1 // Copyright 2024 Google LLC. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // Code generated file. DO NOT EDIT. 6 7 // Package cloudasset provides access to the Cloud Asset API. 8 // 9 // For product documentation, see: https://cloud.google.com/asset-inventory/docs/quickstart 10 // 11 // # Library status 12 // 13 // These client libraries are officially supported by Google. However, this 14 // library is considered complete and is in maintenance mode. This means 15 // that we will address critical bugs and security issues but will not add 16 // any new features. 17 // 18 // When possible, we recommend using our newer 19 // [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) 20 // that are still actively being worked and iterated on. 21 // 22 // # Creating a client 23 // 24 // Usage example: 25 // 26 // import "google.golang.org/api/cloudasset/v1" 27 // ... 28 // ctx := context.Background() 29 // cloudassetService, err := cloudasset.NewService(ctx) 30 // 31 // In this example, Google Application Default Credentials are used for 32 // authentication. For information on how to create and obtain Application 33 // Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials. 34 // 35 // # Other authentication options 36 // 37 // To use an API key for authentication (note: some APIs do not support API 38 // keys), use [google.golang.org/api/option.WithAPIKey]: 39 // 40 // cloudassetService, err := cloudasset.NewService(ctx, option.WithAPIKey("AIza...")) 41 // 42 // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth 43 // flow, use [google.golang.org/api/option.WithTokenSource]: 44 // 45 // config := &oauth2.Config{...} 46 // // ... 47 // token, err := config.Exchange(ctx, ...) 48 // cloudassetService, err := cloudasset.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token))) 49 // 50 // See [google.golang.org/api/option.ClientOption] for details on options. 51 package cloudasset // import "google.golang.org/api/cloudasset/v1" 52 53 import ( 54 "bytes" 55 "context" 56 "encoding/json" 57 "errors" 58 "fmt" 59 "io" 60 "net/http" 61 "net/url" 62 "strconv" 63 "strings" 64 65 googleapi "google.golang.org/api/googleapi" 66 internal "google.golang.org/api/internal" 67 gensupport "google.golang.org/api/internal/gensupport" 68 option "google.golang.org/api/option" 69 internaloption "google.golang.org/api/option/internaloption" 70 htransport "google.golang.org/api/transport/http" 71 ) 72 73 // Always reference these packages, just in case the auto-generated code 74 // below doesn't. 75 var _ = bytes.NewBuffer 76 var _ = strconv.Itoa 77 var _ = fmt.Sprintf 78 var _ = json.NewDecoder 79 var _ = io.Copy 80 var _ = url.Parse 81 var _ = gensupport.MarshalJSON 82 var _ = googleapi.Version 83 var _ = errors.New 84 var _ = strings.Replace 85 var _ = context.Canceled 86 var _ = internaloption.WithDefaultEndpoint 87 var _ = internal.Version 88 89 const apiId = "cloudasset:v1" 90 const apiName = "cloudasset" 91 const apiVersion = "v1" 92 const basePath = "https://cloudasset.googleapis.com/" 93 const basePathTemplate = "https://cloudasset.UNIVERSE_DOMAIN/" 94 const mtlsBasePath = "https://cloudasset.mtls.googleapis.com/" 95 96 // OAuth2 scopes used by this API. 97 const ( 98 // See, edit, configure, and delete your Google Cloud data and see the email 99 // address for your Google Account. 100 CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" 101 ) 102 103 // NewService creates a new Service. 104 func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) { 105 scopesOption := internaloption.WithDefaultScopes( 106 "https://www.googleapis.com/auth/cloud-platform", 107 ) 108 // NOTE: prepend, so we don't override user-specified scopes. 109 opts = append([]option.ClientOption{scopesOption}, opts...) 110 opts = append(opts, internaloption.WithDefaultEndpoint(basePath)) 111 opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate)) 112 opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath)) 113 opts = append(opts, internaloption.EnableNewAuthLibrary()) 114 client, endpoint, err := htransport.NewClient(ctx, opts...) 115 if err != nil { 116 return nil, err 117 } 118 s, err := New(client) 119 if err != nil { 120 return nil, err 121 } 122 if endpoint != "" { 123 s.BasePath = endpoint 124 } 125 return s, nil 126 } 127 128 // New creates a new Service. It uses the provided http.Client for requests. 129 // 130 // Deprecated: please use NewService instead. 131 // To provide a custom HTTP client, use option.WithHTTPClient. 132 // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead. 133 func New(client *http.Client) (*Service, error) { 134 if client == nil { 135 return nil, errors.New("client is nil") 136 } 137 s := &Service{client: client, BasePath: basePath} 138 s.Assets = NewAssetsService(s) 139 s.EffectiveIamPolicies = NewEffectiveIamPoliciesService(s) 140 s.Feeds = NewFeedsService(s) 141 s.Operations = NewOperationsService(s) 142 s.SavedQueries = NewSavedQueriesService(s) 143 s.V1 = NewV1Service(s) 144 return s, nil 145 } 146 147 type Service struct { 148 client *http.Client 149 BasePath string // API endpoint base URL 150 UserAgent string // optional additional User-Agent fragment 151 152 Assets *AssetsService 153 154 EffectiveIamPolicies *EffectiveIamPoliciesService 155 156 Feeds *FeedsService 157 158 Operations *OperationsService 159 160 SavedQueries *SavedQueriesService 161 162 V1 *V1Service 163 } 164 165 func (s *Service) userAgent() string { 166 if s.UserAgent == "" { 167 return googleapi.UserAgent 168 } 169 return googleapi.UserAgent + " " + s.UserAgent 170 } 171 172 func NewAssetsService(s *Service) *AssetsService { 173 rs := &AssetsService{s: s} 174 return rs 175 } 176 177 type AssetsService struct { 178 s *Service 179 } 180 181 func NewEffectiveIamPoliciesService(s *Service) *EffectiveIamPoliciesService { 182 rs := &EffectiveIamPoliciesService{s: s} 183 return rs 184 } 185 186 type EffectiveIamPoliciesService struct { 187 s *Service 188 } 189 190 func NewFeedsService(s *Service) *FeedsService { 191 rs := &FeedsService{s: s} 192 return rs 193 } 194 195 type FeedsService struct { 196 s *Service 197 } 198 199 func NewOperationsService(s *Service) *OperationsService { 200 rs := &OperationsService{s: s} 201 return rs 202 } 203 204 type OperationsService struct { 205 s *Service 206 } 207 208 func NewSavedQueriesService(s *Service) *SavedQueriesService { 209 rs := &SavedQueriesService{s: s} 210 return rs 211 } 212 213 type SavedQueriesService struct { 214 s *Service 215 } 216 217 func NewV1Service(s *Service) *V1Service { 218 rs := &V1Service{s: s} 219 return rs 220 } 221 222 type V1Service struct { 223 s *Service 224 } 225 226 // AccessSelector: Specifies roles and/or permissions to analyze, to determine 227 // both the identities possessing them and the resources they control. If 228 // multiple values are specified, results will include roles or permissions 229 // matching any of them. The total number of roles and permissions should be 230 // equal or less than 10. 231 type AccessSelector struct { 232 // Permissions: Optional. The permissions to appear in result. 233 Permissions []string `json:"permissions,omitempty"` 234 // Roles: Optional. The roles to appear in result. 235 Roles []string `json:"roles,omitempty"` 236 // ForceSendFields is a list of field names (e.g. "Permissions") to 237 // unconditionally include in API requests. By default, fields with empty or 238 // default values are omitted from API requests. See 239 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 240 // details. 241 ForceSendFields []string `json:"-"` 242 // NullFields is a list of field names (e.g. "Permissions") to include in API 243 // requests with the JSON null value. By default, fields with empty values are 244 // omitted from API requests. See 245 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 246 NullFields []string `json:"-"` 247 } 248 249 func (s *AccessSelector) MarshalJSON() ([]byte, error) { 250 type NoMethod AccessSelector 251 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 252 } 253 254 // AnalyzeIamPolicyLongrunningMetadata: Represents the metadata of the 255 // longrunning operation for the AnalyzeIamPolicyLongrunning RPC. 256 type AnalyzeIamPolicyLongrunningMetadata struct { 257 // CreateTime: Output only. The time the operation was created. 258 CreateTime string `json:"createTime,omitempty"` 259 // ForceSendFields is a list of field names (e.g. "CreateTime") to 260 // unconditionally include in API requests. By default, fields with empty or 261 // default values are omitted from API requests. See 262 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 263 // details. 264 ForceSendFields []string `json:"-"` 265 // NullFields is a list of field names (e.g. "CreateTime") to include in API 266 // requests with the JSON null value. By default, fields with empty values are 267 // omitted from API requests. See 268 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 269 NullFields []string `json:"-"` 270 } 271 272 func (s *AnalyzeIamPolicyLongrunningMetadata) MarshalJSON() ([]byte, error) { 273 type NoMethod AnalyzeIamPolicyLongrunningMetadata 274 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 275 } 276 277 // AnalyzeIamPolicyLongrunningRequest: A request message for 278 // AssetService.AnalyzeIamPolicyLongrunning. 279 type AnalyzeIamPolicyLongrunningRequest struct { 280 // AnalysisQuery: Required. The request query. 281 AnalysisQuery *IamPolicyAnalysisQuery `json:"analysisQuery,omitempty"` 282 // OutputConfig: Required. Output configuration indicating where the results 283 // will be output to. 284 OutputConfig *IamPolicyAnalysisOutputConfig `json:"outputConfig,omitempty"` 285 // SavedAnalysisQuery: Optional. The name of a saved query, which must be in 286 // the format of: * projects/project_number/savedQueries/saved_query_id * 287 // folders/folder_number/savedQueries/saved_query_id * 288 // organizations/organization_number/savedQueries/saved_query_id If both 289 // `analysis_query` and `saved_analysis_query` are provided, they will be 290 // merged together with the `saved_analysis_query` as base and the 291 // `analysis_query` as overrides. For more details of the merge behavior, refer 292 // to the MergeFrom 293 // (https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.message#Message.MergeFrom.details) 294 // doc. Note that you cannot override primitive fields with default value, such 295 // as 0 or empty string, etc., because we use proto3, which doesn't support 296 // field presence yet. 297 SavedAnalysisQuery string `json:"savedAnalysisQuery,omitempty"` 298 // ForceSendFields is a list of field names (e.g. "AnalysisQuery") to 299 // unconditionally include in API requests. By default, fields with empty or 300 // default values are omitted from API requests. See 301 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 302 // details. 303 ForceSendFields []string `json:"-"` 304 // NullFields is a list of field names (e.g. "AnalysisQuery") to include in API 305 // requests with the JSON null value. By default, fields with empty values are 306 // omitted from API requests. See 307 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 308 NullFields []string `json:"-"` 309 } 310 311 func (s *AnalyzeIamPolicyLongrunningRequest) MarshalJSON() ([]byte, error) { 312 type NoMethod AnalyzeIamPolicyLongrunningRequest 313 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 314 } 315 316 // AnalyzeIamPolicyLongrunningResponse: A response message for 317 // AssetService.AnalyzeIamPolicyLongrunning. 318 type AnalyzeIamPolicyLongrunningResponse struct { 319 } 320 321 // AnalyzeIamPolicyResponse: A response message for 322 // AssetService.AnalyzeIamPolicy. 323 type AnalyzeIamPolicyResponse struct { 324 // FullyExplored: Represents whether all entries in the main_analysis and 325 // service_account_impersonation_analysis have been fully explored to answer 326 // the query in the request. 327 FullyExplored bool `json:"fullyExplored,omitempty"` 328 // MainAnalysis: The main analysis that matches the original request. 329 MainAnalysis *IamPolicyAnalysis `json:"mainAnalysis,omitempty"` 330 // ServiceAccountImpersonationAnalysis: The service account impersonation 331 // analysis if AnalyzeIamPolicyRequest.analyze_service_account_impersonation is 332 // enabled. 333 ServiceAccountImpersonationAnalysis []*IamPolicyAnalysis `json:"serviceAccountImpersonationAnalysis,omitempty"` 334 335 // ServerResponse contains the HTTP response code and headers from the server. 336 googleapi.ServerResponse `json:"-"` 337 // ForceSendFields is a list of field names (e.g. "FullyExplored") to 338 // unconditionally include in API requests. By default, fields with empty or 339 // default values are omitted from API requests. See 340 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 341 // details. 342 ForceSendFields []string `json:"-"` 343 // NullFields is a list of field names (e.g. "FullyExplored") to include in API 344 // requests with the JSON null value. By default, fields with empty values are 345 // omitted from API requests. See 346 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 347 NullFields []string `json:"-"` 348 } 349 350 func (s *AnalyzeIamPolicyResponse) MarshalJSON() ([]byte, error) { 351 type NoMethod AnalyzeIamPolicyResponse 352 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 353 } 354 355 // AnalyzeMoveResponse: The response message for resource move analysis. 356 type AnalyzeMoveResponse struct { 357 // MoveAnalysis: The list of analyses returned from performing the intended 358 // resource move analysis. The analysis is grouped by different Google Cloud 359 // services. 360 MoveAnalysis []*MoveAnalysis `json:"moveAnalysis,omitempty"` 361 362 // ServerResponse contains the HTTP response code and headers from the server. 363 googleapi.ServerResponse `json:"-"` 364 // ForceSendFields is a list of field names (e.g. "MoveAnalysis") to 365 // unconditionally include in API requests. By default, fields with empty or 366 // default values are omitted from API requests. See 367 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 368 // details. 369 ForceSendFields []string `json:"-"` 370 // NullFields is a list of field names (e.g. "MoveAnalysis") to include in API 371 // requests with the JSON null value. By default, fields with empty values are 372 // omitted from API requests. See 373 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 374 NullFields []string `json:"-"` 375 } 376 377 func (s *AnalyzeMoveResponse) MarshalJSON() ([]byte, error) { 378 type NoMethod AnalyzeMoveResponse 379 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 380 } 381 382 // AnalyzeOrgPoliciesResponse: The response message for 383 // AssetService.AnalyzeOrgPolicies. 384 type AnalyzeOrgPoliciesResponse struct { 385 // Constraint: The definition of the constraint in the request. 386 Constraint *AnalyzerOrgPolicyConstraint `json:"constraint,omitempty"` 387 // NextPageToken: The page token to fetch the next page for 388 // AnalyzeOrgPoliciesResponse.org_policy_results. 389 NextPageToken string `json:"nextPageToken,omitempty"` 390 // OrgPolicyResults: The organization policies under the 391 // AnalyzeOrgPoliciesRequest.scope with the 392 // AnalyzeOrgPoliciesRequest.constraint. 393 OrgPolicyResults []*OrgPolicyResult `json:"orgPolicyResults,omitempty"` 394 395 // ServerResponse contains the HTTP response code and headers from the server. 396 googleapi.ServerResponse `json:"-"` 397 // ForceSendFields is a list of field names (e.g. "Constraint") to 398 // unconditionally include in API requests. By default, fields with empty or 399 // default values are omitted from API requests. See 400 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 401 // details. 402 ForceSendFields []string `json:"-"` 403 // NullFields is a list of field names (e.g. "Constraint") to include in API 404 // requests with the JSON null value. By default, fields with empty values are 405 // omitted from API requests. See 406 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 407 NullFields []string `json:"-"` 408 } 409 410 func (s *AnalyzeOrgPoliciesResponse) MarshalJSON() ([]byte, error) { 411 type NoMethod AnalyzeOrgPoliciesResponse 412 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 413 } 414 415 // AnalyzeOrgPolicyGovernedAssetsResponse: The response message for 416 // AssetService.AnalyzeOrgPolicyGovernedAssets. 417 type AnalyzeOrgPolicyGovernedAssetsResponse struct { 418 // Constraint: The definition of the constraint in the request. 419 Constraint *AnalyzerOrgPolicyConstraint `json:"constraint,omitempty"` 420 // GovernedAssets: The list of the analyzed governed assets. 421 GovernedAssets []*GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset `json:"governedAssets,omitempty"` 422 // NextPageToken: The page token to fetch the next page for 423 // AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets. 424 NextPageToken string `json:"nextPageToken,omitempty"` 425 426 // ServerResponse contains the HTTP response code and headers from the server. 427 googleapi.ServerResponse `json:"-"` 428 // ForceSendFields is a list of field names (e.g. "Constraint") to 429 // unconditionally include in API requests. By default, fields with empty or 430 // default values are omitted from API requests. See 431 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 432 // details. 433 ForceSendFields []string `json:"-"` 434 // NullFields is a list of field names (e.g. "Constraint") to include in API 435 // requests with the JSON null value. By default, fields with empty values are 436 // omitted from API requests. See 437 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 438 NullFields []string `json:"-"` 439 } 440 441 func (s *AnalyzeOrgPolicyGovernedAssetsResponse) MarshalJSON() ([]byte, error) { 442 type NoMethod AnalyzeOrgPolicyGovernedAssetsResponse 443 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 444 } 445 446 // AnalyzeOrgPolicyGovernedContainersResponse: The response message for 447 // AssetService.AnalyzeOrgPolicyGovernedContainers. 448 type AnalyzeOrgPolicyGovernedContainersResponse struct { 449 // Constraint: The definition of the constraint in the request. 450 Constraint *AnalyzerOrgPolicyConstraint `json:"constraint,omitempty"` 451 // GovernedContainers: The list of the analyzed governed containers. 452 GovernedContainers []*GoogleCloudAssetV1GovernedContainer `json:"governedContainers,omitempty"` 453 // NextPageToken: The page token to fetch the next page for 454 // AnalyzeOrgPolicyGovernedContainersResponse.governed_containers. 455 NextPageToken string `json:"nextPageToken,omitempty"` 456 457 // ServerResponse contains the HTTP response code and headers from the server. 458 googleapi.ServerResponse `json:"-"` 459 // ForceSendFields is a list of field names (e.g. "Constraint") to 460 // unconditionally include in API requests. By default, fields with empty or 461 // default values are omitted from API requests. See 462 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 463 // details. 464 ForceSendFields []string `json:"-"` 465 // NullFields is a list of field names (e.g. "Constraint") to include in API 466 // requests with the JSON null value. By default, fields with empty values are 467 // omitted from API requests. See 468 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 469 NullFields []string `json:"-"` 470 } 471 472 func (s *AnalyzeOrgPolicyGovernedContainersResponse) MarshalJSON() ([]byte, error) { 473 type NoMethod AnalyzeOrgPolicyGovernedContainersResponse 474 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 475 } 476 477 // AnalyzerOrgPolicy: This organization policy message is a modified version of 478 // the one defined in the Organization Policy system. This message contains 479 // several fields defined in the original organization policy with some new 480 // fields for analysis purpose. 