1// Copyright 2021 Google LLC. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5// Code generated file. DO NOT EDIT. 6 7// Package cloudasset provides access to the Cloud Asset API. 8// 9// For product documentation, see: https://cloud.google.com/asset-inventory/docs/quickstart 10// 11// Creating a client 12// 13// Usage example: 14// 15// import "google.golang.org/api/cloudasset/v1" 16// ... 17// ctx := context.Background() 18// cloudassetService, err := cloudasset.NewService(ctx) 19// 20// In this example, Google Application Default Credentials are used for authentication. 21// 22// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 23// 24// Other authentication options 25// 26// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey: 27// 28// cloudassetService, err := cloudasset.NewService(ctx, option.WithAPIKey("AIza...")) 29// 30// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource: 31// 32// config := &oauth2.Config{...} 33// // ... 34// token, err := config.Exchange(ctx, ...) 35// cloudassetService, err := cloudasset.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 36// 37// See https://godoc.org/google.golang.org/api/option/ for details on options. 38package cloudasset // import "google.golang.org/api/cloudasset/v1" 39 40import ( 41 "bytes" 42 "context" 43 "encoding/json" 44 "errors" 45 "fmt" 46 "io" 47 "net/http" 48 "net/url" 49 "strconv" 50 "strings" 51 52 googleapi "google.golang.org/api/googleapi" 53 gensupport "google.golang.org/api/internal/gensupport" 54 option "google.golang.org/api/option" 55 internaloption "google.golang.org/api/option/internaloption" 56 htransport "google.golang.org/api/transport/http" 57) 58 59// Always reference these packages, just in case the auto-generated code 60// below doesn't. 61var _ = bytes.NewBuffer 62var _ = strconv.Itoa 63var _ = fmt.Sprintf 64var _ = json.NewDecoder 65var _ = io.Copy 66var _ = url.Parse 67var _ = gensupport.MarshalJSON 68var _ = googleapi.Version 69var _ = errors.New 70var _ = strings.Replace 71var _ = context.Canceled 72var _ = internaloption.WithDefaultEndpoint 73 74const apiId = "cloudasset:v1" 75const apiName = "cloudasset" 76const apiVersion = "v1" 77const basePath = "https://cloudasset.googleapis.com/" 78const mtlsBasePath = "https://cloudasset.mtls.googleapis.com/" 79 80// OAuth2 scopes used by this API. 81const ( 82 // See, edit, configure, and delete your Google Cloud data and see the 83 // email address for your Google Account. 84 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 85) 86 87// NewService creates a new Service. 88func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 89 scopesOption := option.WithScopes( 90 "https://www.googleapis.com/auth/cloud-platform", 91 ) 92 // NOTE: prepend, so we don't override user-specified scopes. 93 opts = append([]option.ClientOption{scopesOption}, opts...) 94 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 95 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 96 client, endpoint, err := htransport.NewClient(ctx, opts...) 97 if err != nil { 98 return nil, err 99 } 100 s, err := New(client) 101 if err != nil { 102 return nil, err 103 } 104 if endpoint != "" { 105 s.BasePath = endpoint 106 } 107 return s, nil 108} 109 110// New creates a new Service. It uses the provided http.Client for requests. 111// 112// Deprecated: please use NewService instead. 113// To provide a custom HTTP client, use option.WithHTTPClient. 114// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 115func New(client *http.Client) (*Service, error) { 116 if client == nil { 117 return nil, errors.New("client is nil") 118 } 119 s := &Service{client: client, BasePath: basePath} 120 s.Assets = NewAssetsService(s) 121 s.Feeds = NewFeedsService(s) 122 s.Operations = NewOperationsService(s) 123 s.V1 = NewV1Service(s) 124 return s, nil 125} 126 127type Service struct { 128 client *http.Client 129 BasePath string // API endpoint base URL 130 UserAgent string // optional additional User-Agent fragment 131 132 Assets *AssetsService 133 134 Feeds *FeedsService 135 136 Operations *OperationsService 137 138 V1 *V1Service 139} 140 141func (s *Service) userAgent() string { 142 if s.UserAgent == "" { 143 return googleapi.UserAgent 144 } 145 return googleapi.UserAgent + " " + s.UserAgent 146} 147 148func NewAssetsService(s *Service) *AssetsService { 149 rs := &AssetsService{s: s} 150 return rs 151} 152 153type AssetsService struct { 154 s *Service 155} 156 157func NewFeedsService(s *Service) *FeedsService { 158 rs := &FeedsService{s: s} 159 return rs 160} 161 162type FeedsService struct { 163 s *Service 164} 165 166func NewOperationsService(s *Service) *OperationsService { 167 rs := &OperationsService{s: s} 168 return rs 169} 170 171type OperationsService struct { 172 s *Service 173} 174 175func NewV1Service(s *Service) *V1Service { 176 rs := &V1Service{s: s} 177 return rs 178} 179 180type V1Service struct { 181 s *Service 182} 183 184// AccessSelector: Specifies roles and/or permissions to analyze, to 185// determine both the identities possessing them and the resources they 186// control. If multiple values are specified, results will include roles 187// or permissions matching any of them. The total number of roles and 188// permissions should be equal or less than 10. 189type AccessSelector struct { 190 // Permissions: Optional. The permissions to appear in result. 191 Permissions []string `json:"permissions,omitempty"` 192 193 // Roles: Optional. The roles to appear in result. 194 Roles []string `json:"roles,omitempty"` 195 196 // ForceSendFields is a list of field names (e.g. "Permissions") to 197 // unconditionally include in API requests. By default, fields with 198 // empty or default values are omitted from API requests. However, any 199 // non-pointer, non-interface field appearing in ForceSendFields will be 200 // sent to the server regardless of whether the field is empty or not. 201 // This may be used to include empty fields in Patch requests. 202 ForceSendFields []string `json:"-"` 203 204 // NullFields is a list of field names (e.g. "Permissions") to include 205 // in API requests with the JSON null value. By default, fields with 206 // empty values are omitted from API requests. However, any field with 207 // an empty value appearing in NullFields will be sent to the server as 208 // null. It is an error if a field in this list has a non-empty value. 209 // This may be used to include null fields in Patch requests. 210 NullFields []string `json:"-"` 211} 212 213func (s *AccessSelector) MarshalJSON() ([]byte, error) { 214 type NoMethod AccessSelector 215 raw := NoMethod(*s) 216 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 217} 218 219// AnalyzeIamPolicyLongrunningMetadata: Represents the metadata of the 220// longrunning operation for the AnalyzeIamPolicyLongrunning rpc. 221type AnalyzeIamPolicyLongrunningMetadata struct { 222 // CreateTime: Output only. The time the operation was created. 223 CreateTime string `json:"createTime,omitempty"` 224 225 // ForceSendFields is a list of field names (e.g. "CreateTime") to 226 // unconditionally include in API requests. By default, fields with 227 // empty or default values are omitted from API requests. However, any 228 // non-pointer, non-interface field appearing in ForceSendFields will be 229 // sent to the server regardless of whether the field is empty or not. 230 // This may be used to include empty fields in Patch requests. 231 ForceSendFields []string `json:"-"` 232 233 // NullFields is a list of field names (e.g. "CreateTime") to include in 234 // API requests with the JSON null value. By default, fields with empty 235 // values are omitted from API requests. However, any field with an 236 // empty value appearing in NullFields will be sent to the server as 237 // null. It is an error if a field in this list has a non-empty value. 238 // This may be used to include null fields in Patch requests. 239 NullFields []string `json:"-"` 240} 241 242func (s *AnalyzeIamPolicyLongrunningMetadata) MarshalJSON() ([]byte, error) { 243 type NoMethod AnalyzeIamPolicyLongrunningMetadata 244 raw := NoMethod(*s) 245 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 246} 247 248// AnalyzeIamPolicyLongrunningRequest: A request message for 249// AssetService.AnalyzeIamPolicyLongrunning. 250type AnalyzeIamPolicyLongrunningRequest struct { 251 // AnalysisQuery: Required. The request query. 252 AnalysisQuery *IamPolicyAnalysisQuery `json:"analysisQuery,omitempty"` 253 254 // OutputConfig: Required. Output configuration indicating where the 255 // results will be output to. 256 OutputConfig *IamPolicyAnalysisOutputConfig `json:"outputConfig,omitempty"` 257 258 // ForceSendFields is a list of field names (e.g. "AnalysisQuery") to 259 // unconditionally include in API requests. By default, fields with 260 // empty or default values are omitted from API requests. However, any 261 // non-pointer, non-interface field appearing in ForceSendFields will be 262 // sent to the server regardless of whether the field is empty or not. 263 // This may be used to include empty fields in Patch requests. 264 ForceSendFields []string `json:"-"` 265 266 // NullFields is a list of field names (e.g. "AnalysisQuery") to include 267 // in API requests with the JSON null value. By default, fields with 268 // empty values are omitted from API requests. However, any field with 269 // an empty value appearing in NullFields will be sent to the server as 270 // null. It is an error if a field in this list has a non-empty value. 271 // This may be used to include null fields in Patch requests. 272 NullFields []string `json:"-"` 273} 274 275func (s *AnalyzeIamPolicyLongrunningRequest) MarshalJSON() ([]byte, error) { 276 type NoMethod AnalyzeIamPolicyLongrunningRequest 277 raw := NoMethod(*s) 278 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 279} 280 281// AnalyzeIamPolicyLongrunningResponse: A response message for 282// AssetService.AnalyzeIamPolicyLongrunning. 283type AnalyzeIamPolicyLongrunningResponse struct { 284} 285 286// AnalyzeIamPolicyResponse: A response message for 287// AssetService.AnalyzeIamPolicy. 288type AnalyzeIamPolicyResponse struct { 289 // FullyExplored: Represents whether all entries in the main_analysis 290 // and service_account_impersonation_analysis have been fully explored 291 // to answer the query in the request. 292 FullyExplored bool `json:"fullyExplored,omitempty"` 293 294 // MainAnalysis: The main analysis that matches the original request. 295 MainAnalysis *IamPolicyAnalysis `json:"mainAnalysis,omitempty"` 296 297 // ServiceAccountImpersonationAnalysis: The service account 298 // impersonation analysis if 299 // AnalyzeIamPolicyRequest.analyze_service_account_impersonation is 300 // enabled. 301 ServiceAccountImpersonationAnalysis []*IamPolicyAnalysis `json:"serviceAccountImpersonationAnalysis,omitempty"` 302 303 // ServerResponse contains the HTTP response code and headers from the 304 // server. 305 googleapi.ServerResponse `json:"-"` 306 307 // ForceSendFields is a list of field names (e.g. "FullyExplored") to 308 // unconditionally include in API requests. By default, fields with 309 // empty or default values are omitted from API requests. However, any 310 // non-pointer, non-interface field appearing in ForceSendFields will be 311 // sent to the server regardless of whether the field is empty or not. 312 // This may be used to include empty fields in Patch requests. 313 ForceSendFields []string `json:"-"` 314 315 // NullFields is a list of field names (e.g. "FullyExplored") to include 316 // in API requests with the JSON null value. By default, fields with 317 // empty values are omitted from API requests. However, any field with 318 // an empty value appearing in NullFields will be sent to the server as 319 // null. It is an error if a field in this list has a non-empty value. 320 // This may be used to include null fields in Patch requests. 321 NullFields []string `json:"-"` 322} 323 324func (s *AnalyzeIamPolicyResponse) MarshalJSON() ([]byte, error) { 325 type NoMethod AnalyzeIamPolicyResponse 326 raw := NoMethod(*s) 327 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 328} 329 330// AnalyzeMoveResponse: The response message for resource move analysis. 331type AnalyzeMoveResponse struct { 332 // MoveAnalysis: The list of analyses returned from performing the 333 // intended resource move analysis. The analysis is grouped by different 334 // Cloud services. 335 MoveAnalysis []*MoveAnalysis `json:"moveAnalysis,omitempty"` 336 337 // ServerResponse contains the HTTP response code and headers from the 338 // server. 339 googleapi.ServerResponse `json:"-"` 340 341 // ForceSendFields is a list of field names (e.g. "MoveAnalysis") to 342 // unconditionally include in API requests. By default, fields with 343 // empty or default values are omitted from API requests. However, any 344 // non-pointer, non-interface field appearing in ForceSendFields will be 345 // sent to the server regardless of whether the field is empty or not. 346 // This may be used to include empty fields in Patch requests. 347 ForceSendFields []string `json:"-"` 348 349 // NullFields is a list of field names (e.g. "MoveAnalysis") to include 350 // in API requests with the JSON null value. By default, fields with 351 // empty values are omitted from API requests. However, any field with 352 // an empty value appearing in NullFields will be sent to the server as 353 // null. It is an error if a field in this list has a non-empty value. 354 // This may be used to include null fields in Patch requests. 355 NullFields []string `json:"-"` 356} 357 358func (s *AnalyzeMoveResponse) MarshalJSON() ([]byte, error) { 359 type NoMethod AnalyzeMoveResponse 360 raw := NoMethod(*s) 361 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 362} 363 364// Asset: An asset in Google Cloud. An asset can be any resource in the 365// Google Cloud resource hierarchy 366// (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 367// a resource outside the Google Cloud resource hierarchy (such as 368// Google Kubernetes Engine clusters and objects), or a policy (e.g. 369// Cloud IAM policy), or a relationship (e.g. an 370// INSTANCE_TO_INSTANCEGROUP relationship). See Supported asset types 371// (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 372// for more information. 373type Asset struct { 374 // AccessLevel: Please also refer to the access level user guide 375 // (https://cloud.google.com/access-context-manager/docs/overview#access-levels). 376 AccessLevel *GoogleIdentityAccesscontextmanagerV1AccessLevel `json:"accessLevel,omitempty"` 377 378 // AccessPolicy: Please also refer to the access policy user guide 379 // (https://cloud.google.com/access-context-manager/docs/overview#access-policies). 380 AccessPolicy *GoogleIdentityAccesscontextmanagerV1AccessPolicy `json:"accessPolicy,omitempty"` 381 382 // Ancestors: The ancestry path of an asset in Google Cloud resource 383 // hierarchy 384 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 385 // represented as a list of relative resource names. An ancestry path 386 // starts with the closest ancestor in the hierarchy and ends at root. 387 // If the asset is a project, folder, or organization, the ancestry path 388 // starts from the asset itself. Example: `["projects/123456789", 389 // "folders/5432", "organizations/1234"]` 390 Ancestors []string `json:"ancestors,omitempty"` 391 392 // AssetType: The type of the asset. Example: 393 // `compute.googleapis.com/Disk` See Supported asset types 394 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 395 // for more information. 396 AssetType string `json:"assetType,omitempty"` 397 398 // IamPolicy: A representation of the Cloud IAM policy set on a Google 399 // Cloud resource. There can be a maximum of one Cloud IAM policy set on 400 // any given resource. In addition, Cloud IAM policies inherit their 401 // granted access scope from any policies set on parent resources in the 402 // resource hierarchy. Therefore, the effectively policy is the union of 403 // both the policy set on this resource and each policy set on all of 404 // the resource's ancestry resource levels in the hierarchy. See this 405 // topic (https://cloud.google.com/iam/docs/policies#inheritance) for 406 // more information. 407 IamPolicy *Policy `json:"iamPolicy,omitempty"` 408 409 // Name: The full name of the asset. Example: 410 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 411 // s/instance1` See Resource names 412 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 413 // for more information. 414 Name string `json:"name,omitempty"` 415 416 // OrgPolicy: A representation of an organization policy 417 // (https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). 418 // There can be more than one organization policy with different 419 // constraints set on a given resource. 420 OrgPolicy []*GoogleCloudOrgpolicyV1Policy `json:"orgPolicy,omitempty"` 421 422 // OsInventory: A representation of runtime OS Inventory information. 423 // See this topic 424 // (https://cloud.google.com/compute/docs/instances/os-inventory-management) 425 // for more information. 426 OsInventory *Inventory `json:"osInventory,omitempty"` 427 428 // RelatedAssets: The related assets of the asset of one relationship 429 // type. One asset only represents one type of relationship. 430 RelatedAssets *RelatedAssets `json:"relatedAssets,omitempty"` 431 432 // Resource: A representation of the resource. 433 Resource *Resource `json:"resource,omitempty"` 434 435 // ServicePerimeter: Please also refer to the service perimeter user 436 // guide (https://cloud.google.com/vpc-service-controls/docs/overview). 437 ServicePerimeter *GoogleIdentityAccesscontextmanagerV1ServicePerimeter `json:"servicePerimeter,omitempty"` 438 439 // UpdateTime: The last update timestamp of an asset. update_time is 440 // updated when create/update/delete operation is performed. 441 UpdateTime string `json:"updateTime,omitempty"` 442 443 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 444 // unconditionally include in API requests. By default, fields with 445 // empty or default values are omitted from API requests. However, any 446 // non-pointer, non-interface field appearing in ForceSendFields will be 447 // sent to the server regardless of whether the field is empty or not. 448 // This may be used to include empty fields in Patch requests. 449 ForceSendFields []string `json:"-"` 450 451 // NullFields is a list of field names (e.g. "AccessLevel") to include 452 // in API requests with the JSON null value. By default, fields with 453 // empty values are omitted from API requests. However, any field with 454 // an empty value appearing in NullFields will be sent to the server as 455 // null. It is an error if a field in this list has a non-empty value. 456 // This may be used to include null fields in Patch requests. 457 NullFields []string `json:"-"` 458} 459 460func (s *Asset) MarshalJSON() ([]byte, error) { 461 type NoMethod Asset 462 raw := NoMethod(*s) 463 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 464} 465 466// AttachedResource: Attached resource representation, which is defined 467// by the corresponding service provider. It represents an attached 468// resource's payload. 469type AttachedResource struct { 470 // AssetType: The type of this attached resource. Example: 471 // `osconfig.googleapis.com/Inventory` You can find the supported 472 // attached asset types of each resource in this table: 473 // `https://cloud.google.com/asset-inventory/docs/supported-asset-types#s 474 // earchable_asset_types` 475 AssetType string `json:"assetType,omitempty"` 476 477 // VersionedResources: Versioned resource representations of this 478 // attached resource. This is repeated because there could be multiple 479 // versions of the attached resource representations during version 480 // migration. 481 VersionedResources []*VersionedResource `json:"versionedResources,omitempty"` 482 483 // ForceSendFields is a list of field names (e.g. "AssetType") to 484 // unconditionally include in API requests. By default, fields with 485 // empty or default values are omitted from API requests. However, any 486 // non-pointer, non-interface field appearing in ForceSendFields will be 487 // sent to the server regardless of whether the field is empty or not. 488 // This may be used to include empty fields in Patch requests. 489 ForceSendFields []string `json:"-"` 490 491 // NullFields is a list of field names (e.g. "AssetType") to include in 492 // API requests with the JSON null value. By default, fields with empty 493 // values are omitted from API requests. However, any field with an 494 // empty value appearing in NullFields will be sent to the server as 495 // null. It is an error if a field in this list has a non-empty value. 496 // This may be used to include null fields in Patch requests. 497 NullFields []string `json:"-"` 498} 499 500func (s *AttachedResource) MarshalJSON() ([]byte, error) { 501 type NoMethod AttachedResource 502 raw := NoMethod(*s) 503 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 504} 505 506// AuditConfig: Specifies the audit configuration for a service. The 507// configuration determines which permission types are logged, and what 508// identities, if any, are exempted from logging. An AuditConfig must 509// have one or more AuditLogConfigs. If there are AuditConfigs for both 510// `allServices` and a specific service, the union of the two 511// AuditConfigs is used for that service: the log_types specified in 512// each AuditConfig are enabled, and the exempted_members in each 513// AuditLogConfig are exempted. Example Policy with multiple 514// AuditConfigs: { "audit_configs": [ { "service": "allServices", 515// "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": 516// [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { 517// "log_type": "ADMIN_READ" } ] }, { "service": 518// "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": 519// "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ 520// "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy 521// enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts 522// jose@example.com from DATA_READ logging, and aliya@example.com from 523// DATA_WRITE logging. 524type AuditConfig struct { 525 // AuditLogConfigs: The configuration for logging of each type of 526 // permission. 527 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 528 529 // Service: Specifies a service that will be enabled for audit logging. 530 // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. 531 // `allServices` is a special value that covers all services. 532 Service string `json:"service,omitempty"` 533 534 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 535 // unconditionally include in API requests. By default, fields with 536 // empty or default values are omitted from API requests. However, any 537 // non-pointer, non-interface field appearing in ForceSendFields will be 538 // sent to the server regardless of whether the field is empty or not. 539 // This may be used to include empty fields in Patch requests. 540 ForceSendFields []string `json:"-"` 541 542 // NullFields is a list of field names (e.g. "AuditLogConfigs") to 543 // include in API requests with the JSON null value. By default, fields 544 // with empty values are omitted from API requests. However, any field 545 // with an empty value appearing in NullFields will be sent to the 546 // server as null. It is an error if a field in this list has a 547 // non-empty value. This may be used to include null fields in Patch 548 // requests. 549 NullFields []string `json:"-"` 550} 551 552func (s *AuditConfig) MarshalJSON() ([]byte, error) { 553 type NoMethod AuditConfig 554 raw := NoMethod(*s) 555 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 556} 557 558// AuditLogConfig: Provides the configuration for logging a type of 559// permissions. Example: { "audit_log_configs": [ { "log_type": 560// "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { 561// "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 562// 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ 563// logging. 564type AuditLogConfig struct { 565 // ExemptedMembers: Specifies the identities that do not cause logging 566 // for this type of permission. Follows the same format of 567 // Binding.members. 568 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 569 570 // LogType: The log type that this config enables. 571 // 572 // Possible values: 573 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 574 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 575 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 576 // "DATA_READ" - Data reads. Example: CloudSQL Users list 577 LogType string `json:"logType,omitempty"` 578 579 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 580 // unconditionally include in API requests. By default, fields with 581 // empty or default values are omitted from API requests. However, any 582 // non-pointer, non-interface field appearing in ForceSendFields will be 583 // sent to the server regardless of whether the field is empty or not. 584 // This may be used to include empty fields in Patch requests. 585 ForceSendFields []string `json:"-"` 586 587 // NullFields is a list of field names (e.g. "ExemptedMembers") to 588 // include in API requests with the JSON null value. By default, fields 589 // with empty values are omitted from API requests. However, any field 590 // with an empty value appearing in NullFields will be sent to the 591 // server as null. It is an error if a field in this list has a 592 // non-empty value. This may be used to include null fields in Patch 593 // requests. 594 NullFields []string `json:"-"` 595} 596 597func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 598 type NoMethod AuditLogConfig 599 raw := NoMethod(*s) 600 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 601} 602 603// BatchGetAssetsHistoryResponse: Batch get assets history response. 604type BatchGetAssetsHistoryResponse struct { 605 // Assets: A list of assets with valid time windows. 606 Assets []*TemporalAsset `json:"assets,omitempty"` 607 608 // ServerResponse contains the HTTP response code and headers from the 609 // server. 610 googleapi.ServerResponse `json:"-"` 611 612 // ForceSendFields is a list of field names (e.g. "Assets") to 613 // unconditionally include in API requests. By default, fields with 614 // empty or default values are omitted from API requests. However, any 615 // non-pointer, non-interface field appearing in ForceSendFields will be 616 // sent to the server regardless of whether the field is empty or not. 617 // This may be used to include empty fields in Patch requests. 618 ForceSendFields []string `json:"-"` 619 620 // NullFields is a list of field names (e.g. "Assets") to include in API 621 // requests with the JSON null value. By default, fields with empty 622 // values are omitted from API requests. However, any field with an 623 // empty value appearing in NullFields will be sent to the server as 624 // null. It is an error if a field in this list has a non-empty value. 625 // This may be used to include null fields in Patch requests. 626 NullFields []string `json:"-"` 627} 628 629func (s *BatchGetAssetsHistoryResponse) MarshalJSON() ([]byte, error) { 630 type NoMethod BatchGetAssetsHistoryResponse 631 raw := NoMethod(*s) 632 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 633} 634 635// BigQueryDestination: A BigQuery destination for exporting assets to. 636type BigQueryDestination struct { 637 // Dataset: Required. The BigQuery dataset in format 638 // "projects/projectId/datasets/datasetId", to which the snapshot result 639 // should be exported. If this dataset does not exist, the export call 640 // returns an INVALID_ARGUMENT error. 641 Dataset string `json:"dataset,omitempty"` 642 643 // Force: If the destination table already exists and this flag is 644 // `TRUE`, the table will be overwritten by the contents of assets 645 // snapshot. If the flag is `FALSE` or unset and the destination table 646 // already exists, the export call returns an INVALID_ARGUMEMT error. 647 Force bool `json:"force,omitempty"` 648 649 // PartitionSpec: [partition_spec] determines whether to export to 650 // partitioned table(s) and how to partition the data. If 651 // [partition_spec] is unset or [partition_spec.partition_key] is unset 652 // or `PARTITION_KEY_UNSPECIFIED`, the snapshot results will be exported 653 // to non-partitioned table(s). [force] will decide whether to overwrite 654 // existing table(s). If [partition_spec] is specified. First, the 655 // snapshot results will be written to partitioned table(s) with two 656 // additional timestamp columns, readTime and requestTime, one of which 657 // will be the partition key. Secondly, in the case when any destination 658 // table already exists, it will first try to update existing table's 659 // schema as necessary by appending additional columns. Then, if [force] 660 // is `TRUE`, the corresponding partition will be overwritten by the 661 // snapshot results (data in different partitions will remain intact); 662 // if [force] is unset or `FALSE`, it will append the data. An error 663 // will be returned if the schema update or data appension fails. 664 PartitionSpec *PartitionSpec `json:"partitionSpec,omitempty"` 665 666 // SeparateTablesPerAssetType: If this flag is `TRUE`, the snapshot 667 // results will be written to one or multiple tables, each of which 668 // contains results of one asset type. The [force] and [partition_spec] 669 // fields will apply to each of them. Field [table] will be concatenated 670 // with "_" and the asset type names (see 671 // https://cloud.google.com/asset-inventory/docs/supported-asset-types 672 // for supported asset types) to construct per-asset-type table names, 673 // in which all non-alphanumeric characters like "." and "/" will be 674 // substituted by "_". Example: if field [table] is "mytable" and 675 // snapshot results contain "storage.googleapis.com/Bucket" assets, the 676 // corresponding table name will be 677 // "mytable_storage_googleapis_com_Bucket". If any of these tables does 678 // not exist, a new table with the concatenated name will be created. 679 // When [content_type] in the ExportAssetsRequest is `RESOURCE`, the 680 // schema of each table will include RECORD-type columns mapped to the 681 // nested fields in the Asset.resource.data field of that asset type (up 682 // to the 15 nested level BigQuery supports 683 // (https://cloud.google.com/bigquery/docs/nested-repeated#limitations)). 684 // The fields in >15 nested levels will be stored in JSON format string 685 // as a child column of its parent RECORD column. If error occurs when 686 // exporting to any table, the whole export call will return an error 687 // but the export results that already succeed will persist. Example: if 688 // exporting to table_type_A succeeds when exporting to table_type_B 689 // fails during one export call, the results in table_type_A will 690 // persist and there will not be partial results persisting in a table. 691 SeparateTablesPerAssetType bool `json:"separateTablesPerAssetType,omitempty"` 692 693 // Table: Required. The BigQuery table to which the snapshot result 694 // should be written. If this table does not exist, a new table with the 695 // given name will be created. 696 Table string `json:"table,omitempty"` 697 698 // ForceSendFields is a list of field names (e.g. "Dataset") to 699 // unconditionally include in API requests. By default, fields with 700 // empty or default values are omitted from API requests. However, any 701 // non-pointer, non-interface field appearing in ForceSendFields will be 702 // sent to the server regardless of whether the field is empty or not. 703 // This may be used to include empty fields in Patch requests. 704 ForceSendFields []string `json:"-"` 705 706 // NullFields is a list of field names (e.g. "Dataset") to include in 707 // API requests with the JSON null value. By default, fields with empty 708 // values are omitted from API requests. However, any field with an 709 // empty value appearing in NullFields will be sent to the server as 710 // null. It is an error if a field in this list has a non-empty value. 711 // This may be used to include null fields in Patch requests. 712 NullFields []string `json:"-"` 713} 714 715func (s *BigQueryDestination) MarshalJSON() ([]byte, error) { 716 type NoMethod BigQueryDestination 717 raw := NoMethod(*s) 718 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 719} 720 721// Binding: Associates `members` with a `role`. 722type Binding struct { 723 // Condition: The condition that is associated with this binding. If the 724 // condition evaluates to `true`, then this binding applies to the 725 // current request. If the condition evaluates to `false`, then this 726 // binding does not apply to the current request. However, a different 727 // role binding might grant the same role to one or more of the members 728 // in this binding. To learn which resources support conditions in their 729 // IAM policies, see the IAM documentation 730 // (https://cloud.google.com/iam/help/conditions/resource-policies). 731 Condition *Expr `json:"condition,omitempty"` 732 733 // Members: Specifies the identities requesting access for a Cloud 734 // Platform resource. `members` can have the following values: * 735 // `allUsers`: A special identifier that represents anyone who is on the 736 // internet; with or without a Google account. * 737 // `allAuthenticatedUsers`: A special identifier that represents anyone 738 // who is authenticated with a Google account or a service account. * 739 // `user:{emailid}`: An email address that represents a specific Google 740 // account. For example, `alice@example.com` . * 741 // `serviceAccount:{emailid}`: An email address that represents a 742 // service account. For example, 743 // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An 744 // email address that represents a Google group. For example, 745 // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An 746 // email address (plus unique identifier) representing a user that has 747 // been recently deleted. For example, 748 // `alice@example.com?uid=123456789012345678901`. If the user is 749 // recovered, this value reverts to `user:{emailid}` and the recovered 750 // user retains the role in the binding. * 751 // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address 752 // (plus unique identifier) representing a service account that has been 753 // recently deleted. For example, 754 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. 755 // If the service account is undeleted, this value reverts to 756 // `serviceAccount:{emailid}` and the undeleted service account retains 757 // the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: 758 // An email address (plus unique identifier) representing a Google group 759 // that has been recently deleted. For example, 760 // `admins@example.com?uid=123456789012345678901`. If the group is 761 // recovered, this value reverts to `group:{emailid}` and the recovered 762 // group retains the role in the binding. * `domain:{domain}`: The G 763 // Suite domain (primary) that represents all the users of that domain. 764 // For example, `google.com` or `example.com`. 765 Members []string `json:"members,omitempty"` 766 767 // Role: Role that is assigned to `members`. For example, 768 // `roles/viewer`, `roles/editor`, or `roles/owner`. 769 Role string `json:"role,omitempty"` 770 771 // ForceSendFields is a list of field names (e.g. "Condition") to 772 // unconditionally include in API requests. By default, fields with 773 // empty or default values are omitted from API requests. However, any 774 // non-pointer, non-interface field appearing in ForceSendFields will be 775 // sent to the server regardless of whether the field is empty or not. 776 // This may be used to include empty fields in Patch requests. 777 ForceSendFields []string `json:"-"` 778 779 // NullFields is a list of field names (e.g. "Condition") to include in 780 // API requests with the JSON null value. By default, fields with empty 781 // values are omitted from API requests. However, any field with an 782 // empty value appearing in NullFields will be sent to the server as 783 // null. It is an error if a field in this list has a non-empty value. 784 // This may be used to include null fields in Patch requests. 785 NullFields []string `json:"-"` 786} 787 788func (s *Binding) MarshalJSON() ([]byte, error) { 789 type NoMethod Binding 790 raw := NoMethod(*s) 791 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 792} 793 794// ConditionContext: The IAM conditions context. 795type ConditionContext struct { 796 // AccessTime: The hypothetical access timestamp to evaluate IAM 797 // conditions. Note that this value must not be earlier than the current 798 // time; otherwise, an INVALID_ARGUMENT error will be returned. 799 AccessTime string `json:"accessTime,omitempty"` 800 801 // ForceSendFields is a list of field names (e.g. "AccessTime") to 802 // unconditionally include in API requests. By default, fields with 803 // empty or default values are omitted from API requests. However, any 804 // non-pointer, non-interface field appearing in ForceSendFields will be 805 // sent to the server regardless of whether the field is empty or not. 806 // This may be used to include empty fields in Patch requests. 807 ForceSendFields []string `json:"-"` 808 809 // NullFields is a list of field names (e.g. "AccessTime") to include in 810 // API requests with the JSON null value. By default, fields with empty 811 // values are omitted from API requests. However, any field with an 812 // empty value appearing in NullFields will be sent to the server as 813 // null. It is an error if a field in this list has a non-empty value. 814 // This may be used to include null fields in Patch requests. 815 NullFields []string `json:"-"` 816} 817 818func (s *ConditionContext) MarshalJSON() ([]byte, error) { 819 type NoMethod ConditionContext 820 raw := NoMethod(*s) 821 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 822} 823 824// ConditionEvaluation: The Condition evaluation. 825type ConditionEvaluation struct { 826 // EvaluationValue: The evaluation result. 827 // 828 // Possible values: 829 // "EVALUATION_VALUE_UNSPECIFIED" - Reserved for future use. 830 // "TRUE" - The evaluation result is `true`. 831 // "FALSE" - The evaluation result is `false`. 832 // "CONDITIONAL" - The evaluation result is `conditional` when the 833 // condition expression contains variables that are either missing input 834 // values or have not been supported by Analyzer yet. 835 EvaluationValue string `json:"evaluationValue,omitempty"` 836 837 // ForceSendFields is a list of field names (e.g. "EvaluationValue") to 838 // unconditionally include in API requests. By default, fields with 839 // empty or default values are omitted from API requests. However, any 840 // non-pointer, non-interface field appearing in ForceSendFields will be 841 // sent to the server regardless of whether the field is empty or not. 842 // This may be used to include empty fields in Patch requests. 843 ForceSendFields []string `json:"-"` 844 845 // NullFields is a list of field names (e.g. "EvaluationValue") to 846 // include in API requests with the JSON null value. By default, fields 847 // with empty values are omitted from API requests. However, any field 848 // with an empty value appearing in NullFields will be sent to the 849 // server as null. It is an error if a field in this list has a 850 // non-empty value. This may be used to include null fields in Patch 851 // requests. 852 NullFields []string `json:"-"` 853} 854 855func (s *ConditionEvaluation) MarshalJSON() ([]byte, error) { 856 type NoMethod ConditionEvaluation 857 raw := NoMethod(*s) 858 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 859} 860 861// CreateFeedRequest: Create asset feed request. 862type CreateFeedRequest struct { 863 // Feed: Required. The feed details. The field `name` must be empty and 864 // it will be generated in the format of: 865 // projects/project_number/feeds/feed_id 866 // folders/folder_number/feeds/feed_id 867 // organizations/organization_number/feeds/feed_id 868 Feed *Feed `json:"feed,omitempty"` 869 870 // FeedId: Required. This is the client-assigned asset feed identifier 871 // and it needs to be unique under a specific parent 872 // project/folder/organization. 873 FeedId string `json:"feedId,omitempty"` 874 875 // ForceSendFields is a list of field names (e.g. "Feed") to 876 // unconditionally include in API requests. By default, fields with 877 // empty or default values are omitted from API requests. However, any 878 // non-pointer, non-interface field appearing in ForceSendFields will be 879 // sent to the server regardless of whether the field is empty or not. 880 // This may be used to include empty fields in Patch requests. 881 ForceSendFields []string `json:"-"` 882 883 // NullFields is a list of field names (e.g. "Feed") to include in API 884 // requests with the JSON null value. By default, fields with empty 885 // values are omitted from API requests. However, any field with an 886 // empty value appearing in NullFields will be sent to the server as 887 // null. It is an error if a field in this list has a non-empty value. 888 // This may be used to include null fields in Patch requests. 889 NullFields []string `json:"-"` 890} 891 892func (s *CreateFeedRequest) MarshalJSON() ([]byte, error) { 893 type NoMethod CreateFeedRequest 894 raw := NoMethod(*s) 895 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 896} 897 898// Date: Represents a whole or partial calendar date, such as a 899// birthday. The time of day and time zone are either specified 900// elsewhere or are insignificant. The date is relative to the Gregorian 901// Calendar. This can represent one of the following: * A full date, 902// with non-zero year, month, and day values * A month and day value, 903// with a zero year, such as an anniversary * A year on its own, with 904// zero month and day values * A year and month value, with a zero day, 905// such as a credit card expiration date Related types are 906// google.type.TimeOfDay and `google.protobuf.Timestamp`. 907type Date struct { 908 // Day: Day of a month. Must be from 1 to 31 and valid for the year and 909 // month, or 0 to specify a year by itself or a year and month where the 910 // day isn't significant. 911 Day int64 `json:"day,omitempty"` 912 913 // Month: Month of a year. Must be from 1 to 12, or 0 to specify a year 914 // without a month and day. 915 Month int64 `json:"month,omitempty"` 916 917 // Year: Year of the date. Must be from 1 to 9999, or 0 to specify a 918 // date without a year. 919 Year int64 `json:"year,omitempty"` 920 921 // ForceSendFields is a list of field names (e.g. "Day") to 922 // unconditionally include in API requests. By default, fields with 923 // empty or default values are omitted from API requests. However, any 924 // non-pointer, non-interface field appearing in ForceSendFields will be 925 // sent to the server regardless of whether the field is empty or not. 926 // This may be used to include empty fields in Patch requests. 927 ForceSendFields []string `json:"-"` 928 929 // NullFields is a list of field names (e.g. "Day") to include in API 930 // requests with the JSON null value. By default, fields with empty 931 // values are omitted from API requests. However, any field with an 932 // empty value appearing in NullFields will be sent to the server as 933 // null. It is an error if a field in this list has a non-empty value. 934 // This may be used to include null fields in Patch requests. 935 NullFields []string `json:"-"` 936} 937 938func (s *Date) MarshalJSON() ([]byte, error) { 939 type NoMethod Date 940 raw := NoMethod(*s) 941 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 942} 943 944// Empty: A generic empty message that you can re-use to avoid defining 945// duplicated empty messages in your APIs. A typical example is to use 946// it as the request or the response type of an API method. For 947// instance: service Foo { rpc Bar(google.protobuf.Empty) returns 948// (google.protobuf.Empty); } The JSON representation for `Empty` is 949// empty JSON object `{}`. 950type Empty struct { 951 // ServerResponse contains the HTTP response code and headers from the 952 // server. 953 googleapi.ServerResponse `json:"-"` 954} 955 956// Explanation: Explanation about the IAM policy search result. 957type Explanation struct { 958 // MatchedPermissions: The map from roles to their included permissions 959 // that match the permission query (i.e., a query containing 960 // `policy.role.permissions:`). Example: if query 961 // `policy.role.permissions:compute.disk.get` matches a policy binding 962 // that contains owner role, the matched_permissions will be 963 // `{"roles/owner": ["compute.disk.get"]}`. The roles can also be found 964 // in the returned `policy` bindings. Note that the map is populated 965 // only for requests with permission queries. 966 MatchedPermissions map[string]Permissions `json:"matchedPermissions,omitempty"` 967 968 // ForceSendFields is a list of field names (e.g. "MatchedPermissions") 969 // to unconditionally include in API requests. By default, fields with 970 // empty or default values are omitted from API requests. However, any 971 // non-pointer, non-interface field appearing in ForceSendFields will be 972 // sent to the server regardless of whether the field is empty or not. 973 // This may be used to include empty fields in Patch requests. 974 ForceSendFields []string `json:"-"` 975 976 // NullFields is a list of field names (e.g. "MatchedPermissions") to 977 // include in API requests with the JSON null value. By default, fields 978 // with empty values are omitted from API requests. However, any field 979 // with an empty value appearing in NullFields will be sent to the 980 // server as null. It is an error if a field in this list has a 981 // non-empty value. This may be used to include null fields in Patch 982 // requests. 983 NullFields []string `json:"-"` 984} 985 986func (s *Explanation) MarshalJSON() ([]byte, error) { 987 type NoMethod Explanation 988 raw := NoMethod(*s) 989 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 990} 991 992// ExportAssetsRequest: Export asset request. 993type ExportAssetsRequest struct { 994 // AssetTypes: A list of asset types to take a snapshot for. For 995 // example: "compute.googleapis.com/Disk". Regular expressions are also 996 // supported. For example: * "compute.googleapis.com.*" snapshots 997 // resources whose asset type starts with "compute.googleapis.com". * 998 // ".*Instance" snapshots resources whose asset type ends with 999 // "Instance". * ".*Instance.*" snapshots resources whose asset type 1000 // contains "Instance". See RE2 1001 // (https://github.com/google/re2/wiki/Syntax) for all supported regular 1002 // expression syntax. If the regular expression does not match any 1003 // supported asset type, an INVALID_ARGUMENT error will be returned. If 1004 // specified, only matching assets will be returned, otherwise, it will 1005 // snapshot all asset types. See Introduction to Cloud Asset Inventory 1006 // (https://cloud.google.com/asset-inventory/docs/overview) for all 1007 // supported asset types. 1008 AssetTypes []string `json:"assetTypes,omitempty"` 1009 1010 // ContentType: Asset content type. If not specified, no content but the 1011 // asset name will be returned. 1012 // 1013 // Possible values: 1014 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 1015 // "RESOURCE" - Resource metadata. 1016 // "IAM_POLICY" - The actual IAM policy set on a resource. 1017 // "ORG_POLICY" - The Cloud Organization Policy set on an asset. 1018 // "ACCESS_POLICY" - The Cloud Access context manager Policy set on an 1019 // asset. 1020 // "OS_INVENTORY" - The runtime OS Inventory information. 1021 // "RELATIONSHIP" - The related resources. 1022 ContentType string `json:"contentType,omitempty"` 1023 1024 // OutputConfig: Required. Output configuration indicating where the 1025 // results will be output to. 1026 OutputConfig *OutputConfig `json:"outputConfig,omitempty"` 1027 1028 // ReadTime: Timestamp to take an asset snapshot. This can only be set 1029 // to a timestamp between the current time and the current time minus 35 1030 // days (inclusive). If not specified, the current time will be used. 1031 // Due to delays in resource data collection and indexing, there is a 1032 // volatile window during which running the same query may get different 1033 // results. 1034 ReadTime string `json:"readTime,omitempty"` 1035 1036 // RelationshipTypes: A list of relationship types to export, for 1037 // example: `INSTANCE_TO_INSTANCEGROUP`. This field should only be 1038 // specified if content_type=RELATIONSHIP. * If specified: it snapshots 1039 // specified relationships. It returns an error if any of the 1040 // [relationship_types] doesn't belong to the supported relationship 1041 // types of the [asset_types] or if any of the [asset_types] doesn't 1042 // belong to the source types of the [relationship_types]. * Otherwise: 1043 // it snapshots the supported relationships for all [asset_types] or 1044 // returns an error if any of the [asset_types] has no relationship 1045 // support. An unspecified asset types field means all supported 1046 // asset_types. See Introduction to Cloud Asset Inventory 1047 // (https://cloud.google.com/asset-inventory/docs/overview) for all 1048 // supported asset types and relationship types. 1049 RelationshipTypes []string `json:"relationshipTypes,omitempty"` 1050 1051 // ForceSendFields is a list of field names (e.g. "AssetTypes") to 1052 // unconditionally include in API requests. By default, fields with 1053 // empty or default values are omitted from API requests. However, any 1054 // non-pointer, non-interface field appearing in ForceSendFields will be 1055 // sent to the server regardless of whether the field is empty or not. 1056 // This may be used to include empty fields in Patch requests. 1057 ForceSendFields []string `json:"-"` 1058 1059 // NullFields is a list of field names (e.g. "AssetTypes") to include in 1060 // API requests with the JSON null value. By default, fields with empty 1061 // values are omitted from API requests. However, any field with an 1062 // empty value appearing in NullFields will be sent to the server as 1063 // null. It is an error if a field in this list has a non-empty value. 1064 // This may be used to include null fields in Patch requests. 1065 NullFields []string `json:"-"` 1066} 1067 1068func (s *ExportAssetsRequest) MarshalJSON() ([]byte, error) { 1069 type NoMethod ExportAssetsRequest 1070 raw := NoMethod(*s) 1071 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1072} 1073 1074// Expr: Represents a textual expression in the Common Expression 1075// Language (CEL) syntax. CEL is a C-like expression language. The 1076// syntax and semantics of CEL are documented at 1077// https://github.com/google/cel-spec. Example (Comparison): title: 1078// "Summary size limit" description: "Determines if a summary is less 1079// than 100 chars" expression: "document.summary.size() < 100" Example 1080// (Equality): title: "Requestor is owner" description: "Determines if 1081// requestor is the document owner" expression: "document.owner == 1082// request.auth.claims.email" Example (Logic): title: "Public documents" 1083// description: "Determine whether the document should be publicly 1084// visible" expression: "document.type != 'private' && document.type != 1085// 'internal'" Example (Data Manipulation): title: "Notification string" 1086// description: "Create a notification string with a timestamp." 