list is empty, and the max - size of the asset name list is 100 in one request. - retry (Optional[google.api_core.retry.Retry]): A retry object used - to retry requests. If ``None`` is specified, requests will - be retried using a default configuration. - timeout (Optional[float]): The amount of time, in seconds, to wait - for the request to complete. Note that if ``retry`` is - specified, the timeout applies to each individual attempt. - metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata - that is provided to the method. - - Raises: - google.api_core.exceptions.GoogleAPICallError: If the request - failed for any reason. - google.api_core.exceptions.RetryError: If the request failed due - to a retryable error and retry attempts failed. - ValueError: If the parameters are invalid. - """ - # Wrap the transport method to add retry and timeout logic. - if "delete_feed" not in self._inner_api_calls: - self._inner_api_calls[ - "delete_feed" - ] = google.api_core.gapic_v1.method.wrap_method( - self.transport.delete_feed, - default_retry=self._method_configs["DeleteFeed"].retry, - default_timeout=self._method_configs["DeleteFeed"].timeout, - client_info=self._client_info, - ) - - request = asset_service_pb2.DeleteFeedRequest(name=name) - if metadata is None: - metadata = [] - metadata = list(metadata) - try: - routing_header = [("name", name)] - except AttributeError: - pass - else: - routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( - routing_header - ) - metadata.append(routing_metadata) - - self._inner_api_calls["delete_feed"]( - request, retry=retry, timeout=timeout, metadata=metadata - ) diff --git a/google/cloud/asset_v1/gapic/asset_service_client_config.py b/google/cloud/asset_v1/gapic/asset_service_client_config.py index 5086fc0e..68062167 100644 --- a/google/cloud/asset_v1/gapic/asset_service_client_config.py +++ b/google/cloud/asset_v1/gapic/asset_service_client_config.py @@ -17,41 +17,41 @@ } }, "methods": { + "DeleteFeed": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, "ExportAssets": { - "timeout_millis": 600000, + "timeout_millis": 60000, "retry_codes_name": "non_idempotent", "retry_params_name": "default", }, "BatchGetAssetsHistory": { - "timeout_millis": 600000, + "timeout_millis": 60000, "retry_codes_name": "idempotent", "retry_params_name": "default", }, "CreateFeed": { - "timeout_millis": 30000, + "timeout_millis": 60000, "retry_codes_name": "non_idempotent", "retry_params_name": "default", }, "GetFeed": { - "timeout_millis": 10000, + "timeout_millis": 60000, "retry_codes_name": "idempotent", "retry_params_name": "default", }, "ListFeeds": { - "timeout_millis": 10000, + "timeout_millis": 60000, "retry_codes_name": "idempotent", "retry_params_name": "default", }, "UpdateFeed": { - "timeout_millis": 30000, + "timeout_millis": 60000, "retry_codes_name": "non_idempotent", "retry_params_name": "default", }, - "DeleteFeed": { - "timeout_millis": 30000, - "retry_codes_name": "idempotent", - "retry_params_name": "default", - }, }, } } diff --git a/google/cloud/asset_v1/gapic/enums.py b/google/cloud/asset_v1/gapic/enums.py index 9eca5c50..bc92bd1d 100644 --- a/google/cloud/asset_v1/gapic/enums.py +++ b/google/cloud/asset_v1/gapic/enums.py @@ -38,15 +38,144 @@ class ContentType(enum.IntEnum): ACCESS_POLICY = 5 +class DeviceEncryptionStatus(enum.IntEnum): + """ + The encryption state of the device. + + Attributes: + ENCRYPTION_UNSPECIFIED (int): The encryption status of the device is not specified or not known. + ENCRYPTION_UNSUPPORTED (int): The device does not support encryption. + UNENCRYPTED (int): The device supports encryption, but is currently unencrypted. + ENCRYPTED (int): The device is encrypted. + """ + + ENCRYPTION_UNSPECIFIED = 0 + ENCRYPTION_UNSUPPORTED = 1 + UNENCRYPTED = 2 + ENCRYPTED = 3 + + +class DeviceManagementLevel(enum.IntEnum): + """ + The degree to which the device is managed by the Cloud organization. + + Attributes: + MANAGEMENT_UNSPECIFIED (int): The device's management level is not specified or not known. + NONE (int): The device is not managed. + BASIC (int): Basic management is enabled, which is generally limited to monitoring and + wiping the corporate account. + COMPLETE (int): Complete device management. This includes more thorough monitoring and the + ability to directly manage the device (such as remote wiping). This can be + enabled through the Android Enterprise Platform. + """ + + MANAGEMENT_UNSPECIFIED = 0 + NONE = 1 + BASIC = 2 + COMPLETE = 3 + + class NullValue(enum.IntEnum): """ - Required. The name of the Feed and it must be in the format of: - projects/project_number/feeds/feed_id - folders/folder_number/feeds/feed_id - organizations/organization_number/feeds/feed_id + ``NullValue`` is a singleton enumeration to represent the null value + for the ``Value`` type union. + + The JSON representation for ``NullValue`` is JSON ``null``. Attributes: NULL_VALUE (int): Null value. """ NULL_VALUE = 0 + + +class OsType(enum.IntEnum): + """ + The operating system type of the device. + Next id: 7 + + Attributes: + OS_UNSPECIFIED (int): The operating system of the device is not specified or not known. + DESKTOP_MAC (int): A desktop Mac operating system. + DESKTOP_WINDOWS (int): A desktop Windows operating system. + DESKTOP_LINUX (int): A desktop Linux operating system. + DESKTOP_CHROME_OS (int): A desktop ChromeOS operating system. + ANDROID (int): An Android operating system. + IOS (int): An iOS operating system. + """ + + OS_UNSPECIFIED = 0 + DESKTOP_MAC = 1 + DESKTOP_WINDOWS = 2 + DESKTOP_LINUX = 3 + DESKTOP_CHROME_OS = 6 + ANDROID = 4 + IOS = 5 + + +class BasicLevel(object): + class ConditionCombiningFunction(enum.IntEnum): + """ + Options for how the ``conditions`` list should be combined to + determine if this ``AccessLevel`` is applied. Default is AND. + + Attributes: + AND (int): All ``Conditions`` must be true for the ``BasicLevel`` to be true. + OR (int): If at least one ``Condition`` is true, then the ``BasicLevel`` is + true. + """ + + AND = 0 + OR = 1 + + +class Policy(object): + class ListPolicy(object): + class AllValues(enum.IntEnum): + """ + This enum can be used to set ``Policies`` that apply to all possible + configuration values rather than specific values in ``allowed_values`` + or ``denied_values``. + + Settting this to ``ALLOW`` will mean this ``Policy`` allows all values. + Similarly, setting it to ``DENY`` will mean no values are allowed. If + set to either ``ALLOW`` or + ``DENY,``\ allowed_values\ ``and``\ denied_values\ ``must be unset. Setting this to``\ ALL_VALUES_UNSPECIFIED\ ``allows for setting``\ allowed_values\ ``and``\ denied_values`. + + Attributes: + ALL_VALUES_UNSPECIFIED (int): Indicates that allowed_values or denied_values must be set. + ALLOW (int): A policy with this set allows all values. + DENY (int): A policy with this set denies all values. + """ + + ALL_VALUES_UNSPECIFIED = 0 + ALLOW = 1 + DENY = 2 + + +class ServicePerimeter(object): + class PerimeterType(enum.IntEnum): + """ + Specifies the type of the Perimeter. There are two types: regular and + bridge. Regular Service Perimeter contains resources, access levels, and + restricted services. Every resource can be in at most ONE + regular Service Perimeter. + + In addition to being in a regular service perimeter, a resource can also + be in zero or more perimeter bridges. A perimeter bridge only contains + resources. Cross project operations are permitted if all effected + resources share some perimeter (whether bridge or regular). Perimeter + Bridge does not contain access levels or services: those are governed + entirely by the regular perimeter that resource is in. + + Perimeter Bridges are typically useful when building more complex toplogies + with many independent perimeters that need to share some data with a common + perimeter, but should not be able to share data among themselves. + + Attributes: + PERIMETER_TYPE_REGULAR (int): Regular Perimeter. + PERIMETER_TYPE_BRIDGE (int): Perimeter Bridge. + """ + + PERIMETER_TYPE_REGULAR = 0 + PERIMETER_TYPE_BRIDGE = 1 diff --git a/google/cloud/asset_v1/gapic/transports/asset_service_grpc_transport.py b/google/cloud/asset_v1/gapic/transports/asset_service_grpc_transport.py index 57a53847..6ad9733c 100644 --- a/google/cloud/asset_v1/gapic/transports/asset_service_grpc_transport.py +++ b/google/cloud/asset_v1/gapic/transports/asset_service_grpc_transport.py @@ -115,16 +115,27 @@ def channel(self): """ return self._channel + @property + def delete_feed(self): + """Return the gRPC stub for :meth:`AssetServiceClient.delete_feed`. + + Deletes an asset feed. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["asset_service_stub"].DeleteFeed + @property def export_assets(self): """Return the gRPC stub for :meth:`AssetServiceClient.export_assets`. - Additional information regarding long-running operations. In - particular, this specifies the types that are returned from long-running - operations. - - Required for methods that return ``google.longrunning.Operation``; - invalid otherwise. + Exports assets with time and resource types to a given Cloud Storage + location. The output format is newline-delimited JSON. This API + implements the ``google.longrunning.Operation`` API allowing you to keep + track of the export. Returns: Callable: A callable which accepts the appropriate @@ -137,10 +148,12 @@ def export_assets(self): def batch_get_assets_history(self): """Return the gRPC stub for :meth:`AssetServiceClient.batch_get_assets_history`. - JSON name of this field. The value is set by protocol compiler. If - the user has set a "json_name" option on this field, that option's value - will be used. Otherwise, it's deduced from the field's name by - converting it to camelCase. + Batch gets the update history of assets that overlap a time window. + For RESOURCE content, this API outputs history with asset in both + non-delete or deleted status. For IAM_POLICY content, this API outputs + history when the asset and its attached IAM POLICY both exist. This can + create gaps in the output history. If a specified asset does not exist, + this API returns an INVALID_ARGUMENT error. Returns: Callable: A callable which accepts the appropriate @@ -201,16 +214,3 @@ def update_feed(self): deserialized response object. """ return self._stubs["asset_service_stub"].UpdateFeed - - @property - def delete_feed(self): - """Return the gRPC stub for :meth:`AssetServiceClient.delete_feed`. - - Deletes an asset feed. - - Returns: - Callable: A callable which accepts the appropriate - deserialized request object and returns a - deserialized response object. - """ - return self._stubs["asset_service_stub"].DeleteFeed diff --git a/google/cloud/asset_v1/proto/asset_service_pb2.py b/google/cloud/asset_v1/proto/asset_service_pb2.py index 28499ca6..bfc85625 100644 --- a/google/cloud/asset_v1/proto/asset_service_pb2.py +++ b/google/cloud/asset_v1/proto/asset_service_pb2.py @@ -26,6 +26,7 @@ from google.protobuf import empty_pb2 as google_dot_protobuf_dot_empty__pb2 from google.protobuf import field_mask_pb2 as google_dot_protobuf_dot_field__mask__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 +from google.type import expr_pb2 as google_dot_type_dot_expr__pb2 DESCRIPTOR = _descriptor.FileDescriptor( @@ -33,7 +34,7 @@ package="google.cloud.asset.v1", syntax="proto3", serialized_options=b"\n\031com.google.cloud.asset.v1B\021AssetServiceProtoP\001Z:google.golang.org/genproto/googleapis/cloud/asset/v1;asset\252\002\025Google.Cloud.Asset.V1\312\002\025Google\\Cloud\\Asset\\V1", - serialized_pb=b'\n/google/cloud/asset_v1/proto/asset_service.proto\x12\x15google.cloud.asset.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a(google/cloud/asset_v1/proto/assets.proto\x1a#google/longrunning/operations.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\x8d\x02\n\x13\x45xportAssetsRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\x12\x1f\x63loudasset.googleapis.com/Asset\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x13\n\x0b\x61sset_types\x18\x03 \x03(\t\x12\x38\n\x0c\x63ontent_type\x18\x04 \x01(\x0e\x32".google.cloud.asset.v1.ContentType\x12?\n\routput_config\x18\x05 \x01(\x0b\x32#.google.cloud.asset.v1.OutputConfigB\x03\xe0\x41\x02"\x81\x01\n\x14\x45xportAssetsResponse\x12-\n\tread_time\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12:\n\routput_config\x18\x02 \x01(\x0b\x32#.google.cloud.asset.v1.OutputConfig"\xed\x01\n\x1c\x42\x61tchGetAssetsHistoryRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\x12\x1f\x63loudasset.googleapis.com/Asset\x12\x13\n\x0b\x61sset_names\x18\x02 \x03(\t\x12=\n\x0c\x63ontent_type\x18\x03 \x01(\x0e\x32".google.cloud.asset.v1.ContentTypeB\x03\xe0\x41\x01\x12@\n\x10read_time_window\x18\x04 \x01(\x0b\x32!.google.cloud.asset.v1.TimeWindowB\x03\xe0\x41\x01"U\n\x1d\x42\x61tchGetAssetsHistoryResponse\x12\x34\n\x06\x61ssets\x18\x01 \x03(\x0b\x32$.google.cloud.asset.v1.TemporalAsset"n\n\x11\x43reateFeedRequest\x12\x13\n\x06parent\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x14\n\x07\x66\x65\x65\x64_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12.\n\x04\x66\x65\x65\x64\x18\x03 \x01(\x0b\x32\x1b.google.cloud.asset.v1.FeedB\x03\xe0\x41\x02"F\n\x0eGetFeedRequest\x12\x34\n\x04name\x18\x01 \x01(\tB&\xe0\x41\x02\xfa\x41 \n\x1e\x63loudasset.googleapis.com/Feed"\'\n\x10ListFeedsRequest\x12\x13\n\x06parent\x18\x01 \x01(\tB\x03\xe0\x41\x02"?\n\x11ListFeedsResponse\x12*\n\x05\x66\x65\x65\x64s\x18\x01 \x03(\x0b\x32\x1b.google.cloud.asset.v1.Feed"y\n\x11UpdateFeedRequest\x12.\n\x04\x66\x65\x65\x64\x18\x01 \x01(\x0b\x32\x1b.google.cloud.asset.v1.FeedB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x02"I\n\x11\x44\x65leteFeedRequest\x12\x34\n\x04name\x18\x01 \x01(\tB&\xe0\x41\x02\xfa\x41 \n\x1e\x63loudasset.googleapis.com/Feed"\xab\x01\n\x0cOutputConfig\x12@\n\x0fgcs_destination\x18\x01 \x01(\x0b\x32%.google.cloud.asset.v1.GcsDestinationH\x00\x12J\n\x14\x62igquery_destination\x18\x02 \x01(\x0b\x32*.google.cloud.asset.v1.BigQueryDestinationH\x00\x42\r\n\x0b\x64\x65stination"C\n\x0eGcsDestination\x12\r\n\x03uri\x18\x01 \x01(\tH\x00\x12\x14\n\nuri_prefix\x18\x02 \x01(\tH\x00\x42\x0c\n\nobject_uri"N\n\x13\x42igQueryDestination\x12\x14\n\x07\x64\x61taset\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x12\n\x05table\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\r\n\x05\x66orce\x18\x03 \x01(\x08""\n\x11PubsubDestination\x12\r\n\x05topic\x18\x01 \x01(\t"i\n\x10\x46\x65\x65\x64OutputConfig\x12\x46\n\x12pubsub_destination\x18\x01 \x01(\x0b\x32(.google.cloud.asset.v1.PubsubDestinationH\x00\x42\r\n\x0b\x64\x65stination"\xdb\x02\n\x04\x46\x65\x65\x64\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x13\n\x0b\x61sset_names\x18\x02 \x03(\t\x12\x13\n\x0b\x61sset_types\x18\x03 \x03(\t\x12\x38\n\x0c\x63ontent_type\x18\x04 \x01(\x0e\x32".google.cloud.asset.v1.ContentType\x12H\n\x12\x66\x65\x65\x64_output_config\x18\x05 \x01(\x0b\x32\'.google.cloud.asset.v1.FeedOutputConfigB\x03\xe0\x41\x02:\x91\x01\xea\x41\x8d\x01\n\x1e\x63loudasset.googleapis.com/Feed\x12\x1fprojects/{project}/feeds/{feed}\x12\x1d\x66olders/{folder}/feeds/{feed}\x12)organizations/{organization}/feeds/{feed} \x01*l\n\x0b\x43ontentType\x12\x1c\n\x18\x43ONTENT_TYPE_UNSPECIFIED\x10\x00\x12\x0c\n\x08RESOURCE\x10\x01\x12\x0e\n\nIAM_POLICY\x10\x02\x12\x0e\n\nORG_POLICY\x10\x04\x12\x11\n\rACCESS_POLICY\x10\x05\x32\xf0\x08\n\x0c\x41ssetService\x12\xde\x01\n\x0c\x45xportAssets\x12*.google.cloud.asset.v1.ExportAssetsRequest\x1a\x1d.google.longrunning.Operation"\x82\x01\x82\xd3\xe4\x93\x02""\x1d/v1/{parent=*/*}:exportAssets:\x01*\xca\x41W\n*google.cloud.asset.v1.ExportAssetsResponse\x12)google.cloud.asset.v1.ExportAssetsRequest\x12\xb2\x01\n\x15\x42\x61tchGetAssetsHistory\x12\x33.google.cloud.asset.v1.BatchGetAssetsHistoryRequest\x1a\x34.google.cloud.asset.v1.BatchGetAssetsHistoryResponse".\x82\xd3\xe4\x93\x02(\x12&/v1/{parent=*/*}:batchGetAssetsHistory\x12\x7f\n\nCreateFeed\x12(.google.cloud.asset.v1.CreateFeedRequest\x1a\x1b.google.cloud.asset.v1.Feed"*\x82\xd3\xe4\x93\x02\x1b"\x16/v1/{parent=*/*}/feeds:\x01*\xda\x41\x06parent\x12t\n\x07GetFeed\x12%.google.cloud.asset.v1.GetFeedRequest\x1a\x1b.google.cloud.asset.v1.Feed"%\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/{name=*/*/feeds/*}\xda\x41\x04name\x12\x87\x01\n\tListFeeds\x12\'.google.cloud.asset.v1.ListFeedsRequest\x1a(.google.cloud.asset.v1.ListFeedsResponse"\'\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/{parent=*/*}/feeds\xda\x41\x06parent\x12\x82\x01\n\nUpdateFeed\x12(.google.cloud.asset.v1.UpdateFeedRequest\x1a\x1b.google.cloud.asset.v1.Feed"-\x82\xd3\xe4\x93\x02 2\x1b/v1/{feed.name=*/*/feeds/*}:\x01*\xda\x41\x04\x66\x65\x65\x64\x12u\n\nDeleteFeed\x12(.google.cloud.asset.v1.DeleteFeedRequest\x1a\x16.google.protobuf.Empty"%\x82\xd3\xe4\x93\x02\x18*\x16/v1/{name=*/*/feeds/*}\xda\x41\x04name\x1aM\xca\x41\x19\x63loudasset.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x9c\x01\n\x19\x63om.google.cloud.asset.v1B\x11\x41ssetServiceProtoP\x01Z:google.golang.org/genproto/googleapis/cloud/asset/v1;asset\xaa\x02\x15Google.Cloud.Asset.V1\xca\x02\x15Google\\Cloud\\Asset\\V1b\x06proto3', + serialized_pb=b'\n/google/cloud/asset_v1/proto/asset_service.proto\x12\x15google.cloud.asset.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a(google/cloud/asset_v1/proto/assets.proto\x1a#google/longrunning/operations.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x16google/type/expr.proto"\x8d\x02\n\x13\x45xportAssetsRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\x12\x1f\x63loudasset.googleapis.com/Asset\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x13\n\x0b\x61sset_types\x18\x03 \x03(\t\x12\x38\n\x0c\x63ontent_type\x18\x04 \x01(\x0e\x32".google.cloud.asset.v1.ContentType\x12?