1// Copyright 2022 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.asset.v1p1beta1; 18 19import "google/api/annotations.proto"; 20import "google/api/client.proto"; 21import "google/api/field_behavior.proto"; 22import "google/cloud/asset/v1p1beta1/assets.proto"; 23 24option csharp_namespace = "Google.Cloud.Asset.V1P1Beta1"; 25option go_package = "cloud.google.com/go/asset/apiv1p1beta1/assetpb;assetpb"; 26option java_multiple_files = true; 27option java_outer_classname = "AssetServiceProto"; 28option java_package = "com.google.cloud.asset.v1p1beta1"; 29option php_namespace = "Google\\Cloud\\Asset\\V1p1beta1"; 30 31// Asset service definition. 32service AssetService { 33 option (google.api.default_host) = "cloudasset.googleapis.com"; 34 option (google.api.oauth_scopes) = 35 "https://www.googleapis.com/auth/cloud-platform"; 36 37 // Searches all the resources within a given accessible Resource Manager scope 38 // (project/folder/organization). This RPC gives callers especially 39 // administrators the ability to search all the resources within a scope, even 40 // if they don't have `.get` permission of all the resources. Callers should 41 // have `cloud.assets.SearchAllResources` permission on the requested scope, 42 // otherwise the request will be rejected. 43 rpc SearchAllResources(SearchAllResourcesRequest) 44 returns (SearchAllResourcesResponse) { 45 option (google.api.http) = { 46 get: "/v1p1beta1/{scope=*/*}/resources:searchAll" 47 }; 48 option (google.api.method_signature) = "scope,query,asset_types"; 49 } 50 51 // Searches all the IAM policies within a given accessible Resource Manager 52 // scope (project/folder/organization). This RPC gives callers especially 53 // administrators the ability to search all the IAM policies within a scope, 54 // even if they don't have `.getIamPolicy` permission of all the IAM policies. 55 // Callers should have `cloud.assets.SearchAllIamPolicies` permission on the 56 // requested scope, otherwise the request will be rejected. 57 rpc SearchAllIamPolicies(SearchAllIamPoliciesRequest) 58 returns (SearchAllIamPoliciesResponse) { 59 option (google.api.http) = { 60 get: "/v1p1beta1/{scope=*/*}/iamPolicies:searchAll" 61 }; 62 option (google.api.method_signature) = "scope,query"; 63 } 64} 65 66// Search all resources request. 67message SearchAllResourcesRequest { 68 // Required. The relative name of an asset. The search is limited to the 69 // resources within the `scope`. The allowed value must be: 70 // 71 // * Organization number (such as "organizations/123") 72 // * Folder number (such as "folders/1234") 73 // * Project number (such as "projects/12345") 74 // * Project ID (such as "projects/abc") 75 string scope = 1 [(google.api.field_behavior) = REQUIRED]; 76 77 // Optional. The query statement. 78 string query = 2 [(google.api.field_behavior) = OPTIONAL]; 79 80 // Optional. A list of asset types that this request searches for. If empty, 81 // it will search all the supported asset types. 82 repeated string asset_types = 3 [(google.api.field_behavior) = OPTIONAL]; 83 84 // Optional. The page size for search result pagination. Page size is capped 85 // at 500 even if a larger value is given. If set to zero, server will pick an 86 // appropriate default. Returned results may be fewer than requested. When 87 // this happens, there could be more results as long as `next_page_token` is 88 // returned. 89 int32 page_size = 4 [(google.api.field_behavior) = OPTIONAL]; 90 91 // Optional. If present, then retrieve the next batch of results from the 92 // preceding call to this method. `page_token` must be the value of 93 // `next_page_token` from the previous response. The values of all other 94 // method parameters, must be identical to those in the previous call. 95 string page_token = 5 [(google.api.field_behavior) = OPTIONAL]; 96 97 // Optional. A comma separated list of fields specifying the sorting order of 98 // the results. The default order is ascending. Add ` DESC` after the field 99 // name to indicate descending order. Redundant space characters are ignored. 100 // For example, ` location DESC , name `. 101 string order_by = 10 [(google.api.field_behavior) = OPTIONAL]; 102} 103 104// Search all resources response. 105message SearchAllResourcesResponse { 106 // A list of resource that match the search query. 107 repeated StandardResourceMetadata results = 1; 108 109 // If there are more results than those appearing in this response, then 110 // `next_page_token` is included. To get the next set of results, call this 111 // method again using the value of `next_page_token` as `page_token`. 112 string next_page_token = 2; 113} 114 115// Search all IAM policies request. 116message SearchAllIamPoliciesRequest { 117 // Required. The relative name of an asset. The search is limited to the 118 // resources within the `scope`. The allowed value must be: 119 // 120 // * Organization number (such as "organizations/123") 121 // * Folder number (such as "folders/1234") 122 // * Project number (such as "projects/12345") 123 // * Project ID (such as "projects/abc") 124 string scope = 1 [(google.api.field_behavior) = REQUIRED]; 125 126 // Optional. The query statement. Examples: 127 // 128 // * "policy:[email protected]" 129 // * "policy:([email protected] viewer)" 130 string query = 2 [(google.api.field_behavior) = OPTIONAL]; 131 132 // Optional. The page size for search result pagination. Page size is capped 133 // at 500 even if a larger value is given. If set to zero, server will pick an 134 // appropriate default. Returned results may be fewer than requested. When 135 // this happens, there could be more results as long as `next_page_token` is 136 // returned. 137 int32 page_size = 3 [(google.api.field_behavior) = OPTIONAL]; 138 139 // Optional. If present, retrieve the next batch of results from the preceding 140 // call to this method. `page_token` must be the value of `next_page_token` 141 // from the previous response. The values of all other method parameters must 142 // be identical to those in the previous call. 143 string page_token = 4 [(google.api.field_behavior) = OPTIONAL]; 144} 145 146// Search all IAM policies response. 147message SearchAllIamPoliciesResponse { 148 // A list of IAM policies that match the search query. Related information 149 // such as the associated resource is returned along with the policy. 150 repeated IamPolicySearchResult results = 1; 151 152 // Set if there are more results than those appearing in this response; to get 153 // the next set of results, call this method again, using this value as the 154 // `page_token`. 155 string next_page_token = 2; 156} 157