1087// expression: "'New message received at ' + 1088// string(document.create_time)" The exact variables and functions that 1089// may be referenced within an expression are determined by the service 1090// that evaluates it. See the service documentation for additional 1091// information. 1092type Expr struct { 1093 // Description: Optional. Description of the expression. This is a 1094 // longer text which describes the expression, e.g. when hovered over it 1095 // in a UI. 1096 Description string `json:"description,omitempty"` 1097 1098 // Expression: Textual representation of an expression in Common 1099 // Expression Language syntax. 1100 Expression string `json:"expression,omitempty"` 1101 1102 // Location: Optional. String indicating the location of the expression 1103 // for error reporting, e.g. a file name and a position in the file. 1104 Location string `json:"location,omitempty"` 1105 1106 // Title: Optional. Title for the expression, i.e. a short string 1107 // describing its purpose. This can be used e.g. in UIs which allow to 1108 // enter the expression. 1109 Title string `json:"title,omitempty"` 1110 1111 // ForceSendFields is a list of field names (e.g. "Description") to 1112 // unconditionally include in API requests. By default, fields with 1113 // empty or default values are omitted from API requests. However, any 1114 // non-pointer, non-interface field appearing in ForceSendFields will be 1115 // sent to the server regardless of whether the field is empty or not. 1116 // This may be used to include empty fields in Patch requests. 1117 ForceSendFields []string `json:"-"` 1118 1119 // NullFields is a list of field names (e.g. "Description") to include 1120 // in API requests with the JSON null value. By default, fields with 1121 // empty values are omitted from API requests. However, any field with 1122 // an empty value appearing in NullFields will be sent to the server as 1123 // null. It is an error if a field in this list has a non-empty value. 1124 // This may be used to include null fields in Patch requests. 1125 NullFields []string `json:"-"` 1126} 1127 1128func (s *Expr) MarshalJSON() ([]byte, error) { 1129 type NoMethod Expr 1130 raw := NoMethod(*s) 1131 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1132} 1133 1134// Feed: An asset feed used to export asset updates to a destinations. 1135// An asset feed filter controls what updates are exported. The asset 1136// feed must be created within a project, organization, or folder. 1137// Supported destinations are: Pub/Sub topics. 1138type Feed struct { 1139 // AssetNames: A list of the full names of the assets to receive 1140 // updates. You must specify either or both of asset_names and 1141 // asset_types. Only asset updates matching specified asset_names or 1142 // asset_types are exported to the feed. Example: 1143 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 1144 // s/instance1`. See Resource Names 1145 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 1146 // for more info. 1147 AssetNames []string `json:"assetNames,omitempty"` 1148 1149 // AssetTypes: A list of types of the assets to receive updates. You 1150 // must specify either or both of asset_names and asset_types. Only 1151 // asset updates matching specified asset_names or asset_types are 1152 // exported to the feed. Example: "compute.googleapis.com/Disk" See 1153 // this topic 1154 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 1155 // for a list of all supported asset types. 1156 AssetTypes []string `json:"assetTypes,omitempty"` 1157 1158 // Condition: A condition which determines whether an asset update 1159 // should be published. If specified, an asset will be returned only 1160 // when the expression evaluates to true. When set, `expression` field 1161 // in the `Expr` must be a valid [CEL expression] 1162 // (https://github.com/google/cel-spec) on a TemporalAsset with name 1163 // `temporal_asset`. Example: a Feed with expression 1164 // ("temporal_asset.deleted == true") will only publish Asset deletions. 1165 // Other fields of `Expr` are optional. See our user guide 1166 // (https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes-with-condition) 1167 // for detailed instructions. 1168 Condition *Expr `json:"condition,omitempty"` 1169 1170 // ContentType: Asset content type. If not specified, no content but the 1171 // asset name and type will be returned. 1172 // 1173 // Possible values: 1174 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 1175 // "RESOURCE" - Resource metadata. 1176 // "IAM_POLICY" - The actual IAM policy set on a resource. 1177 // "ORG_POLICY" - The Cloud Organization Policy set on an asset. 1178 // "ACCESS_POLICY" - The Cloud Access context manager Policy set on an 1179 // asset. 1180 // "OS_INVENTORY" - The runtime OS Inventory information. 1181 // "RELATIONSHIP" - The related resources. 1182 ContentType string `json:"contentType,omitempty"` 1183 1184 // FeedOutputConfig: Required. Feed output configuration defining where 1185 // the asset updates are published to. 1186 FeedOutputConfig *FeedOutputConfig `json:"feedOutputConfig,omitempty"` 1187 1188 // Name: Required. The format will be 1189 // projects/{project_number}/feeds/{client-assigned_feed_identifier} or 1190 // folders/{folder_number}/feeds/{client-assigned_feed_identifier} or 1191 // organizations/{organization_number}/feeds/{client-assigned_feed_identi 1192 // fier} The client-assigned feed identifier must be unique within the 1193 // parent project/folder/organization. 1194 Name string `json:"name,omitempty"` 1195 1196 // RelationshipTypes: A list of relationship types to output, for 1197 // example: `INSTANCE_TO_INSTANCEGROUP`. This field should only be 1198 // specified if content_type=RELATIONSHIP. * If specified: it outputs 1199 // specified relationship updates on the [asset_names] or the 1200 // [asset_types]. It returns an error if any of the [relationship_types] 1201 // doesn't belong to the supported relationship types of the 1202 // [asset_names] or [asset_types], or any of the [asset_names] or the 1203 // [asset_types] doesn't belong to the source types of the 1204 // [relationship_types]. * Otherwise: it outputs the supported 1205 // relationships of the types of [asset_names] and [asset_types] or 1206 // returns an error if any of the [asset_names] or the [asset_types] has 1207 // no replationship support. See Introduction to Cloud Asset Inventory 1208 // (https://cloud.google.com/asset-inventory/docs/overview) for all 1209 // supported asset types and relationship types. 1210 RelationshipTypes []string `json:"relationshipTypes,omitempty"` 1211 1212 // ServerResponse contains the HTTP response code and headers from the 1213 // server. 1214 googleapi.ServerResponse `json:"-"` 1215 1216 // ForceSendFields is a list of field names (e.g. "AssetNames") to 1217 // unconditionally include in API requests. By default, fields with 1218 // empty or default values are omitted from API requests. However, any 1219 // non-pointer, non-interface field appearing in ForceSendFields will be 1220 // sent to the server regardless of whether the field is empty or not. 1221 // This may be used to include empty fields in Patch requests. 1222 ForceSendFields []string `json:"-"` 1223 1224 // NullFields is a list of field names (e.g. "AssetNames") to include in 1225 // API requests with the JSON null value. By default, fields with empty 1226 // values are omitted from API requests. However, any field with an 1227 // empty value appearing in NullFields will be sent to the server as 1228 // null. It is an error if a field in this list has a non-empty value. 1229 // This may be used to include null fields in Patch requests. 1230 NullFields []string `json:"-"` 1231} 1232 1233func (s *Feed) MarshalJSON() ([]byte, error) { 1234 type NoMethod Feed 1235 raw := NoMethod(*s) 1236 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1237} 1238 1239// FeedOutputConfig: Output configuration for asset feed destination. 1240type FeedOutputConfig struct { 1241 // PubsubDestination: Destination on Pub/Sub. 1242 PubsubDestination *PubsubDestination `json:"pubsubDestination,omitempty"` 1243 1244 // ForceSendFields is a list of field names (e.g. "PubsubDestination") 1245 // to unconditionally include in API requests. By default, fields with 1246 // empty or default values are omitted from API requests. However, any 1247 // non-pointer, non-interface field appearing in ForceSendFields will be 1248 // sent to the server regardless of whether the field is empty or not. 1249 // This may be used to include empty fields in Patch requests. 1250 ForceSendFields []string `json:"-"` 1251 1252 // NullFields is a list of field names (e.g. "PubsubDestination") to 1253 // include in API requests with the JSON null value. By default, fields 1254 // with empty values are omitted from API requests. However, any field 1255 // with an empty value appearing in NullFields will be sent to the 1256 // server as null. It is an error if a field in this list has a 1257 // non-empty value. This may be used to include null fields in Patch 1258 // requests. 1259 NullFields []string `json:"-"` 1260} 1261 1262func (s *FeedOutputConfig) MarshalJSON() ([]byte, error) { 1263 type NoMethod FeedOutputConfig 1264 raw := NoMethod(*s) 1265 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1266} 1267 1268// GcsDestination: A Cloud Storage location. 1269type GcsDestination struct { 1270 // Uri: The uri of the Cloud Storage object. It's the same uri that is 1271 // used by gsutil. Example: "gs://bucket_name/object_name". See Viewing 1272 // and Editing Object Metadata 1273 // (https://cloud.google.com/storage/docs/viewing-editing-metadata) for 1274 // more information. If the specified Cloud Storage object already 1275 // exists and there is no hold 1276 // (https://cloud.google.com/storage/docs/object-holds), it will be 1277 // overwritten with the exported result. 1278 Uri string `json:"uri,omitempty"` 1279 1280 // UriPrefix: The uri prefix of all generated Cloud Storage objects. 1281 // Example: "gs://bucket_name/object_name_prefix". Each object uri is in 1282 // format: "gs://bucket_name/object_name_prefix// and only contains 1283 // assets for that type. starts from 0. Example: 1284 // "gs://bucket_name/object_name_prefix/compute.googleapis.com/Disk/0" 1285 // is the first shard of output objects containing all 1286 // compute.googleapis.com/Disk assets. An INVALID_ARGUMENT error will be 1287 // returned if file with the same name 1288 // "gs://bucket_name/object_name_prefix" already exists. 1289 UriPrefix string `json:"uriPrefix,omitempty"` 1290 1291 // ForceSendFields is a list of field names (e.g. "Uri") to 1292 // unconditionally include in API requests. By default, fields with 1293 // empty or default values are omitted from API requests. However, any 1294 // non-pointer, non-interface field appearing in ForceSendFields will be 1295 // sent to the server regardless of whether the field is empty or not. 1296 // This may be used to include empty fields in Patch requests. 1297 ForceSendFields []string `json:"-"` 1298 1299 // NullFields is a list of field names (e.g. "Uri") to include in API 1300 // requests with the JSON null value. By default, fields with empty 1301 // values are omitted from API requests. However, any field with an 1302 // empty value appearing in NullFields will be sent to the server as 1303 // null. It is an error if a field in this list has a non-empty value. 1304 // This may be used to include null fields in Patch requests. 1305 NullFields []string `json:"-"` 1306} 1307 1308func (s *GcsDestination) MarshalJSON() ([]byte, error) { 1309 type NoMethod GcsDestination 1310 raw := NoMethod(*s) 1311 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1312} 1313 1314// GoogleCloudAssetV1Access: An IAM role or permission under analysis. 1315type GoogleCloudAssetV1Access struct { 1316 // AnalysisState: The analysis state of this access. 1317 AnalysisState *IamPolicyAnalysisState `json:"analysisState,omitempty"` 1318 1319 // Permission: The permission. 1320 Permission string `json:"permission,omitempty"` 1321 1322 // Role: The role. 1323 Role string `json:"role,omitempty"` 1324 1325 // ForceSendFields is a list of field names (e.g. "AnalysisState") to 1326 // unconditionally include in API requests. By default, fields with 1327 // empty or default values are omitted from API requests. However, any 1328 // non-pointer, non-interface field appearing in ForceSendFields will be 1329 // sent to the server regardless of whether the field is empty or not. 1330 // This may be used to include empty fields in Patch requests. 1331 ForceSendFields []string `json:"-"` 1332 1333 // NullFields is a list of field names (e.g. "AnalysisState") to include 1334 // in API requests with the JSON null value. By default, fields with 1335 // empty values are omitted from API requests. However, any field with 1336 // an empty value appearing in NullFields will be sent to the server as 1337 // null. It is an error if a field in this list has a non-empty value. 1338 // This may be used to include null fields in Patch requests. 1339 NullFields []string `json:"-"` 1340} 1341 1342func (s *GoogleCloudAssetV1Access) MarshalJSON() ([]byte, error) { 1343 type NoMethod GoogleCloudAssetV1Access 1344 raw := NoMethod(*s) 1345 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1346} 1347 1348// GoogleCloudAssetV1AccessControlList: An access control list, derived 1349// from the above IAM policy binding, which contains a set of resources 1350// and accesses. May include one item from each set to compose an access 1351// control entry. NOTICE that there could be multiple access control 1352// lists for one IAM policy binding. The access control lists are 1353// created based on resource and access combinations. For example, 1354// assume we have the following cases in one IAM policy binding: - 1355// Permission P1 and P2 apply to resource R1 and R2; - Permission P3 1356// applies to resource R2 and R3; This will result in the following 1357// access control lists: - AccessControlList 1: [R1, R2], [P1, P2] - 1358// AccessControlList 2: [R2, R3], [P3] 1359type GoogleCloudAssetV1AccessControlList struct { 1360 // Accesses: The accesses that match one of the following conditions: - 1361 // The access_selector, if it is specified in request; - Otherwise, 1362 // access specifiers reachable from the policy binding's role. 1363 Accesses []*GoogleCloudAssetV1Access `json:"accesses,omitempty"` 1364 1365 // ConditionEvaluation: Condition evaluation for this AccessControlList, 1366 // if there is a condition defined in the above IAM policy binding. 1367 ConditionEvaluation *ConditionEvaluation `json:"conditionEvaluation,omitempty"` 1368 1369 // ResourceEdges: Resource edges of the graph starting from the policy 1370 // attached resource to any descendant resources. The Edge.source_node 1371 // contains the full resource name of a parent resource and 1372 // Edge.target_node contains the full resource name of a child resource. 1373 // This field is present only if the output_resource_edges option is 1374 // enabled in request. 1375 ResourceEdges []*GoogleCloudAssetV1Edge `json:"resourceEdges,omitempty"` 1376 1377 // Resources: The resources that match one of the following conditions: 1378 // - The resource_selector, if it is specified in request; - Otherwise, 1379 // resources reachable from the policy attached resource. 1380 Resources []*GoogleCloudAssetV1Resource `json:"resources,omitempty"` 1381 1382 // ForceSendFields is a list of field names (e.g. "Accesses") to 1383 // unconditionally include in API requests. By default, fields with 1384 // empty or default values are omitted from API requests. However, any 1385 // non-pointer, non-interface field appearing in ForceSendFields will be 1386 // sent to the server regardless of whether the field is empty or not. 1387 // This may be used to include empty fields in Patch requests. 1388 ForceSendFields []string `json:"-"` 1389 1390 // NullFields is a list of field names (e.g. "Accesses") to include in 1391 // API requests with the JSON null value. By default, fields with empty 1392 // values are omitted from API requests. However, any field with an 1393 // empty value appearing in NullFields will be sent to the server as 1394 // null. It is an error if a field in this list has a non-empty value. 1395 // This may be used to include null fields in Patch requests. 1396 NullFields []string `json:"-"` 1397} 1398 1399func (s *GoogleCloudAssetV1AccessControlList) MarshalJSON() ([]byte, error) { 1400 type NoMethod GoogleCloudAssetV1AccessControlList 1401 raw := NoMethod(*s) 1402 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1403} 1404 1405// GoogleCloudAssetV1BigQueryDestination: A BigQuery destination. 1406type GoogleCloudAssetV1BigQueryDestination struct { 1407 // Dataset: Required. The BigQuery dataset in format 1408 // "projects/projectId/datasets/datasetId", to which the analysis 1409 // results should be exported. If this dataset does not exist, the 1410 // export call will return an INVALID_ARGUMENT error. 1411 Dataset string `json:"dataset,omitempty"` 1412 1413 // PartitionKey: The partition key for BigQuery partitioned table. 1414 // 1415 // Possible values: 1416 // "PARTITION_KEY_UNSPECIFIED" - Unspecified partition key. Tables 1417 // won't be partitioned using this option. 1418 // "REQUEST_TIME" - The time when the request is received. If 1419 // specified as partition key, the result table(s) is partitoned by the 1420 // RequestTime column, an additional timestamp column representing when 1421 // the request was received. 1422 PartitionKey string `json:"partitionKey,omitempty"` 1423 1424 // TablePrefix: Required. The prefix of the BigQuery tables to which the 1425 // analysis results will be written. Tables will be created based on 1426 // this table_prefix if not exist: * _analysis table will contain export 1427 // operation's metadata. * _analysis_result will contain all the 1428 // IamPolicyAnalysisResult. When [partition_key] is specified, both 1429 // tables will be partitioned based on the [partition_key]. 1430 TablePrefix string `json:"tablePrefix,omitempty"` 1431 1432 // WriteDisposition: Optional. Specifies the action that occurs if the 1433 // destination table or partition already exists. The following values 1434 // are supported: * WRITE_TRUNCATE: If the table or partition already 1435 // exists, BigQuery overwrites the entire table or all the partitions 1436 // data. * WRITE_APPEND: If the table or partition already exists, 1437 // BigQuery appends the data to the table or the latest partition. * 1438 // WRITE_EMPTY: If the table already exists and contains data, an error 1439 // is returned. The default value is WRITE_APPEND. Each action is atomic 1440 // and only occurs if BigQuery is able to complete the job successfully. 1441 // Details are at 1442 // https://cloud.google.com/bigquery/docs/loading-data-local#appending_to_or_overwriting_a_table_using_a_local_file. 1443 WriteDisposition string `json:"writeDisposition,omitempty"` 1444 1445 // ForceSendFields is a list of field names (e.g. "Dataset") to 1446 // unconditionally include in API requests. By default, fields with 1447 // empty or default values are omitted from API requests. However, any 1448 // non-pointer, non-interface field appearing in ForceSendFields will be 1449 // sent to the server regardless of whether the field is empty or not. 1450 // This may be used to include empty fields in Patch requests. 1451 ForceSendFields []string `json:"-"` 1452 1453 // NullFields is a list of field names (e.g. "Dataset") to include in 1454 // API requests with the JSON null value. By default, fields with empty 1455 // values are omitted from API requests. However, any field with an 1456 // empty value appearing in NullFields will be sent to the server as 1457 // null. It is an error if a field in this list has a non-empty value. 1458 // This may be used to include null fields in Patch requests. 1459 NullFields []string `json:"-"` 1460} 1461 1462func (s *GoogleCloudAssetV1BigQueryDestination) MarshalJSON() ([]byte, error) { 1463 type NoMethod GoogleCloudAssetV1BigQueryDestination 1464 raw := NoMethod(*s) 1465 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1466} 1467 1468// GoogleCloudAssetV1Edge: A directional edge. 1469type GoogleCloudAssetV1Edge struct { 1470 // SourceNode: The source node of the edge. For example, it could be a 1471 // full resource name for a resource node or an email of an identity. 1472 SourceNode string `json:"sourceNode,omitempty"` 1473 1474 // TargetNode: The target node of the edge. For example, it could be a 1475 // full resource name for a resource node or an email of an identity. 1476 TargetNode string `json:"targetNode,omitempty"` 1477 1478 // ForceSendFields is a list of field names (e.g. "SourceNode") to 1479 // unconditionally include in API requests. By default, fields with 1480 // empty or default values are omitted from API requests. However, any 1481 // non-pointer, non-interface field appearing in ForceSendFields will be 1482 // sent to the server regardless of whether the field is empty or not. 1483 // This may be used to include empty fields in Patch requests. 1484 ForceSendFields []string `json:"-"` 1485 1486 // NullFields is a list of field names (e.g. "SourceNode") to include in 1487 // API requests with the JSON null value. By default, fields with empty 1488 // values are omitted from API requests. However, any field with an 1489 // empty value appearing in NullFields will be sent to the server as 1490 // null. It is an error if a field in this list has a non-empty value. 1491 // This may be used to include null fields in Patch requests. 1492 NullFields []string `json:"-"` 1493} 1494 1495func (s *GoogleCloudAssetV1Edge) MarshalJSON() ([]byte, error) { 1496 type NoMethod GoogleCloudAssetV1Edge 1497 raw := NoMethod(*s) 1498 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1499} 1500 1501// GoogleCloudAssetV1GcsDestination: A Cloud Storage location. 1502type GoogleCloudAssetV1GcsDestination struct { 1503 // Uri: Required. The uri of the Cloud Storage object. It's the same uri 1504 // that is used by gsutil. Example: "gs://bucket_name/object_name". See 1505 // Viewing and Editing Object Metadata 1506 // (https://cloud.google.com/storage/docs/viewing-editing-metadata) for 1507 // more information. If the specified Cloud Storage object already 1508 // exists and there is no hold 1509 // (https://cloud.google.com/storage/docs/object-holds), it will be 1510 // overwritten with the analysis result. 1511 Uri string `json:"uri,omitempty"` 1512 1513 // ForceSendFields is a list of field names (e.g. "Uri") to 1514 // unconditionally include in API requests. By default, fields with 1515 // empty or default values are omitted from API requests. However, any 1516 // non-pointer, non-interface field appearing in ForceSendFields will be 1517 // sent to the server regardless of whether the field is empty or not. 1518 // This may be used to include empty fields in Patch requests. 1519 ForceSendFields []string `json:"-"` 1520 1521 // NullFields is a list of field names (e.g. "Uri") to include in API 1522 // requests with the JSON null value. By default, fields with empty 1523 // values are omitted from API requests. However, any field with an 1524 // empty value appearing in NullFields will be sent to the server as 1525 // null. It is an error if a field in this list has a non-empty value. 1526 // This may be used to include null fields in Patch requests. 1527 NullFields []string `json:"-"` 1528} 1529 1530func (s *GoogleCloudAssetV1GcsDestination) MarshalJSON() ([]byte, error) { 1531 type NoMethod GoogleCloudAssetV1GcsDestination 1532 raw := NoMethod(*s) 1533 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1534} 1535 1536// GoogleCloudAssetV1Identity: An identity under analysis. 1537type GoogleCloudAssetV1Identity struct { 1538 // AnalysisState: The analysis state of this identity. 1539 AnalysisState *IamPolicyAnalysisState `json:"analysisState,omitempty"` 1540 1541 // Name: The identity name in any form of members appear in IAM policy 1542 // binding (https://cloud.google.com/iam/reference/rest/v1/Binding), 1543 // such as: - user:foo@google.com - group:group1@google.com - 1544 // serviceAccount:s1@prj1.iam.gserviceaccount.com - 1545 // projectOwner:some_project_id - domain:google.com - allUsers - etc. 1546 Name string `json:"name,omitempty"` 1547 1548 // ForceSendFields is a list of field names (e.g. "AnalysisState") to 1549 // unconditionally include in API requests. By default, fields with 1550 // empty or default values are omitted from API requests. However, any 1551 // non-pointer, non-interface field appearing in ForceSendFields will be 1552 // sent to the server regardless of whether the field is empty or not. 1553 // This may be used to include empty fields in Patch requests. 1554 ForceSendFields []string `json:"-"` 1555 1556 // NullFields is a list of field names (e.g. "AnalysisState") to include 1557 // in API requests with the JSON null value. By default, fields with 1558 // empty values are omitted from API requests. However, any field with 1559 // an empty value appearing in NullFields will be sent to the server as 1560 // null. It is an error if a field in this list has a non-empty value. 1561 // This may be used to include null fields in Patch requests. 1562 NullFields []string `json:"-"` 1563} 1564 1565func (s *GoogleCloudAssetV1Identity) MarshalJSON() ([]byte, error) { 1566 type NoMethod GoogleCloudAssetV1Identity 1567 raw := NoMethod(*s) 1568 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1569} 1570 1571// GoogleCloudAssetV1IdentityList: The identities and group edges. 1572type GoogleCloudAssetV1IdentityList struct { 1573 // GroupEdges: Group identity edges of the graph starting from the 1574 // binding's group members to any node of the identities. The 1575 // Edge.source_node contains a group, such as `group:parent@google.com`. 1576 // The Edge.target_node contains a member of the group, such as 1577 // `group:child@google.com` or `user:foo@google.com`. This field is 1578 // present only if the output_group_edges option is enabled in request. 1579 GroupEdges []*GoogleCloudAssetV1Edge `json:"groupEdges,omitempty"` 1580 1581 // Identities: Only the identities that match one of the following 1582 // conditions will be presented: - The identity_selector, if it is 1583 // specified in request; - Otherwise, identities reachable from the 1584 // policy binding's members. 1585 Identities []*GoogleCloudAssetV1Identity `json:"identities,omitempty"` 1586 1587 // ForceSendFields is a list of field names (e.g. "GroupEdges") to 1588 // unconditionally include in API requests. By default, fields with 1589 // empty or default values are omitted from API requests. However, any 1590 // non-pointer, non-interface field appearing in ForceSendFields will be 1591 // sent to the server regardless of whether the field is empty or not. 1592 // This may be used to include empty fields in Patch requests. 1593 ForceSendFields []string `json:"-"` 1594 1595 // NullFields is a list of field names (e.g. "GroupEdges") to include in 1596 // API requests with the JSON null value. By default, fields with empty 1597 // values are omitted from API requests. However, any field with an 1598 // empty value appearing in NullFields will be sent to the server as 1599 // null. It is an error if a field in this list has a non-empty value. 1600 // This may be used to include null fields in Patch requests. 1601 NullFields []string `json:"-"` 1602} 1603 1604func (s *GoogleCloudAssetV1IdentityList) MarshalJSON() ([]byte, error) { 1605 type NoMethod GoogleCloudAssetV1IdentityList 1606 raw := NoMethod(*s) 1607 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1608} 1609 1610// GoogleCloudAssetV1Resource: A Google Cloud resource under analysis. 1611type GoogleCloudAssetV1Resource struct { 1612 // AnalysisState: The analysis state of this resource. 1613 AnalysisState *IamPolicyAnalysisState `json:"analysisState,omitempty"` 1614 1615 // FullResourceName: The full resource name 1616 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) 1617 FullResourceName string `json:"fullResourceName,omitempty"` 1618 1619 // ForceSendFields is a list of field names (e.g. "AnalysisState") to 1620 // unconditionally include in API requests. By default, fields with 1621 // empty or default values are omitted from API requests. However, any 1622 // non-pointer, non-interface field appearing in ForceSendFields will be 1623 // sent to the server regardless of whether the field is empty or not. 1624 // This may be used to include empty fields in Patch requests. 1625 ForceSendFields []string `json:"-"` 1626 1627 // NullFields is a list of field names (e.g. "AnalysisState") to include 1628 // in API requests with the JSON null value. By default, fields with 1629 // empty values are omitted from API requests. However, any field with 1630 // an empty value appearing in NullFields will be sent to the server as 1631 // null. It is an error if a field in this list has a non-empty value. 1632 // This may be used to include null fields in Patch requests. 1633 NullFields []string `json:"-"` 1634} 1635 1636func (s *GoogleCloudAssetV1Resource) MarshalJSON() ([]byte, error) { 1637 type NoMethod GoogleCloudAssetV1Resource 1638 raw := NoMethod(*s) 1639 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1640} 1641 1642// GoogleCloudAssetV1p7beta1Asset: An asset in Google Cloud. An asset 1643// can be any resource in the Google Cloud resource hierarchy 1644// (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 1645// a resource outside the Google Cloud resource hierarchy (such as 1646// Google Kubernetes Engine clusters and objects), or a policy (e.g. 1647// Cloud IAM policy). See Supported asset types 1648// (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 1649// for more information. 1650type GoogleCloudAssetV1p7beta1Asset struct { 1651 // AccessLevel: Please also refer to the access level user guide 1652 // (https://cloud.google.com/access-context-manager/docs/overview#access-levels). 1653 AccessLevel *GoogleIdentityAccesscontextmanagerV1AccessLevel `json:"accessLevel,omitempty"` 1654 1655 // AccessPolicy: Please also refer to the access policy user guide 1656 // (https://cloud.google.com/access-context-manager/docs/overview#access-policies). 1657 AccessPolicy *GoogleIdentityAccesscontextmanagerV1AccessPolicy `json:"accessPolicy,omitempty"` 1658 1659 // Ancestors: The ancestry path of an asset in Google Cloud resource 1660 // hierarchy 1661 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 1662 // represented as a list of relative resource names. An ancestry path 1663 // starts with the closest ancestor in the hierarchy and ends at root. 1664 // If the asset is a project, folder, or organization, the ancestry path 1665 // starts from the asset itself. Example: `["projects/123456789", 1666 // "folders/5432", "organizations/1234"]` 1667 Ancestors []string `json:"ancestors,omitempty"` 1668 1669 // AssetType: The type of the asset. Example: 1670 // `compute.googleapis.com/Disk` See Supported asset types 1671 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 1672 // for more information. 1673 AssetType string `json:"assetType,omitempty"` 1674 1675 // IamPolicy: A representation of the Cloud IAM policy set on a Google 1676 // Cloud resource. There can be a maximum of one Cloud IAM policy set on 1677 // any given resource. In addition, Cloud IAM policies inherit their 1678 // granted access scope from any policies set on parent resources in the 1679 // resource hierarchy. Therefore, the effectively policy is the union of 1680 // both the policy set on this resource and each policy set on all of 1681 // the resource's ancestry resource levels in the hierarchy. See this 1682 // topic (https://cloud.google.com/iam/docs/policies#inheritance) for 1683 // more information. 1684 IamPolicy *Policy `json:"iamPolicy,omitempty"` 1685 1686 // Name: The full name of the asset. Example: 1687 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 1688 // s/instance1` See Resource names 1689 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 1690 // for more information. 1691 Name string `json:"name,omitempty"` 1692 1693 // OrgPolicy: A representation of an organization policy 1694 // (https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). 1695 // There can be more than one organization policy with different 1696 // constraints set on a given resource. 1697 OrgPolicy []*GoogleCloudOrgpolicyV1Policy `json:"orgPolicy,omitempty"` 1698 1699 // RelatedAssets: The related assets of the asset of one relationship 1700 // type. One asset only represents one type of relationship. 1701 RelatedAssets *GoogleCloudAssetV1p7beta1RelatedAssets `json:"relatedAssets,omitempty"` 1702 1703 // Resource: A representation of the resource. 1704 Resource *GoogleCloudAssetV1p7beta1Resource `json:"resource,omitempty"` 1705 1706 // ServicePerimeter: Please also refer to the service perimeter user 1707 // guide (https://cloud.google.com/vpc-service-controls/docs/overview). 1708 ServicePerimeter *GoogleIdentityAccesscontextmanagerV1ServicePerimeter `json:"servicePerimeter,omitempty"` 1709 1710 // UpdateTime: The last update timestamp of an asset. update_time is 1711 // updated when create/update/delete operation is performed. 1712 UpdateTime string `json:"updateTime,omitempty"` 1713 1714 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 1715 // unconditionally include in API requests. By default, fields with 1716 // empty or default values are omitted from API requests. However, any 1717 // non-pointer, non-interface field appearing in ForceSendFields will be 1718 // sent to the server regardless of whether the field is empty or not. 1719 // This may be used to include empty fields in Patch requests. 1720 ForceSendFields []string `json:"-"` 1721 1722 // NullFields is a list of field names (e.g. "AccessLevel") to include 1723 // in API requests with the JSON null value. By default, fields with 1724 // empty values are omitted from API requests. However, any field with 1725 // an empty value appearing in NullFields will be sent to the server as 1726 // null. It is an error if a field in this list has a non-empty value. 1727 // This may be used to include null fields in Patch requests. 1728 NullFields []string `json:"-"` 1729} 1730 1731func (s *GoogleCloudAssetV1p7beta1Asset) MarshalJSON() ([]byte, error) { 1732 type NoMethod GoogleCloudAssetV1p7beta1Asset 1733 raw := NoMethod(*s) 1734 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1735} 1736 1737// GoogleCloudAssetV1p7beta1RelatedAsset: An asset identify in Google 1738// Cloud which contains its name, type and ancestors. An asset can be 1739// any resource in the Google Cloud resource hierarchy 1740// (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 1741// a resource outside the Google Cloud resource hierarchy (such as 1742// Google Kubernetes Engine clusters and objects), or a policy (e.g. 1743// Cloud IAM policy). See Supported asset types 1744// (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 1745// for more information. 1746type GoogleCloudAssetV1p7beta1RelatedAsset struct { 1747 // Ancestors: The ancestors of an asset in Google Cloud resource 1748 // hierarchy 1749 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 1750 // represented as a list of relative resource names. An ancestry path 1751 // starts with the closest ancestor in the hierarchy and ends at root. 1752 // Example: `["projects/123456789", "folders/5432", 1753 // "organizations/1234"]` 1754 Ancestors []string `json:"ancestors,omitempty"` 1755 1756 // Asset: The full name of the asset. Example: 1757 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 1758 // s/instance1` See Resource names 1759 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 1760 // for more information. 1761 Asset string `json:"asset,omitempty"` 1762 1763 // AssetType: The type of the asset. Example: 1764 // `compute.googleapis.com/Disk` See Supported asset types 1765 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 1766 // for more information. 1767 AssetType string `json:"assetType,omitempty"` 1768 1769 // ForceSendFields is a list of field names (e.g. "Ancestors") to 1770 // unconditionally include in API requests. By default, fields with 1771 // empty or default values are omitted from API requests. However, any 1772 // non-pointer, non-interface field appearing in ForceSendFields will be 1773 // sent to the server regardless of whether the field is empty or not. 1774 // This may be used to include empty fields in Patch requests. 1775 ForceSendFields []string `json:"-"` 1776 1777 // NullFields is a list of field names (e.g. "Ancestors") to include in 1778 // API requests with the JSON null value. By default, fields with empty 1779 // values are omitted from API requests. However, any field with an 1780 // empty value appearing in NullFields will be sent to the server as 1781 // null. It is an error if a field in this list has a non-empty value. 1782 // This may be used to include null fields in Patch requests. 1783 NullFields []string `json:"-"` 1784} 1785 1786func (s *GoogleCloudAssetV1p7beta1RelatedAsset) MarshalJSON() ([]byte, error) { 1787 type NoMethod GoogleCloudAssetV1p7beta1RelatedAsset 1788 raw := NoMethod(*s) 1789 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1790} 1791 1792// GoogleCloudAssetV1p7beta1RelatedAssets: The detailed related assets 1793// with the `relationship_type`. 1794type GoogleCloudAssetV1p7beta1RelatedAssets struct { 1795 // Assets: The peer resources of the relationship. 1796 Assets []*GoogleCloudAssetV1p7beta1RelatedAsset `json:"assets,omitempty"` 1797 1798 // RelationshipAttributes: The detailed relation attributes. 1799 RelationshipAttributes *GoogleCloudAssetV1p7beta1RelationshipAttributes `json:"relationshipAttributes,omitempty"` 1800 1801 // ForceSendFields is a list of field names (e.g. "Assets") to 1802 // unconditionally include in API requests. By default, fields with 1803 // empty or default values are omitted from API requests. However, any 1804 // non-pointer, non-interface field appearing in ForceSendFields will be 1805 // sent to the server regardless of whether the field is empty or not. 1806 // This may be used to include empty fields in Patch requests. 1807 ForceSendFields []string `json:"-"` 1808 1809 // NullFields is a list of field names (e.g. "Assets") to include in API 1810 // requests with the JSON null value. By default, fields with empty 1811 // values are omitted from API requests. However, any field with an 1812 // empty value appearing in NullFields will be sent to the server as 1813 // null. It is an error if a field in this list has a non-empty value. 1814 // This may be used to include null fields in Patch requests. 1815 NullFields []string `json:"-"` 1816} 1817 1818func (s *GoogleCloudAssetV1p7beta1RelatedAssets) MarshalJSON() ([]byte, error) { 1819 type NoMethod GoogleCloudAssetV1p7beta1RelatedAssets 1820 raw := NoMethod(*s) 1821 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1822} 1823 1824// GoogleCloudAssetV1p7beta1RelationshipAttributes: The relationship 1825// attributes which include `type`, `source_resource_type`, 1826// `target_resource_type` and `action`. 1827type GoogleCloudAssetV1p7beta1RelationshipAttributes struct { 1828 // Action: The detail of the relationship, e.g. `contains`, `attaches` 1829 Action string `json:"action,omitempty"` 1830 1831 // SourceResourceType: The source asset type. Example: 1832 // `compute.googleapis.com/Instance` 1833 SourceResourceType string `json:"sourceResourceType,omitempty"` 1834 1835 // TargetResourceType: The target asset type. Example: 1836 // `compute.googleapis.com/Disk` 1837 TargetResourceType string `json:"targetResourceType,omitempty"` 1838 1839 // Type: The unique identifier of the relationship type. Example: 1840 // `INSTANCE_TO_INSTANCEGROUP` 1841 Type string `json:"type,omitempty"` 1842 1843 // ForceSendFields is a list of field names (e.g. "Action") to 1844 // unconditionally include in API requests. By default, fields with 1845 // empty or default values are omitted from API requests. However, any 1846 // non-pointer, non-interface field appearing in ForceSendFields will be 1847 // sent to the server regardless of whether the field is empty or not. 1848 // This may be used to include empty fields in Patch requests. 1849 ForceSendFields []string `json:"-"` 1850 1851 // NullFields is a list of field names (e.g. "Action") to include in API 1852 // requests with the JSON null value. By default, fields with empty 1853 // values are omitted from API requests. However, any field with an 1854 // empty value appearing in NullFields will be sent to the server as 1855 // null. It is an error if a field in this list has a non-empty value. 1856 // This may be used to include null fields in Patch requests. 1857 NullFields []string `json:"-"` 1858} 1859 1860func (s *GoogleCloudAssetV1p7beta1RelationshipAttributes) MarshalJSON() ([]byte, error) { 1861 type NoMethod GoogleCloudAssetV1p7beta1RelationshipAttributes 1862 raw := NoMethod(*s) 1863 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1864} 1865 1866// GoogleCloudAssetV1p7beta1Resource: A representation of a Google Cloud 1867// resource. 1868type GoogleCloudAssetV1p7beta1Resource struct { 1869 // Data: The content of the resource, in which some sensitive fields are 1870 // removed and may not be present. 1871 Data googleapi.RawMessage `json:"data,omitempty"` 1872 1873 // DiscoveryDocumentUri: The URL of the discovery document containing 1874 // the resource's JSON schema. Example: 1875 // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This 1876 // value is unspecified for resources that do not have an API based on a 1877 // discovery document, such as Cloud Bigtable. 1878 DiscoveryDocumentUri string `json:"discoveryDocumentUri,omitempty"` 1879 1880 // DiscoveryName: The JSON schema name listed in the discovery document. 1881 // Example: `Project` This value is unspecified for resources that do 1882 // not have an API based on a discovery document, such as Cloud 1883 // Bigtable. 1884 DiscoveryName string `json:"discoveryName,omitempty"` 1885 1886 // Location: The location of the resource in Google Cloud, such as its 1887 // zone and region. For more information, see 1888 // https://cloud.google.com/about/locations/. 1889 Location string `json:"location,omitempty"` 1890 1891 // Parent: The full name of the immediate parent of this resource. See 1892 // Resource Names 1893 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 1894 // for more information. For Google Cloud assets, this value is the 1895 // parent resource defined in the Cloud IAM policy hierarchy 1896 // (https://cloud.google.com/iam/docs/overview#policy_hierarchy). 1897 // Example: 1898 // `//cloudresourcemanager.googleapis.com/projects/my_project_123` For 1899 // third-party assets, this field may be set differently. 1900 Parent string `json:"parent,omitempty"` 1901 1902 // ResourceUrl: The REST URL for accessing the resource. An HTTP `GET` 1903 // request using this URL returns the resource itself. Example: 1904 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-12 1905 // 3` This value is unspecified for resources without a REST API. 1906 ResourceUrl string `json:"resourceUrl,omitempty"` 1907 1908 // Version: The API version. Example: `v1` 1909 Version string `json:"version,omitempty"` 1910 1911 // ForceSendFields is a list of field names (e.g. "Data") to 1912 // unconditionally include in API requests. By default, fields with 1913 // empty or default values are omitted from API requests. However, any 1914 // non-pointer, non-interface field appearing in ForceSendFields will be 1915 // sent to the server regardless of whether the field is empty or not. 1916 // This may be used to include empty fields in Patch requests. 1917 ForceSendFields []string `json:"-"` 1918 1919 // NullFields is a list of field names (e.g. "Data") to include in API 1920 // requests with the JSON null value. By default, fields with empty 1921 // values are omitted from API requests. However, any field with an 1922 // empty value appearing in NullFields will be sent to the server as 1923 // null. It is an error if a field in this list has a non-empty value. 1924 // This may be used to include null fields in Patch requests. 1925 NullFields []string `json:"-"` 1926} 1927 1928func (s *GoogleCloudAssetV1p7beta1Resource) MarshalJSON() ([]byte, error) { 1929 type NoMethod GoogleCloudAssetV1p7beta1Resource 1930 raw := NoMethod(*s) 1931 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1932} 1933 1934// GoogleCloudOrgpolicyV1BooleanPolicy: Used in `policy_type` to specify 1935// how `boolean_policy` will behave at this resource. 1936type GoogleCloudOrgpolicyV1BooleanPolicy struct { 1937 // Enforced: If `true`, then the `Policy` is enforced. If `false`, then 1938 // any configuration is acceptable. Suppose you have a `Constraint` 1939 // `constraints/compute.disableSerialPortAccess` with 1940 // `constraint_default` set to `ALLOW`. A `Policy` for that `Constraint` 1941 // exhibits the following behavior: - If the `Policy` at this resource 1942 // has enforced set to `false`, serial port connection attempts will be 1943 // allowed. - If the `Policy` at this resource has enforced set to 1944 // `true`, serial port connection attempts will be refused. - If the 1945 // `Policy` at this resource is `RestoreDefault`, serial port connection 1946 // attempts will be allowed. - If no `Policy` is set at this resource or 1947 // anywhere higher in the resource hierarchy, serial port connection 1948 // attempts will be allowed. - If no `Policy` is set at this resource, 1949 // but one exists higher in the resource hierarchy, the behavior is as 1950 // if the`Policy` were set at this resource. The following examples 1951 // demonstrate the different possible layerings: Example 1 (nearest 1952 // `Constraint` wins): `organizations/foo` has a `Policy` with: 1953 // {enforced: false} `projects/bar` has no `Policy` set. The constraint 1954 // at `projects/bar` and `organizations/foo` will not be enforced. 1955 // Example 2 (enforcement gets replaced): `organizations/foo` has a 1956 // `Policy` with: {enforced: false} `projects/bar` has a `Policy` with: 1957 // {enforced: true} The constraint at `organizations/foo` is not 1958 // enforced. The constraint at `projects/bar` is enforced. Example 3 1959 // (RestoreDefault): `organizations/foo` has a `Policy` with: {enforced: 1960 // true} `projects/bar` has a `Policy` with: {RestoreDefault: {}} The 1961 // constraint at `organizations/foo` is enforced. The constraint at 1962 // `projects/bar` is not enforced, because `constraint_default` for the 1963 // `Constraint` is `ALLOW`. 1964 Enforced bool `json:"enforced,omitempty"` 1965 1966 // ForceSendFields is a list of field names (e.g. "Enforced") to 1967 // unconditionally include in API requests. By default, fields with 1968 // empty or default values are omitted from API requests. However, any 1969 // non-pointer, non-interface field appearing in ForceSendFields will be 1970 // sent to the server regardless of whether the field is empty or not. 1971 // This may be used to include empty fields in Patch requests. 1972 ForceSendFields []string `json:"-"` 1973 1974 // NullFields is a list of field names (e.g. "Enforced") to include in 1975 // API requests with the JSON null value. By default, fields with empty 1976 // values are omitted from API requests. However, any field with an 1977 // empty value appearing in NullFields will be sent to the server as 1978 // null. It is an error if a field in this list has a non-empty value. 1979 // This may be used to include null fields in Patch requests. 1980 NullFields []string `json:"-"` 1981} 1982 1983func (s *GoogleCloudOrgpolicyV1BooleanPolicy) MarshalJSON() ([]byte, error) { 1984 type NoMethod GoogleCloudOrgpolicyV1BooleanPolicy 1985 raw := NoMethod(*s) 1986 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 1987} 1988 1989// GoogleCloudOrgpolicyV1ListPolicy: Used in `policy_type` to specify 1990// how `list_policy` behaves at this resource. `ListPolicy` can define 1991// specific values and subtrees of Cloud Resource Manager resource 1992// hierarchy (`Organizations`, `Folders`, `Projects`) that are allowed 1993// or denied by setting the `allowed_values` and `denied_values` fields. 1994// This is achieved by using the `under:` and optional `is:` prefixes. 1995// The `under:` prefix is used to denote resource subtree values. The 1996// `is:` prefix is used to denote specific values, and is required only 1997// if the value contains a ":". Values prefixed with "is:" are treated 1998// the same as values with no prefix. Ancestry subtrees must be in one 1999// of the following formats: - "projects/", e.g. 2000// "projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - 2001// "organizations/", e.g. "organizations/1234" The `supports_under` 2002// field of the associated `Constraint` defines whether ancestry 2003// prefixes can be used. You can set `allowed_values` and 2004// `denied_values` in the same `Policy` if `all_values` is 2005// `ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to allow or deny 2006// all values. If `all_values` is set to either `ALLOW` or `DENY`, 2007// `allowed_values` and `denied_values` must be unset. 2008type GoogleCloudOrgpolicyV1ListPolicy struct { 2009 // AllValues: The policy all_values state. 2010 // 2011 // Possible values: 2012 // "ALL_VALUES_UNSPECIFIED" - Indicates that allowed_values or 2013 // denied_values must be set. 2014 // "ALLOW" - A policy with this set allows all values. 2015 // "DENY" - A policy with this set denies all values. 2016 AllValues string `json:"allValues,omitempty"` 2017 2018 // AllowedValues: List of values allowed at this resource. Can only be 2019 // set if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 2020 AllowedValues []string `json:"allowedValues,omitempty"` 2021 2022 // DeniedValues: List of values denied at this resource. Can only be set 2023 // if `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 2024 DeniedValues []string `json:"deniedValues,omitempty"` 2025 2026 // InheritFromParent: Determines the inheritance behavior for this 2027 // `Policy`. By default, a `ListPolicy` set at a resource supersedes any 2028 // `Policy` set anywhere up the resource hierarchy. However, if 2029 // `inherit_from_parent` is set to `true`, then the values from the 2030 // effective `Policy` of the parent resource are inherited, meaning the 2031 // values set in this `Policy` are added to the values inherited up the 2032 // hierarchy. Setting `Policy` hierarchies that inherit both allowed 2033 // values and denied values isn't recommended in most circumstances to 2034 // keep the configuration simple and understandable. However, it is 2035 // possible to set a `Policy` with `allowed_values` set that inherits a 2036 // `Policy` with `denied_values` set. In this case, the values that are 2037 // allowed must be in `allowed_values` and not present in 2038 // `denied_values`. For example, suppose you have a `Constraint` 2039 // `constraints/serviceuser.services`, which has a `constraint_type` of 2040 // `list_constraint`, and with `constraint_default` set to `ALLOW`. 