481 type AnalyzerOrgPolicy struct { 482 // AppliedResource: The [full resource name] 483 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of an 484 // organization/folder/project resource where this organization policy applies 485 // to. For any user defined org policies, this field has the same value as the 486 // [attached_resource] field. Only for default policy, this field has the 487 // different value. 488 AppliedResource string `json:"appliedResource,omitempty"` 489 // AttachedResource: The [full resource name] 490 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of an 491 // organization/folder/project resource where this organization policy is set. 492 // Notice that some type of constraints are defined with default policy. This 493 // field will be empty for them. 494 AttachedResource string `json:"attachedResource,omitempty"` 495 // InheritFromParent: If `inherit_from_parent` is true, Rules set higher up in 496 // the hierarchy (up to the closest root) are inherited and present in the 497 // effective policy. If it is false, then no rules are inherited, and this 498 // policy becomes the effective root for evaluation. 499 InheritFromParent bool `json:"inheritFromParent,omitempty"` 500 // Reset: Ignores policies set above this resource and restores the default 501 // behavior of the constraint at this resource. This field can be set in 502 // policies for either list or boolean constraints. If set, `rules` must be 503 // empty and `inherit_from_parent` must be set to false. 504 Reset bool `json:"reset,omitempty"` 505 // Rules: List of rules for this organization policy. 506 Rules []*GoogleCloudAssetV1Rule `json:"rules,omitempty"` 507 // ForceSendFields is a list of field names (e.g. "AppliedResource") to 508 // unconditionally include in API requests. By default, fields with empty or 509 // default values are omitted from API requests. See 510 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 511 // details. 512 ForceSendFields []string `json:"-"` 513 // NullFields is a list of field names (e.g. "AppliedResource") to include in 514 // API requests with the JSON null value. By default, fields with empty values 515 // are omitted from API requests. See 516 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 517 NullFields []string `json:"-"` 518 } 519 520 func (s *AnalyzerOrgPolicy) MarshalJSON() ([]byte, error) { 521 type NoMethod AnalyzerOrgPolicy 522 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 523 } 524 525 // AnalyzerOrgPolicyConstraint: The organization policy constraint definition. 526 type AnalyzerOrgPolicyConstraint struct { 527 // CustomConstraint: The definition of the custom constraint. 528 CustomConstraint *GoogleCloudAssetV1CustomConstraint `json:"customConstraint,omitempty"` 529 // GoogleDefinedConstraint: The definition of the canned constraint defined by 530 // Google. 531 GoogleDefinedConstraint *GoogleCloudAssetV1Constraint `json:"googleDefinedConstraint,omitempty"` 532 // ForceSendFields is a list of field names (e.g. "CustomConstraint") to 533 // unconditionally include in API requests. By default, fields with empty or 534 // default values are omitted from API requests. See 535 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 536 // details. 537 ForceSendFields []string `json:"-"` 538 // NullFields is a list of field names (e.g. "CustomConstraint") to include in 539 // API requests with the JSON null value. By default, fields with empty values 540 // are omitted from API requests. See 541 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 542 NullFields []string `json:"-"` 543 } 544 545 func (s *AnalyzerOrgPolicyConstraint) MarshalJSON() ([]byte, error) { 546 type NoMethod AnalyzerOrgPolicyConstraint 547 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 548 } 549 550 // Asset: An asset in Google Cloud. An asset can be any resource in the Google 551 // Cloud resource hierarchy 552 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 553 // a resource outside the Google Cloud resource hierarchy (such as Google 554 // Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy), or a 555 // relationship (e.g. an INSTANCE_TO_INSTANCEGROUP relationship). See Supported 556 // asset types 557 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 558 // more information. 559 type Asset struct { 560 // AccessLevel: Also refer to the access level user guide 561 // (https://cloud.google.com/access-context-manager/docs/overview#access-levels). 562 AccessLevel *GoogleIdentityAccesscontextmanagerV1AccessLevel `json:"accessLevel,omitempty"` 563 // AccessPolicy: Also refer to the access policy user guide 564 // (https://cloud.google.com/access-context-manager/docs/overview#access-policies). 565 AccessPolicy *GoogleIdentityAccesscontextmanagerV1AccessPolicy `json:"accessPolicy,omitempty"` 566 // Ancestors: The ancestry path of an asset in Google Cloud resource hierarchy 567 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 568 // represented as a list of relative resource names. An ancestry path starts 569 // with the closest ancestor in the hierarchy and ends at root. If the asset is 570 // a project, folder, or organization, the ancestry path starts from the asset 571 // itself. Example: `["projects/123456789", "folders/5432", 572 // "organizations/1234"]` 573 Ancestors []string `json:"ancestors,omitempty"` 574 // AssetType: The type of the asset. Example: `compute.googleapis.com/Disk` See 575 // Supported asset types 576 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 577 // more information. 578 AssetType string `json:"assetType,omitempty"` 579 // IamPolicy: A representation of the IAM policy set on a Google Cloud 580 // resource. There can be a maximum of one IAM policy set on any given 581 // resource. In addition, IAM policies inherit their granted access scope from 582 // any policies set on parent resources in the resource hierarchy. Therefore, 583 // the effectively policy is the union of both the policy set on this resource 584 // and each policy set on all of the resource's ancestry resource levels in the 585 // hierarchy. See this topic 586 // (https://cloud.google.com/iam/help/allow-policies/inheritance) for more 587 // information. 588 IamPolicy *Policy `json:"iamPolicy,omitempty"` 589 // Name: The full name of the asset. Example: 590 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 591 // nce1` See Resource names 592 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) for 593 // more information. 594 Name string `json:"name,omitempty"` 595 // OrgPolicy: A representation of an organization policy 596 // (https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). 597 // There can be more than one organization policy with different constraints 598 // set on a given resource. 599 OrgPolicy []*GoogleCloudOrgpolicyV1Policy `json:"orgPolicy,omitempty"` 600 // OsInventory: A representation of runtime OS Inventory information. See this 601 // topic 602 // (https://cloud.google.com/compute/docs/instances/os-inventory-management) 603 // for more information. 604 OsInventory *Inventory `json:"osInventory,omitempty"` 605 // RelatedAsset: One related asset of the current asset. 606 RelatedAsset *RelatedAsset `json:"relatedAsset,omitempty"` 607 // RelatedAssets: DEPRECATED. This field only presents for the purpose of 608 // backward-compatibility. The server will never generate responses with this 609 // field. The related assets of the asset of one relationship type. One asset 610 // only represents one type of relationship. 611 RelatedAssets *RelatedAssets `json:"relatedAssets,omitempty"` 612 // Resource: A representation of the resource. 613 Resource *Resource `json:"resource,omitempty"` 614 // ServicePerimeter: Also refer to the service perimeter user guide 615 // (https://cloud.google.com/vpc-service-controls/docs/overview). 616 ServicePerimeter *GoogleIdentityAccesscontextmanagerV1ServicePerimeter `json:"servicePerimeter,omitempty"` 617 // UpdateTime: The last update timestamp of an asset. update_time is updated 618 // when create/update/delete operation is performed. 619 UpdateTime string `json:"updateTime,omitempty"` 620 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 621 // unconditionally include in API requests. By default, fields with empty or 622 // default values are omitted from API requests. See 623 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 624 // details. 625 ForceSendFields []string `json:"-"` 626 // NullFields is a list of field names (e.g. "AccessLevel") to include in API 627 // requests with the JSON null value. By default, fields with empty values are 628 // omitted from API requests. See 629 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 630 NullFields []string `json:"-"` 631 } 632 633 func (s *Asset) MarshalJSON() ([]byte, error) { 634 type NoMethod Asset 635 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 636 } 637 638 // AttachedResource: Attached resource representation, which is defined by the 639 // corresponding service provider. It represents an attached resource's 640 // payload. 641 type AttachedResource struct { 642 // AssetType: The type of this attached resource. Example: 643 // `osconfig.googleapis.com/Inventory` You can find the supported attached 644 // asset types of each resource in this table: 645 // `https://cloud.google.com/asset-inventory/docs/supported-asset-types` 646 AssetType string `json:"assetType,omitempty"` 647 // VersionedResources: Versioned resource representations of this attached 648 // resource. This is repeated because there could be multiple versions of the 649 // attached resource representations during version migration. 650 VersionedResources []*VersionedResource `json:"versionedResources,omitempty"` 651 // ForceSendFields is a list of field names (e.g. "AssetType") to 652 // unconditionally include in API requests. By default, fields with empty or 653 // default values are omitted from API requests. See 654 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 655 // details. 656 ForceSendFields []string `json:"-"` 657 // NullFields is a list of field names (e.g. "AssetType") to include in API 658 // requests with the JSON null value. By default, fields with empty values are 659 // omitted from API requests. See 660 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 661 NullFields []string `json:"-"` 662 } 663 664 func (s *AttachedResource) MarshalJSON() ([]byte, error) { 665 type NoMethod AttachedResource 666 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 667 } 668 669 // AuditConfig: Specifies the audit configuration for a service. The 670 // configuration determines which permission types are logged, and what 671 // identities, if any, are exempted from logging. An AuditConfig must have one 672 // or more AuditLogConfigs. If there are AuditConfigs for both `allServices` 673 // and a specific service, the union of the two AuditConfigs is used for that 674 // service: the log_types specified in each AuditConfig are enabled, and the 675 // exempted_members in each AuditLogConfig are exempted. Example Policy with 676 // multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", 677 // "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ 678 // "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": 679 // "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", 680 // "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": 681 // "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For 682 // sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ 683 // logging. It also exempts `jose@example.com` from DATA_READ logging, and 684 // `aliya@example.com` from DATA_WRITE logging. 685 type AuditConfig struct { 686 // AuditLogConfigs: The configuration for logging of each type of permission. 687 AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"` 688 // Service: Specifies a service that will be enabled for audit logging. For 689 // example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` 690 // is a special value that covers all services. 691 Service string `json:"service,omitempty"` 692 // ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to 693 // unconditionally include in API requests. By default, fields with empty or 694 // default values are omitted from API requests. See 695 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 696 // details. 697 ForceSendFields []string `json:"-"` 698 // NullFields is a list of field names (e.g. "AuditLogConfigs") to include in 699 // API requests with the JSON null value. By default, fields with empty values 700 // are omitted from API requests. See 701 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 702 NullFields []string `json:"-"` 703 } 704 705 func (s *AuditConfig) MarshalJSON() ([]byte, error) { 706 type NoMethod AuditConfig 707 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 708 } 709 710 // AuditLogConfig: Provides the configuration for logging a type of 711 // permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", 712 // "exempted_members": [ "user:jose@example.com" ] }, { "log_type": 713 // "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while 714 // exempting jose@example.com from DATA_READ logging. 715 type AuditLogConfig struct { 716 // ExemptedMembers: Specifies the identities that do not cause logging for this 717 // type of permission. Follows the same format of Binding.members. 718 ExemptedMembers []string `json:"exemptedMembers,omitempty"` 719 // LogType: The log type that this config enables. 720 // 721 // Possible values: 722 // "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this. 723 // "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy 724 // "DATA_WRITE" - Data writes. Example: CloudSQL Users create 725 // "DATA_READ" - Data reads. Example: CloudSQL Users list 726 LogType string `json:"logType,omitempty"` 727 // ForceSendFields is a list of field names (e.g. "ExemptedMembers") to 728 // unconditionally include in API requests. By default, fields with empty or 729 // default values are omitted from API requests. See 730 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 731 // details. 732 ForceSendFields []string `json:"-"` 733 // NullFields is a list of field names (e.g. "ExemptedMembers") to include in 734 // API requests with the JSON null value. By default, fields with empty values 735 // are omitted from API requests. See 736 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 737 NullFields []string `json:"-"` 738 } 739 740 func (s *AuditLogConfig) MarshalJSON() ([]byte, error) { 741 type NoMethod AuditLogConfig 742 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 743 } 744 745 // BatchGetAssetsHistoryResponse: Batch get assets history response. 746 type BatchGetAssetsHistoryResponse struct { 747 // Assets: A list of assets with valid time windows. 748 Assets []*TemporalAsset `json:"assets,omitempty"` 749 750 // ServerResponse contains the HTTP response code and headers from the server. 751 googleapi.ServerResponse `json:"-"` 752 // ForceSendFields is a list of field names (e.g. "Assets") to unconditionally 753 // include in API requests. By default, fields with empty or default values are 754 // omitted from API requests. See 755 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 756 // details. 757 ForceSendFields []string `json:"-"` 758 // NullFields is a list of field names (e.g. "Assets") to include in API 759 // requests with the JSON null value. By default, fields with empty values are 760 // omitted from API requests. See 761 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 762 NullFields []string `json:"-"` 763 } 764 765 func (s *BatchGetAssetsHistoryResponse) MarshalJSON() ([]byte, error) { 766 type NoMethod BatchGetAssetsHistoryResponse 767 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 768 } 769 770 // BatchGetEffectiveIamPoliciesResponse: A response message for 771 // AssetService.BatchGetEffectiveIamPolicies. 772 type BatchGetEffectiveIamPoliciesResponse struct { 773 // PolicyResults: The effective policies for a batch of resources. Note that 774 // the results order is the same as the order of 775 // BatchGetEffectiveIamPoliciesRequest.names. When a resource does not have any 776 // effective IAM policies, its corresponding policy_result will contain empty 777 // EffectiveIamPolicy.policies. 778 PolicyResults []*EffectiveIamPolicy `json:"policyResults,omitempty"` 779 780 // ServerResponse contains the HTTP response code and headers from the server. 781 googleapi.ServerResponse `json:"-"` 782 // ForceSendFields is a list of field names (e.g. "PolicyResults") to 783 // unconditionally include in API requests. By default, fields with empty or 784 // default values are omitted from API requests. See 785 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 786 // details. 787 ForceSendFields []string `json:"-"` 788 // NullFields is a list of field names (e.g. "PolicyResults") to include in API 789 // requests with the JSON null value. By default, fields with empty values are 790 // omitted from API requests. See 791 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 792 NullFields []string `json:"-"` 793 } 794 795 func (s *BatchGetEffectiveIamPoliciesResponse) MarshalJSON() ([]byte, error) { 796 type NoMethod BatchGetEffectiveIamPoliciesResponse 797 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 798 } 799 800 // BigQueryDestination: A BigQuery destination for exporting assets to. 801 type BigQueryDestination struct { 802 // Dataset: Required. The BigQuery dataset in format 803 // "projects/projectId/datasets/datasetId", to which the snapshot result should 804 // be exported. If this dataset does not exist, the export call returns an 805 // INVALID_ARGUMENT error. Setting the `contentType` for `exportAssets` 806 // determines the schema 807 // (/asset-inventory/docs/exporting-to-bigquery#bigquery-schema) of the 808 // BigQuery table. Setting `separateTablesPerAssetType` to `TRUE` also 809 // influences the schema. 810 Dataset string `json:"dataset,omitempty"` 811 // Force: If the destination table already exists and this flag is `TRUE`, the 812 // table will be overwritten by the contents of assets snapshot. If the flag is 813 // `FALSE` or unset and the destination table already exists, the export call 814 // returns an INVALID_ARGUMEMT error. 815 Force bool `json:"force,omitempty"` 816 // PartitionSpec: [partition_spec] determines whether to export to partitioned 817 // table(s) and how to partition the data. If [partition_spec] is unset or 818 // [partition_spec.partition_key] is unset or `PARTITION_KEY_UNSPECIFIED`, the 819 // snapshot results will be exported to non-partitioned table(s). [force] will 820 // decide whether to overwrite existing table(s). If [partition_spec] is 821 // specified. First, the snapshot results will be written to partitioned 822 // table(s) with two additional timestamp columns, readTime and requestTime, 823 // one of which will be the partition key. Secondly, in the case when any 824 // destination table already exists, it will first try to update existing 825 // table's schema as necessary by appending additional columns. Then, if 826 // [force] is `TRUE`, the corresponding partition will be overwritten by the 827 // snapshot results (data in different partitions will remain intact); if 828 // [force] is unset or `FALSE`, it will append the data. An error will be 829 // returned if the schema update or data appension fails. 