1// Copyright 2022 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.asset.v1p1beta1; 18 19import "google/iam/v1/policy.proto"; 20 21option cc_enable_arenas = true; 22option csharp_namespace = "Google.Cloud.Asset.V1P1Beta1"; 23option go_package = "cloud.google.com/go/asset/apiv1p1beta1/assetpb;assetpb"; 24option java_multiple_files = true; 25option java_outer_classname = "AssetProto"; 26option java_package = "com.google.cloud.asset.v1p1beta1"; 27option php_namespace = "Google\\Cloud\\Asset\\V1p1beta1"; 28 29// The standard metadata of a cloud resource. 30message StandardResourceMetadata { 31 // The full resource name. For example: 32 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. 33 // See [Resource 34 // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) 35 // for more information. 36 string name = 1; 37 38 // The type of this resource. 39 // For example: "compute.googleapis.com/Disk". 40 string asset_type = 2; 41 42 // The project that this resource belongs to, in the form of 43 // `projects/{project_number}`. 44 string project = 3; 45 46 // The display name of this resource. 47 string display_name = 4; 48 49 // One or more paragraphs of text description of this resource. Maximum length 50 // could be up to 1M bytes. 51 string description = 5; 52 53 // Additional searchable attributes of this resource. 54 // Informational only. The exact set of attributes is subject to change. 55 // For example: project id, DNS name etc. 56 repeated string additional_attributes = 10; 57 58 // Location can be "global", regional like "us-east1", or zonal like 59 // "us-west1-b". 60 string location = 11; 61 62 // Labels associated with this resource. See [Labelling and grouping Google 63 // Cloud 64 // resources](https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) 65 // for more information. 66 map<string, string> labels = 12; 67 68 // Network tags associated with this resource. Like labels, network tags are a 69 // type of annotations used to group Google Cloud resources. See [Labelling 70 // Google Cloud 71 // resources](lhttps://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) 72 // for more information. 73 repeated string network_tags = 13; 74} 75 76// The result for an IAM policy search. 77message IamPolicySearchResult { 78 // Explanation about the IAM policy search result. 79 message Explanation { 80 // The map from roles to their included permission matching the permission 81 // query (e.g. containing `policy.role.permissions:`). Example role string: 82 // "roles/compute.instanceAdmin". The roles can also be found in the 83 // returned `policy` bindings. Note that the map is populated only if 84 // requesting with a permission query. 85 map<string, Permissions> matched_permissions = 1; 86 } 87 88 // The 89 // [full resource 90 // name](https://cloud.google.com/apis/design/resource_names#full_resource_name) 91 // of the resource associated with this IAM policy. 92 string resource = 1; 93 94 // The project that the associated Google Cloud resource belongs to, in the 95 // form of `projects/{project_number}`. If an IAM policy is set on a resource 96 // -- such as a Compute Engine instance or a Cloud Storage bucket -- the 97 // project field will indicate the project that contains the resource. If an 98 // IAM policy is set on a folder or orgnization, the project field will be 99 // empty. 100 string project = 3; 101 102 // The IAM policy attached to the specified resource. Note that the original 103 // IAM policy can contain multiple bindings. This only contains the bindings 104 // that match the given query. For queries that don't contain a constraint on 105 // policies (e.g. an empty query), this contains all the bindings. 106 google.iam.v1.Policy policy = 4; 107 108 // Explanation about the IAM policy search result. It contains additional 109 // information that explains why the search result matches the query. 110 Explanation explanation = 5; 111} 112 113// IAM permissions. 114message Permissions { 115 // A list of permissions. Example permission string: "compute.disk.get". 116 repeated string permissions = 1; 117} 118