2041 // Suppose that at the Organization level, a `Policy` is applied that 2042 // restricts the allowed API activations to {`E1`, `E2`}. Then, if a 2043 // `Policy` is applied to a project below the Organization that has 2044 // `inherit_from_parent` set to `false` and field all_values set to 2045 // DENY, then an attempt to activate any API will be denied. The 2046 // following examples demonstrate different possible layerings for 2047 // `projects/bar` parented by `organizations/foo`: Example 1 (no 2048 // inherited values): `organizations/foo` has a `Policy` with values: 2049 // {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has 2050 // `inherit_from_parent` `false` and values: {allowed_values: "E3" 2051 // allowed_values: "E4"} The accepted values at `organizations/foo` are 2052 // `E1`, `E2`. The accepted values at `projects/bar` are `E3`, and `E4`. 2053 // Example 2 (inherited values): `organizations/foo` has a `Policy` with 2054 // values: {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has 2055 // a `Policy` with values: {value: "E3" value: "E4" inherit_from_parent: 2056 // true} The accepted values at `organizations/foo` are `E1`, `E2`. The 2057 // accepted values at `projects/bar` are `E1`, `E2`, `E3`, and `E4`. 2058 // Example 3 (inheriting both allowed and denied values): 2059 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 2060 // allowed_values: "E2"} `projects/bar` has a `Policy` with: 2061 // {denied_values: "E1"} The accepted values at `organizations/foo` are 2062 // `E1`, `E2`. The value accepted at `projects/bar` is `E2`. Example 4 2063 // (RestoreDefault): `organizations/foo` has a `Policy` with values: 2064 // {allowed_values: "E1" allowed_values:"E2"} `projects/bar` has a 2065 // `Policy` with values: {RestoreDefault: {}} The accepted values at 2066 // `organizations/foo` are `E1`, `E2`. The accepted values at 2067 // `projects/bar` are either all or none depending on the value of 2068 // `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 5 2069 // (no policy inherits parent policy): `organizations/foo` has no 2070 // `Policy` set. `projects/bar` has no `Policy` set. The accepted values 2071 // at both levels are either all or none depending on the value of 2072 // `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 6 2073 // (ListConstraint allowing all): `organizations/foo` has a `Policy` 2074 // with values: {allowed_values: "E1" allowed_values: "E2"} 2075 // `projects/bar` has a `Policy` with: {all: ALLOW} The accepted values 2076 // at `organizations/foo` are `E1`, E2`. Any value is accepted at 2077 // `projects/bar`. Example 7 (ListConstraint allowing none): 2078 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 2079 // allowed_values: "E2"} `projects/bar` has a `Policy` with: {all: DENY} 2080 // The accepted values at `organizations/foo` are `E1`, E2`. No value is 2081 // accepted at `projects/bar`. Example 10 (allowed and denied subtrees 2082 // of Resource Manager hierarchy): Given the following resource 2083 // hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, `organizations/foo` 2084 // has a `Policy` with values: {allowed_values: 2085 // "under:organizations/O1"} `projects/bar` has a `Policy` with: 2086 // {allowed_values: "under:projects/P3"} {denied_values: 2087 // "under:folders/F2"} The accepted values at `organizations/foo` are 2088 // `organizations/O1`, `folders/F1`, `folders/F2`, `projects/P1`, 2089 // `projects/P2`, `projects/P3`. The accepted values at `projects/bar` 2090 // are `organizations/O1`, `folders/F1`, `projects/P1`. 2091 InheritFromParent bool `json:"inheritFromParent,omitempty"` 2092 2093 // SuggestedValue: Optional. The Google Cloud Console will try to 2094 // default to a configuration that matches the value specified in this 2095 // `Policy`. If `suggested_value` is not set, it will inherit the value 2096 // specified higher in the hierarchy, unless `inherit_from_parent` is 2097 // `false`. 2098 SuggestedValue string `json:"suggestedValue,omitempty"` 2099 2100 // ForceSendFields is a list of field names (e.g. "AllValues") to 2101 // unconditionally include in API requests. By default, fields with 2102 // empty or default values are omitted from API requests. However, any 2103 // non-pointer, non-interface field appearing in ForceSendFields will be 2104 // sent to the server regardless of whether the field is empty or not. 2105 // This may be used to include empty fields in Patch requests. 2106 ForceSendFields []string `json:"-"` 2107 2108 // NullFields is a list of field names (e.g. "AllValues") to include in 2109 // API requests with the JSON null value. By default, fields with empty 2110 // values are omitted from API requests. However, any field with an 2111 // empty value appearing in NullFields will be sent to the server as 2112 // null. It is an error if a field in this list has a non-empty value. 2113 // This may be used to include null fields in Patch requests. 2114 NullFields []string `json:"-"` 2115} 2116 2117func (s *GoogleCloudOrgpolicyV1ListPolicy) MarshalJSON() ([]byte, error) { 2118 type NoMethod GoogleCloudOrgpolicyV1ListPolicy 2119 raw := NoMethod(*s) 2120 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2121} 2122 2123// GoogleCloudOrgpolicyV1Policy: Defines a Cloud Organization `Policy` 2124// which is used to specify `Constraints` for configurations of Cloud 2125// Platform resources. 2126type GoogleCloudOrgpolicyV1Policy struct { 2127 // BooleanPolicy: For boolean `Constraints`, whether to enforce the 2128 // `Constraint` or not. 2129 BooleanPolicy *GoogleCloudOrgpolicyV1BooleanPolicy `json:"booleanPolicy,omitempty"` 2130 2131 // Constraint: The name of the `Constraint` the `Policy` is configuring, 2132 // for example, `constraints/serviceuser.services`. A list of available 2133 // constraints 2134 // (/resource-manager/docs/organization-policy/org-policy-constraints) 2135 // is available. Immutable after creation. 2136 Constraint string `json:"constraint,omitempty"` 2137 2138 // Etag: An opaque tag indicating the current version of the `Policy`, 2139 // used for concurrency control. When the `Policy` is returned from 2140 // either a `GetPolicy` or a `ListOrgPolicy` request, this `etag` 2141 // indicates the version of the current `Policy` to use when executing a 2142 // read-modify-write loop. When the `Policy` is returned from a 2143 // `GetEffectivePolicy` request, the `etag` will be unset. When the 2144 // `Policy` is used in a `SetOrgPolicy` method, use the `etag` value 2145 // that was returned from a `GetOrgPolicy` request as part of a 2146 // read-modify-write loop for concurrency control. Not setting the 2147 // `etag`in a `SetOrgPolicy` request will result in an unconditional 2148 // write of the `Policy`. 2149 Etag string `json:"etag,omitempty"` 2150 2151 // ListPolicy: List of values either allowed or disallowed. 2152 ListPolicy *GoogleCloudOrgpolicyV1ListPolicy `json:"listPolicy,omitempty"` 2153 2154 // RestoreDefault: Restores the default behavior of the constraint; 2155 // independent of `Constraint` type. 2156 RestoreDefault *GoogleCloudOrgpolicyV1RestoreDefault `json:"restoreDefault,omitempty"` 2157 2158 // UpdateTime: The time stamp the `Policy` was previously updated. This 2159 // is set by the server, not specified by the caller, and represents the 2160 // last time a call to `SetOrgPolicy` was made for that `Policy`. Any 2161 // value set by the client will be ignored. 2162 UpdateTime string `json:"updateTime,omitempty"` 2163 2164 // Version: Version of the `Policy`. Default version is 0; 2165 Version int64 `json:"version,omitempty"` 2166 2167 // ForceSendFields is a list of field names (e.g. "BooleanPolicy") to 2168 // unconditionally include in API requests. By default, fields with 2169 // empty or default values are omitted from API requests. However, any 2170 // non-pointer, non-interface field appearing in ForceSendFields will be 2171 // sent to the server regardless of whether the field is empty or not. 2172 // This may be used to include empty fields in Patch requests. 2173 ForceSendFields []string `json:"-"` 2174 2175 // NullFields is a list of field names (e.g. "BooleanPolicy") to include 2176 // in API requests with the JSON null value. By default, fields with 2177 // empty values are omitted from API requests. However, any field with 2178 // an empty value appearing in NullFields will be sent to the server as 2179 // null. It is an error if a field in this list has a non-empty value. 2180 // This may be used to include null fields in Patch requests. 2181 NullFields []string `json:"-"` 2182} 2183 2184func (s *GoogleCloudOrgpolicyV1Policy) MarshalJSON() ([]byte, error) { 2185 type NoMethod GoogleCloudOrgpolicyV1Policy 2186 raw := NoMethod(*s) 2187 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2188} 2189 2190// GoogleCloudOrgpolicyV1RestoreDefault: Ignores policies set above this 2191// resource and restores the `constraint_default` enforcement behavior 2192// of the specific `Constraint` at this resource. Suppose that 2193// `constraint_default` is set to `ALLOW` for the `Constraint` 2194// `constraints/serviceuser.services`. Suppose that organization foo.com 2195// sets a `Policy` at their Organization resource node that restricts 2196// the allowed service activations to deny all service activations. They 2197// could then set a `Policy` with the `policy_type` `restore_default` on 2198// several experimental projects, restoring the `constraint_default` 2199// enforcement of the `Constraint` for only those projects, allowing 2200// those projects to have all services activated. 2201type GoogleCloudOrgpolicyV1RestoreDefault struct { 2202} 2203 2204// GoogleIdentityAccesscontextmanagerV1AccessLevel: An `AccessLevel` is 2205// a label that can be applied to requests to Google Cloud services, 2206// along with a list of requirements necessary for the label to be 2207// applied. 2208type GoogleIdentityAccesscontextmanagerV1AccessLevel struct { 2209 // Basic: A `BasicLevel` composed of `Conditions`. 2210 Basic *GoogleIdentityAccesscontextmanagerV1BasicLevel `json:"basic,omitempty"` 2211 2212 // Custom: A `CustomLevel` written in the Common Expression Language. 2213 Custom *GoogleIdentityAccesscontextmanagerV1CustomLevel `json:"custom,omitempty"` 2214 2215 // Description: Description of the `AccessLevel` and its use. Does not 2216 // affect behavior. 2217 Description string `json:"description,omitempty"` 2218 2219 // Name: Required. Resource name for the Access Level. The `short_name` 2220 // component must begin with a letter and only include alphanumeric and 2221 // '_'. Format: 2222 // `accessPolicies/{access_policy}/accessLevels/{access_level}`. The 2223 // maximum length of the `access_level` component is 50 characters. 2224 Name string `json:"name,omitempty"` 2225 2226 // Title: Human readable title. Must be unique within the Policy. 2227 Title string `json:"title,omitempty"` 2228 2229 // ForceSendFields is a list of field names (e.g. "Basic") to 2230 // unconditionally include in API requests. By default, fields with 2231 // empty or default values are omitted from API requests. However, any 2232 // non-pointer, non-interface field appearing in ForceSendFields will be 2233 // sent to the server regardless of whether the field is empty or not. 2234 // This may be used to include empty fields in Patch requests. 2235 ForceSendFields []string `json:"-"` 2236 2237 // NullFields is a list of field names (e.g. "Basic") to include in API 2238 // requests with the JSON null value. By default, fields with empty 2239 // values are omitted from API requests. However, any field with an 2240 // empty value appearing in NullFields will be sent to the server as 2241 // null. It is an error if a field in this list has a non-empty value. 2242 // This may be used to include null fields in Patch requests. 2243 NullFields []string `json:"-"` 2244} 2245 2246func (s *GoogleIdentityAccesscontextmanagerV1AccessLevel) MarshalJSON() ([]byte, error) { 2247 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessLevel 2248 raw := NoMethod(*s) 2249 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2250} 2251 2252// GoogleIdentityAccesscontextmanagerV1AccessPolicy: `AccessPolicy` is a 2253// container for `AccessLevels` (which define the necessary attributes 2254// to use Google Cloud services) and `ServicePerimeters` (which define 2255// regions of services able to freely pass data within a perimeter). An 2256// access policy is globally visible within an organization, and the 2257// restrictions it specifies apply to all projects within an 2258// organization. 2259type GoogleIdentityAccesscontextmanagerV1AccessPolicy struct { 2260 // Etag: Output only. An opaque identifier for the current version of 2261 // the `AccessPolicy`. This will always be a strongly validated etag, 2262 // meaning that two Access Polices will be identical if and only if 2263 // their etags are identical. Clients should not expect this to be in 2264 // any specific format. 2265 Etag string `json:"etag,omitempty"` 2266 2267 // Name: Output only. Resource name of the `AccessPolicy`. Format: 2268 // `accessPolicies/{access_policy}` 2269 Name string `json:"name,omitempty"` 2270 2271 // Parent: Required. The parent of this `AccessPolicy` in the Cloud 2272 // Resource Hierarchy. Currently immutable once created. Format: 2273 // `organizations/{organization_id}` 2274 Parent string `json:"parent,omitempty"` 2275 2276 // Title: Required. Human readable title. Does not affect behavior. 2277 Title string `json:"title,omitempty"` 2278 2279 // ForceSendFields is a list of field names (e.g. "Etag") to 2280 // unconditionally include in API requests. By default, fields with 2281 // empty or default values are omitted from API requests. However, any 2282 // non-pointer, non-interface field appearing in ForceSendFields will be 2283 // sent to the server regardless of whether the field is empty or not. 2284 // This may be used to include empty fields in Patch requests. 2285 ForceSendFields []string `json:"-"` 2286 2287 // NullFields is a list of field names (e.g. "Etag") to include in API 2288 // requests with the JSON null value. By default, fields with empty 2289 // values are omitted from API requests. However, any field with an 2290 // empty value appearing in NullFields will be sent to the server as 2291 // null. It is an error if a field in this list has a non-empty value. 2292 // This may be used to include null fields in Patch requests. 2293 NullFields []string `json:"-"` 2294} 2295 2296func (s *GoogleIdentityAccesscontextmanagerV1AccessPolicy) MarshalJSON() ([]byte, error) { 2297 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessPolicy 2298 raw := NoMethod(*s) 2299 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2300} 2301 2302// GoogleIdentityAccesscontextmanagerV1ApiOperation: Identification for 2303// an API Operation. 2304type GoogleIdentityAccesscontextmanagerV1ApiOperation struct { 2305 // MethodSelectors: API methods or permissions to allow. Method or 2306 // permission must belong to the service specified by `service_name` 2307 // field. A single MethodSelector entry with `*` specified for the 2308 // `method` field will allow all methods AND permissions for the service 2309 // specified in `service_name`. 2310 MethodSelectors []*GoogleIdentityAccesscontextmanagerV1MethodSelector `json:"methodSelectors,omitempty"` 2311 2312 // ServiceName: The name of the API whose methods or permissions the 2313 // IngressPolicy or EgressPolicy want to allow. A single ApiOperation 2314 // with `service_name` field set to `*` will allow all methods AND 2315 // permissions for all services. 2316 ServiceName string `json:"serviceName,omitempty"` 2317 2318 // ForceSendFields is a list of field names (e.g. "MethodSelectors") to 2319 // unconditionally include in API requests. By default, fields with 2320 // empty or default values are omitted from API requests. However, any 2321 // non-pointer, non-interface field appearing in ForceSendFields will be 2322 // sent to the server regardless of whether the field is empty or not. 2323 // This may be used to include empty fields in Patch requests. 2324 ForceSendFields []string `json:"-"` 2325 2326 // NullFields is a list of field names (e.g. "MethodSelectors") to 2327 // include in API requests with the JSON null value. By default, fields 2328 // with empty values are omitted from API requests. However, any field 2329 // with an empty value appearing in NullFields will be sent to the 2330 // server as null. It is an error if a field in this list has a 2331 // non-empty value. This may be used to include null fields in Patch 2332 // requests. 2333 NullFields []string `json:"-"` 2334} 2335 2336func (s *GoogleIdentityAccesscontextmanagerV1ApiOperation) MarshalJSON() ([]byte, error) { 2337 type NoMethod GoogleIdentityAccesscontextmanagerV1ApiOperation 2338 raw := NoMethod(*s) 2339 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2340} 2341 2342// GoogleIdentityAccesscontextmanagerV1BasicLevel: `BasicLevel` is an 2343// `AccessLevel` using a set of recommended features. 2344type GoogleIdentityAccesscontextmanagerV1BasicLevel struct { 2345 // CombiningFunction: How the `conditions` list should be combined to 2346 // determine if a request is granted this `AccessLevel`. If AND is used, 2347 // each `Condition` in `conditions` must be satisfied for the 2348 // `AccessLevel` to be applied. If OR is used, at least one `Condition` 2349 // in `conditions` must be satisfied for the `AccessLevel` to be 2350 // applied. Default behavior is AND. 2351 // 2352 // Possible values: 2353 // "AND" - All `Conditions` must be true for the `BasicLevel` to be 2354 // true. 2355 // "OR" - If at least one `Condition` is true, then the `BasicLevel` 2356 // is true. 2357 CombiningFunction string `json:"combiningFunction,omitempty"` 2358 2359 // Conditions: Required. A list of requirements for the `AccessLevel` to 2360 // be granted. 2361 Conditions []*GoogleIdentityAccesscontextmanagerV1Condition `json:"conditions,omitempty"` 2362 2363 // ForceSendFields is a list of field names (e.g. "CombiningFunction") 2364 // to unconditionally include in API requests. By default, fields with 2365 // empty or default values are omitted from API requests. However, any 2366 // non-pointer, non-interface field appearing in ForceSendFields will be 2367 // sent to the server regardless of whether the field is empty or not. 2368 // This may be used to include empty fields in Patch requests. 2369 ForceSendFields []string `json:"-"` 2370 2371 // NullFields is a list of field names (e.g. "CombiningFunction") to 2372 // include in API requests with the JSON null value. By default, fields 2373 // with empty values are omitted from API requests. However, any field 2374 // with an empty value appearing in NullFields will be sent to the 2375 // server as null. It is an error if a field in this list has a 2376 // non-empty value. This may be used to include null fields in Patch 2377 // requests. 2378 NullFields []string `json:"-"` 2379} 2380 2381func (s *GoogleIdentityAccesscontextmanagerV1BasicLevel) MarshalJSON() ([]byte, error) { 2382 type NoMethod GoogleIdentityAccesscontextmanagerV1BasicLevel 2383 raw := NoMethod(*s) 2384 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2385} 2386 2387// GoogleIdentityAccesscontextmanagerV1Condition: A condition necessary 2388// for an `AccessLevel` to be granted. The Condition is an AND over its 2389// fields. So a Condition is true if: 1) the request IP is from one of 2390// the listed subnetworks AND 2) the originating device complies with 2391// the listed device policy AND 3) all listed access levels are granted 2392// AND 4) the request was sent at a time allowed by the 2393// DateTimeRestriction. 2394type GoogleIdentityAccesscontextmanagerV1Condition struct { 2395 // DevicePolicy: Device specific restrictions, all restrictions must 2396 // hold for the Condition to be true. If not specified, all devices are 2397 // allowed. 2398 DevicePolicy *GoogleIdentityAccesscontextmanagerV1DevicePolicy `json:"devicePolicy,omitempty"` 2399 2400 // IpSubnetworks: CIDR block IP subnetwork specification. May be IPv4 or 2401 // IPv6. Note that for a CIDR IP address block, the specified IP address 2402 // portion must be properly truncated (i.e. all the host bits must be 2403 // zero) or the input is considered malformed. For example, 2404 // "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly, for 2405 // IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32" is not. 2406 // The originating IP of a request must be in one of the listed subnets 2407 // in order for this Condition to be true. If empty, all IP addresses 2408 // are allowed. 2409 IpSubnetworks []string `json:"ipSubnetworks,omitempty"` 2410 2411 // Members: The request must be made by one of the provided user or 2412 // service accounts. Groups are not supported. Syntax: `user:{emailid}` 2413 // `serviceAccount:{emailid}` If not specified, a request may come from 2414 // any user. 2415 Members []string `json:"members,omitempty"` 2416 2417 // Negate: Whether to negate the Condition. If true, the Condition 2418 // becomes a NAND over its non-empty fields, each field must be false 2419 // for the Condition overall to be satisfied. Defaults to false. 2420 Negate bool `json:"negate,omitempty"` 2421 2422 // Regions: The request must originate from one of the provided 2423 // countries/regions. Must be valid ISO 3166-1 alpha-2 codes. 2424 Regions []string `json:"regions,omitempty"` 2425 2426 // RequiredAccessLevels: A list of other access levels defined in the 2427 // same `Policy`, referenced by resource name. Referencing an 2428 // `AccessLevel` which does not exist is an error. All access levels 2429 // listed must be granted for the Condition to be true. Example: 2430 // "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME" 2431 RequiredAccessLevels []string `json:"requiredAccessLevels,omitempty"` 2432 2433 // ForceSendFields is a list of field names (e.g. "DevicePolicy") to 2434 // unconditionally include in API requests. By default, fields with 2435 // empty or default values are omitted from API requests. However, any 2436 // non-pointer, non-interface field appearing in ForceSendFields will be 2437 // sent to the server regardless of whether the field is empty or not. 2438 // This may be used to include empty fields in Patch requests. 2439 ForceSendFields []string `json:"-"` 2440 2441 // NullFields is a list of field names (e.g. "DevicePolicy") to include 2442 // in API requests with the JSON null value. By default, fields with 2443 // empty values are omitted from API requests. However, any field with 2444 // an empty value appearing in NullFields will be sent to the server as 2445 // null. It is an error if a field in this list has a non-empty value. 2446 // This may be used to include null fields in Patch requests. 2447 NullFields []string `json:"-"` 2448} 2449 2450func (s *GoogleIdentityAccesscontextmanagerV1Condition) MarshalJSON() ([]byte, error) { 2451 type NoMethod GoogleIdentityAccesscontextmanagerV1Condition 2452 raw := NoMethod(*s) 2453 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2454} 2455 2456// GoogleIdentityAccesscontextmanagerV1CustomLevel: `CustomLevel` is an 2457// `AccessLevel` using the Cloud Common Expression Language to represent 2458// the necessary conditions for the level to apply to a request. See CEL 2459// spec at: https://github.com/google/cel-spec 2460type GoogleIdentityAccesscontextmanagerV1CustomLevel struct { 2461 // Expr: Required. A Cloud CEL expression evaluating to a boolean. 2462 Expr *Expr `json:"expr,omitempty"` 2463 2464 // ForceSendFields is a list of field names (e.g. "Expr") to 2465 // unconditionally include in API requests. By default, fields with 2466 // empty or default values are omitted from API requests. However, any 2467 // non-pointer, non-interface field appearing in ForceSendFields will be 2468 // sent to the server regardless of whether the field is empty or not. 2469 // This may be used to include empty fields in Patch requests. 2470 ForceSendFields []string `json:"-"` 2471 2472 // NullFields is a list of field names (e.g. "Expr") to include in API 2473 // requests with the JSON null value. By default, fields with empty 2474 // values are omitted from API requests. However, any field with an 2475 // empty value appearing in NullFields will be sent to the server as 2476 // null. It is an error if a field in this list has a non-empty value. 2477 // This may be used to include null fields in Patch requests. 2478 NullFields []string `json:"-"` 2479} 2480 2481func (s *GoogleIdentityAccesscontextmanagerV1CustomLevel) MarshalJSON() ([]byte, error) { 2482 type NoMethod GoogleIdentityAccesscontextmanagerV1CustomLevel 2483 raw := NoMethod(*s) 2484 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2485} 2486 2487// GoogleIdentityAccesscontextmanagerV1DevicePolicy: `DevicePolicy` 2488// specifies device specific restrictions necessary to acquire a given 2489// access level. A `DevicePolicy` specifies requirements for requests 2490// from devices to be granted access levels, it does not do any 2491// enforcement on the device. `DevicePolicy` acts as an AND over all 2492// specified fields, and each repeated field is an OR over its elements. 2493// Any unset fields are ignored. For example, if the proto is { os_type 2494// : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: 2495// ENCRYPTED}, then the DevicePolicy will be true for requests 2496// originating from encrypted Linux desktops and encrypted Windows 2497// desktops. 2498type GoogleIdentityAccesscontextmanagerV1DevicePolicy struct { 2499 // AllowedDeviceManagementLevels: Allowed device management levels, an 2500 // empty list allows all management levels. 2501 // 2502 // Possible values: 2503 // "MANAGEMENT_UNSPECIFIED" - The device's management level is not 2504 // specified or not known. 2505 // "NONE" - The device is not managed. 2506 // "BASIC" - Basic management is enabled, which is generally limited 2507 // to monitoring and wiping the corporate account. 2508 // "COMPLETE" - Complete device management. This includes more 2509 // thorough monitoring and the ability to directly manage the device 2510 // (such as remote wiping). This can be enabled through the Android 2511 // Enterprise Platform. 2512 AllowedDeviceManagementLevels []string `json:"allowedDeviceManagementLevels,omitempty"` 2513 2514 // AllowedEncryptionStatuses: Allowed encryptions statuses, an empty 2515 // list allows all statuses. 2516 // 2517 // Possible values: 2518 // "ENCRYPTION_UNSPECIFIED" - The encryption status of the device is 2519 // not specified or not known. 2520 // "ENCRYPTION_UNSUPPORTED" - The device does not support encryption. 2521 // "UNENCRYPTED" - The device supports encryption, but is currently 2522 // unencrypted. 2523 // "ENCRYPTED" - The device is encrypted. 2524 AllowedEncryptionStatuses []string `json:"allowedEncryptionStatuses,omitempty"` 2525 2526 // OsConstraints: Allowed OS versions, an empty list allows all types 2527 // and all versions. 2528 OsConstraints []*GoogleIdentityAccesscontextmanagerV1OsConstraint `json:"osConstraints,omitempty"` 2529 2530 // RequireAdminApproval: Whether the device needs to be approved by the 2531 // customer admin. 2532 RequireAdminApproval bool `json:"requireAdminApproval,omitempty"` 2533 2534 // RequireCorpOwned: Whether the device needs to be corp owned. 2535 RequireCorpOwned bool `json:"requireCorpOwned,omitempty"` 2536 2537 // RequireScreenlock: Whether or not screenlock is required for the 2538 // DevicePolicy to be true. Defaults to `false`. 2539 RequireScreenlock bool `json:"requireScreenlock,omitempty"` 2540 2541 // ForceSendFields is a list of field names (e.g. 2542 // "AllowedDeviceManagementLevels") to unconditionally include in API 2543 // requests. By default, fields with empty or default values are omitted 2544 // from API requests. However, any non-pointer, non-interface field 2545 // appearing in ForceSendFields will be sent to the server regardless of 2546 // whether the field is empty or not. This may be used to include empty 2547 // fields in Patch requests. 2548 ForceSendFields []string `json:"-"` 2549 2550 // NullFields is a list of field names (e.g. 2551 // "AllowedDeviceManagementLevels") to include in API requests with the 2552 // JSON null value. By default, fields with empty values are omitted 2553 // from API requests. However, any field with an empty value appearing 2554 // in NullFields will be sent to the server as null. It is an error if a 2555 // field in this list has a non-empty value. This may be used to include 2556 // null fields in Patch requests. 2557 NullFields []string `json:"-"` 2558} 2559 2560func (s *GoogleIdentityAccesscontextmanagerV1DevicePolicy) MarshalJSON() ([]byte, error) { 2561 type NoMethod GoogleIdentityAccesscontextmanagerV1DevicePolicy 2562 raw := NoMethod(*s) 2563 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2564} 2565 2566// GoogleIdentityAccesscontextmanagerV1EgressFrom: Defines the 2567// conditions under which an EgressPolicy matches a request. Conditions 2568// based on information about the source of the request. Note that if 2569// the destination of the request is also protected by a 2570// ServicePerimeter, then that ServicePerimeter must have an 2571// IngressPolicy which allows access in order for this request to 2572// succeed. 2573type GoogleIdentityAccesscontextmanagerV1EgressFrom struct { 2574 // Identities: A list of identities that are allowed access through this 2575 // [EgressPolicy]. Should be in the format of email address. The email 2576 // address should represent individual user or service account only. 2577 Identities []string `json:"identities,omitempty"` 2578 2579 // IdentityType: Specifies the type of identities that are allowed 2580 // access to outside the perimeter. If left unspecified, then members of 2581 // `identities` field will be allowed access. 2582 // 2583 // Possible values: 2584 // "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified. 2585 // "ANY_IDENTITY" - Authorize access from all identities outside the 2586 // perimeter. 2587 // "ANY_USER_ACCOUNT" - Authorize access from all human users outside 2588 // the perimeter. 2589 // "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts 2590 // outside the perimeter. 2591 IdentityType string `json:"identityType,omitempty"` 2592 2593 // ForceSendFields is a list of field names (e.g. "Identities") to 2594 // unconditionally include in API requests. By default, fields with 2595 // empty or default values are omitted from API requests. However, any 2596 // non-pointer, non-interface field appearing in ForceSendFields will be 2597 // sent to the server regardless of whether the field is empty or not. 2598 // This may be used to include empty fields in Patch requests. 2599 ForceSendFields []string `json:"-"` 2600 2601 // NullFields is a list of field names (e.g. "Identities") to include in 2602 // API requests with the JSON null value. By default, fields with empty 2603 // values are omitted from API requests. However, any field with an 2604 // empty value appearing in NullFields will be sent to the server as 2605 // null. It is an error if a field in this list has a non-empty value. 2606 // This may be used to include null fields in Patch requests. 2607 NullFields []string `json:"-"` 2608} 2609 2610func (s *GoogleIdentityAccesscontextmanagerV1EgressFrom) MarshalJSON() ([]byte, error) { 2611 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressFrom 2612 raw := NoMethod(*s) 2613 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2614} 2615 2616// GoogleIdentityAccesscontextmanagerV1EgressPolicy: Policy for egress 2617// from perimeter. EgressPolicies match requests based on `egress_from` 2618// and `egress_to` stanzas. For an EgressPolicy to match, both 2619// `egress_from` and `egress_to` stanzas must be matched. If an 2620// EgressPolicy matches a request, the request is allowed to span the 2621// ServicePerimeter boundary. For example, an EgressPolicy can be used 2622// to allow VMs on networks within the ServicePerimeter to access a 2623// defined set of projects outside the perimeter in certain contexts 2624// (e.g. to read data from a Cloud Storage bucket or query against a 2625// BigQuery dataset). EgressPolicies are concerned with the *resources* 2626// that a request relates as well as the API services and API actions 2627// being used. They do not related to the direction of data movement. 2628// More detailed documentation for this concept can be found in the 2629// descriptions of EgressFrom and EgressTo. 2630type GoogleIdentityAccesscontextmanagerV1EgressPolicy struct { 2631 // EgressFrom: Defines conditions on the source of a request causing 2632 // this EgressPolicy to apply. 2633 EgressFrom *GoogleIdentityAccesscontextmanagerV1EgressFrom `json:"egressFrom,omitempty"` 2634 2635 // EgressTo: Defines the conditions on the ApiOperation and destination 2636 // resources that cause this EgressPolicy to apply. 2637 EgressTo *GoogleIdentityAccesscontextmanagerV1EgressTo `json:"egressTo,omitempty"` 2638 2639 // ForceSendFields is a list of field names (e.g. "EgressFrom") to 2640 // unconditionally include in API requests. By default, fields with 2641 // empty or default values are omitted from API requests. However, any 2642 // non-pointer, non-interface field appearing in ForceSendFields will be 2643 // sent to the server regardless of whether the field is empty or not. 2644 // This may be used to include empty fields in Patch requests. 2645 ForceSendFields []string `json:"-"` 2646 2647 // NullFields is a list of field names (e.g. "EgressFrom") to include in 2648 // API requests with the JSON null value. By default, fields with empty 2649 // values are omitted from API requests. However, any field with an 2650 // empty value appearing in NullFields will be sent to the server as 2651 // null. It is an error if a field in this list has a non-empty value. 2652 // This may be used to include null fields in Patch requests. 2653 NullFields []string `json:"-"` 2654} 2655 2656func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte, error) { 2657 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressPolicy 2658 raw := NoMethod(*s) 2659 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2660} 2661 2662// GoogleIdentityAccesscontextmanagerV1EgressTo: Defines the conditions 2663// under which an EgressPolicy matches a request. Conditions are based 2664// on information about the ApiOperation intended to be performed on the 2665// `resources` specified. Note that if the destination of the request is 2666// also protected by a ServicePerimeter, then that ServicePerimeter must 2667// have an IngressPolicy which allows access in order for this request 2668// to succeed. The request must match `operations` AND `resources` 2669// fields in order to be allowed egress out of the perimeter. 2670type GoogleIdentityAccesscontextmanagerV1EgressTo struct { 2671 // Operations: A list of ApiOperations allowed to be performed by the 2672 // sources specified in the corresponding EgressFrom. A request matches 2673 // if it uses an operation/service in this list. 2674 Operations []*GoogleIdentityAccesscontextmanagerV1ApiOperation `json:"operations,omitempty"` 2675 2676 // Resources: A list of resources, currently only projects in the form 2677 // `projects/`, that are allowed to be accessed by sources defined in 2678 // the corresponding EgressFrom. A request matches if it contains a 2679 // resource in this list. If `*` is specified for `resources`, then this 2680 // EgressTo rule will authorize access to all resources outside the 2681 // perimeter. 2682 Resources []string `json:"resources,omitempty"` 2683 2684 // ForceSendFields is a list of field names (e.g. "Operations") to 2685 // unconditionally include in API requests. By default, fields with 2686 // empty or default values are omitted from API requests. However, any 2687 // non-pointer, non-interface field appearing in ForceSendFields will be 2688 // sent to the server regardless of whether the field is empty or not. 2689 // This may be used to include empty fields in Patch requests. 2690 ForceSendFields []string `json:"-"` 2691 2692 // NullFields is a list of field names (e.g. "Operations") to include in 2693 // API requests with the JSON null value. By default, fields with empty 2694 // values are omitted from API requests. However, any field with an 2695 // empty value appearing in NullFields will be sent to the server as 2696 // null. It is an error if a field in this list has a non-empty value. 2697 // This may be used to include null fields in Patch requests. 2698 NullFields []string `json:"-"` 2699} 2700 2701func (s *GoogleIdentityAccesscontextmanagerV1EgressTo) MarshalJSON() ([]byte, error) { 2702 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressTo 2703 raw := NoMethod(*s) 2704 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2705} 2706 2707// GoogleIdentityAccesscontextmanagerV1IngressFrom: Defines the 2708// conditions under which an IngressPolicy matches a request. Conditions 2709// are based on information about the source of the request. The request 2710// must satisfy what is defined in `sources` AND identity related fields 2711// in order to match. 2712type GoogleIdentityAccesscontextmanagerV1IngressFrom struct { 2713 // Identities: A list of identities that are allowed access through this 2714 // ingress policy. Should be in the format of email address. The email 2715 // address should represent individual user or service account only. 2716 Identities []string `json:"identities,omitempty"` 2717 2718 // IdentityType: Specifies the type of identities that are allowed 2719 // access from outside the perimeter. If left unspecified, then members 2720 // of `identities` field will be allowed access. 2721 // 2722 // Possible values: 2723 // "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified. 2724 // "ANY_IDENTITY" - Authorize access from all identities outside the 2725 // perimeter. 2726 // "ANY_USER_ACCOUNT" - Authorize access from all human users outside 2727 // the perimeter. 2728 // "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts 2729 // outside the perimeter. 2730 IdentityType string `json:"identityType,omitempty"` 2731 2732 // Sources: Sources that this IngressPolicy authorizes access from. 2733 Sources []*GoogleIdentityAccesscontextmanagerV1IngressSource `json:"sources,omitempty"` 2734 2735 // ForceSendFields is a list of field names (e.g. "Identities") to 2736 // unconditionally include in API requests. By default, fields with 2737 // empty or default values are omitted from API requests. However, any 2738 // non-pointer, non-interface field appearing in ForceSendFields will be 2739 // sent to the server regardless of whether the field is empty or not. 2740 // This may be used to include empty fields in Patch requests. 2741 ForceSendFields []string `json:"-"` 2742 2743 // NullFields is a list of field names (e.g. "Identities") to include in 2744 // API requests with the JSON null value. By default, fields with empty 2745 // values are omitted from API requests. However, any field with an 2746 // empty value appearing in NullFields will be sent to the server as 2747 // null. It is an error if a field in this list has a non-empty value. 2748 // This may be used to include null fields in Patch requests. 2749 NullFields []string `json:"-"` 2750} 2751 2752func (s *GoogleIdentityAccesscontextmanagerV1IngressFrom) MarshalJSON() ([]byte, error) { 2753 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressFrom 2754 raw := NoMethod(*s) 2755 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2756} 2757 2758// GoogleIdentityAccesscontextmanagerV1IngressPolicy: Policy for ingress 2759// into ServicePerimeter. IngressPolicies match requests based on 2760// `ingress_from` and `ingress_to` stanzas. For an ingress policy to 2761// match, both the `ingress_from` and `ingress_to` stanzas must be 2762// matched. If an IngressPolicy matches a request, the request is 2763// allowed through the perimeter boundary from outside the perimeter. 2764// For example, access from the internet can be allowed either based on 2765// an AccessLevel or, for traffic hosted on Google Cloud, the project of 2766// the source network. For access from private networks, using the 2767// project of the hosting network is required. Individual ingress 2768// policies can be limited by restricting which services and/or actions 2769// they match using the `ingress_to` field. 2770type GoogleIdentityAccesscontextmanagerV1IngressPolicy struct { 2771 // IngressFrom: Defines the conditions on the source of a request 2772 // causing this IngressPolicy to apply. 2773 IngressFrom *GoogleIdentityAccesscontextmanagerV1IngressFrom `json:"ingressFrom,omitempty"` 2774 2775 // IngressTo: Defines the conditions on the ApiOperation and request 2776 // destination that cause this IngressPolicy to apply. 2777 IngressTo *GoogleIdentityAccesscontextmanagerV1IngressTo `json:"ingressTo,omitempty"` 2778 2779 // ForceSendFields is a list of field names (e.g. "IngressFrom") to 2780 // unconditionally include in API requests. By default, fields with 2781 // empty or default values are omitted from API requests. However, any 2782 // non-pointer, non-interface field appearing in ForceSendFields will be 2783 // sent to the server regardless of whether the field is empty or not. 2784 // This may be used to include empty fields in Patch requests. 2785 ForceSendFields []string `json:"-"` 2786 2787 // NullFields is a list of field names (e.g. "IngressFrom") to include 2788 // in API requests with the JSON null value. By default, fields with 2789 // empty values are omitted from API requests. However, any field with 2790 // an empty value appearing in NullFields will be sent to the server as 2791 // null. It is an error if a field in this list has a non-empty value. 2792 // This may be used to include null fields in Patch requests. 2793 NullFields []string `json:"-"` 2794} 2795 2796func (s *GoogleIdentityAccesscontextmanagerV1IngressPolicy) MarshalJSON() ([]byte, error) { 2797 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressPolicy 2798 raw := NoMethod(*s) 2799 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2800} 2801 2802// GoogleIdentityAccesscontextmanagerV1IngressSource: The source that 2803// IngressPolicy authorizes access from. 2804type GoogleIdentityAccesscontextmanagerV1IngressSource struct { 2805 // AccessLevel: An AccessLevel resource name that allow resources within 2806 // the ServicePerimeters to be accessed from the internet. AccessLevels 2807 // listed must be in the same policy as this ServicePerimeter. 2808 // Referencing a nonexistent AccessLevel will cause an error. If no 2809 // AccessLevel names are listed, resources within the perimeter can only 2810 // be accessed via Google Cloud calls with request origins within the 2811 // perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. 2812 // If a single `*` is specified for `access_level`, then all 2813 // IngressSources will be allowed. 2814 AccessLevel string `json:"accessLevel,omitempty"` 2815 2816 // Resource: A Google Cloud resource that is allowed to ingress the 2817 // perimeter. Requests from these resources will be allowed to access 2818 // perimeter data. Currently only projects are allowed. Format: 2819 // `projects/{project_number}` The project may be in any Google Cloud 2820 // organization, not just the organization that the perimeter is defined 2821 // in. `*` is not allowed, the case of allowing all Google Cloud 2822 // resources only is not supported. 2823 Resource string `json:"resource,omitempty"` 2824 2825 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 2826 // unconditionally include in API requests. By default, fields with 2827 // empty or default values are omitted from API requests. However, any 2828 // non-pointer, non-interface field appearing in ForceSendFields will be 2829 // sent to the server regardless of whether the field is empty or not. 2830 // This may be used to include empty fields in Patch requests. 2831 ForceSendFields []string `json:"-"` 2832 2833 // NullFields is a list of field names (e.g. "AccessLevel") to include 2834 // in API requests with the JSON null value. By default, fields with 2835 // empty values are omitted from API requests. However, any field with 2836 // an empty value appearing in NullFields will be sent to the server as 2837 // null. It is an error if a field in this list has a non-empty value. 2838 // This may be used to include null fields in Patch requests. 2839 NullFields []string `json:"-"` 2840} 2841 2842func (s *GoogleIdentityAccesscontextmanagerV1IngressSource) MarshalJSON() ([]byte, error) { 2843 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressSource 2844 raw := NoMethod(*s) 2845 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2846} 2847 2848// GoogleIdentityAccesscontextmanagerV1IngressTo: Defines the conditions 2849// under which an IngressPolicy matches a request. Conditions are based 2850// on information about the ApiOperation intended to be performed on the 2851// target resource of the request. The request must satisfy what is 2852// defined in `operations` AND `resources` in order to match. 2853type GoogleIdentityAccesscontextmanagerV1IngressTo struct { 2854 // Operations: A list of ApiOperations allowed to be performed by the 2855 // sources specified in corresponding IngressFrom in this 2856 // ServicePerimeter. 2857 Operations []*GoogleIdentityAccesscontextmanagerV1ApiOperation `json:"operations,omitempty"` 2858 2859 // Resources: A list of resources, currently only projects in the form 2860 // `projects/`, protected by this ServicePerimeter that are allowed to 2861 // be accessed by sources defined in the corresponding IngressFrom. If a 2862 // single `*` is specified, then access to all resources inside the 2863 // perimeter are allowed. 2864 Resources []string `json:"resources,omitempty"` 2865 2866 // ForceSendFields is a list of field names (e.g. "Operations") to 2867 // unconditionally include in API requests. By default, fields with 2868 // empty or default values are omitted from API requests. However, any 2869 // non-pointer, non-interface field appearing in ForceSendFields will be 2870 // sent to the server regardless of whether the field is empty or not. 2871 // This may be used to include empty fields in Patch requests. 2872 ForceSendFields []string `json:"-"` 2873 2874 // NullFields is a list of field names (e.g. "Operations") to include in 2875 // API requests with the JSON null value. By default, fields with empty 2876 // values are omitted from API requests. However, any field with an 2877 // empty value appearing in NullFields will be sent to the server as 2878 // null. It is an error if a field in this list has a non-empty value. 2879 // This may be used to include null fields in Patch requests. 2880 NullFields []string `json:"-"` 2881} 2882 2883func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, error) { 2884 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressTo 2885 raw := NoMethod(*s) 2886 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2887} 2888 2889// GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method 2890// or permission of a service specified in ApiOperation. 2891type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { 2892 // Method: Value for `method` should be a valid method name for the 2893 // corresponding `service_name` in ApiOperation. If `*` used as value 2894 // for `method`, then ALL methods and permissions are allowed. 2895 Method string `json:"method,omitempty"` 2896 2897 // Permission: Value for `permission` should be a valid Cloud IAM 2898 // permission for the corresponding `service_name` in ApiOperation. 2899 Permission string `json:"permission,omitempty"` 2900 2901 // ForceSendFields is a list of field names (e.g. "Method") to 2902 // unconditionally include in API requests. By default, fields with 2903 // empty or default values are omitted from API requests. However, any 2904 // non-pointer, non-interface field appearing in ForceSendFields will be 2905 // sent to the server regardless of whether the field is empty or not. 2906 // This may be used to include empty fields in Patch requests. 2907 ForceSendFields []string `json:"-"` 2908 2909 // NullFields is a list of field names (e.g. "Method") to include in API 2910 // requests with the JSON null value. By default, fields with empty 2911 // values are omitted from API requests. However, any field with an 2912 // empty value appearing in NullFields will be sent to the server as 2913 // null. It is an error if a field in this list has a non-empty value. 2914 // This may be used to include null fields in Patch requests. 2915 NullFields []string `json:"-"` 2916} 2917 2918func (s *GoogleIdentityAccesscontextmanagerV1MethodSelector) MarshalJSON() ([]byte, error) { 2919 type NoMethod GoogleIdentityAccesscontextmanagerV1MethodSelector 2920 raw := NoMethod(*s) 2921 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2922} 2923 2924// GoogleIdentityAccesscontextmanagerV1OsConstraint: A restriction on 2925// the OS type and version of devices making requests. 2926type GoogleIdentityAccesscontextmanagerV1OsConstraint struct { 2927 // MinimumVersion: The minimum allowed OS version. If not set, any 2928 // version of this OS satisfies the constraint. Format: 2929 // "major.minor.patch". Examples: "10.5.301", "9.2.1". 2930 MinimumVersion string `json:"minimumVersion,omitempty"` 2931 2932 // OsType: Required. The allowed OS type. 2933 // 2934 // Possible values: 2935 // "OS_UNSPECIFIED" - The operating system of the device is not 2936 // specified or not known. 2937 // "DESKTOP_MAC" - A desktop Mac operating system. 2938 // "DESKTOP_WINDOWS" - A desktop Windows operating system. 2939 // "DESKTOP_LINUX" - A desktop Linux operating system. 2940 // "DESKTOP_CHROME_OS" - A desktop ChromeOS operating system. 2941 // "ANDROID" - An Android operating system. 2942 // "IOS" - An iOS operating system. 2943 OsType string `json:"osType,omitempty"` 2944 2945 // RequireVerifiedChromeOs: Only allows requests from devices with a 2946 // verified Chrome OS. Verifications includes requirements that the 2947 // device is enterprise-managed, conformant to domain policies, and the 2948 // caller has permission to call the API targeted by the request. 2949 RequireVerifiedChromeOs bool `json:"requireVerifiedChromeOs,omitempty"` 2950 2951 // ForceSendFields is a list of field names (e.g. "MinimumVersion") to 2952 // unconditionally include in API requests. By default, fields with 2953 // empty or default values are omitted from API requests. However, any 2954 // non-pointer, non-interface field appearing in ForceSendFields will be 2955 // sent to the server regardless of whether the field is empty or not. 2956 // This may be used to include empty fields in Patch requests. 2957 ForceSendFields []string `json:"-"` 2958 2959 // NullFields is a list of field names (e.g. "MinimumVersion") to 2960 // include in API requests with the JSON null value. By default, fields 2961 // with empty values are omitted from API requests. However, any field 2962 // with an empty value appearing in NullFields will be sent to the 2963 // server as null. It is an error if a field in this list has a 2964 // non-empty value. This may be used to include null fields in Patch 2965 // requests. 2966 NullFields []string `json:"-"` 2967} 2968 2969func (s *GoogleIdentityAccesscontextmanagerV1OsConstraint) MarshalJSON() ([]byte, error) { 2970 type NoMethod GoogleIdentityAccesscontextmanagerV1OsConstraint 2971 raw := NoMethod(*s) 2972 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 2973} 2974 2975// GoogleIdentityAccesscontextmanagerV1ServicePerimeter: 2976// `ServicePerimeter` describes a set of Google Cloud resources which 2977// can freely import and export data amongst themselves, but not export 2978// outside of the `ServicePerimeter`. If a request with a source within 2979// this `ServicePerimeter` has a target outside of the 2980// `ServicePerimeter`, the request will be blocked. Otherwise the 2981// request is allowed. There are two types of Service Perimeter - 2982// Regular and Bridge. Regular Service Perimeters cannot overlap, a 2983// single Google Cloud project can only belong to a single regular 2984// Service Perimeter. Service Perimeter Bridges can contain only Google 2985// Cloud projects as members, a single Google Cloud project may belong 2986// to multiple Service Perimeter Bridges. 