AssetService¶
- class google.cloud.asset_v1.services.asset_service.AssetServiceAsyncClient(*, credentials: google.auth.credentials.Credentials = None, transport: Union[str, google.cloud.asset_v1.services.asset_service.transports.base.AssetServiceTransport] = 'grpc_asyncio', client_options: <module 'google.api_core.client_options' from '/usr/lib/python3.10/site-packages/google/api_core/client_options.py'> = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)[source]¶
Asset service definition.
Instantiates the asset service client.
- Parameters
credentials (Optional[google.auth.credentials.Credentials]) – The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.
transport (Union[str, AssetServiceTransport]) – The transport to use. If set to None, a transport is chosen automatically.
client_options (ClientOptions) – Custom options for the client. It won’t take effect if a
transport
instance is provided. (1) Theapi_endpoint
property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT environment variable can also be used to override the endpoint: “always” (always use the default mTLS endpoint), “never” (always use the default regular endpoint) and “auto” (auto switch to the default mTLS endpoint if client certificate is present, this is the default value). However, theapi_endpoint
property takes precedence if provided. (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is “true”, then theclient_cert_source
property can be used to provide client certificate for mutual TLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is “false” or not set, no client certificate will be used.
- Raises
google.auth.exceptions.MutualTlsChannelError – If mutual TLS transport creation failed for any reason.
- static access_level_path(access_policy: str, access_level: str) str ¶
Returns a fully-qualified access_level string.
- static access_policy_path(access_policy: str) str ¶
Returns a fully-qualified access_policy string.
- async analyze_iam_policy(request: Optional[google.cloud.asset_v1.types.asset_service.AnalyzeIamPolicyRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.AnalyzeIamPolicyResponse [source]¶
Analyzes IAM policies to answer which identities have what accesses on which resources.
- Parameters
request (
google.cloud.asset_v1.types.AnalyzeIamPolicyRequest
) – The request object. A request message for [AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy].retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
A response message for [AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy].
- Return type
- async analyze_iam_policy_longrunning(request: Optional[google.cloud.asset_v1.types.asset_service.AnalyzeIamPolicyLongrunningRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.api_core.operation_async.AsyncOperation [source]¶
Analyzes IAM policies asynchronously to answer which identities have what accesses on which resources, and writes the analysis results to a Google Cloud Storage or a BigQuery destination. For Cloud Storage destination, the output format is the JSON format that represents a [AnalyzeIamPolicyResponse][google.cloud.asset.v1.AnalyzeIamPolicyResponse]. This method implements the [google.longrunning.Operation][google.longrunning.Operation], which allows you to track the operation status. We recommend intervals of at least 2 seconds with exponential backoff retry to poll the operation result. The metadata contains the metadata for the long-running operation.
- Parameters
request (
google.cloud.asset_v1.types.AnalyzeIamPolicyLongrunningRequest
) – The request object. A request message for [AssetService.AnalyzeIamPolicyLongrunning][google.cloud.asset.v1.AssetService.AnalyzeIamPolicyLongrunning].retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An object representing a long-running operation.
The result type for the operation will be
google.cloud.asset_v1.types.AnalyzeIamPolicyLongrunningResponse
A response message for [AssetService.AnalyzeIamPolicyLongrunning][google.cloud.asset.v1.AssetService.AnalyzeIamPolicyLongrunning].- Return type
google.api_core.operation_async.AsyncOperation
- async analyze_move(request: Optional[google.cloud.asset_v1.types.asset_service.AnalyzeMoveRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.AnalyzeMoveResponse [source]¶
Analyze moving a resource to a specified destination without kicking off the actual move. The analysis is best effort depending on the user’s permissions of viewing different hierarchical policies and configurations. The policies and configuration are subject to change before the actual resource migration takes place.
- Parameters
request (
google.cloud.asset_v1.types.AnalyzeMoveRequest
) – The request object. The request message for performing resource move analysis.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
The response message for resource move analysis.
- Return type
- static asset_path() str ¶
Returns a fully-qualified asset string.
- async batch_get_assets_history(request: Optional[google.cloud.asset_v1.types.asset_service.BatchGetAssetsHistoryRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.BatchGetAssetsHistoryResponse [source]¶
Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.
- Parameters
request (
google.cloud.asset_v1.types.BatchGetAssetsHistoryRequest
) – The request object. Batch get assets history request.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
Batch get assets history response.
- Return type
- static common_billing_account_path(billing_account: str) str ¶
Returns a fully-qualified billing_account string.
- static common_folder_path(folder: str) str ¶
Returns a fully-qualified folder string.
- static common_location_path(project: str, location: str) str ¶
Returns a fully-qualified location string.
- static common_organization_path(organization: str) str ¶
Returns a fully-qualified organization string.
- static common_project_path(project: str) str ¶
Returns a fully-qualified project string.
- async create_feed(request: Optional[google.cloud.asset_v1.types.asset_service.CreateFeedRequest] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.Feed [source]¶
Creates a feed in a parent project/folder/organization to listen to its asset updates.
- Parameters
request (
google.cloud.asset_v1.types.CreateFeedRequest
) – The request object. Create asset feed request.parent (
str
) –Required. The name of the project/folder/organization where this feed should be created in. It can only be an organization number (such as “organizations/123”), a folder number (such as “folders/123”), a project ID (such as “projects/my-project-id”)”, or a project number (such as “projects/12345”).