830 PartitionSpec *PartitionSpec `json:"partitionSpec,omitempty"` 831 // SeparateTablesPerAssetType: If this flag is `TRUE`, the snapshot results 832 // will be written to one or multiple tables, each of which contains results of 833 // one asset type. The [force] and [partition_spec] fields will apply to each 834 // of them. Field [table] will be concatenated with "_" and the asset type 835 // names (see 836 // https://cloud.google.com/asset-inventory/docs/supported-asset-types for 837 // supported asset types) to construct per-asset-type table names, in which all 838 // non-alphanumeric characters like "." and "/" will be substituted by "_". 839 // Example: if field [table] is "mytable" and snapshot results contain 840 // "storage.googleapis.com/Bucket" assets, the corresponding table name will be 841 // "mytable_storage_googleapis_com_Bucket". If any of these tables does not 842 // exist, a new table with the concatenated name will be created. When 843 // [content_type] in the ExportAssetsRequest is `RESOURCE`, the schema of each 844 // table will include RECORD-type columns mapped to the nested fields in the 845 // Asset.resource.data field of that asset type (up to the 15 nested level 846 // BigQuery supports 847 // (https://cloud.google.com/bigquery/docs/nested-repeated#limitations)). The 848 // fields in >15 nested levels will be stored in JSON format string as a child 849 // column of its parent RECORD column. If error occurs when exporting to any 850 // table, the whole export call will return an error but the export results 851 // that already succeed will persist. Example: if exporting to table_type_A 852 // succeeds when exporting to table_type_B fails during one export call, the 853 // results in table_type_A will persist and there will not be partial results 854 // persisting in a table. 855 SeparateTablesPerAssetType bool `json:"separateTablesPerAssetType,omitempty"` 856 // Table: Required. The BigQuery table to which the snapshot result should be 857 // written. If this table does not exist, a new table with the given name will 858 // be created. 859 Table string `json:"table,omitempty"` 860 // ForceSendFields is a list of field names (e.g. "Dataset") to unconditionally 861 // include in API requests. By default, fields with empty or default values are 862 // omitted from API requests. See 863 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 864 // details. 865 ForceSendFields []string `json:"-"` 866 // NullFields is a list of field names (e.g. "Dataset") to include in API 867 // requests with the JSON null value. By default, fields with empty values are 868 // omitted from API requests. See 869 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 870 NullFields []string `json:"-"` 871 } 872 873 func (s *BigQueryDestination) MarshalJSON() ([]byte, error) { 874 type NoMethod BigQueryDestination 875 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 876 } 877 878 // Binding: Associates `members`, or principals, with a `role`. 879 type Binding struct { 880 // Condition: The condition that is associated with this binding. If the 881 // condition evaluates to `true`, then this binding applies to the current 882 // request. If the condition evaluates to `false`, then this binding does not 883 // apply to the current request. However, a different role binding might grant 884 // the same role to one or more of the principals in this binding. To learn 885 // which resources support conditions in their IAM policies, see the IAM 886 // documentation 887 // (https://cloud.google.com/iam/help/conditions/resource-policies). 888 Condition *Expr `json:"condition,omitempty"` 889 // Members: Specifies the principals requesting access for a Google Cloud 890 // resource. `members` can have the following values: * `allUsers`: A special 891 // identifier that represents anyone who is on the internet; with or without a 892 // Google account. * `allAuthenticatedUsers`: A special identifier that 893 // represents anyone who is authenticated with a Google account or a service 894 // account. Does not include identities that come from external identity 895 // providers (IdPs) through identity federation. * `user:{emailid}`: An email 896 // address that represents a specific Google account. For example, 897 // `alice@example.com` . * `serviceAccount:{emailid}`: An email address that 898 // represents a Google service account. For example, 899 // `my-other-app@appspot.gserviceaccount.com`. * 900 // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An 901 // identifier for a Kubernetes service account 902 // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). 903 // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * 904 // `group:{emailid}`: An email address that represents a Google group. For 905 // example, `admins@example.com`. * `domain:{domain}`: The G Suite domain 906 // (primary) that represents all the users of that domain. For example, 907 // `google.com` or `example.com`. * 908 // `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/sub 909 // ject/{subject_attribute_value}`: A single identity in a workforce identity 910 // pool. * 911 // `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/ 912 // group/{group_id}`: All workforce identities in a group. * 913 // `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/ 914 // attribute.{attribute_name}/{attribute_value}`: All workforce identities with 915 // a specific attribute value. * 916 // `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/ 917 // *`: All identities in a workforce identity pool. * 918 // `principal://iam.googleapis.com/projects/{project_number}/locations/global/wo 919 // rkloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single 920 // identity in a workload identity pool. * 921 // `principalSet://iam.googleapis.com/projects/{project_number}/locations/global 922 // /workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool 923 // group. * 924 // `principalSet://iam.googleapis.com/projects/{project_number}/locations/global 925 // /workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value} 926 // `: All identities in a workload identity pool with a certain attribute. * 927 // `principalSet://iam.googleapis.com/projects/{project_number}/locations/global 928 // /workloadIdentityPools/{pool_id}/*`: All identities in a workload identity 929 // pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus 930 // unique identifier) representing a user that has been recently deleted. For 931 // example, `alice@example.com?uid=123456789012345678901`. If the user is 932 // recovered, this value reverts to `user:{emailid}` and the recovered user 933 // retains the role in the binding. * 934 // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus 935 // unique identifier) representing a service account that has been recently 936 // deleted. For example, 937 // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the 938 // service account is undeleted, this value reverts to 939 // `serviceAccount:{emailid}` and the undeleted service account retains the 940 // role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email 941 // address (plus unique identifier) representing a Google group that has been 942 // recently deleted. For example, 943 // `admins@example.com?uid=123456789012345678901`. If the group is recovered, 944 // this value reverts to `group:{emailid}` and the recovered group retains the 945 // role in the binding. * 946 // `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool 947 // _id}/subject/{subject_attribute_value}`: Deleted single identity in a 948 // workforce identity pool. For example, 949 // `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-po 950 // ol-id/subject/my-subject-attribute-value`. 951 Members []string `json:"members,omitempty"` 952 // Role: Role that is assigned to the list of `members`, or principals. For 953 // example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview 954 // of the IAM roles and permissions, see the IAM documentation 955 // (https://cloud.google.com/iam/docs/roles-overview). For a list of the 956 // available pre-defined roles, see here 957 // (https://cloud.google.com/iam/docs/understanding-roles). 958 Role string `json:"role,omitempty"` 959 // ForceSendFields is a list of field names (e.g. "Condition") to 960 // unconditionally include in API requests. By default, fields with empty or 961 // default values are omitted from API requests. See 962 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 963 // details. 964 ForceSendFields []string `json:"-"` 965 // NullFields is a list of field names (e.g. "Condition") to include in API 966 // requests with the JSON null value. By default, fields with empty values are 967 // omitted from API requests. See 968 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 969 NullFields []string `json:"-"` 970 } 971 972 func (s *Binding) MarshalJSON() ([]byte, error) { 973 type NoMethod Binding 974 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 975 } 976 977 // ConditionContext: The IAM conditions context. 978 type ConditionContext struct { 979 // AccessTime: The hypothetical access timestamp to evaluate IAM conditions. 980 // Note that this value must not be earlier than the current time; otherwise, 981 // an INVALID_ARGUMENT error will be returned. 982 AccessTime string `json:"accessTime,omitempty"` 983 // ForceSendFields is a list of field names (e.g. "AccessTime") to 984 // unconditionally include in API requests. By default, fields with empty or 985 // default values are omitted from API requests. See 986 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 987 // details. 988 ForceSendFields []string `json:"-"` 989 // NullFields is a list of field names (e.g. "AccessTime") to include in API 990 // requests with the JSON null value. By default, fields with empty values are 991 // omitted from API requests. See 992 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 993 NullFields []string `json:"-"` 994 } 995 996 func (s *ConditionContext) MarshalJSON() ([]byte, error) { 997 type NoMethod ConditionContext 998 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 999 } 1000 1001 // ConditionEvaluation: The condition evaluation. 1002 type ConditionEvaluation struct { 1003 // EvaluationValue: The evaluation result. 1004 // 1005 // Possible values: 1006 // "EVALUATION_VALUE_UNSPECIFIED" - Reserved for future use. 1007 // "TRUE" - The evaluation result is `true`. 1008 // "FALSE" - The evaluation result is `false`. 1009 // "CONDITIONAL" - The evaluation result is `conditional` when the condition 1010 // expression contains variables that are either missing input values or have 1011 // not been supported by Policy Analyzer yet. 1012 EvaluationValue string `json:"evaluationValue,omitempty"` 1013 // ForceSendFields is a list of field names (e.g. "EvaluationValue") to 1014 // unconditionally include in API requests. By default, fields with empty or 1015 // default values are omitted from API requests. See 1016 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1017 // details. 1018 ForceSendFields []string `json:"-"` 1019 // NullFields is a list of field names (e.g. "EvaluationValue") to include in 1020 // API requests with the JSON null value. By default, fields with empty values 1021 // are omitted from API requests. See 1022 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1023 NullFields []string `json:"-"` 1024 } 1025 1026 func (s *ConditionEvaluation) MarshalJSON() ([]byte, error) { 1027 type NoMethod ConditionEvaluation 1028 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1029 } 1030 1031 // CreateFeedRequest: Create asset feed request. 1032 type CreateFeedRequest struct { 1033 // Feed: Required. The feed details. The field `name` must be empty and it will 1034 // be generated in the format of: projects/project_number/feeds/feed_id 1035 // folders/folder_number/feeds/feed_id 1036 // organizations/organization_number/feeds/feed_id 1037 Feed *Feed `json:"feed,omitempty"` 1038 // FeedId: Required. This is the client-assigned asset feed identifier and it 1039 // needs to be unique under a specific parent project/folder/organization. 1040 FeedId string `json:"feedId,omitempty"` 1041 // ForceSendFields is a list of field names (e.g. "Feed") to unconditionally 1042 // include in API requests. By default, fields with empty or default values are 1043 // omitted from API requests. See 1044 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1045 // details. 1046 ForceSendFields []string `json:"-"` 1047 // NullFields is a list of field names (e.g. "Feed") to include in API requests 1048 // with the JSON null value. By default, fields with empty values are omitted 1049 // from API requests. See 1050 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1051 NullFields []string `json:"-"` 1052 } 1053 1054 func (s *CreateFeedRequest) MarshalJSON() ([]byte, error) { 1055 type NoMethod CreateFeedRequest 1056 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1057 } 1058 1059 // Date: Represents a whole or partial calendar date, such as a birthday. The 1060 // time of day and time zone are either specified elsewhere or are 1061 // insignificant. The date is relative to the Gregorian Calendar. This can 1062 // represent one of the following: * A full date, with non-zero year, month, 1063 // and day values. * A month and day, with a zero year (for example, an 1064 // anniversary). * A year on its own, with a zero month and a zero day. * A 1065 // year and month, with a zero day (for example, a credit card expiration 1066 // date). Related types: * google.type.TimeOfDay * google.type.DateTime * 1067 // google.protobuf.Timestamp 1068 type Date struct { 1069 // Day: Day of a month. Must be from 1 to 31 and valid for the year and month, 1070 // or 0 to specify a year by itself or a year and month where the day isn't 1071 // significant. 1072 Day int64 `json:"day,omitempty"` 1073 // Month: Month of a year. Must be from 1 to 12, or 0 to specify a year without 1074 // a month and day. 1075 Month int64 `json:"month,omitempty"` 1076 // Year: Year of the date. Must be from 1 to 9999, or 0 to specify a date 1077 // without a year. 1078 Year int64 `json:"year,omitempty"` 1079 // ForceSendFields is a list of field names (e.g. "Day") to unconditionally 1080 // include in API requests. By default, fields with empty or default values are 1081 // omitted from API requests. See 1082 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1083 // details. 1084 ForceSendFields []string `json:"-"` 1085 // NullFields is a list of field names (e.g. "Day") to include in API requests 1086 // with the JSON null value. By default, fields with empty values are omitted 1087 // from API requests. See 1088 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1089 NullFields []string `json:"-"` 1090 } 1091 1092 func (s *Date) MarshalJSON() ([]byte, error) { 1093 type NoMethod Date 1094 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1095 } 1096 1097 // EffectiveIamPolicy: The effective IAM policies on one resource. 1098 type EffectiveIamPolicy struct { 1099 // FullResourceName: The [full_resource_name] 1100 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) for 1101 // which the policies are computed. This is one of the 1102 // BatchGetEffectiveIamPoliciesRequest.names the caller provides in the 1103 // request. 1104 FullResourceName string `json:"fullResourceName,omitempty"` 1105 // Policies: The effective policies for the full_resource_name. These policies 1106 // include the policy set on the full_resource_name and those set on its 1107 // parents and ancestors up to the BatchGetEffectiveIamPoliciesRequest.scope. 1108 // Note that these policies are not filtered according to the resource type of 1109 // the full_resource_name. These policies are hierarchically ordered by 1110 // PolicyInfo.attached_resource starting from full_resource_name itself to its 1111 // parents and ancestors, such that policies[i]'s PolicyInfo.attached_resource 1112 // is the child of policies[i+1]'s PolicyInfo.attached_resource, if 1113 // policies[i+1] exists. 1114 Policies []*PolicyInfo `json:"policies,omitempty"` 1115 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 1116 // unconditionally include in API requests. By default, fields with empty or 1117 // default values are omitted from API requests. See 1118 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1119 // details. 1120 ForceSendFields []string `json:"-"` 1121 // NullFields is a list of field names (e.g. "FullResourceName") to include in 1122 // API requests with the JSON null value. By default, fields with empty values 1123 // are omitted from API requests. See 1124 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1125 NullFields []string `json:"-"` 1126 } 1127 1128 func (s *EffectiveIamPolicy) MarshalJSON() ([]byte, error) { 1129 type NoMethod EffectiveIamPolicy 1130 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1131 } 1132 1133 // EffectiveTagDetails: The effective tags and the ancestor resources from 1134 // which they were inherited. 1135 type EffectiveTagDetails struct { 1136 // AttachedResource: The full resource name 1137 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the 1138 // ancestor from which an effective_tag is inherited, according to tag 1139 // inheritance 1140 // (https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance). 1141 AttachedResource string `json:"attachedResource,omitempty"` 1142 // EffectiveTags: The effective tags inherited from the attached_resource. Note 1143 // that tags with the same key but different values may attach to resources at 1144 // a different hierarchy levels. The lower hierarchy tag value will overwrite 1145 // the higher hierarchy tag value of the same tag key. In this case, the tag 1146 // value at the higher hierarchy level will be removed. For more information, 1147 // see tag inheritance 1148 // (https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance). 1149 EffectiveTags []*Tag `json:"effectiveTags,omitempty"` 1150 // ForceSendFields is a list of field names (e.g. "AttachedResource") to 1151 // unconditionally include in API requests. By default, fields with empty or 1152 // default values are omitted from API requests. See 1153 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1154 // details. 1155 ForceSendFields []string `json:"-"` 1156 // NullFields is a list of field names (e.g. "AttachedResource") to include in 1157 // API requests with the JSON null value. By default, fields with empty values 1158 // are omitted from API requests. See 1159 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1160 NullFields []string `json:"-"` 1161 } 1162 1163 func (s *EffectiveTagDetails) MarshalJSON() ([]byte, error) { 1164 type NoMethod EffectiveTagDetails 1165 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1166 } 1167 1168 // Empty: A generic empty message that you can re-use to avoid defining 1169 // duplicated empty messages in your APIs. A typical example is to use it as 1170 // the request or the response type of an API method. For instance: service Foo 1171 // { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } 1172 type Empty struct { 1173 // ServerResponse contains the HTTP response code and headers from the server. 