Package com.google.cloud.asset.v1

Interface SearchAllIamPoliciesRequestOrBuilder

    • Method Detail

      • getScope

        String getScope()
         Required. A scope can be a project, a folder, or an organization. The
 search is limited to the IAM policies within the `scope`. The caller must
 be granted the
 [`cloudasset.assets.searchAllIamPolicies`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
 permission on the desired scope.

 The allowed values are:

 * projects/{PROJECT_ID} (e.g., "projects/foo-bar")
 * projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
 * folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
 * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
        string scope = 1 [(.google.api.field_behavior) = REQUIRED];
        Returns:
        The scope.

      • getScopeBytes

        com.google.protobuf.ByteString getScopeBytes()
         Required. A scope can be a project, a folder, or an organization. The
 search is limited to the IAM policies within the `scope`. The caller must
 be granted the
 [`cloudasset.assets.searchAllIamPolicies`](https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
 permission on the desired scope.

 The allowed values are:

 * projects/{PROJECT_ID} (e.g., "projects/foo-bar")
 * projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
 * folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
 * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
        string scope = 1 [(.google.api.field_behavior) = REQUIRED];
        Returns:
        The bytes for scope.

      • getQuery

        String getQuery()
         Optional. The query statement. See [how to construct a
 query](https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query)
 for more information. If not specified or empty, it will search all the
 IAM policies within the specified `scope`. Note that the query string is
 compared against each IAM policy binding, including its principals,
 roles, and IAM conditions. The returned IAM policies will only
 contain the bindings that match your query. To learn more about the IAM
 policy structure, see the [IAM policy
 documentation](https://cloud.google.com/iam/help/allow-policies/structure).

 Examples:

 * `policy:amy@gmail.com` to find IAM policy bindings that specify user
   "amy@gmail.com".
 * `policy:roles/compute.admin` to find IAM policy bindings that specify
   the Compute Admin role.
 * `policy:comp*` to find IAM policy bindings that contain "comp" as a
   prefix of any word in the binding.
 * `policy.role.permissions:storage.buckets.update` to find IAM policy
   bindings that specify a role containing "storage.buckets.update"
   permission. Note that if callers don't have `iam.roles.get` access to a
   role's included permissions, policy bindings that specify this role will
   be dropped from the search results.
 * `policy.role.permissions:upd*` to find IAM policy bindings that specify a
   role containing "upd" as a prefix of any word in the role permission.
   Note that if callers don't have `iam.roles.get` access to a role's
   included permissions, policy bindings that specify this role will be
   dropped from the search results.
 * `resource:organizations/123456` to find IAM policy bindings
   that are set on "organizations/123456".
 * `resource=//cloudresourcemanager.googleapis.com/projects/myproject` to
   find IAM policy bindings that are set on the project named "myproject".
 * `Important` to find IAM policy bindings that contain "Important" as a
   word in any of the searchable fields (except for the included
   permissions).
 * `resource:(instance1 OR instance2) policy:amy` to find
   IAM policy bindings that are set on resources "instance1" or
   "instance2" and also specify user "amy".
 * `roles:roles/compute.admin` to find IAM policy bindings that specify the
   Compute Admin role.
 * `memberTypes:user` to find IAM policy bindings that contain the
   principal type "user".
        string query = 2 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The query.

      • getQueryBytes

        com.google.protobuf.ByteString getQueryBytes()
         Optional. The query statement. See [how to construct a
 query](https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query)
 for more information. If not specified or empty, it will search all the
 IAM policies within the specified `scope`. Note that the query string is
 compared against each IAM policy binding, including its principals,
 roles, and IAM conditions. The returned IAM policies will only
 contain the bindings that match your query. To learn more about the IAM
 policy structure, see the [IAM policy
 documentation](https://cloud.google.com/iam/help/allow-policies/structure).

 Examples:

 * `policy:amy@gmail.com` to find IAM policy bindings that specify user
   "amy@gmail.com".
 * `policy:roles/compute.admin` to find IAM policy bindings that specify
   the Compute Admin role.
 * `policy:comp*` to find IAM policy bindings that contain "comp" as a
   prefix of any word in the binding.
 * `policy.role.permissions:storage.buckets.update` to find IAM policy
   bindings that specify a role containing "storage.buckets.update"
   permission. Note that if callers don't have `iam.roles.get` access to a
   role's included permissions, policy bindings that specify this role will
   be dropped from the search results.
 * `policy.role.permissions:upd*` to find IAM policy bindings that specify a
   role containing "upd" as a prefix of any word in the role permission.
   Note that if callers don't have `iam.roles.get` access to a role's
   included permissions, policy bindings that specify this role will be
   dropped from the search results.
 * `resource:organizations/123456` to find IAM policy bindings
   that are set on "organizations/123456".
 * `resource=//cloudresourcemanager.googleapis.com/projects/myproject` to
   find IAM policy bindings that are set on the project named "myproject".
 * `Important` to find IAM policy bindings that contain "Important" as a
   word in any of the searchable fields (except for the included
   permissions).
 * `resource:(instance1 OR instance2) policy:amy` to find
   IAM policy bindings that are set on resources "instance1" or
   "instance2" and also specify user "amy".
 * `roles:roles/compute.admin` to find IAM policy bindings that specify the
   Compute Admin role.
 * `memberTypes:user` to find IAM policy bindings that contain the
   principal type "user".
        string query = 2 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The bytes for query.