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.
- Return type
- async delete_feed(request: Optional[google.cloud.asset_v1.types.asset_service.DeleteFeedRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) None [source]¶
Deletes an asset feed.
- Parameters
request (
google.cloud.asset_v1.types.DeleteFeedRequest
) – The request object.name (
str
) –Required. The name of the feed and it must be in the format of: projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id organizations/organization_number/feeds/feed_id
This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- async export_assets(request: Optional[google.cloud.asset_v1.types.asset_service.ExportAssetsRequest] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.api_core.operation_async.AsyncOperation [source]¶
Exports assets with time and resource types to a given Cloud Storage location/BigQuery table. For Cloud Storage location destinations, the output format is newline-delimited JSON. Each line represents a [google.cloud.asset.v1.Asset][google.cloud.asset.v1.Asset] in the JSON format; for BigQuery table destinations, the output table stores the fields in asset proto as columns. This API implements the [google.longrunning.Operation][google.longrunning.Operation] API , which allows you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.
- Parameters
request (
google.cloud.asset_v1.types.ExportAssetsRequest
) – The request object. Export asset request.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An object representing a long-running operation.
- The result type for the operation will be
google.cloud.asset_v1.types.ExportAssetsResponse
The export asset response. This message is returned by the [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation] method in the returned [google.longrunning.Operation.response][google.longrunning.Operation.response] field.
- The result type for the operation will be
- Return type
google.api_core.operation_async.AsyncOperation
- static feed_path(project: str, feed: str) str ¶
Returns a fully-qualified feed string.
- classmethod from_service_account_file(filename: str, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_info(info: dict, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
info.
- Parameters
info (dict) – The service account private key info.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_json(filename: str, *args, **kwargs)¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- async get_feed(request: Optional[google.cloud.asset_v1.types.asset_service.GetFeedRequest] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.Feed [source]¶
Gets details about an asset feed.
- Parameters
request (
google.cloud.asset_v1.types.GetFeedRequest
) – The request object. Get asset feed request.name (
str
) –Required. The name of the Feed and it must be in the format of: projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id organizations/organization_number/feeds/feed_id
This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.
- Return type
- get_transport_class() Type[google.cloud.asset_v1.services.asset_service.transports.base.AssetServiceTransport] ¶
Returns an appropriate transport class.
- Parameters
label – The name of the desired transport. If none is provided, then the first transport in the registry is used.
- Returns
The transport class to use.
- static inventory_path(project: str, location: str, instance: str) str ¶
Returns a fully-qualified inventory string.
- async list_assets(request: Optional[google.cloud.asset_v1.types.asset_service.ListAssetsRequest] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.services.asset_service.pagers.ListAssetsAsyncPager [source]¶
Lists assets with time and resource types and returns paged results in response.
- Parameters
request (
google.cloud.asset_v1.types.ListAssetsRequest
) – The request object. ListAssets request.parent (
str
) –Required. Name of the organization or project the assets belong to. Format: “organizations/[organization-number]” (such as “organizations/123”), “projects/[project-id]” (such as “projects/my-project-id”), or “projects/[project-number]” (such as “projects/12345”).
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
ListAssets response. Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.asset_v1.services.asset_service.pagers.ListAssetsAsyncPager
- async list_feeds(request: Optional[google.cloud.asset_v1.types.asset_service.ListFeedsRequest] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.ListFeedsResponse [source]¶
Lists all asset feeds in a parent project/folder/organization.
- Parameters
request (
google.cloud.asset_v1.types.ListFeedsRequest
) – The request object. List asset feeds request.parent (
str
) –Required. The parent project/folder/organization whose feeds are to be listed. It can only be using project/folder/organization number (such as “folders/12345”)”, or a project ID (such as “projects/my-project-id”).
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Return type
- static parse_access_level_path(path: str) Dict[str, str] ¶
Parses a access_level path into its component segments.
- static parse_access_policy_path(path: str) Dict[str, str] ¶
Parses a access_policy path into its component segments.
- static parse_common_billing_account_path(path: str) Dict[str, str] ¶
Parse a billing_account path into its component segments.
- static parse_common_folder_path(path: str) Dict[str, str] ¶
Parse a folder path into its component segments.
- static parse_common_location_path(path: str) Dict[str, str] ¶
Parse a location path into its component segments.
- static parse_common_organization_path(path: str) Dict[str, str] ¶
Parse a organization path into its component segments.
- static parse_common_project_path(path: str) Dict[str, str] ¶
Parse a project path into its component segments.
- static parse_feed_path(path: str) Dict[str, str] ¶
Parses a feed path into its component segments.
- static parse_inventory_path(path: str) Dict[str, str] ¶
Parses a inventory path into its component segments.
- static parse_service_perimeter_path(path: str) Dict[str, str] ¶
Parses a service_perimeter path into its component segments.