1174 googleapi.ServerResponse `json:"-"` 1175 } 1176 1177 // Explanation: Explanation about the IAM policy search result. 1178 type Explanation struct { 1179 // MatchedPermissions: The map from roles to their included permissions that 1180 // match the permission query (i.e., a query containing 1181 // `policy.role.permissions:`). Example: if query 1182 // `policy.role.permissions:compute.disk.get` matches a policy binding that 1183 // contains owner role, the matched_permissions will be `{"roles/owner": 1184 // ["compute.disk.get"]}`. The roles can also be found in the returned `policy` 1185 // bindings. Note that the map is populated only for requests with permission 1186 // queries. 1187 MatchedPermissions map[string]Permissions `json:"matchedPermissions,omitempty"` 1188 // ForceSendFields is a list of field names (e.g. "MatchedPermissions") to 1189 // unconditionally include in API requests. By default, fields with empty or 1190 // default values are omitted from API requests. See 1191 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1192 // details. 1193 ForceSendFields []string `json:"-"` 1194 // NullFields is a list of field names (e.g. "MatchedPermissions") to include 1195 // in API requests with the JSON null value. By default, fields with empty 1196 // values are omitted from API requests. See 1197 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1198 NullFields []string `json:"-"` 1199 } 1200 1201 func (s *Explanation) MarshalJSON() ([]byte, error) { 1202 type NoMethod Explanation 1203 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1204 } 1205 1206 // ExportAssetsRequest: Export asset request. 1207 type ExportAssetsRequest struct { 1208 // AssetTypes: A list of asset types to take a snapshot for. For example: 1209 // "compute.googleapis.com/Disk". Regular expressions are also supported. For 1210 // example: * "compute.googleapis.com.*" snapshots resources whose asset type 1211 // starts with "compute.googleapis.com". * ".*Instance" snapshots resources 1212 // whose asset type ends with "Instance". * ".*Instance.*" snapshots resources 1213 // whose asset type contains "Instance". See RE2 1214 // (https://github.com/google/re2/wiki/Syntax) for all supported regular 1215 // expression syntax. If the regular expression does not match any supported 1216 // asset type, an INVALID_ARGUMENT error will be returned. If specified, only 1217 // matching assets will be returned, otherwise, it will snapshot all asset 1218 // types. See Introduction to Cloud Asset Inventory 1219 // (https://cloud.google.com/asset-inventory/docs/overview) for all supported 1220 // asset types. 1221 AssetTypes []string `json:"assetTypes,omitempty"` 1222 // ContentType: Asset content type. If not specified, no content but the asset 1223 // name will be returned. 1224 // 1225 // Possible values: 1226 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 1227 // "RESOURCE" - Resource metadata. 1228 // "IAM_POLICY" - The actual IAM policy set on a resource. 1229 // "ORG_POLICY" - The organization policy set on an asset. 1230 // "ACCESS_POLICY" - The Access Context Manager policy set on an asset. 1231 // "OS_INVENTORY" - The runtime OS Inventory information. 1232 // "RELATIONSHIP" - The related resources. 1233 ContentType string `json:"contentType,omitempty"` 1234 // OutputConfig: Required. Output configuration indicating where the results 1235 // will be output to. 1236 OutputConfig *OutputConfig `json:"outputConfig,omitempty"` 1237 // ReadTime: Timestamp to take an asset snapshot. This can only be set to a 1238 // timestamp between the current time and the current time minus 35 days 1239 // (inclusive). If not specified, the current time will be used. Due to delays 1240 // in resource data collection and indexing, there is a volatile window during 1241 // which running the same query may get different results. 1242 ReadTime string `json:"readTime,omitempty"` 1243 // RelationshipTypes: A list of relationship types to export, for example: 1244 // `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if 1245 // content_type=RELATIONSHIP. * If specified: it snapshots specified 1246 // relationships. It returns an error if any of the [relationship_types] 1247 // doesn't belong to the supported relationship types of the [asset_types] or 1248 // if any of the [asset_types] doesn't belong to the source types of the 1249 // [relationship_types]. * Otherwise: it snapshots the supported relationships 1250 // for all [asset_types] or returns an error if any of the [asset_types] has no 1251 // relationship support. An unspecified asset types field means all supported 1252 // asset_types. See Introduction to Cloud Asset Inventory 1253 // (https://cloud.google.com/asset-inventory/docs/overview) for all supported 1254 // asset types and relationship types. 1255 RelationshipTypes []string `json:"relationshipTypes,omitempty"` 1256 // ForceSendFields is a list of field names (e.g. "AssetTypes") to 1257 // unconditionally include in API requests. By default, fields with empty or 1258 // default values are omitted from API requests. See 1259 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1260 // details. 1261 ForceSendFields []string `json:"-"` 1262 // NullFields is a list of field names (e.g. "AssetTypes") to include in API 1263 // requests with the JSON null value. By default, fields with empty values are 1264 // omitted from API requests. See 1265 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1266 NullFields []string `json:"-"` 1267 } 1268 1269 func (s *ExportAssetsRequest) MarshalJSON() ([]byte, error) { 1270 type NoMethod ExportAssetsRequest 1271 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1272 } 1273 1274 // Expr: Represents a textual expression in the Common Expression Language 1275 // (CEL) syntax. CEL is a C-like expression language. The syntax and semantics 1276 // of CEL are documented at https://github.com/google/cel-spec. Example 1277 // (Comparison): title: "Summary size limit" description: "Determines if a 1278 // summary is less than 100 chars" expression: "document.summary.size() < 100" 1279 // Example (Equality): title: "Requestor is owner" description: "Determines if 1280 // requestor is the document owner" expression: "document.owner == 1281 // request.auth.claims.email" Example (Logic): title: "Public documents" 1282 // description: "Determine whether the document should be publicly visible" 1283 // expression: "document.type != 'private' && document.type != 'internal'" 1284 // Example (Data Manipulation): title: "Notification string" description: 1285 // "Create a notification string with a timestamp." expression: "'New message 1286 // received at ' + string(document.create_time)" The exact variables and 1287 // functions that may be referenced within an expression are determined by the 1288 // service that evaluates it. See the service documentation for additional 1289 // information. 1290 type Expr struct { 1291 // Description: Optional. Description of the expression. This is a longer text 1292 // which describes the expression, e.g. when hovered over it in a UI. 1293 Description string `json:"description,omitempty"` 1294 // Expression: Textual representation of an expression in Common Expression 1295 // Language syntax. 1296 Expression string `json:"expression,omitempty"` 1297 // Location: Optional. String indicating the location of the expression for 1298 // error reporting, e.g. a file name and a position in the file. 1299 Location string `json:"location,omitempty"` 1300 // Title: Optional. Title for the expression, i.e. a short string describing 1301 // its purpose. This can be used e.g. in UIs which allow to enter the 1302 // expression. 1303 Title string `json:"title,omitempty"` 1304 // ForceSendFields is a list of field names (e.g. "Description") to 1305 // unconditionally include in API requests. By default, fields with empty or 1306 // default values are omitted from API requests. See 1307 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1308 // details. 1309 ForceSendFields []string `json:"-"` 1310 // NullFields is a list of field names (e.g. "Description") to include in API 1311 // requests with the JSON null value. By default, fields with empty values are 1312 // omitted from API requests. See 1313 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1314 NullFields []string `json:"-"` 1315 } 1316 1317 func (s *Expr) MarshalJSON() ([]byte, error) { 1318 type NoMethod Expr 1319 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1320 } 1321 1322 // Feed: An asset feed used to export asset updates to a destinations. An asset 1323 // feed filter controls what updates are exported. The asset feed must be 1324 // created within a project, organization, or folder. Supported destinations 1325 // are: Pub/Sub topics. 1326 type Feed struct { 1327 // AssetNames: A list of the full names of the assets to receive updates. You 1328 // must specify either or both of asset_names and asset_types. Only asset 1329 // updates matching specified asset_names or asset_types are exported to the 1330 // feed. Example: 1331 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 1332 // nce1`. For a list of the full names for supported asset types, see Resource 1333 // name format (/asset-inventory/docs/resource-name-format). 1334 AssetNames []string `json:"assetNames,omitempty"` 1335 // AssetTypes: A list of types of the assets to receive updates. You must 1336 // specify either or both of asset_names and asset_types. Only asset updates 1337 // matching specified asset_names or asset_types are exported to the feed. 1338 // Example: "compute.googleapis.com/Disk" For a list of all supported asset 1339 // types, see Supported asset types 1340 // (/asset-inventory/docs/supported-asset-types). 1341 AssetTypes []string `json:"assetTypes,omitempty"` 1342 // Condition: A condition which determines whether an asset update should be 1343 // published. If specified, an asset will be returned only when the expression 1344 // evaluates to true. When set, `expression` field in the `Expr` must be a 1345 // valid [CEL expression] (https://github.com/google/cel-spec) on a 1346 // TemporalAsset with name `temporal_asset`. Example: a Feed with expression 1347 // ("temporal_asset.deleted == true") will only publish Asset deletions. Other 1348 // fields of `Expr` are optional. See our user guide 1349 // (https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes-with-condition) 1350 // for detailed instructions. 1351 Condition *Expr `json:"condition,omitempty"` 1352 // ContentType: Asset content type. If not specified, no content but the asset 1353 // name and type will be returned. 1354 // 1355 // Possible values: 1356 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 1357 // "RESOURCE" - Resource metadata. 1358 // "IAM_POLICY" - The actual IAM policy set on a resource. 1359 // "ORG_POLICY" - The organization policy set on an asset. 1360 // "ACCESS_POLICY" - The Access Context Manager policy set on an asset. 1361 // "OS_INVENTORY" - The runtime OS Inventory information. 1362 // "RELATIONSHIP" - The related resources. 1363 ContentType string `json:"contentType,omitempty"` 1364 // FeedOutputConfig: Required. Feed output configuration defining where the 1365 // asset updates are published to. 1366 FeedOutputConfig *FeedOutputConfig `json:"feedOutputConfig,omitempty"` 1367 // Name: Required. The format will be 1368 // projects/{project_number}/feeds/{client-assigned_feed_identifier} or 1369 // folders/{folder_number}/feeds/{client-assigned_feed_identifier} or 1370 // organizations/{organization_number}/feeds/{client-assigned_feed_identifier} 1371 // The client-assigned feed identifier must be unique within the parent 1372 // project/folder/organization. 1373 Name string `json:"name,omitempty"` 1374 // RelationshipTypes: A list of relationship types to output, for example: 1375 // `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if 1376 // content_type=RELATIONSHIP. * If specified: it outputs specified relationship 1377 // updates on the [asset_names] or the [asset_types]. It returns an error if 1378 // any of the [relationship_types] doesn't belong to the supported relationship 1379 // types of the [asset_names] or [asset_types], or any of the [asset_names] or 1380 // the [asset_types] doesn't belong to the source types of the 1381 // [relationship_types]. * Otherwise: it outputs the supported relationships of 1382 // the types of [asset_names] and [asset_types] or returns an error if any of 1383 // the [asset_names] or the [asset_types] has no replationship support. See 1384 // Introduction to Cloud Asset Inventory 1385 // (https://cloud.google.com/asset-inventory/docs/overview) for all supported 1386 // asset types and relationship types. 1387 RelationshipTypes []string `json:"relationshipTypes,omitempty"` 1388 1389 // ServerResponse contains the HTTP response code and headers from the server. 1390 googleapi.ServerResponse `json:"-"` 1391 // ForceSendFields is a list of field names (e.g. "AssetNames") to 1392 // unconditionally include in API requests. By default, fields with empty or 1393 // default values are omitted from API requests. See 1394 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1395 // details. 1396 ForceSendFields []string `json:"-"` 1397 // NullFields is a list of field names (e.g. "AssetNames") to include in API 1398 // requests with the JSON null value. By default, fields with empty values are 1399 // omitted from API requests. See 1400 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1401 NullFields []string `json:"-"` 1402 } 1403 1404 func (s *Feed) MarshalJSON() ([]byte, error) { 1405 type NoMethod Feed 1406 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1407 } 1408 1409 // FeedOutputConfig: Output configuration for asset feed destination. 1410 type FeedOutputConfig struct { 1411 // PubsubDestination: Destination on Pub/Sub. 1412 PubsubDestination *PubsubDestination `json:"pubsubDestination,omitempty"` 1413 // ForceSendFields is a list of field names (e.g. "PubsubDestination") to 1414 // unconditionally include in API requests. By default, fields with empty or 1415 // default values are omitted from API requests. See 1416 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1417 // details. 1418 ForceSendFields []string `json:"-"` 1419 // NullFields is a list of field names (e.g. "PubsubDestination") to include in 1420 // API requests with the JSON null value. By default, fields with empty values 1421 // are omitted from API requests. See 1422 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1423 NullFields []string `json:"-"` 1424 } 1425 1426 func (s *FeedOutputConfig) MarshalJSON() ([]byte, error) { 1427 type NoMethod FeedOutputConfig 1428 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1429 } 1430 1431 // GcsDestination: A Cloud Storage location. 1432 type GcsDestination struct { 1433 // Uri: The URI of the Cloud Storage object. It's the same URI that is used by 1434 // gsutil. Example: "gs://bucket_name/object_name". See Viewing and Editing 1435 // Object Metadata 1436 // (https://cloud.google.com/storage/docs/viewing-editing-metadata) for more 1437 // information. If the specified Cloud Storage object already exists and there 1438 // is no hold (https://cloud.google.com/storage/docs/object-holds), it will be 1439 // overwritten with the exported result. 1440 Uri string `json:"uri,omitempty"` 1441 // UriPrefix: The URI prefix of all generated Cloud Storage objects. Example: 1442 // "gs://bucket_name/object_name_prefix". Each object URI is in format: 1443 // "gs://bucket_name/object_name_prefix// and only contains assets for that 1444 // type. starts from 0. Example: 1445 // "gs://bucket_name/object_name_prefix/compute.googleapis.com/Disk/0" is the 1446 // first shard of output objects containing all compute.googleapis.com/Disk 1447 // assets. An INVALID_ARGUMENT error will be returned if file with the same 1448 // name "gs://bucket_name/object_name_prefix" already exists. 1449 UriPrefix string `json:"uriPrefix,omitempty"` 1450 // ForceSendFields is a list of field names (e.g. "Uri") to unconditionally 1451 // include in API requests. By default, fields with empty or default values are 1452 // omitted from API requests. See 1453 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1454 // details. 1455 ForceSendFields []string `json:"-"` 1456 // NullFields is a list of field names (e.g. "Uri") to include in API requests 1457 // with the JSON null value. By default, fields with empty values are omitted 1458 // from API requests. See 1459 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1460 NullFields []string `json:"-"` 1461 } 1462 1463 func (s *GcsDestination) MarshalJSON() ([]byte, error) { 1464 type NoMethod GcsDestination 1465 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1466 } 1467 1468 // GoogleCloudAssetV1Access: An IAM role or permission under analysis. 1469 type GoogleCloudAssetV1Access struct { 1470 // AnalysisState: The analysis state of this access. 1471 AnalysisState *IamPolicyAnalysisState `json:"analysisState,omitempty"` 1472 // Permission: The permission. 1473 Permission string `json:"permission,omitempty"` 1474 // Role: The role. 1475 Role string `json:"role,omitempty"` 1476 // ForceSendFields is a list of field names (e.g. "AnalysisState") to 1477 // unconditionally include in API requests. By default, fields with empty or 1478 // default values are omitted from API requests. See 1479 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1480 // details. 1481 ForceSendFields []string `json:"-"` 1482 // NullFields is a list of field names (e.g. "AnalysisState") to include in API 1483 // requests with the JSON null value. By default, fields with empty values are 1484 // omitted from API requests. See 1485 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1486 NullFields []string `json:"-"` 1487 } 1488 1489 func (s *GoogleCloudAssetV1Access) MarshalJSON() ([]byte, error) { 1490 type NoMethod GoogleCloudAssetV1Access 1491 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1492 } 1493 1494 // GoogleCloudAssetV1AccessControlList: An access control list, derived from 1495 // the above IAM policy binding, which contains a set of resources and 1496 // accesses. May include one item from each set to compose an access control 1497 // entry. NOTICE that there could be multiple access control lists for one IAM 1498 // policy binding. The access control lists are created based on resource and 1499 // access combinations. For example, assume we have the following cases in one 1500 // IAM policy binding: - Permission P1 and P2 apply to resource R1 and R2; - 1501 // Permission P3 applies to resource R2 and R3; This will result in the 1502 // following access control lists: - AccessControlList 1: [R1, R2], [P1, P2] - 1503 // AccessControlList 2: [R2, R3], [P3] 1504 type GoogleCloudAssetV1AccessControlList struct { 1505 // Accesses: The accesses that match one of the following conditions: - The 1506 // access_selector, if it is specified in request; - Otherwise, access 1507 // specifiers reachable from the policy binding's role. 1508 Accesses []*GoogleCloudAssetV1Access `json:"accesses,omitempty"` 1509 // ConditionEvaluation: Condition evaluation for this AccessControlList, if 1510 // there is a condition defined in the above IAM policy binding. 