2987type GoogleIdentityAccesscontextmanagerV1ServicePerimeter struct { 2988 // Description: Description of the `ServicePerimeter` and its use. Does 2989 // not affect behavior. 2990 Description string `json:"description,omitempty"` 2991 2992 // Name: Required. Resource name for the ServicePerimeter. The 2993 // `short_name` component must begin with a letter and only include 2994 // alphanumeric and '_'. Format: 2995 // `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}` 2996 Name string `json:"name,omitempty"` 2997 2998 // PerimeterType: Perimeter type indicator. A single project is allowed 2999 // to be a member of single regular perimeter, but multiple service 3000 // perimeter bridges. A project cannot be a included in a perimeter 3001 // bridge without being included in regular perimeter. For perimeter 3002 // bridges, the restricted service list as well as access level lists 3003 // must be empty. 3004 // 3005 // Possible values: 3006 // "PERIMETER_TYPE_REGULAR" - Regular Perimeter. 3007 // "PERIMETER_TYPE_BRIDGE" - Perimeter Bridge. 3008 PerimeterType string `json:"perimeterType,omitempty"` 3009 3010 // Spec: Proposed (or dry run) ServicePerimeter configuration. This 3011 // configuration allows to specify and test ServicePerimeter 3012 // configuration without enforcing actual access restrictions. Only 3013 // allowed to be set when the "use_explicit_dry_run_spec" flag is set. 3014 Spec *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"spec,omitempty"` 3015 3016 // Status: Current ServicePerimeter configuration. Specifies sets of 3017 // resources, restricted services and access levels that determine 3018 // perimeter content and boundaries. 3019 Status *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"status,omitempty"` 3020 3021 // Title: Human readable title. Must be unique within the Policy. 3022 Title string `json:"title,omitempty"` 3023 3024 // UseExplicitDryRunSpec: Use explicit dry run spec flag. Ordinarily, a 3025 // dry-run spec implicitly exists for all Service Perimeters, and that 3026 // spec is identical to the status for those Service Perimeters. When 3027 // this flag is set, it inhibits the generation of the implicit spec, 3028 // thereby allowing the user to explicitly provide a configuration 3029 // ("spec") to use in a dry-run version of the Service Perimeter. This 3030 // allows the user to test changes to the enforced config ("status") 3031 // without actually enforcing them. This testing is done through 3032 // analyzing the differences between currently enforced and suggested 3033 // restrictions. use_explicit_dry_run_spec must bet set to True if any 3034 // of the fields in the spec are set to non-default values. 3035 UseExplicitDryRunSpec bool `json:"useExplicitDryRunSpec,omitempty"` 3036 3037 // ForceSendFields is a list of field names (e.g. "Description") to 3038 // unconditionally include in API requests. By default, fields with 3039 // empty or default values are omitted from API requests. However, any 3040 // non-pointer, non-interface field appearing in ForceSendFields will be 3041 // sent to the server regardless of whether the field is empty or not. 3042 // This may be used to include empty fields in Patch requests. 3043 ForceSendFields []string `json:"-"` 3044 3045 // NullFields is a list of field names (e.g. "Description") to include 3046 // in API requests with the JSON null value. By default, fields with 3047 // empty values are omitted from API requests. However, any field with 3048 // an empty value appearing in NullFields will be sent to the server as 3049 // null. It is an error if a field in this list has a non-empty value. 3050 // This may be used to include null fields in Patch requests. 3051 NullFields []string `json:"-"` 3052} 3053 3054func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeter) MarshalJSON() ([]byte, error) { 3055 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeter 3056 raw := NoMethod(*s) 3057 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3058} 3059 3060// GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig: 3061// `ServicePerimeterConfig` specifies a set of Google Cloud resources 3062// that describe specific Service Perimeter configuration. 3063type GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig struct { 3064 // AccessLevels: A list of `AccessLevel` resource names that allow 3065 // resources within the `ServicePerimeter` to be accessed from the 3066 // internet. `AccessLevels` listed must be in the same policy as this 3067 // `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a 3068 // syntax error. If no `AccessLevel` names are listed, resources within 3069 // the perimeter can only be accessed via Google Cloud calls with 3070 // request origins within the perimeter. Example: 3071 // "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service 3072 // Perimeter Bridge, must be empty. 3073 AccessLevels []string `json:"accessLevels,omitempty"` 3074 3075 // EgressPolicies: List of EgressPolicies to apply to the perimeter. A 3076 // perimeter may have multiple EgressPolicies, each of which is 3077 // evaluated separately. Access is granted if any EgressPolicy grants 3078 // it. Must be empty for a perimeter bridge. 3079 EgressPolicies []*GoogleIdentityAccesscontextmanagerV1EgressPolicy `json:"egressPolicies,omitempty"` 3080 3081 // IngressPolicies: List of IngressPolicies to apply to the perimeter. A 3082 // perimeter may have multiple IngressPolicies, each of which is 3083 // evaluated separately. Access is granted if any Ingress Policy grants 3084 // it. Must be empty for a perimeter bridge. 3085 IngressPolicies []*GoogleIdentityAccesscontextmanagerV1IngressPolicy `json:"ingressPolicies,omitempty"` 3086 3087 // Resources: A list of Google Cloud resources that are inside of the 3088 // service perimeter. Currently only projects are allowed. Format: 3089 // `projects/{project_number}` 3090 Resources []string `json:"resources,omitempty"` 3091 3092 // RestrictedServices: Google Cloud services that are subject to the 3093 // Service Perimeter restrictions. For example, if 3094 // `storage.googleapis.com` is specified, access to the storage buckets 3095 // inside the perimeter must meet the perimeter's access restrictions. 3096 RestrictedServices []string `json:"restrictedServices,omitempty"` 3097 3098 // VpcAccessibleServices: Configuration for APIs allowed within 3099 // Perimeter. 3100 VpcAccessibleServices *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices `json:"vpcAccessibleServices,omitempty"` 3101 3102 // ForceSendFields is a list of field names (e.g. "AccessLevels") to 3103 // unconditionally include in API requests. By default, fields with 3104 // empty or default values are omitted from API requests. However, any 3105 // non-pointer, non-interface field appearing in ForceSendFields will be 3106 // sent to the server regardless of whether the field is empty or not. 3107 // This may be used to include empty fields in Patch requests. 3108 ForceSendFields []string `json:"-"` 3109 3110 // NullFields is a list of field names (e.g. "AccessLevels") to include 3111 // in API requests with the JSON null value. By default, fields with 3112 // empty values are omitted from API requests. However, any field with 3113 // an empty value appearing in NullFields will be sent to the server as 3114 // null. It is an error if a field in this list has a non-empty value. 3115 // This may be used to include null fields in Patch requests. 3116 NullFields []string `json:"-"` 3117} 3118 3119func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig) MarshalJSON() ([]byte, error) { 3120 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig 3121 raw := NoMethod(*s) 3122 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3123} 3124 3125// GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices: Specifies 3126// how APIs are allowed to communicate within the Service Perimeter. 3127type GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices struct { 3128 // AllowedServices: The list of APIs usable within the Service 3129 // Perimeter. Must be empty unless 'enable_restriction' is True. You can 3130 // specify a list of individual services, as well as include the 3131 // 'RESTRICTED-SERVICES' value, which automatically includes all of the 3132 // services protected by the perimeter. 3133 AllowedServices []string `json:"allowedServices,omitempty"` 3134 3135 // EnableRestriction: Whether to restrict API calls within the Service 3136 // Perimeter to the list of APIs specified in 'allowed_services'. 3137 EnableRestriction bool `json:"enableRestriction,omitempty"` 3138 3139 // ForceSendFields is a list of field names (e.g. "AllowedServices") to 3140 // unconditionally include in API requests. By default, fields with 3141 // empty or default values are omitted from API requests. However, any 3142 // non-pointer, non-interface field appearing in ForceSendFields will be 3143 // sent to the server regardless of whether the field is empty or not. 3144 // This may be used to include empty fields in Patch requests. 3145 ForceSendFields []string `json:"-"` 3146 3147 // NullFields is a list of field names (e.g. "AllowedServices") to 3148 // include in API requests with the JSON null value. By default, fields 3149 // with empty values are omitted from API requests. However, any field 3150 // with an empty value appearing in NullFields will be sent to the 3151 // server as null. It is an error if a field in this list has a 3152 // non-empty value. This may be used to include null fields in Patch 3153 // requests. 3154 NullFields []string `json:"-"` 3155} 3156 3157func (s *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices) MarshalJSON() ([]byte, error) { 3158 type NoMethod GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices 3159 raw := NoMethod(*s) 3160 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3161} 3162 3163// IamPolicyAnalysis: An analysis message to group the query and 3164// results. 3165type IamPolicyAnalysis struct { 3166 // AnalysisQuery: The analysis query. 3167 AnalysisQuery *IamPolicyAnalysisQuery `json:"analysisQuery,omitempty"` 3168 3169 // AnalysisResults: A list of IamPolicyAnalysisResult that matches the 3170 // analysis query, or empty if no result is found. 3171 AnalysisResults []*IamPolicyAnalysisResult `json:"analysisResults,omitempty"` 3172 3173 // FullyExplored: Represents whether all entries in the analysis_results 3174 // have been fully explored to answer the query. 3175 FullyExplored bool `json:"fullyExplored,omitempty"` 3176 3177 // NonCriticalErrors: A list of non-critical errors happened during the 3178 // query handling. 3179 NonCriticalErrors []*IamPolicyAnalysisState `json:"nonCriticalErrors,omitempty"` 3180 3181 // ForceSendFields is a list of field names (e.g. "AnalysisQuery") to 3182 // unconditionally include in API requests. By default, fields with 3183 // empty or default values are omitted from API requests. However, any 3184 // non-pointer, non-interface field appearing in ForceSendFields will be 3185 // sent to the server regardless of whether the field is empty or not. 3186 // This may be used to include empty fields in Patch requests. 3187 ForceSendFields []string `json:"-"` 3188 3189 // NullFields is a list of field names (e.g. "AnalysisQuery") to include 3190 // in API requests with the JSON null value. By default, fields with 3191 // empty values are omitted from API requests. However, any field with 3192 // an empty value appearing in NullFields will be sent to the server as 3193 // null. It is an error if a field in this list has a non-empty value. 3194 // This may be used to include null fields in Patch requests. 3195 NullFields []string `json:"-"` 3196} 3197 3198func (s *IamPolicyAnalysis) MarshalJSON() ([]byte, error) { 3199 type NoMethod IamPolicyAnalysis 3200 raw := NoMethod(*s) 3201 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3202} 3203 3204// IamPolicyAnalysisOutputConfig: Output configuration for export IAM 3205// policy analysis destination. 3206type IamPolicyAnalysisOutputConfig struct { 3207 // BigqueryDestination: Destination on BigQuery. 3208 BigqueryDestination *GoogleCloudAssetV1BigQueryDestination `json:"bigqueryDestination,omitempty"` 3209 3210 // GcsDestination: Destination on Cloud Storage. 3211 GcsDestination *GoogleCloudAssetV1GcsDestination `json:"gcsDestination,omitempty"` 3212 3213 // ForceSendFields is a list of field names (e.g. "BigqueryDestination") 3214 // to unconditionally include in API requests. By default, fields with 3215 // empty or default values are omitted from API requests. However, any 3216 // non-pointer, non-interface field appearing in ForceSendFields will be 3217 // sent to the server regardless of whether the field is empty or not. 3218 // This may be used to include empty fields in Patch requests. 3219 ForceSendFields []string `json:"-"` 3220 3221 // NullFields is a list of field names (e.g. "BigqueryDestination") to 3222 // include in API requests with the JSON null value. By default, fields 3223 // with empty values are omitted from API requests. However, any field 3224 // with an empty value appearing in NullFields will be sent to the 3225 // server as null. It is an error if a field in this list has a 3226 // non-empty value. This may be used to include null fields in Patch 3227 // requests. 3228 NullFields []string `json:"-"` 3229} 3230 3231func (s *IamPolicyAnalysisOutputConfig) MarshalJSON() ([]byte, error) { 3232 type NoMethod IamPolicyAnalysisOutputConfig 3233 raw := NoMethod(*s) 3234 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3235} 3236 3237// IamPolicyAnalysisQuery: ## IAM policy analysis query message. 3238type IamPolicyAnalysisQuery struct { 3239 // AccessSelector: Optional. Specifies roles or permissions for 3240 // analysis. This is optional. 3241 AccessSelector *AccessSelector `json:"accessSelector,omitempty"` 3242 3243 // ConditionContext: Optional. The hypothetical context for IAM 3244 // conditions evaluation. 3245 ConditionContext *ConditionContext `json:"conditionContext,omitempty"` 3246 3247 // IdentitySelector: Optional. Specifies an identity for analysis. 3248 IdentitySelector *IdentitySelector `json:"identitySelector,omitempty"` 3249 3250 // Options: Optional. The query options. 3251 Options *Options `json:"options,omitempty"` 3252 3253 // ResourceSelector: Optional. Specifies a resource for analysis. 3254 ResourceSelector *ResourceSelector `json:"resourceSelector,omitempty"` 3255 3256 // Scope: Required. The relative name of the root asset. Only resources 3257 // and IAM policies within the scope will be analyzed. This can only be 3258 // an organization number (such as "organizations/123"), a folder number 3259 // (such as "folders/123"), a project ID (such as 3260 // "projects/my-project-id"), or a project number (such as 3261 // "projects/12345"). To know how to get organization id, visit here 3262 // (https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). 3263 // To know how to get folder or project id, visit here 3264 // (https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). 3265 Scope string `json:"scope,omitempty"` 3266 3267 // ForceSendFields is a list of field names (e.g. "AccessSelector") to 3268 // unconditionally include in API requests. By default, fields with 3269 // empty or default values are omitted from API requests. However, any 3270 // non-pointer, non-interface field appearing in ForceSendFields will be 3271 // sent to the server regardless of whether the field is empty or not. 3272 // This may be used to include empty fields in Patch requests. 3273 ForceSendFields []string `json:"-"` 3274 3275 // NullFields is a list of field names (e.g. "AccessSelector") to 3276 // include in API requests with the JSON null value. By default, fields 3277 // with empty values are omitted from API requests. However, any field 3278 // with an empty value appearing in NullFields will be sent to the 3279 // server as null. It is an error if a field in this list has a 3280 // non-empty value. This may be used to include null fields in Patch 3281 // requests. 3282 NullFields []string `json:"-"` 3283} 3284 3285func (s *IamPolicyAnalysisQuery) MarshalJSON() ([]byte, error) { 3286 type NoMethod IamPolicyAnalysisQuery 3287 raw := NoMethod(*s) 3288 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3289} 3290 3291// IamPolicyAnalysisResult: IAM Policy analysis result, consisting of 3292// one IAM policy binding and derived access control lists. 3293type IamPolicyAnalysisResult struct { 3294 // AccessControlLists: The access control lists derived from the 3295 // iam_binding that match or potentially match resource and access 3296 // selectors specified in the request. 3297 AccessControlLists []*GoogleCloudAssetV1AccessControlList `json:"accessControlLists,omitempty"` 3298 3299 // AttachedResourceFullName: The full resource name 3300 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) 3301 // of the resource to which the iam_binding policy attaches. 3302 AttachedResourceFullName string `json:"attachedResourceFullName,omitempty"` 3303 3304 // FullyExplored: Represents whether all analyses on the iam_binding 3305 // have successfully finished. 3306 FullyExplored bool `json:"fullyExplored,omitempty"` 3307 3308 // IamBinding: The Cloud IAM policy binding under analysis. 3309 IamBinding *Binding `json:"iamBinding,omitempty"` 3310 3311 // IdentityList: The identity list derived from members of the 3312 // iam_binding that match or potentially match identity selector 3313 // specified in the request. 3314 IdentityList *GoogleCloudAssetV1IdentityList `json:"identityList,omitempty"` 3315 3316 // ForceSendFields is a list of field names (e.g. "AccessControlLists") 3317 // to unconditionally include in API requests. By default, fields with 3318 // empty or default values are omitted from API requests. However, any 3319 // non-pointer, non-interface field appearing in ForceSendFields will be 3320 // sent to the server regardless of whether the field is empty or not. 3321 // This may be used to include empty fields in Patch requests. 3322 ForceSendFields []string `json:"-"` 3323 3324 // NullFields is a list of field names (e.g. "AccessControlLists") to 3325 // include in API requests with the JSON null value. By default, fields 3326 // with empty values are omitted from API requests. However, any field 3327 // with an empty value appearing in NullFields will be sent to the 3328 // server as null. It is an error if a field in this list has a 3329 // non-empty value. This may be used to include null fields in Patch 3330 // requests. 3331 NullFields []string `json:"-"` 3332} 3333 3334func (s *IamPolicyAnalysisResult) MarshalJSON() ([]byte, error) { 3335 type NoMethod IamPolicyAnalysisResult 3336 raw := NoMethod(*s) 3337 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3338} 3339 3340// IamPolicyAnalysisState: Represents the detailed state of an entity 3341// under analysis, such as a resource, an identity or an access. 3342type IamPolicyAnalysisState struct { 3343 // Cause: The human-readable description of the cause of failure. 3344 Cause string `json:"cause,omitempty"` 3345 3346 // Code: The Google standard error code that best describes the state. 3347 // For example: - OK means the analysis on this entity has been 3348 // successfully finished; - PERMISSION_DENIED means an access denied 3349 // error is encountered; - DEADLINE_EXCEEDED means the analysis on this 3350 // entity hasn't been started in time; 3351 // 3352 // Possible values: 3353 // "OK" - Not an error; returned on success HTTP Mapping: 200 OK 3354 // "CANCELLED" - The operation was cancelled, typically by the caller. 3355 // HTTP Mapping: 499 Client Closed Request 3356 // "UNKNOWN" - Unknown error. For example, this error may be returned 3357 // when a `Status` value received from another address space belongs to 3358 // an error space that is not known in this address space. Also errors 3359 // raised by APIs that do not return enough error information may be 3360 // converted to this error. HTTP Mapping: 500 Internal Server Error 3361 // "INVALID_ARGUMENT" - The client specified an invalid argument. Note 3362 // that this differs from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` 3363 // indicates arguments that are problematic regardless of the state of 3364 // the system (e.g., a malformed file name). HTTP Mapping: 400 Bad 3365 // Request 3366 // "DEADLINE_EXCEEDED" - The deadline expired before the operation 3367 // could complete. For operations that change the state of the system, 3368 // this error may be returned even if the operation has completed 3369 // successfully. For example, a successful response from a server could 3370 // have been delayed long enough for the deadline to expire. HTTP 3371 // Mapping: 504 Gateway Timeout 3372 // "NOT_FOUND" - Some requested entity (e.g., file or directory) was 3373 // not found. Note to server developers: if a request is denied for an 3374 // entire class of users, such as gradual feature rollout or 3375 // undocumented allowlist, `NOT_FOUND` may be used. If a request is 3376 // denied for some users within a class of users, such as user-based 3377 // access control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 3378 // Not Found 3379 // "ALREADY_EXISTS" - The entity that a client attempted to create 3380 // (e.g., file or directory) already exists. HTTP Mapping: 409 Conflict 3381 // "PERMISSION_DENIED" - The caller does not have permission to 3382 // execute the specified operation. `PERMISSION_DENIED` must not be used 3383 // for rejections caused by exhausting some resource (use 3384 // `RESOURCE_EXHAUSTED` instead for those errors). `PERMISSION_DENIED` 3385 // must not be used if the caller can not be identified (use 3386 // `UNAUTHENTICATED` instead for those errors). This error code does not 3387 // imply the request is valid or the requested entity exists or 3388 // satisfies other pre-conditions. HTTP Mapping: 403 Forbidden 3389 // "UNAUTHENTICATED" - The request does not have valid authentication 3390 // credentials for the operation. HTTP Mapping: 401 Unauthorized 3391 // "RESOURCE_EXHAUSTED" - Some resource has been exhausted, perhaps a 3392 // per-user quota, or perhaps the entire file system is out of space. 3393 // HTTP Mapping: 429 Too Many Requests 3394 // "FAILED_PRECONDITION" - The operation was rejected because the 3395 // system is not in a state required for the operation's execution. For 3396 // example, the directory to be deleted is non-empty, an rmdir operation 3397 // is applied to a non-directory, etc. Service implementors can use the 3398 // following guidelines to decide between `FAILED_PRECONDITION`, 3399 // `ABORTED`, and `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can 3400 // retry just the failing call. (b) Use `ABORTED` if the client should 3401 // retry at a higher level. For example, when a client-specified 3402 // test-and-set fails, indicating the client should restart a 3403 // read-modify-write sequence. (c) Use `FAILED_PRECONDITION` if the 3404 // client should not retry until the system state has been explicitly 3405 // fixed. For example, if an "rmdir" fails because the directory is 3406 // non-empty, `FAILED_PRECONDITION` should be returned since the client 3407 // should not retry unless the files are deleted from the directory. 3408 // HTTP Mapping: 400 Bad Request 3409 // "ABORTED" - The operation was aborted, typically due to a 3410 // concurrency issue such as a sequencer check failure or transaction 3411 // abort. See the guidelines above for deciding between 3412 // `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 3413 // 409 Conflict 3414 // "OUT_OF_RANGE" - The operation was attempted past the valid range. 3415 // E.g., seeking or reading past end-of-file. Unlike `INVALID_ARGUMENT`, 3416 // this error indicates a problem that may be fixed if the system state 3417 // changes. For example, a 32-bit file system will generate 3418 // `INVALID_ARGUMENT` if asked to read at an offset that is not in the 3419 // range [0,2^32-1], but it will generate `OUT_OF_RANGE` if asked to 3420 // read from an offset past the current file size. There is a fair bit 3421 // of overlap between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We 3422 // recommend using `OUT_OF_RANGE` (the more specific error) when it 3423 // applies so that callers who are iterating through a space can easily 3424 // look for an `OUT_OF_RANGE` error to detect when they are done. HTTP 3425 // Mapping: 400 Bad Request 3426 // "UNIMPLEMENTED" - The operation is not implemented or is not 3427 // supported/enabled in this service. HTTP Mapping: 501 Not Implemented 3428 // "INTERNAL" - Internal errors. This means that some invariants 3429 // expected by the underlying system have been broken. This error code 3430 // is reserved for serious errors. HTTP Mapping: 500 Internal Server 3431 // Error 3432 // "UNAVAILABLE" - The service is currently unavailable. This is most 3433 // likely a transient condition, which can be corrected by retrying with 3434 // a backoff. Note that it is not always safe to retry non-idempotent 3435 // operations. See the guidelines above for deciding between 3436 // `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 3437 // 503 Service Unavailable 3438 // "DATA_LOSS" - Unrecoverable data loss or corruption. HTTP Mapping: 3439 // 500 Internal Server Error 3440 Code string `json:"code,omitempty"` 3441 3442 // ForceSendFields is a list of field names (e.g. "Cause") to 3443 // unconditionally include in API requests. By default, fields with 3444 // empty or default values are omitted from API requests. However, any 3445 // non-pointer, non-interface field appearing in ForceSendFields will be 3446 // sent to the server regardless of whether the field is empty or not. 3447 // This may be used to include empty fields in Patch requests. 3448 ForceSendFields []string `json:"-"` 3449 3450 // NullFields is a list of field names (e.g. "Cause") to include in API 3451 // requests with the JSON null value. By default, fields with empty 3452 // values are omitted from API requests. However, any field with an 3453 // empty value appearing in NullFields will be sent to the server as 3454 // null. It is an error if a field in this list has a non-empty value. 3455 // This may be used to include null fields in Patch requests. 3456 NullFields []string `json:"-"` 3457} 3458 3459func (s *IamPolicyAnalysisState) MarshalJSON() ([]byte, error) { 3460 type NoMethod IamPolicyAnalysisState 3461 raw := NoMethod(*s) 3462 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3463} 3464 3465// IamPolicySearchResult: A result of IAM Policy search, containing 3466// information of an IAM policy. 3467type IamPolicySearchResult struct { 3468 // AssetType: The type of the resource associated with this IAM policy. 3469 // Example: `compute.googleapis.com/Disk`. To search against the 3470 // `asset_type`: * specify the `asset_types` field in your search 3471 // request. 3472 AssetType string `json:"assetType,omitempty"` 3473 3474 // Explanation: Explanation about the IAM policy search result. It 3475 // contains additional information to explain why the search result 3476 // matches the query. 3477 Explanation *Explanation `json:"explanation,omitempty"` 3478 3479 // Folders: The folder(s) that the IAM policy belongs to, in the form of 3480 // folders/{FOLDER_NUMBER}. This field is available when the IAM policy 3481 // belongs to one or more folders. To search against `folders`: * use a 3482 // field query. Example: `folders:(123 OR 456)` * use a free text query. 3483 // Example: `123` * specify the `scope` field as this folder in your 3484 // search request. 3485 Folders []string `json:"folders,omitempty"` 3486 3487 // Organization: The organization that the IAM policy belongs to, in the 3488 // form of organizations/{ORGANIZATION_NUMBER}. This field is available 3489 // when the IAM policy belongs to an organization. To search against 3490 // `organization`: * use a field query. Example: `organization:123` * 3491 // use a free text query. Example: `123` * specify the `scope` field as 3492 // this organization in your search request. 3493 Organization string `json:"organization,omitempty"` 3494 3495 // Policy: The IAM policy directly set on the given resource. Note that 3496 // the original IAM policy can contain multiple bindings. This only 3497 // contains the bindings that match the given query. For queries that 3498 // don't contain a constrain on policies (e.g., an empty query), this 3499 // contains all the bindings. To search against the `policy` bindings: * 3500 // use a field query: - query by the policy contained members. Example: 3501 // `policy:amy@gmail.com` - query by the policy contained roles. 3502 // Example: `policy:roles/compute.admin` - query by the policy contained 3503 // roles' included permissions. Example: 3504 // `policy.role.permissions:compute.instances.create` 3505 Policy *Policy `json:"policy,omitempty"` 3506 3507 // Project: The project that the associated GCP resource belongs to, in 3508 // the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a 3509 // resource (like VM instance, Cloud Storage bucket), the project field 3510 // will indicate the project that contains the resource. If an IAM 3511 // policy is set on a folder or orgnization, this field will be empty. 3512 // To search against the `project`: * specify the `scope` field as this 3513 // project in your search request. 3514 Project string `json:"project,omitempty"` 3515 3516 // Resource: The full resource name of the resource associated with this 3517 // IAM policy. Example: 3518 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 3519 // s/instance1`. See Cloud Asset Inventory Resource Name Format 3520 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) 3521 // for more information. To search against the `resource`: * use a field 3522 // query. Example: `resource:organizations/123` 3523 Resource string `json:"resource,omitempty"` 3524 3525 // ForceSendFields is a list of field names (e.g. "AssetType") to 3526 // unconditionally include in API requests. By default, fields with 3527 // empty or default values are omitted from API requests. However, any 3528 // non-pointer, non-interface field appearing in ForceSendFields will be 3529 // sent to the server regardless of whether the field is empty or not. 3530 // This may be used to include empty fields in Patch requests. 3531 ForceSendFields []string `json:"-"` 3532 3533 // NullFields is a list of field names (e.g. "AssetType") to include in 3534 // API requests with the JSON null value. By default, fields with empty 3535 // values are omitted from API requests. However, any field with an 3536 // empty value appearing in NullFields will be sent to the server as 3537 // null. It is an error if a field in this list has a non-empty value. 3538 // This may be used to include null fields in Patch requests. 3539 NullFields []string `json:"-"` 3540} 3541 3542func (s *IamPolicySearchResult) MarshalJSON() ([]byte, error) { 3543 type NoMethod IamPolicySearchResult 3544 raw := NoMethod(*s) 3545 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3546} 3547 3548// IdentitySelector: Specifies an identity for which to determine 3549// resource access, based on roles assigned either directly to them or 3550// to the groups they belong to, directly or indirectly. 3551type IdentitySelector struct { 3552 // Identity: Required. The identity appear in the form of members in IAM 3553 // policy binding 3554 // (https://cloud.google.com/iam/reference/rest/v1/Binding). The 3555 // examples of supported forms are: "user:mike@example.com", 3556 // "group:admins@example.com", "domain:google.com", 3557 // "serviceAccount:my-project-id@appspot.gserviceaccount.com". Notice 3558 // that wildcard characters (such as * and ?) are not supported. You 3559 // must give a specific identity. 3560 Identity string `json:"identity,omitempty"` 3561 3562 // ForceSendFields is a list of field names (e.g. "Identity") to 3563 // unconditionally include in API requests. By default, fields with 3564 // empty or default values are omitted from API requests. However, any 3565 // non-pointer, non-interface field appearing in ForceSendFields will be 3566 // sent to the server regardless of whether the field is empty or not. 3567 // This may be used to include empty fields in Patch requests. 3568 ForceSendFields []string `json:"-"` 3569 3570 // NullFields is a list of field names (e.g. "Identity") to include in 3571 // API requests with the JSON null value. By default, fields with empty 3572 // values are omitted from API requests. However, any field with an 3573 // empty value appearing in NullFields will be sent to the server as 3574 // null. It is an error if a field in this list has a non-empty value. 3575 // This may be used to include null fields in Patch requests. 3576 NullFields []string `json:"-"` 3577} 3578 3579func (s *IdentitySelector) MarshalJSON() ([]byte, error) { 3580 type NoMethod IdentitySelector 3581 raw := NoMethod(*s) 3582 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3583} 3584 3585// Inventory: This API resource represents the available inventory data 3586// for a Compute Engine virtual machine (VM) instance at a given point 3587// in time. You can use this API resource to determine the inventory 3588// data of your VM. For more information, see Information provided by OS 3589// inventory management 3590// (https://cloud.google.com/compute/docs/instances/os-inventory-management#data-collected). 3591type Inventory struct { 3592 // Items: Inventory items related to the VM keyed by an opaque unique 3593 // identifier for each inventory item. The identifier is unique to each 3594 // distinct and addressable inventory item and will change, when there 3595 // is a new package version. 3596 Items map[string]Item `json:"items,omitempty"` 3597 3598 // Name: Output only. The `Inventory` API resource name. Format: 3599 // `projects/{project_number}/locations/{location}/instances/{instance_id 3600 // }/inventory` 3601 Name string `json:"name,omitempty"` 3602 3603 // OsInfo: Base level operating system information for the VM. 3604 OsInfo *OsInfo `json:"osInfo,omitempty"` 3605 3606 // UpdateTime: Output only. Timestamp of the last reported inventory for 3607 // the VM. 3608 UpdateTime string `json:"updateTime,omitempty"` 3609 3610 // ForceSendFields is a list of field names (e.g. "Items") to 3611 // unconditionally include in API requests. By default, fields with 3612 // empty or default values are omitted from API requests. However, any 3613 // non-pointer, non-interface field appearing in ForceSendFields will be 3614 // sent to the server regardless of whether the field is empty or not. 3615 // This may be used to include empty fields in Patch requests. 3616 ForceSendFields []string `json:"-"` 3617 3618 // NullFields is a list of field names (e.g. "Items") to include in API 3619 // requests with the JSON null value. By default, fields with empty 3620 // values are omitted from API requests. However, any field with an 3621 // empty value appearing in NullFields will be sent to the server as 3622 // null. It is an error if a field in this list has a non-empty value. 3623 // This may be used to include null fields in Patch requests. 3624 NullFields []string `json:"-"` 3625} 3626 3627func (s *Inventory) MarshalJSON() ([]byte, error) { 3628 type NoMethod Inventory 3629 raw := NoMethod(*s) 3630 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3631} 3632 3633// Item: A single piece of inventory on a VM. 3634type Item struct { 3635 // AvailablePackage: Software package available to be installed on the 3636 // VM instance. 3637 AvailablePackage *SoftwarePackage `json:"availablePackage,omitempty"` 3638 3639 // CreateTime: When this inventory item was first detected. 3640 CreateTime string `json:"createTime,omitempty"` 3641 3642 // Id: Identifier for this item, unique across items for this VM. 3643 Id string `json:"id,omitempty"` 3644 3645 // InstalledPackage: Software package present on the VM instance. 3646 InstalledPackage *SoftwarePackage `json:"installedPackage,omitempty"` 3647 3648 // OriginType: The origin of this inventory item. 3649 // 3650 // Possible values: 3651 // "ORIGIN_TYPE_UNSPECIFIED" - Invalid. An origin type must be 3652 // specified. 3653 // "INVENTORY_REPORT" - This inventory item was discovered as the 3654 // result of the agent reporting inventory via the reporting API. 3655 OriginType string `json:"originType,omitempty"` 3656 3657 // Type: The specific type of inventory, correlating to its specific 3658 // details. 3659 // 3660 // Possible values: 3661 // "TYPE_UNSPECIFIED" - Invalid. An type must be specified. 3662 // "INSTALLED_PACKAGE" - This represents a package that is installed 3663 // on the VM. 3664 // "AVAILABLE_PACKAGE" - This represents an update that is available 3665 // for a package. 3666 Type string `json:"type,omitempty"` 3667 3668 // UpdateTime: When this inventory item was last modified. 3669 UpdateTime string `json:"updateTime,omitempty"` 3670 3671 // ForceSendFields is a list of field names (e.g. "AvailablePackage") to 3672 // unconditionally include in API requests. By default, fields with 3673 // empty or default values are omitted from API requests. However, any 3674 // non-pointer, non-interface field appearing in ForceSendFields will be 3675 // sent to the server regardless of whether the field is empty or not. 3676 // This may be used to include empty fields in Patch requests. 3677 ForceSendFields []string `json:"-"` 3678 3679 // NullFields is a list of field names (e.g. "AvailablePackage") to 3680 // include in API requests with the JSON null value. By default, fields 3681 // with empty values are omitted from API requests. However, any field 3682 // with an empty value appearing in NullFields will be sent to the 3683 // server as null. It is an error if a field in this list has a 3684 // non-empty value. This may be used to include null fields in Patch 3685 // requests. 3686 NullFields []string `json:"-"` 3687} 3688 3689func (s *Item) MarshalJSON() ([]byte, error) { 3690 type NoMethod Item 3691 raw := NoMethod(*s) 3692 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3693} 3694 3695// ListAssetsResponse: ListAssets response. 3696type ListAssetsResponse struct { 3697 // Assets: Assets. 3698 Assets []*Asset `json:"assets,omitempty"` 3699 3700 // NextPageToken: Token to retrieve the next page of results. It expires 3701 // 72 hours after the page token for the first page is generated. Set to 3702 // empty if there are no remaining results. 3703 NextPageToken string `json:"nextPageToken,omitempty"` 3704 3705 // ReadTime: Time the snapshot was taken. 3706 ReadTime string `json:"readTime,omitempty"` 3707 3708 // ServerResponse contains the HTTP response code and headers from the 3709 // server. 3710 googleapi.ServerResponse `json:"-"` 3711 3712 // ForceSendFields is a list of field names (e.g. "Assets") to 3713 // unconditionally include in API requests. By default, fields with 3714 // empty or default values are omitted from API requests. However, any 3715 // non-pointer, non-interface field appearing in ForceSendFields will be 3716 // sent to the server regardless of whether the field is empty or not. 3717 // This may be used to include empty fields in Patch requests. 3718 ForceSendFields []string `json:"-"` 3719 3720 // NullFields is a list of field names (e.g. "Assets") to include in API 3721 // requests with the JSON null value. By default, fields with empty 3722 // values are omitted from API requests. However, any field with an 3723 // empty value appearing in NullFields will be sent to the server as 3724 // null. It is an error if a field in this list has a non-empty value. 3725 // This may be used to include null fields in Patch requests. 3726 NullFields []string `json:"-"` 3727} 3728 3729func (s *ListAssetsResponse) MarshalJSON() ([]byte, error) { 3730 type NoMethod ListAssetsResponse 3731 raw := NoMethod(*s) 3732 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3733} 3734 3735type ListFeedsResponse struct { 3736 // Feeds: A list of feeds. 3737 Feeds []*Feed `json:"feeds,omitempty"` 3738 3739 // ServerResponse contains the HTTP response code and headers from the 3740 // server. 3741 googleapi.ServerResponse `json:"-"` 3742 3743 // ForceSendFields is a list of field names (e.g. "Feeds") to 3744 // unconditionally include in API requests. By default, fields with 3745 // empty or default values are omitted from API requests. However, any 3746 // non-pointer, non-interface field appearing in ForceSendFields will be 3747 // sent to the server regardless of whether the field is empty or not. 3748 // This may be used to include empty fields in Patch requests. 3749 ForceSendFields []string `json:"-"` 3750 3751 // NullFields is a list of field names (e.g. "Feeds") to include in API 3752 // requests with the JSON null value. By default, fields with empty 3753 // values are omitted from API requests. However, any field with an 3754 // empty value appearing in NullFields will be sent to the server as 3755 // null. It is an error if a field in this list has a non-empty value. 3756 // This may be used to include null fields in Patch requests. 3757 NullFields []string `json:"-"` 3758} 3759 3760func (s *ListFeedsResponse) MarshalJSON() ([]byte, error) { 3761 type NoMethod ListFeedsResponse 3762 raw := NoMethod(*s) 3763 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3764} 3765 3766// MoveAnalysis: A message to group the analysis information. 3767type MoveAnalysis struct { 3768 // Analysis: Analysis result of moving the target resource. 3769 Analysis *MoveAnalysisResult `json:"analysis,omitempty"` 3770 3771 // DisplayName: The user friendly display name of the analysis. E.g. 3772 // IAM, Organization Policy etc. 3773 DisplayName string `json:"displayName,omitempty"` 3774 3775 // Error: Description of error encountered when performing the analysis. 3776 Error *Status `json:"error,omitempty"` 3777 3778 // ForceSendFields is a list of field names (e.g. "Analysis") to 3779 // unconditionally include in API requests. By default, fields with 3780 // empty or default values are omitted from API requests. However, any 3781 // non-pointer, non-interface field appearing in ForceSendFields will be 3782 // sent to the server regardless of whether the field is empty or not. 3783 // This may be used to include empty fields in Patch requests. 3784 ForceSendFields []string `json:"-"` 3785 3786 // NullFields is a list of field names (e.g. "Analysis") to include in 3787 // API requests with the JSON null value. By default, fields with empty 3788 // values are omitted from API requests. However, any field with an 3789 // empty value appearing in NullFields will be sent to the server as 3790 // null. It is an error if a field in this list has a non-empty value. 3791 // This may be used to include null fields in Patch requests. 3792 NullFields []string `json:"-"` 3793} 3794 3795func (s *MoveAnalysis) MarshalJSON() ([]byte, error) { 3796 type NoMethod MoveAnalysis 3797 raw := NoMethod(*s) 3798 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3799} 3800 3801// MoveAnalysisResult: An analysis result including blockers and 3802// warnings. 3803type MoveAnalysisResult struct { 3804 // Blockers: Blocking information that would prevent the target resource 3805 // from moving to the specified destination at runtime. 3806 Blockers []*MoveImpact `json:"blockers,omitempty"` 3807 3808 // Warnings: Warning information indicating that moving the target 3809 // resource to the specified destination might be unsafe. This can 3810 // include important policy information and configuration changes, but 3811 // will not block moves at runtime. 3812 Warnings []*MoveImpact `json:"warnings,omitempty"` 3813 3814 // ForceSendFields is a list of field names (e.g. "Blockers") to 3815 // unconditionally include in API requests. By default, fields with 3816 // empty or default values are omitted from API requests. However, any 3817 // non-pointer, non-interface field appearing in ForceSendFields will be 3818 // sent to the server regardless of whether the field is empty or not. 3819 // This may be used to include empty fields in Patch requests. 3820 ForceSendFields []string `json:"-"` 3821 3822 // NullFields is a list of field names (e.g. "Blockers") to include in 3823 // API requests with the JSON null value. By default, fields with empty 3824 // values are omitted from API requests. However, any field with an 3825 // empty value appearing in NullFields will be sent to the server as 3826 // null. It is an error if a field in this list has a non-empty value. 3827 // This may be used to include null fields in Patch requests. 3828 NullFields []string `json:"-"` 3829} 3830 3831func (s *MoveAnalysisResult) MarshalJSON() ([]byte, error) { 3832 type NoMethod MoveAnalysisResult 3833 raw := NoMethod(*s) 3834 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3835} 3836 3837// MoveImpact: A message to group impacts of moving the target resource. 3838type MoveImpact struct { 3839 // Detail: User friendly impact detail in a free form message. 3840 Detail string `json:"detail,omitempty"` 3841 3842 // ForceSendFields is a list of field names (e.g. "Detail") to 3843 // unconditionally include in API requests. By default, fields with 3844 // empty or default values are omitted from API requests. However, any 3845 // non-pointer, non-interface field appearing in ForceSendFields will be 3846 // sent to the server regardless of whether the field is empty or not. 3847 // This may be used to include empty fields in Patch requests. 3848 ForceSendFields []string `json:"-"` 3849 3850 // NullFields is a list of field names (e.g. "Detail") to include in API 3851 // requests with the JSON null value. By default, fields with empty 3852 // values are omitted from API requests. However, any field with an 3853 // empty value appearing in NullFields will be sent to the server as 3854 // null. It is an error if a field in this list has a non-empty value. 3855 // This may be used to include null fields in Patch requests. 3856 NullFields []string `json:"-"` 3857} 3858 3859func (s *MoveImpact) MarshalJSON() ([]byte, error) { 3860 type NoMethod MoveImpact 3861 raw := NoMethod(*s) 3862 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3863} 3864 3865// Operation: This resource represents a long-running operation that is 3866// the result of a network API call. 3867type Operation struct { 3868 // Done: If the value is `false`, it means the operation is still in 3869 // progress. If `true`, the operation is completed, and either `error` 3870 // or `response` is available. 3871 Done bool `json:"done,omitempty"` 3872 3873 // Error: The error result of the operation in case of failure or 3874 // cancellation. 3875 Error *Status `json:"error,omitempty"` 3876 3877 // Metadata: Service-specific metadata associated with the operation. It 3878 // typically contains progress information and common metadata such as 3879 // create time. Some services might not provide such metadata. Any 3880 // method that returns a long-running operation should document the 3881 // metadata type, if any. 3882 Metadata googleapi.RawMessage `json:"metadata,omitempty"` 3883 3884 // Name: The server-assigned name, which is only unique within the same 3885 // service that originally returns it. If you use the default HTTP 3886 // mapping, the `name` should be a resource name ending with 3887 // `operations/{unique_id}`. 3888 Name string `json:"name,omitempty"` 3889 3890 // Response: The normal response of the operation in case of success. If 3891 // the original method returns no data on success, such as `Delete`, the 3892 // response is `google.protobuf.Empty`. If the original method is 3893 // standard `Get`/`Create`/`Update`, the response should be the 3894 // resource. For other methods, the response should have the type 3895 // `XxxResponse`, where `Xxx` is the original method name. For example, 3896 // if the original method name is `TakeSnapshot()`, the inferred 3897 // response type is `TakeSnapshotResponse`. 3898 Response googleapi.RawMessage `json:"response,omitempty"` 3899 3900 // ServerResponse contains the HTTP response code and headers from the 3901 // server. 3902 googleapi.ServerResponse `json:"-"` 3903 3904 // ForceSendFields is a list of field names (e.g. "Done") to 3905 // unconditionally include in API requests. By default, fields with 3906 // empty or default values are omitted from API requests. However, any 3907 // non-pointer, non-interface field appearing in ForceSendFields will be 3908 // sent to the server regardless of whether the field is empty or not. 3909 // This may be used to include empty fields in Patch requests. 3910 ForceSendFields []string `json:"-"` 3911 3912 // NullFields is a list of field names (e.g. "Done") to include in API 3913 // requests with the JSON null value. By default, fields with empty 3914 // values are omitted from API requests. However, any field with an 3915 // empty value appearing in NullFields will be sent to the server as 3916 // null. It is an error if a field in this list has a non-empty value. 3917 // This may be used to include null fields in Patch requests. 3918 NullFields []string `json:"-"` 3919} 3920 3921func (s *Operation) MarshalJSON() ([]byte, error) { 3922 type NoMethod Operation 3923 raw := NoMethod(*s) 3924 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 3925} 3926 3927// Options: Contains query options. 3928type Options struct { 3929 // AnalyzeServiceAccountImpersonation: Optional. If true, the response 3930 // will include access analysis from identities to resources via service 3931 // account impersonation. This is a very expensive operation, because 3932 // many derived queries will be executed. We highly recommend you use 3933 // AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if 3934 // the request analyzes for which resources user A has permission P, and 3935 // there's an IAM policy states user A has 3936 // iam.serviceAccounts.getAccessToken permission to a service account 3937 // SA, and there's another IAM policy states service account SA has 3938 // permission P to a GCP folder F, then user A potentially has access to 3939 // the GCP folder F. And those advanced analysis results will be 3940 // included in 3941 // AnalyzeIamPolicyResponse.service_account_impersonation_analysis. 3942 // Another example, if the request analyzes for who has permission P to 3943 // a GCP folder F, and there's an IAM policy states user A has 3944 // iam.serviceAccounts.actAs permission to a service account SA, and 3945 // there's another IAM policy states service account SA has permission P 3946 // to the GCP folder F, then user A potentially has access to the GCP 3947 // folder F. And those advanced analysis results will be included in 3948 // AnalyzeIamPolicyResponse.service_account_impersonation_analysis. 3949 // Default is false. 3950 AnalyzeServiceAccountImpersonation bool `json:"analyzeServiceAccountImpersonation,omitempty"` 3951 3952 // ExpandGroups: Optional. If true, the identities section of the result 3953 // will expand any Google groups appearing in an IAM policy binding. If 3954 // IamPolicyAnalysisQuery.identity_selector is specified, the identity 3955 // in the result will be determined by the selector, and this flag is 3956 // not allowed to set. Default is false. 