- async search_all_iam_policies(request: Optional[google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesRequest] = None, *, scope: Optional[str] = None, query: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.services.asset_service.pagers.SearchAllIamPoliciesAsyncPager [source]¶
Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the
cloudasset.assets.searchAllIamPolicies
permission on the desired scope, otherwise the request will be rejected.- Parameters
request (
google.cloud.asset_v1.types.SearchAllIamPoliciesRequest
) – The request object. Search all IAM policies request.scope (
str
) –Required. A scope can be a project, a folder, or an organization. The search is limited to the IAM policies within the
scope
. The caller must be granted the`cloudasset.assets.searchAllIamPolicies
<https://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__ permission on the desired scope.The allowed values are:
projects/{PROJECT_ID} (e.g., “projects/foo-bar”)
projects/{PROJECT_NUMBER} (e.g., “projects/12345678”)
folders/{FOLDER_NUMBER} (e.g., “folders/1234567”)
organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
This corresponds to the
scope
field on therequest
instance; ifrequest
is provided, this should not be set.query (
str
) –Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the IAM policies within the specified
scope
. Note that the query string is compared against each Cloud IAM policy binding, including its members, roles, and Cloud IAM conditions. The returned Cloud IAM policies will only contain the bindings that match your query. To learn more about the IAM policy structure, see IAM policy doc.Examples:
policy:amy@gmail.com
to find IAM policy bindings that specify user “amy@gmail.com”.policy:roles/compute.admin
to find IAM policy bindings that specify the Compute Admin role.policy:comp*
to find IAM policy bindings that contain “comp” as a prefix of any word in the binding.policy.role.permissions:storage.buckets.update
to find IAM policy bindings that specify a role containing “storage.buckets.update” permission. Note that if callers don’t haveiam.roles.get
access to a role’s included permissions, policy bindings that specify this role will be dropped from the search results.policy.role.permissions:upd*
to find IAM policy bindings that specify a role containing “upd” as a prefix of any word in the role permission. Note that if callers don’t haveiam.roles.get
access to a role’s included permissions, policy bindings that specify this role will be dropped from the search results.resource:organizations/123456
to find IAM policy bindings that are set on “organizations/123456”.resource=//cloudresourcemanager.googleapis.com/projects/myproject
to find IAM policy bindings that are set on the project named “myproject”.Important
to find IAM policy bindings that contain “Important” as a word in any of the searchable fields (except for the included permissions).resource:(instance1 OR instance2) policy:amy
to find IAM policy bindings that are set on resources “instance1” or “instance2” and also specify user “amy”.roles:roles/compute.admin
to find IAM policy bindings that specify the Compute Admin role.memberTypes:user
to find IAM policy bindings that contain the “user” member type.
This corresponds to the
query
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
Search all IAM policies response. Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.asset_v1.services.asset_service.pagers.SearchAllIamPoliciesAsyncPager
- async search_all_resources(request: Optional[google.cloud.asset_v1.types.asset_service.SearchAllResourcesRequest] = None, *, scope: Optional[str] = None, query: Optional[str] = None, asset_types: Optional[Sequence[str]] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.services.asset_service.pagers.SearchAllResourcesAsyncPager [source]¶
Searches all Cloud resources within the specified scope, such as a project, folder, or organization. The caller must be granted the
cloudasset.assets.searchAllResources
permission on the desired scope, otherwise the request will be rejected.- Parameters
request (
google.cloud.asset_v1.types.SearchAllResourcesRequest
) – The request object. Search all resources request.scope (
str
) –Required. A scope can be a project, a folder, or an organization. The search is limited to the resources within the
scope
. The caller must be granted the`cloudasset.assets.searchAllResources
<https://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__ permission on the desired scope.The allowed values are:
projects/{PROJECT_ID} (e.g., “projects/foo-bar”)
projects/{PROJECT_NUMBER} (e.g., “projects/12345678”)
folders/{FOLDER_NUMBER} (e.g., “folders/1234567”)
organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
This corresponds to the
scope
field on therequest
instance; ifrequest
is provided, this should not be set.query (
str
) –Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the resources within the specified
scope
.Examples:
name:Important
to find Cloud resources whose name contains “Important” as a word.name=Important
to find the Cloud resource whose name is exactly “Important”.displayName:Impor*
to find Cloud resources whose display name contains “Impor” as a prefix of any word in the field.location:us-west*
to find Cloud resources whose location contains both “us” and “west” as prefixes.labels:prod
to find Cloud resources whose labels contain “prod” as a key or value.labels.env:prod
to find Cloud resources that have a label “env” and its value is “prod”.labels.env:*
to find Cloud resources that have a label “env”.kmsKey:key
to find Cloud resources encrypted with a customer-managed encryption key whose name contains the word “key”.state:ACTIVE
to find Cloud resources whose state contains “ACTIVE” as a word.NOT state:ACTIVE
to find Cloud resources whose state doesn’t contain “ACTIVE” as a word.createTime<1609459200
to find Cloud resources that were created before “2021-01-01 00:00:00 UTC”. 1609459200 is the epoch timestamp of “2021-01-01 00:00:00 UTC” in seconds.updateTime>1609459200
to find Cloud resources that were updated after “2021-01-01 00:00:00 UTC”. 1609459200 is the epoch timestamp of “2021-01-01 00:00:00 UTC” in seconds.Important
to find Cloud resources that contain “Important” as a word in any of the searchable fields.Impor*
to find Cloud resources that contain “Impor” as a prefix of any word in any of the searchable fields.Important location:(us-west1 OR global)
to find Cloud resources that contain “Important” as a word in any of the searchable fields and are also located in the “us-west1” region or the “global” location.
