1// Copyright 2019 Google LLC. 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14// 15 16syntax = "proto3"; 17 18package google.cloud.asset.v1p2beta1; 19 20import "google/iam/v1/policy.proto"; 21import "google/protobuf/struct.proto"; 22import "google/protobuf/timestamp.proto"; 23 24option cc_enable_arenas = true; 25option csharp_namespace = "Google.Cloud.Asset.v1p2beta1"; 26option go_package = "cloud.google.com/go/asset/apiv1p2beta1/assetpb;assetpb"; 27option java_multiple_files = true; 28option java_outer_classname = "AssetProto"; 29option java_package = "com.google.cloud.asset.v1p2beta1"; 30option php_namespace = "Google\\Cloud\\Asset\\V1p2beta1"; 31 32// Temporal asset. In addition to the asset, the temporal asset includes the 33// status of the asset and valid from and to time of it. 34message TemporalAsset { 35 // The time window when the asset data and state was observed. 36 TimeWindow window = 1; 37 38 // If the asset is deleted or not. 39 bool deleted = 2; 40 41 // Asset. 42 Asset asset = 3; 43} 44 45// A time window of (start_time, end_time]. 46message TimeWindow { 47 // Start time of the time window (exclusive). 48 google.protobuf.Timestamp start_time = 1; 49 50 // End time of the time window (inclusive). 51 // Current timestamp if not specified. 52 google.protobuf.Timestamp end_time = 2; 53} 54 55// Cloud asset. This includes all Google Cloud Platform resources, 56// Cloud IAM policies, and other non-GCP assets. 57message Asset { 58 // The full name of the asset. For example: 59 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`. 60 // See [Resource 61 // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) 62 // for more information. 63 string name = 1; 64 65 // Type of the asset. Example: "compute.googleapis.com/Disk". 66 string asset_type = 2; 67 68 // Representation of the resource. 69 Resource resource = 3; 70 71 // Representation of the actual Cloud IAM policy set on a cloud resource. For 72 // each resource, there must be at most one Cloud IAM policy set on it. 73 google.iam.v1.Policy iam_policy = 4; 74 75 // Asset's ancestry path in Cloud Resource Manager (CRM) hierarchy, 76 // represented as a list of relative resource names. Ancestry path starts with 77 // the closest CRM ancestor and ends at root. If the asset is a CRM 78 // project/folder/organization, this starts from the asset itself. 79 // 80 // Example: ["projects/123456789", "folders/5432", "organizations/1234"] 81 repeated string ancestors = 6; 82} 83 84// Representation of a cloud resource. 85message Resource { 86 // The API version. Example: "v1". 87 string version = 1; 88 89 // The URL of the discovery document containing the resource's JSON schema. 90 // For example: 91 // `"https://www.googleapis.com/discovery/v1/apis/compute/v1/rest"`. 92 // It will be left unspecified for resources without a discovery-based API, 93 // such as Cloud Bigtable. 94 string discovery_document_uri = 2; 95 96 // The JSON schema name listed in the discovery document. 97 // Example: "Project". It will be left unspecified for resources (such as 98 // Cloud Bigtable) without a discovery-based API. 99 string discovery_name = 3; 100 101 // The REST URL for accessing the resource. An HTTP GET operation using this 102 // URL returns the resource itself. 103 // Example: 104 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123`. 105 // It will be left unspecified for resources without a REST API. 106 string resource_url = 4; 107 108 // The full name of the immediate parent of this resource. See 109 // [Resource 110 // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) 111 // for more information. 112 // 113 // For GCP assets, it is the parent resource defined in the [Cloud IAM policy 114 // hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). 115 // For example: 116 // `"//cloudresourcemanager.googleapis.com/projects/my_project_123"`. 117 // 118 // For third-party assets, it is up to the users to define. 119 string parent = 5; 120 121 // The content of the resource, in which some sensitive fields are scrubbed 122 // away and may not be present. 123 google.protobuf.Struct data = 6; 124} 125