3957 ExpandGroups bool `json:"expandGroups,omitempty"` 3958 3959 // ExpandResources: Optional. If true and 3960 // IamPolicyAnalysisQuery.resource_selector is not specified, the 3961 // resource section of the result will expand any resource attached to 3962 // an IAM policy to include resources lower in the resource hierarchy. 3963 // For example, if the request analyzes for which resources user A has 3964 // permission P, and the results include an IAM policy with P on a GCP 3965 // folder, the results will also include resources in that folder with 3966 // permission P. If true and IamPolicyAnalysisQuery.resource_selector is 3967 // specified, the resource section of the result will expand the 3968 // specified resource to include resources lower in the resource 3969 // hierarchy. Only project or lower resources are supported. Folder and 3970 // organization resource cannot be used together with this option. For 3971 // example, if the request analyzes for which users have permission P on 3972 // a GCP project with this option enabled, the results will include all 3973 // users who have permission P on that project or any lower resource. 3974 // Default is false. 3975 ExpandResources bool `json:"expandResources,omitempty"` 3976 3977 // ExpandRoles: Optional. If true, the access section of result will 3978 // expand any roles appearing in IAM policy bindings to include their 3979 // permissions. If IamPolicyAnalysisQuery.access_selector is specified, 3980 // the access section of the result will be determined by the selector, 3981 // and this flag is not allowed to set. Default is false. 3982 ExpandRoles bool `json:"expandRoles,omitempty"` 3983 3984 // OutputGroupEdges: Optional. If true, the result will output group 3985 // identity edges, starting from the binding's group members, to any 3986 // expanded identities. Default is false. 3987 OutputGroupEdges bool `json:"outputGroupEdges,omitempty"` 3988 3989 // OutputResourceEdges: Optional. If true, the result will output 3990 // resource edges, starting from the policy attached resource, to any 3991 // expanded resources. Default is false. 3992 OutputResourceEdges bool `json:"outputResourceEdges,omitempty"` 3993 3994 // ForceSendFields is a list of field names (e.g. 3995 // "AnalyzeServiceAccountImpersonation") to unconditionally include in 3996 // API requests. By default, fields with empty or default values are 3997 // omitted from API requests. However, any non-pointer, non-interface 3998 // field appearing in ForceSendFields will be sent to the server 3999 // regardless of whether the field is empty or not. This may be used to 4000 // include empty fields in Patch requests. 4001 ForceSendFields []string `json:"-"` 4002 4003 // NullFields is a list of field names (e.g. 4004 // "AnalyzeServiceAccountImpersonation") to include in API requests with 4005 // the JSON null value. By default, fields with empty values are omitted 4006 // from API requests. However, any field with an empty value appearing 4007 // in NullFields will be sent to the server as null. It is an error if a 4008 // field in this list has a non-empty value. This may be used to include 4009 // null fields in Patch requests. 4010 NullFields []string `json:"-"` 4011} 4012 4013func (s *Options) MarshalJSON() ([]byte, error) { 4014 type NoMethod Options 4015 raw := NoMethod(*s) 4016 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4017} 4018 4019// OsInfo: Operating system information for the VM. 4020type OsInfo struct { 4021 // Architecture: The system architecture of the operating system. 4022 Architecture string `json:"architecture,omitempty"` 4023 4024 // Hostname: The VM hostname. 4025 Hostname string `json:"hostname,omitempty"` 4026 4027 // KernelRelease: The kernel release of the operating system. 4028 KernelRelease string `json:"kernelRelease,omitempty"` 4029 4030 // KernelVersion: The kernel version of the operating system. 4031 KernelVersion string `json:"kernelVersion,omitempty"` 4032 4033 // LongName: The operating system long name. For example 'Debian 4034 // GNU/Linux 9' or 'Microsoft Window Server 2019 Datacenter'. 4035 LongName string `json:"longName,omitempty"` 4036 4037 // OsconfigAgentVersion: The current version of the OS Config agent 4038 // running on the VM. 4039 OsconfigAgentVersion string `json:"osconfigAgentVersion,omitempty"` 4040 4041 // ShortName: The operating system short name. For example, 'windows' or 4042 // 'debian'. 4043 ShortName string `json:"shortName,omitempty"` 4044 4045 // Version: The version of the operating system. 4046 Version string `json:"version,omitempty"` 4047 4048 // ForceSendFields is a list of field names (e.g. "Architecture") to 4049 // unconditionally include in API requests. By default, fields with 4050 // empty or default values are omitted from API requests. However, any 4051 // non-pointer, non-interface field appearing in ForceSendFields will be 4052 // sent to the server regardless of whether the field is empty or not. 4053 // This may be used to include empty fields in Patch requests. 4054 ForceSendFields []string `json:"-"` 4055 4056 // NullFields is a list of field names (e.g. "Architecture") to include 4057 // in API requests with the JSON null value. By default, fields with 4058 // empty values are omitted from API requests. However, any field with 4059 // an empty value appearing in NullFields will be sent to the server as 4060 // null. It is an error if a field in this list has a non-empty value. 4061 // This may be used to include null fields in Patch requests. 4062 NullFields []string `json:"-"` 4063} 4064 4065func (s *OsInfo) MarshalJSON() ([]byte, error) { 4066 type NoMethod OsInfo 4067 raw := NoMethod(*s) 4068 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4069} 4070 4071// OutputConfig: Output configuration for export assets destination. 4072type OutputConfig struct { 4073 // BigqueryDestination: Destination on BigQuery. The output table stores 4074 // the fields in asset proto as columns in BigQuery. 4075 BigqueryDestination *BigQueryDestination `json:"bigqueryDestination,omitempty"` 4076 4077 // GcsDestination: Destination on Cloud Storage. 4078 GcsDestination *GcsDestination `json:"gcsDestination,omitempty"` 4079 4080 // ForceSendFields is a list of field names (e.g. "BigqueryDestination") 4081 // to unconditionally include in API requests. By default, fields with 4082 // empty or default values are omitted from API requests. However, any 4083 // non-pointer, non-interface field appearing in ForceSendFields will be 4084 // sent to the server regardless of whether the field is empty or not. 4085 // This may be used to include empty fields in Patch requests. 4086 ForceSendFields []string `json:"-"` 4087 4088 // NullFields is a list of field names (e.g. "BigqueryDestination") to 4089 // include in API requests with the JSON null value. By default, fields 4090 // with empty values are omitted from API requests. However, any field 4091 // with an empty value appearing in NullFields will be sent to the 4092 // server as null. It is an error if a field in this list has a 4093 // non-empty value. This may be used to include null fields in Patch 4094 // requests. 4095 NullFields []string `json:"-"` 4096} 4097 4098func (s *OutputConfig) MarshalJSON() ([]byte, error) { 4099 type NoMethod OutputConfig 4100 raw := NoMethod(*s) 4101 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4102} 4103 4104// PartitionSpec: Specifications of BigQuery partitioned table as export 4105// destination. 4106type PartitionSpec struct { 4107 // PartitionKey: The partition key for BigQuery partitioned table. 4108 // 4109 // Possible values: 4110 // "PARTITION_KEY_UNSPECIFIED" - Unspecified partition key. If used, 4111 // it means using non-partitioned table. 4112 // "READ_TIME" - The time when the snapshot is taken. If specified as 4113 // partition key, the result table(s) is partitoned by the additional 4114 // timestamp column, readTime. If [read_time] in ExportAssetsRequest is 4115 // specified, the readTime column's value will be the same as it. 4116 // Otherwise, its value will be the current time that is used to take 4117 // the snapshot. 4118 // "REQUEST_TIME" - The time when the request is received and started 4119 // to be processed. If specified as partition key, the result table(s) 4120 // is partitoned by the requestTime column, an additional timestamp 4121 // column representing when the request was received. 4122 PartitionKey string `json:"partitionKey,omitempty"` 4123 4124 // ForceSendFields is a list of field names (e.g. "PartitionKey") to 4125 // unconditionally include in API requests. By default, fields with 4126 // empty or default values are omitted from API requests. However, any 4127 // non-pointer, non-interface field appearing in ForceSendFields will be 4128 // sent to the server regardless of whether the field is empty or not. 4129 // This may be used to include empty fields in Patch requests. 4130 ForceSendFields []string `json:"-"` 4131 4132 // NullFields is a list of field names (e.g. "PartitionKey") to include 4133 // in API requests with the JSON null value. By default, fields with 4134 // empty values are omitted from API requests. However, any field with 4135 // an empty value appearing in NullFields will be sent to the server as 4136 // null. It is an error if a field in this list has a non-empty value. 4137 // This may be used to include null fields in Patch requests. 4138 NullFields []string `json:"-"` 4139} 4140 4141func (s *PartitionSpec) MarshalJSON() ([]byte, error) { 4142 type NoMethod PartitionSpec 4143 raw := NoMethod(*s) 4144 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4145} 4146 4147// Permissions: IAM permissions 4148type Permissions struct { 4149 // Permissions: A list of permissions. A sample permission string: 4150 // `compute.disk.get`. 4151 Permissions []string `json:"permissions,omitempty"` 4152 4153 // ForceSendFields is a list of field names (e.g. "Permissions") to 4154 // unconditionally include in API requests. By default, fields with 4155 // empty or default values are omitted from API requests. However, any 4156 // non-pointer, non-interface field appearing in ForceSendFields will be 4157 // sent to the server regardless of whether the field is empty or not. 4158 // This may be used to include empty fields in Patch requests. 4159 ForceSendFields []string `json:"-"` 4160 4161 // NullFields is a list of field names (e.g. "Permissions") to include 4162 // in API requests with the JSON null value. By default, fields with 4163 // empty values are omitted from API requests. However, any field with 4164 // an empty value appearing in NullFields will be sent to the server as 4165 // null. It is an error if a field in this list has a non-empty value. 4166 // This may be used to include null fields in Patch requests. 4167 NullFields []string `json:"-"` 4168} 4169 4170func (s *Permissions) MarshalJSON() ([]byte, error) { 4171 type NoMethod Permissions 4172 raw := NoMethod(*s) 4173 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4174} 4175 4176// Policy: An Identity and Access Management (IAM) policy, which 4177// specifies access controls for Google Cloud resources. A `Policy` is a 4178// collection of `bindings`. A `binding` binds one or more `members` to 4179// a single `role`. Members can be user accounts, service accounts, 4180// Google groups, and domains (such as G Suite). A `role` is a named 4181// list of permissions; each `role` can be an IAM predefined role or a 4182// user-created custom role. For some types of Google Cloud resources, a 4183// `binding` can also specify a `condition`, which is a logical 4184// expression that allows access to a resource only if the expression 4185// evaluates to `true`. A condition can add constraints based on 4186// attributes of the request, the resource, or both. To learn which 4187// resources support conditions in their IAM policies, see the IAM 4188// documentation 4189// (https://cloud.google.com/iam/help/conditions/resource-policies). 4190// **JSON example:** { "bindings": [ { "role": 4191// "roles/resourcemanager.organizationAdmin", "members": [ 4192// "user:mike@example.com", "group:admins@example.com", 4193// "domain:google.com", 4194// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { 4195// "role": "roles/resourcemanager.organizationViewer", "members": [ 4196// "user:eve@example.com" ], "condition": { "title": "expirable access", 4197// "description": "Does not grant access after Sep 2020", "expression": 4198// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], 4199// "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - 4200// members: - user:mike@example.com - group:admins@example.com - 4201// domain:google.com - 4202// serviceAccount:my-project-id@appspot.gserviceaccount.com role: 4203// roles/resourcemanager.organizationAdmin - members: - 4204// user:eve@example.com role: roles/resourcemanager.organizationViewer 4205// condition: title: expirable access description: Does not grant access 4206// after Sep 2020 expression: request.time < 4207// timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 4208// For a description of IAM and its features, see the IAM documentation 4209// (https://cloud.google.com/iam/docs/). 4210type Policy struct { 4211 // AuditConfigs: Specifies cloud audit logging configuration for this 4212 // policy. 4213 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 4214 4215 // Bindings: Associates a list of `members` to a `role`. Optionally, may 4216 // specify a `condition` that determines how and when the `bindings` are 4217 // applied. Each of the `bindings` must contain at least one member. 4218 Bindings []*Binding `json:"bindings,omitempty"` 4219 4220 // Etag: `etag` is used for optimistic concurrency control as a way to 4221 // help prevent simultaneous updates of a policy from overwriting each 4222 // other. It is strongly suggested that systems make use of the `etag` 4223 // in the read-modify-write cycle to perform policy updates in order to 4224 // avoid race conditions: An `etag` is returned in the response to 4225 // `getIamPolicy`, and systems are expected to put that etag in the 4226 // request to `setIamPolicy` to ensure that their change will be applied 4227 // to the same version of the policy. **Important:** If you use IAM 4228 // Conditions, you must include the `etag` field whenever you call 4229 // `setIamPolicy`. If you omit this field, then IAM allows you to 4230 // overwrite a version `3` policy with a version `1` policy, and all of 4231 // the conditions in the version `3` policy are lost. 4232 Etag string `json:"etag,omitempty"` 4233 4234 // Version: Specifies the format of the policy. Valid values are `0`, 4235 // `1`, and `3`. Requests that specify an invalid value are rejected. 4236 // Any operation that affects conditional role bindings must specify 4237 // version `3`. This requirement applies to the following operations: * 4238 // Getting a policy that includes a conditional role binding * Adding a 4239 // conditional role binding to a policy * Changing a conditional role 4240 // binding in a policy * Removing any role binding, with or without a 4241 // condition, from a policy that includes conditions **Important:** If 4242 // you use IAM Conditions, you must include the `etag` field whenever 4243 // you call `setIamPolicy`. If you omit this field, then IAM allows you 4244 // to overwrite a version `3` policy with a version `1` policy, and all 4245 // of the conditions in the version `3` policy are lost. If a policy 4246 // does not include any conditions, operations on that policy may 4247 // specify any valid version or leave the field unset. To learn which 4248 // resources support conditions in their IAM policies, see the IAM 4249 // documentation 4250 // (https://cloud.google.com/iam/help/conditions/resource-policies). 4251 Version int64 `json:"version,omitempty"` 4252 4253 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 4254 // unconditionally include in API requests. By default, fields with 4255 // empty or default values are omitted from API requests. However, any 4256 // non-pointer, non-interface field appearing in ForceSendFields will be 4257 // sent to the server regardless of whether the field is empty or not. 4258 // This may be used to include empty fields in Patch requests. 4259 ForceSendFields []string `json:"-"` 4260 4261 // NullFields is a list of field names (e.g. "AuditConfigs") to include 4262 // in API requests with the JSON null value. By default, fields with 4263 // empty values are omitted from API requests. However, any field with 4264 // an empty value appearing in NullFields will be sent to the server as 4265 // null. It is an error if a field in this list has a non-empty value. 4266 // This may be used to include null fields in Patch requests. 4267 NullFields []string `json:"-"` 4268} 4269 4270func (s *Policy) MarshalJSON() ([]byte, error) { 4271 type NoMethod Policy 4272 raw := NoMethod(*s) 4273 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4274} 4275 4276// PubsubDestination: A Pub/Sub destination. 4277type PubsubDestination struct { 4278 // Topic: The name of the Pub/Sub topic to publish to. Example: 4279 // `projects/PROJECT_ID/topics/TOPIC_ID`. 4280 Topic string `json:"topic,omitempty"` 4281 4282 // ForceSendFields is a list of field names (e.g. "Topic") to 4283 // unconditionally include in API requests. By default, fields with 4284 // empty or default values are omitted from API requests. However, any 4285 // non-pointer, non-interface field appearing in ForceSendFields will be 4286 // sent to the server regardless of whether the field is empty or not. 4287 // This may be used to include empty fields in Patch requests. 4288 ForceSendFields []string `json:"-"` 4289 4290 // NullFields is a list of field names (e.g. "Topic") to include in API 4291 // requests with the JSON null value. By default, fields with empty 4292 // values are omitted from API requests. However, any field with an 4293 // empty value appearing in NullFields will be sent to the server as 4294 // null. It is an error if a field in this list has a non-empty value. 4295 // This may be used to include null fields in Patch requests. 4296 NullFields []string `json:"-"` 4297} 4298 4299func (s *PubsubDestination) MarshalJSON() ([]byte, error) { 4300 type NoMethod PubsubDestination 4301 raw := NoMethod(*s) 4302 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4303} 4304 4305// RelatedAsset: An asset identify in Google Cloud which contains its 4306// name, type and ancestors. An asset can be any resource in the Google 4307// Cloud resource hierarchy 4308// (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 4309// a resource outside the Google Cloud resource hierarchy (such as 4310// Google Kubernetes Engine clusters and objects), or a policy (e.g. 4311// Cloud IAM policy). See Supported asset types 4312// (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 4313// for more information. 4314type RelatedAsset struct { 4315 // Ancestors: The ancestors of an asset in Google Cloud resource 4316 // hierarchy 4317 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 4318 // represented as a list of relative resource names. An ancestry path 4319 // starts with the closest ancestor in the hierarchy and ends at root. 4320 // Example: `["projects/123456789", "folders/5432", 4321 // "organizations/1234"]` 4322 Ancestors []string `json:"ancestors,omitempty"` 4323 4324 // Asset: The full name of the asset. Example: 4325 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 4326 // s/instance1` See Resource names 4327 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 4328 // for more information. 4329 Asset string `json:"asset,omitempty"` 4330 4331 // AssetType: The type of the asset. Example: 4332 // `compute.googleapis.com/Disk` See Supported asset types 4333 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 4334 // for more information. 4335 AssetType string `json:"assetType,omitempty"` 4336 4337 // ForceSendFields is a list of field names (e.g. "Ancestors") to 4338 // unconditionally include in API requests. By default, fields with 4339 // empty or default values are omitted from API requests. However, any 4340 // non-pointer, non-interface field appearing in ForceSendFields will be 4341 // sent to the server regardless of whether the field is empty or not. 4342 // This may be used to include empty fields in Patch requests. 4343 ForceSendFields []string `json:"-"` 4344 4345 // NullFields is a list of field names (e.g. "Ancestors") to include in 4346 // API requests with the JSON null value. By default, fields with empty 4347 // values are omitted from API requests. However, any field with an 4348 // empty value appearing in NullFields will be sent to the server as 4349 // null. It is an error if a field in this list has a non-empty value. 4350 // This may be used to include null fields in Patch requests. 4351 NullFields []string `json:"-"` 4352} 4353 4354func (s *RelatedAsset) MarshalJSON() ([]byte, error) { 4355 type NoMethod RelatedAsset 4356 raw := NoMethod(*s) 4357 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4358} 4359 4360// RelatedAssets: The detailed related assets with the 4361// `relationship_type`. 4362type RelatedAssets struct { 4363 // Assets: The peer resources of the relationship. 4364 Assets []*RelatedAsset `json:"assets,omitempty"` 4365 4366 // RelationshipAttributes: The detailed relationship attributes. 4367 RelationshipAttributes *RelationshipAttributes `json:"relationshipAttributes,omitempty"` 4368 4369 // ForceSendFields is a list of field names (e.g. "Assets") to 4370 // unconditionally include in API requests. By default, fields with 4371 // empty or default values are omitted from API requests. However, any 4372 // non-pointer, non-interface field appearing in ForceSendFields will be 4373 // sent to the server regardless of whether the field is empty or not. 4374 // This may be used to include empty fields in Patch requests. 4375 ForceSendFields []string `json:"-"` 4376 4377 // NullFields is a list of field names (e.g. "Assets") to include in API 4378 // requests with the JSON null value. By default, fields with empty 4379 // values are omitted from API requests. However, any field with an 4380 // empty value appearing in NullFields will be sent to the server as 4381 // null. It is an error if a field in this list has a non-empty value. 4382 // This may be used to include null fields in Patch requests. 4383 NullFields []string `json:"-"` 4384} 4385 4386func (s *RelatedAssets) MarshalJSON() ([]byte, error) { 4387 type NoMethod RelatedAssets 4388 raw := NoMethod(*s) 4389 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4390} 4391 4392// RelatedResource: The detailed related resource. 4393type RelatedResource struct { 4394 // AssetType: The type of the asset. Example: 4395 // `compute.googleapis.com/Instance` 4396 AssetType string `json:"assetType,omitempty"` 4397 4398 // FullResourceName: The full resource name of the related resource. 4399 // Example: 4400 // `//compute.googleapis.com/projects/my_proj_123/zones/instance/instance 4401 // 123` 4402 FullResourceName string `json:"fullResourceName,omitempty"` 4403 4404 // ForceSendFields is a list of field names (e.g. "AssetType") to 4405 // unconditionally include in API requests. By default, fields with 4406 // empty or default values are omitted from API requests. However, any 4407 // non-pointer, non-interface field appearing in ForceSendFields will be 4408 // sent to the server regardless of whether the field is empty or not. 4409 // This may be used to include empty fields in Patch requests. 4410 ForceSendFields []string `json:"-"` 4411 4412 // NullFields is a list of field names (e.g. "AssetType") to include in 4413 // API requests with the JSON null value. By default, fields with empty 4414 // values are omitted from API requests. However, any field with an 4415 // empty value appearing in NullFields will be sent to the server as 4416 // null. It is an error if a field in this list has a non-empty value. 4417 // This may be used to include null fields in Patch requests. 4418 NullFields []string `json:"-"` 4419} 4420 4421func (s *RelatedResource) MarshalJSON() ([]byte, error) { 4422 type NoMethod RelatedResource 4423 raw := NoMethod(*s) 4424 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4425} 4426 4427// RelatedResources: The related resources of the primary resource. 4428type RelatedResources struct { 4429 // RelatedResources: The detailed related resources of the primary 4430 // resource. 4431 RelatedResources []*RelatedResource `json:"relatedResources,omitempty"` 4432 4433 // ForceSendFields is a list of field names (e.g. "RelatedResources") to 4434 // unconditionally include in API requests. By default, fields with 4435 // empty or default values are omitted from API requests. However, any 4436 // non-pointer, non-interface field appearing in ForceSendFields will be 4437 // sent to the server regardless of whether the field is empty or not. 4438 // This may be used to include empty fields in Patch requests. 4439 ForceSendFields []string `json:"-"` 4440 4441 // NullFields is a list of field names (e.g. "RelatedResources") to 4442 // include in API requests with the JSON null value. By default, fields 4443 // with empty values are omitted from API requests. However, any field 4444 // with an empty value appearing in NullFields will be sent to the 4445 // server as null. It is an error if a field in this list has a 4446 // non-empty value. This may be used to include null fields in Patch 4447 // requests. 4448 NullFields []string `json:"-"` 4449} 4450 4451func (s *RelatedResources) MarshalJSON() ([]byte, error) { 4452 type NoMethod RelatedResources 4453 raw := NoMethod(*s) 4454 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4455} 4456 4457// RelationshipAttributes: The relationship attributes which include 4458// `type`, `source_resource_type`, `target_resource_type` and `action`. 4459type RelationshipAttributes struct { 4460 // Action: The detail of the relationship, e.g. `contains`, `attaches` 4461 Action string `json:"action,omitempty"` 4462 4463 // SourceResourceType: The source asset type. Example: 4464 // `compute.googleapis.com/Instance` 4465 SourceResourceType string `json:"sourceResourceType,omitempty"` 4466 4467 // TargetResourceType: The target asset type. Example: 4468 // `compute.googleapis.com/Disk` 4469 TargetResourceType string `json:"targetResourceType,omitempty"` 4470 4471 // Type: The unique identifier of the relationship type. Example: 4472 // `INSTANCE_TO_INSTANCEGROUP` 4473 Type string `json:"type,omitempty"` 4474 4475 // ForceSendFields is a list of field names (e.g. "Action") to 4476 // unconditionally include in API requests. By default, fields with 4477 // empty or default values are omitted from API requests. However, any 4478 // non-pointer, non-interface field appearing in ForceSendFields will be 4479 // sent to the server regardless of whether the field is empty or not. 4480 // This may be used to include empty fields in Patch requests. 4481 ForceSendFields []string `json:"-"` 4482 4483 // NullFields is a list of field names (e.g. "Action") to include in API 4484 // requests with the JSON null value. By default, fields with empty 4485 // values are omitted from API requests. However, any field with an 4486 // empty value appearing in NullFields will be sent to the server as 4487 // null. It is an error if a field in this list has a non-empty value. 4488 // This may be used to include null fields in Patch requests. 4489 NullFields []string `json:"-"` 4490} 4491 4492func (s *RelationshipAttributes) MarshalJSON() ([]byte, error) { 4493 type NoMethod RelationshipAttributes 4494 raw := NoMethod(*s) 4495 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4496} 4497 4498// Resource: A representation of a Google Cloud resource. 4499type Resource struct { 4500 // Data: The content of the resource, in which some sensitive fields are 4501 // removed and may not be present. 4502 Data googleapi.RawMessage `json:"data,omitempty"` 4503 4504 // DiscoveryDocumentUri: The URL of the discovery document containing 4505 // the resource's JSON schema. Example: 4506 // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This 4507 // value is unspecified for resources that do not have an API based on a 4508 // discovery document, such as Cloud Bigtable. 4509 DiscoveryDocumentUri string `json:"discoveryDocumentUri,omitempty"` 4510 4511 // DiscoveryName: The JSON schema name listed in the discovery document. 4512 // Example: `Project` This value is unspecified for resources that do 4513 // not have an API based on a discovery document, such as Cloud 4514 // Bigtable. 4515 DiscoveryName string `json:"discoveryName,omitempty"` 4516 4517 // Location: The location of the resource in Google Cloud, such as its 4518 // zone and region. For more information, see 4519 // https://cloud.google.com/about/locations/. 4520 Location string `json:"location,omitempty"` 4521 4522 // Parent: The full name of the immediate parent of this resource. See 4523 // Resource Names 4524 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) 4525 // for more information. For Google Cloud assets, this value is the 4526 // parent resource defined in the Cloud IAM policy hierarchy 4527 // (https://cloud.google.com/iam/docs/overview#policy_hierarchy). 4528 // Example: 4529 // `//cloudresourcemanager.googleapis.com/projects/my_project_123` For 4530 // third-party assets, this field may be set differently. 4531 Parent string `json:"parent,omitempty"` 4532 4533 // ResourceUrl: The REST URL for accessing the resource. An HTTP `GET` 4534 // request using this URL returns the resource itself. Example: 4535 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-12 4536 // 3` This value is unspecified for resources without a REST API. 4537 ResourceUrl string `json:"resourceUrl,omitempty"` 4538 4539 // Version: The API version. Example: `v1` 4540 Version string `json:"version,omitempty"` 4541 4542 // ForceSendFields is a list of field names (e.g. "Data") to 4543 // unconditionally include in API requests. By default, fields with 4544 // empty or default values are omitted from API requests. However, any 4545 // non-pointer, non-interface field appearing in ForceSendFields will be 4546 // sent to the server regardless of whether the field is empty or not. 4547 // This may be used to include empty fields in Patch requests. 4548 ForceSendFields []string `json:"-"` 4549 4550 // NullFields is a list of field names (e.g. "Data") to include in API 4551 // requests with the JSON null value. By default, fields with empty 4552 // values are omitted from API requests. However, any field with an 4553 // empty value appearing in NullFields will be sent to the server as 4554 // null. It is an error if a field in this list has a non-empty value. 4555 // This may be used to include null fields in Patch requests. 4556 NullFields []string `json:"-"` 4557} 4558 4559func (s *Resource) MarshalJSON() ([]byte, error) { 4560 type NoMethod Resource 4561 raw := NoMethod(*s) 4562 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4563} 4564 4565// ResourceSearchResult: A result of Resource Search, containing 4566// information of a cloud resource. 4567type ResourceSearchResult struct { 4568 // AdditionalAttributes: The additional searchable attributes of this 4569 // resource. The attributes may vary from one resource type to another. 4570 // Examples: `projectId` for Project, `dnsName` for DNS ManagedZone. 4571 // This field contains a subset of the resource metadata fields that are 4572 // returned by the List or Get APIs provided by the corresponding GCP 4573 // service (e.g., Compute Engine). see API references and supported 4574 // searchable attributes 4575 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types) 4576 // to see which fields are included. You can search values of these 4577 // fields through free text search. However, you should not consume the 4578 // field programically as the field names and values may change as the 4579 // GCP service updates to a new incompatible API version. To search 4580 // against the `additional_attributes`: * use a free text query to match 4581 // the attributes values. Example: to search `additional_attributes = { 4582 // dnsName: "foobar" }`, you can issue a query `foobar`. 4583 AdditionalAttributes googleapi.RawMessage `json:"additionalAttributes,omitempty"` 4584 4585 // AssetType: The type of this resource. Example: 4586 // `compute.googleapis.com/Disk`. To search against the `asset_type`: * 4587 // specify the `asset_type` field in your search request. 4588 AssetType string `json:"assetType,omitempty"` 4589 4590 // AttachedResources: Attached resources of this resource. For example, 4591 // an OSConfig Inventory is an attached resource of a Compute Instance. 4592 // This field is repeated because a resource could have multiple 4593 // attached resources. This `attached_resources` field is not 4594 // searchable. Some attributes of the attached resources are exposed in 4595 // `additional_attributes` field, so as to allow users to search on 4596 // them. 4597 AttachedResources []*AttachedResource `json:"attachedResources,omitempty"` 4598 4599 // CreateTime: The create timestamp of this resource, at which the 4600 // resource was created. The granularity is in seconds. Timestamp.nanos 4601 // will always be 0. This field is available only when the resource's 4602 // proto contains it. To search against `create_time`: * use a field 4603 // query. - value in seconds since unix epoch. Example: `createTime > 4604 // 1609459200` - value in date string. Example: `createTime > 4605 // 2021-01-01` - value in date-time string (must be quoted). Example: 4606 // `createTime > "2021-01-01T00:00:00" 4607 CreateTime string `json:"createTime,omitempty"` 4608 4609 // Description: One or more paragraphs of text description of this 4610 // resource. Maximum length could be up to 1M bytes. This field is 4611 // available only when the resource's proto contains it. To search 4612 // against the `description`: * use a field query. Example: 4613 // `description:"important instance" * use a free text query. Example: 4614 // "important instance" 4615 Description string `json:"description,omitempty"` 4616 4617 // DisplayName: The display name of this resource. This field is 4618 // available only when the resource's proto contains it. To search 4619 // against the `display_name`: * use a field query. Example: 4620 // `displayName:"My Instance" * use a free text query. Example: "My 4621 // Instance" 4622 DisplayName string `json:"displayName,omitempty"` 4623 4624 // Folders: The folder(s) that this resource belongs to, in the form of 4625 // folders/{FOLDER_NUMBER}. This field is available when the resource 4626 // belongs to one or more folders. To search against `folders`: * use a 4627 // field query. Example: `folders:(123 OR 456)` * use a free text query. 4628 // Example: `123` * specify the `scope` field as this folder in your 4629 // search request. 4630 Folders []string `json:"folders,omitempty"` 4631 4632 // KmsKey: The Cloud KMS CryptoKey 4633 // (https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) 4634 // name or CryptoKeyVersion 4635 // (https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) 4636 // name. This field is available only when the resource's proto contains 4637 // it. To search against the `kms_key`: * use a field query. Example: 4638 // `kmsKey:key` * use a free text query. Example: `key` 4639 KmsKey string `json:"kmsKey,omitempty"` 4640 4641 // Labels: Labels associated with this resource. See Labelling and 4642 // grouping GCP resources 4643 // (https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) 4644 // for more information. This field is available only when the 4645 // resource's proto contains it. To search against the `labels`: * use a 4646 // field query: - query on any label's key or value. Example: 4647 // `labels:prod` - query by a given label. Example: `labels.env:prod` - 4648 // query by a given label's existence. Example: `labels.env:*` * use a 4649 // free text query. Example: `prod` 4650 Labels map[string]string `json:"labels,omitempty"` 4651 4652 // Location: Location can be `global`, regional like `us-east1`, or 4653 // zonal like `us-west1-b`. This field is available only when the 4654 // resource's proto contains it. To search against the `location`: * use 4655 // a field query. Example: `location:us-west*` * use a free text query. 4656 // Example: `us-west*` 4657 Location string `json:"location,omitempty"` 4658 4659 // Name: The full resource name of this resource. Example: 4660 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 4661 // s/instance1`. See Cloud Asset Inventory Resource Name Format 4662 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) 4663 // for more information. To search against the `name`: * use a field 4664 // query. Example: `name:instance1` * use a free text query. Example: 4665 // `instance1` 4666 Name string `json:"name,omitempty"` 4667 4668 // NetworkTags: Network tags associated with this resource. Like labels, 4669 // network tags are a type of annotations used to group GCP resources. 4670 // See Labelling GCP resources 4671 // (https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) 4672 // for more information. This field is available only when the 4673 // resource's proto contains it. To search against the `network_tags`: * 4674 // use a field query. Example: `networkTags:internal` * use a free text 4675 // query. Example: `internal` 4676 NetworkTags []string `json:"networkTags,omitempty"` 4677 4678 // Organization: The organization that this resource belongs to, in the 4679 // form of organizations/{ORGANIZATION_NUMBER}. This field is available 4680 // when the resource belongs to an organization. To search against 4681 // `organization`: * use a field query. Example: `organization:123` * 4682 // use a free text query. Example: `123` * specify the `scope` field as 4683 // this organization in your search request. 4684 Organization string `json:"organization,omitempty"` 4685 4686 // ParentAssetType: The type of this resource's immediate parent, if 4687 // there is one. To search against the `parent_asset_type`: * use a 4688 // field query. Example: 4689 // `parentAssetType:"cloudresourcemanager.googleapis.com/Project" * use 4690 // a free text query. Example: 4691 // `cloudresourcemanager.googleapis.com/Project` 4692 ParentAssetType string `json:"parentAssetType,omitempty"` 4693 4694 // ParentFullResourceName: The full resource name of this resource's 4695 // parent, if it has one. To search against the 4696 // `parent_full_resource_name`: * use a field query. Example: 4697 // `parentFullResourceName:"project-name" * use a free text query. 4698 // Example: `project-name` 4699 ParentFullResourceName string `json:"parentFullResourceName,omitempty"` 4700 4701 // Project: The project that this resource belongs to, in the form of 4702 // projects/{PROJECT_NUMBER}. This field is available when the resource 4703 // belongs to a project. To search against `project`: * use a field 4704 // query. Example: `project:12345` * use a free text query. Example: 4705 // `12345` * specify the `scope` field as this project in your search 4706 // request. 4707 Project string `json:"project,omitempty"` 4708 4709 // Relationships: A map of related resources of this resource, keyed by 4710 // the relationship type. A relationship type is in the format of 4711 // {SourceType}_{ACTION}_{DestType}. Example: `DISK_TO_INSTANCE`, 4712 // `DISK_TO_NETWORK`, `INSTANCE_TO_INSTANCEGROUP`. See supported 4713 // relationship types 4714 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types#supported_relationship_types). 4715 Relationships map[string]RelatedResources `json:"relationships,omitempty"` 4716 4717 // State: The state of this resource. Different resources types have 4718 // different state definitions that are mapped from various fields of 4719 // different resource types. This field is available only when the 4720 // resource's proto contains it. Example: If the resource is an instance 4721 // provided by Compute Engine, its state will include PROVISIONING, 4722 // STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and 4723 // TERMINATED. See `status` definition in API Reference 4724 // (https://cloud.google.com/compute/docs/reference/rest/v1/instances). 4725 // If the resource is a project provided by Cloud Resource Manager, its 4726 // state will include LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, 4727 // DELETE_REQUESTED and DELETE_IN_PROGRESS. See `lifecycleState` 4728 // definition in API Reference 4729 // (https://cloud.google.com/resource-manager/reference/rest/v1/projects). 4730 // To search against the `state`: * use a field query. Example: 4731 // `state:RUNNING` * use a free text query. Example: `RUNNING` 4732 State string `json:"state,omitempty"` 4733 4734 // UpdateTime: The last update timestamp of this resource, at which the 4735 // resource was last modified or deleted. The granularity is in seconds. 4736 // Timestamp.nanos will always be 0. This field is available only when 4737 // the resource's proto contains it. To search against `update_time`: * 4738 // use a field query. - value in seconds since unix epoch. Example: 4739 // `updateTime < 1609459200` - value in date string. Example: 4740 // `updateTime < 2021-01-01` - value in date-time string (must be 4741 // quoted). Example: `updateTime < "2021-01-01T00:00:00" 4742 UpdateTime string `json:"updateTime,omitempty"` 4743 4744 // VersionedResources: Versioned resource representations of this 4745 // resource. This is repeated because there could be multiple versions 4746 // of resource representations during version migration. This 4747 // `versioned_resources` field is not searchable. Some attributes of the 4748 // resource representations are exposed in `additional_attributes` 4749 // field, so as to allow users to search on them. 4750 VersionedResources []*VersionedResource `json:"versionedResources,omitempty"` 4751 4752 // ForceSendFields is a list of field names (e.g. 4753 // "AdditionalAttributes") to unconditionally include in API requests. 4754 // By default, fields with empty or default values are omitted from API 4755 // requests. However, any non-pointer, non-interface field appearing in 4756 // ForceSendFields will be sent to the server regardless of whether the 4757 // field is empty or not. This may be used to include empty fields in 4758 // Patch requests. 4759 ForceSendFields []string `json:"-"` 4760 4761 // NullFields is a list of field names (e.g. "AdditionalAttributes") to 4762 // include in API requests with the JSON null value. By default, fields 4763 // with empty values are omitted from API requests. However, any field 4764 // with an empty value appearing in NullFields will be sent to the 4765 // server as null. It is an error if a field in this list has a 4766 // non-empty value. This may be used to include null fields in Patch 4767 // requests. 4768 NullFields []string `json:"-"` 4769} 4770 4771func (s *ResourceSearchResult) MarshalJSON() ([]byte, error) { 4772 type NoMethod ResourceSearchResult 4773 raw := NoMethod(*s) 4774 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4775} 4776 4777// ResourceSelector: Specifies the resource to analyze for access 4778// policies, which may be set directly on the resource, or on ancestors 4779// such as organizations, folders or projects. 4780type ResourceSelector struct { 4781 // FullResourceName: Required. The [full resource name] 4782 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) 4783 // of a resource of supported resource types 4784 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types). 4785 FullResourceName string `json:"fullResourceName,omitempty"` 4786 4787 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 4788 // unconditionally include in API requests. By default, fields with 4789 // empty or default values are omitted from API requests. However, any 4790 // non-pointer, non-interface field appearing in ForceSendFields will be 4791 // sent to the server regardless of whether the field is empty or not. 4792 // This may be used to include empty fields in Patch requests. 4793 ForceSendFields []string `json:"-"` 4794 4795 // NullFields is a list of field names (e.g. "FullResourceName") to 4796 // include in API requests with the JSON null value. By default, fields 4797 // with empty values are omitted from API requests. However, any field 4798 // with an empty value appearing in NullFields will be sent to the 4799 // server as null. It is an error if a field in this list has a 4800 // non-empty value. This may be used to include null fields in Patch 4801 // requests. 4802 NullFields []string `json:"-"` 4803} 4804 4805func (s *ResourceSelector) MarshalJSON() ([]byte, error) { 4806 type NoMethod ResourceSelector 4807 raw := NoMethod(*s) 4808 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4809} 4810 4811// SearchAllIamPoliciesResponse: Search all IAM policies response. 4812type SearchAllIamPoliciesResponse struct { 4813 // NextPageToken: Set if there are more results than those appearing in 4814 // this response; to get the next set of results, call this method 4815 // again, using this value as the `page_token`. 4816 NextPageToken string `json:"nextPageToken,omitempty"` 4817 4818 // Results: A list of IamPolicy that match the search query. Related 4819 // information such as the associated resource is returned along with 4820 // the policy. 4821 Results []*IamPolicySearchResult `json:"results,omitempty"` 4822 4823 // ServerResponse contains the HTTP response code and headers from the 4824 // server. 4825 googleapi.ServerResponse `json:"-"` 4826 4827 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 4828 // unconditionally include in API requests. By default, fields with 4829 // empty or default values are omitted from API requests. However, any 4830 // non-pointer, non-interface field appearing in ForceSendFields will be 4831 // sent to the server regardless of whether the field is empty or not. 4832 // This may be used to include empty fields in Patch requests. 4833 ForceSendFields []string `json:"-"` 4834 4835 // NullFields is a list of field names (e.g. "NextPageToken") to include 4836 // in API requests with the JSON null value. By default, fields with 4837 // empty values are omitted from API requests. However, any field with 4838 // an empty value appearing in NullFields will be sent to the server as 4839 // null. It is an error if a field in this list has a non-empty value. 4840 // This may be used to include null fields in Patch requests. 4841 NullFields []string `json:"-"` 4842} 4843 4844func (s *SearchAllIamPoliciesResponse) MarshalJSON() ([]byte, error) { 4845 type NoMethod SearchAllIamPoliciesResponse 4846 raw := NoMethod(*s) 4847 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4848} 4849 4850// SearchAllResourcesResponse: Search all resources response. 4851type SearchAllResourcesResponse struct { 4852 // NextPageToken: If there are more results than those appearing in this 4853 // response, then `next_page_token` is included. To get the next set of 4854 // results, call this method again using the value of `next_page_token` 4855 // as `page_token`. 4856 NextPageToken string `json:"nextPageToken,omitempty"` 4857 4858 // Results: A list of Resources that match the search query. It contains 4859 // the resource standard metadata information. 4860 Results []*ResourceSearchResult `json:"results,omitempty"` 4861 4862 // ServerResponse contains the HTTP response code and headers from the 4863 // server. 4864 googleapi.ServerResponse `json:"-"` 4865 4866 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 4867 // unconditionally include in API requests. By default, fields with 4868 // empty or default values are omitted from API requests. However, any 4869 // non-pointer, non-interface field appearing in ForceSendFields will be 4870 // sent to the server regardless of whether the field is empty or not. 4871 // This may be used to include empty fields in Patch requests. 4872 ForceSendFields []string `json:"-"` 4873 4874 // NullFields is a list of field names (e.g. "NextPageToken") to include 4875 // in API requests with the JSON null value. By default, fields with 4876 // empty values are omitted from API requests. However, any field with 4877 // an empty value appearing in NullFields will be sent to the server as 4878 // null. It is an error if a field in this list has a non-empty value. 4879 // This may be used to include null fields in Patch requests. 4880 NullFields []string `json:"-"` 4881} 4882 4883func (s *SearchAllResourcesResponse) MarshalJSON() ([]byte, error) { 4884 type NoMethod SearchAllResourcesResponse 4885 raw := NoMethod(*s) 4886 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4887} 4888 4889// SoftwarePackage: Software package information of the operating 4890// system. 4891type SoftwarePackage struct { 4892 // AptPackage: Details of an APT package. For details about the apt 4893 // package manager, see https://wiki.debian.org/Apt. 4894 AptPackage *VersionedPackage `json:"aptPackage,omitempty"` 4895 4896 // CosPackage: Details of a COS package. 4897 CosPackage *VersionedPackage `json:"cosPackage,omitempty"` 4898 4899 // GoogetPackage: Details of a Googet package. For details about the 4900 // googet package manager, see https://github.com/google/googet. 4901 GoogetPackage *VersionedPackage `json:"googetPackage,omitempty"` 4902 4903 // QfePackage: Details of a Windows Quick Fix engineering package. See 4904 // https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering 4905 // for info in Windows Quick Fix Engineering. 4906 QfePackage *WindowsQuickFixEngineeringPackage `json:"qfePackage,omitempty"` 4907 4908 // WindowsApplication: Details of Windows Application. 4909 WindowsApplication *WindowsApplication `json:"windowsApplication,omitempty"` 4910 4911 // WuaPackage: Details of a Windows Update package. See 4912 // https://docs.microsoft.com/en-us/windows/win32/api/_wua/ for 4913 // information about Windows Update. 4914 WuaPackage *WindowsUpdatePackage `json:"wuaPackage,omitempty"` 4915 4916 // YumPackage: Yum package info. For details about the yum package 4917 // manager, see 4918 // https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/ch-yum. 4919 YumPackage *VersionedPackage `json:"yumPackage,omitempty"` 4920 4921 // ZypperPackage: Details of a Zypper package. For details about the 4922 // Zypper package manager, see 4923 // https://en.opensuse.org/SDB:Zypper_manual. 4924 ZypperPackage *VersionedPackage `json:"zypperPackage,omitempty"` 4925 4926 // ZypperPatch: Details of a Zypper patch. For details about the Zypper 4927 // package manager, see https://en.opensuse.org/SDB:Zypper_manual. 4928 ZypperPatch *ZypperPatch `json:"zypperPatch,omitempty"` 4929 4930 // ForceSendFields is a list of field names (e.g. "AptPackage") to 4931 // unconditionally include in API requests. By default, fields with 4932 // empty or default values are omitted from API requests. However, any 4933 // non-pointer, non-interface field appearing in ForceSendFields will be 4934 // sent to the server regardless of whether the field is empty or not. 4935 // This may be used to include empty fields in Patch requests. 4936 ForceSendFields []string `json:"-"` 4937 4938 // NullFields is a list of field names (e.g. "AptPackage") to include in 4939 // API requests with the JSON null value. By default, fields with empty 4940 // values are omitted from API requests. However, any field with an 4941 // empty value appearing in NullFields will be sent to the server as 4942 // null. It is an error if a field in this list has a non-empty value. 