This corresponds to the
query
field on therequest
instance; ifrequest
is provided, this should not be set.asset_types (
Sequence[str]
) –Optional. A list of asset types that this request searches for. If empty, it will search all the searchable asset types.
Regular expressions are also supported. For example:
”compute.googleapis.com.*” snapshots resources whose asset type starts with “compute.googleapis.com”.
”.*Instance” snapshots resources whose asset type ends with “Instance”.
”.*Instance.*” snapshots resources whose asset type contains “Instance”.
See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.
This corresponds to the
asset_types
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
Search all resources response. Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.asset_v1.services.asset_service.pagers.SearchAllResourcesAsyncPager
- static service_perimeter_path(access_policy: str, service_perimeter: str) str ¶
Returns a fully-qualified service_perimeter string.
- property transport: google.cloud.asset_v1.services.asset_service.transports.base.AssetServiceTransport¶
Returns the transport used by the client instance.
- Returns
The transport used by the client instance.
- Return type
AssetServiceTransport
- async update_feed(request: Optional[google.cloud.asset_v1.types.asset_service.UpdateFeedRequest] = None, *, feed: Optional[google.cloud.asset_v1.types.asset_service.Feed] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.Feed [source]¶
Updates an asset feed configuration.
- Parameters
request (
google.cloud.asset_v1.types.UpdateFeedRequest
) – The request object. Update asset feed request.feed (
google.cloud.asset_v1.types.Feed
) –Required. The new values of feed details. It must match an existing feed and the field
name
must be in the format of: projects/project_number/feeds/feed_id or folders/folder_number/feeds/feed_id or organizations/organization_number/feeds/feed_id.This corresponds to the
feed
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.
- Return type
- class google.cloud.asset_v1.services.asset_service.AssetServiceClient(*, credentials: Optional[google.auth.credentials.Credentials] = None, transport: Optional[Union[str, google.cloud.asset_v1.services.asset_service.transports.base.AssetServiceTransport]] = None, client_options: Optional[google.api_core.client_options.ClientOptions] = None, client_info: google.api_core.gapic_v1.client_info.ClientInfo = <google.api_core.gapic_v1.client_info.ClientInfo object>)[source]¶
Asset service definition.
Instantiates the asset service client.
- Parameters
credentials (Optional[google.auth.credentials.Credentials]) – The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.
transport (Union[str, AssetServiceTransport]) – The transport to use. If set to None, a transport is chosen automatically.
client_options (google.api_core.client_options.ClientOptions) – Custom options for the client. It won’t take effect if a
transport
instance is provided. (1) Theapi_endpoint
property can be used to override the default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT environment variable can also be used to override the endpoint: “always” (always use the default mTLS endpoint), “never” (always use the default regular endpoint) and “auto” (auto switch to the default mTLS endpoint if client certificate is present, this is the default value). However, theapi_endpoint
property takes precedence if provided. (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is “true”, then theclient_cert_source
property can be used to provide client certificate for mutual TLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is “false” or not set, no client certificate will be used.client_info (google.api_core.gapic_v1.client_info.ClientInfo) – The client info used to send a user-agent string along with API requests. If
None
, then default info will be used. Generally, you only need to set this if you’re developing your own client library.
- Raises
google.auth.exceptions.MutualTLSChannelError – If mutual TLS transport creation failed for any reason.
- static access_level_path(access_policy: str, access_level: str) str [source]¶
Returns a fully-qualified access_level string.
- static access_policy_path(access_policy: str) str [source]¶
Returns a fully-qualified access_policy string.
- analyze_iam_policy(request: Optional[Union[google.cloud.asset_v1.types.asset_service.AnalyzeIamPolicyRequest, dict]] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.AnalyzeIamPolicyResponse [source]¶
Analyzes IAM policies to answer which identities have what accesses on which resources.
- Parameters
request (Union[google.cloud.asset_v1.types.AnalyzeIamPolicyRequest, dict]) – The request object. A request message for [AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy].
retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
A response message for [AssetService.AnalyzeIamPolicy][google.cloud.asset.v1.AssetService.AnalyzeIamPolicy].
- Return type
- analyze_iam_policy_longrunning(request: Optional[Union[google.cloud.asset_v1.types.asset_service.AnalyzeIamPolicyLongrunningRequest, dict]] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.api_core.operation.Operation [source]¶
Analyzes IAM policies asynchronously to answer which identities have what accesses on which resources, and writes the analysis results to a Google Cloud Storage or a BigQuery destination. For Cloud Storage destination, the output format is the JSON format that represents a [AnalyzeIamPolicyResponse][google.cloud.asset.v1.AnalyzeIamPolicyResponse]. This method implements the [google.longrunning.Operation][google.longrunning.Operation], which allows you to track the operation status. We recommend intervals of at least 2 seconds with exponential backoff retry to poll the operation result. The metadata contains the metadata for the long-running operation.
- Parameters
request (Union[google.cloud.asset_v1.types.AnalyzeIamPolicyLongrunningRequest, dict]) – The request object. A request message for [AssetService.AnalyzeIamPolicyLongrunning][google.cloud.asset.v1.AssetService.AnalyzeIamPolicyLongrunning].
retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An object representing a long-running operation.