1511 ConditionEvaluation *ConditionEvaluation `json:"conditionEvaluation,omitempty"` 1512 // ResourceEdges: Resource edges of the graph starting from the policy attached 1513 // resource to any descendant resources. The Edge.source_node contains the full 1514 // resource name of a parent resource and Edge.target_node contains the full 1515 // resource name of a child resource. This field is present only if the 1516 // output_resource_edges option is enabled in request. 1517 ResourceEdges []*GoogleCloudAssetV1Edge `json:"resourceEdges,omitempty"` 1518 // Resources: The resources that match one of the following conditions: - The 1519 // resource_selector, if it is specified in request; - Otherwise, resources 1520 // reachable from the policy attached resource. 1521 Resources []*GoogleCloudAssetV1Resource `json:"resources,omitempty"` 1522 // ForceSendFields is a list of field names (e.g. "Accesses") to 1523 // unconditionally include in API requests. By default, fields with empty or 1524 // default values are omitted from API requests. See 1525 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1526 // details. 1527 ForceSendFields []string `json:"-"` 1528 // NullFields is a list of field names (e.g. "Accesses") to include in API 1529 // requests with the JSON null value. By default, fields with empty values are 1530 // omitted from API requests. See 1531 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1532 NullFields []string `json:"-"` 1533 } 1534 1535 func (s *GoogleCloudAssetV1AccessControlList) MarshalJSON() ([]byte, error) { 1536 type NoMethod GoogleCloudAssetV1AccessControlList 1537 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1538 } 1539 1540 // GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset: 1541 // Represents a Google Cloud asset(resource or IAM policy) governed by the 1542 // organization policies of the 1543 // AnalyzeOrgPolicyGovernedAssetsRequest.constraint. 1544 type GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset struct { 1545 // ConsolidatedPolicy: The consolidated policy for the analyzed asset. The 1546 // consolidated policy is computed by merging and evaluating 1547 // AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.policy_bundle. The 1548 // evaluation will respect the organization policy hierarchy rules 1549 // (https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). 1550 ConsolidatedPolicy *AnalyzerOrgPolicy `json:"consolidatedPolicy,omitempty"` 1551 // GovernedIamPolicy: An IAM policy governed by the organization policies of 1552 // the AnalyzeOrgPolicyGovernedAssetsRequest.constraint. 1553 GovernedIamPolicy *GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy `json:"governedIamPolicy,omitempty"` 1554 // GovernedResource: A Google Cloud resource governed by the organization 1555 // policies of the AnalyzeOrgPolicyGovernedAssetsRequest.constraint. 1556 GovernedResource *GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource `json:"governedResource,omitempty"` 1557 // PolicyBundle: The ordered list of all organization policies from the 1558 // AnalyzeOrgPoliciesResponse.OrgPolicyResult.consolidated_policy.attached_resou 1559 // rce to the scope specified in the request. If the constraint is defined with 1560 // default policy, it will also appear in the list. 1561 PolicyBundle []*AnalyzerOrgPolicy `json:"policyBundle,omitempty"` 1562 // ForceSendFields is a list of field names (e.g. "ConsolidatedPolicy") to 1563 // unconditionally include in API requests. By default, fields with empty or 1564 // default values are omitted from API requests. See 1565 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1566 // details. 1567 ForceSendFields []string `json:"-"` 1568 // NullFields is a list of field names (e.g. "ConsolidatedPolicy") to include 1569 // in API requests with the JSON null value. By default, fields with empty 1570 // values are omitted from API requests. See 1571 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1572 NullFields []string `json:"-"` 1573 } 1574 1575 func (s *GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset) MarshalJSON() ([]byte, error) { 1576 type NoMethod GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedAsset 1577 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1578 } 1579 1580 // GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy: 1581 // The IAM policies governed by the organization policies of the 1582 // AnalyzeOrgPolicyGovernedAssetsRequest.constraint. 1583 type GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy struct { 1584 // AssetType: The asset type of the 1585 // AnalyzeOrgPolicyGovernedAssetsResponse.GovernedIamPolicy.attached_resource. 1586 // Example: `cloudresourcemanager.googleapis.com/Project` See Cloud Asset 1587 // Inventory Supported Asset Types 1588 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 1589 // all supported asset types. 1590 AssetType string `json:"assetType,omitempty"` 1591 // AttachedResource: The full resource name of the resource on which this IAM 1592 // policy is set. Example: 1593 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 1594 // nce1`. See Cloud Asset Inventory Resource Name Format 1595 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) for 1596 // more information. 1597 AttachedResource string `json:"attachedResource,omitempty"` 1598 // Folders: The folder(s) that this IAM policy belongs to, in the format of 1599 // folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs 1600 // (directly or cascadingly) to one or more folders. 1601 Folders []string `json:"folders,omitempty"` 1602 // Organization: The organization that this IAM policy belongs to, in the 1603 // format of organizations/{ORGANIZATION_NUMBER}. This field is available when 1604 // the IAM policy belongs (directly or cascadingly) to an organization. 1605 Organization string `json:"organization,omitempty"` 1606 // Policy: The IAM policy directly set on the given resource. 1607 Policy *Policy `json:"policy,omitempty"` 1608 // Project: The project that this IAM policy belongs to, in the format of 1609 // projects/{PROJECT_NUMBER}. This field is available when the IAM policy 1610 // belongs to a project. 1611 Project string `json:"project,omitempty"` 1612 // ForceSendFields is a list of field names (e.g. "AssetType") to 1613 // unconditionally include in API requests. By default, fields with empty or 1614 // default values are omitted from API requests. See 1615 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1616 // details. 1617 ForceSendFields []string `json:"-"` 1618 // NullFields is a list of field names (e.g. "AssetType") to include in API 1619 // requests with the JSON null value. By default, fields with empty values are 1620 // omitted from API requests. See 1621 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1622 NullFields []string `json:"-"` 1623 } 1624 1625 func (s *GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy) MarshalJSON() ([]byte, error) { 1626 type NoMethod GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedIamPolicy 1627 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1628 } 1629 1630 // GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource: 1631 // The Google Cloud resources governed by the organization policies of the 1632 // AnalyzeOrgPolicyGovernedAssetsRequest.constraint. 1633 type GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource struct { 1634 // AssetType: The asset type of the 1635 // AnalyzeOrgPolicyGovernedAssetsResponse.GovernedResource.full_resource_name 1636 // Example: `cloudresourcemanager.googleapis.com/Project` See Cloud Asset 1637 // Inventory Supported Asset Types 1638 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 1639 // all supported asset types. 1640 AssetType string `json:"assetType,omitempty"` 1641 // EffectiveTags: The effective tags on this resource. 1642 EffectiveTags []*EffectiveTagDetails `json:"effectiveTags,omitempty"` 1643 // Folders: The folder(s) that this resource belongs to, in the format of 1644 // folders/{FOLDER_NUMBER}. This field is available when the resource belongs 1645 // (directly or cascadingly) to one or more folders. 1646 Folders []string `json:"folders,omitempty"` 1647 // FullResourceName: The [full resource name] 1648 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the 1649 // Google Cloud resource. 1650 FullResourceName string `json:"fullResourceName,omitempty"` 1651 // Organization: The organization that this resource belongs to, in the format 1652 // of organizations/{ORGANIZATION_NUMBER}. This field is available when the 1653 // resource belongs (directly or cascadingly) to an organization. 1654 Organization string `json:"organization,omitempty"` 1655 // Parent: The [full resource name] 1656 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the 1657 // parent of 1658 // AnalyzeOrgPolicyGovernedAssetsResponse.GovernedResource.full_resource_name. 1659 Parent string `json:"parent,omitempty"` 1660 // Project: The project that this resource belongs to, in the format of 1661 // projects/{PROJECT_NUMBER}. This field is available when the resource belongs 1662 // to a project. 1663 Project string `json:"project,omitempty"` 1664 // ForceSendFields is a list of field names (e.g. "AssetType") to 1665 // unconditionally include in API requests. By default, fields with empty or 1666 // default values are omitted from API requests. See 1667 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1668 // details. 1669 ForceSendFields []string `json:"-"` 1670 // NullFields is a list of field names (e.g. "AssetType") to include in API 1671 // requests with the JSON null value. By default, fields with empty values are 1672 // omitted from API requests. See 1673 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1674 NullFields []string `json:"-"` 1675 } 1676 1677 func (s *GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource) MarshalJSON() ([]byte, error) { 1678 type NoMethod GoogleCloudAssetV1AnalyzeOrgPolicyGovernedAssetsResponseGovernedResource 1679 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1680 } 1681 1682 // GoogleCloudAssetV1BigQueryDestination: A BigQuery destination. 1683 type GoogleCloudAssetV1BigQueryDestination struct { 1684 // Dataset: Required. The BigQuery dataset in format 1685 // "projects/projectId/datasets/datasetId", to which the analysis results 1686 // should be exported. If this dataset does not exist, the export call will 1687 // return an INVALID_ARGUMENT error. 1688 Dataset string `json:"dataset,omitempty"` 1689 // PartitionKey: The partition key for BigQuery partitioned table. 1690 // 1691 // Possible values: 1692 // "PARTITION_KEY_UNSPECIFIED" - Unspecified partition key. Tables won't be 1693 // partitioned using this option. 1694 // "REQUEST_TIME" - The time when the request is received. If specified as 1695 // partition key, the result table(s) is partitoned by the RequestTime column, 1696 // an additional timestamp column representing when the request was received. 1697 PartitionKey string `json:"partitionKey,omitempty"` 1698 // TablePrefix: Required. The prefix of the BigQuery tables to which the 1699 // analysis results will be written. Tables will be created based on this 1700 // table_prefix if not exist: * _analysis table will contain export operation's 1701 // metadata. * _analysis_result will contain all the IamPolicyAnalysisResult. 1702 // When [partition_key] is specified, both tables will be partitioned based on 1703 // the [partition_key]. 1704 TablePrefix string `json:"tablePrefix,omitempty"` 1705 // WriteDisposition: Optional. Specifies the action that occurs if the 1706 // destination table or partition already exists. The following values are 1707 // supported: * WRITE_TRUNCATE: If the table or partition already exists, 1708 // BigQuery overwrites the entire table or all the partitions data. * 1709 // WRITE_APPEND: If the table or partition already exists, BigQuery appends the 1710 // data to the table or the latest partition. * WRITE_EMPTY: If the table 1711 // already exists and contains data, an error is returned. The default value is 1712 // WRITE_APPEND. Each action is atomic and only occurs if BigQuery is able to 1713 // complete the job successfully. Details are at 1714 // https://cloud.google.com/bigquery/docs/loading-data-local#appending_to_or_overwriting_a_table_using_a_local_file. 1715 WriteDisposition string `json:"writeDisposition,omitempty"` 1716 // ForceSendFields is a list of field names (e.g. "Dataset") to unconditionally 1717 // include in API requests. By default, fields with empty or default values are 1718 // omitted from API requests. See 1719 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1720 // details. 1721 ForceSendFields []string `json:"-"` 1722 // NullFields is a list of field names (e.g. "Dataset") to include in API 1723 // requests with the JSON null value. By default, fields with empty values are 1724 // omitted from API requests. See 1725 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1726 NullFields []string `json:"-"` 1727 } 1728 1729 func (s *GoogleCloudAssetV1BigQueryDestination) MarshalJSON() ([]byte, error) { 1730 type NoMethod GoogleCloudAssetV1BigQueryDestination 1731 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1732 } 1733 1734 // GoogleCloudAssetV1BooleanConstraint: A `Constraint` that is either enforced 1735 // or not. For example a constraint 1736 // `constraints/compute.disableSerialPortAccess`. If it is enforced on a VM 1737 // instance, serial port connections will not be opened to that instance. 1738 type GoogleCloudAssetV1BooleanConstraint struct { 1739 } 1740 1741 // GoogleCloudAssetV1Constraint: The definition of a constraint. 1742 type GoogleCloudAssetV1Constraint struct { 1743 // BooleanConstraint: Defines this constraint as being a BooleanConstraint. 1744 BooleanConstraint *GoogleCloudAssetV1BooleanConstraint `json:"booleanConstraint,omitempty"` 1745 // ConstraintDefault: The evaluation behavior of this constraint in the absence 1746 // of 'Policy'. 1747 // 1748 // Possible values: 1749 // "CONSTRAINT_DEFAULT_UNSPECIFIED" - This is only used for distinguishing 1750 // unset values and should never be used. 1751 // "ALLOW" - Indicate that all values are allowed for list constraints. 1752 // Indicate that enforcement is off for boolean constraints. 1753 // "DENY" - Indicate that all values are denied for list constraints. 1754 // Indicate that enforcement is on for boolean constraints. 1755 ConstraintDefault string `json:"constraintDefault,omitempty"` 1756 // Description: Detailed description of what this `Constraint` controls as well 1757 // as how and where it is enforced. 1758 Description string `json:"description,omitempty"` 1759 // DisplayName: The human readable name of the constraint. 1760 DisplayName string `json:"displayName,omitempty"` 1761 // ListConstraint: Defines this constraint as being a ListConstraint. 1762 ListConstraint *GoogleCloudAssetV1ListConstraint `json:"listConstraint,omitempty"` 1763 // Name: The unique name of the constraint. Format of the name should be * 1764 // `constraints/{constraint_name}` For example, 1765 // `constraints/compute.disableSerialPortAccess`. 1766 Name string `json:"name,omitempty"` 1767 // ForceSendFields is a list of field names (e.g. "BooleanConstraint") to 1768 // unconditionally include in API requests. By default, fields with empty or 1769 // default values are omitted from API requests. See 1770 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1771 // details. 1772 ForceSendFields []string `json:"-"` 1773 // NullFields is a list of field names (e.g. "BooleanConstraint") to include in 1774 // API requests with the JSON null value. By default, fields with empty values 1775 // are omitted from API requests. See 1776 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1777 NullFields []string `json:"-"` 1778 } 1779 1780 func (s *GoogleCloudAssetV1Constraint) MarshalJSON() ([]byte, error) { 1781 type NoMethod GoogleCloudAssetV1Constraint 1782 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1783 } 1784 1785 // GoogleCloudAssetV1CustomConstraint: The definition of a custom constraint. 1786 type GoogleCloudAssetV1CustomConstraint struct { 1787 // ActionType: Allow or deny type. 1788 // 1789 // Possible values: 1790 // "ACTION_TYPE_UNSPECIFIED" - Unspecified. Will results in user error. 1791 // "ALLOW" - Allowed action type. 1792 // "DENY" - Deny action type. 1793 ActionType string `json:"actionType,omitempty"` 1794 // Condition: Organization Policy condition/expression. For example: 1795 // `resource.instanceName.matches("[production|test]_.*_(\d)+")'` or, 1796 // `resource.management.auto_upgrade == true` 1797 Condition string `json:"condition,omitempty"` 1798 // Description: Detailed information about this custom policy constraint. 1799 Description string `json:"description,omitempty"` 1800 // DisplayName: One line display name for the UI. 1801 DisplayName string `json:"displayName,omitempty"` 1802 // MethodTypes: All the operations being applied for this constraint. 1803 // 1804 // Possible values: 1805 // "METHOD_TYPE_UNSPECIFIED" - Unspecified. Will results in user error. 1806 // "CREATE" - Constraint applied when creating the resource. 1807 // "UPDATE" - Constraint applied when updating the resource. 1808 // "DELETE" - Constraint applied when deleting the resource. 1809 MethodTypes []string `json:"methodTypes,omitempty"` 1810 // Name: Name of the constraint. This is unique within the organization. Format 1811 // of the name should be * 1812 // `organizations/{organization_id}/customConstraints/{custom_constraint_id}` 1813 // Example : "organizations/123/customConstraints/custom.createOnlyE2TypeVms" 1814 Name string `json:"name,omitempty"` 1815 // ResourceTypes: The Resource Instance type on which this policy applies to. 1816 // Format will be of the form : "/" Example: * 1817 // `compute.googleapis.com/Instance`. 1818 ResourceTypes []string `json:"resourceTypes,omitempty"` 1819 // ForceSendFields is a list of field names (e.g. "ActionType") to 1820 // unconditionally include in API requests. By default, fields with empty or 1821 // default values are omitted from API requests. See 1822 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1823 // details. 1824 ForceSendFields []string `json:"-"` 1825 // NullFields is a list of field names (e.g. "ActionType") to include in API 1826 // requests with the JSON null value. By default, fields with empty values are 1827 // omitted from API requests. See 1828 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1829 NullFields []string `json:"-"` 1830 } 1831 1832 func (s *GoogleCloudAssetV1CustomConstraint) MarshalJSON() ([]byte, error) { 1833 type NoMethod GoogleCloudAssetV1CustomConstraint 1834 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1835 } 1836 1837 // GoogleCloudAssetV1Edge: A directional edge. 1838 type GoogleCloudAssetV1Edge struct { 1839 // SourceNode: The source node of the edge. For example, it could be a full 1840 // resource name for a resource node or an email of an identity. 1841 SourceNode string `json:"sourceNode,omitempty"` 1842 // TargetNode: The target node of the edge. For example, it could be a full 1843 // resource name for a resource node or an email of an identity. 1844 TargetNode string `json:"targetNode,omitempty"` 1845 // ForceSendFields is a list of field names (e.g. "SourceNode") to 1846 // unconditionally include in API requests. By default, fields with empty or 1847 // default values are omitted from API requests. See 1848 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1849 // details. 