1*d5c09012SAndroid Build Coastguard Worker// Copyright 2023 Google LLC 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 16*d5c09012SAndroid Build Coastguard Worker 17*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.asset.v1p7beta1; 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Workerimport "google/api/resource.proto"; 20*d5c09012SAndroid Build Coastguard Workerimport "google/cloud/orgpolicy/v1/orgpolicy.proto"; 21*d5c09012SAndroid Build Coastguard Workerimport "google/iam/v1/policy.proto"; 22*d5c09012SAndroid Build Coastguard Workerimport "google/identity/accesscontextmanager/v1/access_level.proto"; 23*d5c09012SAndroid Build Coastguard Workerimport "google/identity/accesscontextmanager/v1/access_policy.proto"; 24*d5c09012SAndroid Build Coastguard Workerimport "google/identity/accesscontextmanager/v1/service_perimeter.proto"; 25*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/struct.proto"; 26*d5c09012SAndroid Build Coastguard Workerimport "google/protobuf/timestamp.proto"; 27*d5c09012SAndroid Build Coastguard Worker 28*d5c09012SAndroid Build Coastguard Workeroption cc_enable_arenas = true; 29*d5c09012SAndroid Build Coastguard Workeroption csharp_namespace = "Google.Cloud.Asset.V1P7Beta1"; 30*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/asset/apiv1p7beta1/assetpb;assetpb"; 31*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 32*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "AssetProto"; 33*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.asset.v1p7beta1"; 34*d5c09012SAndroid Build Coastguard Workeroption php_namespace = "Google\\Cloud\\Asset\\V1p7beta1"; 35*d5c09012SAndroid Build Coastguard Worker 36*d5c09012SAndroid Build Coastguard Worker// The Cloud Asset API. 37*d5c09012SAndroid Build Coastguard Worker 38*d5c09012SAndroid Build Coastguard Worker// An asset in Google Cloud. An asset can be any resource in the Google Cloud 39*d5c09012SAndroid Build Coastguard Worker// [resource 40*d5c09012SAndroid Build Coastguard Worker// hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 41*d5c09012SAndroid Build Coastguard Worker// a resource outside the Google Cloud resource hierarchy (such as Google 42*d5c09012SAndroid Build Coastguard Worker// Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). 43*d5c09012SAndroid Build Coastguard Worker// See [Supported asset 44*d5c09012SAndroid Build Coastguard Worker// types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) 45*d5c09012SAndroid Build Coastguard Worker// for more information. 46*d5c09012SAndroid Build Coastguard Workermessage Asset { 47*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 48*d5c09012SAndroid Build Coastguard Worker type: "cloudasset.googleapis.com/Asset" 49*d5c09012SAndroid Build Coastguard Worker pattern: "*" 50*d5c09012SAndroid Build Coastguard Worker }; 51*d5c09012SAndroid Build Coastguard Worker 52*d5c09012SAndroid Build Coastguard Worker // The last update timestamp of an asset. update_time is updated when 53*d5c09012SAndroid Build Coastguard Worker // create/update/delete operation is performed. 54*d5c09012SAndroid Build Coastguard Worker google.protobuf.Timestamp update_time = 11; 55*d5c09012SAndroid Build Coastguard Worker 56*d5c09012SAndroid Build Coastguard Worker // The full name of the asset. Example: 57*d5c09012SAndroid Build Coastguard Worker // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` 58*d5c09012SAndroid Build Coastguard Worker // 59*d5c09012SAndroid Build Coastguard Worker // See [Resource 60*d5c09012SAndroid Build Coastguard Worker // names](https://cloud.google.com/apis/design/resource_names#full_resource_name) 61*d5c09012SAndroid Build Coastguard Worker // for more information. 62*d5c09012SAndroid Build Coastguard Worker string name = 1; 63*d5c09012SAndroid Build Coastguard Worker 64*d5c09012SAndroid Build Coastguard Worker // The type of the asset. Example: `compute.googleapis.com/Disk` 65*d5c09012SAndroid Build Coastguard Worker // 66*d5c09012SAndroid Build Coastguard Worker // See [Supported asset 67*d5c09012SAndroid Build Coastguard Worker // types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) 68*d5c09012SAndroid Build Coastguard Worker // for more information. 69*d5c09012SAndroid Build Coastguard Worker string asset_type = 2; 70*d5c09012SAndroid Build Coastguard Worker 71*d5c09012SAndroid Build Coastguard Worker // A representation of the resource. 