4943 // This may be used to include null fields in Patch requests. 4944 NullFields []string `json:"-"` 4945} 4946 4947func (s *SoftwarePackage) MarshalJSON() ([]byte, error) { 4948 type NoMethod SoftwarePackage 4949 raw := NoMethod(*s) 4950 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4951} 4952 4953// Status: The `Status` type defines a logical error model that is 4954// suitable for different programming environments, including REST APIs 4955// and RPC APIs. It is used by gRPC (https://github.com/grpc). Each 4956// `Status` message contains three pieces of data: error code, error 4957// message, and error details. You can find out more about this error 4958// model and how to work with it in the API Design Guide 4959// (https://cloud.google.com/apis/design/errors). 4960type Status struct { 4961 // Code: The status code, which should be an enum value of 4962 // google.rpc.Code. 4963 Code int64 `json:"code,omitempty"` 4964 4965 // Details: A list of messages that carry the error details. There is a 4966 // common set of message types for APIs to use. 4967 Details []googleapi.RawMessage `json:"details,omitempty"` 4968 4969 // Message: A developer-facing error message, which should be in 4970 // English. Any user-facing error message should be localized and sent 4971 // in the google.rpc.Status.details field, or localized by the client. 4972 Message string `json:"message,omitempty"` 4973 4974 // ForceSendFields is a list of field names (e.g. "Code") to 4975 // unconditionally include in API requests. By default, fields with 4976 // empty or default values are omitted from API requests. However, any 4977 // non-pointer, non-interface field appearing in ForceSendFields will be 4978 // sent to the server regardless of whether the field is empty or not. 4979 // This may be used to include empty fields in Patch requests. 4980 ForceSendFields []string `json:"-"` 4981 4982 // NullFields is a list of field names (e.g. "Code") to include in API 4983 // requests with the JSON null value. By default, fields with empty 4984 // values are omitted from API requests. However, any field with an 4985 // empty value appearing in NullFields will be sent to the server as 4986 // null. It is an error if a field in this list has a non-empty value. 4987 // This may be used to include null fields in Patch requests. 4988 NullFields []string `json:"-"` 4989} 4990 4991func (s *Status) MarshalJSON() ([]byte, error) { 4992 type NoMethod Status 4993 raw := NoMethod(*s) 4994 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 4995} 4996 4997// TemporalAsset: An asset in Google Cloud and its temporal metadata, 4998// including the time window when it was observed and its status during 4999// that window. 5000type TemporalAsset struct { 5001 // Asset: An asset in Google Cloud. 5002 Asset *Asset `json:"asset,omitempty"` 5003 5004 // Deleted: Whether the asset has been deleted or not. 5005 Deleted bool `json:"deleted,omitempty"` 5006 5007 // PriorAsset: Prior copy of the asset. Populated if prior_asset_state 5008 // is PRESENT. Currently this is only set for responses in Real-Time 5009 // Feed. 5010 PriorAsset *Asset `json:"priorAsset,omitempty"` 5011 5012 // PriorAssetState: State of prior_asset. 5013 // 5014 // Possible values: 5015 // "PRIOR_ASSET_STATE_UNSPECIFIED" - prior_asset is not applicable for 5016 // the current asset. 5017 // "PRESENT" - prior_asset is populated correctly. 5018 // "INVALID" - Failed to set prior_asset. 5019 // "DOES_NOT_EXIST" - Current asset is the first known state. 5020 // "DELETED" - prior_asset is a deletion. 5021 PriorAssetState string `json:"priorAssetState,omitempty"` 5022 5023 // Window: The time window when the asset data and state was observed. 5024 Window *TimeWindow `json:"window,omitempty"` 5025 5026 // ForceSendFields is a list of field names (e.g. "Asset") to 5027 // unconditionally include in API requests. By default, fields with 5028 // empty or default values are omitted from API requests. However, any 5029 // non-pointer, non-interface field appearing in ForceSendFields will be 5030 // sent to the server regardless of whether the field is empty or not. 5031 // This may be used to include empty fields in Patch requests. 5032 ForceSendFields []string `json:"-"` 5033 5034 // NullFields is a list of field names (e.g. "Asset") to include in API 5035 // requests with the JSON null value. By default, fields with empty 5036 // values are omitted from API requests. However, any field with an 5037 // empty value appearing in NullFields will be sent to the server as 5038 // null. It is an error if a field in this list has a non-empty value. 5039 // This may be used to include null fields in Patch requests. 5040 NullFields []string `json:"-"` 5041} 5042 5043func (s *TemporalAsset) MarshalJSON() ([]byte, error) { 5044 type NoMethod TemporalAsset 5045 raw := NoMethod(*s) 5046 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5047} 5048 5049// TimeWindow: A time window specified by its `start_time` and 5050// `end_time`. 5051type TimeWindow struct { 5052 // EndTime: End time of the time window (inclusive). If not specified, 5053 // the current timestamp is used instead. 5054 EndTime string `json:"endTime,omitempty"` 5055 5056 // StartTime: Start time of the time window (exclusive). 5057 StartTime string `json:"startTime,omitempty"` 5058 5059 // ForceSendFields is a list of field names (e.g. "EndTime") to 5060 // unconditionally include in API requests. By default, fields with 5061 // empty or default values are omitted from API requests. However, any 5062 // non-pointer, non-interface field appearing in ForceSendFields will be 5063 // sent to the server regardless of whether the field is empty or not. 5064 // This may be used to include empty fields in Patch requests. 5065 ForceSendFields []string `json:"-"` 5066 5067 // NullFields is a list of field names (e.g. "EndTime") to include in 5068 // API requests with the JSON null value. By default, fields with empty 5069 // values are omitted from API requests. However, any field with an 5070 // empty value appearing in NullFields will be sent to the server as 5071 // null. It is an error if a field in this list has a non-empty value. 5072 // This may be used to include null fields in Patch requests. 5073 NullFields []string `json:"-"` 5074} 5075 5076func (s *TimeWindow) MarshalJSON() ([]byte, error) { 5077 type NoMethod TimeWindow 5078 raw := NoMethod(*s) 5079 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5080} 5081 5082// UpdateFeedRequest: Update asset feed request. 5083type UpdateFeedRequest struct { 5084 // Feed: Required. The new values of feed details. It must match an 5085 // existing feed and the field `name` must be in the format of: 5086 // projects/project_number/feeds/feed_id or 5087 // folders/folder_number/feeds/feed_id or 5088 // organizations/organization_number/feeds/feed_id. 5089 Feed *Feed `json:"feed,omitempty"` 5090 5091 // UpdateMask: Required. Only updates the `feed` fields indicated by 5092 // this mask. The field mask must not be empty, and it must not contain 5093 // fields that are immutable or only set by the server. 5094 UpdateMask string `json:"updateMask,omitempty"` 5095 5096 // ForceSendFields is a list of field names (e.g. "Feed") to 5097 // unconditionally include in API requests. By default, fields with 5098 // empty or default values are omitted from API requests. However, any 5099 // non-pointer, non-interface field appearing in ForceSendFields will be 5100 // sent to the server regardless of whether the field is empty or not. 5101 // This may be used to include empty fields in Patch requests. 5102 ForceSendFields []string `json:"-"` 5103 5104 // NullFields is a list of field names (e.g. "Feed") to include in API 5105 // requests with the JSON null value. By default, fields with empty 5106 // values are omitted from API requests. However, any field with an 5107 // empty value appearing in NullFields will be sent to the server as 5108 // null. It is an error if a field in this list has a non-empty value. 5109 // This may be used to include null fields in Patch requests. 5110 NullFields []string `json:"-"` 5111} 5112 5113func (s *UpdateFeedRequest) MarshalJSON() ([]byte, error) { 5114 type NoMethod UpdateFeedRequest 5115 raw := NoMethod(*s) 5116 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5117} 5118 5119// VersionedPackage: Information related to the a standard versioned 5120// package. This includes package info for APT, Yum, Zypper, and Googet 5121// package managers. 5122type VersionedPackage struct { 5123 // Architecture: The system architecture this package is intended for. 5124 Architecture string `json:"architecture,omitempty"` 5125 5126 // PackageName: The name of the package. 5127 PackageName string `json:"packageName,omitempty"` 5128 5129 // Version: The version of the package. 5130 Version string `json:"version,omitempty"` 5131 5132 // ForceSendFields is a list of field names (e.g. "Architecture") to 5133 // unconditionally include in API requests. By default, fields with 5134 // empty or default values are omitted from API requests. However, any 5135 // non-pointer, non-interface field appearing in ForceSendFields will be 5136 // sent to the server regardless of whether the field is empty or not. 5137 // This may be used to include empty fields in Patch requests. 5138 ForceSendFields []string `json:"-"` 5139 5140 // NullFields is a list of field names (e.g. "Architecture") to include 5141 // in API requests with the JSON null value. By default, fields with 5142 // empty values are omitted from API requests. However, any field with 5143 // an empty value appearing in NullFields will be sent to the server as 5144 // null. It is an error if a field in this list has a non-empty value. 5145 // This may be used to include null fields in Patch requests. 5146 NullFields []string `json:"-"` 5147} 5148 5149func (s *VersionedPackage) MarshalJSON() ([]byte, error) { 5150 type NoMethod VersionedPackage 5151 raw := NoMethod(*s) 5152 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5153} 5154 5155// VersionedResource: Resource representation as defined by the 5156// corresponding service providing the resource for a given API version. 5157type VersionedResource struct { 5158 // Resource: JSON representation of the resource as defined by the 5159 // corresponding service providing this resource. Example: If the 5160 // resource is an instance provided by Compute Engine, this field will 5161 // contain the JSON representation of the instance as defined by Compute 5162 // Engine: 5163 // `https://cloud.google.com/compute/docs/reference/rest/v1/instances`. 5164 // You can find the resource definition for each supported resource type 5165 // in this table: 5166 // `https://cloud.google.com/asset-inventory/docs/supported-asset-types#s 5167 // earchable_asset_types` 5168 Resource googleapi.RawMessage `json:"resource,omitempty"` 5169 5170 // Version: API version of the resource. Example: If the resource is an 5171 // instance provided by Compute Engine v1 API as defined in 5172 // `https://cloud.google.com/compute/docs/reference/rest/v1/instances`, 5173 // version will be "v1". 5174 Version string `json:"version,omitempty"` 5175 5176 // ForceSendFields is a list of field names (e.g. "Resource") to 5177 // unconditionally include in API requests. By default, fields with 5178 // empty or default values are omitted from API requests. However, any 5179 // non-pointer, non-interface field appearing in ForceSendFields will be 5180 // sent to the server regardless of whether the field is empty or not. 5181 // This may be used to include empty fields in Patch requests. 5182 ForceSendFields []string `json:"-"` 5183 5184 // NullFields is a list of field names (e.g. "Resource") to include in 5185 // API requests with the JSON null value. By default, fields with empty 5186 // values are omitted from API requests. However, any field with an 5187 // empty value appearing in NullFields will be sent to the server as 5188 // null. It is an error if a field in this list has a non-empty value. 5189 // This may be used to include null fields in Patch requests. 5190 NullFields []string `json:"-"` 5191} 5192 5193func (s *VersionedResource) MarshalJSON() ([]byte, error) { 5194 type NoMethod VersionedResource 5195 raw := NoMethod(*s) 5196 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5197} 5198 5199// WindowsApplication: Contains information about a Windows application 5200// as retrieved from the Windows Registry. For more information about 5201// these fields, see Windows Installer Properties for the Uninstall 5202// Registry 5203// (https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key){: 5204// class="external" } 5205type WindowsApplication struct { 5206 // DisplayName: The name of the application or product. 5207 DisplayName string `json:"displayName,omitempty"` 5208 5209 // DisplayVersion: The version of the product or application in string 5210 // format. 5211 DisplayVersion string `json:"displayVersion,omitempty"` 5212 5213 // HelpLink: The internet address for technical support. 5214 HelpLink string `json:"helpLink,omitempty"` 5215 5216 // InstallDate: The last time this product received service. The value 5217 // of this property is replaced each time a patch is applied or removed 5218 // from the product or the command-line option is used to repair the 5219 // product. 5220 InstallDate *Date `json:"installDate,omitempty"` 5221 5222 // Publisher: The name of the manufacturer for the product or 5223 // application. 5224 Publisher string `json:"publisher,omitempty"` 5225 5226 // ForceSendFields is a list of field names (e.g. "DisplayName") to 5227 // unconditionally include in API requests. By default, fields with 5228 // empty or default values are omitted from API requests. However, any 5229 // non-pointer, non-interface field appearing in ForceSendFields will be 5230 // sent to the server regardless of whether the field is empty or not. 5231 // This may be used to include empty fields in Patch requests. 5232 ForceSendFields []string `json:"-"` 5233 5234 // NullFields is a list of field names (e.g. "DisplayName") to include 5235 // in API requests with the JSON null value. By default, fields with 5236 // empty values are omitted from API requests. However, any field with 5237 // an empty value appearing in NullFields will be sent to the server as 5238 // null. It is an error if a field in this list has a non-empty value. 5239 // This may be used to include null fields in Patch requests. 5240 NullFields []string `json:"-"` 5241} 5242 5243func (s *WindowsApplication) MarshalJSON() ([]byte, error) { 5244 type NoMethod WindowsApplication 5245 raw := NoMethod(*s) 5246 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5247} 5248 5249// WindowsQuickFixEngineeringPackage: Information related to a Quick Fix 5250// Engineering package. Fields are taken from Windows 5251// QuickFixEngineering Interface and match the source names: 5252// https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering 5253type WindowsQuickFixEngineeringPackage struct { 5254 // Caption: A short textual description of the QFE update. 5255 Caption string `json:"caption,omitempty"` 5256 5257 // Description: A textual description of the QFE update. 5258 Description string `json:"description,omitempty"` 5259 5260 // HotFixId: Unique identifier associated with a particular QFE update. 5261 HotFixId string `json:"hotFixId,omitempty"` 5262 5263 // InstallTime: Date that the QFE update was installed. Mapped from 5264 // installed_on field. 5265 InstallTime string `json:"installTime,omitempty"` 5266 5267 // ForceSendFields is a list of field names (e.g. "Caption") to 5268 // unconditionally include in API requests. By default, fields with 5269 // empty or default values are omitted from API requests. However, any 5270 // non-pointer, non-interface field appearing in ForceSendFields will be 5271 // sent to the server regardless of whether the field is empty or not. 5272 // This may be used to include empty fields in Patch requests. 5273 ForceSendFields []string `json:"-"` 5274 5275 // NullFields is a list of field names (e.g. "Caption") to include in 5276 // API requests with the JSON null value. By default, fields with empty 5277 // values are omitted from API requests. However, any field with an 5278 // empty value appearing in NullFields will be sent to the server as 5279 // null. It is an error if a field in this list has a non-empty value. 5280 // This may be used to include null fields in Patch requests. 5281 NullFields []string `json:"-"` 5282} 5283 5284func (s *WindowsQuickFixEngineeringPackage) MarshalJSON() ([]byte, error) { 5285 type NoMethod WindowsQuickFixEngineeringPackage 5286 raw := NoMethod(*s) 5287 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5288} 5289 5290// WindowsUpdateCategory: Categories specified by the Windows Update. 5291type WindowsUpdateCategory struct { 5292 // Id: The identifier of the windows update category. 5293 Id string `json:"id,omitempty"` 5294 5295 // Name: The name of the windows update category. 5296 Name string `json:"name,omitempty"` 5297 5298 // ForceSendFields is a list of field names (e.g. "Id") to 5299 // unconditionally include in API requests. By default, fields with 5300 // empty or default values are omitted from API requests. However, any 5301 // non-pointer, non-interface field appearing in ForceSendFields will be 5302 // sent to the server regardless of whether the field is empty or not. 5303 // This may be used to include empty fields in Patch requests. 5304 ForceSendFields []string `json:"-"` 5305 5306 // NullFields is a list of field names (e.g. "Id") to include in API 5307 // requests with the JSON null value. By default, fields with empty 5308 // values are omitted from API requests. However, any field with an 5309 // empty value appearing in NullFields will be sent to the server as 5310 // null. It is an error if a field in this list has a non-empty value. 5311 // This may be used to include null fields in Patch requests. 5312 NullFields []string `json:"-"` 5313} 5314 5315func (s *WindowsUpdateCategory) MarshalJSON() ([]byte, error) { 5316 type NoMethod WindowsUpdateCategory 5317 raw := NoMethod(*s) 5318 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5319} 5320 5321// WindowsUpdatePackage: Details related to a Windows Update package. 5322// Field data and names are taken from Windows Update API IUpdate 5323// Interface: https://docs.microsoft.com/en-us/windows/win32/api/_wua/ 5324// Descriptive fields like title, and description are localized based on 5325// the locale of the VM being updated. 5326type WindowsUpdatePackage struct { 5327 // Categories: The categories that are associated with this update 5328 // package. 5329 Categories []*WindowsUpdateCategory `json:"categories,omitempty"` 5330 5331 // Description: The localized description of the update package. 5332 Description string `json:"description,omitempty"` 5333 5334 // KbArticleIds: A collection of Microsoft Knowledge Base article IDs 5335 // that are associated with the update package. 5336 KbArticleIds []string `json:"kbArticleIds,omitempty"` 5337 5338 // LastDeploymentChangeTime: The last published date of the update, in 5339 // (UTC) date and time. 5340 LastDeploymentChangeTime string `json:"lastDeploymentChangeTime,omitempty"` 5341 5342 // MoreInfoUrls: A collection of URLs that provide more information 5343 // about the update package. 5344 MoreInfoUrls []string `json:"moreInfoUrls,omitempty"` 5345 5346 // RevisionNumber: The revision number of this update package. 5347 RevisionNumber int64 `json:"revisionNumber,omitempty"` 5348 5349 // SupportUrl: A hyperlink to the language-specific support information 5350 // for the update. 5351 SupportUrl string `json:"supportUrl,omitempty"` 5352 5353 // Title: The localized title of the update package. 5354 Title string `json:"title,omitempty"` 5355 5356 // UpdateId: Gets the identifier of an update package. Stays the same 5357 // across revisions. 5358 UpdateId string `json:"updateId,omitempty"` 5359 5360 // ForceSendFields is a list of field names (e.g. "Categories") to 5361 // unconditionally include in API requests. By default, fields with 5362 // empty or default values are omitted from API requests. However, any 5363 // non-pointer, non-interface field appearing in ForceSendFields will be 5364 // sent to the server regardless of whether the field is empty or not. 5365 // This may be used to include empty fields in Patch requests. 5366 ForceSendFields []string `json:"-"` 5367 5368 // NullFields is a list of field names (e.g. "Categories") to include in 5369 // API requests with the JSON null value. By default, fields with empty 5370 // values are omitted from API requests. However, any field with an 5371 // empty value appearing in NullFields will be sent to the server as 5372 // null. It is an error if a field in this list has a non-empty value. 5373 // This may be used to include null fields in Patch requests. 5374 NullFields []string `json:"-"` 5375} 5376 5377func (s *WindowsUpdatePackage) MarshalJSON() ([]byte, error) { 5378 type NoMethod WindowsUpdatePackage 5379 raw := NoMethod(*s) 5380 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5381} 5382 5383// ZypperPatch: Details related to a Zypper Patch. 5384type ZypperPatch struct { 5385 // Category: The category of the patch. 5386 Category string `json:"category,omitempty"` 5387 5388 // PatchName: The name of the patch. 5389 PatchName string `json:"patchName,omitempty"` 5390 5391 // Severity: The severity specified for this patch 5392 Severity string `json:"severity,omitempty"` 5393 5394 // Summary: Any summary information provided about this patch. 5395 Summary string `json:"summary,omitempty"` 5396 5397 // ForceSendFields is a list of field names (e.g. "Category") to 5398 // unconditionally include in API requests. By default, fields with 5399 // empty or default values are omitted from API requests. However, any 5400 // non-pointer, non-interface field appearing in ForceSendFields will be 5401 // sent to the server regardless of whether the field is empty or not. 5402 // This may be used to include empty fields in Patch requests. 5403 ForceSendFields []string `json:"-"` 5404 5405 // NullFields is a list of field names (e.g. "Category") to include in 5406 // API requests with the JSON null value. By default, fields with empty 5407 // values are omitted from API requests. However, any field with an 5408 // empty value appearing in NullFields will be sent to the server as 5409 // null. It is an error if a field in this list has a non-empty value. 5410 // This may be used to include null fields in Patch requests. 5411 NullFields []string `json:"-"` 5412} 5413 5414func (s *ZypperPatch) MarshalJSON() ([]byte, error) { 5415 type NoMethod ZypperPatch 5416 raw := NoMethod(*s) 5417 return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) 5418} 5419 5420// method id "cloudasset.assets.list": 5421 5422type AssetsListCall struct { 5423 s *Service 5424 parent string 5425 urlParams_ gensupport.URLParams 5426 ifNoneMatch_ string 5427 ctx_ context.Context 5428 header_ http.Header 5429} 5430 5431// List: Lists assets with time and resource types and returns paged 5432// results in response. 5433// 5434// - parent: Name of the organization or project the assets belong to. 5435// Format: "organizations/[organization-number]" (such as 5436// "organizations/123"), "projects/[project-id]" (such as 5437// "projects/my-project-id"), or "projects/[project-number]" (such as 5438// "projects/12345"). 5439func (r *AssetsService) List(parent string) *AssetsListCall { 5440 c := &AssetsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5441 c.parent = parent 5442 return c 5443} 5444 5445// AssetTypes sets the optional parameter "assetTypes": A list of asset 5446// types to take a snapshot for. For example: 5447// "compute.googleapis.com/Disk". Regular expression is also supported. 5448// For example: * "compute.googleapis.com.*" snapshots resources whose 5449// asset type starts with "compute.googleapis.com". * ".*Instance" 5450// snapshots resources whose asset type ends with "Instance". * 5451// ".*Instance.*" snapshots resources whose asset type contains 5452// "Instance". See RE2 (https://github.com/google/re2/wiki/Syntax) for 5453// all supported regular expression syntax. If the regular expression 5454// does not match any supported asset type, an INVALID_ARGUMENT error 5455// will be returned. If specified, only matching assets will be 5456// returned, otherwise, it will snapshot all asset types. See 5457// Introduction to Cloud Asset Inventory 5458// (https://cloud.google.com/asset-inventory/docs/overview) for all 5459// supported asset types. 5460func (c *AssetsListCall) AssetTypes(assetTypes ...string) *AssetsListCall { 5461 c.urlParams_.SetMulti("assetTypes", append([]string{}, assetTypes...)) 5462 return c 5463} 5464 5465// ContentType sets the optional parameter "contentType": Asset content 5466// type. If not specified, no content but the asset name will be 5467// returned. 5468// 5469// Possible values: 5470// "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 5471// "RESOURCE" - Resource metadata. 5472// "IAM_POLICY" - The actual IAM policy set on a resource. 5473// "ORG_POLICY" - The Cloud Organization Policy set on an asset. 5474// "ACCESS_POLICY" - The Cloud Access context manager Policy set on an 5475// asset. 5476// "OS_INVENTORY" - The runtime OS Inventory information. 5477// "RELATIONSHIP" - The related resources. 5478func (c *AssetsListCall) ContentType(contentType string) *AssetsListCall { 5479 c.urlParams_.Set("contentType", contentType) 5480 return c 5481} 5482 5483// PageSize sets the optional parameter "pageSize": The maximum number 5484// of assets to be returned in a single response. Default is 100, 5485// minimum is 1, and maximum is 1000. 5486func (c *AssetsListCall) PageSize(pageSize int64) *AssetsListCall { 5487 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 5488 return c 5489} 5490 5491// PageToken sets the optional parameter "pageToken": The 5492// `next_page_token` returned from the previous `ListAssetsResponse`, or 5493// unspecified for the first `ListAssetsRequest`. It is a continuation 5494// of a prior `ListAssets` call, and the API should return the next page 5495// of assets. 5496func (c *AssetsListCall) PageToken(pageToken string) *AssetsListCall { 5497 c.urlParams_.Set("pageToken", pageToken) 5498 return c 5499} 5500 5501// ReadTime sets the optional parameter "readTime": Timestamp to take an 5502// asset snapshot. This can only be set to a timestamp between the 5503// current time and the current time minus 35 days (inclusive). If not 5504// specified, the current time will be used. Due to delays in resource 5505// data collection and indexing, there is a volatile window during which 5506// running the same query may get different results. 5507func (c *AssetsListCall) ReadTime(readTime string) *AssetsListCall { 5508 c.urlParams_.Set("readTime", readTime) 5509 return c 5510} 5511 5512// RelationshipTypes sets the optional parameter "relationshipTypes": A 5513// list of relationship types to output, for example: 5514// `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if 5515// content_type=RELATIONSHIP. * If specified: it snapshots specified 5516// relationships. It returns an error if any of the [relationship_types] 5517// doesn't belong to the supported relationship types of the 5518// [asset_types] or if any of the [asset_types] doesn't belong to the 5519// source types of the [relationship_types]. * Otherwise: it snapshots 5520// the supported relationships for all [asset_types] or returns an error 5521// if any of the [asset_types] has no relationship support. An 5522// unspecified asset types field means all supported asset_types. See 5523// Introduction to Cloud Asset Inventory 5524// (https://cloud.google.com/asset-inventory/docs/overview) for all 5525// supported asset types and relationship types. 5526func (c *AssetsListCall) RelationshipTypes(relationshipTypes ...string) *AssetsListCall { 5527 c.urlParams_.SetMulti("relationshipTypes", append([]string{}, relationshipTypes...)) 5528 return c 5529} 5530 5531// Fields allows partial responses to be retrieved. See 5532// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5533// for more information. 5534func (c *AssetsListCall) Fields(s ...googleapi.Field) *AssetsListCall { 5535 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5536 return c 5537} 5538 5539// IfNoneMatch sets the optional parameter which makes the operation 5540// fail if the object's ETag matches the given value. This is useful for 5541// getting updates only after the object has changed since the last 5542// request. Use googleapi.IsNotModified to check whether the response 5543// error from Do is the result of In-None-Match. 5544func (c *AssetsListCall) IfNoneMatch(entityTag string) *AssetsListCall { 5545 c.ifNoneMatch_ = entityTag 5546 return c 5547} 5548 5549// Context sets the context to be used in this call's Do method. Any 5550// pending HTTP request will be aborted if the provided context is 5551// canceled. 5552func (c *AssetsListCall) Context(ctx context.Context) *AssetsListCall { 5553 c.ctx_ = ctx 5554 return c 5555} 5556 5557// Header returns an http.Header that can be modified by the caller to 5558// add HTTP headers to the request. 5559func (c *AssetsListCall) Header() http.Header { 5560 if c.header_ == nil { 5561 c.header_ = make(http.Header) 5562 } 5563 return c.header_ 5564} 5565 5566func (c *AssetsListCall) doRequest(alt string) (*http.Response, error) { 5567 reqHeaders := make(http.Header) 5568 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5569 for k, v := range c.header_ { 5570 reqHeaders[k] = v 5571 } 5572 reqHeaders.Set("User-Agent", c.s.userAgent()) 5573 if c.ifNoneMatch_ != "" { 5574 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5575 } 5576 var body io.Reader = nil 5577 c.urlParams_.Set("alt", alt) 5578 c.urlParams_.Set("prettyPrint", "false") 5579 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/assets") 5580 urls += "?" + c.urlParams_.Encode() 5581 req, err := http.NewRequest("GET", urls, body) 5582 if err != nil { 5583 return nil, err 5584 } 5585 req.Header = reqHeaders 5586 googleapi.Expand(req.URL, map[string]string{ 5587 "parent": c.parent, 5588 }) 5589 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5590} 5591 5592// Do executes the "cloudasset.assets.list" call. 5593// Exactly one of *ListAssetsResponse or error will be non-nil. Any 5594// non-2xx status code is an error. Response headers are in either 5595// *ListAssetsResponse.ServerResponse.Header or (if a response was 5596// returned at all) in error.(*googleapi.Error).Header. Use 5597// googleapi.IsNotModified to check whether the returned error was 5598// because http.StatusNotModified was returned. 5599func (c *AssetsListCall) Do(opts ...googleapi.CallOption) (*ListAssetsResponse, error) { 5600 gensupport.SetOptions(c.urlParams_, opts...) 5601 res, err := c.doRequest("json") 5602 if res != nil && res.StatusCode == http.StatusNotModified { 5603 if res.Body != nil { 5604 res.Body.Close() 5605 } 5606 return nil, &googleapi.Error{ 5607 Code: res.StatusCode, 5608 Header: res.Header, 5609 } 5610 } 5611 if err != nil { 5612 return nil, err 5613 } 5614 defer googleapi.CloseBody(res) 5615 if err := googleapi.CheckResponse(res); err != nil { 5616 return nil, err 5617 } 5618 ret := &ListAssetsResponse{ 5619 ServerResponse: googleapi.ServerResponse{ 5620 Header: res.Header, 5621 HTTPStatusCode: res.StatusCode, 5622 }, 5623 } 5624 target := &ret 5625 if err := gensupport.DecodeResponse(target, res); err != nil { 5626 return nil, err 5627 } 5628 return ret, nil 5629 // { 5630 // "description": "Lists assets with time and resource types and returns paged results in response.", 5631 // "flatPath": "v1/{v1Id}/{v1Id1}/assets", 5632 // "httpMethod": "GET", 5633 // "id": "cloudasset.assets.list", 5634 // "parameterOrder": [ 5635 // "parent" 5636 // ], 5637 // "parameters": { 5638 // "assetTypes": { 5639 // "description": "A list of asset types to take a snapshot for. For example: \"compute.googleapis.com/Disk\". Regular expression is also supported. For example: * \"compute.googleapis.com.*\" snapshots resources whose asset type starts with \"compute.googleapis.com\". * \".*Instance\" snapshots resources whose asset type ends with \"Instance\". * \".*Instance.*\" snapshots resources whose asset type contains \"Instance\". See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned. If specified, only matching assets will be returned, otherwise, it will snapshot all asset types. See [Introduction to Cloud Asset Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all supported asset types.", 5640 // "location": "query", 5641 // "repeated": true, 5642 // "type": "string" 5643 // }, 5644 // "contentType": { 5645 // "description": "Asset content type. If not specified, no content but the asset name will be returned.", 5646 // "enum": [ 5647 // "CONTENT_TYPE_UNSPECIFIED", 5648 // "RESOURCE", 5649 // "IAM_POLICY", 5650 // "ORG_POLICY", 5651 // "ACCESS_POLICY", 5652 // "OS_INVENTORY", 5653 // "RELATIONSHIP" 5654 // ], 5655 // "enumDescriptions": [ 5656 // "Unspecified content type.", 5657 // "Resource metadata.", 5658 // "The actual IAM policy set on a resource.", 5659 // "The Cloud Organization Policy set on an asset.", 5660 // "The Cloud Access context manager Policy set on an asset.", 5661 // "The runtime OS Inventory information.", 5662 // "The related resources." 5663 // ], 5664 // "location": "query", 5665 // "type": "string" 5666 // }, 5667 // "pageSize": { 5668 // "description": "The maximum number of assets to be returned in a single response. Default is 100, minimum is 1, and maximum is 1000.", 5669 // "format": "int32", 5670 // "location": "query", 5671 // "type": "integer" 5672 // }, 5673 // "pageToken": { 5674 // "description": "The `next_page_token` returned from the previous `ListAssetsResponse`, or unspecified for the first `ListAssetsRequest`. It is a continuation of a prior `ListAssets` call, and the API should return the next page of assets.", 5675 // "location": "query", 5676 // "type": "string" 5677 // }, 5678 // "parent": { 5679 // "description": "Required. Name of the organization or project the assets belong to. Format: \"organizations/[organization-number]\" (such as \"organizations/123\"), \"projects/[project-id]\" (such as \"projects/my-project-id\"), or \"projects/[project-number]\" (such as \"projects/12345\").", 5680 // "location": "path", 5681 // "pattern": "^[^/]+/[^/]+$", 5682 // "required": true, 5683 // "type": "string" 5684 // }, 5685 // "readTime": { 5686 // "description": "Timestamp to take an asset snapshot. This can only be set to a timestamp between the current time and the current time minus 35 days (inclusive). If not specified, the current time will be used. Due to delays in resource data collection and indexing, there is a volatile window during which running the same query may get different results.", 5687 // "format": "google-datetime", 5688 // "location": "query", 5689 // "type": "string" 5690 // }, 5691 // "relationshipTypes": { 5692 // "description": "A list of relationship types to output, for example: `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if content_type=RELATIONSHIP. * If specified: it snapshots specified relationships. It returns an error if any of the [relationship_types] doesn't belong to the supported relationship types of the [asset_types] or if any of the [asset_types] doesn't belong to the source types of the [relationship_types]. * Otherwise: it snapshots the supported relationships for all [asset_types] or returns an error if any of the [asset_types] has no relationship support. An unspecified asset types field means all supported asset_types. See [Introduction to Cloud Asset Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all supported asset types and relationship types.", 5693 // "location": "query", 5694 // "repeated": true, 5695 // "type": "string" 5696 // } 5697 // }, 5698 // "path": "v1/{+parent}/assets", 5699 // "response": { 5700 // "$ref": "ListAssetsResponse" 5701 // }, 5702 // "scopes": [ 5703 // "https://www.googleapis.com/auth/cloud-platform" 5704 // ] 5705 // } 5706 5707} 5708 5709// Pages invokes f for each page of results. 5710// A non-nil error returned from f will halt the iteration. 5711// The provided context supersedes any context provided to the Context method. 5712func (c *AssetsListCall) Pages(ctx context.Context, f func(*ListAssetsResponse) error) error { 5713 c.ctx_ = ctx 5714 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 5715 for { 5716 x, err := c.Do() 5717 if err != nil { 5718 return err 5719 } 5720 if err := f(x); err != nil { 5721 return err 5722 } 5723 if x.NextPageToken == "" { 5724 return nil 5725 } 5726 c.PageToken(x.NextPageToken) 5727 } 5728} 5729 5730// method id "cloudasset.feeds.create": 5731 5732type FeedsCreateCall struct { 5733 s *Service 5734 parent string 5735 createfeedrequest *CreateFeedRequest 5736 urlParams_ gensupport.URLParams 5737 ctx_ context.Context 5738 header_ http.Header 5739} 5740 5741// Create: Creates a feed in a parent project/folder/organization to 5742// listen to its asset updates. 5743// 5744// - parent: The name of the project/folder/organization where this feed 5745// should be created in. It can only be an organization number (such 5746// as "organizations/123"), a folder number (such as "folders/123"), a 5747// project ID (such as "projects/my-project-id")", or a project number 5748// (such as "projects/12345"). 5749func (r *FeedsService) Create(parent string, createfeedrequest *CreateFeedRequest) *FeedsCreateCall { 5750 c := &FeedsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5751 c.parent = parent 5752 c.createfeedrequest = createfeedrequest 5753 return c 5754} 5755 5756// Fields allows partial responses to be retrieved. See 5757// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5758// for more information. 5759func (c *FeedsCreateCall) Fields(s ...googleapi.Field) *FeedsCreateCall { 5760 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5761 return c 5762} 5763 5764// Context sets the context to be used in this call's Do method. Any 5765// pending HTTP request will be aborted if the provided context is 5766// canceled. 5767func (c *FeedsCreateCall) Context(ctx context.Context) *FeedsCreateCall { 5768 c.ctx_ = ctx 5769 return c 5770} 5771 5772// Header returns an http.Header that can be modified by the caller to 5773// add HTTP headers to the request. 5774func (c *FeedsCreateCall) Header() http.Header { 5775 if c.header_ == nil { 5776 c.header_ = make(http.Header) 5777 } 5778 return c.header_ 5779} 5780 5781func (c *FeedsCreateCall) doRequest(alt string) (*http.Response, error) { 5782 reqHeaders := make(http.Header) 5783 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5784 for k, v := range c.header_ { 5785 reqHeaders[k] = v 5786 } 5787 reqHeaders.Set("User-Agent", c.s.userAgent()) 5788 var body io.Reader = nil 5789 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createfeedrequest) 5790 if err != nil { 5791 return nil, err 5792 } 5793 reqHeaders.Set("Content-Type", "application/json") 5794 c.urlParams_.Set("alt", alt) 5795 c.urlParams_.Set("prettyPrint", "false") 5796 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/feeds") 5797 urls += "?" + c.urlParams_.Encode() 5798 req, err := http.NewRequest("POST", urls, body) 5799 if err != nil { 5800 return nil, err 5801 } 5802 req.Header = reqHeaders 5803 googleapi.Expand(req.URL, map[string]string{ 5804 "parent": c.parent, 5805 }) 5806 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5807} 5808 5809// Do executes the "cloudasset.feeds.create" call. 5810// Exactly one of *Feed or error will be non-nil. Any non-2xx status 5811// code is an error. Response headers are in either 5812// *Feed.ServerResponse.Header or (if a response was returned at all) in 5813// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 5814// whether the returned error was because http.StatusNotModified was 5815// returned. 5816func (c *FeedsCreateCall) Do(opts ...googleapi.CallOption) (*Feed, error) { 5817 gensupport.SetOptions(c.urlParams_, opts...) 5818 res, err := c.doRequest("json") 5819 if res != nil && res.StatusCode == http.StatusNotModified { 5820 if res.Body != nil { 5821 res.Body.Close() 5822 } 5823 return nil, &googleapi.Error{ 5824 Code: res.StatusCode, 5825 Header: res.Header, 5826 } 5827 } 5828 if err != nil { 5829 return nil, err 5830 } 5831 defer googleapi.CloseBody(res) 5832 if err := googleapi.CheckResponse(res); err != nil { 5833 return nil, err 5834 } 5835 ret := &Feed{ 5836 ServerResponse: googleapi.ServerResponse{ 5837 Header: res.Header, 5838 HTTPStatusCode: res.StatusCode, 5839 }, 5840 } 5841 target := &ret 5842 if err := gensupport.DecodeResponse(target, res); err != nil { 5843 return nil, err 5844 } 5845 return ret, nil 5846 // { 5847 // "description": "Creates a feed in a parent project/folder/organization to listen to its asset updates.", 5848 // "flatPath": "v1/{v1Id}/{v1Id1}/feeds", 5849 // "httpMethod": "POST", 5850 // "id": "cloudasset.feeds.create", 5851 // "parameterOrder": [ 5852 // "parent" 5853 // ], 5854 // "parameters": { 5855 // "parent": { 5856 // "description": "Required. The name of the project/folder/organization where this feed should be created in. It can only be an organization number (such as \"organizations/123\"), a folder number (such as \"folders/123\"), a project ID (such as \"projects/my-project-id\")\", or a project number (such as \"projects/12345\").", 5857 // "location": "path", 5858 // "pattern": "^[^/]+/[^/]+$", 5859 // "required": true, 5860 // "type": "string" 5861 // } 5862 // }, 5863 // "path": "v1/{+parent}/feeds", 5864 // "request": { 5865 // "$ref": "CreateFeedRequest" 5866 // }, 5867 // "response": { 5868 // "$ref": "Feed" 5869 // }, 5870 // "scopes": [ 5871 // "https://www.googleapis.com/auth/cloud-platform" 5872 // ] 5873 // } 5874 5875} 5876 5877// method id "cloudasset.feeds.delete": 5878 5879type FeedsDeleteCall struct { 5880 s *Service 5881 name string 5882 urlParams_ gensupport.URLParams 5883 ctx_ context.Context 5884 header_ http.Header 5885} 5886 5887// Delete: Deletes an asset feed. 5888// 5889// - name: The name of the feed and it must be in the format of: 5890// projects/project_number/feeds/feed_id 5891// folders/folder_number/feeds/feed_id 5892// organizations/organization_number/feeds/feed_id. 5893func (r *FeedsService) Delete(name string) *FeedsDeleteCall { 5894 c := &FeedsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5895 c.name = name 5896 return c 5897} 5898 5899// Fields allows partial responses to be retrieved. See 5900// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 5901// for more information. 5902func (c *FeedsDeleteCall) Fields(s ...googleapi.Field) *FeedsDeleteCall { 5903 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5904 return c 5905} 5906 5907// Context sets the context to be used in this call's Do method. Any 5908// pending HTTP request will be aborted if the provided context is 5909// canceled. 5910func (c *FeedsDeleteCall) Context(ctx context.Context) *FeedsDeleteCall { 5911 c.ctx_ = ctx 5912 return c 5913} 5914 5915// Header returns an http.Header that can be modified by the caller to 5916// add HTTP headers to the request. 5917func (c *FeedsDeleteCall) Header() http.Header { 5918 if c.header_ == nil { 5919 c.header_ = make(http.Header) 5920 } 5921 return c.header_ 5922} 5923 5924func (c *FeedsDeleteCall) doRequest(alt string) (*http.Response, error) { 5925 reqHeaders := make(http.Header) 5926 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 5927 for k, v := range c.header_ { 5928 reqHeaders[k] = v 5929 } 5930 reqHeaders.Set("User-Agent", c.s.userAgent()) 5931 var body io.Reader = nil 5932 c.urlParams_.Set("alt", alt) 5933 c.urlParams_.Set("prettyPrint", "false") 5934 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 5935 urls += "?" + c.urlParams_.Encode() 5936 req, err := http.NewRequest("DELETE", urls, body) 5937 if err != nil { 5938 return nil, err 5939 } 5940 req.Header = reqHeaders 5941 googleapi.Expand(req.URL, map[string]string{ 5942 "name": c.name, 5943 }) 5944 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5945} 5946 5947// Do executes the "cloudasset.feeds.delete" call. 5948// Exactly one of *Empty or error will be non-nil. Any non-2xx status 5949// code is an error. Response headers are in either 5950// *Empty.ServerResponse.Header or (if a response was returned at all) 5951// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5952// check whether the returned error was because http.StatusNotModified 5953// was returned. 5954func (c *FeedsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 5955 gensupport.SetOptions(c.urlParams_, opts...) 5956 res, err := c.doRequest("json") 5957 if res != nil && res.StatusCode == http.StatusNotModified { 5958 if res.Body != nil { 5959 res.Body.Close() 5960 } 5961 return nil, &googleapi.Error{ 5962 Code: res.StatusCode, 5963 Header: res.Header, 5964 } 5965 } 5966 if err != nil { 5967 return nil, err 5968 } 5969 defer googleapi.CloseBody(res) 5970 if err := googleapi.CheckResponse(res); err != nil { 5971 return nil, err 5972 } 5973 ret := &Empty{ 5974 ServerResponse: googleapi.ServerResponse{ 5975 Header: res.Header, 5976 HTTPStatusCode: res.StatusCode, 5977 }, 5978 } 5979 target := &ret 5980 if err := gensupport.DecodeResponse(target, res); err != nil { 5981 return nil, err 5982 } 5983 return ret, nil 5984 // { 5985 // "description": "Deletes an asset feed.", 5986 // "flatPath": "v1/{v1Id}/{v1Id1}/feeds/{feedsId}", 5987 // "httpMethod": "DELETE", 5988 // "id": "cloudasset.feeds.delete", 5989 // "parameterOrder": [ 5990 // "name" 5991 // ], 5992 // "parameters": { 5993 // "name": { 5994 // "description": "Required. The name of the feed and it must be in the format of: projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id organizations/organization_number/feeds/feed_id", 5995 // "location": "path", 5996 // "pattern": "^[^/]+/[^/]+/feeds/[^/]+$", 5997 // "required": true, 5998 // "type": "string" 5999 // } 6000 // }, 6001 // "path": "v1/{+name}", 6002 // "response": { 6003 // "$ref": "Empty" 6004 // }, 6005 // "scopes": [ 6006 // "https://www.googleapis.com/auth/cloud-platform" 6007 // ] 6008 // } 6009 6010} 6011 6012// method id "cloudasset.feeds.get": 6013 6014type FeedsGetCall struct { 6015 s *Service 6016 name string 6017 urlParams_ gensupport.URLParams 6018 ifNoneMatch_ string 6019 ctx_ context.Context 6020 header_ http.Header 6021} 6022 6023// Get: Gets details about an asset feed. 6024// 6025// - name: The name of the Feed and it must be in the format of: 6026// projects/project_number/feeds/feed_id 6027// folders/folder_number/feeds/feed_id 6028// organizations/organization_number/feeds/feed_id. 6029func (r *FeedsService) Get(name string) *FeedsGetCall { 6030 c := &FeedsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6031 c.name = name 6032 return c 6033} 6034 6035// Fields allows partial responses to be retrieved. See 6036// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6037// for more information. 6038func (c *FeedsGetCall) Fields(s ...googleapi.Field) *FeedsGetCall { 6039 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6040 return c 6041} 6042 6043// IfNoneMatch sets the optional parameter which makes the operation 6044// fail if the object's ETag matches the given value. This is useful for 6045// getting updates only after the object has changed since the last 6046// request. Use googleapi.IsNotModified to check whether the response 6047// error from Do is the result of In-None-Match. 6048func (c *FeedsGetCall) IfNoneMatch(entityTag string) *FeedsGetCall { 6049 c.ifNoneMatch_ = entityTag 6050 return c 6051} 6052 6053// Context sets the context to be used in this call's Do method. Any 6054// pending HTTP request will be aborted if the provided context is 6055// canceled. 6056func (c *FeedsGetCall) Context(ctx context.Context) *FeedsGetCall { 6057 c.ctx_ = ctx 6058 return c 6059} 6060 6061// Header returns an http.Header that can be modified by the caller to 6062// add HTTP headers to the request. 6063func (c *FeedsGetCall) Header() http.Header { 6064 if c.header_ == nil { 6065 c.header_ = make(http.Header) 6066 } 6067 return c.header_ 6068} 6069 6070func (c *FeedsGetCall) doRequest(alt string) (*http.Response, error) { 6071 reqHeaders := make(http.Header) 6072 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6073 for k, v := range c.header_ { 6074 reqHeaders[k] = v 6075 } 6076 reqHeaders.Set("User-Agent", c.s.userAgent()) 6077 if c.ifNoneMatch_ != "" { 6078 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6079 } 6080 var body io.Reader = nil 6081 c.urlParams_.Set("alt", alt) 6082 c.urlParams_.Set("prettyPrint", "false") 6083 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6084 urls += "?" + c.urlParams_.Encode() 6085 req, err := http.NewRequest("GET", urls, body) 6086 if err != nil { 6087 return nil, err 6088 } 6089 req.Header = reqHeaders 6090 googleapi.Expand(req.URL, map[string]string{ 6091 "name": c.name, 6092 }) 6093 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6094} 6095 6096// Do executes the "cloudasset.feeds.get" call. 6097// Exactly one of *Feed or error will be non-nil. Any non-2xx status 6098// code is an error. Response headers are in either 6099// *Feed.ServerResponse.Header or (if a response was returned at all) in 6100// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6101// whether the returned error was because http.StatusNotModified was 6102// returned. 6103func (c *FeedsGetCall) Do(opts ...googleapi.CallOption) (*Feed, error) { 6104 gensupport.SetOptions(c.urlParams_, opts...) 6105 res, err := c.doRequest("json") 6106 if res != nil && res.StatusCode == http.StatusNotModified { 6107 if res.Body != nil { 6108 res.Body.Close() 6109 } 6110 return nil, &googleapi.Error{ 6111 Code: res.StatusCode, 6112 Header: res.Header, 6113 } 6114 } 6115 if err != nil { 6116 return nil, err 6117 } 6118 defer googleapi.CloseBody(res) 6119 if err := googleapi.CheckResponse(res); err != nil { 6120 return nil, err 6121 } 6122 ret := &Feed{ 6123 ServerResponse: googleapi.ServerResponse{ 6124 Header: res.Header, 6125 HTTPStatusCode: res.StatusCode, 6126 }, 6127 } 6128 target := &ret 6129 if err := gensupport.DecodeResponse(target, res); err != nil { 6130 return nil, err 6131 } 6132 return ret, nil 6133 // { 6134 // "description": "Gets details about an asset feed.", 6135 // "flatPath": "v1/{v1Id}/{v1Id1}/feeds/{feedsId}", 6136 // "httpMethod": "GET", 6137 // "id": "cloudasset.feeds.get", 6138 // "parameterOrder": [ 6139 // "name" 6140 // ], 6141 // "parameters": { 6142 // "name": { 6143 // "description": "Required. The name of the Feed and it must be in the format of: projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id organizations/organization_number/feeds/feed_id", 6144 // "location": "path", 6145 // "pattern": "^[^/]+/[^/]+/feeds/[^/]+$", 6146 // "required": true, 6147 // "type": "string" 6148 // } 6149 // }, 6150 // "path": "v1/{+name}", 6151 // "response": { 6152 // "$ref": "Feed" 6153 // }, 6154 // "scopes": [ 6155 // "https://www.googleapis.com/auth/cloud-platform" 6156 // ] 6157 // } 6158 6159} 6160 6161// method id "cloudasset.feeds.list": 6162 6163type FeedsListCall struct { 6164 s *Service 6165 parent string 6166 urlParams_ gensupport.URLParams 6167 ifNoneMatch_ string 6168 ctx_ context.Context 6169 header_ http.Header 6170} 6171 6172// List: Lists all asset feeds in a parent project/folder/organization. 