1850 ForceSendFields []string `json:"-"` 1851 // NullFields is a list of field names (e.g. "SourceNode") to include in API 1852 // requests with the JSON null value. By default, fields with empty values are 1853 // omitted from API requests. See 1854 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1855 NullFields []string `json:"-"` 1856 } 1857 1858 func (s *GoogleCloudAssetV1Edge) MarshalJSON() ([]byte, error) { 1859 type NoMethod GoogleCloudAssetV1Edge 1860 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1861 } 1862 1863 // GoogleCloudAssetV1GcsDestination: A Cloud Storage location. 1864 type GoogleCloudAssetV1GcsDestination struct { 1865 // Uri: Required. The URI of the Cloud Storage object. It's the same URI that 1866 // is used by gsutil. Example: "gs://bucket_name/object_name". See Viewing and 1867 // Editing Object Metadata 1868 // (https://cloud.google.com/storage/docs/viewing-editing-metadata) for more 1869 // information. If the specified Cloud Storage object already exists and there 1870 // is no hold (https://cloud.google.com/storage/docs/object-holds), it will be 1871 // overwritten with the analysis result. 1872 Uri string `json:"uri,omitempty"` 1873 // ForceSendFields is a list of field names (e.g. "Uri") to unconditionally 1874 // include in API requests. By default, fields with empty or default values are 1875 // omitted from API requests. See 1876 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1877 // details. 1878 ForceSendFields []string `json:"-"` 1879 // NullFields is a list of field names (e.g. "Uri") to include in API requests 1880 // with the JSON null value. By default, fields with empty values are omitted 1881 // from API requests. See 1882 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1883 NullFields []string `json:"-"` 1884 } 1885 1886 func (s *GoogleCloudAssetV1GcsDestination) MarshalJSON() ([]byte, error) { 1887 type NoMethod GoogleCloudAssetV1GcsDestination 1888 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1889 } 1890 1891 // GoogleCloudAssetV1GovernedContainer: The organization/folder/project 1892 // resource governed by organization policies of 1893 // AnalyzeOrgPolicyGovernedContainersRequest.constraint. 1894 type GoogleCloudAssetV1GovernedContainer struct { 1895 // ConsolidatedPolicy: The consolidated organization policy for the analyzed 1896 // resource. The consolidated organization policy is computed by merging and 1897 // evaluating 1898 // AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.policy_bundle. 1899 // The evaluation will respect the organization policy hierarchy rules 1900 // (https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). 1901 ConsolidatedPolicy *AnalyzerOrgPolicy `json:"consolidatedPolicy,omitempty"` 1902 // EffectiveTags: The effective tags on this resource. 1903 EffectiveTags []*EffectiveTagDetails `json:"effectiveTags,omitempty"` 1904 // Folders: The folder(s) that this resource belongs to, in the format of 1905 // folders/{FOLDER_NUMBER}. This field is available when the resource belongs 1906 // (directly or cascadingly) to one or more folders. 1907 Folders []string `json:"folders,omitempty"` 1908 // FullResourceName: The [full resource name] 1909 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of an 1910 // organization/folder/project resource. 1911 FullResourceName string `json:"fullResourceName,omitempty"` 1912 // Organization: The organization that this resource belongs to, in the format 1913 // of organizations/{ORGANIZATION_NUMBER}. This field is available when the 1914 // resource belongs (directly or cascadingly) to an organization. 1915 Organization string `json:"organization,omitempty"` 1916 // Parent: The [full resource name] 1917 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the 1918 // parent of 1919 // AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.full_resource_na 1920 // me. 1921 Parent string `json:"parent,omitempty"` 1922 // PolicyBundle: The ordered list of all organization policies from the 1923 // AnalyzeOrgPoliciesResponse.OrgPolicyResult.consolidated_policy.attached_resou 1924 // rce. to the scope specified in the request. If the constraint is defined 1925 // with default policy, it will also appear in the list. 1926 PolicyBundle []*AnalyzerOrgPolicy `json:"policyBundle,omitempty"` 1927 // Project: The project that this resource belongs to, in the format of 1928 // projects/{PROJECT_NUMBER}. This field is available when the resource belongs 1929 // to a project. 1930 Project string `json:"project,omitempty"` 1931 // ForceSendFields is a list of field names (e.g. "ConsolidatedPolicy") to 1932 // unconditionally include in API requests. By default, fields with empty or 1933 // default values are omitted from API requests. See 1934 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1935 // details. 1936 ForceSendFields []string `json:"-"` 1937 // NullFields is a list of field names (e.g. "ConsolidatedPolicy") to include 1938 // in API requests with the JSON null value. By default, fields with empty 1939 // values are omitted from API requests. See 1940 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1941 NullFields []string `json:"-"` 1942 } 1943 1944 func (s *GoogleCloudAssetV1GovernedContainer) MarshalJSON() ([]byte, error) { 1945 type NoMethod GoogleCloudAssetV1GovernedContainer 1946 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1947 } 1948 1949 // GoogleCloudAssetV1Identity: An identity under analysis. 1950 type GoogleCloudAssetV1Identity struct { 1951 // AnalysisState: The analysis state of this identity. 1952 AnalysisState *IamPolicyAnalysisState `json:"analysisState,omitempty"` 1953 // Name: The identity of members, formatted as appear in an IAM policy binding 1954 // (https://cloud.google.com/iam/reference/rest/v1/Binding). For example, they 1955 // might be formatted like the following: - user:foo@google.com - 1956 // group:group1@google.com - serviceAccount:s1@prj1.iam.gserviceaccount.com - 1957 // projectOwner:some_project_id - domain:google.com - allUsers 1958 Name string `json:"name,omitempty"` 1959 // ForceSendFields is a list of field names (e.g. "AnalysisState") to 1960 // unconditionally include in API requests. By default, fields with empty or 1961 // default values are omitted from API requests. See 1962 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1963 // details. 1964 ForceSendFields []string `json:"-"` 1965 // NullFields is a list of field names (e.g. "AnalysisState") to include in API 1966 // requests with the JSON null value. By default, fields with empty values are 1967 // omitted from API requests. See 1968 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 1969 NullFields []string `json:"-"` 1970 } 1971 1972 func (s *GoogleCloudAssetV1Identity) MarshalJSON() ([]byte, error) { 1973 type NoMethod GoogleCloudAssetV1Identity 1974 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 1975 } 1976 1977 // GoogleCloudAssetV1IdentityList: The identities and group edges. 1978 type GoogleCloudAssetV1IdentityList struct { 1979 // GroupEdges: Group identity edges of the graph starting from the binding's 1980 // group members to any node of the identities. The Edge.source_node contains a 1981 // group, such as `group:parent@google.com`. The Edge.target_node contains a 1982 // member of the group, such as `group:child@google.com` or 1983 // `user:foo@google.com`. This field is present only if the output_group_edges 1984 // option is enabled in request. 1985 GroupEdges []*GoogleCloudAssetV1Edge `json:"groupEdges,omitempty"` 1986 // Identities: Only the identities that match one of the following conditions 1987 // will be presented: - The identity_selector, if it is specified in request; - 1988 // Otherwise, identities reachable from the policy binding's members. 1989 Identities []*GoogleCloudAssetV1Identity `json:"identities,omitempty"` 1990 // ForceSendFields is a list of field names (e.g. "GroupEdges") to 1991 // unconditionally include in API requests. By default, fields with empty or 1992 // default values are omitted from API requests. See 1993 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 1994 // details. 1995 ForceSendFields []string `json:"-"` 1996 // NullFields is a list of field names (e.g. "GroupEdges") to include in API 1997 // requests with the JSON null value. By default, fields with empty values are 1998 // omitted from API requests. See 1999 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2000 NullFields []string `json:"-"` 2001 } 2002 2003 func (s *GoogleCloudAssetV1IdentityList) MarshalJSON() ([]byte, error) { 2004 type NoMethod GoogleCloudAssetV1IdentityList 2005 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2006 } 2007 2008 // GoogleCloudAssetV1ListConstraint: A `Constraint` that allows or disallows a 2009 // list of string values, which are configured by an organization's policy 2010 // administrator with a `Policy`. 2011 type GoogleCloudAssetV1ListConstraint struct { 2012 // SupportsIn: Indicates whether values grouped into categories can be used in 2013 // `Policy.allowed_values` and `Policy.denied_values`. For example, 2014 // "in:Python" would match any value in the 'Python' group. 2015 SupportsIn bool `json:"supportsIn,omitempty"` 2016 // SupportsUnder: Indicates whether subtrees of Cloud Resource Manager resource 2017 // hierarchy can be used in `Policy.allowed_values` and `Policy.denied_values`. 2018 // For example, "under:folders/123" would match any resource under the 2019 // 'folders/123' folder. 2020 SupportsUnder bool `json:"supportsUnder,omitempty"` 2021 // ForceSendFields is a list of field names (e.g. "SupportsIn") to 2022 // unconditionally include in API requests. By default, fields with empty or 2023 // default values are omitted from API requests. See 2024 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2025 // details. 2026 ForceSendFields []string `json:"-"` 2027 // NullFields is a list of field names (e.g. "SupportsIn") to include in API 2028 // requests with the JSON null value. By default, fields with empty values are 2029 // omitted from API requests. See 2030 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2031 NullFields []string `json:"-"` 2032 } 2033 2034 func (s *GoogleCloudAssetV1ListConstraint) MarshalJSON() ([]byte, error) { 2035 type NoMethod GoogleCloudAssetV1ListConstraint 2036 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2037 } 2038 2039 // GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination: BigQuery 2040 // destination. 2041 type GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination struct { 2042 // Dataset: Required. The BigQuery dataset where the query results will be 2043 // saved. It has the format of "projects/{projectId}/datasets/{datasetId}". 2044 Dataset string `json:"dataset,omitempty"` 2045 // Table: Required. The BigQuery table where the query results will be saved. 2046 // If this table does not exist, a new table with the given name will be 2047 // created. 2048 Table string `json:"table,omitempty"` 2049 // WriteDisposition: Specifies the action that occurs if the destination table 2050 // or partition already exists. The following values are supported: * 2051 // WRITE_TRUNCATE: If the table or partition already exists, BigQuery 2052 // overwrites the entire table or all the partitions data. * WRITE_APPEND: If 2053 // the table or partition already exists, BigQuery appends the data to the 2054 // table or the latest partition. * WRITE_EMPTY: If the table already exists 2055 // and contains data, a 'duplicate' error is returned in the job result. The 2056 // default value is WRITE_EMPTY. 2057 WriteDisposition string `json:"writeDisposition,omitempty"` 2058 // ForceSendFields is a list of field names (e.g. "Dataset") to unconditionally 2059 // include in API requests. By default, fields with empty or default values are 2060 // omitted from API requests. See 2061 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2062 // details. 2063 ForceSendFields []string `json:"-"` 2064 // NullFields is a list of field names (e.g. "Dataset") to include in API 2065 // requests with the JSON null value. By default, fields with empty values are 2066 // omitted from API requests. See 2067 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2068 NullFields []string `json:"-"` 2069 } 2070 2071 func (s *GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination) MarshalJSON() ([]byte, error) { 2072 type NoMethod GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination 2073 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2074 } 2075 2076 // GoogleCloudAssetV1Resource: A Google Cloud resource under analysis. 2077 type GoogleCloudAssetV1Resource struct { 2078 // AnalysisState: The analysis state of this resource. 2079 AnalysisState *IamPolicyAnalysisState `json:"analysisState,omitempty"` 2080 // FullResourceName: The full resource name 2081 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) 2082 FullResourceName string `json:"fullResourceName,omitempty"` 2083 // ForceSendFields is a list of field names (e.g. "AnalysisState") to 2084 // unconditionally include in API requests. By default, fields with empty or 2085 // default values are omitted from API requests. See 2086 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2087 // details. 2088 ForceSendFields []string `json:"-"` 2089 // NullFields is a list of field names (e.g. "AnalysisState") to include in API 2090 // requests with the JSON null value. By default, fields with empty values are 2091 // omitted from API requests. See 2092 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2093 NullFields []string `json:"-"` 2094 } 2095 2096 func (s *GoogleCloudAssetV1Resource) MarshalJSON() ([]byte, error) { 2097 type NoMethod GoogleCloudAssetV1Resource 2098 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2099 } 2100 2101 // GoogleCloudAssetV1Rule: This rule message is a customized version of the one 2102 // defined in the Organization Policy system. In addition to the fields defined 2103 // in the original organization policy, it contains additional field(s) under 2104 // specific circumstances to support analysis results. 2105 type GoogleCloudAssetV1Rule struct { 2106 // AllowAll: Setting this to true means that all values are allowed. This field 2107 // can be set only in Policies for list constraints. 2108 AllowAll bool `json:"allowAll,omitempty"` 2109 // Condition: The evaluating condition for this rule. 2110 Condition *Expr `json:"condition,omitempty"` 2111 // ConditionEvaluation: The condition evaluation result for this rule. Only 2112 // populated if it meets all the following criteria: * There is a condition 2113 // defined for this rule. * This rule is within 2114 // AnalyzeOrgPolicyGovernedContainersResponse.GovernedContainer.consolidated_pol 2115 // icy, or 2116 // AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.consolidated_policy 2117 // when the AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset has 2118 // AnalyzeOrgPolicyGovernedAssetsResponse.GovernedAsset.governed_resource. 2119 ConditionEvaluation *ConditionEvaluation `json:"conditionEvaluation,omitempty"` 2120 // DenyAll: Setting this to true means that all values are denied. This field 2121 // can be set only in Policies for list constraints. 2122 DenyAll bool `json:"denyAll,omitempty"` 2123 // Enforce: If `true`, then the `Policy` is enforced. If `false`, then any 2124 // configuration is acceptable. This field can be set only in Policies for 2125 // boolean constraints. 2126 Enforce bool `json:"enforce,omitempty"` 2127 // Values: List of values to be used for this policy rule. This field can be 2128 // set only in policies for list constraints. 2129 Values *GoogleCloudAssetV1StringValues `json:"values,omitempty"` 2130 // ForceSendFields is a list of field names (e.g. "AllowAll") to 2131 // unconditionally include in API requests. By default, fields with empty or 2132 // default values are omitted from API requests. See 2133 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2134 // details. 2135 ForceSendFields []string `json:"-"` 2136 // NullFields is a list of field names (e.g. "AllowAll") to include in API 2137 // requests with the JSON null value. By default, fields with empty values are 2138 // omitted from API requests. See 2139 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2140 NullFields []string `json:"-"` 2141 } 2142 2143 func (s *GoogleCloudAssetV1Rule) MarshalJSON() ([]byte, error) { 2144 type NoMethod GoogleCloudAssetV1Rule 2145 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2146 } 2147 2148 // GoogleCloudAssetV1StringValues: The string values for the list constraints. 2149 type GoogleCloudAssetV1StringValues struct { 2150 // AllowedValues: List of values allowed at this resource. 2151 AllowedValues []string `json:"allowedValues,omitempty"` 2152 // DeniedValues: List of values denied at this resource. 2153 DeniedValues []string `json:"deniedValues,omitempty"` 2154 // ForceSendFields is a list of field names (e.g. "AllowedValues") to 2155 // unconditionally include in API requests. By default, fields with empty or 2156 // default values are omitted from API requests. See 2157 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2158 // details. 2159 ForceSendFields []string `json:"-"` 2160 // NullFields is a list of field names (e.g. "AllowedValues") to include in API 2161 // requests with the JSON null value. By default, fields with empty values are 2162 // omitted from API requests. See 2163 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2164 NullFields []string `json:"-"` 2165 } 2166 2167 func (s *GoogleCloudAssetV1StringValues) MarshalJSON() ([]byte, error) { 2168 type NoMethod GoogleCloudAssetV1StringValues 2169 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2170 } 2171 2172 // GoogleCloudAssetV1p7beta1Asset: An asset in Google Cloud. An asset can be 2173 // any resource in the Google Cloud resource hierarchy 2174 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 2175 // a resource outside the Google Cloud resource hierarchy (such as Google 2176 // Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). See 2177 // Supported asset types 2178 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 2179 // more information. 2180 type GoogleCloudAssetV1p7beta1Asset struct { 2181 // AccessLevel: Please also refer to the access level user guide 2182 // (https://cloud.google.com/access-context-manager/docs/overview#access-levels). 2183 AccessLevel *GoogleIdentityAccesscontextmanagerV1AccessLevel `json:"accessLevel,omitempty"` 2184 // AccessPolicy: Please also refer to the access policy user guide 2185 // (https://cloud.google.com/access-context-manager/docs/overview#access-policies). 2186 AccessPolicy *GoogleIdentityAccesscontextmanagerV1AccessPolicy `json:"accessPolicy,omitempty"` 2187 // Ancestors: The ancestry path of an asset in Google Cloud resource hierarchy 2188 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 2189 // represented as a list of relative resource names. An ancestry path starts 2190 // with the closest ancestor in the hierarchy and ends at root. If the asset is 2191 // a project, folder, or organization, the ancestry path starts from the asset 2192 // itself. Example: `["projects/123456789", "folders/5432", 2193 // "organizations/1234"]` 2194 Ancestors []string `json:"ancestors,omitempty"` 2195 // AssetType: The type of the asset. Example: `compute.googleapis.com/Disk` See 2196 // Supported asset types 2197 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 2198 // more information. 