The result type for the operation will be
google.cloud.asset_v1.types.AnalyzeIamPolicyLongrunningResponse
A response message for [AssetService.AnalyzeIamPolicyLongrunning][google.cloud.asset.v1.AssetService.AnalyzeIamPolicyLongrunning].- Return type
google.api_core.operation.Operation
- analyze_move(request: Optional[Union[google.cloud.asset_v1.types.asset_service.AnalyzeMoveRequest, dict]] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.AnalyzeMoveResponse [source]¶
Analyze moving a resource to a specified destination without kicking off the actual move. The analysis is best effort depending on the user’s permissions of viewing different hierarchical policies and configurations. The policies and configuration are subject to change before the actual resource migration takes place.
- Parameters
request (Union[google.cloud.asset_v1.types.AnalyzeMoveRequest, dict]) – The request object. The request message for performing resource move analysis.
retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
The response message for resource move analysis.
- Return type
- batch_get_assets_history(request: Optional[Union[google.cloud.asset_v1.types.asset_service.BatchGetAssetsHistoryRequest, dict]] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.BatchGetAssetsHistoryResponse [source]¶
Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.
- Parameters
request (Union[google.cloud.asset_v1.types.BatchGetAssetsHistoryRequest, dict]) – The request object. Batch get assets history request.
retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
Batch get assets history response.
- Return type
- static common_billing_account_path(billing_account: str) str [source]¶
Returns a fully-qualified billing_account string.
- static common_location_path(project: str, location: str) str [source]¶
Returns a fully-qualified location string.
- static common_organization_path(organization: str) str [source]¶
Returns a fully-qualified organization string.
- create_feed(request: Optional[Union[google.cloud.asset_v1.types.asset_service.CreateFeedRequest, dict]] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.Feed [source]¶
Creates a feed in a parent project/folder/organization to listen to its asset updates.
- Parameters
request (Union[google.cloud.asset_v1.types.CreateFeedRequest, dict]) – The request object. Create asset feed request.
parent (str) –
Required. The name of the project/folder/organization where this feed should be created in. It can only be an organization number (such as “organizations/123”), a folder number (such as “folders/123”), a project ID (such as “projects/my-project-id”)”, or a project number (such as “projects/12345”).
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.
- Return type
- delete_feed(request: Optional[Union[google.cloud.asset_v1.types.asset_service.DeleteFeedRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) None [source]¶
Deletes an asset feed.
- Parameters
request (Union[google.cloud.asset_v1.types.DeleteFeedRequest, dict]) – The request object.
name (str) –
Required. The name of the feed and it must be in the format of: projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id organizations/organization_number/feeds/feed_id
This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- export_assets(request: Optional[Union[google.cloud.asset_v1.types.asset_service.ExportAssetsRequest, dict]] = None, *, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.api_core.operation.Operation [source]¶
Exports assets with time and resource types to a given Cloud Storage location/BigQuery table. For Cloud Storage location destinations, the output format is newline-delimited JSON. Each line represents a [google.cloud.asset.v1.Asset][google.cloud.asset.v1.Asset] in the JSON format; for BigQuery table destinations, the output table stores the fields in asset proto as columns. This API implements the [google.longrunning.Operation][google.longrunning.Operation] API , which allows you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.
- Parameters
request (Union[google.cloud.asset_v1.types.ExportAssetsRequest, dict]) – The request object. Export asset request.
retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An object representing a long-running operation.
- The result type for the operation will be
google.cloud.asset_v1.types.ExportAssetsResponse
The export asset response. This message is returned by the [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation] method in the returned [google.longrunning.Operation.response][google.longrunning.Operation.response] field.
- The result type for the operation will be
- Return type
google.api_core.operation.Operation
- classmethod from_service_account_file(filename: str, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_info(info: dict, *args, **kwargs)[source]¶
- Creates an instance of this client using the provided credentials
info.
- Parameters
info (dict) – The service account private key info.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- classmethod from_service_account_json(filename: str, *args, **kwargs)¶
- Creates an instance of this client using the provided credentials
file.
- Parameters
filename (str) – The path to the service account private key json file.
args – Additional arguments to pass to the constructor.
kwargs – Additional arguments to pass to the constructor.
- Returns
The constructed client.
- Return type
- get_feed(request: Optional[Union[google.cloud.asset_v1.types.asset_service.GetFeedRequest, dict]] = None, *, name: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.Feed [source]¶
Gets details about an asset feed.
- Parameters
request (Union[google.cloud.asset_v1.types.GetFeedRequest, dict]) – The request object. Get asset feed request.
name (str) –
Required. The name of the Feed and it must be in the format of: projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id organizations/organization_number/feeds/feed_id
This corresponds to the
name
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.
- Return type
- static inventory_path(project: str, location: str, instance: str) str [source]¶
Returns a fully-qualified inventory string.
- list_assets(request: Optional[Union[google.cloud.asset_v1.types.asset_service.ListAssetsRequest, dict]] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.services.asset_service.pagers.ListAssetsPager [source]¶
Lists assets with time and resource types and returns paged results in response.