72*d5c09012SAndroid Build Coastguard Worker Resource resource = 3; 73*d5c09012SAndroid Build Coastguard Worker 74*d5c09012SAndroid Build Coastguard Worker // A representation of the IAM policy set on a Google Cloud resource. 75*d5c09012SAndroid Build Coastguard Worker // There can be a maximum of one IAM policy set on any given resource. 76*d5c09012SAndroid Build Coastguard Worker // In addition, IAM policies inherit their granted access scope from any 77*d5c09012SAndroid Build Coastguard Worker // policies set on parent resources in the resource hierarchy. Therefore, the 78*d5c09012SAndroid Build Coastguard Worker // effectively policy is the union of both the policy set on this resource 79*d5c09012SAndroid Build Coastguard Worker // and each policy set on all of the resource's ancestry resource levels in 80*d5c09012SAndroid Build Coastguard Worker // the hierarchy. See 81*d5c09012SAndroid Build Coastguard Worker // [this topic](https://cloud.google.com/iam/help/allow-policies/inheritance) 82*d5c09012SAndroid Build Coastguard Worker // for more information. 83*d5c09012SAndroid Build Coastguard Worker google.iam.v1.Policy iam_policy = 4; 84*d5c09012SAndroid Build Coastguard Worker 85*d5c09012SAndroid Build Coastguard Worker // A representation of an [organization 86*d5c09012SAndroid Build Coastguard Worker // policy](https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). 87*d5c09012SAndroid Build Coastguard Worker // There can be more than one organization policy with different constraints 88*d5c09012SAndroid Build Coastguard Worker // set on a given resource. 89*d5c09012SAndroid Build Coastguard Worker repeated google.cloud.orgpolicy.v1.Policy org_policy = 6; 90*d5c09012SAndroid Build Coastguard Worker 91*d5c09012SAndroid Build Coastguard Worker // A representation of an [access 92*d5c09012SAndroid Build Coastguard Worker // policy](https://cloud.google.com/access-context-manager/docs/overview#access-policies). 93*d5c09012SAndroid Build Coastguard Worker oneof access_context_policy { 94*d5c09012SAndroid Build Coastguard Worker // Please also refer to the [access policy user 95*d5c09012SAndroid Build Coastguard Worker // guide](https://cloud.google.com/access-context-manager/docs/overview#access-policies). 96*d5c09012SAndroid Build Coastguard Worker google.identity.accesscontextmanager.v1.AccessPolicy access_policy = 7; 97*d5c09012SAndroid Build Coastguard Worker 98*d5c09012SAndroid Build Coastguard Worker // Please also refer to the [access level user 99*d5c09012SAndroid Build Coastguard Worker // guide](https://cloud.google.com/access-context-manager/docs/overview#access-levels). 100*d5c09012SAndroid Build Coastguard Worker google.identity.accesscontextmanager.v1.AccessLevel access_level = 8; 101*d5c09012SAndroid Build Coastguard Worker 102*d5c09012SAndroid Build Coastguard Worker // Please also refer to the [service perimeter user 103*d5c09012SAndroid Build Coastguard Worker // guide](https://cloud.google.com/vpc-service-controls/docs/overview). 104*d5c09012SAndroid Build Coastguard Worker google.identity.accesscontextmanager.v1.ServicePerimeter service_perimeter = 105*d5c09012SAndroid Build Coastguard Worker 9; 106*d5c09012SAndroid Build Coastguard Worker } 107*d5c09012SAndroid Build Coastguard Worker 108*d5c09012SAndroid Build Coastguard Worker // The related assets of the asset of one relationship type. 109*d5c09012SAndroid Build Coastguard Worker // One asset only represents one type of relationship. 110*d5c09012SAndroid Build Coastguard Worker RelatedAssets related_assets = 13; 111*d5c09012SAndroid Build Coastguard Worker 112*d5c09012SAndroid Build Coastguard Worker // The ancestry path of an asset in Google Cloud [resource 113*d5c09012SAndroid Build Coastguard Worker // hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 114*d5c09012SAndroid Build Coastguard Worker // represented as a list of relative resource names. An ancestry path starts 115*d5c09012SAndroid Build Coastguard Worker // with the closest ancestor in the hierarchy and ends at root. If the asset 116*d5c09012SAndroid Build Coastguard Worker // is a project, folder, or organization, the ancestry path starts from the 117*d5c09012SAndroid Build Coastguard Worker // asset itself. 118*d5c09012SAndroid Build Coastguard Worker // 119*d5c09012SAndroid Build Coastguard Worker // Example: `["projects/123456789", "folders/5432", "organizations/1234"]` 120*d5c09012SAndroid Build Coastguard Worker repeated string ancestors = 10; 121*d5c09012SAndroid Build Coastguard Worker} 122*d5c09012SAndroid Build Coastguard Worker 123*d5c09012SAndroid Build Coastguard Worker// A representation of a Google Cloud resource. 