2199 AssetType string `json:"assetType,omitempty"` 2200 // IamPolicy: A representation of the IAM policy set on a Google Cloud 2201 // resource. There can be a maximum of one IAM policy set on any given 2202 // resource. In addition, IAM policies inherit their granted access scope from 2203 // any policies set on parent resources in the resource hierarchy. Therefore, 2204 // the effectively policy is the union of both the policy set on this resource 2205 // and each policy set on all of the resource's ancestry resource levels in the 2206 // hierarchy. See this topic 2207 // (https://cloud.google.com/iam/help/allow-policies/inheritance) for more 2208 // information. 2209 IamPolicy *Policy `json:"iamPolicy,omitempty"` 2210 // Name: The full name of the asset. Example: 2211 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 2212 // nce1` See Resource names 2213 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) for 2214 // more information. 2215 Name string `json:"name,omitempty"` 2216 // OrgPolicy: A representation of an organization policy 2217 // (https://cloud.google.com/resource-manager/docs/organization-policy/overview#organization_policy). 2218 // There can be more than one organization policy with different constraints 2219 // set on a given resource. 2220 OrgPolicy []*GoogleCloudOrgpolicyV1Policy `json:"orgPolicy,omitempty"` 2221 // RelatedAssets: The related assets of the asset of one relationship type. One 2222 // asset only represents one type of relationship. 2223 RelatedAssets *GoogleCloudAssetV1p7beta1RelatedAssets `json:"relatedAssets,omitempty"` 2224 // Resource: A representation of the resource. 2225 Resource *GoogleCloudAssetV1p7beta1Resource `json:"resource,omitempty"` 2226 // ServicePerimeter: Please also refer to the service perimeter user guide 2227 // (https://cloud.google.com/vpc-service-controls/docs/overview). 2228 ServicePerimeter *GoogleIdentityAccesscontextmanagerV1ServicePerimeter `json:"servicePerimeter,omitempty"` 2229 // UpdateTime: The last update timestamp of an asset. update_time is updated 2230 // when create/update/delete operation is performed. 2231 UpdateTime string `json:"updateTime,omitempty"` 2232 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 2233 // unconditionally include in API requests. By default, fields with empty or 2234 // default values are omitted from API requests. See 2235 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2236 // details. 2237 ForceSendFields []string `json:"-"` 2238 // NullFields is a list of field names (e.g. "AccessLevel") to include in API 2239 // requests with the JSON null value. By default, fields with empty values are 2240 // omitted from API requests. See 2241 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2242 NullFields []string `json:"-"` 2243 } 2244 2245 func (s *GoogleCloudAssetV1p7beta1Asset) MarshalJSON() ([]byte, error) { 2246 type NoMethod GoogleCloudAssetV1p7beta1Asset 2247 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2248 } 2249 2250 // GoogleCloudAssetV1p7beta1RelatedAsset: An asset identify in Google Cloud 2251 // which contains its name, type and ancestors. An asset can be any resource in 2252 // the Google Cloud resource hierarchy 2253 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 2254 // a resource outside the Google Cloud resource hierarchy (such as Google 2255 // Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). See 2256 // Supported asset types 2257 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 2258 // more information. 2259 type GoogleCloudAssetV1p7beta1RelatedAsset struct { 2260 // Ancestors: The ancestors of an asset in Google Cloud resource hierarchy 2261 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 2262 // represented as a list of relative resource names. An ancestry path starts 2263 // with the closest ancestor in the hierarchy and ends at root. Example: 2264 // `["projects/123456789", "folders/5432", "organizations/1234"]` 2265 Ancestors []string `json:"ancestors,omitempty"` 2266 // Asset: The full name of the asset. Example: 2267 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 2268 // nce1` See Resource names 2269 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) for 2270 // more information. 2271 Asset string `json:"asset,omitempty"` 2272 // AssetType: The type of the asset. Example: `compute.googleapis.com/Disk` See 2273 // Supported asset types 2274 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 2275 // more information. 2276 AssetType string `json:"assetType,omitempty"` 2277 // ForceSendFields is a list of field names (e.g. "Ancestors") to 2278 // unconditionally include in API requests. By default, fields with empty or 2279 // default values are omitted from API requests. See 2280 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2281 // details. 2282 ForceSendFields []string `json:"-"` 2283 // NullFields is a list of field names (e.g. "Ancestors") to include in API 2284 // requests with the JSON null value. By default, fields with empty values are 2285 // omitted from API requests. See 2286 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2287 NullFields []string `json:"-"` 2288 } 2289 2290 func (s *GoogleCloudAssetV1p7beta1RelatedAsset) MarshalJSON() ([]byte, error) { 2291 type NoMethod GoogleCloudAssetV1p7beta1RelatedAsset 2292 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2293 } 2294 2295 // GoogleCloudAssetV1p7beta1RelatedAssets: The detailed related assets with the 2296 // `relationship_type`. 2297 type GoogleCloudAssetV1p7beta1RelatedAssets struct { 2298 // Assets: The peer resources of the relationship. 2299 Assets []*GoogleCloudAssetV1p7beta1RelatedAsset `json:"assets,omitempty"` 2300 // RelationshipAttributes: The detailed relation attributes. 2301 RelationshipAttributes *GoogleCloudAssetV1p7beta1RelationshipAttributes `json:"relationshipAttributes,omitempty"` 2302 // ForceSendFields is a list of field names (e.g. "Assets") to unconditionally 2303 // include in API requests. By default, fields with empty or default values are 2304 // omitted from API requests. See 2305 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2306 // details. 2307 ForceSendFields []string `json:"-"` 2308 // NullFields is a list of field names (e.g. "Assets") to include in API 2309 // requests with the JSON null value. By default, fields with empty values are 2310 // omitted from API requests. See 2311 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2312 NullFields []string `json:"-"` 2313 } 2314 2315 func (s *GoogleCloudAssetV1p7beta1RelatedAssets) MarshalJSON() ([]byte, error) { 2316 type NoMethod GoogleCloudAssetV1p7beta1RelatedAssets 2317 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2318 } 2319 2320 // GoogleCloudAssetV1p7beta1RelationshipAttributes: The relationship attributes 2321 // which include `type`, `source_resource_type`, `target_resource_type` and 2322 // `action`. 2323 type GoogleCloudAssetV1p7beta1RelationshipAttributes struct { 2324 // Action: The detail of the relationship, e.g. `contains`, `attaches` 2325 Action string `json:"action,omitempty"` 2326 // SourceResourceType: The source asset type. Example: 2327 // `compute.googleapis.com/Instance` 2328 SourceResourceType string `json:"sourceResourceType,omitempty"` 2329 // TargetResourceType: The target asset type. Example: 2330 // `compute.googleapis.com/Disk` 2331 TargetResourceType string `json:"targetResourceType,omitempty"` 2332 // Type: The unique identifier of the relationship type. Example: 2333 // `INSTANCE_TO_INSTANCEGROUP` 2334 Type string `json:"type,omitempty"` 2335 // ForceSendFields is a list of field names (e.g. "Action") to unconditionally 2336 // include in API requests. By default, fields with empty or default values are 2337 // omitted from API requests. See 2338 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2339 // details. 2340 ForceSendFields []string `json:"-"` 2341 // NullFields is a list of field names (e.g. "Action") to include in API 2342 // requests with the JSON null value. By default, fields with empty values are 2343 // omitted from API requests. See 2344 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2345 NullFields []string `json:"-"` 2346 } 2347 2348 func (s *GoogleCloudAssetV1p7beta1RelationshipAttributes) MarshalJSON() ([]byte, error) { 2349 type NoMethod GoogleCloudAssetV1p7beta1RelationshipAttributes 2350 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2351 } 2352 2353 // GoogleCloudAssetV1p7beta1Resource: A representation of a Google Cloud 2354 // resource. 2355 type GoogleCloudAssetV1p7beta1Resource struct { 2356 // Data: The content of the resource, in which some sensitive fields are 2357 // removed and may not be present. 2358 Data googleapi.RawMessage `json:"data,omitempty"` 2359 // DiscoveryDocumentUri: The URL of the discovery document containing the 2360 // resource's JSON schema. Example: 2361 // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This value is 2362 // unspecified for resources that do not have an API based on a discovery 2363 // document, such as Cloud Bigtable. 2364 DiscoveryDocumentUri string `json:"discoveryDocumentUri,omitempty"` 2365 // DiscoveryName: The JSON schema name listed in the discovery document. 2366 // Example: `Project` This value is unspecified for resources that do not have 2367 // an API based on a discovery document, such as Cloud Bigtable. 2368 DiscoveryName string `json:"discoveryName,omitempty"` 2369 // Location: The location of the resource in Google Cloud, such as its zone and 2370 // region. For more information, see https://cloud.google.com/about/locations/. 2371 Location string `json:"location,omitempty"` 2372 // Parent: The full name of the immediate parent of this resource. See Resource 2373 // Names 2374 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) for 2375 // more information. For Google Cloud assets, this value is the parent resource 2376 // defined in the IAM policy hierarchy 2377 // (https://cloud.google.com/iam/docs/overview#policy_hierarchy). Example: 2378 // `//cloudresourcemanager.googleapis.com/projects/my_project_123` For 2379 // third-party assets, this field may be set differently. 2380 Parent string `json:"parent,omitempty"` 2381 // ResourceUrl: The REST URL for accessing the resource. An HTTP `GET` request 2382 // using this URL returns the resource itself. Example: 2383 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` 2384 // This value is unspecified for resources without a REST API. 2385 ResourceUrl string `json:"resourceUrl,omitempty"` 2386 // Version: The API version. Example: `v1` 2387 Version string `json:"version,omitempty"` 2388 // ForceSendFields is a list of field names (e.g. "Data") to unconditionally 2389 // include in API requests. By default, fields with empty or default values are 2390 // omitted from API requests. See 2391 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2392 // details. 2393 ForceSendFields []string `json:"-"` 2394 // NullFields is a list of field names (e.g. "Data") to include in API requests 2395 // with the JSON null value. By default, fields with empty values are omitted 2396 // from API requests. See 2397 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2398 NullFields []string `json:"-"` 2399 } 2400 2401 func (s *GoogleCloudAssetV1p7beta1Resource) MarshalJSON() ([]byte, error) { 2402 type NoMethod GoogleCloudAssetV1p7beta1Resource 2403 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2404 } 2405 2406 // GoogleCloudOrgpolicyV1BooleanPolicy: Used in `policy_type` to specify how 2407 // `boolean_policy` will behave at this resource. 2408 type GoogleCloudOrgpolicyV1BooleanPolicy struct { 2409 // Enforced: If `true`, then the `Policy` is enforced. If `false`, then any 2410 // configuration is acceptable. Suppose you have a `Constraint` 2411 // `constraints/compute.disableSerialPortAccess` with `constraint_default` set 2412 // to `ALLOW`. A `Policy` for that `Constraint` exhibits the following 2413 // behavior: - If the `Policy` at this resource has enforced set to `false`, 2414 // serial port connection attempts will be allowed. - If the `Policy` at this 2415 // resource has enforced set to `true`, serial port connection attempts will be 2416 // refused. - If the `Policy` at this resource is `RestoreDefault`, serial port 2417 // connection attempts will be allowed. - If no `Policy` is set at this 2418 // resource or anywhere higher in the resource hierarchy, serial port 2419 // connection attempts will be allowed. - If no `Policy` is set at this 2420 // resource, but one exists higher in the resource hierarchy, the behavior is 2421 // as if the`Policy` were set at this resource. The following examples 2422 // demonstrate the different possible layerings: Example 1 (nearest 2423 // `Constraint` wins): `organizations/foo` has a `Policy` with: {enforced: 2424 // false} `projects/bar` has no `Policy` set. The constraint at `projects/bar` 2425 // and `organizations/foo` will not be enforced. Example 2 (enforcement gets 2426 // replaced): `organizations/foo` has a `Policy` with: {enforced: false} 2427 // `projects/bar` has a `Policy` with: {enforced: true} The constraint at 2428 // `organizations/foo` is not enforced. The constraint at `projects/bar` is 2429 // enforced. Example 3 (RestoreDefault): `organizations/foo` has a `Policy` 2430 // with: {enforced: true} `projects/bar` has a `Policy` with: {RestoreDefault: 2431 // {}} The constraint at `organizations/foo` is enforced. The constraint at 2432 // `projects/bar` is not enforced, because `constraint_default` for the 2433 // `Constraint` is `ALLOW`. 2434 Enforced bool `json:"enforced,omitempty"` 2435 // ForceSendFields is a list of field names (e.g. "Enforced") to 2436 // unconditionally include in API requests. By default, fields with empty or 2437 // default values are omitted from API requests. See 2438 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2439 // details. 2440 ForceSendFields []string `json:"-"` 2441 // NullFields is a list of field names (e.g. "Enforced") to include in API 2442 // requests with the JSON null value. By default, fields with empty values are 2443 // omitted from API requests. See 2444 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2445 NullFields []string `json:"-"` 2446 } 2447 2448 func (s *GoogleCloudOrgpolicyV1BooleanPolicy) MarshalJSON() ([]byte, error) { 2449 type NoMethod GoogleCloudOrgpolicyV1BooleanPolicy 2450 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2451 } 2452 2453 // GoogleCloudOrgpolicyV1ListPolicy: Used in `policy_type` to specify how 2454 // `list_policy` behaves at this resource. `ListPolicy` can define specific 2455 // values and subtrees of Cloud Resource Manager resource hierarchy 2456 // (`Organizations`, `Folders`, `Projects`) that are allowed or denied by 2457 // setting the `allowed_values` and `denied_values` fields. This is achieved by 2458 // using the `under:` and optional `is:` prefixes. The `under:` prefix is used 2459 // to denote resource subtree values. The `is:` prefix is used to denote 2460 // specific values, and is required only if the value contains a ":". Values 2461 // prefixed with "is:" are treated the same as values with no prefix. Ancestry 2462 // subtrees must be in one of the following formats: - "projects/", e.g. 2463 // "projects/tokyo-rain-123" - "folders/", e.g. "folders/1234" - 2464 // "organizations/", e.g. "organizations/1234" The `supports_under` field of 2465 // the associated `Constraint` defines whether ancestry prefixes can be used. 2466 // You can set `allowed_values` and `denied_values` in the same `Policy` if 2467 // `all_values` is `ALL_VALUES_UNSPECIFIED`. `ALLOW` or `DENY` are used to 2468 // allow or deny all values. If `all_values` is set to either `ALLOW` or 2469 // `DENY`, `allowed_values` and `denied_values` must be unset. 2470 type GoogleCloudOrgpolicyV1ListPolicy struct { 2471 // AllValues: The policy all_values state. 2472 // 2473 // Possible values: 2474 // "ALL_VALUES_UNSPECIFIED" - Indicates that allowed_values or denied_values 2475 // must be set. 2476 // "ALLOW" - A policy with this set allows all values. 2477 // "DENY" - A policy with this set denies all values. 2478 AllValues string `json:"allValues,omitempty"` 2479 // AllowedValues: List of values allowed at this resource. Can only be set if 2480 // `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 2481 AllowedValues []string `json:"allowedValues,omitempty"` 2482 // DeniedValues: List of values denied at this resource. Can only be set if 2483 // `all_values` is set to `ALL_VALUES_UNSPECIFIED`. 2484 DeniedValues []string `json:"deniedValues,omitempty"` 2485 // InheritFromParent: Determines the inheritance behavior for this `Policy`. By 2486 // default, a `ListPolicy` set at a resource supersedes any `Policy` set 2487 // anywhere up the resource hierarchy. However, if `inherit_from_parent` is set 2488 // to `true`, then the values from the effective `Policy` of the parent 2489 // resource are inherited, meaning the values set in this `Policy` are added to 2490 // the values inherited up the hierarchy. Setting `Policy` hierarchies that 2491 // inherit both allowed values and denied values isn't recommended in most 2492 // circumstances to keep the configuration simple and understandable. However, 2493 // it is possible to set a `Policy` with `allowed_values` set that inherits a 2494 // `Policy` with `denied_values` set. In this case, the values that are allowed 2495 // must be in `allowed_values` and not present in `denied_values`. For example, 2496 // suppose you have a `Constraint` `constraints/serviceuser.services`, which 2497 // has a `constraint_type` of `list_constraint`, and with `constraint_default` 2498 // set to `ALLOW`. Suppose that at the Organization level, a `Policy` is 2499 // applied that restricts the allowed API activations to {`E1`, `E2`}. Then, if 2500 // a `Policy` is applied to a project below the Organization that has 2501 // `inherit_from_parent` set to `false` and field all_values set to DENY, then 2502 // an attempt to activate any API will be denied. The following examples 2503 // demonstrate different possible layerings for `projects/bar` parented by 2504 // `organizations/foo`: Example 1 (no inherited values): `organizations/foo` 2505 // has a `Policy` with values: {allowed_values: "E1" allowed_values:"E2"} 2506 // `projects/bar` has `inherit_from_parent` `false` and values: 2507 // {allowed_values: "E3" allowed_values: "E4"} The accepted values at 2508 // `organizations/foo` are `E1`, `E2`. The accepted values at `projects/bar` 2509 // are `E3`, and `E4`. Example 2 (inherited values): `organizations/foo` has a 2510 // `Policy` with values: {allowed_values: "E1" allowed_values:"E2"} 2511 // `projects/bar` has a `Policy` with values: {value: "E3" value: "E4" 2512 // inherit_from_parent: true} The accepted values at `organizations/foo` are 2513 // `E1`, `E2`. The accepted values at `projects/bar` are `E1`, `E2`, `E3`, and 2514 // `E4`. Example 3 (inheriting both allowed and denied values): 2515 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 2516 // allowed_values: "E2"} `projects/bar` has a `Policy` with: {denied_values: 2517 // "E1"} The accepted values at `organizations/foo` are `E1`, `E2`. The value 2518 // accepted at `projects/bar` is `E2`. Example 4 (RestoreDefault): 2519 // `organizations/foo` has a `Policy` with values: {allowed_values: "E1" 2520 // allowed_values:"E2"} `projects/bar` has a `Policy` with values: 2521 // {RestoreDefault: {}} The accepted values at `organizations/foo` are `E1`, 2522 // `E2`. The accepted values at `projects/bar` are either all or none depending 2523 // on the value of `constraint_default` (if `ALLOW`, all; if `DENY`, none). 