      • getPageSize

        int getPageSize()
         Optional. The page size for search result pagination. Page size is capped
 at 500 even if a larger value is given. If set to zero, server will pick an
 appropriate default. Returned results may be fewer than requested. When
 this happens, there could be more results as long as `next_page_token` is
 returned.
        int32 page_size = 3 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The pageSize.

      • getPageToken

        String getPageToken()
         Optional. If present, retrieve the next batch of results from the preceding
 call to this method. `page_token` must be the value of `next_page_token`
 from the previous response. The values of all other method parameters must
 be identical to those in the previous call.
        string page_token = 4 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The pageToken.

      • getPageTokenBytes

        com.google.protobuf.ByteString getPageTokenBytes()
         Optional. If present, retrieve the next batch of results from the preceding
 call to this method. `page_token` must be the value of `next_page_token`
 from the previous response. The values of all other method parameters must
 be identical to those in the previous call.
        string page_token = 4 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The bytes for pageToken.

      • getAssetTypesList

        List<String> getAssetTypesList()
         Optional. A list of asset types that the IAM policies are attached to. If
 empty, it will search the IAM policies that are attached to all the
 [searchable asset
 types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).

 Regular expressions are also supported. For example:

 * "compute.googleapis.com.*" snapshots IAM policies attached to asset type
 starts with "compute.googleapis.com".
 * ".*Instance" snapshots IAM policies attached to asset type ends with
 "Instance".
 * ".*Instance.*" snapshots IAM policies attached to asset type contains
 "Instance".

 See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
 regular expression syntax. If the regular expression does not match any
 supported asset type, an INVALID_ARGUMENT error will be returned.
        repeated string asset_types = 5 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        A list containing the assetTypes.

      • getAssetTypesCount

        int getAssetTypesCount()
         Optional. A list of asset types that the IAM policies are attached to. If
 empty, it will search the IAM policies that are attached to all the
 [searchable asset
 types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).

 Regular expressions are also supported. For example:

 * "compute.googleapis.com.*" snapshots IAM policies attached to asset type
 starts with "compute.googleapis.com".
 * ".*Instance" snapshots IAM policies attached to asset type ends with
 "Instance".
 * ".*Instance.*" snapshots IAM policies attached to asset type contains
 "Instance".

 See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
 regular expression syntax. If the regular expression does not match any
 supported asset type, an INVALID_ARGUMENT error will be returned.
        repeated string asset_types = 5 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The count of assetTypes.

      • getAssetTypes

        String getAssetTypes​(int index)
         Optional. A list of asset types that the IAM policies are attached to. If
 empty, it will search the IAM policies that are attached to all the
 [searchable asset
 types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).

 Regular expressions are also supported. For example:

 * "compute.googleapis.com.*" snapshots IAM policies attached to asset type
 starts with "compute.googleapis.com".
 * ".*Instance" snapshots IAM policies attached to asset type ends with
 "Instance".
 * ".*Instance.*" snapshots IAM policies attached to asset type contains
 "Instance".

 See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
 regular expression syntax. If the regular expression does not match any
 supported asset type, an INVALID_ARGUMENT error will be returned.
        repeated string asset_types = 5 [(.google.api.field_behavior) = OPTIONAL];
        Parameters:
        index - The index of the element to return.
        Returns:
        The assetTypes at the given index.

      • getAssetTypesBytes

        com.google.protobuf.ByteString getAssetTypesBytes​(int index)
         Optional. A list of asset types that the IAM policies are attached to. If
 empty, it will search the IAM policies that are attached to all the
 [searchable asset
 types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).

 Regular expressions are also supported. For example:

 * "compute.googleapis.com.*" snapshots IAM policies attached to asset type
 starts with "compute.googleapis.com".
 * ".*Instance" snapshots IAM policies attached to asset type ends with
 "Instance".
 * ".*Instance.*" snapshots IAM policies attached to asset type contains
 "Instance".

 See [RE2](https://github.com/google/re2/wiki/Syntax) for all supported
 regular expression syntax. If the regular expression does not match any
 supported asset type, an INVALID_ARGUMENT error will be returned.
        repeated string asset_types = 5 [(.google.api.field_behavior) = OPTIONAL];
        Parameters:
        index - The index of the value to return.
        Returns:
        The bytes of the assetTypes at the given index.

      • getOrderBy

        String getOrderBy()
         Optional. A comma-separated list of fields specifying the sorting order of
 the results. The default order is ascending. Add " DESC" after the field
 name to indicate descending order. Redundant space characters are ignored.
 Example: "assetType DESC, resource".
 Only singular primitive fields in the response are sortable:
   * resource
   * assetType
   * project
 All the other fields such as repeated fields (e.g., `folders`) and
 non-primitive fields (e.g., `policy`) are not supported.
        string order_by = 7 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The orderBy.

      • getOrderByBytes

        com.google.protobuf.ByteString getOrderByBytes()
         Optional. A comma-separated list of fields specifying the sorting order of
 the results. The default order is ascending. Add " DESC" after the field
 name to indicate descending order. Redundant space characters are ignored.
 Example: "assetType DESC, resource".
 Only singular primitive fields in the response are sortable:
   * resource
   * assetType
   * project
 All the other fields such as repeated fields (e.g., `folders`) and
 non-primitive fields (e.g., `policy`) are not supported.
        string order_by = 7 [(.google.api.field_behavior) = OPTIONAL];
        Returns:
        The bytes for orderBy.