124*d5c09012SAndroid Build Coastguard Workermessage Resource { 125*d5c09012SAndroid Build Coastguard Worker // The API version. Example: `v1` 126*d5c09012SAndroid Build Coastguard Worker string version = 1; 127*d5c09012SAndroid Build Coastguard Worker 128*d5c09012SAndroid Build Coastguard Worker // The URL of the discovery document containing the resource's JSON schema. 129*d5c09012SAndroid Build Coastguard Worker // Example: 130*d5c09012SAndroid Build Coastguard Worker // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` 131*d5c09012SAndroid Build Coastguard Worker // 132*d5c09012SAndroid Build Coastguard Worker // This value is unspecified for resources that do not have an API based on a 133*d5c09012SAndroid Build Coastguard Worker // discovery document, such as Cloud Bigtable. 134*d5c09012SAndroid Build Coastguard Worker string discovery_document_uri = 2; 135*d5c09012SAndroid Build Coastguard Worker 136*d5c09012SAndroid Build Coastguard Worker // The JSON schema name listed in the discovery document. Example: 137*d5c09012SAndroid Build Coastguard Worker // `Project` 138*d5c09012SAndroid Build Coastguard Worker // 139*d5c09012SAndroid Build Coastguard Worker // This value is unspecified for resources that do not have an API based on a 140*d5c09012SAndroid Build Coastguard Worker // discovery document, such as Cloud Bigtable. 141*d5c09012SAndroid Build Coastguard Worker string discovery_name = 3; 142*d5c09012SAndroid Build Coastguard Worker 143*d5c09012SAndroid Build Coastguard Worker // The REST URL for accessing the resource. An HTTP `GET` request using this 144*d5c09012SAndroid Build Coastguard Worker // URL returns the resource itself. Example: 145*d5c09012SAndroid Build Coastguard Worker // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` 146*d5c09012SAndroid Build Coastguard Worker // 147*d5c09012SAndroid Build Coastguard Worker // This value is unspecified for resources without a REST API. 148*d5c09012SAndroid Build Coastguard Worker string resource_url = 4; 149*d5c09012SAndroid Build Coastguard Worker 150*d5c09012SAndroid Build Coastguard Worker // The full name of the immediate parent of this resource. See 151*d5c09012SAndroid Build Coastguard Worker // [Resource 152*d5c09012SAndroid Build Coastguard Worker // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name) 153*d5c09012SAndroid Build Coastguard Worker // for more information. 154*d5c09012SAndroid Build Coastguard Worker // 155*d5c09012SAndroid Build Coastguard Worker // For Google Cloud assets, this value is the parent resource defined in the 156*d5c09012SAndroid Build Coastguard Worker // [IAM policy 157*d5c09012SAndroid Build Coastguard Worker // hierarchy](https://cloud.google.com/iam/docs/overview#policy_hierarchy). 158*d5c09012SAndroid Build Coastguard Worker // Example: 159*d5c09012SAndroid Build Coastguard Worker // `//cloudresourcemanager.googleapis.com/projects/my_project_123` 160*d5c09012SAndroid Build Coastguard Worker // 161*d5c09012SAndroid Build Coastguard Worker // For third-party assets, this field may be set differently. 162*d5c09012SAndroid Build Coastguard Worker string parent = 5; 163*d5c09012SAndroid Build Coastguard Worker 164*d5c09012SAndroid Build Coastguard Worker // The content of the resource, in which some sensitive fields are removed 165*d5c09012SAndroid Build Coastguard Worker // and may not be present. 166*d5c09012SAndroid Build Coastguard Worker google.protobuf.Struct data = 6; 167*d5c09012SAndroid Build Coastguard Worker 168*d5c09012SAndroid Build Coastguard Worker // The location of the resource in Google Cloud, such as its zone and region. 169*d5c09012SAndroid Build Coastguard Worker // For more information, see https://cloud.google.com/about/locations/. 170*d5c09012SAndroid Build Coastguard Worker string location = 8; 171*d5c09012SAndroid Build Coastguard Worker} 172*d5c09012SAndroid Build Coastguard Worker 173*d5c09012SAndroid Build Coastguard Worker// The detailed related assets with the `relationship_type`. 174*d5c09012SAndroid Build Coastguard Workermessage RelatedAssets { 175*d5c09012SAndroid Build Coastguard Worker // The detailed relation attributes. 176*d5c09012SAndroid Build Coastguard Worker RelationshipAttributes relationship_attributes = 1; 177*d5c09012SAndroid Build Coastguard Worker 178*d5c09012SAndroid Build Coastguard Worker // The peer resources of the relationship. 