- Parameters
request (Union[google.cloud.asset_v1.types.ListAssetsRequest, dict]) – The request object. ListAssets request.
parent (str) –
Required. Name of the organization or project the assets belong to. Format: “organizations/[organization-number]” (such as “organizations/123”), “projects/[project-id]” (such as “projects/my-project-id”), or “projects/[project-number]” (such as “projects/12345”).
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
ListAssets response. Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.asset_v1.services.asset_service.pagers.ListAssetsPager
- list_feeds(request: Optional[Union[google.cloud.asset_v1.types.asset_service.ListFeedsRequest, dict]] = None, *, parent: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.ListFeedsResponse [source]¶
Lists all asset feeds in a parent project/folder/organization.
- Parameters
request (Union[google.cloud.asset_v1.types.ListFeedsRequest, dict]) – The request object. List asset feeds request.
parent (str) –
Required. The parent project/folder/organization whose feeds are to be listed. It can only be using project/folder/organization number (such as “folders/12345”)”, or a project ID (such as “projects/my-project-id”).
This corresponds to the
parent
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
- Return type
- static parse_access_level_path(path: str) Dict[str, str] [source]¶
Parses a access_level path into its component segments.
- static parse_access_policy_path(path: str) Dict[str, str] [source]¶
Parses a access_policy path into its component segments.
- static parse_common_billing_account_path(path: str) Dict[str, str] [source]¶
Parse a billing_account path into its component segments.
- static parse_common_folder_path(path: str) Dict[str, str] [source]¶
Parse a folder path into its component segments.
- static parse_common_location_path(path: str) Dict[str, str] [source]¶
Parse a location path into its component segments.
- static parse_common_organization_path(path: str) Dict[str, str] [source]¶
Parse a organization path into its component segments.
- static parse_common_project_path(path: str) Dict[str, str] [source]¶
Parse a project path into its component segments.
- static parse_feed_path(path: str) Dict[str, str] [source]¶
Parses a feed path into its component segments.
- static parse_inventory_path(path: str) Dict[str, str] [source]¶
Parses a inventory path into its component segments.
- static parse_service_perimeter_path(path: str) Dict[str, str] [source]¶
Parses a service_perimeter path into its component segments.
- search_all_iam_policies(request: Optional[Union[google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesRequest, dict]] = None, *, scope: Optional[str] = None, query: Optional[str] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.services.asset_service.pagers.SearchAllIamPoliciesPager [source]¶
Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the
cloudasset.assets.searchAllIamPolicies
permission on the desired scope, otherwise the request will be rejected.- Parameters
request (Union[google.cloud.asset_v1.types.SearchAllIamPoliciesRequest, dict]) – The request object. Search all IAM policies request.
scope (str) –
Required. A scope can be a project, a folder, or an organization. The search is limited to the IAM policies within the
scope
. The caller must be granted the`cloudasset.assets.searchAllIamPolicies
<https://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__ permission on the desired scope.The allowed values are:
projects/{PROJECT_ID} (e.g., “projects/foo-bar”)
projects/{PROJECT_NUMBER} (e.g., “projects/12345678”)
folders/{FOLDER_NUMBER} (e.g., “folders/1234567”)
organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
This corresponds to the
scope
field on therequest
instance; ifrequest
is provided, this should not be set.query (str) –
Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the IAM policies within the specified
scope
. Note that the query string is compared against each Cloud IAM policy binding, including its members, roles, and Cloud IAM conditions. The returned Cloud IAM policies will only contain the bindings that match your query. To learn more about the IAM policy structure, see IAM policy doc.Examples:
policy:amy@gmail.com
to find IAM policy bindings that specify user “amy@gmail.com”.policy:roles/compute.admin
to find IAM policy bindings that specify the Compute Admin role.policy:comp*
to find IAM policy bindings that contain “comp” as a prefix of any word in the binding.policy.role.permissions:storage.buckets.update
to find IAM policy bindings that specify a role containing “storage.buckets.update” permission. Note that if callers don’t haveiam.roles.get
access to a role’s included permissions, policy bindings that specify this role will be dropped from the search results.policy.role.permissions:upd*
to find IAM policy bindings that specify a role containing “upd” as a prefix of any word in the role permission. Note that if callers don’t haveiam.roles.get
access to a role’s included permissions, policy bindings that specify this role will be dropped from the search results.resource:organizations/123456
to find IAM policy bindings that are set on “organizations/123456”.resource=//cloudresourcemanager.googleapis.com/projects/myproject
to find IAM policy bindings that are set on the project named “myproject”.Important
to find IAM policy bindings that contain “Important” as a word in any of the searchable fields (except for the included permissions).resource:(instance1 OR instance2) policy:amy
to find IAM policy bindings that are set on resources “instance1” or “instance2” and also specify user “amy”.roles:roles/compute.admin
to find IAM policy bindings that specify the Compute Admin role.memberTypes:user
to find IAM policy bindings that contain the “user” member type.