\n\routput_config\x18\x05 \x01(\x0b\x32#.google.cloud.asset.v1.OutputConfigB\x03\xe0\x41\x02"\x81\x01\n\x14\x45xportAssetsResponse\x12-\n\tread_time\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12:\n\routput_config\x18\x02 \x01(\x0b\x32#.google.cloud.asset.v1.OutputConfig"\xed\x01\n\x1c\x42\x61tchGetAssetsHistoryRequest\x12\x37\n\x06parent\x18\x01 \x01(\tB\'\xe0\x41\x02\xfa\x41!\x12\x1f\x63loudasset.googleapis.com/Asset\x12\x13\n\x0b\x61sset_names\x18\x02 \x03(\t\x12=\n\x0c\x63ontent_type\x18\x03 \x01(\x0e\x32".google.cloud.asset.v1.ContentTypeB\x03\xe0\x41\x01\x12@\n\x10read_time_window\x18\x04 \x01(\x0b\x32!.google.cloud.asset.v1.TimeWindowB\x03\xe0\x41\x01"U\n\x1d\x42\x61tchGetAssetsHistoryResponse\x12\x34\n\x06\x61ssets\x18\x01 \x03(\x0b\x32$.google.cloud.asset.v1.TemporalAsset"n\n\x11\x43reateFeedRequest\x12\x13\n\x06parent\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x14\n\x07\x66\x65\x65\x64_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12.\n\x04\x66\x65\x65\x64\x18\x03 \x01(\x0b\x32\x1b.google.cloud.asset.v1.FeedB\x03\xe0\x41\x02"F\n\x0eGetFeedRequest\x12\x34\n\x04name\x18\x01 \x01(\tB&\xe0\x41\x02\xfa\x41 \n\x1e\x63loudasset.googleapis.com/Feed"\'\n\x10ListFeedsRequest\x12\x13\n\x06parent\x18\x01 \x01(\tB\x03\xe0\x41\x02"?\n\x11ListFeedsResponse\x12*\n\x05\x66\x65\x65\x64s\x18\x01 \x03(\x0b\x32\x1b.google.cloud.asset.v1.Feed"y\n\x11UpdateFeedRequest\x12.\n\x04\x66\x65\x65\x64\x18\x01 \x01(\x0b\x32\x1b.google.cloud.asset.v1.FeedB\x03\xe0\x41\x02\x12\x34\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x02"I\n\x11\x44\x65leteFeedRequest\x12\x34\n\x04name\x18\x01 \x01(\tB&\xe0\x41\x02\xfa\x41 \n\x1e\x63loudasset.googleapis.com/Feed"\xab\x01\n\x0cOutputConfig\x12@\n\x0fgcs_destination\x18\x01 \x01(\x0b\x32%.google.cloud.asset.v1.GcsDestinationH\x00\x12J\n\x14\x62igquery_destination\x18\x02 \x01(\x0b\x32*.google.cloud.asset.v1.BigQueryDestinationH\x00\x42\r\n\x0b\x64\x65stination"C\n\x0eGcsDestination\x12\r\n\x03uri\x18\x01 \x01(\tH\x00\x12\x14\n\nuri_prefix\x18\x02 \x01(\tH\x00\x42\x0c\n\nobject_uri"N\n\x13\x42igQueryDestination\x12\x14\n\x07\x64\x61taset\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x12\n\x05table\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\r\n\x05\x66orce\x18\x03 \x01(\x08""\n\x11PubsubDestination\x12\r\n\x05topic\x18\x01 \x01(\t"i\n\x10\x46\x65\x65\x64OutputConfig\x12\x46\n\x12pubsub_destination\x18\x01 \x01(\x0b\x32(.google.cloud.asset.v1.PubsubDestinationH\x00\x42\r\n\x0b\x64\x65stination"\xdb\x02\n\x04\x46\x65\x65\x64\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x13\n\x0b\x61sset_names\x18\x02 \x03(\t\x12\x13\n\x0b\x61sset_types\x18\x03 \x03(\t\x12\x38\n\x0c\x63ontent_type\x18\x04 \x01(\x0e\x32".google.cloud.asset.v1.ContentType\x12H\n\x12\x66\x65\x65\x64_output_config\x18\x05 \x01(\x0b\x32\'.google.cloud.asset.v1.FeedOutputConfigB\x03\xe0\x41\x02:\x91\x01\xea\x41\x8d\x01\n\x1e\x63loudasset.googleapis.com/Feed\x12\x1fprojects/{project}/feeds/{feed}\x12\x1d\x66olders/{folder}/feeds/{feed}\x12)organizations/{organization}/feeds/{feed} \x01*l\n\x0b\x43ontentType\x12\x1c\n\x18\x43ONTENT_TYPE_UNSPECIFIED\x10\x00\x12\x0c\n\x08RESOURCE\x10\x01\x12\x0e\n\nIAM_POLICY\x10\x02\x12\x0e\n\nORG_POLICY\x10\x04\x12\x11\n\rACCESS_POLICY\x10\x05\x32\xf0\x08\n\x0c\x41ssetService\x12\xde\x01\n\x0c\x45xportAssets\x12*.google.cloud.asset.v1.ExportAssetsRequest\x1a\x1d.google.longrunning.Operation"\x82\x01\x82\xd3\xe4\x93\x02""\x1d/v1/{parent=*/*}:exportAssets:\x01*\xca\x41W\n*google.cloud.asset.v1.ExportAssetsResponse\x12)google.cloud.asset.v1.ExportAssetsRequest\x12\xb2\x01\n\x15\x42\x61tchGetAssetsHistory\x12\x33.google.cloud.asset.v1.BatchGetAssetsHistoryRequest\x1a\x34.google.cloud.asset.v1.BatchGetAssetsHistoryResponse".\x82\xd3\xe4\x93\x02(\x12&/v1/{parent=*/*}:batchGetAssetsHistory\x12\x7f\n\nCreateFeed\x12(.google.cloud.asset.v1.CreateFeedRequest\x1a\x1b.google.cloud.asset.v1.Feed"*\x82\xd3\xe4\x93\x02\x1b"\x16/v1/{parent=*/*}/feeds:\x01*\xda\x41\x06parent\x12t\n\x07GetFeed\x12%.google.cloud.asset.v1.GetFeedRequest\x1a\x1b.google.cloud.asset.v1.Feed"%\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/{name=*/*/feeds/*}\xda\x41\x04name\x12\x87\x01\n\tListFeeds\x12\'.google.cloud.asset.v1.ListFeedsRequest\x1a(.google.cloud.asset.v1.ListFeedsResponse"\'\x82\xd3\xe4\x93\x02\x18\x12\x16/v1/{parent=*/*}/feeds\xda\x41\x06parent\x12\x82\x01\n\nUpdateFeed\x12(.google.cloud.asset.v1.UpdateFeedRequest\x1a\x1b.google.cloud.asset.v1.Feed"-\x82\xd3\xe4\x93\x02 2\x1b/v1/{feed.name=*/*/feeds/*}:\x01*\xda\x41\x04\x66\x65\x65\x64\x12u\n\nDeleteFeed\x12(.google.cloud.asset.v1.DeleteFeedRequest\x1a\x16.google.protobuf.Empty"%\x82\xd3\xe4\x93\x02\x18*\x16/v1/{name=*/*/feeds/*}\xda\x41\x04name\x1aM\xca\x41\x19\x63loudasset.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\x9c\x01\n\x19\x63om.google.cloud.asset.v1B\x11\x41ssetServiceProtoP\x01Z:google.golang.org/genproto/googleapis/cloud/asset/v1;asset\xaa\x02\x15Google.Cloud.Asset.V1\xca\x02\x15Google\\Cloud\\Asset\\V1b\x06proto3', dependencies=[ google_dot_api_dot_annotations__pb2.DESCRIPTOR, google_dot_api_dot_client__pb2.DESCRIPTOR, @@ -44,6 +45,7 @@ google_dot_protobuf_dot_empty__pb2.DESCRIPTOR, google_dot_protobuf_dot_field__mask__pb2.DESCRIPTOR, google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + google_dot_type_dot_expr__pb2.DESCRIPTOR, ], ) @@ -75,8 +77,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=2399, - serialized_end=2507, + serialized_start=2423, + serialized_end=2531, ) _sym_db.RegisterEnumDescriptor(_CONTENTTYPE) @@ -194,8 +196,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=365, - serialized_end=634, + serialized_start=389, + serialized_end=658, ) @@ -251,8 +253,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=637, - serialized_end=766, + serialized_start=661, + serialized_end=790, ) @@ -344,8 +346,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=769, - serialized_end=1006, + serialized_start=793, + serialized_end=1030, ) @@ -383,8 +385,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1008, - serialized_end=1093, + serialized_start=1032, + serialized_end=1117, ) @@ -458,8 +460,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1095, - serialized_end=1205, + serialized_start=1119, + serialized_end=1229, ) @@ -497,8 +499,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1207, - serialized_end=1277, + serialized_start=1231, + serialized_end=1301, ) @@ -536,8 +538,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1279, - serialized_end=1318, + serialized_start=1303, + serialized_end=1342, ) @@ -575,8 +577,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1320, - serialized_end=1383, + serialized_start=1344, + serialized_end=1407, ) @@ -632,8 +634,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1385, - serialized_end=1506, + serialized_start=1409, + serialized_end=1530, ) @@ -671,8 +673,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1508, - serialized_end=1581, + serialized_start=1532, + serialized_end=1605, ) @@ -736,8 +738,8 @@ fields=[], ) ], - serialized_start=1584, - serialized_end=1755, + serialized_start=1608, + serialized_end=1779, ) @@ -801,8 +803,8 @@ fields=[], ) ], - serialized_start=1757, - serialized_end=1824, + serialized_start=1781, + serialized_end=1848, ) @@ -876,8 +878,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1826, - serialized_end=1904, + serialized_start=1850, + serialized_end=1928, ) @@ -915,8 +917,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1906, - serialized_end=1940, + serialized_start=1930, + serialized_end=1964, ) @@ -962,8 +964,8 @@ fields=[], ) ], - serialized_start=1942, - serialized_end=2047, + serialized_start=1966, + serialized_end=2071, ) @@ -1073,8 +1075,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=2050, - serialized_end=2397, + serialized_start=2074, + serialized_end=2421, ) _EXPORTASSETSREQUEST.fields_by_name[ @@ -1175,11 +1177,11 @@ “folders/123”). read_time: Timestamp to take an asset snapshot. This can only be set to a - timestamp between 2018-10-02 UTC (inclusive) and the current - time. If not specified, the current time will be used. Due to - delays in resource data collection and indexing, there is a - volatile window during which running the same query may get - different results. + timestamp between the current time and the current time minus + 35 days (inclusive). If not specified, the current time will + be used. Due to delays in resource data collection and + indexing, there is a volatile window during which running the + same query may get different results. asset_types: A list of asset types of which to take a snapshot for. For example: “compute.googleapis.com/Disk”. If specified, only @@ -1244,20 +1246,20 @@ te.googleapis.com/projects/my_project_123/zones/zone1/instance s/instance1``. See `Resource Names `__ and `Resource - Name Format `__ for more info. The request becomes - a no-op if the asset name list is empty, and the max size of - the asset name list is 100 in one request. + Name Format `__ for more info. The + request becomes a no-op if the asset name list is empty, and + the max size of the asset name list is 100 in one request. content_type: Optional. The content type. read_time_window: Optional. The time window for the asset history. Both start_time and end_time are optional and if set, it must be - after 2018-10-02 UTC. If end_time is not set, it is default to - current timestamp. If start_time is not set, the snapshot of - the assets at end_time will be returned. The returned results - contain all temporal assets whose time window overlap with - read_time_window. + after the current time minus 35 days. If end_time is not set, + it is default to current timestamp. If start_time is not set, + the snapshot of the assets at end_time will be returned. The + returned results contain all temporal assets whose time window + overlap with read_time_window. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.BatchGetAssetsHistoryRequest) }, @@ -1490,7 +1492,7 @@ Required. The BigQuery dataset in format “projects/projectId/datasets/datasetId”, to which the snapshot result should be exported. If this dataset does not exist, the - export call returns an error. + export call returns an INVALID_ARGUMENT error. table: Required. The BigQuery table to which the snapshot result should be written. If this table does not exist, a new table @@ -1498,8 +1500,9 @@ force: If the destination table already exists and this flag is ``TRUE``, the table will be overwritten by the contents of - assets snapshot. If the flag is not set and the destination - table already exists, the export call returns an error. + assets snapshot. If the flag is ``FALSE`` or unset and the + destination table already exists, the export call returns an + INVALID_ARGUMEMT error. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.BigQueryDestination) }, @@ -1512,13 +1515,13 @@ { "DESCRIPTOR": _PUBSUBDESTINATION, "__module__": "google.cloud.asset_v1.proto.asset_service_pb2", - "__doc__": """A Cloud Pubsub destination. + "__doc__": """A Pub/Sub destination. Attributes: topic: - The name of the Cloud Pub/Sub topic to publish to. For - example: ``projects/PROJECT_ID/topics/TOPIC_ID``. + The name of the Pub/Sub topic to publish to. For example: + ``projects/PROJECT_ID/topics/TOPIC_ID``. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.PubsubDestination) }, @@ -1538,7 +1541,7 @@ destination: Asset feed destination. pubsub_destination: - Destination on Cloud Pubsub. + Destination on Pub/Sub. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.FeedOutputConfig) }, @@ -1554,13 +1557,14 @@ "__doc__": """An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or - folder. Supported destinations are: Cloud Pub/Sub topics. + folder. Supported destinations are: Pub/Sub topics. Attributes: name: - Required. The format will be projects/{project_number}/feeds - /{client-assigned_feed_identifier} or + Required. The format will be + projects/{project_number}/feeds/{client- + assigned_feed_identifier} or folders/{folder_number}/feeds/{client- assigned_feed_identifier} or organizations/{organization_number}/feeds/{client- @@ -1579,10 +1583,9 @@ specify either or both of asset_names and asset_types. Only asset updates matching specified asset_names and asset_types are exported to the feed. For example: - “compute.googleapis.com/Disk” See `Introduction to Cloud Asset - Inventory `__ for all supported asset - types. + ``"compute.googleapis.com/Disk"`` See `this topic + `__ for a list of all supported asset types. content_type: Asset content type. If not specified, no content but the asset name and type will be returned. @@ -1622,8 +1625,8 @@ file=DESCRIPTOR, index=0, serialized_options=b"\312A\031cloudasset.googleapis.com\322A.https://www.googleapis.com/auth/cloud-platform", - serialized_start=2510, - serialized_end=3646, + serialized_start=2534, + serialized_end=3670, methods=[ _descriptor.MethodDescriptor( name="ExportAssets", diff --git a/google/cloud/asset_v1/proto/assets_pb2.py b/google/cloud/asset_v1/proto/assets_pb2.py index 75314cf0..e12dabd1 100644 --- a/google/cloud/asset_v1/proto/assets_pb2.py +++ b/google/cloud/asset_v1/proto/assets_pb2.py @@ -13,7 +13,19 @@ from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 +from google.cloud.orgpolicy.v1 import ( + orgpolicy_pb2 as google_dot_cloud_dot_orgpolicy_dot_v1_dot_orgpolicy__pb2, +) from google.iam.v1 import iam_policy_pb2 as google_dot_iam_dot_v1_dot_policy__pb2 +from google.identity.accesscontextmanager.v1 import ( + access_level_pb2 as google_dot_identity_dot_accesscontextmanager_dot_v1_dot_access__level__pb2, +) +from google.identity.accesscontextmanager.v1 import ( + access_policy_pb2 as google_dot_identity_dot_accesscontextmanager_dot_v1_dot_access__policy__pb2, +) +from google.identity.accesscontextmanager.v1 import ( + service_perimeter_pb2 as google_dot_identity_dot_accesscontextmanager_dot_v1_dot_service__perimeter__pb2, +) from google.protobuf import any_pb2 as google_dot_protobuf_dot_any__pb2 from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 @@ -25,10 +37,14 @@ package="google.cloud.asset.v1", syntax="proto3", serialized_options=b"\n\031com.google.cloud.asset.v1B\nAssetProtoP\001Z:google.golang.org/genproto/googleapis/cloud/asset/v1;asset\370\001\001\252\002\025Google.Cloud.Asset.V1\312\002\025Google\\Cloud\\Asset\\V1", - serialized_pb=b'\n(google/cloud/asset_v1/proto/assets.proto\x12\x15google.cloud.asset.v1\x1a\x19google/api/resource.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a\x19google/protobuf/any.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1cgoogle/api/annotations.proto"\x80\x01\n\rTemporalAsset\x12\x31\n\x06window\x18\x01 \x01(\x0b\x32!.google.cloud.asset.v1.TimeWindow\x12\x0f\n\x07\x64\x65leted\x18\x02 \x01(\x08\x12+\n\x05\x61sset\x18\x03 \x01(\x0b\x32\x1c.google.cloud.asset.v1.Asset"j\n\nTimeWindow\x12.\n\nstart_time\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12,\n\x08\x65nd_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp"\xc3\x01\n\x05\x41sset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x12\n\nasset_type\x18\x02 \x01(\t\x12\x31\n\x08resource\x18\x03 \x01(\x0b\x32\x1f.google.cloud.asset.v1.Resource\x12)\n\niam_policy\x18\x04 \x01(\x0b\x32\x15.google.iam.v1.Policy\x12\x11\n\tancestors\x18\n \x03(\t:\'\xea\x41$\n\x1f\x63loudasset.googleapis.com/Asset\x12\x01*"\xa0\x01\n\x08Resource\x12\x0f\n\x07version\x18\x01 \x01(\t\x12\x1e\n\x16\x64iscovery_document_uri\x18\x02 \x01(\t\x12\x16\n\x0e\x64iscovery_name\x18\x03 \x01(\t\x12\x14\n\x0cresource_url\x18\x04 \x01(\t\x12\x0e\n\x06parent\x18\x05 \x01(\t\x12%\n\x04\x64\x61ta\x18\x06 \x01(\x0b\x32\x17.google.protobuf.StructB\x98\x01\n\x19\x63om.google.cloud.asset.v1B\nAssetProtoP\x01Z:google.golang.org/genproto/googleapis/cloud/asset/v1;asset\xf8\x01\x01\xaa\x02\x15Google.Cloud.Asset.V1\xca\x02\x15Google\\Cloud\\Asset\\V1b\x06proto3', + serialized_pb=b'\n(google/cloud/asset_v1/proto/assets.proto\x12\x15google.cloud.asset.v1\x1a\x19google/api/resource.proto\x1a)google/cloud/orgpolicy/v1/orgpolicy.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a:google/identity/accesscontextmanager/v1/access_level.proto\x1a;google/identity/accesscontextmanager/v1/access_policy.proto\x1a?google/identity/accesscontextmanager/v1/service_perimeter.proto\x1a\x19google/protobuf/any.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1cgoogle/api/annotations.proto"\x80\x01\n\rTemporalAsset\x12\x31\n\x06window\x18\x01 \x01(\x0b\x32!.google.cloud.asset.v1.TimeWindow\x12\x0f\n\x07\x64\x65leted\x18\x02 \x01(\x08\x12+\n\x05\x61sset\x18\x03 \x01(\x0b\x32\x1c.google.cloud.asset.v1.Asset"j\n\nTimeWindow\x12.