179*d5c09012SAndroid Build Coastguard Worker repeated RelatedAsset assets = 2; 180*d5c09012SAndroid Build Coastguard Worker} 181*d5c09012SAndroid Build Coastguard Worker 182*d5c09012SAndroid Build Coastguard Worker// The relationship attributes which include `type`, `source_resource_type`, 183*d5c09012SAndroid Build Coastguard Worker// `target_resource_type` and `action`. 184*d5c09012SAndroid Build Coastguard Workermessage RelationshipAttributes { 185*d5c09012SAndroid Build Coastguard Worker // The unique identifier of the relationship type. Example: 186*d5c09012SAndroid Build Coastguard Worker // `INSTANCE_TO_INSTANCEGROUP` 187*d5c09012SAndroid Build Coastguard Worker string type = 4; 188*d5c09012SAndroid Build Coastguard Worker 189*d5c09012SAndroid Build Coastguard Worker // The source asset type. Example: `compute.googleapis.com/Instance` 190*d5c09012SAndroid Build Coastguard Worker string source_resource_type = 1; 191*d5c09012SAndroid Build Coastguard Worker 192*d5c09012SAndroid Build Coastguard Worker // The target asset type. Example: `compute.googleapis.com/Disk` 193*d5c09012SAndroid Build Coastguard Worker string target_resource_type = 2; 194*d5c09012SAndroid Build Coastguard Worker 195*d5c09012SAndroid Build Coastguard Worker // The detail of the relationship, e.g. `contains`, `attaches` 196*d5c09012SAndroid Build Coastguard Worker string action = 3; 197*d5c09012SAndroid Build Coastguard Worker} 198*d5c09012SAndroid Build Coastguard Worker 199*d5c09012SAndroid Build Coastguard Worker// An asset identify in Google Cloud which contains its name, type and 200*d5c09012SAndroid Build Coastguard Worker// ancestors. An asset can be any resource in the Google Cloud [resource 201*d5c09012SAndroid Build Coastguard Worker// hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 202*d5c09012SAndroid Build Coastguard Worker// a resource outside the Google Cloud resource hierarchy (such as Google 203*d5c09012SAndroid Build Coastguard Worker// Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). 204*d5c09012SAndroid Build Coastguard Worker// See [Supported asset 205*d5c09012SAndroid Build Coastguard Worker// types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) 206*d5c09012SAndroid Build Coastguard Worker// for more information. 207*d5c09012SAndroid Build Coastguard Workermessage RelatedAsset { 208*d5c09012SAndroid Build Coastguard Worker // The full name of the asset. Example: 209*d5c09012SAndroid Build Coastguard Worker // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` 210*d5c09012SAndroid Build Coastguard Worker // 211*d5c09012SAndroid Build Coastguard Worker // See [Resource 212*d5c09012SAndroid Build Coastguard Worker // names](https://cloud.google.com/apis/design/resource_names#full_resource_name) 213*d5c09012SAndroid Build Coastguard Worker // for more information. 214*d5c09012SAndroid Build Coastguard Worker string asset = 1 [(google.api.resource_reference) = { 215*d5c09012SAndroid Build Coastguard Worker type: "cloudasset.googleapis.com/Asset" 216*d5c09012SAndroid Build Coastguard Worker }]; 217*d5c09012SAndroid Build Coastguard Worker 218*d5c09012SAndroid Build Coastguard Worker // The type of the asset. Example: `compute.googleapis.com/Disk` 219*d5c09012SAndroid Build Coastguard Worker // 220*d5c09012SAndroid Build Coastguard Worker // See [Supported asset 221*d5c09012SAndroid Build Coastguard Worker // types](https://cloud.google.com/asset-inventory/docs/supported-asset-types) 222*d5c09012SAndroid Build Coastguard Worker // for more information. 223*d5c09012SAndroid Build Coastguard Worker string asset_type = 2; 224*d5c09012SAndroid Build Coastguard Worker 225*d5c09012SAndroid Build Coastguard Worker // The ancestors of an asset in Google Cloud [resource 226*d5c09012SAndroid Build Coastguard Worker // hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 227*d5c09012SAndroid Build Coastguard Worker // represented as a list of relative resource names. An ancestry path starts 228*d5c09012SAndroid Build Coastguard Worker // with the closest ancestor in the hierarchy and ends at root. 229*d5c09012SAndroid Build Coastguard Worker // 230*d5c09012SAndroid Build Coastguard Worker // Example: `["projects/123456789", "folders/5432", "organizations/1234"]` 231*d5c09012SAndroid Build Coastguard Worker repeated string ancestors = 3; 232*d5c09012SAndroid Build Coastguard Worker} 233