This corresponds to the
query
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
Search all IAM policies response. Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.asset_v1.services.asset_service.pagers.SearchAllIamPoliciesPager
- search_all_resources(request: Optional[Union[google.cloud.asset_v1.types.asset_service.SearchAllResourcesRequest, dict]] = None, *, scope: Optional[str] = None, query: Optional[str] = None, asset_types: Optional[Sequence[str]] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.services.asset_service.pagers.SearchAllResourcesPager [source]¶
Searches all Cloud resources within the specified scope, such as a project, folder, or organization. The caller must be granted the
cloudasset.assets.searchAllResources
permission on the desired scope, otherwise the request will be rejected.- Parameters
request (Union[google.cloud.asset_v1.types.SearchAllResourcesRequest, dict]) – The request object. Search all resources request.
scope (str) –
Required. A scope can be a project, a folder, or an organization. The search is limited to the resources within the
scope
. The caller must be granted the`cloudasset.assets.searchAllResources
<https://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__ permission on the desired scope.The allowed values are:
projects/{PROJECT_ID} (e.g., “projects/foo-bar”)
projects/{PROJECT_NUMBER} (e.g., “projects/12345678”)
folders/{FOLDER_NUMBER} (e.g., “folders/1234567”)
organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
This corresponds to the
scope
field on therequest
instance; ifrequest
is provided, this should not be set.query (str) –
Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the resources within the specified
scope
.Examples:
name:Important
to find Cloud resources whose name contains “Important” as a word.name=Important
to find the Cloud resource whose name is exactly “Important”.displayName:Impor*
to find Cloud resources whose display name contains “Impor” as a prefix of any word in the field.location:us-west*
to find Cloud resources whose location contains both “us” and “west” as prefixes.labels:prod
to find Cloud resources whose labels contain “prod” as a key or value.labels.env:prod
to find Cloud resources that have a label “env” and its value is “prod”.labels.env:*
to find Cloud resources that have a label “env”.kmsKey:key
to find Cloud resources encrypted with a customer-managed encryption key whose name contains the word “key”.state:ACTIVE
to find Cloud resources whose state contains “ACTIVE” as a word.NOT state:ACTIVE
to find Cloud resources whose state doesn’t contain “ACTIVE” as a word.createTime<1609459200
to find Cloud resources that were created before “2021-01-01 00:00:00 UTC”. 1609459200 is the epoch timestamp of “2021-01-01 00:00:00 UTC” in seconds.updateTime>1609459200
to find Cloud resources that were updated after “2021-01-01 00:00:00 UTC”. 1609459200 is the epoch timestamp of “2021-01-01 00:00:00 UTC” in seconds.Important
to find Cloud resources that contain “Important” as a word in any of the searchable fields.Impor*
to find Cloud resources that contain “Impor” as a prefix of any word in any of the searchable fields.Important location:(us-west1 OR global)
to find Cloud resources that contain “Important” as a word in any of the searchable fields and are also located in the “us-west1” region or the “global” location.
This corresponds to the
query
field on therequest
instance; ifrequest
is provided, this should not be set.asset_types (Sequence[str]) –
Optional. A list of asset types that this request searches for. If empty, it will search all the searchable asset types.
Regular expressions are also supported. For example:
”compute.googleapis.com.*” snapshots resources whose asset type starts with “compute.googleapis.com”.
”.*Instance” snapshots resources whose asset type ends with “Instance”.
”.*Instance.*” snapshots resources whose asset type contains “Instance”.
See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.
This corresponds to the
asset_types
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
Search all resources response. Iterating over this object will yield results and resolve additional pages automatically.
- Return type
google.cloud.asset_v1.services.asset_service.pagers.SearchAllResourcesPager
- static service_perimeter_path(access_policy: str, service_perimeter: str) str [source]¶
Returns a fully-qualified service_perimeter string.
- property transport: google.cloud.asset_v1.services.asset_service.transports.base.AssetServiceTransport¶
Returns the transport used by the client instance.
- Returns
- The transport used by the client
instance.
- Return type
AssetServiceTransport
- update_feed(request: Optional[Union[google.cloud.asset_v1.types.asset_service.UpdateFeedRequest, dict]] = None, *, feed: Optional[google.cloud.asset_v1.types.asset_service.Feed] = None, retry: google.api_core.retry.Retry = <object object>, timeout: Optional[float] = None, metadata: Sequence[Tuple[str, str]] = ()) google.cloud.asset_v1.types.asset_service.Feed [source]¶
Updates an asset feed configuration.
- Parameters
request (Union[google.cloud.asset_v1.types.UpdateFeedRequest, dict]) – The request object. Update asset feed request.
feed (google.cloud.asset_v1.types.Feed) –
Required. The new values of feed details. It must match an existing feed and the field
name
must be in the format of: projects/project_number/feeds/feed_id or folders/folder_number/feeds/feed_id or organizations/organization_number/feeds/feed_id.This corresponds to the
feed
field on therequest
instance; ifrequest
is provided, this should not be set.retry (google.api_core.retry.Retry) – Designation of what errors, if any, should be retried.
timeout (float) – The timeout for this request.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- Returns
An asset feed used to export asset updates to a destinations. An asset feed filter controls what updates are exported. The asset feed must be created within a project, organization, or folder. Supported destinations are: Pub/Sub topics.