\n\nstart_time\x18\x01 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12,\n\x08\x65nd_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp"\x89\x04\n\x05\x41sset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x12\n\nasset_type\x18\x02 \x01(\t\x12\x31\n\x08resource\x18\x03 \x01(\x0b\x32\x1f.google.cloud.asset.v1.Resource\x12)\n\niam_policy\x18\x04 \x01(\x0b\x32\x15.google.iam.v1.Policy\x12\x35\n\norg_policy\x18\x06 \x03(\x0b\x32!.google.cloud.orgpolicy.v1.Policy\x12N\n\raccess_policy\x18\x07 \x01(\x0b\x32\x35.google.identity.accesscontextmanager.v1.AccessPolicyH\x00\x12L\n\x0c\x61\x63\x63\x65ss_level\x18\x08 \x01(\x0b\x32\x34.google.identity.accesscontextmanager.v1.AccessLevelH\x00\x12V\n\x11service_perimeter\x18\t \x01(\x0b\x32\x39.google.identity.accesscontextmanager.v1.ServicePerimeterH\x00\x12\x11\n\tancestors\x18\n \x03(\t:\'\xea\x41$\n\x1f\x63loudasset.googleapis.com/Asset\x12\x01*B\x17\n\x15\x61\x63\x63\x65ss_context_policy"\xa0\x01\n\x08Resource\x12\x0f\n\x07version\x18\x01 \x01(\t\x12\x1e\n\x16\x64iscovery_document_uri\x18\x02 \x01(\t\x12\x16\n\x0e\x64iscovery_name\x18\x03 \x01(\t\x12\x14\n\x0cresource_url\x18\x04 \x01(\t\x12\x0e\n\x06parent\x18\x05 \x01(\t\x12%\n\x04\x64\x61ta\x18\x06 \x01(\x0b\x32\x17.google.protobuf.StructB\x98\x01\n\x19\x63om.google.cloud.asset.v1B\nAssetProtoP\x01Z:google.golang.org/genproto/googleapis/cloud/asset/v1;asset\xf8\x01\x01\xaa\x02\x15Google.Cloud.Asset.V1\xca\x02\x15Google\\Cloud\\Asset\\V1b\x06proto3', dependencies=[ google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_cloud_dot_orgpolicy_dot_v1_dot_orgpolicy__pb2.DESCRIPTOR, google_dot_iam_dot_v1_dot_policy__pb2.DESCRIPTOR, + google_dot_identity_dot_accesscontextmanager_dot_v1_dot_access__level__pb2.DESCRIPTOR, + google_dot_identity_dot_accesscontextmanager_dot_v1_dot_access__policy__pb2.DESCRIPTOR, + google_dot_identity_dot_accesscontextmanager_dot_v1_dot_service__perimeter__pb2.DESCRIPTOR, google_dot_protobuf_dot_any__pb2.DESCRIPTOR, google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, @@ -107,8 +123,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=243, - serialized_end=371, + serialized_start=472, + serialized_end=600, ) @@ -164,8 +180,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=373, - serialized_end=479, + serialized_start=602, + serialized_end=708, ) @@ -248,10 +264,82 @@ serialized_options=None, file=DESCRIPTOR, ), + _descriptor.FieldDescriptor( + name="org_policy", + full_name="google.cloud.asset.v1.Asset.org_policy", + index=4, + number=6, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="access_policy", + full_name="google.cloud.asset.v1.Asset.access_policy", + index=5, + number=7, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="access_level", + full_name="google.cloud.asset.v1.Asset.access_level", + index=6, + number=8, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="service_perimeter", + full_name="google.cloud.asset.v1.Asset.service_perimeter", + index=7, + number=9, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), _descriptor.FieldDescriptor( name="ancestors", full_name="google.cloud.asset.v1.Asset.ancestors", - index=4, + index=8, number=10, type=9, cpp_type=9, @@ -274,9 +362,17 @@ is_extendable=False, syntax="proto3", extension_ranges=[], - oneofs=[], - serialized_start=482, - serialized_end=677, + oneofs=[ + _descriptor.OneofDescriptor( + name="access_context_policy", + full_name="google.cloud.asset.v1.Asset.access_context_policy", + index=0, + containing_type=None, + fields=[], + ) + ], + serialized_start=711, + serialized_end=1232, ) @@ -404,8 +500,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=680, - serialized_end=840, + serialized_start=1235, + serialized_end=1395, ) _TEMPORALASSET.fields_by_name["window"].message_type = _TIMEWINDOW @@ -422,6 +518,42 @@ ].message_type = ( google_dot_iam_dot_v1_dot_policy__pb2.google_dot_iam_dot_v1_dot_policy__pb2._POLICY ) +_ASSET.fields_by_name[ + "org_policy" +].message_type = google_dot_cloud_dot_orgpolicy_dot_v1_dot_orgpolicy__pb2._POLICY +_ASSET.fields_by_name[ + "access_policy" +].message_type = ( + google_dot_identity_dot_accesscontextmanager_dot_v1_dot_access__policy__pb2._ACCESSPOLICY +) +_ASSET.fields_by_name[ + "access_level" +].message_type = ( + google_dot_identity_dot_accesscontextmanager_dot_v1_dot_access__level__pb2._ACCESSLEVEL +) +_ASSET.fields_by_name[ + "service_perimeter" +].message_type = ( + google_dot_identity_dot_accesscontextmanager_dot_v1_dot_service__perimeter__pb2._SERVICEPERIMETER +) +_ASSET.oneofs_by_name["access_context_policy"].fields.append( + _ASSET.fields_by_name["access_policy"] +) +_ASSET.fields_by_name["access_policy"].containing_oneof = _ASSET.oneofs_by_name[ + "access_context_policy" +] +_ASSET.oneofs_by_name["access_context_policy"].fields.append( + _ASSET.fields_by_name["access_level"] +) +_ASSET.fields_by_name["access_level"].containing_oneof = _ASSET.oneofs_by_name[ + "access_context_policy" +] +_ASSET.oneofs_by_name["access_context_policy"].fields.append( + _ASSET.fields_by_name["service_perimeter"] +) +_ASSET.fields_by_name["service_perimeter"].containing_oneof = _ASSET.oneofs_by_name[ + "access_context_policy" +] _RESOURCE.fields_by_name[ "data" ].message_type = google_dot_protobuf_dot_struct__pb2._STRUCT @@ -437,17 +569,17 @@ { "DESCRIPTOR": _TEMPORALASSET, "__module__": "google.cloud.asset_v1.proto.assets_pb2", - "__doc__": """Temporal asset. In addition to the asset, the temporal - asset includes the status of the asset and valid from and to time of it. + "__doc__": """An asset in Google Cloud and its temporal metadata, including the time + window when it was observed and its status during that window. Attributes: window: The time window when the asset data and state was observed. deleted: - If the asset is deleted or not. + Whether the asset has been deleted or not. asset: - Asset. + An asset in Google Cloud. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.TemporalAsset) }, @@ -460,15 +592,16 @@ { "DESCRIPTOR": _TIMEWINDOW, "__module__": "google.cloud.asset_v1.proto.assets_pb2", - "__doc__": """A time window of (start_time, end_time]. + "__doc__": """A time window specified by its “start_time” and + “end_time”. Attributes: start_time: Start time of the time window (exclusive). end_time: - End time of the time window (inclusive). Current timestamp if - not specified. + End time of the time window (inclusive). If not specified, the + current timestamp is used instead. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.TimeWindow) }, @@ -481,32 +614,57 @@ { "DESCRIPTOR": _ASSET, "__module__": "google.cloud.asset_v1.proto.assets_pb2", - "__doc__": """Cloud asset. This includes all Google Cloud Platform - resources, Cloud IAM policies, and other non-GCP assets. + "__doc__": """An asset in Google Cloud. An asset can be any resource in + the Google Cloud `resource + hierarchy `__, + a resource outside the Google Cloud resource hierarchy (such as Google + Kubernetes Engine clusters and objects), or a Cloud IAM policy. Attributes: name: - - The full name of the asset. For example: - ``//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1``. - See https://cloud.google.com/apis/design/resource_names#full_resource_name - for more information. + The full name of the asset. For example: “//compute.googleapis + .com/projects/my_project_123/zones/zone1/instances/instance1” + See `Resource names `__ for more information. asset_type: - Type of the asset. Example: “compute.googleapis.com/Disk”. + The type of the asset. For example: + “compute.googleapis.com/Disk” See `Supported asset types + `__ for more information. resource: - Representation of the resource. + A representation of the resource. iam_policy: - Representation of the actual Cloud IAM policy set on a cloud - resource. For each resource, there must be at most one Cloud - IAM policy set on it. + A representation of the Cloud IAM policy set on a Google Cloud + resource. There can be a maximum of one Cloud IAM policy set + on any given resource. In addition, Cloud IAM policies inherit + their granted access scope from any policies set on parent + resources in the resource hierarchy. Therefore, the + effectively policy is the union of both the policy set on this + resource and each policy set on all of the resource’s ancestry + resource levels in the hierarchy. See `this topic + `__ + for more information. + org_policy: + A representation of an `organization policy + `__. There can be more + than one organization policy with different constraints set on + a given resource. + access_context_policy: + A representation of an `access policy + `__. ancestors: - Asset’s ancestry path in Cloud Resource Manager (CRM) - hierarchy, represented as a list of relative resource names. - Ancestry path starts with the closest CRM ancestor and ends at - root. If the asset is a CRM project/folder/organization, this - starts from the asset itself. Example: [“projects/123456789”, - “folders/5432”, “organizations/1234”] + The ancestry path of an asset in Google Cloud `resource + hierarchy `__, + represented as a list of relative resource names. An ancestry + path starts with the closest ancestor in the hierarchy and + ends at root. If the asset is a project, folder, or + organization, the ancestry path starts from the asset itself. + For example: ``["projects/123456789", "folders/5432", + "organizations/1234"]`` """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.Asset) }, @@ -519,40 +677,42 @@ { "DESCRIPTOR": _RESOURCE, "__module__": "google.cloud.asset_v1.proto.assets_pb2", - "__doc__": """Representation of a cloud resource. + "__doc__": """A representation of a Google Cloud resource. Attributes: version: - The API version. Example: “v1”. + The API version. For example: “v1” discovery_document_uri: The URL of the discovery document containing the resource’s - JSON schema. For example: ``"https://www.googleapis.com/discov - ery/v1/apis/compute/v1/rest"``. It will be left unspecified - for resources without a discovery-based API, such as Cloud - Bigtable. + JSON schema. For example: + “https://www.googleapis.com/discovery/v1/apis/compute/v1/rest” + This value is unspecified for resources that do not have an + API based on a discovery document, such as Cloud Bigtable. discovery_name: - The JSON schema name listed in the discovery document. - Example: “Project”. It will be left unspecified for resources - (such as Cloud Bigtable) without a discovery-based API. + The JSON schema name listed in the discovery document. For + example: “Project” This value is unspecified for resources + that do not have an API based on a discovery document, such as + Cloud Bigtable. resource_url: - The REST URL for accessing the resource. An HTTP GET operation - using this URL returns the resource itself. Example: - ``https://cloudresourcemanager.googleapis.com/v1/projects/my- - project-123``. It will be left unspecified for resources - without a REST API. + The REST URL for accessing the resource. An HTTP ``GET`` + request using this URL returns the resource itself. For + example: + “https://cloudresourcemanager.googleapis.com/v1/projects/my- + project-123” This value is unspecified for resources without + a REST API. parent: The full name of the immediate parent of this resource. See `Resource Names `__ for more information. For GCP - assets, it is the parent resource defined in the `Cloud IAM - policy hierarchy `__. For example: ``"//cloudresourcemanager.go - ogleapis.com/projects/my_project_123"``. For third-party - assets, it is up to the users to define. + _names#full_resource_name>`__ for more information. For + Google Cloud assets, this value is the parent resource defined + in the `Cloud IAM policy hierarchy `__. For example: “//cloudre + sourcemanager.googleapis.com/projects/my_project_123” For + third-party assets, this field may be set differently. data: The content of the resource, in which some sensitive fields - are scrubbed away and may not be present. + are removed and may not be present. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1.Resource) }, diff --git a/google/cloud/asset_v1/types.py b/google/cloud/asset_v1/types.py index 3e71c914..6d6fc67b 100644 --- a/google/cloud/asset_v1/types.py +++ b/google/cloud/asset_v1/types.py @@ -20,8 +20,12 @@ from google.api_core.protobuf_helpers import get_messages +from google.identity.accesscontextmanager.v1 import access_level_pb2 +from google.identity.accesscontextmanager.v1 import access_policy_pb2 from google.cloud.asset_v1.proto import asset_service_pb2 from google.cloud.asset_v1.proto import assets_pb2 +from google.cloud.orgpolicy.v1 import orgpolicy_pb2 +from google.identity.accesscontextmanager.v1 import service_perimeter_pb2 from google.iam.v1 import policy_pb2 from google.longrunning import operations_pb2 from google.protobuf import any_pb2 @@ -34,6 +38,10 @@ _shared_modules = [ + access_level_pb2, + access_policy_pb2, + orgpolicy_pb2, + service_perimeter_pb2, policy_pb2, operations_pb2, any_pb2, diff --git a/google/cloud/asset_v1beta1/gapic/asset_service_client.py b/google/cloud/asset_v1beta1/gapic/asset_service_client.py index 1102fa63..a3416e77 100644 --- a/google/cloud/asset_v1beta1/gapic/asset_service_client.py +++ b/google/cloud/asset_v1beta1/gapic/asset_service_client.py @@ -28,7 +28,6 @@ import google.api_core.grpc_helpers import google.api_core.operation import google.api_core.operations_v1 -import google.api_core.path_template import grpc from google.cloud.asset_v1beta1.gapic import asset_service_client_config @@ -206,14 +205,18 @@ def export_assets( metadata=None, ): """ - See ``HttpRule``. + Exports assets with time and resource types to a given Cloud Storage + location. The output format is newline-delimited JSON. This API + implements the ``google.longrunning.Operation`` API allowing you to keep + track of the export. Example: >>> from google.cloud import asset_v1beta1 >>> >>> client = asset_v1beta1.AssetServiceClient() >>> - >>> parent = client.project_path('[PROJECT]') + >>> # TODO: Initialize `parent`: + >>> parent = '' >>> >>> # TODO: Initialize `output_config`: >>> output_config = {} @@ -247,15 +250,11 @@ def export_assets( If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1beta1.types.Timestamp` - asset_types (list[str]): Waits for the specified long-running operation until it is done or - reaches at most a specified timeout, returning the latest state. If the - operation is already done, the latest state is immediately returned. If - the timeout specified is greater than the default HTTP/RPC timeout, the - HTTP/RPC timeout is used. If the server does not support this method, it - returns ``google.rpc.Code.UNIMPLEMENTED``. Note that this method is on a - best-effort basis. It may return the latest state before the specified - timeout (including immediately), meaning even an immediate response is - no guarantee that the operation is done. + asset_types (list[str]): A list of asset types of which to take a snapshot for. For example: + "google.compute.Disk". If specified, only matching assets will be + returned. See `Introduction to Cloud Asset + Inventory `__ + for all supported asset types. content_type (~google.cloud.asset_v1beta1.types.ContentType): Asset content type. If not specified, no content but the asset name will be returned. retry (Optional[google.api_core.retry.Retry]): A retry object used @@ -321,82 +320,53 @@ def export_assets( def batch_get_assets_history( self, parent, - content_type, - read_time_window, + content_type=None, + read_time_window=None, asset_names=None, retry=google.api_core.gapic_v1.method.DEFAULT, timeout=google.api_core.gapic_v1.method.DEFAULT, metadata=None, ): """ - A URL/resource name that uniquely identifies the type of the - serialized protocol buffer message. This string must contain at least - one "/" character. The last segment of the URL's path must represent the - fully qualified name of the type (as in - ``path/google.protobuf.Duration``). The name should be in a canonical - form (e.g., leading "." is not accepted). - - In practice, teams usually precompile into the binary all types that - they expect it to use in the context of Any. However, for URLs which use - the scheme ``http``, ``https``, or no scheme, one can optionally set up - a type server that maps type URLs to message definitions as follows: - - - If no scheme is provided, ``https`` is assumed. - - An HTTP GET on the URL must yield a ``google.protobuf.Type`` value in - binary format, or produce an error. - - Applications are allowed to cache lookup results based on the URL, or - have them precompiled into a binary to avoid any lookup. Therefore, - binary compatibility needs to be preserved on changes to types. (Use - versioned type names to manage breaking changes.) - - Note: this functionality is not currently available in the official - protobuf release, and it is not used for type URLs beginning with - type.googleapis.com. - - Schemes other than ``http``, ``https`` (or the empty scheme) might be - used with implementation specific semantics. + Batch gets the update history of assets that overlap a time window. + For RESOURCE content, this API outputs history with asset in both + non-delete or deleted status. For IAM_POLICY content, this API outputs + history when the asset and its attached IAM POLICY both exist. This can + create gaps in the output history. If a specified asset does not exist, + this API returns an INVALID_ARGUMENT error. Example: >>> from google.cloud import asset_v1beta1 - >>> from google.cloud.asset_v1beta1 import enums >>> >>> client = asset_v1beta1.AssetServiceClient() >>> - >>> parent = client.project_path('[PROJECT]') - >>> - >>> # TODO: Initialize `content_type`: - >>> content_type = enums.ContentType.CONTENT_TYPE_UNSPECIFIED - >>> - >>> # TODO: Initialize `read_time_window`: - >>> read_time_window = {} + >>> # TODO: Initialize `parent`: + >>> parent = '' >>> - >>> response = client.batch_get_assets_history(parent, content_type, read_time_window) + >>> response = client.batch_get_assets_history(parent) Args: parent (str): Required. The relative name of the root asset. It can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id")", or a project number (such as "projects/12345"). + asset_names (list[str]): A list of the full names of the assets. For example: + ``//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1``. + See `Resource + Names `__ + for more info. + + The request becomes a no-op if the asset name list is empty, and the max + size of the asset name list is 100 in one request. content_type (~google.cloud.asset_v1beta1.types.ContentType): Optional. The content type. - read_time_window (Union[dict, ~google.cloud.asset_v1beta1.types.TimeWindow]): If set, all the classes from the .proto file are wrapped in a single - outer class with the given name. This applies to both Proto1 (equivalent - to the old "--one_java_file" option) and Proto2 (where a .proto always - translates to a single class, but you may want to explicitly choose the - class name). + read_time_window (Union[dict, ~google.cloud.asset_v1beta1.types.TimeWindow]): Optional. The time window for the asset history. Both start_time and + end_time are optional and if set, it must be after 2018-10-02 UTC. If + end_time is not set, it is default to current timestamp. If start_time + is not set, the snapshot of the assets at end_time will be returned. The + returned results contain all temporal assets whose time window overlap + with read_time_window. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1beta1.types.TimeWindow` - asset_names (list[str]): The full name of the immediate parent of this resource. See - `Resource - Names `__ - for more information. - - For GCP assets, it is the parent resource defined in the `Cloud IAM - policy - hierarchy `__. - For example: - ``"//cloudresourcemanager.googleapis.com/projects/my_project_123"``. - - For third-party assets, it is up to the users to define. retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -429,9 +399,9 @@ class name). request = asset_service_pb2.BatchGetAssetsHistoryRequest( parent=parent, + asset_names=asset_names, content_type=content_type, read_time_window=read_time_window, - asset_names=asset_names, ) if metadata is None: metadata = [] diff --git a/google/cloud/asset_v1beta1/gapic/enums.py b/google/cloud/asset_v1beta1/gapic/enums.py index efb95e06..272f5f3a 100644 --- a/google/cloud/asset_v1beta1/gapic/enums.py +++ b/google/cloud/asset_v1beta1/gapic/enums.py @@ -36,16 +36,10 @@ class ContentType(enum.IntEnum): class NullValue(enum.IntEnum): """ - The resource type. It must be in the format of - {service_name}/{resource_type_kind}. The ``resource_type_kind`` must be - singular and must not include version numbers. + ``NullValue`` is a singleton enumeration to represent the null value + for the ``Value`` type union. - Example: ``storage.googleapis.com/Bucket`` - - The value of the resource_type_kind must follow the regular expression - /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and - should use PascalCase (UpperCamelCase). The maximum number of characters - allowed for the ``resource_type_kind`` is 100. + The JSON representation for ``NullValue`` is JSON ``null``. Attributes: NULL_VALUE (int): Null value. diff --git a/google/cloud/asset_v1beta1/gapic/transports/asset_service_grpc_transport.py b/google/cloud/asset_v1beta1/gapic/transports/asset_service_grpc_transport.py index 474df8ad..ec983c27 100644 --- a/google/cloud/asset_v1beta1/gapic/transports/asset_service_grpc_transport.py +++ b/google/cloud/asset_v1beta1/gapic/transports/asset_service_grpc_transport.py @@ -119,7 +119,10 @@ def channel(self): def export_assets(self): """Return the gRPC stub for :meth:`AssetServiceClient.export_assets`. - See ``HttpRule``. + Exports assets with time and resource types to a given Cloud Storage + location. The output format is newline-delimited JSON. This API + implements the ``google.longrunning.Operation`` API allowing you to keep + track of the export. Returns: Callable: A callable which accepts the appropriate @@ -132,32 +135,12 @@ def export_assets(self): def batch_get_assets_history(self): """Return the gRPC stub for :meth:`AssetServiceClient.batch_get_assets_history`. - A URL/resource name that uniquely identifies the type of the - serialized protocol buffer message. This string must contain at least - one "/" character. The last segment of the URL's path must represent the - fully qualified name of the type (as in - ``path/google.protobuf.Duration``). The name should be in a canonical - form (e.g., leading "." is not accepted). - - In practice, teams usually precompile into the binary all types that - they expect it to use in the context of Any. However, for URLs which use - the scheme ``http``, ``https``, or no scheme, one can optionally set up - a type server that maps type URLs to message definitions as follows: - - - If no scheme is provided, ``https`` is assumed. - - An HTTP GET on the URL must yield a ``google.protobuf.Type`` value in - binary format, or produce an error. - - Applications are allowed to cache lookup results based on the URL, or - have them precompiled into a binary to avoid any lookup. Therefore, - binary compatibility needs to be preserved on changes to types. (Use - versioned type names to manage breaking changes.) - - Note: this functionality is not currently available in the official - protobuf release, and it is not used for type URLs beginning with - type.googleapis.com. - - Schemes other than ``http``, ``https`` (or the empty scheme) might be - used with implementation specific semantics. + Batch gets the update history of assets that overlap a time window. + For RESOURCE content, this API outputs history with asset in both + non-delete or deleted status. For IAM_POLICY content, this API outputs + history when the asset and its attached IAM POLICY both exist. This can + create gaps in the output history. If a specified asset does not exist, + this API returns an INVALID_ARGUMENT error. Returns: Callable: A callable which accepts the appropriate diff --git a/google/cloud/asset_v1beta1/proto/asset_service_pb2.py b/google/cloud/asset_v1beta1/proto/asset_service_pb2.py index aad2d93c..b5ab5d6c 100644 --- a/google/cloud/asset_v1beta1/proto/asset_service_pb2.py +++ b/google/cloud/asset_v1beta1/proto/asset_service_pb2.py @@ -566,9 +566,9 @@ A list of asset types of which to take a snapshot for. For example: “google.compute.Disk”. If specified, only matching assets will be returned. See `Introduction to Cloud Asset - Inventory `__ for all supported asset - types. + Inventory `__ for all + supported asset types. content_type: Asset content type. If not specified, no content but the asset name will be returned. diff --git a/google/cloud/asset_v1p1beta1/gapic/asset_service_client.py b/google/cloud/asset_v1p1beta1/gapic/asset_service_client.py index b4bddc31..0af1e09a 100644 --- a/google/cloud/asset_v1p1beta1/gapic/asset_service_client.py +++ b/google/cloud/asset_v1p1beta1/gapic/asset_service_client.py @@ -188,6 +188,7 @@ def search_all_resources( query=None, asset_types=None, page_size=None, + order_by=None, retry=google.api_core.gapic_v1.method.DEFAULT, timeout=google.api_core.gapic_v1.method.DEFAULT, metadata=None, @@ -223,12 +224,13 @@ def search_all_resources( ... pass Args: - scope (str): Required. The relative name of an asset. The search is limited to the - resources within the ``scope``. The allowed value must be: + scope (str): Required. The relative name of an asset. The search is limited to + the resources within the ``scope``. The allowed value must be: - Organization number (such as "organizations/123") - Folder number(such as "folders/1234") - Project number (such as "projects/12345") + - Project id (such as "projects/abc") query (str): Optional. The query statement. asset_types (list[str]): Optional. A list of asset types that this request searches for. If empty, it will search all the supported asset types. @@ -237,6 +239,10 @@ def search_all_resources( resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page. + order_by (str): Optional. A comma separated list of fields specifying the sorting order of the + results. The default order is ascending. Add " desc" after the field name + to indicate descending order. Redundant space characters are ignored. For + example, " foo , bar desc ". retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -271,7 +277,11 @@ def search_all_resources( ) request = asset_service_pb2.SearchAllResourcesRequest( - scope=scope, query=query, asset_types=asset_types, page_size=page_size + scope=scope, + query=query, + asset_types=asset_types, + page_size=page_size, + order_by=order_by, ) if metadata is None: metadata = [] @@ -341,12 +351,13 @@ def search_all_iam_policies( ... pass Args: - scope (str): Required. The relative name of an asset. The search is limited to the - resources within the ``scope``. The allowed value must be: + scope (str): Required. The relative name of an asset. The search is limited to + the resources within the ``scope``. The allowed value must be: - Organization number (such as "organizations/123") - Folder number(such as "folders/1234") - Project number (such as "projects/12345") + - Project id (such as "projects/abc") query (str): Optional. The query statement. Examples: - "policy:myuser@mydomain.com" diff --git a/google/cloud/asset_v1p1beta1/proto/asset_service_pb2.py b/google/cloud/asset_v1p1beta1/proto/asset_service_pb2.py index ac6703ce..e41bb1a2 100644 --- a/google/cloud/asset_v1p1beta1/proto/asset_service_pb2.py +++ b/google/cloud/asset_v1p1beta1/proto/asset_service_pb2.py @@ -2,9 +2,6 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # source: google/cloud/asset_v1p1beta1/proto/asset_service.proto -import sys - -_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) from google.protobuf import descriptor as _descriptor from google.protobuf import message as _message from google.protobuf import reflection as _reflection @@ -27,12 +24,8 @@ name="google/cloud/asset_v1p1beta1/proto/asset_service.proto", package="google.cloud.asset.v1p1beta1", syntax="proto3", - serialized_options=_b( - "\n com.google.cloud.asset.v1p1beta1B\021AssetServiceProtoP\001ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\252\002\034Google.Cloud.Asset.V1P1Beta1\312\002\034Google\\Cloud\\Asset\\V1p1beta1" - ), - serialized_pb=_b( - '\n6google/cloud/asset_v1p1beta1/proto/asset_service.proto\x12\x1cgoogle.cloud.asset.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a/google/cloud/asset_v1p1beta1/proto/assets.proto"\x8e\x01\n\x19SearchAllResourcesRequest\x12\x12\n\x05scope\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x12\n\x05query\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12\x18\n\x0b\x61sset_types\x18\x03 \x03(\tB\x03\xe0\x41\x01\x12\x16\n\tpage_size\x18\x04 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x05 \x01(\tB\x03\xe0\x41\x01"~\n\x1aSearchAllResourcesResponse\x12G\n\x07results\x18\x01 \x03(\x0b\x32\x36.google.cloud.asset.v1p1beta1.StandardResourceMetadata\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"v\n\x1bSearchAllIamPoliciesRequest\x12\x12\n\x05scope\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x12\n\x05query\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12\x16\n\tpage_size\x18\x03 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x04 \x01(\tB\x03\xe0\x41\x01"}\n\x1cSearchAllIamPoliciesResponse\x12\x44\n\x07results\x18\x01 \x03(\x0b\x32\x33.google.cloud.asset.v1p1beta1.IamPolicySearchResult\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t2\x89\x04\n\x0c\x41ssetService\x12\xd5\x01\n\x12SearchAllResources\x12\x37.google.cloud.asset.v1p1beta1.SearchAllResourcesRequest\x1a\x38.google.cloud.asset.v1p1beta1.SearchAllResourcesResponse"L\x82\xd3\xe4\x93\x02,\x12*/v1p1beta1/{scope=*/*}/resources:searchAll\xda\x41\x17scope,query,asset_types\x12\xd1\x01\n\x14SearchAllIamPolicies\x12\x39.google.cloud.asset.v1p1beta1.SearchAllIamPoliciesRequest\x1a:.google.cloud.asset.v1p1beta1.SearchAllIamPoliciesResponse"B\x82\xd3\xe4\x93\x02.\x12,/v1p1beta1/{scope=*/*}/iamPolicies:searchAll\xda\x41\x0bscope,query\x1aM\xca\x41\x19\x63loudasset.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xb8\x01\n com.google.cloud.asset.v1p1beta1B\x11\x41ssetServiceProtoP\x01ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\xaa\x02\x1cGoogle.Cloud.Asset.V1P1Beta1\xca\x02\x1cGoogle\\Cloud\\Asset\\V1p1beta1b\x06proto3' - ), + serialized_options=b"\n com.google.cloud.asset.v1p1beta1B\021AssetServiceProtoP\001ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\252\002\034Google.Cloud.Asset.V1P1Beta1\312\002\034Google\\Cloud\\Asset\\V1p1beta1", + serialized_pb=b'\n6google/cloud/asset_v1p1beta1/proto/asset_service.proto\x12\x1cgoogle.cloud.asset.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a/google/cloud/asset_v1p1beta1/proto/assets.proto"\xa5\x01\n\x19SearchAllResourcesRequest\x12\x12\n\x05scope\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x12\n\x05query\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12\x18\n\x0b\x61sset_types\x18\x03 \x03(\tB\x03\xe0\x41\x01\x12\x16\n\tpage_size\x18\x04 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x05 \x01(\tB\x03\xe0\x41\x01\x12\x15\n\x08order_by\x18\n \x01(\tB\x03\xe0\x41\x01"~\n\x1aSearchAllResourcesResponse\x12G\n\x07results\x18\x01 \x03(\x0b\x32\x36.google.cloud.asset.v1p1beta1.StandardResourceMetadata\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"v\n\x1bSearchAllIamPoliciesRequest\x12\x12\n\x05scope\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x12\n\x05query\x18\x02 \x01(\tB\x03\xe0\x41\x01\x12\x16\n\tpage_size\x18\x03 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x04 \x01(\tB\x03\xe0\x41\x01"}\n\x1cSearchAllIamPoliciesResponse\x12\x44\n\x07results\x18\x01 \x03(\x0b\x32\x33.google.cloud.asset.v1p1beta1.IamPolicySearchResult\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t2\x89\x04\n\x0c\x41ssetService\x12\xd5\x01\n\x12SearchAllResources\x12\x37.google.cloud.asset.v1p1beta1.SearchAllResourcesRequest\x1a\x38.google.cloud.asset.v1p1beta1.SearchAllResourcesResponse"L\x82\xd3\xe4\x93\x02,\x12*/v1p1beta1/{scope=*/*}/resources:searchAll\xda\x41\x17scope,query,asset_types\x12\xd1\x01\n\x14SearchAllIamPolicies\x12\x39.google.cloud.asset.v1p1beta1.SearchAllIamPoliciesRequest\x1a:.google.cloud.asset.v1p1beta1.SearchAllIamPoliciesResponse"B\x82\xd3\xe4\x93\x02.\x12,/v1p1beta1/{scope=*/*}/iamPolicies:searchAll\xda\x41\x0bscope,query\x1aM\xca\x41\x19\x63loudasset.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xb8\x01\n com.google.cloud.asset.v1p1beta1B\x11\x41ssetServiceProtoP\x01ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\xaa\x02\x1cGoogle.Cloud.Asset.V1P1Beta1\xca\x02\x1cGoogle\\Cloud\\Asset\\V1p1beta1b\x06proto3', dependencies=[ google_dot_api_dot_annotations__pb2.DESCRIPTOR, google_dot_api_dot_client__pb2.DESCRIPTOR, @@ -58,13 +51,13 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\002"), + serialized_options=b"\340A\002", file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -76,13 +69,13 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\001"), + serialized_options=b"\340A\001", file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -100,7 +93,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\001"), + serialized_options=b"\340A\001", file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -118,7 +111,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\001"), + serialized_options=b"\340A\001", file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -130,13 +123,31 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=b"\340A\001", + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="order_by", + full_name="google.cloud.asset.v1p1beta1.SearchAllResourcesRequest.order_by", + index=5, + number=10, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\001"), + serialized_options=b"\340A\001", file=DESCRIPTOR, ), ], @@ -149,7 +160,7 @@ extension_ranges=[], oneofs=[], serialized_start=226, - serialized_end=368, + serialized_end=391, ) @@ -187,7 +198,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -205,8 +216,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=370, - serialized_end=496, + serialized_start=393, + serialized_end=519, ) @@ -226,13 +237,13 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\002"), + serialized_options=b"\340A\002", file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -244,13 +255,13 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\001"), + serialized_options=b"\340A\001", file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -268,7 +279,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\001"), + serialized_options=b"\340A\001", file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -280,13 +291,13 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, - serialized_options=_b("\340A\001"), + serialized_options=b"\340A\001", file=DESCRIPTOR, ), ], @@ -298,8 +309,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=498, - serialized_end=616, + serialized_start=521, + serialized_end=639, ) @@ -337,7 +348,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -355,8 +366,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=618, - serialized_end=743, + serialized_start=641, + serialized_end=766, ) _SEARCHALLRESOURCESRESPONSE.fields_by_name[ @@ -386,19 +397,19 @@ SearchAllResourcesRequest = _reflection.GeneratedProtocolMessageType( "SearchAllResourcesRequest", (_message.Message,), - dict( - DESCRIPTOR=_SEARCHALLRESOURCESREQUEST, - __module__="google.cloud.asset_v1p1beta1.proto.asset_service_pb2", - __doc__="""Search all resources request. + { + "DESCRIPTOR": _SEARCHALLRESOURCESREQUEST, + "__module__": "google.cloud.asset_v1p1beta1.proto.asset_service_pb2", + "__doc__": """Search all resources request. Attributes: scope: Required. The relative name of an asset. The search is limited to the resources within the ``scope``. The allowed value must - be: \* Organization number (such as "organizations/123") \* - Folder number(such as "folders/1234") \* Project number (such - as "projects/12345") + be: \* Organization number (such as “organizations/123”) \* + Folder number(such as “folders/1234”) \* Project number (such + as “projects/12345”) \* Project id (such as “projects/abc”) query: Optional. The query statement. asset_types: @@ -417,19 +428,25 @@ the value of ``next_page_token`` from the previous response. The values of all other method parameters, must be identical to those in the previous call. + order_by: + Optional. A comma separated list of fields specifying the + sorting order of the results. The default order is ascending. + Add " desc" after the field name to indicate descending order. + Redundant space characters are ignored. For example, " foo , + bar desc ". """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.SearchAllResourcesRequest) - ), + }, ) _sym_db.RegisterMessage(SearchAllResourcesRequest) SearchAllResourcesResponse = _reflection.GeneratedProtocolMessageType( "SearchAllResourcesResponse", (_message.Message,), - dict( - DESCRIPTOR=_SEARCHALLRESOURCESRESPONSE, - __module__="google.cloud.asset_v1p1beta1.proto.asset_service_pb2", - __doc__="""Search all resources response. + { + "DESCRIPTOR": _SEARCHALLRESOURCESRESPONSE, + "__module__": "google.cloud.asset_v1p1beta1.proto.asset_service_pb2", + "__doc__": """Search all resources response. Attributes: @@ -442,30 +459,30 @@ ``next_page_token`` as ``page_token``. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.SearchAllResourcesResponse) - ), + }, ) _sym_db.RegisterMessage(SearchAllResourcesResponse) SearchAllIamPoliciesRequest = _reflection.GeneratedProtocolMessageType( "SearchAllIamPoliciesRequest", (_message.Message,), - dict( - DESCRIPTOR=_SEARCHALLIAMPOLICIESREQUEST, - __module__="google.cloud.asset_v1p1beta1.proto.asset_service_pb2", - __doc__="""Search all IAM policies request. + { + "DESCRIPTOR": _SEARCHALLIAMPOLICIESREQUEST, + "__module__": "google.cloud.asset_v1p1beta1.proto.asset_service_pb2", + "__doc__": """Search all IAM policies request. Attributes: scope: Required. The relative name of an asset. The search is limited to the resources within the ``scope``. The allowed value must - be: \* Organization number (such as "organizations/123") \* - Folder number(such as "folders/1234") \* Project number (such - as "projects/12345") + be: \* Organization number (such as “organizations/123”) \* + Folder number(such as “folders/1234”) \* Project number (such + as “projects/12345”) \* Project id (such as “projects/abc”) query: Optional. The query statement. Examples: \* - "policy:myuser@mydomain.com" \* "policy:(myuser@mydomain.com - viewer)" + “policy:myuser@mydomain.com” \* “policy:(myuser@mydomain.com + viewer)” page_size: Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set @@ -481,17 +498,17 @@ those in the previous call. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.SearchAllIamPoliciesRequest) - ), + }, ) _sym_db.RegisterMessage(SearchAllIamPoliciesRequest) SearchAllIamPoliciesResponse = _reflection.GeneratedProtocolMessageType( "SearchAllIamPoliciesResponse", (_message.Message,), - dict( - DESCRIPTOR=_SEARCHALLIAMPOLICIESRESPONSE, - __module__="google.cloud.asset_v1p1beta1.proto.asset_service_pb2", - __doc__="""Search all IAM policies response. + { + "DESCRIPTOR": _SEARCHALLIAMPOLICIESRESPONSE, + "__module__": "google.cloud.asset_v1p1beta1.proto.asset_service_pb2", + "__doc__": """Search all IAM policies response. Attributes: @@ -505,7 +522,7 @@ again, using this value as the ``page_token``. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.SearchAllIamPoliciesResponse) - ), + }, ) _sym_db.RegisterMessage(SearchAllIamPoliciesResponse) @@ -516,6 +533,7 @@ _SEARCHALLRESOURCESREQUEST.fields_by_name["asset_types"]._options = None _SEARCHALLRESOURCESREQUEST.fields_by_name["page_size"]._options = None _SEARCHALLRESOURCESREQUEST.fields_by_name["page_token"]._options = None +_SEARCHALLRESOURCESREQUEST.fields_by_name["order_by"]._options = None _SEARCHALLIAMPOLICIESREQUEST.fields_by_name["scope"]._options = None _SEARCHALLIAMPOLICIESREQUEST.fields_by_name["query"]._options = None _SEARCHALLIAMPOLICIESREQUEST.fields_by_name["page_size"]._options = None @@ -526,11 +544,9 @@ full_name="google.cloud.asset.v1p1beta1.AssetService", file=DESCRIPTOR, index=0, - serialized_options=_b( - "\312A\031cloudasset.googleapis.com\322A.https://www.googleapis.com/auth/cloud-platform" - ), - serialized_start=746, - serialized_end=1267, + serialized_options=b"\312A\031cloudasset.googleapis.com\322A.https://www.googleapis.com/auth/cloud-platform", + serialized_start=769, + serialized_end=1290, methods=[ _descriptor.MethodDescriptor( name="SearchAllResources", @@ -539,9 +555,7 @@ containing_service=None, input_type=_SEARCHALLRESOURCESREQUEST, output_type=_SEARCHALLRESOURCESRESPONSE, - serialized_options=_b( - "\202\323\344\223\002,\022*/v1p1beta1/{scope=*/*}/resources:searchAll\332A\027scope,query,asset_types" - ), + serialized_options=b"\202\323\344\223\002,\022*/v1p1beta1/{scope=*/*}/resources:searchAll\332A\027scope,query,asset_types", ), _descriptor.MethodDescriptor( name="SearchAllIamPolicies", @@ -550,9 +564,7 @@ containing_service=None, input_type=_SEARCHALLIAMPOLICIESREQUEST, output_type=_SEARCHALLIAMPOLICIESRESPONSE, - serialized_options=_b( - "\202\323\344\223\002.\022,/v1p1beta1/{scope=*/*}/iamPolicies:searchAll\332A\013scope,query" - ), + serialized_options=b"\202\323\344\223\002.\022,/v1p1beta1/{scope=*/*}/iamPolicies:searchAll\332A\013scope,query", ), ], ) diff --git a/google/cloud/asset_v1p1beta1/proto/assets_pb2.py b/google/cloud/asset_v1p1beta1/proto/assets_pb2.py index e8cfb8d7..b00ec3e1 100644 --- a/google/cloud/asset_v1p1beta1/proto/assets_pb2.py +++ b/google/cloud/asset_v1p1beta1/proto/assets_pb2.py @@ -2,9 +2,6 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # source: google/cloud/asset_v1p1beta1/proto/assets.proto -import sys - -_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) from google.protobuf import descriptor as _descriptor from google.protobuf import message as _message from google.protobuf import reflection as _reflection @@ -23,12 +20,8 @@ name="google/cloud/asset_v1p1beta1/proto/assets.proto", package="google.cloud.asset.v1p1beta1", syntax="proto3", - serialized_options=_b( - "\n com.google.cloud.asset.v1p1beta1B\nAssetProtoP\001ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\370\001\001\252\002\034Google.Cloud.Asset.V1P1Beta1\312\002\034Google\\Cloud\\Asset\\V1p1beta1" - ), - serialized_pb=_b( - '\n/google/cloud/asset_v1p1beta1/proto/assets.proto\x12\x1cgoogle.cloud.asset.v1p1beta1\x1a\x1agoogle/iam/v1/policy.proto\x1a\x1cgoogle/api/annotations.proto"\x97\x01\n\x18StandardResourceMetadata\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x12\n\nasset_type\x18\x02 \x01(\t\x12\x0f\n\x07project\x18\x03 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x04 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x05 \x01(\t\x12\x1d\n\x15\x61\x64\x64itional_attributes\x18\n \x03(\t"a\n\x15IamPolicySearchResult\x12\x10\n\x08resource\x18\x01 \x01(\t\x12\x0f\n\x07project\x18\x03 \x01(\t\x12%\n\x06policy\x18\x04 \x01(\x0b\x32\x15.google.iam.v1.PolicyB\xb4\x01\n com.google.cloud.asset.v1p1beta1B\nAssetProtoP\x01ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\xf8\x01\x01\xaa\x02\x1cGoogle.Cloud.Asset.V1P1Beta1\xca\x02\x1cGoogle\\Cloud\\Asset\\V1p1beta1b\x06proto3' - ), + serialized_options=b"\n com.google.cloud.asset.v1p1beta1B\nAssetProtoP\001ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\370\001\001\252\002\034Google.Cloud.Asset.V1P1Beta1\312\002\034Google\\Cloud\\Asset\\V1p1beta1", + serialized_pb=b'\n/google/cloud/asset_v1p1beta1/proto/assets.proto\x12\x1cgoogle.cloud.asset.v1p1beta1\x1a\x1agoogle/iam/v1/policy.proto\x1a\x1cgoogle/api/annotations.proto"\xc2\x02\n\x18StandardResourceMetadata\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x12\n\nasset_type\x18\x02 \x01(\t\x12\x0f\n\x07project\x18\x03 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x04 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x05 \x01(\t\x12\x1d\n\x15\x61\x64\x64itional_attributes\x18\n \x03(\t\x12\x10\n\x08location\x18\x0b \x01(\t\x12R\n\x06labels\x18\x0c \x03(\x0b\x32\x42.google.cloud.asset.v1p1beta1.StandardResourceMetadata.LabelsEntry\x12\x14\n\x0cnetwork_tags\x18\r \x03(\t\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01"\xa3\x03\n\x15IamPolicySearchResult\x12\x10\n\x08resource\x18\x01 \x01(\t\x12\x0f\n\x07project\x18\x03 \x01(\t\x12%\n\x06policy\x18\x04 \x01(\x0b\x32\x15.google.iam.v1.Policy\x12T\n\x0b\x65xplanation\x18\x05 \x01(\x0b\x32?.google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation\x1a\xe9\x01\n\x0b\x45xplanation\x12t\n\x13matched_permissions\x18\x01 \x03(\x0b\x32W.google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation.MatchedPermissionsEntry\x1a\x64\n\x17MatchedPermissionsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x38\n\x05value\x18\x02 \x01(\x0b\x32).google.cloud.asset.v1p1beta1.Permissions:\x02\x38\x01""\n\x0bPermissions\x12\x13\n\x0bpermissions\x18\x01 \x03(\tB\xb4\x01\n com.google.cloud.asset.v1p1beta1B\nAssetProtoP\x01ZAgoogle.golang.org/genproto/googleapis/cloud/asset/v1p1beta1;asset\xf8\x01\x01\xaa\x02\x1cGoogle.Cloud.Asset.V1P1Beta1\xca\x02\x1cGoogle\\Cloud\\Asset\\V1p1beta1b\x06proto3', dependencies=[ google_dot_iam_dot_v1_dot_policy__pb2.DESCRIPTOR, google_dot_api_dot_annotations__pb2.DESCRIPTOR, @@ -36,6 +29,62 @@ ) +_STANDARDRESOURCEMETADATA_LABELSENTRY = _descriptor.Descriptor( + name="LabelsEntry", + full_name="google.cloud.asset.v1p1beta1.StandardResourceMetadata.LabelsEntry", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="key", + full_name="google.cloud.asset.v1p1beta1.StandardResourceMetadata.LabelsEntry.key", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=b"".decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="value", + full_name="google.cloud.asset.v1p1beta1.StandardResourceMetadata.LabelsEntry.value", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=b"".decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=b"8\001", + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=417, + serialized_end=462, +) + _STANDARDRESOURCEMETADATA = _descriptor.Descriptor( name="StandardResourceMetadata", full_name="google.cloud.asset.v1p1beta1.StandardResourceMetadata", @@ -52,7 +101,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -70,7 +119,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -88,7 +137,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -106,7 +155,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -124,7 +173,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -151,9 +200,63 @@ serialized_options=None, file=DESCRIPTOR, ), + _descriptor.FieldDescriptor( + name="location", + full_name="google.cloud.asset.v1p1beta1.StandardResourceMetadata.location", + index=6, + number=11, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=b"".decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="labels", + full_name="google.cloud.asset.v1p1beta1.StandardResourceMetadata.labels", + index=7, + number=12, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="network_tags", + full_name="google.cloud.asset.v1p1beta1.StandardResourceMetadata.network_tags", + index=8, + number=13, + type=9, + cpp_type=9, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), ], extensions=[], - nested_types=[], + nested_types=[_STANDARDRESOURCEMETADATA_LABELSENTRY], enum_types=[], serialized_options=None, is_extendable=False, @@ -161,9 +264,103 @@ extension_ranges=[], oneofs=[], serialized_start=140, - serialized_end=291, + serialized_end=462, +) + + +_IAMPOLICYSEARCHRESULT_EXPLANATION_MATCHEDPERMISSIONSENTRY = _descriptor.Descriptor( + name="MatchedPermissionsEntry", + full_name="google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation.MatchedPermissionsEntry", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="key", + full_name="google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation.MatchedPermissionsEntry.key", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=b"".decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="value", + full_name="google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation.MatchedPermissionsEntry.value", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=b"8\001", + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=784, + serialized_end=884, ) +_IAMPOLICYSEARCHRESULT_EXPLANATION = _descriptor.Descriptor( + name="Explanation", + full_name="google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="matched_permissions", + full_name="google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation.matched_permissions", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ) + ], + extensions=[], + nested_types=[_IAMPOLICYSEARCHRESULT_EXPLANATION_MATCHEDPERMISSIONSENTRY], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=651, + serialized_end=884, +) _IAMPOLICYSEARCHRESULT = _descriptor.Descriptor( name="IamPolicySearchResult", @@ -181,7 +378,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -199,7 +396,7 @@ cpp_type=9, label=1, has_default_value=False, - default_value=_b("").decode("utf-8"), + default_value=b"".decode("utf-8"), message_type=None, enum_type=None, containing_type=None, @@ -226,6 +423,63 @@ serialized_options=None, file=DESCRIPTOR, ), + _descriptor.FieldDescriptor( + name="explanation", + full_name="google.cloud.asset.v1p1beta1.IamPolicySearchResult.explanation", + index=3, + number=5, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_IAMPOLICYSEARCHRESULT_EXPLANATION], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=465, + serialized_end=884, +) + + +_PERMISSIONS = _descriptor.Descriptor( + name="Permissions", + full_name="google.cloud.asset.v1p1beta1.Permissions", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="permissions", + full_name="google.cloud.asset.v1p1beta1.Permissions.permissions", + index=0, + number=1, + type=9, + cpp_type=9, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ) ], extensions=[], nested_types=[], @@ -235,26 +489,53 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=293, - serialized_end=390, + serialized_start=886, + serialized_end=920, ) +_STANDARDRESOURCEMETADATA_LABELSENTRY.containing_type = _STANDARDRESOURCEMETADATA +_STANDARDRESOURCEMETADATA.fields_by_name[ + "labels" +].message_type = _STANDARDRESOURCEMETADATA_LABELSENTRY +_IAMPOLICYSEARCHRESULT_EXPLANATION_MATCHEDPERMISSIONSENTRY.fields_by_name[ + "value" +].message_type = _PERMISSIONS +_IAMPOLICYSEARCHRESULT_EXPLANATION_MATCHEDPERMISSIONSENTRY.containing_type = ( + _IAMPOLICYSEARCHRESULT_EXPLANATION +) +_IAMPOLICYSEARCHRESULT_EXPLANATION.fields_by_name[ + "matched_permissions" +].message_type = _IAMPOLICYSEARCHRESULT_EXPLANATION_MATCHEDPERMISSIONSENTRY +_IAMPOLICYSEARCHRESULT_EXPLANATION.containing_type = _IAMPOLICYSEARCHRESULT _IAMPOLICYSEARCHRESULT.fields_by_name[ "policy" ].message_type = ( google_dot_iam_dot_v1_dot_policy__pb2.google_dot_iam_dot_v1_dot_policy__pb2._POLICY ) +_IAMPOLICYSEARCHRESULT.fields_by_name[ + "explanation" +].message_type = _IAMPOLICYSEARCHRESULT_EXPLANATION DESCRIPTOR.message_types_by_name["StandardResourceMetadata"] = _STANDARDRESOURCEMETADATA DESCRIPTOR.message_types_by_name["IamPolicySearchResult"] = _IAMPOLICYSEARCHRESULT +DESCRIPTOR.message_types_by_name["Permissions"] = _PERMISSIONS _sym_db.RegisterFileDescriptor(DESCRIPTOR) StandardResourceMetadata = _reflection.GeneratedProtocolMessageType( "StandardResourceMetadata", (_message.Message,), - dict( - DESCRIPTOR=_STANDARDRESOURCEMETADATA, - __module__="google.cloud.asset_v1p1beta1.proto.assets_pb2", - __doc__="""The standard metadata of a cloud resource. + { + "LabelsEntry": _reflection.GeneratedProtocolMessageType( + "LabelsEntry", + (_message.Message,), + { + "DESCRIPTOR": _STANDARDRESOURCEMETADATA_LABELSENTRY, + "__module__": "google.cloud.asset_v1p1beta1.proto.assets_pb2" + # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.StandardResourceMetadata.LabelsEntry) + }, + ), + "DESCRIPTOR": _STANDARDRESOURCEMETADATA, + "__module__": "google.cloud.asset_v1p1beta1.proto.assets_pb2", + "__doc__": """The standard metadata of a cloud resource. Attributes: @@ -265,7 +546,7 @@ urce_names#full_resource_name>`__ for more information. asset_type: The type of this resource. For example: - "compute.googleapis.com/Disk". + “compute.googleapis.com/Disk”. project: The project that this resource belongs to, in the form of ``projects/{project_number}``. @@ -278,19 +559,66 @@ Additional searchable attributes of this resource. Informational only. The exact set of attributes is subject to change. For example: project id, DNS name etc. + location: + Location can be “global”, regional like “us-east1”, or zonal + like “us-west1-b”. + labels: + Labels associated with this resource. See `Labelling and + grouping GCP resources + `__ for more + information. + network_tags: + Network tags associated with this resource. Like labels, + network tags are a type of annotations used to group GCP + resources. See `Labelling GCP resources + `__ for more + information. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.StandardResourceMetadata) - ), + }, ) _sym_db.RegisterMessage(StandardResourceMetadata) +_sym_db.RegisterMessage(StandardResourceMetadata.LabelsEntry) IamPolicySearchResult = _reflection.GeneratedProtocolMessageType( "IamPolicySearchResult", (_message.Message,), - dict( - DESCRIPTOR=_IAMPOLICYSEARCHRESULT, - __module__="google.cloud.asset_v1p1beta1.proto.assets_pb2", - __doc__="""The result for a IAM Policy search. + { + "Explanation": _reflection.GeneratedProtocolMessageType( + "Explanation", + (_message.Message,), + { + "MatchedPermissionsEntry": _reflection.GeneratedProtocolMessageType( + "MatchedPermissionsEntry", + (_message.Message,), + { + "DESCRIPTOR": _IAMPOLICYSEARCHRESULT_EXPLANATION_MATCHEDPERMISSIONSENTRY, + "__module__": "google.cloud.asset_v1p1beta1.proto.assets_pb2" + # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation.MatchedPermissionsEntry) + }, + ), + "DESCRIPTOR": _IAMPOLICYSEARCHRESULT_EXPLANATION, + "__module__": "google.cloud.asset_v1p1beta1.proto.assets_pb2", + "__doc__": """Explanation about the IAM policy search result. + + + Attributes: + matched_permissions: + The map from roles to their included permission matching the + permission query (e.g. containing + ``policy.role.permissions:``). A sample role string: + “roles/compute.instanceAdmin”. The roles can also be found in + the returned ``policy`` bindings. Note that the map is + populated only if requesting with a permission query. + """, + # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.IamPolicySearchResult.Explanation) + }, + ), + "DESCRIPTOR": _IAMPOLICYSEARCHRESULT, + "__module__": "google.cloud.asset_v1p1beta1.proto.assets_pb2", + "__doc__": """The result for a IAM Policy search. Attributes: @@ -306,15 +634,44 @@ resource. If an IAM policy is set on a folder or orgnization, the project field will be empty. policy: - Representation of the actual Cloud IAM policy set on a cloud - resource. For each resource, there must be at most one Cloud - IAM policy set on it. + The IAM policy directly set on the given resource. Note that + the original IAM policy can contain multiple bindings. This + only contains the bindings that match the given query. For + queries that don’t contain a constrain on policies (e.g. an + empty query), this contains all the bindings. + explanation: + Explanation about the IAM policy search result. It contains + additional information to explain why the search result + matches the query. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.IamPolicySearchResult) - ), + }, ) _sym_db.RegisterMessage(IamPolicySearchResult) +_sym_db.RegisterMessage(IamPolicySearchResult.Explanation) +_sym_db.RegisterMessage(IamPolicySearchResult.Explanation.MatchedPermissionsEntry) + +Permissions = _reflection.GeneratedProtocolMessageType( + "Permissions", + (_message.Message,), + { + "DESCRIPTOR": _PERMISSIONS, + "__module__": "google.cloud.asset_v1p1beta1.proto.assets_pb2", + "__doc__": """IAM permissions + + + Attributes: + permissions: + A list of permissions. A sample permission string: + “compute.disk.get”. + """, + # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p1beta1.Permissions) + }, +) +_sym_db.RegisterMessage(Permissions) DESCRIPTOR._options = None +_STANDARDRESOURCEMETADATA_LABELSENTRY._options = None +_IAMPOLICYSEARCHRESULT_EXPLANATION_MATCHEDPERMISSIONSENTRY._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/asset_v1p2beta1/gapic/asset_service_client.py b/google/cloud/asset_v1p2beta1/gapic/asset_service_client.py index b655fe2b..690a7930 100644 --- a/google/cloud/asset_v1p2beta1/gapic/asset_service_client.py +++ b/google/cloud/asset_v1p2beta1/gapic/asset_service_client.py @@ -191,6 +191,76 @@ def __init__( self._inner_api_calls = {} # Service calls + def delete_feed( + self, + name, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Deletes an asset feed. + + Example: + >>> from google.cloud import asset_v1p2beta1 + >>> + >>> client = asset_v1p2beta1.AssetServiceClient() + >>> + >>> # TODO: Initialize `name`: + >>> name = '' + >>> + >>> client.delete_feed(name) + + Args: + name (str): Required. The name of the feed and it must be in the format of: + projects/project_number/feeds/feed_id + folders/folder_number/feeds/feed_id + organizations/organization_number/feeds/feed_id + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "delete_feed" not in self._inner_api_calls: + self._inner_api_calls[ + "delete_feed" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.delete_feed, + default_retry=self._method_configs["DeleteFeed"].retry, + default_timeout=self._method_configs["DeleteFeed"].timeout, + client_info=self._client_info, + ) + + request = asset_service_pb2.DeleteFeedRequest(name=name) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("name", name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + self._inner_api_calls["delete_feed"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + def create_feed( self, parent, @@ -228,16 +298,11 @@ def create_feed( "projects/12345"). feed_id (str): Required. This is the client-assigned asset feed identifier and it needs to be unique under a specific parent project/folder/organization. - feed (Union[dict, ~google.cloud.asset_v1p2beta1.types.Feed]): The resource type. It must be in the format of - {service_name}/{resource_type_kind}. The ``resource_type_kind`` must be - singular and must not include version numbers. - - Example: ``storage.googleapis.com/Bucket`` - - The value of the resource_type_kind must follow the regular expression - /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and - should use PascalCase (UpperCamelCase). The maximum number of characters - allowed for the ``resource_type_kind`` is 100. + feed (Union[dict, ~google.cloud.asset_v1p2beta1.types.Feed]): Required. The feed details. The field ``name`` must be empty and it + will be generated in the format of: + projects/project_number/feeds/feed_id + folders/folder_number/feeds/feed_id + organizations/organization_number/feeds/feed_id If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1p2beta1.types.Feed` @@ -306,12 +371,16 @@ def get_feed( >>> >>> client = asset_v1p2beta1.AssetServiceClient() >>> - >>> name = client.feed_path('[PROJECT]', '[FEED]') + >>> # TODO: Initialize `name`: + >>> name = '' >>> >>> response = client.get_feed(name) Args: - name (str): See ``HttpRule``. + name (str): Required. The name of the Feed and it must be in the format of: + projects/project_number/feeds/feed_id + folders/folder_number/feeds/feed_id + organizations/organization_number/feeds/feed_id retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -457,39 +526,17 @@ def update_feed( >>> response = client.update_feed(feed, update_mask) Args: - feed (Union[dict, ~google.cloud.asset_v1p2beta1.types.Feed]): A URL/resource name that uniquely identifies the type of the - serialized protocol buffer message. This string must contain at least - one "/" character. The last segment of the URL's path must represent the - fully qualified name of the type (as in - ``path/google.protobuf.Duration``). The name should be in a canonical - form (e.g., leading "." is not accepted). - - In practice, teams usually precompile into the binary all types that - they expect it to use in the context of Any. However, for URLs which use - the scheme ``http``, ``https``, or no scheme, one can optionally set up - a type server that maps type URLs to message definitions as follows: - - - If no scheme is provided, ``https`` is assumed. - - An HTTP GET on the URL must yield a ``google.protobuf.Type`` value in - binary format, or produce an error. - - Applications are allowed to cache lookup results based on the URL, or - have them precompiled into a binary to avoid any lookup. Therefore, - binary compatibility needs to be preserved on changes to types. (Use - versioned type names to manage breaking changes.) - - Note: this functionality is not currently available in the official - protobuf release, and it is not used for type URLs beginning with - type.googleapis.com. - - Schemes other than ``http``, ``https`` (or the empty scheme) might be - used with implementation specific semantics. + feed (Union[dict, ~google.cloud.asset_v1p2beta1.types.Feed]): Required. The new values of feed details. It must match an existing + feed and the field ``name`` must be in the format of: + projects/project_number/feeds/feed_id or + folders/folder_number/feeds/feed_id or + organizations/organization_number/feeds/feed_id. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1p2beta1.types.Feed` - update_mask (Union[dict, ~google.cloud.asset_v1p2beta1.types.FieldMask]): The REST URL for accessing the resource. An HTTP GET operation using - this URL returns the resource itself. Example: - ``https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123``. - It will be left unspecified for resources without a REST API. + update_mask (Union[dict, ~google.cloud.asset_v1p2beta1.types.FieldMask]): Required. Only updates the ``feed`` fields indicated by this mask. + The field mask must not be empty, and it must not contain fields that + are immutable or only set by the server. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1p2beta1.types.FieldMask` @@ -542,69 +589,3 @@ def update_feed( return self._inner_api_calls["update_feed"]( request, retry=retry, timeout=timeout, metadata=metadata ) - - def delete_feed( - self, - name, - retry=google.api_core.gapic_v1.method.DEFAULT, - timeout=google.api_core.gapic_v1.method.DEFAULT, - metadata=None, - ): - """ - Deletes an asset feed. - - Example: - >>> from google.cloud import asset_v1p2beta1 - >>> - >>> client = asset_v1p2beta1.AssetServiceClient() - >>> - >>> name = client.feed_path('[PROJECT]', '[FEED]') - >>> - >>> client.delete_feed(name) - - Args: - name (str): Represents a repeated ``Value``. - retry (Optional[google.api_core.retry.Retry]): A retry object used - to retry requests. If ``None`` is specified, requests will - be retried using a default configuration. - timeout (Optional[float]): The amount of time, in seconds, to wait - for the request to complete. Note that if ``retry`` is - specified, the timeout applies to each individual attempt. - metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata - that is provided to the method. - - Raises: - google.api_core.exceptions.GoogleAPICallError: If the request - failed for any reason. - google.api_core.exceptions.RetryError: If the request failed due - to a retryable error and retry attempts failed. - ValueError: If the parameters are invalid. - """ - # Wrap the transport method to add retry and timeout logic. - if "delete_feed" not in self._inner_api_calls: - self._inner_api_calls[ - "delete_feed" - ] = google.api_core.gapic_v1.method.wrap_method( - self.transport.delete_feed, - default_retry=self._method_configs["DeleteFeed"].retry, - default_timeout=self._method_configs["DeleteFeed"].timeout, - client_info=self._client_info, - ) - - request = asset_service_pb2.DeleteFeedRequest(name=name) - if metadata is None: - metadata = [] - metadata = list(metadata) - try: - routing_header = [("name", name)] - except AttributeError: - pass - else: - routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( - routing_header - ) - metadata.append(routing_metadata) - - self._inner_api_calls["delete_feed"]( - request, retry=retry, timeout=timeout, metadata=metadata - ) diff --git a/google/cloud/asset_v1p2beta1/gapic/asset_service_client_config.py b/google/cloud/asset_v1p2beta1/gapic/asset_service_client_config.py index d5bb6775..c8018d89 100644 --- a/google/cloud/asset_v1p2beta1/gapic/asset_service_client_config.py +++ b/google/cloud/asset_v1p2beta1/gapic/asset_service_client_config.py @@ -17,31 +17,31 @@ } }, "methods": { + "DeleteFeed": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, "CreateFeed": { - "timeout_millis": 30000, + "timeout_millis": 60000, "retry_codes_name": "non_idempotent", "retry_params_name": "default", }, "GetFeed": { - "timeout_millis": 10000, + "timeout_millis": 60000, "retry_codes_name": "idempotent", "retry_params_name": "default", }, "ListFeeds": { - "timeout_millis": 10000, + "timeout_millis": 60000, "retry_codes_name": "idempotent", "retry_params_name": "default", }, "UpdateFeed": { - "timeout_millis": 30000, + "timeout_millis": 60000, "retry_codes_name": "non_idempotent", "retry_params_name": "default", }, - "DeleteFeed": { - "timeout_millis": 30000, - "retry_codes_name": "idempotent", - "retry_params_name": "default", - }, }, } } diff --git a/google/cloud/asset_v1p2beta1/gapic/transports/asset_service_grpc_transport.py b/google/cloud/asset_v1p2beta1/gapic/transports/asset_service_grpc_transport.py index 1e81783b..563adde2 100644 --- a/google/cloud/asset_v1p2beta1/gapic/transports/asset_service_grpc_transport.py +++ b/google/cloud/asset_v1p2beta1/gapic/transports/asset_service_grpc_transport.py @@ -107,6 +107,19 @@ def channel(self): """ return self._channel + @property + def delete_feed(self): + """Return the gRPC stub for :meth:`AssetServiceClient.delete_feed`. + + Deletes an asset feed. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["asset_service_stub"].DeleteFeed + @property def create_feed(self): """Return the gRPC stub for :meth:`AssetServiceClient.create_feed`. @@ -159,16 +172,3 @@ def update_feed(self): deserialized response object. """ return self._stubs["asset_service_stub"].UpdateFeed - - @property - def delete_feed(self): - """Return the gRPC stub for :meth:`AssetServiceClient.delete_feed`. - - Deletes an asset feed. - - Returns: - Callable: A callable which accepts the appropriate - deserialized request object and returns a - deserialized response object. - """ - return self._stubs["asset_service_stub"].DeleteFeed diff --git a/google/cloud/asset_v1p2beta1/proto/asset_service_pb2.py b/google/cloud/asset_v1p2beta1/proto/asset_service_pb2.py index 06f90c3c..40fe26ed 100644 --- a/google/cloud/asset_v1p2beta1/proto/asset_service_pb2.py +++ b/google/cloud/asset_v1p2beta1/proto/asset_service_pb2.py @@ -932,8 +932,9 @@ Attributes: name: - Required. The format will be projects/{project_number}/feeds - /{client-assigned_feed_identifier} or + Required. The format will be + projects/{project_number}/feeds/{client- + assigned_feed_identifier} or folders/{folder_number}/feeds/{client- assigned_feed_identifier} or organizations/{organization_number}/feeds/{client- @@ -953,9 +954,9 @@ asset updates matching specified asset_names and asset_types are exported to the feed. For example: “compute.googleapis.com/Disk” See `Introduction to Cloud Asset - Inventory `__ for all supported asset - types. + Inventory `__ for all + supported asset types. content_type: Asset content type. If not specified, no content but the asset name and type will be returned. diff --git a/google/cloud/asset_v1p4beta1/gapic/asset_service_client.py b/google/cloud/asset_v1p4beta1/gapic/asset_service_client.py index ebf21f50..a27310be 100644 --- a/google/cloud/asset_v1p4beta1/gapic/asset_service_client.py +++ b/google/cloud/asset_v1p4beta1/gapic/asset_service_client.py @@ -184,17 +184,20 @@ def __init__( self._inner_api_calls = {} # Service calls - def analyze_iam_policy( + def export_iam_policy_analysis( self, analysis_query, + output_config, options_=None, retry=google.api_core.gapic_v1.method.DEFAULT, timeout=google.api_core.gapic_v1.method.DEFAULT, metadata=None, ): """ - For extensions, this is the name of the type being extended. It is - resolved in the same manner as type_name. + Exports IAM policy analysis based on the specified request. This API + implements the ``google.longrunning.Operation`` API allowing you to keep + track of the export. The metadata contains the request to help callers + to map responses to requests. Example: >>> from google.cloud import asset_v1p4beta1 @@ -204,13 +207,29 @@ def analyze_iam_policy( >>> # TODO: Initialize `analysis_query`: >>> analysis_query = {} >>> - >>> response = client.analyze_iam_policy(analysis_query) + >>> # TODO: Initialize `output_config`: + >>> output_config = {} + >>> + >>> response = client.export_iam_policy_analysis(analysis_query, output_config) + >>> + >>> def callback(operation_future): + ... # Handle result. + ... result = operation_future.result() + >>> + >>> response.add_done_callback(callback) + >>> + >>> # Handle metadata. + >>> metadata = response.metadata() Args: analysis_query (Union[dict, ~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisQuery]): Required. The request query. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisQuery` + output_config (Union[dict, ~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisOutputConfig]): Required. Output configuration indicating where the results will be output to. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisOutputConfig` options_ (Union[dict, ~google.cloud.asset_v1p4beta1.types.Options]): Optional. The request options. If a dict is provided, it must be of the same form as the protobuf @@ -225,7 +244,7 @@ def analyze_iam_policy( that is provided to the method. Returns: - A :class:`~google.cloud.asset_v1p4beta1.types.AnalyzeIamPolicyResponse` instance. + A :class:`~google.cloud.asset_v1p4beta1.types._OperationFuture` instance. Raises: google.api_core.exceptions.GoogleAPICallError: If the request @@ -235,18 +254,18 @@ def analyze_iam_policy( ValueError: If the parameters are invalid. """ # Wrap the transport method to add retry and timeout logic. - if "analyze_iam_policy" not in self._inner_api_calls: + if "export_iam_policy_analysis" not in self._inner_api_calls: self._inner_api_calls[ - "analyze_iam_policy" + "export_iam_policy_analysis" ] = google.api_core.gapic_v1.method.wrap_method( - self.transport.analyze_iam_policy, - default_retry=self._method_configs["AnalyzeIamPolicy"].retry, - default_timeout=self._method_configs["AnalyzeIamPolicy"].timeout, + self.transport.export_iam_policy_analysis, + default_retry=self._method_configs["ExportIamPolicyAnalysis"].retry, + default_timeout=self._method_configs["ExportIamPolicyAnalysis"].timeout, client_info=self._client_info, ) - request = asset_service_pb2.AnalyzeIamPolicyRequest( - analysis_query=analysis_query, options=options_ + request = asset_service_pb2.ExportIamPolicyAnalysisRequest( + analysis_query=analysis_query, output_config=output_config, options=options_ ) if metadata is None: metadata = [] @@ -261,28 +280,27 @@ def analyze_iam_policy( ) metadata.append(routing_metadata) - return self._inner_api_calls["analyze_iam_policy"]( + operation = self._inner_api_calls["export_iam_policy_analysis"]( request, retry=retry, timeout=timeout, metadata=metadata ) + return google.api_core.operation.from_gapic( + operation, + self.transport._operations_client, + asset_service_pb2.ExportIamPolicyAnalysisResponse, + metadata_type=asset_service_pb2.ExportIamPolicyAnalysisRequest, + ) - def export_iam_policy_analysis( + def analyze_iam_policy( self, analysis_query, - output_config, options_=None, retry=google.api_core.gapic_v1.method.DEFAULT, timeout=google.api_core.gapic_v1.method.DEFAULT, metadata=None, ): """ - The normal response of the operation in case of success. If the - original method returns no data on success, such as ``Delete``, the - response is ``google.protobuf.Empty``. If the original method is - standard ``Get``/``Create``/``Update``, the response should be the - resource. For other methods, the response should have the type - ``XxxResponse``, where ``Xxx`` is the original method name. For example, - if the original method name is ``TakeSnapshot()``, the inferred response - type is ``TakeSnapshotResponse``. + Analyzes IAM policies based on the specified request. Returns a list + of ``IamPolicyAnalysisResult`` matching the request. Example: >>> from google.cloud import asset_v1p4beta1 @@ -292,29 +310,13 @@ def export_iam_policy_analysis( >>> # TODO: Initialize `analysis_query`: >>> analysis_query = {} >>> - >>> # TODO: Initialize `output_config`: - >>> output_config = {} - >>> - >>> response = client.export_iam_policy_analysis(analysis_query, output_config) - >>> - >>> def callback(operation_future): - ... # Handle result. - ... result = operation_future.result() - >>> - >>> response.add_done_callback(callback) - >>> - >>> # Handle metadata. - >>> metadata = response.metadata() + >>> response = client.analyze_iam_policy(analysis_query) Args: analysis_query (Union[dict, ~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisQuery]): Required. The request query. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisQuery` - output_config (Union[dict, ~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisOutputConfig]): Required. Output configuration indicating where the results will be output to. - - If a dict is provided, it must be of the same form as the protobuf - message :class:`~google.cloud.asset_v1p4beta1.types.IamPolicyAnalysisOutputConfig` options_ (Union[dict, ~google.cloud.asset_v1p4beta1.types.Options]): Optional. The request options. If a dict is provided, it must be of the same form as the protobuf @@ -329,7 +331,7 @@ def export_iam_policy_analysis( that is provided to the method. Returns: - A :class:`~google.cloud.asset_v1p4beta1.types._OperationFuture` instance. + A :class:`~google.cloud.asset_v1p4beta1.types.AnalyzeIamPolicyResponse` instance. Raises: google.api_core.exceptions.GoogleAPICallError: If the request @@ -339,18 +341,18 @@ def export_iam_policy_analysis( ValueError: If the parameters are invalid. """ # Wrap the transport method to add retry and timeout logic. - if "export_iam_policy_analysis" not in self._inner_api_calls: + if "analyze_iam_policy" not in self._inner_api_calls: self._inner_api_calls[ - "export_iam_policy_analysis" + "analyze_iam_policy" ] = google.api_core.gapic_v1.method.wrap_method( - self.transport.export_iam_policy_analysis, - default_retry=self._method_configs["ExportIamPolicyAnalysis"].retry, - default_timeout=self._method_configs["ExportIamPolicyAnalysis"].timeout, + self.transport.analyze_iam_policy, + default_retry=self._method_configs["AnalyzeIamPolicy"].retry, + default_timeout=self._method_configs["AnalyzeIamPolicy"].timeout, client_info=self._client_info, ) - request = asset_service_pb2.ExportIamPolicyAnalysisRequest( - analysis_query=analysis_query, output_config=output_config, options=options_ + request = asset_service_pb2.AnalyzeIamPolicyRequest( + analysis_query=analysis_query, options=options_ ) if metadata is None: metadata = [] @@ -365,12 +367,6 @@ def export_iam_policy_analysis( ) metadata.append(routing_metadata) - operation = self._inner_api_calls["export_iam_policy_analysis"]( + return self._inner_api_calls["analyze_iam_policy"]( request, retry=retry, timeout=timeout, metadata=metadata ) - return google.api_core.operation.from_gapic( - operation, - self.transport._operations_client, - asset_service_pb2.ExportIamPolicyAnalysisResponse, - metadata_type=asset_service_pb2.ExportIamPolicyAnalysisRequest, - ) diff --git a/google/cloud/asset_v1p4beta1/gapic/asset_service_client_config.py b/google/cloud/asset_v1p4beta1/gapic/asset_service_client_config.py index 0246a2c1..bec46ac3 100644 --- a/google/cloud/asset_v1p4beta1/gapic/asset_service_client_config.py +++ b/google/cloud/asset_v1p4beta1/gapic/asset_service_client_config.py @@ -17,14 +17,14 @@ } }, "methods": { - "AnalyzeIamPolicy": { + "ExportIamPolicyAnalysis": { "timeout_millis": 600000, - "retry_codes_name": "idempotent", + "retry_codes_name": "non_idempotent", "retry_params_name": "default", }, - "ExportIamPolicyAnalysis": { + "AnalyzeIamPolicy": { "timeout_millis": 600000, - "retry_codes_name": "non_idempotent", + "retry_codes_name": "idempotent", "retry_params_name": "default", }, }, diff --git a/google/cloud/asset_v1p4beta1/gapic/enums.py b/google/cloud/asset_v1p4beta1/gapic/enums.py index 2248f825..8bf76999 100644 --- a/google/cloud/asset_v1p4beta1/gapic/enums.py +++ b/google/cloud/asset_v1p4beta1/gapic/enums.py @@ -21,9 +21,13 @@ class Code(enum.IntEnum): """ - Specifies a service that was configured for Cloud Audit Logging. For - example, ``storage.googleapis.com``, ``cloudsql.googleapis.com``. - ``allServices`` is a special value that covers all services. Required + The canonical error codes for gRPC APIs. + + Sometimes multiple error codes may apply. Services should return the + most specific error code that applies. For example, prefer + ``OUT_OF_RANGE`` over ``FAILED_PRECONDITION`` if both codes apply. + Similarly prefer ``NOT_FOUND`` or ``ALREADY_EXISTS`` over + ``FAILED_PRECONDITION``. Attributes: OK (int): Not an error; returned on success @@ -32,35 +36,19 @@ class Code(enum.IntEnum): CANCELLED (int): The operation was cancelled, typically by the caller. HTTP Mapping: 499 Client Closed Request - UNKNOWN (int): The service account impersonation analysis if - ``AnalyzeIamPolicyRequest.analyze_service_account_impersonation`` is - enabled. - INVALID_ARGUMENT (int): A URL/resource name that uniquely identifies the type of the - serialized protocol buffer message. This string must contain at least - one "/" character. The last segment of the URL's path must represent the - fully qualified name of the type (as in - ``path/google.protobuf.Duration``). The name should be in a canonical - form (e.g., leading "." is not accepted). - - In practice, teams usually precompile into the binary all types that - they expect it to use in the context of Any. However, for URLs which use - the scheme ``http``, ``https``, or no scheme, one can optionally set up - a type server that maps type URLs to message definitions as follows: - - - If no scheme is provided, ``https`` is assumed. - - An HTTP GET on the URL must yield a ``google.protobuf.Type`` value in - binary format, or produce an error. - - Applications are allowed to cache lookup results based on the URL, or - have them precompiled into a binary to avoid any lookup. Therefore, - binary compatibility needs to be preserved on changes to types. (Use - versioned type names to manage breaking changes.) - - Note: this functionality is not currently available in the official - protobuf release, and it is not used for type URLs beginning with - type.googleapis.com. - - Schemes other than ``http``, ``https`` (or the empty scheme) might be - used with implementation specific semantics. + UNKNOWN (int): Unknown error. For example, this error may be returned when a + ``Status`` value received from another address space belongs to an error + space that is not known in this address space. Also errors raised by + APIs that do not return enough error information may be converted to + this error. + + HTTP Mapping: 500 Internal Server Error + INVALID_ARGUMENT (int): The client specified an invalid argument. Note that this differs + from ``FAILED_PRECONDITION``. ``INVALID_ARGUMENT`` indicates arguments + that are problematic regardless of the state of the system (e.g., a + malformed file name). + + HTTP Mapping: 400 Bad Request DEADLINE_EXCEEDED (int): The deadline expired before the operation could complete. For operations that change the state of the system, this error may be returned even if the operation has completed successfully. For example, a @@ -68,20 +56,28 @@ class Code(enum.IntEnum): enough for the deadline to expire. HTTP Mapping: 504 Gateway Timeout - NOT_FOUND (int): A response message for ``AssetService.AnalyzeIamPolicy``. + NOT_FOUND (int): Some requested entity (e.g., file or directory) was not found. + + Note to server developers: if a request is denied for an entire class of + users, such as gradual feature rollout or undocumented whitelist, + ``NOT_FOUND`` may be used. If a request is denied for some users within + a class of users, such as user-based access control, + ``PERMISSION_DENIED`` must be used. + + HTTP Mapping: 404 Not Found ALREADY_EXISTS (int): The entity that a client attempted to create (e.g., file or directory) already exists. HTTP Mapping: 409 Conflict - PERMISSION_DENIED (int): Required. The message name of the primary return type for this - long-running operation. This type will be used to deserialize the LRO's - response. - - If the response is in a different package from the rpc, a - fully-qualified message name must be used (e.g. - ``google.protobuf.Struct``). - - Note: Altering this value constitutes a breaking change. + PERMISSION_DENIED (int): The caller does not have permission to execute the specified + operation. ``PERMISSION_DENIED`` must not be used for rejections caused + by exhausting some resource (use ``RESOURCE_EXHAUSTED`` instead for + those errors). ``PERMISSION_DENIED`` must not be used if the caller can + not be identified (use ``UNAUTHENTICATED`` instead for those errors). + This error code does not imply the request is valid or the requested + entity exists or satisfies other pre-conditions. + + HTTP Mapping: 403 Forbidden UNAUTHENTICATED (int): The request does not have valid authentication credentials for the operation. @@ -90,16 +86,46 @@ class Code(enum.IntEnum): perhaps the entire file system is out of space. HTTP Mapping: 429 Too Many Requests - FAILED_PRECONDITION (int): A single identity that is exempted from "data access" audit logging - for the ``service`` specified above. Follows the same format of - Binding.members. - ABORTED (int): The export IAM policy analysis response. This message is returned by - the ``google.longrunning.Operations.GetOperation`` method in the - returned ``google.longrunning.Operation.response`` field. - OUT_OF_RANGE (int): The custom pattern is used for specifying an HTTP method that is not - included in the ``pattern`` field, such as HEAD, or "*" to leave the - HTTP method unspecified for this rule. The wild-card rule is useful for - services that provide content to Web (HTML) clients. + FAILED_PRECONDITION (int): The operation was rejected because the system is not in a state + required for the operation's execution. For example, the directory to be + deleted is non-empty, an rmdir operation is applied to a non-directory, + etc. + + Service implementors can use the following guidelines to decide between + ``FAILED_PRECONDITION``, ``ABORTED``, and ``UNAVAILABLE``: (a) Use + ``UNAVAILABLE`` if the client can retry just the failing call. (b) Use + ``ABORTED`` if the client should retry at a higher level (e.g., when a + client-specified test-and-set fails, indicating the client should + restart a read-modify-write sequence). (c) Use ``FAILED_PRECONDITION`` + if the client should not retry until the system state has been + explicitly fixed. E.g., if an "rmdir" fails because the directory is + non-empty, ``FAILED_PRECONDITION`` should be returned since the client + should not retry unless the files are deleted from the directory. + + HTTP Mapping: 400 Bad Request + ABORTED (int): The operation was aborted, typically due to a concurrency issue such + as a sequencer check failure or transaction abort. + + See the guidelines above for deciding between ``FAILED_PRECONDITION``, + ``ABORTED``, and ``UNAVAILABLE``. + + HTTP Mapping: 409 Conflict + OUT_OF_RANGE (int): The operation was attempted past the valid range. E.g., seeking or + reading past end-of-file. + + Unlike ``INVALID_ARGUMENT``, this error indicates a problem that may be + fixed if the system state changes. For example, a 32-bit file system + will generate ``INVALID_ARGUMENT`` if asked to read at an offset that is + not in the range [0,2^32-1], but it will generate ``OUT_OF_RANGE`` if + asked to read from an offset past the current file size. + + There is a fair bit of overlap between ``FAILED_PRECONDITION`` and + ``OUT_OF_RANGE``. We recommend using ``OUT_OF_RANGE`` (the more specific + error) when it applies so that callers who are iterating through a space + can easily look for an ``OUT_OF_RANGE`` error to detect when they are + done. + + HTTP Mapping: 400 Bad Request UNIMPLEMENTED (int): The operation is not implemented or is not supported/enabled in this service. @@ -109,18 +135,14 @@ class Code(enum.IntEnum): for serious errors. HTTP Mapping: 500 Internal Server Error - UNAVAILABLE (int): Optional. If true, the resource section of the result will expand - any resource attached to an IAM policy to include resources lower in the - resource hierarchy. - - For example, if the request analyzes for which resources user A has - permission P, and the results include an IAM policy with P on a GCP - folder, the results will also include resources in that folder with - permission P. - - If ``resource_selector`` is specified, the resource section of the - result will be determined by the selector, and this flag will have no - effect. Default is false. + UNAVAILABLE (int): The service is currently unavailable. This is most likely a + transient condition, which can be corrected by retrying with a backoff. + Note that it is not always safe to retry non-idempotent operations. + + See the guidelines above for deciding between ``FAILED_PRECONDITION``, + ``ABORTED``, and ``UNAVAILABLE``. + + HTTP Mapping: 503 Service Unavailable DATA_LOSS (int): Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal Server Error diff --git a/google/cloud/asset_v1p4beta1/gapic/transports/asset_service_grpc_transport.py b/google/cloud/asset_v1p4beta1/gapic/transports/asset_service_grpc_transport.py index e6e06d7e..22295df8 100644 --- a/google/cloud/asset_v1p4beta1/gapic/transports/asset_service_grpc_transport.py +++ b/google/cloud/asset_v1p4beta1/gapic/transports/asset_service_grpc_transport.py @@ -116,35 +116,31 @@ def channel(self): return self._channel @property - def analyze_iam_policy(self): - """Return the gRPC stub for :meth:`AssetServiceClient.analyze_iam_policy`. + def export_iam_policy_analysis(self): + """Return the gRPC stub for :meth:`AssetServiceClient.export_iam_policy_analysis`. - For extensions, this is the name of the type being extended. It is - resolved in the same manner as type_name. + Exports IAM policy analysis based on the specified request. This API + implements the ``google.longrunning.Operation`` API allowing you to keep + track of the export. The metadata contains the request to help callers + to map responses to requests. Returns: Callable: A callable which accepts the appropriate deserialized request object and returns a deserialized response object. """ - return self._stubs["asset_service_stub"].AnalyzeIamPolicy + return self._stubs["asset_service_stub"].ExportIamPolicyAnalysis @property - def export_iam_policy_analysis(self): - """Return the gRPC stub for :meth:`AssetServiceClient.export_iam_policy_analysis`. + def analyze_iam_policy(self): + """Return the gRPC stub for :meth:`AssetServiceClient.analyze_iam_policy`. - The normal response of the operation in case of success. If the - original method returns no data on success, such as ``Delete``, the - response is ``google.protobuf.Empty``. If the original method is - standard ``Get``/``Create``/``Update``, the response should be the - resource. For other methods, the response should have the type - ``XxxResponse``, where ``Xxx`` is the original method name. For example, - if the original method name is ``TakeSnapshot()``, the inferred response - type is ``TakeSnapshotResponse``. + Analyzes IAM policies based on the specified request. Returns a list + of ``IamPolicyAnalysisResult`` matching the request. Returns: Callable: A callable which accepts the appropriate deserialized request object and returns a deserialized response object. """ - return self._stubs["asset_service_stub"].ExportIamPolicyAnalysis + return self._stubs["asset_service_stub"].AnalyzeIamPolicy diff --git a/google/cloud/asset_v1p4beta1/proto/asset_service_pb2.py b/google/cloud/asset_v1p4beta1/proto/asset_service_pb2.py index ebf1e85a..ddce8824 100644 --- a/google/cloud/asset_v1p4beta1/proto/asset_service_pb2.py +++ b/google/cloud/asset_v1p4beta1/proto/asset_service_pb2.py @@ -1220,11 +1220,12 @@ rsonation_analysis]. Default is false. execution_timeout: Optional. Amount of time executable has to complete. See JSON - representation of `Duration `__. If this field is set - with a value less than the RPC deadline, and the execution of - your query hasn’t finished in the specified execution timeout, - you will get a response with partial result. Otherwise, your + representation of `Duration + `__. If this field is set with a + value less than the RPC deadline, and the execution of your + query hasn’t finished in the specified execution timeout, you + will get a response with partial result. Otherwise, your query’s execution will continue until the RPC deadline. If it’s not finished until then, you will get a DEADLINE_EXCEEDED error. Default is empty. @@ -1327,8 +1328,9 @@ Required. The uri of the Cloud Storage object. It’s the same uri that is used by gsutil. For example: “gs://bucket_name/object_name”. See `Viewing and Editing - Object Metadata `__ for more information. + Object Metadata + `__ for more information. """, # @@protoc_insertion_point(class_scope:google.cloud.asset.v1p4beta1.IamPolicyAnalysisOutputConfig.GcsDestination) }, diff --git a/noxfile.py b/noxfile.py index d6c6687c..71f30ead 100644 --- a/noxfile.py +++ b/noxfile.py @@ -111,7 +111,6 @@ def system(session): # Install all test dependencies, then install this package into the # virtualenv's dist-packages. session.install("mock", "pytest", "google-cloud-testutils") - session.install("-e", ".") # Run py.test against the system tests. diff --git a/setup.cfg b/setup.cfg index 3bd55550..c3a2b39f 100644 --- a/setup.cfg +++ b/setup.cfg @@ -1,3 +1,19 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # Generated by synthtool. DO NOT EDIT! [bdist_wheel] universal = 1 diff --git a/setup.py b/setup.py index 49d11eee..1b9230fd 100644 --- a/setup.py +++ b/setup.py @@ -31,6 +31,8 @@ "google-api-core[grpc] >= 1.14.0, < 2.0.0dev", 'enum34; python_version < "3.4"', "grpc-google-iam-v1 >= 0.12.3, < 0.13dev", + "google-cloud-access-context-manager >= 0.1.2, < 0.2.0dev", + "google-cloud-org-policy >= 0.1.2, < 0.2.0dev", ] # Setup boilerplate below this line. diff --git a/synth.metadata b/synth.metadata index 48f5c103..79452df5 100644 --- a/synth.metadata +++ b/synth.metadata @@ -1,48 +1,32 @@ { - "updateTime": "2020-03-17T12:16:54.059305Z", "sources": [ { - "generator": { - "name": "artman", - "version": "1.1.1", - "dockerImage": "googleapis/artman@sha256:5ef340c8d9334719bc5c6981d95f4a5d2737b0a6a24f2b9a0d430e96fff85c5b" - } - }, - { - "generator": { - "name": "artman", - "version": "1.1.1", - "dockerImage": "googleapis/artman@sha256:5ef340c8d9334719bc5c6981d95f4a5d2737b0a6a24f2b9a0d430e96fff85c5b" - } - }, - { - "generator": { - "name": "artman", - "version": "1.1.1", - "dockerImage": "googleapis/artman@sha256:5ef340c8d9334719bc5c6981d95f4a5d2737b0a6a24f2b9a0d430e96fff85c5b" + "git": { + "name": ".", + "remote": "git@github.com:googleapis/python-asset.git", + "sha": "47d7b887828f4d4ba497900e85d130e27e9f6f3b" } }, { - "generator": { - "name": "artman", - "version": "1.1.1", - "dockerImage": "googleapis/artman@sha256:5ef340c8d9334719bc5c6981d95f4a5d2737b0a6a24f2b9a0d430e96fff85c5b" + "git": { + "name": "googleapis", + "remote": "https://github.com/googleapis/googleapis.git", + "sha": "83816bb3093686a28af2891db5b7506614a820b1", + "internalRef": "310509915" } }, { "git": { - "name": "googleapis", - "remote": "https://github.com/googleapis/googleapis.git", - "sha": "23d5f09e670ebb0c1b36214acf78704e2ecfc2ac", - "internalRef": "301337970", - "log": "23d5f09e670ebb0c1b36214acf78704e2ecfc2ac\nUpdate field_behavior annotations in V1 and V2.