6173// 6174// - parent: The parent project/folder/organization whose feeds are to 6175// be listed. It can only be using project/folder/organization number 6176// (such as "folders/12345")", or a project ID (such as 6177// "projects/my-project-id"). 6178func (r *FeedsService) List(parent string) *FeedsListCall { 6179 c := &FeedsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6180 c.parent = parent 6181 return c 6182} 6183 6184// Fields allows partial responses to be retrieved. See 6185// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6186// for more information. 6187func (c *FeedsListCall) Fields(s ...googleapi.Field) *FeedsListCall { 6188 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6189 return c 6190} 6191 6192// IfNoneMatch sets the optional parameter which makes the operation 6193// fail if the object's ETag matches the given value. This is useful for 6194// getting updates only after the object has changed since the last 6195// request. Use googleapi.IsNotModified to check whether the response 6196// error from Do is the result of In-None-Match. 6197func (c *FeedsListCall) IfNoneMatch(entityTag string) *FeedsListCall { 6198 c.ifNoneMatch_ = entityTag 6199 return c 6200} 6201 6202// Context sets the context to be used in this call's Do method. Any 6203// pending HTTP request will be aborted if the provided context is 6204// canceled. 6205func (c *FeedsListCall) Context(ctx context.Context) *FeedsListCall { 6206 c.ctx_ = ctx 6207 return c 6208} 6209 6210// Header returns an http.Header that can be modified by the caller to 6211// add HTTP headers to the request. 6212func (c *FeedsListCall) Header() http.Header { 6213 if c.header_ == nil { 6214 c.header_ = make(http.Header) 6215 } 6216 return c.header_ 6217} 6218 6219func (c *FeedsListCall) doRequest(alt string) (*http.Response, error) { 6220 reqHeaders := make(http.Header) 6221 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6222 for k, v := range c.header_ { 6223 reqHeaders[k] = v 6224 } 6225 reqHeaders.Set("User-Agent", c.s.userAgent()) 6226 if c.ifNoneMatch_ != "" { 6227 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6228 } 6229 var body io.Reader = nil 6230 c.urlParams_.Set("alt", alt) 6231 c.urlParams_.Set("prettyPrint", "false") 6232 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/feeds") 6233 urls += "?" + c.urlParams_.Encode() 6234 req, err := http.NewRequest("GET", urls, body) 6235 if err != nil { 6236 return nil, err 6237 } 6238 req.Header = reqHeaders 6239 googleapi.Expand(req.URL, map[string]string{ 6240 "parent": c.parent, 6241 }) 6242 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6243} 6244 6245// Do executes the "cloudasset.feeds.list" call. 6246// Exactly one of *ListFeedsResponse or error will be non-nil. Any 6247// non-2xx status code is an error. Response headers are in either 6248// *ListFeedsResponse.ServerResponse.Header or (if a response was 6249// returned at all) in error.(*googleapi.Error).Header. Use 6250// googleapi.IsNotModified to check whether the returned error was 6251// because http.StatusNotModified was returned. 6252func (c *FeedsListCall) Do(opts ...googleapi.CallOption) (*ListFeedsResponse, error) { 6253 gensupport.SetOptions(c.urlParams_, opts...) 6254 res, err := c.doRequest("json") 6255 if res != nil && res.StatusCode == http.StatusNotModified { 6256 if res.Body != nil { 6257 res.Body.Close() 6258 } 6259 return nil, &googleapi.Error{ 6260 Code: res.StatusCode, 6261 Header: res.Header, 6262 } 6263 } 6264 if err != nil { 6265 return nil, err 6266 } 6267 defer googleapi.CloseBody(res) 6268 if err := googleapi.CheckResponse(res); err != nil { 6269 return nil, err 6270 } 6271 ret := &ListFeedsResponse{ 6272 ServerResponse: googleapi.ServerResponse{ 6273 Header: res.Header, 6274 HTTPStatusCode: res.StatusCode, 6275 }, 6276 } 6277 target := &ret 6278 if err := gensupport.DecodeResponse(target, res); err != nil { 6279 return nil, err 6280 } 6281 return ret, nil 6282 // { 6283 // "description": "Lists all asset feeds in a parent project/folder/organization.", 6284 // "flatPath": "v1/{v1Id}/{v1Id1}/feeds", 6285 // "httpMethod": "GET", 6286 // "id": "cloudasset.feeds.list", 6287 // "parameterOrder": [ 6288 // "parent" 6289 // ], 6290 // "parameters": { 6291 // "parent": { 6292 // "description": "Required. The parent project/folder/organization whose feeds are to be listed. It can only be using project/folder/organization number (such as \"folders/12345\")\", or a project ID (such as \"projects/my-project-id\").", 6293 // "location": "path", 6294 // "pattern": "^[^/]+/[^/]+$", 6295 // "required": true, 6296 // "type": "string" 6297 // } 6298 // }, 6299 // "path": "v1/{+parent}/feeds", 6300 // "response": { 6301 // "$ref": "ListFeedsResponse" 6302 // }, 6303 // "scopes": [ 6304 // "https://www.googleapis.com/auth/cloud-platform" 6305 // ] 6306 // } 6307 6308} 6309 6310// method id "cloudasset.feeds.patch": 6311 6312type FeedsPatchCall struct { 6313 s *Service 6314 nameid string 6315 updatefeedrequest *UpdateFeedRequest 6316 urlParams_ gensupport.URLParams 6317 ctx_ context.Context 6318 header_ http.Header 6319} 6320 6321// Patch: Updates an asset feed configuration. 6322// 6323// - name: The format will be 6324// projects/{project_number}/feeds/{client-assigned_feed_identifier} 6325// or folders/{folder_number}/feeds/{client-assigned_feed_identifier} 6326// or 6327// organizations/{organization_number}/feeds/{client-assigned_feed_iden 6328// tifier} The client-assigned feed identifier must be unique within 6329// the parent project/folder/organization. 6330func (r *FeedsService) Patch(nameid string, updatefeedrequest *UpdateFeedRequest) *FeedsPatchCall { 6331 c := &FeedsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6332 c.nameid = nameid 6333 c.updatefeedrequest = updatefeedrequest 6334 return c 6335} 6336 6337// Fields allows partial responses to be retrieved. See 6338// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6339// for more information. 6340func (c *FeedsPatchCall) Fields(s ...googleapi.Field) *FeedsPatchCall { 6341 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6342 return c 6343} 6344 6345// Context sets the context to be used in this call's Do method. Any 6346// pending HTTP request will be aborted if the provided context is 6347// canceled. 6348func (c *FeedsPatchCall) Context(ctx context.Context) *FeedsPatchCall { 6349 c.ctx_ = ctx 6350 return c 6351} 6352 6353// Header returns an http.Header that can be modified by the caller to 6354// add HTTP headers to the request. 6355func (c *FeedsPatchCall) Header() http.Header { 6356 if c.header_ == nil { 6357 c.header_ = make(http.Header) 6358 } 6359 return c.header_ 6360} 6361 6362func (c *FeedsPatchCall) doRequest(alt string) (*http.Response, error) { 6363 reqHeaders := make(http.Header) 6364 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6365 for k, v := range c.header_ { 6366 reqHeaders[k] = v 6367 } 6368 reqHeaders.Set("User-Agent", c.s.userAgent()) 6369 var body io.Reader = nil 6370 body, err := googleapi.WithoutDataWrapper.JSONReader(c.updatefeedrequest) 6371 if err != nil { 6372 return nil, err 6373 } 6374 reqHeaders.Set("Content-Type", "application/json") 6375 c.urlParams_.Set("alt", alt) 6376 c.urlParams_.Set("prettyPrint", "false") 6377 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6378 urls += "?" + c.urlParams_.Encode() 6379 req, err := http.NewRequest("PATCH", urls, body) 6380 if err != nil { 6381 return nil, err 6382 } 6383 req.Header = reqHeaders 6384 googleapi.Expand(req.URL, map[string]string{ 6385 "name": c.nameid, 6386 }) 6387 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6388} 6389 6390// Do executes the "cloudasset.feeds.patch" call. 6391// Exactly one of *Feed or error will be non-nil. Any non-2xx status 6392// code is an error. Response headers are in either 6393// *Feed.ServerResponse.Header or (if a response was returned at all) in 6394// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6395// whether the returned error was because http.StatusNotModified was 6396// returned. 6397func (c *FeedsPatchCall) Do(opts ...googleapi.CallOption) (*Feed, error) { 6398 gensupport.SetOptions(c.urlParams_, opts...) 6399 res, err := c.doRequest("json") 6400 if res != nil && res.StatusCode == http.StatusNotModified { 6401 if res.Body != nil { 6402 res.Body.Close() 6403 } 6404 return nil, &googleapi.Error{ 6405 Code: res.StatusCode, 6406 Header: res.Header, 6407 } 6408 } 6409 if err != nil { 6410 return nil, err 6411 } 6412 defer googleapi.CloseBody(res) 6413 if err := googleapi.CheckResponse(res); err != nil { 6414 return nil, err 6415 } 6416 ret := &Feed{ 6417 ServerResponse: googleapi.ServerResponse{ 6418 Header: res.Header, 6419 HTTPStatusCode: res.StatusCode, 6420 }, 6421 } 6422 target := &ret 6423 if err := gensupport.DecodeResponse(target, res); err != nil { 6424 return nil, err 6425 } 6426 return ret, nil 6427 // { 6428 // "description": "Updates an asset feed configuration.", 6429 // "flatPath": "v1/{v1Id}/{v1Id1}/feeds/{feedsId}", 6430 // "httpMethod": "PATCH", 6431 // "id": "cloudasset.feeds.patch", 6432 // "parameterOrder": [ 6433 // "name" 6434 // ], 6435 // "parameters": { 6436 // "name": { 6437 // "description": "Required. The format will be projects/{project_number}/feeds/{client-assigned_feed_identifier} or folders/{folder_number}/feeds/{client-assigned_feed_identifier} or organizations/{organization_number}/feeds/{client-assigned_feed_identifier} The client-assigned feed identifier must be unique within the parent project/folder/organization.", 6438 // "location": "path", 6439 // "pattern": "^[^/]+/[^/]+/feeds/[^/]+$", 6440 // "required": true, 6441 // "type": "string" 6442 // } 6443 // }, 6444 // "path": "v1/{+name}", 6445 // "request": { 6446 // "$ref": "UpdateFeedRequest" 6447 // }, 6448 // "response": { 6449 // "$ref": "Feed" 6450 // }, 6451 // "scopes": [ 6452 // "https://www.googleapis.com/auth/cloud-platform" 6453 // ] 6454 // } 6455 6456} 6457 6458// method id "cloudasset.operations.get": 6459 6460type OperationsGetCall struct { 6461 s *Service 6462 name string 6463 urlParams_ gensupport.URLParams 6464 ifNoneMatch_ string 6465 ctx_ context.Context 6466 header_ http.Header 6467} 6468 6469// Get: Gets the latest state of a long-running operation. Clients can 6470// use this method to poll the operation result at intervals as 6471// recommended by the API service. 6472// 6473// - name: The name of the operation resource. 6474func (r *OperationsService) Get(name string) *OperationsGetCall { 6475 c := &OperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6476 c.name = name 6477 return c 6478} 6479 6480// Fields allows partial responses to be retrieved. See 6481// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6482// for more information. 6483func (c *OperationsGetCall) Fields(s ...googleapi.Field) *OperationsGetCall { 6484 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6485 return c 6486} 6487 6488// IfNoneMatch sets the optional parameter which makes the operation 6489// fail if the object's ETag matches the given value. This is useful for 6490// getting updates only after the object has changed since the last 6491// request. Use googleapi.IsNotModified to check whether the response 6492// error from Do is the result of In-None-Match. 6493func (c *OperationsGetCall) IfNoneMatch(entityTag string) *OperationsGetCall { 6494 c.ifNoneMatch_ = entityTag 6495 return c 6496} 6497 6498// Context sets the context to be used in this call's Do method. Any 6499// pending HTTP request will be aborted if the provided context is 6500// canceled. 6501func (c *OperationsGetCall) Context(ctx context.Context) *OperationsGetCall { 6502 c.ctx_ = ctx 6503 return c 6504} 6505 6506// Header returns an http.Header that can be modified by the caller to 6507// add HTTP headers to the request. 6508func (c *OperationsGetCall) Header() http.Header { 6509 if c.header_ == nil { 6510 c.header_ = make(http.Header) 6511 } 6512 return c.header_ 6513} 6514 6515func (c *OperationsGetCall) doRequest(alt string) (*http.Response, error) { 6516 reqHeaders := make(http.Header) 6517 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6518 for k, v := range c.header_ { 6519 reqHeaders[k] = v 6520 } 6521 reqHeaders.Set("User-Agent", c.s.userAgent()) 6522 if c.ifNoneMatch_ != "" { 6523 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6524 } 6525 var body io.Reader = nil 6526 c.urlParams_.Set("alt", alt) 6527 c.urlParams_.Set("prettyPrint", "false") 6528 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6529 urls += "?" + c.urlParams_.Encode() 6530 req, err := http.NewRequest("GET", urls, body) 6531 if err != nil { 6532 return nil, err 6533 } 6534 req.Header = reqHeaders 6535 googleapi.Expand(req.URL, map[string]string{ 6536 "name": c.name, 6537 }) 6538 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6539} 6540 6541// Do executes the "cloudasset.operations.get" call. 6542// Exactly one of *Operation or error will be non-nil. Any non-2xx 6543// status code is an error. Response headers are in either 6544// *Operation.ServerResponse.Header or (if a response was returned at 6545// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 6546// to check whether the returned error was because 6547// http.StatusNotModified was returned. 6548func (c *OperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6549 gensupport.SetOptions(c.urlParams_, opts...) 6550 res, err := c.doRequest("json") 6551 if res != nil && res.StatusCode == http.StatusNotModified { 6552 if res.Body != nil { 6553 res.Body.Close() 6554 } 6555 return nil, &googleapi.Error{ 6556 Code: res.StatusCode, 6557 Header: res.Header, 6558 } 6559 } 6560 if err != nil { 6561 return nil, err 6562 } 6563 defer googleapi.CloseBody(res) 6564 if err := googleapi.CheckResponse(res); err != nil { 6565 return nil, err 6566 } 6567 ret := &Operation{ 6568 ServerResponse: googleapi.ServerResponse{ 6569 Header: res.Header, 6570 HTTPStatusCode: res.StatusCode, 6571 }, 6572 } 6573 target := &ret 6574 if err := gensupport.DecodeResponse(target, res); err != nil { 6575 return nil, err 6576 } 6577 return ret, nil 6578 // { 6579 // "description": "Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.", 6580 // "flatPath": "v1/{v1Id}/{v1Id1}/operations/{operationsId}/{operationsId1}", 6581 // "httpMethod": "GET", 6582 // "id": "cloudasset.operations.get", 6583 // "parameterOrder": [ 6584 // "name" 6585 // ], 6586 // "parameters": { 6587 // "name": { 6588 // "description": "The name of the operation resource.", 6589 // "location": "path", 6590 // "pattern": "^[^/]+/[^/]+/operations/[^/]+/.*$", 6591 // "required": true, 6592 // "type": "string" 6593 // } 6594 // }, 6595 // "path": "v1/{+name}", 6596 // "response": { 6597 // "$ref": "Operation" 6598 // }, 6599 // "scopes": [ 6600 // "https://www.googleapis.com/auth/cloud-platform" 6601 // ] 6602 // } 6603 6604} 6605 6606// method id "cloudasset.analyzeIamPolicy": 6607 6608type V1AnalyzeIamPolicyCall struct { 6609 s *Service 6610 scope string 6611 urlParams_ gensupport.URLParams 6612 ifNoneMatch_ string 6613 ctx_ context.Context 6614 header_ http.Header 6615} 6616 6617// AnalyzeIamPolicy: Analyzes IAM policies to answer which identities 6618// have what accesses on which resources. 6619// 6620// - scope: The relative name of the root asset. Only resources and IAM 6621// policies within the scope will be analyzed. This can only be an 6622// organization number (such as "organizations/123"), a folder number 6623// (such as "folders/123"), a project ID (such as 6624// "projects/my-project-id"), or a project number (such as 6625// "projects/12345"). To know how to get organization id, visit here 6626// (https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). 6627// To know how to get folder or project id, visit here 6628// (https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). 6629func (r *V1Service) AnalyzeIamPolicy(scope string) *V1AnalyzeIamPolicyCall { 6630 c := &V1AnalyzeIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6631 c.scope = scope 6632 return c 6633} 6634 6635// AnalysisQueryAccessSelectorPermissions sets the optional parameter 6636// "analysisQuery.accessSelector.permissions": The permissions to appear 6637// in result. 6638func (c *V1AnalyzeIamPolicyCall) AnalysisQueryAccessSelectorPermissions(analysisQueryAccessSelectorPermissions ...string) *V1AnalyzeIamPolicyCall { 6639 c.urlParams_.SetMulti("analysisQuery.accessSelector.permissions", append([]string{}, analysisQueryAccessSelectorPermissions...)) 6640 return c 6641} 6642 6643// AnalysisQueryAccessSelectorRoles sets the optional parameter 6644// "analysisQuery.accessSelector.roles": The roles to appear in result. 6645func (c *V1AnalyzeIamPolicyCall) AnalysisQueryAccessSelectorRoles(analysisQueryAccessSelectorRoles ...string) *V1AnalyzeIamPolicyCall { 6646 c.urlParams_.SetMulti("analysisQuery.accessSelector.roles", append([]string{}, analysisQueryAccessSelectorRoles...)) 6647 return c 6648} 6649 6650// AnalysisQueryConditionContextAccessTime sets the optional parameter 6651// "analysisQuery.conditionContext.accessTime": The hypothetical access 6652// timestamp to evaluate IAM conditions. Note that this value must not 6653// be earlier than the current time; otherwise, an INVALID_ARGUMENT 6654// error will be returned. 6655func (c *V1AnalyzeIamPolicyCall) AnalysisQueryConditionContextAccessTime(analysisQueryConditionContextAccessTime string) *V1AnalyzeIamPolicyCall { 6656 c.urlParams_.Set("analysisQuery.conditionContext.accessTime", analysisQueryConditionContextAccessTime) 6657 return c 6658} 6659 6660// AnalysisQueryIdentitySelectorIdentity sets the optional parameter 6661// "analysisQuery.identitySelector.identity": Required. The identity 6662// appear in the form of members in IAM policy binding 6663// (https://cloud.google.com/iam/reference/rest/v1/Binding). The 6664// examples of supported forms are: "user:mike@example.com", 6665// "group:admins@example.com", "domain:google.com", 6666// "serviceAccount:my-project-id@appspot.gserviceaccount.com". Notice 6667// that wildcard characters (such as * and ?) are not supported. You 6668// must give a specific identity. 6669func (c *V1AnalyzeIamPolicyCall) AnalysisQueryIdentitySelectorIdentity(analysisQueryIdentitySelectorIdentity string) *V1AnalyzeIamPolicyCall { 6670 c.urlParams_.Set("analysisQuery.identitySelector.identity", analysisQueryIdentitySelectorIdentity) 6671 return c 6672} 6673 6674// AnalysisQueryOptionsAnalyzeServiceAccountImpersonation sets the 6675// optional parameter 6676// "analysisQuery.options.analyzeServiceAccountImpersonation": If true, 6677// the response will include access analysis from identities to 6678// resources via service account impersonation. This is a very expensive 6679// operation, because many derived queries will be executed. We highly 6680// recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc 6681// instead. For example, if the request analyzes for which resources 6682// user A has permission P, and there's an IAM policy states user A has 6683// iam.serviceAccounts.getAccessToken permission to a service account 6684// SA, and there's another IAM policy states service account SA has 6685// permission P to a GCP folder F, then user A potentially has access to 6686// the GCP folder F. And those advanced analysis results will be 6687// included in 6688// AnalyzeIamPolicyResponse.service_account_impersonation_analysis. 6689// Another example, if the request analyzes for who has permission P to 6690// a GCP folder F, and there's an IAM policy states user A has 6691// iam.serviceAccounts.actAs permission to a service account SA, and 6692// there's another IAM policy states service account SA has permission P 6693// to the GCP folder F, then user A potentially has access to the GCP 6694// folder F. And those advanced analysis results will be included in 6695// AnalyzeIamPolicyResponse.service_account_impersonation_analysis. 6696// Default is false. 6697func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsAnalyzeServiceAccountImpersonation(analysisQueryOptionsAnalyzeServiceAccountImpersonation bool) *V1AnalyzeIamPolicyCall { 6698 c.urlParams_.Set("analysisQuery.options.analyzeServiceAccountImpersonation", fmt.Sprint(analysisQueryOptionsAnalyzeServiceAccountImpersonation)) 6699 return c 6700} 6701 6702// AnalysisQueryOptionsExpandGroups sets the optional parameter 6703// "analysisQuery.options.expandGroups": If true, the identities section 6704// of the result will expand any Google groups appearing in an IAM 6705// policy binding. If IamPolicyAnalysisQuery.identity_selector is 6706// specified, the identity in the result will be determined by the 6707// selector, and this flag is not allowed to set. Default is false. 6708func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsExpandGroups(analysisQueryOptionsExpandGroups bool) *V1AnalyzeIamPolicyCall { 6709 c.urlParams_.Set("analysisQuery.options.expandGroups", fmt.Sprint(analysisQueryOptionsExpandGroups)) 6710 return c 6711} 6712 6713// AnalysisQueryOptionsExpandResources sets the optional parameter 6714// "analysisQuery.options.expandResources": If true and 6715// IamPolicyAnalysisQuery.resource_selector is not specified, the 6716// resource section of the result will expand any resource attached to 6717// an IAM policy to include resources lower in the resource hierarchy. 6718// For example, if the request analyzes for which resources user A has 6719// permission P, and the results include an IAM policy with P on a GCP 6720// folder, the results will also include resources in that folder with 6721// permission P. If true and IamPolicyAnalysisQuery.resource_selector is 6722// specified, the resource section of the result will expand the 6723// specified resource to include resources lower in the resource 6724// hierarchy. Only project or lower resources are supported. Folder and 6725// organization resource cannot be used together with this option. For 6726// example, if the request analyzes for which users have permission P on 6727// a GCP project with this option enabled, the results will include all 6728// users who have permission P on that project or any lower resource. 6729// Default is false. 6730func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsExpandResources(analysisQueryOptionsExpandResources bool) *V1AnalyzeIamPolicyCall { 6731 c.urlParams_.Set("analysisQuery.options.expandResources", fmt.Sprint(analysisQueryOptionsExpandResources)) 6732 return c 6733} 6734 6735// AnalysisQueryOptionsExpandRoles sets the optional parameter 6736// "analysisQuery.options.expandRoles": If true, the access section of 6737// result will expand any roles appearing in IAM policy bindings to 6738// include their permissions. If IamPolicyAnalysisQuery.access_selector 6739// is specified, the access section of the result will be determined by 6740// the selector, and this flag is not allowed to set. Default is false. 6741func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsExpandRoles(analysisQueryOptionsExpandRoles bool) *V1AnalyzeIamPolicyCall { 6742 c.urlParams_.Set("analysisQuery.options.expandRoles", fmt.Sprint(analysisQueryOptionsExpandRoles)) 6743 return c 6744} 6745 6746// AnalysisQueryOptionsOutputGroupEdges sets the optional parameter 6747// "analysisQuery.options.outputGroupEdges": If true, the result will 6748// output group identity edges, starting from the binding's group 6749// members, to any expanded identities. Default is false. 6750func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsOutputGroupEdges(analysisQueryOptionsOutputGroupEdges bool) *V1AnalyzeIamPolicyCall { 6751 c.urlParams_.Set("analysisQuery.options.outputGroupEdges", fmt.Sprint(analysisQueryOptionsOutputGroupEdges)) 6752 return c 6753} 6754 6755// AnalysisQueryOptionsOutputResourceEdges sets the optional parameter 6756// "analysisQuery.options.outputResourceEdges": If true, the result will 6757// output resource edges, starting from the policy attached resource, to 6758// any expanded resources. Default is false. 6759func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsOutputResourceEdges(analysisQueryOptionsOutputResourceEdges bool) *V1AnalyzeIamPolicyCall { 6760 c.urlParams_.Set("analysisQuery.options.outputResourceEdges", fmt.Sprint(analysisQueryOptionsOutputResourceEdges)) 6761 return c 6762} 6763 6764// AnalysisQueryResourceSelectorFullResourceName sets the optional 6765// parameter "analysisQuery.resourceSelector.fullResourceName": 6766// Required. The [full resource name] 6767// (https://cloud.google.com/asset-inventory/docs/resource-name-format) 6768// of a resource of supported resource types 6769// (https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types). 6770func (c *V1AnalyzeIamPolicyCall) AnalysisQueryResourceSelectorFullResourceName(analysisQueryResourceSelectorFullResourceName string) *V1AnalyzeIamPolicyCall { 6771 c.urlParams_.Set("analysisQuery.resourceSelector.fullResourceName", analysisQueryResourceSelectorFullResourceName) 6772 return c 6773} 6774 6775// ExecutionTimeout sets the optional parameter "executionTimeout": 6776// Amount of time executable has to complete. See JSON representation of 6777// Duration 6778// (https://developers.google.com/protocol-buffers/docs/proto3#json). If 6779// this field is set with a value less than the RPC deadline, and the 6780// execution of your query hasn't finished in the specified execution 6781// timeout, you will get a response with partial result. Otherwise, your 6782// query's execution will continue until the RPC deadline. If it's not 6783// finished until then, you will get a DEADLINE_EXCEEDED error. Default 6784// is empty. 6785func (c *V1AnalyzeIamPolicyCall) ExecutionTimeout(executionTimeout string) *V1AnalyzeIamPolicyCall { 6786 c.urlParams_.Set("executionTimeout", executionTimeout) 6787 return c 6788} 6789 6790// Fields allows partial responses to be retrieved. See 6791// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 6792// for more information. 6793func (c *V1AnalyzeIamPolicyCall) Fields(s ...googleapi.Field) *V1AnalyzeIamPolicyCall { 6794 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6795 return c 6796} 6797 6798// IfNoneMatch sets the optional parameter which makes the operation 6799// fail if the object's ETag matches the given value. This is useful for 6800// getting updates only after the object has changed since the last 6801// request. Use googleapi.IsNotModified to check whether the response 6802// error from Do is the result of In-None-Match. 6803func (c *V1AnalyzeIamPolicyCall) IfNoneMatch(entityTag string) *V1AnalyzeIamPolicyCall { 6804 c.ifNoneMatch_ = entityTag 6805 return c 6806} 6807 6808// Context sets the context to be used in this call's Do method. Any 6809// pending HTTP request will be aborted if the provided context is 6810// canceled. 6811func (c *V1AnalyzeIamPolicyCall) Context(ctx context.Context) *V1AnalyzeIamPolicyCall { 6812 c.ctx_ = ctx 6813 return c 6814} 6815 6816// Header returns an http.Header that can be modified by the caller to 6817// add HTTP headers to the request. 6818func (c *V1AnalyzeIamPolicyCall) Header() http.Header { 6819 if c.header_ == nil { 6820 c.header_ = make(http.Header) 6821 } 6822 return c.header_ 6823} 6824 6825func (c *V1AnalyzeIamPolicyCall) doRequest(alt string) (*http.Response, error) { 6826 reqHeaders := make(http.Header) 6827 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 6828 for k, v := range c.header_ { 6829 reqHeaders[k] = v 6830 } 6831 reqHeaders.Set("User-Agent", c.s.userAgent()) 6832 if c.ifNoneMatch_ != "" { 6833 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6834 } 6835 var body io.Reader = nil 6836 c.urlParams_.Set("alt", alt) 6837 c.urlParams_.Set("prettyPrint", "false") 6838 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:analyzeIamPolicy") 6839 urls += "?" + c.urlParams_.Encode() 6840 req, err := http.NewRequest("GET", urls, body) 6841 if err != nil { 6842 return nil, err 6843 } 6844 req.Header = reqHeaders 6845 googleapi.Expand(req.URL, map[string]string{ 6846 "scope": c.scope, 6847 }) 6848 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6849} 6850 6851// Do executes the "cloudasset.analyzeIamPolicy" call. 6852// Exactly one of *AnalyzeIamPolicyResponse or error will be non-nil. 6853// Any non-2xx status code is an error. Response headers are in either 6854// *AnalyzeIamPolicyResponse.ServerResponse.Header or (if a response was 6855// returned at all) in error.(*googleapi.Error).Header. Use 6856// googleapi.IsNotModified to check whether the returned error was 6857// because http.StatusNotModified was returned. 6858func (c *V1AnalyzeIamPolicyCall) Do(opts ...googleapi.CallOption) (*AnalyzeIamPolicyResponse, error) { 6859 gensupport.SetOptions(c.urlParams_, opts...) 6860 res, err := c.doRequest("json") 6861 if res != nil && res.StatusCode == http.StatusNotModified { 6862 if res.Body != nil { 6863 res.Body.Close() 6864 } 6865 return nil, &googleapi.Error{ 6866 Code: res.StatusCode, 6867 Header: res.Header, 6868 } 6869 } 6870 if err != nil { 6871 return nil, err 6872 } 6873 defer googleapi.CloseBody(res) 6874 if err := googleapi.CheckResponse(res); err != nil { 6875 return nil, err 6876 } 6877 ret := &AnalyzeIamPolicyResponse{ 6878 ServerResponse: googleapi.ServerResponse{ 6879 Header: res.Header, 6880 HTTPStatusCode: res.StatusCode, 6881 }, 6882 } 6883 target := &ret 6884 if err := gensupport.DecodeResponse(target, res); err != nil { 6885 return nil, err 6886 } 6887 return ret, nil 6888 // { 6889 // "description": "Analyzes IAM policies to answer which identities have what accesses on which resources.", 6890 // "flatPath": "v1/{v1Id}/{v1Id1}:analyzeIamPolicy", 6891 // "httpMethod": "GET", 6892 // "id": "cloudasset.analyzeIamPolicy", 6893 // "parameterOrder": [ 6894 // "scope" 6895 // ], 6896 // "parameters": { 6897 // "analysisQuery.accessSelector.permissions": { 6898 // "description": "Optional. The permissions to appear in result.", 6899 // "location": "query", 6900 // "repeated": true, 6901 // "type": "string" 6902 // }, 6903 // "analysisQuery.accessSelector.roles": { 6904 // "description": "Optional. The roles to appear in result.", 6905 // "location": "query", 6906 // "repeated": true, 6907 // "type": "string" 6908 // }, 6909 // "analysisQuery.conditionContext.accessTime": { 6910 // "description": "The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned.", 6911 // "format": "google-datetime", 6912 // "location": "query", 6913 // "type": "string" 6914 // }, 6915 // "analysisQuery.identitySelector.identity": { 6916 // "description": "Required. The identity appear in the form of members in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\". Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity.", 6917 // "location": "query", 6918 // "type": "string" 6919 // }, 6920 // "analysisQuery.options.analyzeServiceAccountImpersonation": { 6921 // "description": "Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if the request analyzes for which resources user A has permission P, and there's an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there's another IAM policy states service account SA has permission P to a GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a GCP folder F, and there's an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there's another IAM policy states service account SA has permission P to the GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Default is false.", 6922 // "location": "query", 6923 // "type": "boolean" 6924 // }, 6925 // "analysisQuery.options.expandGroups": { 6926 // "description": "Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. Default is false.", 6927 // "location": "query", 6928 // "type": "boolean" 6929 // }, 6930 // "analysisQuery.options.expandResources": { 6931 // "description": "Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a GCP folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resource cannot be used together with this option. For example, if the request analyzes for which users have permission P on a GCP project with this option enabled, the results will include all users who have permission P on that project or any lower resource. Default is false.", 6932 // "location": "query", 6933 // "type": "boolean" 6934 // }, 6935 // "analysisQuery.options.expandRoles": { 6936 // "description": "Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false.", 6937 // "location": "query", 6938 // "type": "boolean" 6939 // }, 6940 // "analysisQuery.options.outputGroupEdges": { 6941 // "description": "Optional. If true, the result will output group identity edges, starting from the binding's group members, to any expanded identities. Default is false.", 6942 // "location": "query", 6943 // "type": "boolean" 6944 // }, 6945 // "analysisQuery.options.outputResourceEdges": { 6946 // "description": "Optional. If true, the result will output resource edges, starting from the policy attached resource, to any expanded resources. Default is false.", 6947 // "location": "query", 6948 // "type": "boolean" 6949 // }, 6950 // "analysisQuery.resourceSelector.fullResourceName": { 6951 // "description": "Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).", 6952 // "location": "query", 6953 // "type": "string" 6954 // }, 6955 // "executionTimeout": { 6956 // "description": "Optional. Amount of time executable has to complete. See JSON representation of [Duration](https://developers.google.com/protocol-buffers/docs/proto3#json). If this field is set with a value less than the RPC deadline, and the execution of your query hasn't finished in the specified execution timeout, you will get a response with partial result. Otherwise, your query's execution will continue until the RPC deadline. If it's not finished until then, you will get a DEADLINE_EXCEEDED error. Default is empty.", 6957 // "format": "google-duration", 6958 // "location": "query", 6959 // "type": "string" 6960 // }, 6961 // "scope": { 6962 // "description": "Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as \"organizations/123\"), a folder number (such as \"folders/123\"), a project ID (such as \"projects/my-project-id\"), or a project number (such as \"projects/12345\"). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).", 6963 // "location": "path", 6964 // "pattern": "^[^/]+/[^/]+$", 6965 // "required": true, 6966 // "type": "string" 6967 // } 6968 // }, 6969 // "path": "v1/{+scope}:analyzeIamPolicy", 6970 // "response": { 6971 // "$ref": "AnalyzeIamPolicyResponse" 6972 // }, 6973 // "scopes": [ 6974 // "https://www.googleapis.com/auth/cloud-platform" 6975 // ] 6976 // } 6977 6978} 6979 6980// method id "cloudasset.analyzeIamPolicyLongrunning": 6981 6982type V1AnalyzeIamPolicyLongrunningCall struct { 6983 s *Service 6984 scope string 6985 analyzeiampolicylongrunningrequest *AnalyzeIamPolicyLongrunningRequest 6986 urlParams_ gensupport.URLParams 6987 ctx_ context.Context 6988 header_ http.Header 6989} 6990 6991// AnalyzeIamPolicyLongrunning: Analyzes IAM policies asynchronously to 6992// answer which identities have what accesses on which resources, and 6993// writes the analysis results to a Google Cloud Storage or a BigQuery 6994// destination. For Cloud Storage destination, the output format is the 6995// JSON format that represents a AnalyzeIamPolicyResponse. This method 6996// implements the google.longrunning.Operation, which allows you to 6997// track the operation status. We recommend intervals of at least 2 6998// seconds with exponential backoff retry to poll the operation result. 6999// The metadata contains the metadata for the long-running operation. 7000// 7001// - scope: The relative name of the root asset. Only resources and IAM 7002// policies within the scope will be analyzed. This can only be an 7003// organization number (such as "organizations/123"), a folder number 7004// (such as "folders/123"), a project ID (such as 7005// "projects/my-project-id"), or a project number (such as 7006// "projects/12345"). To know how to get organization id, visit here 7007// (https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). 7008// To know how to get folder or project id, visit here 7009// (https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). 7010func (r *V1Service) AnalyzeIamPolicyLongrunning(scope string, analyzeiampolicylongrunningrequest *AnalyzeIamPolicyLongrunningRequest) *V1AnalyzeIamPolicyLongrunningCall { 7011 c := &V1AnalyzeIamPolicyLongrunningCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7012 c.scope = scope 7013 c.analyzeiampolicylongrunningrequest = analyzeiampolicylongrunningrequest 7014 return c 7015} 7016 7017// Fields allows partial responses to be retrieved. See 7018// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7019// for more information. 7020func (c *V1AnalyzeIamPolicyLongrunningCall) Fields(s ...googleapi.Field) *V1AnalyzeIamPolicyLongrunningCall { 7021 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7022 return c 7023} 7024 7025// Context sets the context to be used in this call's Do method. Any 7026// pending HTTP request will be aborted if the provided context is 7027// canceled. 7028func (c *V1AnalyzeIamPolicyLongrunningCall) Context(ctx context.Context) *V1AnalyzeIamPolicyLongrunningCall { 7029 c.ctx_ = ctx 7030 return c 7031} 7032 7033// Header returns an http.Header that can be modified by the caller to 7034// add HTTP headers to the request. 7035func (c *V1AnalyzeIamPolicyLongrunningCall) Header() http.Header { 7036 if c.header_ == nil { 7037 c.header_ = make(http.Header) 7038 } 7039 return c.header_ 7040} 7041 7042func (c *V1AnalyzeIamPolicyLongrunningCall) doRequest(alt string) (*http.Response, error) { 7043 reqHeaders := make(http.Header) 7044 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7045 for k, v := range c.header_ { 7046 reqHeaders[k] = v 7047 } 7048 reqHeaders.Set("User-Agent", c.s.userAgent()) 7049 var body io.Reader = nil 7050 body, err := googleapi.WithoutDataWrapper.JSONReader(c.analyzeiampolicylongrunningrequest) 7051 if err != nil { 7052 return nil, err 7053 } 7054 reqHeaders.Set("Content-Type", "application/json") 7055 c.urlParams_.Set("alt", alt) 7056 c.urlParams_.Set("prettyPrint", "false") 7057 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:analyzeIamPolicyLongrunning") 7058 urls += "?" + c.urlParams_.Encode() 7059 req, err := http.NewRequest("POST", urls, body) 7060 if err != nil { 7061 return nil, err 7062 } 7063 req.Header = reqHeaders 7064 googleapi.Expand(req.URL, map[string]string{ 7065 "scope": c.scope, 7066 }) 7067 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7068} 7069 7070// Do executes the "cloudasset.analyzeIamPolicyLongrunning" call. 7071// Exactly one of *Operation or error will be non-nil. Any non-2xx 7072// status code is an error. Response headers are in either 7073// *Operation.ServerResponse.Header or (if a response was returned at 7074// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 7075// to check whether the returned error was because 7076// http.StatusNotModified was returned. 7077func (c *V1AnalyzeIamPolicyLongrunningCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 7078 gensupport.SetOptions(c.urlParams_, opts...) 7079 res, err := c.doRequest("json") 7080 if res != nil && res.StatusCode == http.StatusNotModified { 7081 if res.Body != nil { 7082 res.Body.Close() 7083 } 7084 return nil, &googleapi.Error{ 7085 Code: res.StatusCode, 7086 Header: res.Header, 7087 } 7088 } 7089 if err != nil { 7090 return nil, err 7091 } 7092 defer googleapi.CloseBody(res) 7093 if err := googleapi.CheckResponse(res); err != nil { 7094 return nil, err 7095 } 7096 ret := &Operation{ 7097 ServerResponse: googleapi.ServerResponse{ 7098 Header: res.Header, 7099 HTTPStatusCode: res.StatusCode, 7100 }, 7101 } 7102 target := &ret 7103 if err := gensupport.DecodeResponse(target, res); err != nil { 7104 return nil, err 7105 } 7106 return ret, nil 7107 // { 7108 // "description": "Analyzes IAM policies asynchronously to answer which identities have what accesses on which resources, and writes the analysis results to a Google Cloud Storage or a BigQuery destination. For Cloud Storage destination, the output format is the JSON format that represents a AnalyzeIamPolicyResponse. This method implements the google.longrunning.Operation, which allows you to track the operation status. We recommend intervals of at least 2 seconds with exponential backoff retry to poll the operation result. The metadata contains the metadata for the long-running operation.", 7109 // "flatPath": "v1/{v1Id}/{v1Id1}:analyzeIamPolicyLongrunning", 7110 // "httpMethod": "POST", 7111 // "id": "cloudasset.analyzeIamPolicyLongrunning", 7112 // "parameterOrder": [ 7113 // "scope" 7114 // ], 7115 // "parameters": { 7116 // "scope": { 7117 // "description": "Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as \"organizations/123\"), a folder number (such as \"folders/123\"), a project ID (such as \"projects/my-project-id\"), or a project number (such as \"projects/12345\"). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).", 7118 // "location": "path", 7119 // "pattern": "^[^/]+/[^/]+$", 7120 // "required": true, 7121 // "type": "string" 7122 // } 7123 // }, 7124 // "path": "v1/{+scope}:analyzeIamPolicyLongrunning", 7125 // "request": { 7126 // "$ref": "AnalyzeIamPolicyLongrunningRequest" 7127 // }, 7128 // "response": { 7129 // "$ref": "Operation" 7130 // }, 7131 // "scopes": [ 7132 // "https://www.googleapis.com/auth/cloud-platform" 7133 // ] 7134 // } 7135 7136} 7137 7138// method id "cloudasset.analyzeMove": 7139 7140type V1AnalyzeMoveCall struct { 7141 s *Service 7142 resource string 7143 urlParams_ gensupport.URLParams 7144 ifNoneMatch_ string 7145 ctx_ context.Context 7146 header_ http.Header 7147} 7148 7149// AnalyzeMove: Analyze moving a resource to a specified destination 7150// without kicking off the actual move. The analysis is best effort 7151// depending on the user's permissions of viewing different hierarchical 7152// policies and configurations. The policies and configuration are 7153// subject to change before the actual resource migration takes place. 7154// 7155// - resource: Name of the resource to perform the analysis against. 7156// Only GCP Project are supported as of today. Hence, this can only be 7157// Project ID (such as "projects/my-project-id") or a Project Number 7158// (such as "projects/12345"). 7159func (r *V1Service) AnalyzeMove(resource string) *V1AnalyzeMoveCall { 7160 c := &V1AnalyzeMoveCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7161 c.resource = resource 7162 return c 7163} 7164 7165// DestinationParent sets the optional parameter "destinationParent": 7166// Required. Name of the GCP Folder or Organization to reparent the 7167// target resource. The analysis will be performed against 7168// hypothetically moving the resource to this specified desitination 7169// parent. This can only be a Folder number (such as "folders/123") or 7170// an Organization number (such as "organizations/123"). 7171func (c *V1AnalyzeMoveCall) DestinationParent(destinationParent string) *V1AnalyzeMoveCall { 7172 c.urlParams_.Set("destinationParent", destinationParent) 7173 return c 7174} 7175 7176// View sets the optional parameter "view": Analysis view indicating 7177// what information should be included in the analysis response. If 7178// unspecified, the default view is FULL. 7179// 7180// Possible values: 7181// "ANALYSIS_VIEW_UNSPECIFIED" - The default/unset value. The API will 7182// default to the FULL view. 7183// "FULL" - Full analysis including all level of impacts of the 7184// specified resource move. 7185// "BASIC" - Basic analysis only including blockers which will prevent 7186// the specified resource move at runtime. 7187func (c *V1AnalyzeMoveCall) View(view string) *V1AnalyzeMoveCall { 7188 c.urlParams_.Set("view", view) 7189 return c 7190} 7191 7192// Fields allows partial responses to be retrieved. See 7193// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7194// for more information. 7195func (c *V1AnalyzeMoveCall) Fields(s ...googleapi.Field) *V1AnalyzeMoveCall { 7196 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7197 return c 7198} 7199 7200// IfNoneMatch sets the optional parameter which makes the operation 7201// fail if the object's ETag matches the given value. This is useful for 7202// getting updates only after the object has changed since the last 7203// request. Use googleapi.IsNotModified to check whether the response 7204// error from Do is the result of In-None-Match. 7205func (c *V1AnalyzeMoveCall) IfNoneMatch(entityTag string) *V1AnalyzeMoveCall { 7206 c.ifNoneMatch_ = entityTag 7207 return c 7208} 7209 7210// Context sets the context to be used in this call's Do method. Any 7211// pending HTTP request will be aborted if the provided context is 7212// canceled. 7213func (c *V1AnalyzeMoveCall) Context(ctx context.Context) *V1AnalyzeMoveCall { 7214 c.ctx_ = ctx 7215 return c 7216} 7217 7218// Header returns an http.Header that can be modified by the caller to 7219// add HTTP headers to the request. 7220func (c *V1AnalyzeMoveCall) Header() http.Header { 7221 if c.header_ == nil { 7222 c.header_ = make(http.Header) 7223 } 7224 return c.header_ 7225} 7226 7227func (c *V1AnalyzeMoveCall) doRequest(alt string) (*http.Response, error) { 7228 reqHeaders := make(http.Header) 7229 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7230 for k, v := range c.header_ { 7231 reqHeaders[k] = v 7232 } 7233 reqHeaders.Set("User-Agent", c.s.userAgent()) 7234 if c.ifNoneMatch_ != "" { 7235 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7236 } 7237 var body io.Reader = nil 7238 c.urlParams_.Set("alt", alt) 7239 c.urlParams_.Set("prettyPrint", "false") 7240 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:analyzeMove") 7241 urls += "?" + c.urlParams_.Encode() 7242 req, err := http.NewRequest("GET", urls, body) 7243 if err != nil { 7244 return nil, err 7245 } 7246 req.Header = reqHeaders 7247 googleapi.Expand(req.URL, map[string]string{ 7248 "resource": c.resource, 7249 }) 7250 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7251} 7252 7253// Do executes the "cloudasset.analyzeMove" call. 7254// Exactly one of *AnalyzeMoveResponse or error will be non-nil. Any 7255// non-2xx status code is an error. Response headers are in either 7256// *AnalyzeMoveResponse.ServerResponse.Header or (if a response was 7257// returned at all) in error.(*googleapi.Error).Header. Use 7258// googleapi.IsNotModified to check whether the returned error was 7259// because http.StatusNotModified was returned. 7260func (c *V1AnalyzeMoveCall) Do(opts ...googleapi.CallOption) (*AnalyzeMoveResponse, error) { 7261 gensupport.SetOptions(c.urlParams_, opts...) 7262 res, err := c.doRequest("json") 7263 if res != nil && res.StatusCode == http.StatusNotModified { 7264 if res.Body != nil { 7265 res.Body.Close() 7266 } 7267 return nil, &googleapi.Error{ 7268 Code: res.StatusCode, 7269 Header: res.Header, 7270 } 7271 } 7272 if err != nil { 7273 return nil, err 7274 } 7275 defer googleapi.CloseBody(res) 7276 if err := googleapi.CheckResponse(res); err != nil { 7277 return nil, err 7278 } 7279 ret := &AnalyzeMoveResponse{ 7280 ServerResponse: googleapi.ServerResponse{ 7281 Header: res.Header, 7282 HTTPStatusCode: res.StatusCode, 7283 }, 7284 } 7285 target := &ret 7286 if err := gensupport.DecodeResponse(target, res); err != nil { 7287 return nil, err 7288 } 7289 return ret, nil 7290 // { 7291 // "description": "Analyze moving a resource to a specified destination without kicking off the actual move. The analysis is best effort depending on the user's permissions of viewing different hierarchical policies and configurations. The policies and configuration are subject to change before the actual resource migration takes place.", 7292 // "flatPath": "v1/{v1Id}/{v1Id1}:analyzeMove", 7293 // "httpMethod": "GET", 7294 // "id": "cloudasset.analyzeMove", 7295 // "parameterOrder": [ 7296 // "resource" 7297 // ], 7298 // "parameters": { 7299 // "destinationParent": { 7300 // "description": "Required. Name of the GCP Folder or Organization to reparent the target resource. The analysis will be performed against hypothetically moving the resource to this specified desitination parent. This can only be a Folder number (such as \"folders/123\") or an Organization number (such as \"organizations/123\").", 7301 // "location": "query", 7302 // "type": "string" 7303 // }, 7304 // "resource": { 7305 // "description": "Required. Name of the resource to perform the analysis against. Only GCP Project are supported as of today. Hence, this can only be Project ID (such as \"projects/my-project-id\") or a Project Number (such as \"projects/12345\").", 7306 // "location": "path", 7307 // "pattern": "^[^/]+/[^/]+$", 7308 // "required": true, 7309 // "type": "string" 7310 // }, 7311 // "view": { 7312 // "description": "Analysis view indicating what information should be included in the analysis response. If unspecified, the default view is FULL.", 7313 // "enum": [ 7314 // "ANALYSIS_VIEW_UNSPECIFIED", 7315 // "FULL", 7316 // "BASIC" 7317 // ], 7318 // "enumDescriptions": [ 7319 // "The default/unset value. The API will default to the FULL view.", 7320 // "Full analysis including all level of impacts of the specified resource move.", 7321 // "Basic analysis only including blockers which will prevent the specified resource move at runtime." 7322 // ], 7323 // "location": "query", 7324 // "type": "string" 7325 // } 7326 // }, 7327 // "path": "v1/{+resource}:analyzeMove", 7328 // "response": { 7329 // "$ref": "AnalyzeMoveResponse" 7330 // }, 7331 // "scopes": [ 7332 // "https://www.googleapis.com/auth/cloud-platform" 7333 // ] 7334 // } 7335 7336} 7337 7338// method id "cloudasset.batchGetAssetsHistory": 7339 7340type V1BatchGetAssetsHistoryCall struct { 7341 s *Service 7342 parent string 7343 urlParams_ gensupport.URLParams 7344 ifNoneMatch_ string 7345 ctx_ context.Context 7346 header_ http.Header 7347} 7348 7349// BatchGetAssetsHistory: Batch gets the update history of assets that 7350// overlap a time window. For IAM_POLICY content, this API outputs 7351// history when the asset and its attached IAM POLICY both exist. This 7352// can create gaps in the output history. Otherwise, this API outputs 7353// history with asset in both non-delete or deleted status. If a 7354// specified asset does not exist, this API returns an INVALID_ARGUMENT 7355// error. 7356// 7357// - parent: The relative name of the root asset. It can only be an 7358// organization number (such as "organizations/123"), a project ID 7359// (such as "projects/my-project-id")", or a project number (such as 7360// "projects/12345"). 7361func (r *V1Service) BatchGetAssetsHistory(parent string) *V1BatchGetAssetsHistoryCall { 7362 c := &V1BatchGetAssetsHistoryCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7363 c.parent = parent 7364 return c 7365} 7366 7367// AssetNames sets the optional parameter "assetNames": A list of the 7368// full names of the assets. See: 7369// https://cloud.google.com/asset-inventory/docs/resource-name-format 7370// Example: 7371// `//compute.googleapis.com/projects/my_project_123/zones/zone1/instance 7372// s/instance1`. The request becomes a no-op if the asset name list is 7373// empty, and the max size of the asset name list is 100 in one request. 7374func (c *V1BatchGetAssetsHistoryCall) AssetNames(assetNames ...string) *V1BatchGetAssetsHistoryCall { 7375 c.urlParams_.SetMulti("assetNames", append([]string{}, assetNames...)) 7376 return c 7377} 7378 7379// ContentType sets the optional parameter "contentType": The content 7380// type. 7381// 7382// Possible values: 7383// "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 7384// "RESOURCE" - Resource metadata. 7385// "IAM_POLICY" - The actual IAM policy set on a resource. 