- Return type
- class google.cloud.asset_v1.services.asset_service.pagers.ListAssetsAsyncPager(method: Callable[[...], Awaitable[google.cloud.asset_v1.types.asset_service.ListAssetsResponse]], request: google.cloud.asset_v1.types.asset_service.ListAssetsRequest, response: google.cloud.asset_v1.types.asset_service.ListAssetsResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
list_assets
requests.This class thinly wraps an initial
google.cloud.asset_v1.types.ListAssetsResponse
object, and provides an__aiter__
method to iterate through itsassets
field.If there are more pages, the
__aiter__
method will make additionalListAssets
requests and continue to iterate through theassets
field on the corresponding responses.All the usual
google.cloud.asset_v1.types.ListAssetsResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiates the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.asset_v1.types.ListAssetsRequest) – The initial request object.
response (google.cloud.asset_v1.types.ListAssetsResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.asset_v1.services.asset_service.pagers.ListAssetsPager(method: Callable[[...], google.cloud.asset_v1.types.asset_service.ListAssetsResponse], request: google.cloud.asset_v1.types.asset_service.ListAssetsRequest, response: google.cloud.asset_v1.types.asset_service.ListAssetsResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
list_assets
requests.This class thinly wraps an initial
google.cloud.asset_v1.types.ListAssetsResponse
object, and provides an__iter__
method to iterate through itsassets
field.If there are more pages, the
__iter__
method will make additionalListAssets
requests and continue to iterate through theassets
field on the corresponding responses.All the usual
google.cloud.asset_v1.types.ListAssetsResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiate the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.asset_v1.types.ListAssetsRequest) – The initial request object.
response (google.cloud.asset_v1.types.ListAssetsResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.asset_v1.services.asset_service.pagers.SearchAllIamPoliciesAsyncPager(method: Callable[[...], Awaitable[google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesResponse]], request: google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesRequest, response: google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
search_all_iam_policies
requests.This class thinly wraps an initial
google.cloud.asset_v1.types.SearchAllIamPoliciesResponse
object, and provides an__aiter__
method to iterate through itsresults
field.If there are more pages, the
__aiter__
method will make additionalSearchAllIamPolicies
requests and continue to iterate through theresults
field on the corresponding responses.All the usual
google.cloud.asset_v1.types.SearchAllIamPoliciesResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiates the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.asset_v1.types.SearchAllIamPoliciesRequest) – The initial request object.
response (google.cloud.asset_v1.types.SearchAllIamPoliciesResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.asset_v1.services.asset_service.pagers.SearchAllIamPoliciesPager(method: Callable[[...], google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesResponse], request: google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesRequest, response: google.cloud.asset_v1.types.asset_service.SearchAllIamPoliciesResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
search_all_iam_policies
requests.This class thinly wraps an initial
google.cloud.asset_v1.types.SearchAllIamPoliciesResponse
object, and provides an__iter__
method to iterate through itsresults
field.If there are more pages, the
__iter__
method will make additionalSearchAllIamPolicies
requests and continue to iterate through theresults
field on the corresponding responses.All the usual
google.cloud.asset_v1.types.SearchAllIamPoliciesResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiate the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.asset_v1.types.SearchAllIamPoliciesRequest) – The initial request object.
response (google.cloud.asset_v1.types.SearchAllIamPoliciesResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.asset_v1.services.asset_service.pagers.SearchAllResourcesAsyncPager(method: Callable[[...], Awaitable[google.cloud.asset_v1.types.asset_service.SearchAllResourcesResponse]], request: google.cloud.asset_v1.types.asset_service.SearchAllResourcesRequest, response: google.cloud.asset_v1.types.asset_service.SearchAllResourcesResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
search_all_resources
requests.This class thinly wraps an initial
google.cloud.asset_v1.types.SearchAllResourcesResponse
object, and provides an__aiter__
method to iterate through itsresults
field.If there are more pages, the
__aiter__
method will make additionalSearchAllResources
requests and continue to iterate through theresults
field on the corresponding responses.All the usual
google.cloud.asset_v1.types.SearchAllResourcesResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiates the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.asset_v1.types.SearchAllResourcesRequest) – The initial request object.
response (google.cloud.asset_v1.types.SearchAllResourcesResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.
- class google.cloud.asset_v1.services.asset_service.pagers.SearchAllResourcesPager(method: Callable[[...], google.cloud.asset_v1.types.asset_service.SearchAllResourcesResponse], request: google.cloud.asset_v1.types.asset_service.SearchAllResourcesRequest, response: google.cloud.asset_v1.types.asset_service.SearchAllResourcesResponse, *, metadata: Sequence[Tuple[str, str]] = ())[source]¶
A pager for iterating through
search_all_resources
requests.This class thinly wraps an initial
google.cloud.asset_v1.types.SearchAllResourcesResponse
object, and provides an__iter__
method to iterate through itsresults
field.If there are more pages, the
__iter__
method will make additionalSearchAllResources
requests and continue to iterate through theresults
field on the corresponding responses.All the usual
google.cloud.asset_v1.types.SearchAllResourcesResponse
attributes are available on the pager. If multiple requests are made, only the most recent response is retained, and thus used for attribute lookup.Instantiate the pager.
- Parameters
method (Callable) – The method that was originally called, and which instantiated this pager.
request (google.cloud.asset_v1.types.SearchAllResourcesRequest) – The initial request object.
response (google.cloud.asset_v1.types.SearchAllResourcesResponse) – The initial response object.
metadata (Sequence[Tuple[str, str]]) – Strings which should be sent along with the request as metadata.