\n\nPiperOrigin-RevId: 301337970\n\nb2cf37e7fd62383a811aa4d54d013ecae638851d\nData Catalog V1 API\n\nPiperOrigin-RevId: 301282503\n\n1976b9981e2900c8172b7d34b4220bdb18c5db42\nCloud DLP api update. Adds missing fields to Finding and adds support for hybrid jobs.\n\nPiperOrigin-RevId: 301205325\n\n" + "name": "synthtool", + "remote": "https://github.com/googleapis/synthtool.git", + "sha": "4674113712c0c7ada19e6a8219d7963ff174b392" } }, { - "template": { - "name": "python_library", - "origin": "synthtool.gcp", - "version": "2020.2.4" + "git": { + "name": "synthtool", + "remote": "https://github.com/googleapis/synthtool.git", + "sha": "4674113712c0c7ada19e6a8219d7963ff174b392" } } ], @@ -56,6 +40,15 @@ "generator": "bazel" } }, + { + "client": { + "source": "googleapis", + "apiName": "asset", + "apiVersion": "v1p1beta1", + "language": "python", + "generator": "bazel" + } + }, { "client": { "source": "googleapis", diff --git a/synth.py b/synth.py index e53fbae6..90ef0ef0 100644 --- a/synth.py +++ b/synth.py @@ -19,7 +19,7 @@ gapic = gcp.GAPICBazel() common = gcp.CommonTemplates() -versions = ["v1beta1", "v1p2beta1", "v1p4beta1", "v1"] +versions = ["v1beta1", "v1p1beta1", "v1p2beta1", "v1p4beta1", "v1"] excludes = ["setup.py", "nox*.py", "README.rst", "docs/conf.py", "docs/index.rst"] @@ -57,6 +57,14 @@ "_v1_dot_policy__pb2.google_dot_iam_dot_v1_dot_policy__pb2._POLICY", ) +s.replace( + "google/cloud/asset_v*/proto/assets_pb2.py", + "_IAMPOLICYSEARCHRESULT\.fields_by_name\['policy'\]\.message_type " + "= google_dot_iam_dot_v1_dot_policy__pb2\._POLICY", + "_IAMPOLICYSEARCHRESULT.fields_by_name['policy'].message_type = google_dot_iam_dot" + "_v1_dot_policy__pb2.google_dot_iam_dot_v1_dot_policy__pb2._POLICY", +) + s.replace( "google/cloud/asset_v*/proto/assets_pb2.py", "_IAMPOLICYANALYSISRESULT\.fields_by_name\['iam_binding'\]\.message_type " @@ -88,7 +96,7 @@ s.replace( "google/cloud/**/asset_service_client.py", "google-cloud-cloudasset", - "google-cloud-asset" + "google-cloud-asset", ) # Fix docstrings with no summary line s.replace( @@ -98,10 +106,72 @@ Attributes:''', ) +# Fix accesscontextmanager and orgpolicy imports +s.replace( + "google/cloud/asset_v1/types.py", + "from google\.cloud\.asset_v1\.proto import ((access_level_pb2)|(service_perimeter_pb2)|(access_policy_pb2))", + "from google.identity.accesscontextmanager.v1 import \g<1>", +) + +s.replace( + "google/cloud/asset_v1/types.py", + "from google\.cloud\.asset_v1\.proto import orgpolicy_pb2", + "from google.cloud.orgpolicy.v1 import orgpolicy_pb2", +) + +# Glue in Project Path Method. +# TODO: Remove during microgenerator transition +count = s.replace( + [ + "google/cloud/asset_v1/gapic/asset_service_client.py", + "google/cloud/asset_v1beta1/gapic/asset_service_client.py", + ], + "(def __init__\()", + '''@classmethod + def project_path(cls, project): + """Return a fully-qualified project string.""" + return google.api_core.path_template.expand( + "projects/{project}", project=project + ) + \g<1>''', +) +if count != 2: + raise Exception("``project_path`` method not added.") + +# Keep same parameter order to avoid breaking existing calls +# Not re-ordering the docstring as that is more likely to break +# TODO: Remove during microgenerator transition +count = s.replace( + [ + "google/cloud/asset_v1/gapic/asset_service_client.py", + "google/cloud/asset_v1beta1/gapic/asset_service_client.py", + ], + """def batch_get_assets_history\( + self, + parent, + asset_names=None, + content_type=None, + read_time_window=None, + retry=google\.api_core\.gapic_v1\.method\.DEFAULT, + timeout=google\.api_core\.gapic_v1\.method\.DEFAULT, + metadata=None\):""", + """def batch_get_assets_history( + self, + parent, + content_type=None, + read_time_window=None, + asset_names=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None):""", +) +if count != 2: + raise Exception("Parameter order replace not made.") + # ---------------------------------------------------------------------------- # Add templated files # ---------------------------------------------------------------------------- -templated_files = gcp.CommonTemplates().py_library(unit_cov_level=79, cov_level=80, system_test_dependencies=["test_utils"]) +templated_files = gcp.CommonTemplates().py_library(unit_cov_level=79, cov_level=80) s.move(templated_files) -s.shell.run(["nox", "-s", "blacken"], hide_output=False) +#s.shell.run(["nox", "-s", "blacken"], hide_output=False) diff --git a/tests/unit/gapic/v1/test_asset_service_client_v1.py b/tests/unit/gapic/v1/test_asset_service_client_v1.py index 582d8935..74a965ef 100644 --- a/tests/unit/gapic/v1/test_asset_service_client_v1.py +++ b/tests/unit/gapic/v1/test_asset_service_client_v1.py @@ -22,9 +22,7 @@ from google.rpc import status_pb2 from google.cloud import asset_v1 -from google.cloud.asset_v1 import enums from google.cloud.asset_v1.proto import asset_service_pb2 -from google.cloud.asset_v1.proto import assets_pb2 from google.longrunning import operations_pb2 from google.protobuf import empty_pb2 from google.protobuf import field_mask_pb2 @@ -67,6 +65,37 @@ class CustomException(Exception): class TestAssetServiceClient(object): + def test_delete_feed(self): + channel = ChannelStub() + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = asset_v1.AssetServiceClient() + + # Setup Request + name = "name3373707" + + client.delete_feed(name) + + assert len(channel.requests) == 1 + expected_request = asset_service_pb2.DeleteFeedRequest(name=name) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_delete_feed_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = asset_v1.AssetServiceClient() + + # Setup request + name = "name3373707" + + with pytest.raises(CustomException): + client.delete_feed(name) + def test_export_assets(self): # Setup Expected Response expected_response = {} @@ -137,18 +166,12 @@ def test_batch_get_assets_history(self): # Setup Request parent = "parent-995424086" - content_type = enums.ContentType.CONTENT_TYPE_UNSPECIFIED - read_time_window = {} - response = client.batch_get_assets_history( - parent, content_type, read_time_window - ) + response = client.batch_get_assets_history(parent) assert expected_response == response assert len(channel.requests) == 1 - expected_request = asset_service_pb2.BatchGetAssetsHistoryRequest( - parent=parent, content_type=content_type, read_time_window=read_time_window - ) + expected_request = asset_service_pb2.BatchGetAssetsHistoryRequest(parent=parent) actual_request = channel.requests[0][1] assert expected_request == actual_request @@ -162,11 +185,9 @@ def test_batch_get_assets_history_exception(self): # Setup request parent = "parent-995424086" - content_type = enums.ContentType.CONTENT_TYPE_UNSPECIFIED - read_time_window = {} with pytest.raises(CustomException): - client.batch_get_assets_history(parent, content_type, read_time_window) + client.batch_get_assets_history(parent) def test_create_feed(self): # Setup Expected Response @@ -226,7 +247,7 @@ def test_get_feed(self): client = asset_v1.AssetServiceClient() # Setup Request - name = client.feed_path("[PROJECT]", "[FEED]") + name = "name3373707" response = client.get_feed(name) assert expected_response == response @@ -245,7 +266,7 @@ def test_get_feed_exception(self): client = asset_v1.AssetServiceClient() # Setup request - name = client.feed_path("[PROJECT]", "[FEED]") + name = "name3373707" with pytest.raises(CustomException): client.get_feed(name) @@ -328,34 +349,3 @@ def test_update_feed_exception(self): with pytest.raises(CustomException): client.update_feed(feed, update_mask) - - def test_delete_feed(self): - channel = ChannelStub() - patch = mock.patch("google.api_core.grpc_helpers.create_channel") - with patch as create_channel: - create_channel.return_value = channel - client = asset_v1.AssetServiceClient() - - # Setup Request - name = client.feed_path("[PROJECT]", "[FEED]") - - client.delete_feed(name) - - assert len(channel.requests) == 1 - expected_request = asset_service_pb2.DeleteFeedRequest(name=name) - actual_request = channel.requests[0][1] - assert expected_request == actual_request - - def test_delete_feed_exception(self): - # Mock the API response - channel = ChannelStub(responses=[CustomException()]) - patch = mock.patch("google.api_core.grpc_helpers.create_channel") - with patch as create_channel: - create_channel.return_value = channel - client = asset_v1.AssetServiceClient() - - # Setup request - name = client.feed_path("[PROJECT]", "[FEED]") - - with pytest.raises(CustomException): - client.delete_feed(name) diff --git a/tests/unit/gapic/v1beta1/test_asset_service_client_v1beta1.py b/tests/unit/gapic/v1beta1/test_asset_service_client_v1beta1.py index 060a0468..1876a3c6 100644 --- a/tests/unit/gapic/v1beta1/test_asset_service_client_v1beta1.py +++ b/tests/unit/gapic/v1beta1/test_asset_service_client_v1beta1.py @@ -22,9 +22,7 @@ from google.rpc import status_pb2 from google.cloud import asset_v1beta1 -from google.cloud.asset_v1beta1 import enums from google.cloud.asset_v1beta1.proto import asset_service_pb2 -from google.cloud.asset_v1beta1.proto import assets_pb2 from google.longrunning import operations_pb2 @@ -82,7 +80,7 @@ def test_export_assets(self): client = asset_v1beta1.AssetServiceClient() # Setup Request - parent = client.project_path("[PROJECT]") + parent = "parent-995424086" output_config = {} response = client.export_assets(parent, output_config) @@ -112,7 +110,7 @@ def test_export_assets_exception(self): client = asset_v1beta1.AssetServiceClient() # Setup Request - parent = client.project_path("[PROJECT]") + parent = "parent-995424086" output_config = {} response = client.export_assets(parent, output_config) @@ -134,19 +132,13 @@ def test_batch_get_assets_history(self): client = asset_v1beta1.AssetServiceClient() # Setup Request - parent = client.project_path("[PROJECT]") - content_type = enums.ContentType.CONTENT_TYPE_UNSPECIFIED - read_time_window = {} + parent = "parent-995424086" - response = client.batch_get_assets_history( - parent, content_type, read_time_window - ) + response = client.batch_get_assets_history(parent) assert expected_response == response assert len(channel.requests) == 1 - expected_request = asset_service_pb2.BatchGetAssetsHistoryRequest( - parent=parent, content_type=content_type, read_time_window=read_time_window - ) + expected_request = asset_service_pb2.BatchGetAssetsHistoryRequest(parent=parent) actual_request = channel.requests[0][1] assert expected_request == actual_request @@ -159,9 +151,7 @@ def test_batch_get_assets_history_exception(self): client = asset_v1beta1.AssetServiceClient() # Setup request - parent = client.project_path("[PROJECT]") - content_type = enums.ContentType.CONTENT_TYPE_UNSPECIFIED - read_time_window = {} + parent = "parent-995424086" with pytest.raises(CustomException): - client.batch_get_assets_history(parent, content_type, read_time_window) + client.batch_get_assets_history(parent) diff --git a/tests/unit/gapic/v1p2beta1/test_asset_service_client_v1p2beta1.py b/tests/unit/gapic/v1p2beta1/test_asset_service_client_v1p2beta1.py index 539d0fda..16b62bae 100644 --- a/tests/unit/gapic/v1p2beta1/test_asset_service_client_v1p2beta1.py +++ b/tests/unit/gapic/v1p2beta1/test_asset_service_client_v1p2beta1.py @@ -62,6 +62,37 @@ class CustomException(Exception): class TestAssetServiceClient(object): + def test_delete_feed(self): + channel = ChannelStub() + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = asset_v1p2beta1.AssetServiceClient() + + # Setup Request + name = "name3373707" + + client.delete_feed(name) + + assert len(channel.requests) == 1 + expected_request = asset_service_pb2.DeleteFeedRequest(name=name) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_delete_feed_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = asset_v1p2beta1.AssetServiceClient() + + # Setup request + name = "name3373707" + + with pytest.raises(CustomException): + client.delete_feed(name) + def test_create_feed(self): # Setup Expected Response name = "name3373707" @@ -120,7 +151,7 @@ def test_get_feed(self): client = asset_v1p2beta1.AssetServiceClient() # Setup Request - name = client.feed_path("[PROJECT]", "[FEED]") + name = "name3373707" response = client.get_feed(name) assert expected_response == response @@ -139,7 +170,7 @@ def test_get_feed_exception(self): client = asset_v1p2beta1.AssetServiceClient() # Setup request - name = client.feed_path("[PROJECT]", "[FEED]") + name = "name3373707" with pytest.raises(CustomException): client.get_feed(name) @@ -222,34 +253,3 @@ def test_update_feed_exception(self): with pytest.raises(CustomException): client.update_feed(feed, update_mask) - - def test_delete_feed(self): - channel = ChannelStub() - patch = mock.patch("google.api_core.grpc_helpers.create_channel") - with patch as create_channel: - create_channel.return_value = channel - client = asset_v1p2beta1.AssetServiceClient() - - # Setup Request - name = client.feed_path("[PROJECT]", "[FEED]") - - client.delete_feed(name) - - assert len(channel.requests) == 1 - expected_request = asset_service_pb2.DeleteFeedRequest(name=name) - actual_request = channel.requests[0][1] - assert expected_request == actual_request - - def test_delete_feed_exception(self): - # Mock the API response - channel = ChannelStub(responses=[CustomException()]) - patch = mock.patch("google.api_core.grpc_helpers.create_channel") - with patch as create_channel: - create_channel.return_value = channel - client = asset_v1p2beta1.AssetServiceClient() - - # Setup request - name = client.feed_path("[PROJECT]", "[FEED]") - - with pytest.raises(CustomException): - client.delete_feed(name) diff --git a/tests/unit/gapic/v1p4beta1/test_asset_service_client_v1p4beta1.py b/tests/unit/gapic/v1p4beta1/test_asset_service_client_v1p4beta1.py index 2af93af0..0268174b 100644 --- a/tests/unit/gapic/v1p4beta1/test_asset_service_client_v1p4beta1.py +++ b/tests/unit/gapic/v1p4beta1/test_asset_service_client_v1p4beta1.py @@ -63,48 +63,6 @@ class CustomException(Exception): class TestAssetServiceClient(object): - def test_analyze_iam_policy(self): - # Setup Expected Response - fully_explored = True - expected_response = {"fully_explored": fully_explored} - expected_response = asset_service_pb2.AnalyzeIamPolicyResponse( - **expected_response - ) - - # Mock the API response - channel = ChannelStub(responses=[expected_response]) - patch = mock.patch("google.api_core.grpc_helpers.create_channel") - with patch as create_channel: - create_channel.return_value = channel - client = asset_v1p4beta1.AssetServiceClient() - - # Setup Request - analysis_query = {} - - response = client.analyze_iam_policy(analysis_query) - assert expected_response == response - - assert len(channel.requests) == 1 - expected_request = asset_service_pb2.AnalyzeIamPolicyRequest( - analysis_query=analysis_query - ) - actual_request = channel.requests[0][1] - assert expected_request == actual_request - - def test_analyze_iam_policy_exception(self): - # Mock the API response - channel = ChannelStub(responses=[CustomException()]) - patch = mock.patch("google.api_core.grpc_helpers.create_channel") - with patch as create_channel: - create_channel.return_value = channel - client = asset_v1p4beta1.AssetServiceClient() - - # Setup request - analysis_query = {} - - with pytest.raises(CustomException): - client.analyze_iam_policy(analysis_query) - def test_export_iam_policy_analysis(self): # Setup Expected Response expected_response = {} @@ -160,3 +118,45 @@ def test_export_iam_policy_analysis_exception(self): response = client.export_iam_policy_analysis(analysis_query, output_config) exception = response.exception() assert exception.errors[0] == error + + def test_analyze_iam_policy(self): + # Setup Expected Response + fully_explored = True + expected_response = {"fully_explored": fully_explored} + expected_response = asset_service_pb2.AnalyzeIamPolicyResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = asset_v1p4beta1.AssetServiceClient() + + # Setup Request + analysis_query = {} + + response = client.analyze_iam_policy(analysis_query) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = asset_service_pb2.AnalyzeIamPolicyRequest( + analysis_query=analysis_query + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_analyze_iam_policy_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = asset_v1p4beta1.AssetServiceClient() + + # Setup request + analysis_query = {} + + with pytest.raises(CustomException): + client.analyze_iam_policy(analysis_query)