Package com.google.cloud.asset.v1

Interface AssetServiceGrpc.AsyncService

    • Method Detail

      • exportAssets

        default void exportAssets​(ExportAssetsRequest request,
                          io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver)
         Exports assets with time and resource types to a given Cloud Storage
 location/BigQuery table. For Cloud Storage location destinations, the
 output format is newline-delimited JSON. Each line represents a
 [google.cloud.asset.v1.Asset][google.cloud.asset.v1.Asset] in the JSON
 format; for BigQuery table destinations, the output table stores the fields
 in asset Protobuf as columns. This API implements the
 [google.longrunning.Operation][google.longrunning.Operation] API, which
 allows you to keep track of the export. We recommend intervals of at least
 2 seconds with exponential retry to poll the export operation result. For
 regular-size resource parent, the export operation usually finishes within
 5 minutes.

      • listAssets

        default void listAssets​(ListAssetsRequest request,
                        io.grpc.stub.StreamObserver<ListAssetsResponse> responseObserver)
         Lists assets with time and resource types and returns paged results in
 response.

      • batchGetAssetsHistory

        default void batchGetAssetsHistory​(BatchGetAssetsHistoryRequest request,
                                   io.grpc.stub.StreamObserver<BatchGetAssetsHistoryResponse> responseObserver)
         Batch gets the update history of assets that overlap a time window.
 For IAM_POLICY content, this API outputs history when the asset and its
 attached IAM POLICY both exist. This can create gaps in the output history.
 Otherwise, this API outputs history with asset in both non-delete or
 deleted status.
 If a specified asset does not exist, this API returns an INVALID_ARGUMENT
 error.

      • createFeed

        default void createFeed​(CreateFeedRequest request,
                        io.grpc.stub.StreamObserver<Feed> responseObserver)
         Creates a feed in a parent project/folder/organization to listen to its
 asset updates.

      • getFeed

        default void getFeed​(GetFeedRequest request,
                     io.grpc.stub.StreamObserver<Feed> responseObserver)
         Gets details about an asset feed.

      • listFeeds

        default void listFeeds​(ListFeedsRequest request,
                       io.grpc.stub.StreamObserver<ListFeedsResponse> responseObserver)
         Lists all asset feeds in a parent project/folder/organization.

      • updateFeed

        default void updateFeed​(UpdateFeedRequest request,
                        io.grpc.stub.StreamObserver<Feed> responseObserver)
         Updates an asset feed configuration.

      • deleteFeed

        default void deleteFeed​(DeleteFeedRequest request,
                        io.grpc.stub.StreamObserver<com.google.protobuf.Empty> responseObserver)
         Deletes an asset feed.

      • searchAllResources

        default void searchAllResources​(SearchAllResourcesRequest request,
                                io.grpc.stub.StreamObserver<SearchAllResourcesResponse> responseObserver)
         Searches all Google Cloud resources within the specified scope, such as a
 project, folder, or organization. The caller must be granted the
 `cloudasset.assets.searchAllResources` permission on the desired scope,
 otherwise the request will be rejected.

      • searchAllIamPolicies

        default void searchAllIamPolicies​(SearchAllIamPoliciesRequest request,
                                  io.grpc.stub.StreamObserver<SearchAllIamPoliciesResponse> responseObserver)
         Searches all IAM policies within the specified scope, such as a project,
 folder, or organization. The caller must be granted the
 `cloudasset.assets.searchAllIamPolicies` permission on the desired scope,
 otherwise the request will be rejected.

      • analyzeIamPolicy

        default void analyzeIamPolicy​(AnalyzeIamPolicyRequest request,
                              io.grpc.stub.StreamObserver<AnalyzeIamPolicyResponse> responseObserver)
         Analyzes IAM policies to answer which identities have what accesses on
 which resources.

      • analyzeIamPolicyLongrunning

        default void analyzeIamPolicyLongrunning​(AnalyzeIamPolicyLongrunningRequest request,
                                         io.grpc.stub.StreamObserver<com.google.longrunning.Operation> responseObserver)
         Analyzes IAM policies asynchronously to answer which identities have what
 accesses on which resources, and writes the analysis results to a Google
 Cloud Storage or a BigQuery destination. For Cloud Storage destination, the
 output format is the JSON format that represents a
 [AnalyzeIamPolicyResponse][google.cloud.asset.v1.AnalyzeIamPolicyResponse].
 This method implements the
 [google.longrunning.Operation][google.longrunning.Operation], which allows
 you to track the operation status. We recommend intervals of at least 2
 seconds with exponential backoff retry to poll the operation result. The
 metadata contains the metadata for the long-running operation.

      • analyzeMove

        default void analyzeMove​(AnalyzeMoveRequest request,
                         io.grpc.stub.StreamObserver<AnalyzeMoveResponse> responseObserver)
         Analyze moving a resource to a specified destination without kicking off
 the actual move. The analysis is best effort depending on the user's
 permissions of viewing different hierarchical policies and configurations.
 The policies and configuration are subject to change before the actual
 resource migration takes place.

      • queryAssets

        default void queryAssets​(QueryAssetsRequest request,
                         io.grpc.stub.StreamObserver<QueryAssetsResponse> responseObserver)
         Issue a job that queries assets using a SQL statement compatible with
 [BigQuery Standard
 SQL](http://cloud/bigquery/docs/reference/standard-sql/enabling-standard-sql).
 If the query execution finishes within timeout and there's no pagination,
 the full query results will be returned in the `QueryAssetsResponse`.
 Otherwise, full query results can be obtained by issuing extra requests
 with the `job_reference` from the a previous `QueryAssets` call.
 Note, the query result has approximately 10 GB limitation enforced by
 BigQuery
 https://cloud.google.com/bigquery/docs/best-practices-performance-output,
 queries return larger results will result in errors.

      • createSavedQuery

        default void createSavedQuery​(CreateSavedQueryRequest request,
                              io.grpc.stub.StreamObserver<SavedQuery> responseObserver)
         Creates a saved query in a parent project/folder/organization.

      • getSavedQuery

        default void getSavedQuery​(GetSavedQueryRequest request,
                           io.grpc.stub.StreamObserver<SavedQuery> responseObserver)
         Gets details about a saved query.

      • updateSavedQuery

        default void updateSavedQuery​(UpdateSavedQueryRequest request,
                              io.grpc.stub.StreamObserver<SavedQuery> responseObserver)
         Updates a saved query.

      • deleteSavedQuery

        default void deleteSavedQuery​(DeleteSavedQueryRequest request,
                              io.grpc.stub.StreamObserver<com.google.protobuf.Empty> responseObserver)
         Deletes a saved query.

      • analyzeOrgPolicyGovernedAssets

        default void analyzeOrgPolicyGovernedAssets​(AnalyzeOrgPolicyGovernedAssetsRequest request,
                                            io.grpc.stub.StreamObserver<AnalyzeOrgPolicyGovernedAssetsResponse> responseObserver)
         Analyzes organization policies governed assets (Google Cloud resources or
 policies) under a scope. This RPC supports custom constraints and the
 following 10 canned constraints:
 * storage.uniformBucketLevelAccess
 * iam.disableServiceAccountKeyCreation
 * iam.allowedPolicyMemberDomains
 * compute.vmExternalIpAccess
 * appengine.enforceServiceAccountActAsCheck
 * gcp.resourceLocations
 * compute.trustedImageProjects
 * compute.skipDefaultNetworkCreation
 * compute.requireOsLogin
 * compute.disableNestedVirtualization
 This RPC only returns either resources of types supported by [searchable
 asset
 types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types),
 or IAM policies.