7386// "ORG_POLICY" - The Cloud Organization Policy set on an asset. 7387// "ACCESS_POLICY" - The Cloud Access context manager Policy set on an 7388// asset. 7389// "OS_INVENTORY" - The runtime OS Inventory information. 7390// "RELATIONSHIP" - The related resources. 7391func (c *V1BatchGetAssetsHistoryCall) ContentType(contentType string) *V1BatchGetAssetsHistoryCall { 7392 c.urlParams_.Set("contentType", contentType) 7393 return c 7394} 7395 7396// ReadTimeWindowEndTime sets the optional parameter 7397// "readTimeWindow.endTime": End time of the time window (inclusive). If 7398// not specified, the current timestamp is used instead. 7399func (c *V1BatchGetAssetsHistoryCall) ReadTimeWindowEndTime(readTimeWindowEndTime string) *V1BatchGetAssetsHistoryCall { 7400 c.urlParams_.Set("readTimeWindow.endTime", readTimeWindowEndTime) 7401 return c 7402} 7403 7404// ReadTimeWindowStartTime sets the optional parameter 7405// "readTimeWindow.startTime": Start time of the time window 7406// (exclusive). 7407func (c *V1BatchGetAssetsHistoryCall) ReadTimeWindowStartTime(readTimeWindowStartTime string) *V1BatchGetAssetsHistoryCall { 7408 c.urlParams_.Set("readTimeWindow.startTime", readTimeWindowStartTime) 7409 return c 7410} 7411 7412// RelationshipTypes sets the optional parameter "relationshipTypes": A 7413// list of relationship types to output, for example: 7414// `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if 7415// content_type=RELATIONSHIP. * If specified: it outputs specified 7416// relationships' history on the [asset_names]. It returns an error if 7417// any of the [relationship_types] doesn't belong to the supported 7418// relationship types of the [asset_names] or if any of the 7419// [asset_names]'s types doesn't belong to the source types of the 7420// [relationship_types]. * Otherwise: it outputs the supported 7421// relationships' history on the [asset_names] or returns an error if 7422// any of the [asset_names]'s types has no relationship support. See 7423// Introduction to Cloud Asset Inventory 7424// (https://cloud.google.com/asset-inventory/docs/overview) for all 7425// supported asset types and relationship types. 7426func (c *V1BatchGetAssetsHistoryCall) RelationshipTypes(relationshipTypes ...string) *V1BatchGetAssetsHistoryCall { 7427 c.urlParams_.SetMulti("relationshipTypes", append([]string{}, relationshipTypes...)) 7428 return c 7429} 7430 7431// Fields allows partial responses to be retrieved. See 7432// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7433// for more information. 7434func (c *V1BatchGetAssetsHistoryCall) Fields(s ...googleapi.Field) *V1BatchGetAssetsHistoryCall { 7435 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7436 return c 7437} 7438 7439// IfNoneMatch sets the optional parameter which makes the operation 7440// fail if the object's ETag matches the given value. This is useful for 7441// getting updates only after the object has changed since the last 7442// request. Use googleapi.IsNotModified to check whether the response 7443// error from Do is the result of In-None-Match. 7444func (c *V1BatchGetAssetsHistoryCall) IfNoneMatch(entityTag string) *V1BatchGetAssetsHistoryCall { 7445 c.ifNoneMatch_ = entityTag 7446 return c 7447} 7448 7449// Context sets the context to be used in this call's Do method. Any 7450// pending HTTP request will be aborted if the provided context is 7451// canceled. 7452func (c *V1BatchGetAssetsHistoryCall) Context(ctx context.Context) *V1BatchGetAssetsHistoryCall { 7453 c.ctx_ = ctx 7454 return c 7455} 7456 7457// Header returns an http.Header that can be modified by the caller to 7458// add HTTP headers to the request. 7459func (c *V1BatchGetAssetsHistoryCall) Header() http.Header { 7460 if c.header_ == nil { 7461 c.header_ = make(http.Header) 7462 } 7463 return c.header_ 7464} 7465 7466func (c *V1BatchGetAssetsHistoryCall) doRequest(alt string) (*http.Response, error) { 7467 reqHeaders := make(http.Header) 7468 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7469 for k, v := range c.header_ { 7470 reqHeaders[k] = v 7471 } 7472 reqHeaders.Set("User-Agent", c.s.userAgent()) 7473 if c.ifNoneMatch_ != "" { 7474 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7475 } 7476 var body io.Reader = nil 7477 c.urlParams_.Set("alt", alt) 7478 c.urlParams_.Set("prettyPrint", "false") 7479 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}:batchGetAssetsHistory") 7480 urls += "?" + c.urlParams_.Encode() 7481 req, err := http.NewRequest("GET", urls, body) 7482 if err != nil { 7483 return nil, err 7484 } 7485 req.Header = reqHeaders 7486 googleapi.Expand(req.URL, map[string]string{ 7487 "parent": c.parent, 7488 }) 7489 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7490} 7491 7492// Do executes the "cloudasset.batchGetAssetsHistory" call. 7493// Exactly one of *BatchGetAssetsHistoryResponse or error will be 7494// non-nil. Any non-2xx status code is an error. Response headers are in 7495// either *BatchGetAssetsHistoryResponse.ServerResponse.Header or (if a 7496// response was returned at all) in error.(*googleapi.Error).Header. Use 7497// googleapi.IsNotModified to check whether the returned error was 7498// because http.StatusNotModified was returned. 7499func (c *V1BatchGetAssetsHistoryCall) Do(opts ...googleapi.CallOption) (*BatchGetAssetsHistoryResponse, error) { 7500 gensupport.SetOptions(c.urlParams_, opts...) 7501 res, err := c.doRequest("json") 7502 if res != nil && res.StatusCode == http.StatusNotModified { 7503 if res.Body != nil { 7504 res.Body.Close() 7505 } 7506 return nil, &googleapi.Error{ 7507 Code: res.StatusCode, 7508 Header: res.Header, 7509 } 7510 } 7511 if err != nil { 7512 return nil, err 7513 } 7514 defer googleapi.CloseBody(res) 7515 if err := googleapi.CheckResponse(res); err != nil { 7516 return nil, err 7517 } 7518 ret := &BatchGetAssetsHistoryResponse{ 7519 ServerResponse: googleapi.ServerResponse{ 7520 Header: res.Header, 7521 HTTPStatusCode: res.StatusCode, 7522 }, 7523 } 7524 target := &ret 7525 if err := gensupport.DecodeResponse(target, res); err != nil { 7526 return nil, err 7527 } 7528 return ret, nil 7529 // { 7530 // "description": "Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.", 7531 // "flatPath": "v1/{v1Id}/{v1Id1}:batchGetAssetsHistory", 7532 // "httpMethod": "GET", 7533 // "id": "cloudasset.batchGetAssetsHistory", 7534 // "parameterOrder": [ 7535 // "parent" 7536 // ], 7537 // "parameters": { 7538 // "assetNames": { 7539 // "description": "A list of the full names of the assets. See: https://cloud.google.com/asset-inventory/docs/resource-name-format Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. The request becomes a no-op if the asset name list is empty, and the max size of the asset name list is 100 in one request.", 7540 // "location": "query", 7541 // "repeated": true, 7542 // "type": "string" 7543 // }, 7544 // "contentType": { 7545 // "description": "Optional. The content type.", 7546 // "enum": [ 7547 // "CONTENT_TYPE_UNSPECIFIED", 7548 // "RESOURCE", 7549 // "IAM_POLICY", 7550 // "ORG_POLICY", 7551 // "ACCESS_POLICY", 7552 // "OS_INVENTORY", 7553 // "RELATIONSHIP" 7554 // ], 7555 // "enumDescriptions": [ 7556 // "Unspecified content type.", 7557 // "Resource metadata.", 7558 // "The actual IAM policy set on a resource.", 7559 // "The Cloud Organization Policy set on an asset.", 7560 // "The Cloud Access context manager Policy set on an asset.", 7561 // "The runtime OS Inventory information.", 7562 // "The related resources." 7563 // ], 7564 // "location": "query", 7565 // "type": "string" 7566 // }, 7567 // "parent": { 7568 // "description": "Required. The relative name of the root asset. It can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\")\", or a project number (such as \"projects/12345\").", 7569 // "location": "path", 7570 // "pattern": "^[^/]+/[^/]+$", 7571 // "required": true, 7572 // "type": "string" 7573 // }, 7574 // "readTimeWindow.endTime": { 7575 // "description": "End time of the time window (inclusive). If not specified, the current timestamp is used instead.", 7576 // "format": "google-datetime", 7577 // "location": "query", 7578 // "type": "string" 7579 // }, 7580 // "readTimeWindow.startTime": { 7581 // "description": "Start time of the time window (exclusive).", 7582 // "format": "google-datetime", 7583 // "location": "query", 7584 // "type": "string" 7585 // }, 7586 // "relationshipTypes": { 7587 // "description": "Optional. A list of relationship types to output, for example: `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if content_type=RELATIONSHIP. * If specified: it outputs specified relationships' history on the [asset_names]. It returns an error if any of the [relationship_types] doesn't belong to the supported relationship types of the [asset_names] or if any of the [asset_names]'s types doesn't belong to the source types of the [relationship_types]. * Otherwise: it outputs the supported relationships' history on the [asset_names] or returns an error if any of the [asset_names]'s types has no relationship support. See [Introduction to Cloud Asset Inventory](https://cloud.google.com/asset-inventory/docs/overview) for all supported asset types and relationship types.", 7588 // "location": "query", 7589 // "repeated": true, 7590 // "type": "string" 7591 // } 7592 // }, 7593 // "path": "v1/{+parent}:batchGetAssetsHistory", 7594 // "response": { 7595 // "$ref": "BatchGetAssetsHistoryResponse" 7596 // }, 7597 // "scopes": [ 7598 // "https://www.googleapis.com/auth/cloud-platform" 7599 // ] 7600 // } 7601 7602} 7603 7604// method id "cloudasset.exportAssets": 7605 7606type V1ExportAssetsCall struct { 7607 s *Service 7608 parent string 7609 exportassetsrequest *ExportAssetsRequest 7610 urlParams_ gensupport.URLParams 7611 ctx_ context.Context 7612 header_ http.Header 7613} 7614 7615// ExportAssets: Exports assets with time and resource types to a given 7616// Cloud Storage location/BigQuery table. For Cloud Storage location 7617// destinations, the output format is newline-delimited JSON. Each line 7618// represents a google.cloud.asset.v1.Asset in the JSON format; for 7619// BigQuery table destinations, the output table stores the fields in 7620// asset proto as columns. This API implements the 7621// google.longrunning.Operation API , which allows you to keep track of 7622// the export. We recommend intervals of at least 2 seconds with 7623// exponential retry to poll the export operation result. For 7624// regular-size resource parent, the export operation usually finishes 7625// within 5 minutes. 7626// 7627// - parent: The relative name of the root asset. This can only be an 7628// organization number (such as "organizations/123"), a project ID 7629// (such as "projects/my-project-id"), or a project number (such as 7630// "projects/12345"), or a folder number (such as "folders/123"). 7631func (r *V1Service) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *V1ExportAssetsCall { 7632 c := &V1ExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7633 c.parent = parent 7634 c.exportassetsrequest = exportassetsrequest 7635 return c 7636} 7637 7638// Fields allows partial responses to be retrieved. See 7639// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7640// for more information. 7641func (c *V1ExportAssetsCall) Fields(s ...googleapi.Field) *V1ExportAssetsCall { 7642 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7643 return c 7644} 7645 7646// Context sets the context to be used in this call's Do method. Any 7647// pending HTTP request will be aborted if the provided context is 7648// canceled. 7649func (c *V1ExportAssetsCall) Context(ctx context.Context) *V1ExportAssetsCall { 7650 c.ctx_ = ctx 7651 return c 7652} 7653 7654// Header returns an http.Header that can be modified by the caller to 7655// add HTTP headers to the request. 7656func (c *V1ExportAssetsCall) Header() http.Header { 7657 if c.header_ == nil { 7658 c.header_ = make(http.Header) 7659 } 7660 return c.header_ 7661} 7662 7663func (c *V1ExportAssetsCall) doRequest(alt string) (*http.Response, error) { 7664 reqHeaders := make(http.Header) 7665 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7666 for k, v := range c.header_ { 7667 reqHeaders[k] = v 7668 } 7669 reqHeaders.Set("User-Agent", c.s.userAgent()) 7670 var body io.Reader = nil 7671 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 7672 if err != nil { 7673 return nil, err 7674 } 7675 reqHeaders.Set("Content-Type", "application/json") 7676 c.urlParams_.Set("alt", alt) 7677 c.urlParams_.Set("prettyPrint", "false") 7678 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}:exportAssets") 7679 urls += "?" + c.urlParams_.Encode() 7680 req, err := http.NewRequest("POST", urls, body) 7681 if err != nil { 7682 return nil, err 7683 } 7684 req.Header = reqHeaders 7685 googleapi.Expand(req.URL, map[string]string{ 7686 "parent": c.parent, 7687 }) 7688 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7689} 7690 7691// Do executes the "cloudasset.exportAssets" call. 7692// Exactly one of *Operation or error will be non-nil. Any non-2xx 7693// status code is an error. Response headers are in either 7694// *Operation.ServerResponse.Header or (if a response was returned at 7695// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified 7696// to check whether the returned error was because 7697// http.StatusNotModified was returned. 7698func (c *V1ExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 7699 gensupport.SetOptions(c.urlParams_, opts...) 7700 res, err := c.doRequest("json") 7701 if res != nil && res.StatusCode == http.StatusNotModified { 7702 if res.Body != nil { 7703 res.Body.Close() 7704 } 7705 return nil, &googleapi.Error{ 7706 Code: res.StatusCode, 7707 Header: res.Header, 7708 } 7709 } 7710 if err != nil { 7711 return nil, err 7712 } 7713 defer googleapi.CloseBody(res) 7714 if err := googleapi.CheckResponse(res); err != nil { 7715 return nil, err 7716 } 7717 ret := &Operation{ 7718 ServerResponse: googleapi.ServerResponse{ 7719 Header: res.Header, 7720 HTTPStatusCode: res.StatusCode, 7721 }, 7722 } 7723 target := &ret 7724 if err := gensupport.DecodeResponse(target, res); err != nil { 7725 return nil, err 7726 } 7727 return ret, nil 7728 // { 7729 // "description": "Exports assets with time and resource types to a given Cloud Storage location/BigQuery table. For Cloud Storage location destinations, the output format is newline-delimited JSON. Each line represents a google.cloud.asset.v1.Asset in the JSON format; for BigQuery table destinations, the output table stores the fields in asset proto as columns. This API implements the google.longrunning.Operation API , which allows you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.", 7730 // "flatPath": "v1/{v1Id}/{v1Id1}:exportAssets", 7731 // "httpMethod": "POST", 7732 // "id": "cloudasset.exportAssets", 7733 // "parameterOrder": [ 7734 // "parent" 7735 // ], 7736 // "parameters": { 7737 // "parent": { 7738 // "description": "Required. The relative name of the root asset. This can only be an organization number (such as \"organizations/123\"), a project ID (such as \"projects/my-project-id\"), or a project number (such as \"projects/12345\"), or a folder number (such as \"folders/123\").", 7739 // "location": "path", 7740 // "pattern": "^[^/]+/[^/]+$", 7741 // "required": true, 7742 // "type": "string" 7743 // } 7744 // }, 7745 // "path": "v1/{+parent}:exportAssets", 7746 // "request": { 7747 // "$ref": "ExportAssetsRequest" 7748 // }, 7749 // "response": { 7750 // "$ref": "Operation" 7751 // }, 7752 // "scopes": [ 7753 // "https://www.googleapis.com/auth/cloud-platform" 7754 // ] 7755 // } 7756 7757} 7758 7759// method id "cloudasset.searchAllIamPolicies": 7760 7761type V1SearchAllIamPoliciesCall struct { 7762 s *Service 7763 scope string 7764 urlParams_ gensupport.URLParams 7765 ifNoneMatch_ string 7766 ctx_ context.Context 7767 header_ http.Header 7768} 7769 7770// SearchAllIamPolicies: Searches all IAM policies within the specified 7771// scope, such as a project, folder, or organization. The caller must be 7772// granted the `cloudasset.assets.searchAllIamPolicies` permission on 7773// the desired scope, otherwise the request will be rejected. 7774// 7775// - scope: A scope can be a project, a folder, or an organization. The 7776// search is limited to the IAM policies within the `scope`. The 7777// caller must be granted the `cloudasset.assets.searchAllIamPolicies` 7778// (https://cloud.google.com/asset-inventory/docs/access-control#required_permissions) 7779// permission on the desired scope. The allowed values are: * 7780// projects/{PROJECT_ID} (e.g., "projects/foo-bar") * 7781// projects/{PROJECT_NUMBER} (e.g., "projects/12345678") * 7782// folders/{FOLDER_NUMBER} (e.g., "folders/1234567") * 7783// organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456"). 7784func (r *V1Service) SearchAllIamPolicies(scope string) *V1SearchAllIamPoliciesCall { 7785 c := &V1SearchAllIamPoliciesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7786 c.scope = scope 7787 return c 7788} 7789 7790// AssetTypes sets the optional parameter "assetTypes": A list of asset 7791// types that the IAM policies are attached to. If empty, it will search 7792// the IAM policies that are attached to all the searchable asset types 7793// (https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types). 7794// Regular expressions are also supported. For example: * 7795// "compute.googleapis.com.*" snapshots IAM policies attached to asset 7796// type starts with "compute.googleapis.com". * ".*Instance" snapshots 7797// IAM policies attached to asset type ends with "Instance". * 7798// ".*Instance.*" snapshots IAM policies attached to asset type contains 7799// "Instance". See RE2 (https://github.com/google/re2/wiki/Syntax) for 7800// all supported regular expression syntax. If the regular expression 7801// does not match any supported asset type, an INVALID_ARGUMENT error 7802// will be returned. 7803func (c *V1SearchAllIamPoliciesCall) AssetTypes(assetTypes ...string) *V1SearchAllIamPoliciesCall { 7804 c.urlParams_.SetMulti("assetTypes", append([]string{}, assetTypes...)) 7805 return c 7806} 7807 7808// OrderBy sets the optional parameter "orderBy": A comma-separated list 7809// of fields specifying the sorting order of the results. The default 7810// order is ascending. Add " DESC" after the field name to indicate 7811// descending order. Redundant space characters are ignored. Example: 7812// "assetType DESC, resource". Only singular primitive fields in the 7813// response are sortable: * resource * assetType * project All the other 7814// fields such as repeated fields (e.g., `folders`) and non-primitive 7815// fields (e.g., `policy`) are not supported. 7816func (c *V1SearchAllIamPoliciesCall) OrderBy(orderBy string) *V1SearchAllIamPoliciesCall { 7817 c.urlParams_.Set("orderBy", orderBy) 7818 return c 7819} 7820 7821// PageSize sets the optional parameter "pageSize": The page size for 7822// search result pagination. Page size is capped at 500 even if a larger 7823// value is given. If set to zero, server will pick an appropriate 7824// default. Returned results may be fewer than requested. When this 7825// happens, there could be more results as long as `next_page_token` is 7826// returned. 7827func (c *V1SearchAllIamPoliciesCall) PageSize(pageSize int64) *V1SearchAllIamPoliciesCall { 7828 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 7829 return c 7830} 7831 7832// PageToken sets the optional parameter "pageToken": If present, 7833// retrieve the next batch of results from the preceding call to this 7834// method. `page_token` must be the value of `next_page_token` from the 7835// previous response. The values of all other method parameters must be 7836// identical to those in the previous call. 7837func (c *V1SearchAllIamPoliciesCall) PageToken(pageToken string) *V1SearchAllIamPoliciesCall { 7838 c.urlParams_.Set("pageToken", pageToken) 7839 return c 7840} 7841 7842// Query sets the optional parameter "query": The query statement. See 7843// how to construct a query 7844// (https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query) 7845// for more information. If not specified or empty, it will search all 7846// the IAM policies within the specified `scope`. Note that the query 7847// string is compared against each Cloud IAM policy binding, including 7848// its members, roles, and Cloud IAM conditions. The returned Cloud IAM 7849// policies will only contain the bindings that match your query. To 7850// learn more about the IAM policy structure, see IAM policy doc 7851// (https://cloud.google.com/iam/docs/policies#structure). Examples: * 7852// `policy:amy@gmail.com` to find IAM policy bindings that specify user 7853// "amy@gmail.com". * `policy:roles/compute.admin` to find IAM policy 7854// bindings that specify the Compute Admin role. * `policy:comp*` to 7855// find IAM policy bindings that contain "comp" as a prefix of any word 7856// in the binding. * `policy.role.permissions:storage.buckets.update` to 7857// find IAM policy bindings that specify a role containing 7858// "storage.buckets.update" permission. Note that if callers don't have 7859// `iam.roles.get` access to a role's included permissions, policy 7860// bindings that specify this role will be dropped from the search 7861// results. * `policy.role.permissions:upd*` to find IAM policy bindings 7862// that specify a role containing "upd" as a prefix of any word in the 7863// role permission. Note that if callers don't have `iam.roles.get` 7864// access to a role's included permissions, policy bindings that specify 7865// this role will be dropped from the search results. * 7866// `resource:organizations/123456` to find IAM policy bindings that are 7867// set on "organizations/123456". * 7868// `resource=//cloudresourcemanager.googleapis.com/projects/myproject` 7869// to find IAM policy bindings that are set on the project named 7870// "myproject". * `Important` to find IAM policy bindings that contain 7871// "Important" as a word in any of the searchable fields (except for the 7872// included permissions). * `resource:(instance1 OR instance2) 7873// policy:amy` to find IAM policy bindings that are set on resources 7874// "instance1" or "instance2" and also specify user "amy". * 7875// `roles:roles/compute.admin` to find IAM policy bindings that specify 7876// the Compute Admin role. * `memberTypes:user` to find IAM policy 7877// bindings that contain the "user" member type. 7878func (c *V1SearchAllIamPoliciesCall) Query(query string) *V1SearchAllIamPoliciesCall { 7879 c.urlParams_.Set("query", query) 7880 return c 7881} 7882 7883// Fields allows partial responses to be retrieved. See 7884// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 7885// for more information. 7886func (c *V1SearchAllIamPoliciesCall) Fields(s ...googleapi.Field) *V1SearchAllIamPoliciesCall { 7887 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7888 return c 7889} 7890 7891// IfNoneMatch sets the optional parameter which makes the operation 7892// fail if the object's ETag matches the given value. This is useful for 7893// getting updates only after the object has changed since the last 7894// request. Use googleapi.IsNotModified to check whether the response 7895// error from Do is the result of In-None-Match. 7896func (c *V1SearchAllIamPoliciesCall) IfNoneMatch(entityTag string) *V1SearchAllIamPoliciesCall { 7897 c.ifNoneMatch_ = entityTag 7898 return c 7899} 7900 7901// Context sets the context to be used in this call's Do method. Any 7902// pending HTTP request will be aborted if the provided context is 7903// canceled. 7904func (c *V1SearchAllIamPoliciesCall) Context(ctx context.Context) *V1SearchAllIamPoliciesCall { 7905 c.ctx_ = ctx 7906 return c 7907} 7908 7909// Header returns an http.Header that can be modified by the caller to 7910// add HTTP headers to the request. 7911func (c *V1SearchAllIamPoliciesCall) Header() http.Header { 7912 if c.header_ == nil { 7913 c.header_ = make(http.Header) 7914 } 7915 return c.header_ 7916} 7917 7918func (c *V1SearchAllIamPoliciesCall) doRequest(alt string) (*http.Response, error) { 7919 reqHeaders := make(http.Header) 7920 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 7921 for k, v := range c.header_ { 7922 reqHeaders[k] = v 7923 } 7924 reqHeaders.Set("User-Agent", c.s.userAgent()) 7925 if c.ifNoneMatch_ != "" { 7926 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7927 } 7928 var body io.Reader = nil 7929 c.urlParams_.Set("alt", alt) 7930 c.urlParams_.Set("prettyPrint", "false") 7931 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:searchAllIamPolicies") 7932 urls += "?" + c.urlParams_.Encode() 7933 req, err := http.NewRequest("GET", urls, body) 7934 if err != nil { 7935 return nil, err 7936 } 7937 req.Header = reqHeaders 7938 googleapi.Expand(req.URL, map[string]string{ 7939 "scope": c.scope, 7940 }) 7941 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7942} 7943 7944// Do executes the "cloudasset.searchAllIamPolicies" call. 7945// Exactly one of *SearchAllIamPoliciesResponse or error will be 7946// non-nil. Any non-2xx status code is an error. Response headers are in 7947// either *SearchAllIamPoliciesResponse.ServerResponse.Header or (if a 7948// response was returned at all) in error.(*googleapi.Error).Header. Use 7949// googleapi.IsNotModified to check whether the returned error was 7950// because http.StatusNotModified was returned. 7951func (c *V1SearchAllIamPoliciesCall) Do(opts ...googleapi.CallOption) (*SearchAllIamPoliciesResponse, error) { 7952 gensupport.SetOptions(c.urlParams_, opts...) 7953 res, err := c.doRequest("json") 7954 if res != nil && res.StatusCode == http.StatusNotModified { 7955 if res.Body != nil { 7956 res.Body.Close() 7957 } 7958 return nil, &googleapi.Error{ 7959 Code: res.StatusCode, 7960 Header: res.Header, 7961 } 7962 } 7963 if err != nil { 7964 return nil, err 7965 } 7966 defer googleapi.CloseBody(res) 7967 if err := googleapi.CheckResponse(res); err != nil { 7968 return nil, err 7969 } 7970 ret := &SearchAllIamPoliciesResponse{ 7971 ServerResponse: googleapi.ServerResponse{ 7972 Header: res.Header, 7973 HTTPStatusCode: res.StatusCode, 7974 }, 7975 } 7976 target := &ret 7977 if err := gensupport.DecodeResponse(target, res); err != nil { 7978 return nil, err 7979 } 7980 return ret, nil 7981 // { 7982 // "description": "Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the `cloudasset.assets.searchAllIamPolicies` permission on the desired scope, otherwise the request will be rejected.", 7983 // "flatPath": "v1/{v1Id}/{v1Id1}:searchAllIamPolicies", 7984 // "httpMethod": "GET", 7985 // "id": "cloudasset.searchAllIamPolicies", 7986 // "parameterOrder": [ 7987 // "scope" 7988 // ], 7989 // "parameters": { 7990 // "assetTypes": { 7991 // "description": "Optional. A list of asset types that the IAM policies are attached to. If empty, it will search the IAM policies that are attached to all the [searchable asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types). Regular expressions are also supported. For example: * \"compute.googleapis.com.*\" snapshots IAM policies attached to asset type starts with \"compute.googleapis.com\". * \".*Instance\" snapshots IAM policies attached to asset type ends with \"Instance\". * \".*Instance.*\" snapshots IAM policies attached to asset type contains \"Instance\". See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.", 7992 // "location": "query", 7993 // "repeated": true, 7994 // "type": "string" 7995 // }, 7996 // "orderBy": { 7997 // "description": "Optional. A comma-separated list of fields specifying the sorting order of the results. The default order is ascending. Add \" DESC\" after the field name to indicate descending order. Redundant space characters are ignored. Example: \"assetType DESC, resource\". Only singular primitive fields in the response are sortable: * resource * assetType * project All the other fields such as repeated fields (e.g., `folders`) and non-primitive fields (e.g., `policy`) are not supported.", 7998 // "location": "query", 7999 // "type": "string" 8000 // }, 8001 // "pageSize": { 8002 // "description": "Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set to zero, server will pick an appropriate default. Returned results may be fewer than requested. When this happens, there could be more results as long as `next_page_token` is returned.", 8003 // "format": "int32", 8004 // "location": "query", 8005 // "type": "integer" 8006 // }, 8007 // "pageToken": { 8008 // "description": "Optional. If present, retrieve the next batch of results from the preceding call to this method. `page_token` must be the value of `next_page_token` from the previous response. The values of all other method parameters must be identical to those in the previous call.", 8009 // "location": "query", 8010 // "type": "string" 8011 // }, 8012 // "query": { 8013 // "description": "Optional. The query statement. See [how to construct a query](https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query) for more information. If not specified or empty, it will search all the IAM policies within the specified `scope`. Note that the query string is compared against each Cloud IAM policy binding, including its members, roles, and Cloud IAM conditions. The returned Cloud IAM policies will only contain the bindings that match your query. To learn more about the IAM policy structure, see [IAM policy doc](https://cloud.google.com/iam/docs/policies#structure). Examples: * `policy:amy@gmail.com` to find IAM policy bindings that specify user \"amy@gmail.com\". * `policy:roles/compute.admin` to find IAM policy bindings that specify the Compute Admin role. * `policy:comp*` to find IAM policy bindings that contain \"comp\" as a prefix of any word in the binding. * `policy.role.permissions:storage.buckets.update` to find IAM policy bindings that specify a role containing \"storage.buckets.update\" permission. Note that if callers don't have `iam.roles.get` access to a role's included permissions, policy bindings that specify this role will be dropped from the search results. * `policy.role.permissions:upd*` to find IAM policy bindings that specify a role containing \"upd\" as a prefix of any word in the role permission. Note that if callers don't have `iam.roles.get` access to a role's included permissions, policy bindings that specify this role will be dropped from the search results. * `resource:organizations/123456` to find IAM policy bindings that are set on \"organizations/123456\". * `resource=//cloudresourcemanager.googleapis.com/projects/myproject` to find IAM policy bindings that are set on the project named \"myproject\". * `Important` to find IAM policy bindings that contain \"Important\" as a word in any of the searchable fields (except for the included permissions). * `resource:(instance1 OR instance2) policy:amy` to find IAM policy bindings that are set on resources \"instance1\" or \"instance2\" and also specify user \"amy\". * `roles:roles/compute.admin` to find IAM policy bindings that specify the Compute Admin role. * `memberTypes:user` to find IAM policy bindings that contain the \"user\" member type.", 8014 // "location": "query", 8015 // "type": "string" 8016 // }, 8017 // "scope": { 8018 // "description": "Required. A scope can be a project, a folder, or an organization. The search is limited to the IAM policies within the `scope`. The caller must be granted the [`cloudasset.assets.searchAllIamPolicies`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions) permission on the desired scope. The allowed values are: * projects/{PROJECT_ID} (e.g., \"projects/foo-bar\") * projects/{PROJECT_NUMBER} (e.g., \"projects/12345678\") * folders/{FOLDER_NUMBER} (e.g., \"folders/1234567\") * organizations/{ORGANIZATION_NUMBER} (e.g., \"organizations/123456\")", 8019 // "location": "path", 8020 // "pattern": "^[^/]+/[^/]+$", 8021 // "required": true, 8022 // "type": "string" 8023 // } 8024 // }, 8025 // "path": "v1/{+scope}:searchAllIamPolicies", 8026 // "response": { 8027 // "$ref": "SearchAllIamPoliciesResponse" 8028 // }, 8029 // "scopes": [ 8030 // "https://www.googleapis.com/auth/cloud-platform" 8031 // ] 8032 // } 8033 8034} 8035 8036// Pages invokes f for each page of results. 8037// A non-nil error returned from f will halt the iteration. 8038// The provided context supersedes any context provided to the Context method. 8039func (c *V1SearchAllIamPoliciesCall) Pages(ctx context.Context, f func(*SearchAllIamPoliciesResponse) error) error { 8040 c.ctx_ = ctx 8041 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 8042 for { 8043 x, err := c.Do() 8044 if err != nil { 8045 return err 8046 } 8047 if err := f(x); err != nil { 8048 return err 8049 } 8050 if x.NextPageToken == "" { 8051 return nil 8052 } 8053 c.PageToken(x.NextPageToken) 8054 } 8055} 8056 8057// method id "cloudasset.searchAllResources": 8058 8059type V1SearchAllResourcesCall struct { 8060 s *Service 8061 scope string 8062 urlParams_ gensupport.URLParams 8063 ifNoneMatch_ string 8064 ctx_ context.Context 8065 header_ http.Header 8066} 8067 8068// SearchAllResources: Searches all Cloud resources within the specified 8069// scope, such as a project, folder, or organization. The caller must be 8070// granted the `cloudasset.assets.searchAllResources` permission on the 8071// desired scope, otherwise the request will be rejected. 8072// 8073// - scope: A scope can be a project, a folder, or an organization. The 8074// search is limited to the resources within the `scope`. The caller 8075// must be granted the `cloudasset.assets.searchAllResources` 8076// (https://cloud.google.com/asset-inventory/docs/access-control#required_permissions) 8077// permission on the desired scope. The allowed values are: * 8078// projects/{PROJECT_ID} (e.g., "projects/foo-bar") * 8079// projects/{PROJECT_NUMBER} (e.g., "projects/12345678") * 8080// folders/{FOLDER_NUMBER} (e.g., "folders/1234567") * 8081// organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456"). 8082func (r *V1Service) SearchAllResources(scope string) *V1SearchAllResourcesCall { 8083 c := &V1SearchAllResourcesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8084 c.scope = scope 8085 return c 8086} 8087 8088// AssetTypes sets the optional parameter "assetTypes": A list of asset 8089// types that this request searches for. If empty, it will search all 8090// the searchable asset types 8091// (https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types). 8092// Regular expressions are also supported. For example: * 8093// "compute.googleapis.com.*" snapshots resources whose asset type 8094// starts with "compute.googleapis.com". * ".*Instance" snapshots 8095// resources whose asset type ends with "Instance". * ".*Instance.*" 8096// snapshots resources whose asset type contains "Instance". See RE2 8097// (https://github.com/google/re2/wiki/Syntax) for all supported regular 8098// expression syntax. If the regular expression does not match any 8099// supported asset type, an INVALID_ARGUMENT error will be returned. 8100func (c *V1SearchAllResourcesCall) AssetTypes(assetTypes ...string) *V1SearchAllResourcesCall { 8101 c.urlParams_.SetMulti("assetTypes", append([]string{}, assetTypes...)) 8102 return c 8103} 8104 8105// OrderBy sets the optional parameter "orderBy": A comma-separated list 8106// of fields specifying the sorting order of the results. The default 8107// order is ascending. Add " DESC" after the field name to indicate 8108// descending order. Redundant space characters are ignored. Example: 8109// "location DESC, name". Only singular primitive fields in the response 8110// are sortable: * name * assetType * project * displayName * 8111// description * location * kmsKey * createTime * updateTime * state * 8112// parentFullResourceName * parentAssetType All the other fields such as 8113// repeated fields (e.g., `networkTags`), map fields (e.g., `labels`) 8114// and struct fields (e.g., `additionalAttributes`) are not supported. 8115func (c *V1SearchAllResourcesCall) OrderBy(orderBy string) *V1SearchAllResourcesCall { 8116 c.urlParams_.Set("orderBy", orderBy) 8117 return c 8118} 8119 8120// PageSize sets the optional parameter "pageSize": The page size for 8121// search result pagination. Page size is capped at 500 even if a larger 8122// value is given. If set to zero, server will pick an appropriate 8123// default. Returned results may be fewer than requested. When this 8124// happens, there could be more results as long as `next_page_token` is 8125// returned. 8126func (c *V1SearchAllResourcesCall) PageSize(pageSize int64) *V1SearchAllResourcesCall { 8127 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 8128 return c 8129} 8130 8131// PageToken sets the optional parameter "pageToken": If present, then 8132// retrieve the next batch of results from the preceding call to this 8133// method. `page_token` must be the value of `next_page_token` from the 8134// previous response. The values of all other method parameters, must be 8135// identical to those in the previous call. 8136func (c *V1SearchAllResourcesCall) PageToken(pageToken string) *V1SearchAllResourcesCall { 8137 c.urlParams_.Set("pageToken", pageToken) 8138 return c 8139} 8140 8141// Query sets the optional parameter "query": The query statement. See 8142// how to construct a query 8143// (https://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query) 8144// for more information. If not specified or empty, it will search all 8145// the resources within the specified `scope`. Examples: * 8146// `name:Important` to find Cloud resources whose name contains 8147// "Important" as a word. * `name=Important` to find the Cloud resource 8148// whose name is exactly "Important". * `displayName:Impor*` to find 8149// Cloud resources whose display name contains "Impor" as a prefix of 8150// any word in the field. * `location:us-west*` to find Cloud resources 8151// whose location contains both "us" and "west" as prefixes. * 8152// `labels:prod` to find Cloud resources whose labels contain "prod" as 8153// a key or value. * `labels.env:prod` to find Cloud resources that have 8154// a label "env" and its value is "prod". * `labels.env:*` to find Cloud 8155// resources that have a label "env". * `kmsKey:key` to find Cloud 8156// resources encrypted with a customer-managed encryption key whose name 8157// contains the word "key". * `state:ACTIVE` to find Cloud resources 8158// whose state contains "ACTIVE" as a word. * `NOT state:ACTIVE` to find 8159// Cloud resources whose state doesn't contain "ACTIVE" as a word. * 8160// `createTime<1609459200` to find Cloud resources that were created 8161// before "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp 8162// of "2021-01-01 00:00:00 UTC" in seconds. * `updateTime>1609459200` to 8163// find Cloud resources that were updated after "2021-01-01 00:00:00 8164// UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00 UTC" 8165// in seconds. * `Important` to find Cloud resources that contain 8166// "Important" as a word in any of the searchable fields. * `Impor*` to 8167// find Cloud resources that contain "Impor" as a prefix of any word in 8168// any of the searchable fields. * `Important location:(us-west1 OR 8169// global)` to find Cloud resources that contain "Important" as a word 8170// in any of the searchable fields and are also located in the 8171// "us-west1" region or the "global" location. 8172func (c *V1SearchAllResourcesCall) Query(query string) *V1SearchAllResourcesCall { 8173 c.urlParams_.Set("query", query) 8174 return c 8175} 8176 8177// ReadMask sets the optional parameter "readMask": A comma-separated 8178// list of fields specifying which fields to be returned in 8179// ResourceSearchResult. Only '*' or combination of top level fields can 8180// be specified. Field names of both snake_case and camelCase are 8181// supported. Examples: "*", "name,location", 8182// "name,versionedResources". The read_mask paths must be valid field 8183// paths listed but not limited to (both snake_case and camelCase are 8184// supported): * name * assetType * project * displayName * description 8185// * location * labels * networkTags * kmsKey * createTime * updateTime 8186// * state * additionalAttributes * versionedResources If read_mask is 8187// not specified, all fields except versionedResources will be returned. 8188// If only '*' is specified, all fields including versionedResources 8189// will be returned. Any invalid field path will trigger 8190// INVALID_ARGUMENT error. 8191func (c *V1SearchAllResourcesCall) ReadMask(readMask string) *V1SearchAllResourcesCall { 8192 c.urlParams_.Set("readMask", readMask) 8193 return c 8194} 8195 8196// Fields allows partial responses to be retrieved. See 8197// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse 8198// for more information. 8199func (c *V1SearchAllResourcesCall) Fields(s ...googleapi.Field) *V1SearchAllResourcesCall { 8200 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8201 return c 8202} 8203 8204// IfNoneMatch sets the optional parameter which makes the operation 8205// fail if the object's ETag matches the given value. This is useful for 8206// getting updates only after the object has changed since the last 8207// request. Use googleapi.IsNotModified to check whether the response 8208// error from Do is the result of In-None-Match. 8209func (c *V1SearchAllResourcesCall) IfNoneMatch(entityTag string) *V1SearchAllResourcesCall { 8210 c.ifNoneMatch_ = entityTag 8211 return c 8212} 8213 8214// Context sets the context to be used in this call's Do method. Any 8215// pending HTTP request will be aborted if the provided context is 8216// canceled. 8217func (c *V1SearchAllResourcesCall) Context(ctx context.Context) *V1SearchAllResourcesCall { 8218 c.ctx_ = ctx 8219 return c 8220} 8221 8222// Header returns an http.Header that can be modified by the caller to 8223// add HTTP headers to the request. 8224func (c *V1SearchAllResourcesCall) Header() http.Header { 8225 if c.header_ == nil { 8226 c.header_ = make(http.Header) 8227 } 8228 return c.header_ 8229} 8230 8231func (c *V1SearchAllResourcesCall) doRequest(alt string) (*http.Response, error) { 8232 reqHeaders := make(http.Header) 8233 reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/20210915") 8234 for k, v := range c.header_ { 8235 reqHeaders[k] = v 8236 } 8237 reqHeaders.Set("User-Agent", c.s.userAgent()) 8238 if c.ifNoneMatch_ != "" { 8239 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8240 } 8241 var body io.Reader = nil 8242 c.urlParams_.Set("alt", alt) 8243 c.urlParams_.Set("prettyPrint", "false") 8244 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:searchAllResources") 8245 urls += "?" + c.urlParams_.Encode() 8246 req, err := http.NewRequest("GET", urls, body) 8247 if err != nil { 8248 return nil, err 8249 } 8250 req.Header = reqHeaders 8251 googleapi.Expand(req.URL, map[string]string{ 8252 "scope": c.scope, 8253 }) 8254 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8255} 8256 8257// Do executes the "cloudasset.searchAllResources" call. 8258// Exactly one of *SearchAllResourcesResponse or error will be non-nil. 8259// Any non-2xx status code is an error. Response headers are in either 8260// *SearchAllResourcesResponse.ServerResponse.Header or (if a response 8261// was returned at all) in error.(*googleapi.Error).Header. Use 8262// googleapi.IsNotModified to check whether the returned error was 8263// because http.StatusNotModified was returned. 8264func (c *V1SearchAllResourcesCall) Do(opts ...googleapi.CallOption) (*SearchAllResourcesResponse, error) { 8265 gensupport.SetOptions(c.urlParams_, opts...) 8266 res, err := c.doRequest("json") 8267 if res != nil && res.StatusCode == http.StatusNotModified { 8268 if res.Body != nil { 8269 res.Body.Close() 8270 } 8271 return nil, &googleapi.Error{ 8272 Code: res.StatusCode, 8273 Header: res.Header, 8274 } 8275 } 8276 if err != nil { 8277 return nil, err 8278 } 8279 defer googleapi.CloseBody(res) 8280 if err := googleapi.CheckResponse(res); err != nil { 8281 return nil, err 8282 } 8283 ret := &SearchAllResourcesResponse{ 8284 ServerResponse: googleapi.ServerResponse{ 8285 Header: res.Header, 8286 HTTPStatusCode: res.StatusCode, 8287 }, 8288 } 8289 target := &ret 8290 if err := gensupport.DecodeResponse(target, res); err != nil { 8291 return nil, err 8292 } 8293 return ret, nil 8294 // { 8295 // "description": "Searches all Cloud resources within the specified scope, such as a project, folder, or organization. The caller must be granted the `cloudasset.assets.searchAllResources` permission on the desired scope, otherwise the request will be rejected.", 8296 // "flatPath": "v1/{v1Id}/{v1Id1}:searchAllResources", 8297 // "httpMethod": "GET", 8298 // "id": "cloudasset.searchAllResources", 8299 // "parameterOrder": [ 8300 // "scope" 8301 // ], 8302 // "parameters": { 8303 // "assetTypes": { 8304 // "description": "Optional. A list of asset types that this request searches for. If empty, it will search all the [searchable asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types). Regular expressions are also supported. For example: * \"compute.googleapis.com.*\" snapshots resources whose asset type starts with \"compute.googleapis.com\". * \".*Instance\" snapshots resources whose asset type ends with \"Instance\". * \".*Instance.*\" snapshots resources whose asset type contains \"Instance\". See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.", 8305 // "location": "query", 8306 // "repeated": true, 8307 // "type": "string" 8308 // }, 8309 // "orderBy": { 8310 // "description": "Optional. A comma-separated list of fields specifying the sorting order of the results. The default order is ascending. Add \" DESC\" after the field name to indicate descending order. Redundant space characters are ignored. Example: \"location DESC, name\". Only singular primitive fields in the response are sortable: * name * assetType * project * displayName * description * location * kmsKey * createTime * updateTime * state * parentFullResourceName * parentAssetType All the other fields such as repeated fields (e.g., `networkTags`), map fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`) are not supported.", 8311 // "location": "query", 8312 // "type": "string" 8313 // }, 8314 // "pageSize": { 8315 // "description": "Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set to zero, server will pick an appropriate default. Returned results may be fewer than requested. When this happens, there could be more results as long as `next_page_token` is returned.", 8316 // "format": "int32", 8317 // "location": "query", 8318 // "type": "integer" 8319 // }, 8320 // "pageToken": { 8321 // "description": "Optional. If present, then retrieve the next batch of results from the preceding call to this method. `page_token` must be the value of `next_page_token` from the previous response. The values of all other method parameters, must be identical to those in the previous call.", 8322 // "location": "query", 8323 // "type": "string" 8324 // }, 8325 // "query": { 8326 // "description": "Optional. The query statement. See [how to construct a query](https://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query) for more information. If not specified or empty, it will search all the resources within the specified `scope`. Examples: * `name:Important` to find Cloud resources whose name contains \"Important\" as a word. * `name=Important` to find the Cloud resource whose name is exactly \"Important\". * `displayName:Impor*` to find Cloud resources whose display name contains \"Impor\" as a prefix of any word in the field. * `location:us-west*` to find Cloud resources whose location contains both \"us\" and \"west\" as prefixes. * `labels:prod` to find Cloud resources whose labels contain \"prod\" as a key or value. * `labels.env:prod` to find Cloud resources that have a label \"env\" and its value is \"prod\". * `labels.env:*` to find Cloud resources that have a label \"env\". * `kmsKey:key` to find Cloud resources encrypted with a customer-managed encryption key whose name contains the word \"key\". * `state:ACTIVE` to find Cloud resources whose state contains \"ACTIVE\" as a word. * `NOT state:ACTIVE` to find Cloud resources whose state doesn't contain \"ACTIVE\" as a word. * `createTime\u003c1609459200` to find Cloud resources that were created before \"2021-01-01 00:00:00 UTC\". 1609459200 is the epoch timestamp of \"2021-01-01 00:00:00 UTC\" in seconds. * `updateTime\u003e1609459200` to find Cloud resources that were updated after \"2021-01-01 00:00:00 UTC\". 1609459200 is the epoch timestamp of \"2021-01-01 00:00:00 UTC\" in seconds. * `Important` to find Cloud resources that contain \"Important\" as a word in any of the searchable fields. * `Impor*` to find Cloud resources that contain \"Impor\" as a prefix of any word in any of the searchable fields. * `Important location:(us-west1 OR global)` to find Cloud resources that contain \"Important\" as a word in any of the searchable fields and are also located in the \"us-west1\" region or the \"global\" location.", 8327 // "location": "query", 8328 // "type": "string" 8329 // }, 8330 // "readMask": { 8331 // "description": "Optional. A comma-separated list of fields specifying which fields to be returned in ResourceSearchResult. Only '*' or combination of top level fields can be specified. Field names of both snake_case and camelCase are supported. Examples: `\"*\"`, `\"name,location\"`, `\"name,versionedResources\"`. The read_mask paths must be valid field paths listed but not limited to (both snake_case and camelCase are supported): * name * assetType * project * displayName * description * location * labels * networkTags * kmsKey * createTime * updateTime * state * additionalAttributes * versionedResources If read_mask is not specified, all fields except versionedResources will be returned. If only '*' is specified, all fields including versionedResources will be returned. Any invalid field path will trigger INVALID_ARGUMENT error.", 8332 // "format": "google-fieldmask", 8333 // "location": "query", 8334 // "type": "string" 8335 // }, 8336 // "scope": { 8337 // "description": "Required. A scope can be a project, a folder, or an organization. The search is limited to the resources within the `scope`. The caller must be granted the [`cloudasset.assets.searchAllResources`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions) permission on the desired scope. The allowed values are: * projects/{PROJECT_ID} (e.g., \"projects/foo-bar\") * projects/{PROJECT_NUMBER} (e.g., \"projects/12345678\") * folders/{FOLDER_NUMBER} (e.g., \"folders/1234567\") * organizations/{ORGANIZATION_NUMBER} (e.g., \"organizations/123456\")", 8338 // "location": "path", 8339 // "pattern": "^[^/]+/[^/]+$", 8340 // "required": true, 8341 // "type": "string" 8342 // } 8343 // }, 8344 // "path": "v1/{+scope}:searchAllResources", 8345 // "response": { 8346 // "$ref": "SearchAllResourcesResponse" 8347 // }, 8348 // "scopes": [ 8349 // "https://www.googleapis.com/auth/cloud-platform" 8350 // ] 8351 // } 8352 8353} 8354 8355// Pages invokes f for each page of results. 8356// A non-nil error returned from f will halt the iteration. 8357// The provided context supersedes any context provided to the Context method. 8358func (c *V1SearchAllResourcesCall) Pages(ctx context.Context, f func(*SearchAllResourcesResponse) error) error { 8359 c.ctx_ = ctx 8360 defer c.PageToken(c.urlParams_.Get("pageToken")) // reset paging to original point 8361 for { 8362 x, err := c.Do() 8363 if err != nil { 8364 return err 8365 } 8366 if err := f(x); err != nil { 8367 return err 8368 } 8369 if x.NextPageToken == "" { 8370 return nil 8371 } 8372 c.PageToken(x.NextPageToken) 8373 } 8374} 8375