2524 // Example 5 (no policy inherits parent policy): `organizations/foo` has no 2525 // `Policy` set. `projects/bar` has no `Policy` set. The accepted values at 2526 // both levels are either all or none depending on the value of 2527 // `constraint_default` (if `ALLOW`, all; if `DENY`, none). Example 6 2528 // (ListConstraint allowing all): `organizations/foo` has a `Policy` with 2529 // values: {allowed_values: "E1" allowed_values: "E2"} `projects/bar` has a 2530 // `Policy` with: {all: ALLOW} The accepted values at `organizations/foo` are 2531 // `E1`, E2`. Any value is accepted at `projects/bar`. Example 7 2532 // (ListConstraint allowing none): `organizations/foo` has a `Policy` with 2533 // values: {allowed_values: "E1" allowed_values: "E2"} `projects/bar` has a 2534 // `Policy` with: {all: DENY} The accepted values at `organizations/foo` are 2535 // `E1`, E2`. No value is accepted at `projects/bar`. Example 10 (allowed and 2536 // denied subtrees of Resource Manager hierarchy): Given the following resource 2537 // hierarchy O1->{F1, F2}; F1->{P1}; F2->{P2, P3}, `organizations/foo` has a 2538 // `Policy` with values: {allowed_values: "under:organizations/O1"} 2539 // `projects/bar` has a `Policy` with: {allowed_values: "under:projects/P3"} 2540 // {denied_values: "under:folders/F2"} The accepted values at 2541 // `organizations/foo` are `organizations/O1`, `folders/F1`, `folders/F2`, 2542 // `projects/P1`, `projects/P2`, `projects/P3`. The accepted values at 2543 // `projects/bar` are `organizations/O1`, `folders/F1`, `projects/P1`. 2544 InheritFromParent bool `json:"inheritFromParent,omitempty"` 2545 // SuggestedValue: Optional. The Google Cloud Console will try to default to a 2546 // configuration that matches the value specified in this `Policy`. If 2547 // `suggested_value` is not set, it will inherit the value specified higher in 2548 // the hierarchy, unless `inherit_from_parent` is `false`. 2549 SuggestedValue string `json:"suggestedValue,omitempty"` 2550 // ForceSendFields is a list of field names (e.g. "AllValues") to 2551 // unconditionally include in API requests. By default, fields with empty or 2552 // default values are omitted from API requests. See 2553 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2554 // details. 2555 ForceSendFields []string `json:"-"` 2556 // NullFields is a list of field names (e.g. "AllValues") to include in API 2557 // requests with the JSON null value. By default, fields with empty values are 2558 // omitted from API requests. See 2559 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2560 NullFields []string `json:"-"` 2561 } 2562 2563 func (s *GoogleCloudOrgpolicyV1ListPolicy) MarshalJSON() ([]byte, error) { 2564 type NoMethod GoogleCloudOrgpolicyV1ListPolicy 2565 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2566 } 2567 2568 // GoogleCloudOrgpolicyV1Policy: Defines a Cloud Organization `Policy` which is 2569 // used to specify `Constraints` for configurations of Cloud Platform 2570 // resources. 2571 type GoogleCloudOrgpolicyV1Policy struct { 2572 // BooleanPolicy: For boolean `Constraints`, whether to enforce the 2573 // `Constraint` or not. 2574 BooleanPolicy *GoogleCloudOrgpolicyV1BooleanPolicy `json:"booleanPolicy,omitempty"` 2575 // Constraint: The name of the `Constraint` the `Policy` is configuring, for 2576 // example, `constraints/serviceuser.services`. A list of available constraints 2577 // (/resource-manager/docs/organization-policy/org-policy-constraints) is 2578 // available. Immutable after creation. 2579 Constraint string `json:"constraint,omitempty"` 2580 // Etag: An opaque tag indicating the current version of the `Policy`, used for 2581 // concurrency control. When the `Policy` is returned from either a `GetPolicy` 2582 // or a `ListOrgPolicy` request, this `etag` indicates the version of the 2583 // current `Policy` to use when executing a read-modify-write loop. When the 2584 // `Policy` is returned from a `GetEffectivePolicy` request, the `etag` will be 2585 // unset. When the `Policy` is used in a `SetOrgPolicy` method, use the `etag` 2586 // value that was returned from a `GetOrgPolicy` request as part of a 2587 // read-modify-write loop for concurrency control. Not setting the `etag`in a 2588 // `SetOrgPolicy` request will result in an unconditional write of the 2589 // `Policy`. 2590 Etag string `json:"etag,omitempty"` 2591 // ListPolicy: List of values either allowed or disallowed. 2592 ListPolicy *GoogleCloudOrgpolicyV1ListPolicy `json:"listPolicy,omitempty"` 2593 // RestoreDefault: Restores the default behavior of the constraint; independent 2594 // of `Constraint` type. 2595 RestoreDefault *GoogleCloudOrgpolicyV1RestoreDefault `json:"restoreDefault,omitempty"` 2596 // UpdateTime: The time stamp the `Policy` was previously updated. This is set 2597 // by the server, not specified by the caller, and represents the last time a 2598 // call to `SetOrgPolicy` was made for that `Policy`. Any value set by the 2599 // client will be ignored. 2600 UpdateTime string `json:"updateTime,omitempty"` 2601 // Version: Version of the `Policy`. Default version is 0; 2602 Version int64 `json:"version,omitempty"` 2603 // ForceSendFields is a list of field names (e.g. "BooleanPolicy") to 2604 // unconditionally include in API requests. By default, fields with empty or 2605 // default values are omitted from API requests. See 2606 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2607 // details. 2608 ForceSendFields []string `json:"-"` 2609 // NullFields is a list of field names (e.g. "BooleanPolicy") to include in API 2610 // requests with the JSON null value. By default, fields with empty values are 2611 // omitted from API requests. See 2612 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2613 NullFields []string `json:"-"` 2614 } 2615 2616 func (s *GoogleCloudOrgpolicyV1Policy) MarshalJSON() ([]byte, error) { 2617 type NoMethod GoogleCloudOrgpolicyV1Policy 2618 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2619 } 2620 2621 // GoogleCloudOrgpolicyV1RestoreDefault: Ignores policies set above this 2622 // resource and restores the `constraint_default` enforcement behavior of the 2623 // specific `Constraint` at this resource. Suppose that `constraint_default` is 2624 // set to `ALLOW` for the `Constraint` `constraints/serviceuser.services`. 2625 // Suppose that organization foo.com sets a `Policy` at their Organization 2626 // resource node that restricts the allowed service activations to deny all 2627 // service activations. They could then set a `Policy` with the `policy_type` 2628 // `restore_default` on several experimental projects, restoring the 2629 // `constraint_default` enforcement of the `Constraint` for only those 2630 // projects, allowing those projects to have all services activated. 2631 type GoogleCloudOrgpolicyV1RestoreDefault struct { 2632 } 2633 2634 // GoogleIdentityAccesscontextmanagerV1AccessLevel: An `AccessLevel` is a label 2635 // that can be applied to requests to Google Cloud services, along with a list 2636 // of requirements necessary for the label to be applied. 2637 type GoogleIdentityAccesscontextmanagerV1AccessLevel struct { 2638 // Basic: A `BasicLevel` composed of `Conditions`. 2639 Basic *GoogleIdentityAccesscontextmanagerV1BasicLevel `json:"basic,omitempty"` 2640 // Custom: A `CustomLevel` written in the Common Expression Language. 2641 Custom *GoogleIdentityAccesscontextmanagerV1CustomLevel `json:"custom,omitempty"` 2642 // Description: Description of the `AccessLevel` and its use. Does not affect 2643 // behavior. 2644 Description string `json:"description,omitempty"` 2645 // Name: Resource name for the `AccessLevel`. Format: 2646 // `accessPolicies/{access_policy}/accessLevels/{access_level}`. The 2647 // `access_level` component must begin with a letter, followed by alphanumeric 2648 // characters or `_`. Its maximum length is 50 characters. After you create an 2649 // `AccessLevel`, you cannot change its `name`. 2650 Name string `json:"name,omitempty"` 2651 // Title: Human readable title. Must be unique within the Policy. 2652 Title string `json:"title,omitempty"` 2653 // ForceSendFields is a list of field names (e.g. "Basic") to unconditionally 2654 // include in API requests. By default, fields with empty or default values are 2655 // omitted from API requests. See 2656 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2657 // details. 2658 ForceSendFields []string `json:"-"` 2659 // NullFields is a list of field names (e.g. "Basic") to include in API 2660 // requests with the JSON null value. By default, fields with empty values are 2661 // omitted from API requests. See 2662 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2663 NullFields []string `json:"-"` 2664 } 2665 2666 func (s *GoogleIdentityAccesscontextmanagerV1AccessLevel) MarshalJSON() ([]byte, error) { 2667 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessLevel 2668 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2669 } 2670 2671 // GoogleIdentityAccesscontextmanagerV1AccessPolicy: `AccessPolicy` is a 2672 // container for `AccessLevels` (which define the necessary attributes to use 2673 // Google Cloud services) and `ServicePerimeters` (which define regions of 2674 // services able to freely pass data within a perimeter). An access policy is 2675 // globally visible within an organization, and the restrictions it specifies 2676 // apply to all projects within an organization. 2677 type GoogleIdentityAccesscontextmanagerV1AccessPolicy struct { 2678 // Etag: Output only. An opaque identifier for the current version of the 2679 // `AccessPolicy`. This will always be a strongly validated etag, meaning that 2680 // two Access Polices will be identical if and only if their etags are 2681 // identical. Clients should not expect this to be in any specific format. 2682 Etag string `json:"etag,omitempty"` 2683 // Name: Output only. Resource name of the `AccessPolicy`. Format: 2684 // `accessPolicies/{access_policy}` 2685 Name string `json:"name,omitempty"` 2686 // Parent: Required. The parent of this `AccessPolicy` in the Cloud Resource 2687 // Hierarchy. Currently immutable once created. Format: 2688 // `organizations/{organization_id}` 2689 Parent string `json:"parent,omitempty"` 2690 // Scopes: The scopes of the AccessPolicy. Scopes define which resources a 2691 // policy can restrict and where its resources can be referenced. For example, 2692 // policy A with `scopes=["folders/123"]` has the following behavior: - 2693 // ServicePerimeter can only restrict projects within `folders/123`. - 2694 // ServicePerimeter within policy A can only reference access levels defined 2695 // within policy A. - Only one policy can include a given scope; thus, 2696 // attempting to create a second policy which includes `folders/123` will 2697 // result in an error. If no scopes are provided, then any resource within the 2698 // organization can be restricted. Scopes cannot be modified after a policy is 2699 // created. Policies can only have a single scope. Format: list of 2700 // `folders/{folder_number}` or `projects/{project_number}` 2701 Scopes []string `json:"scopes,omitempty"` 2702 // Title: Required. Human readable title. Does not affect behavior. 2703 Title string `json:"title,omitempty"` 2704 // ForceSendFields is a list of field names (e.g. "Etag") to unconditionally 2705 // include in API requests. By default, fields with empty or default values are 2706 // omitted from API requests. See 2707 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2708 // details. 2709 ForceSendFields []string `json:"-"` 2710 // NullFields is a list of field names (e.g. "Etag") to include in API requests 2711 // with the JSON null value. By default, fields with empty values are omitted 2712 // from API requests. See 2713 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2714 NullFields []string `json:"-"` 2715 } 2716 2717 func (s *GoogleIdentityAccesscontextmanagerV1AccessPolicy) MarshalJSON() ([]byte, error) { 2718 type NoMethod GoogleIdentityAccesscontextmanagerV1AccessPolicy 2719 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2720 } 2721 2722 // GoogleIdentityAccesscontextmanagerV1ApiOperation: Identification for an API 2723 // Operation. 2724 type GoogleIdentityAccesscontextmanagerV1ApiOperation struct { 2725 // MethodSelectors: API methods or permissions to allow. Method or permission 2726 // must belong to the service specified by `service_name` field. A single 2727 // MethodSelector entry with `*` specified for the `method` field will allow 2728 // all methods AND permissions for the service specified in `service_name`. 2729 MethodSelectors []*GoogleIdentityAccesscontextmanagerV1MethodSelector `json:"methodSelectors,omitempty"` 2730 // ServiceName: The name of the API whose methods or permissions the 2731 // IngressPolicy or EgressPolicy want to allow. A single ApiOperation with 2732 // `service_name` field set to `*` will allow all methods AND permissions for 2733 // all services. 2734 ServiceName string `json:"serviceName,omitempty"` 2735 // ForceSendFields is a list of field names (e.g. "MethodSelectors") to 2736 // unconditionally include in API requests. By default, fields with empty or 2737 // default values are omitted from API requests. See 2738 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2739 // details. 2740 ForceSendFields []string `json:"-"` 2741 // NullFields is a list of field names (e.g. "MethodSelectors") to include in 2742 // API requests with the JSON null value. By default, fields with empty values 2743 // are omitted from API requests. See 2744 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2745 NullFields []string `json:"-"` 2746 } 2747 2748 func (s *GoogleIdentityAccesscontextmanagerV1ApiOperation) MarshalJSON() ([]byte, error) { 2749 type NoMethod GoogleIdentityAccesscontextmanagerV1ApiOperation 2750 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2751 } 2752 2753 // GoogleIdentityAccesscontextmanagerV1BasicLevel: `BasicLevel` is an 2754 // `AccessLevel` using a set of recommended features. 2755 type GoogleIdentityAccesscontextmanagerV1BasicLevel struct { 2756 // CombiningFunction: How the `conditions` list should be combined to determine 2757 // if a request is granted this `AccessLevel`. If AND is used, each `Condition` 2758 // in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR 2759 // is used, at least one `Condition` in `conditions` must be satisfied for the 2760 // `AccessLevel` to be applied. Default behavior is AND. 2761 // 2762 // Possible values: 2763 // "AND" - All `Conditions` must be true for the `BasicLevel` to be true. 2764 // "OR" - If at least one `Condition` is true, then the `BasicLevel` is true. 2765 CombiningFunction string `json:"combiningFunction,omitempty"` 2766 // Conditions: Required. A list of requirements for the `AccessLevel` to be 2767 // granted. 2768 Conditions []*GoogleIdentityAccesscontextmanagerV1Condition `json:"conditions,omitempty"` 2769 // ForceSendFields is a list of field names (e.g. "CombiningFunction") to 2770 // unconditionally include in API requests. By default, fields with empty or 2771 // default values are omitted from API requests. See 2772 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2773 // details. 2774 ForceSendFields []string `json:"-"` 2775 // NullFields is a list of field names (e.g. "CombiningFunction") to include in 2776 // API requests with the JSON null value. By default, fields with empty values 2777 // are omitted from API requests. See 2778 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2779 NullFields []string `json:"-"` 2780 } 2781 2782 func (s *GoogleIdentityAccesscontextmanagerV1BasicLevel) MarshalJSON() ([]byte, error) { 2783 type NoMethod GoogleIdentityAccesscontextmanagerV1BasicLevel 2784 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2785 } 2786 2787 // GoogleIdentityAccesscontextmanagerV1Condition: A condition necessary for an 2788 // `AccessLevel` to be granted. The Condition is an AND over its fields. So a 2789 // Condition is true if: 1) the request IP is from one of the listed 2790 // subnetworks AND 2) the originating device complies with the listed device 2791 // policy AND 3) all listed access levels are granted AND 4) the request was 2792 // sent at a time allowed by the DateTimeRestriction. 2793 type GoogleIdentityAccesscontextmanagerV1Condition struct { 2794 // DevicePolicy: Device specific restrictions, all restrictions must hold for 2795 // the Condition to be true. If not specified, all devices are allowed. 2796 DevicePolicy *GoogleIdentityAccesscontextmanagerV1DevicePolicy `json:"devicePolicy,omitempty"` 2797 // IpSubnetworks: CIDR block IP subnetwork specification. May be IPv4 or IPv6. 2798 // Note that for a CIDR IP address block, the specified IP address portion must 2799 // be properly truncated (i.e. all the host bits must be zero) or the input is 2800 // considered malformed. For example, "192.0.2.0/24" is accepted but 2801 // "192.0.2.1/24" is not. Similarly, for IPv6, "2001:db8::/32" is accepted 2802 // whereas "2001:db8::1/32" is not. The originating IP of a request must be in 2803 // one of the listed subnets in order for this Condition to be true. If empty, 2804 // all IP addresses are allowed. 2805 IpSubnetworks []string `json:"ipSubnetworks,omitempty"` 2806 // Members: The request must be made by one of the provided user or service 2807 // accounts. Groups are not supported. Syntax: `user:{emailid}` 2808 // `serviceAccount:{emailid}` If not specified, a request may come from any 2809 // user. 2810 Members []string `json:"members,omitempty"` 2811 // Negate: Whether to negate the Condition. If true, the Condition becomes a 2812 // NAND over its non-empty fields. Any non-empty field criteria evaluating to 2813 // false will result in the Condition to be satisfied. Defaults to false. 2814 Negate bool `json:"negate,omitempty"` 2815 // Regions: The request must originate from one of the provided 2816 // countries/regions. Must be valid ISO 3166-1 alpha-2 codes. 2817 Regions []string `json:"regions,omitempty"` 2818 // RequiredAccessLevels: A list of other access levels defined in the same 2819 // `Policy`, referenced by resource name. Referencing an `AccessLevel` which 2820 // does not exist is an error. All access levels listed must be granted for the 2821 // Condition to be true. Example: 2822 // "accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME" 2823 RequiredAccessLevels []string `json:"requiredAccessLevels,omitempty"` 2824 // VpcNetworkSources: The request must originate from one of the provided VPC 2825 // networks in Google Cloud. Cannot specify this field together with 2826 // `ip_subnetworks`. 2827 VpcNetworkSources []*GoogleIdentityAccesscontextmanagerV1VpcNetworkSource `json:"vpcNetworkSources,omitempty"` 2828 // ForceSendFields is a list of field names (e.g. "DevicePolicy") to 2829 // unconditionally include in API requests. By default, fields with empty or 2830 // default values are omitted from API requests. See 2831 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2832 // details. 2833 ForceSendFields []string `json:"-"` 2834 // NullFields is a list of field names (e.g. "DevicePolicy") to include in API 2835 // requests with the JSON null value. By default, fields with empty values are 2836 // omitted from API requests. See 2837 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2838 NullFields []string `json:"-"` 2839 } 2840 2841 func (s *GoogleIdentityAccesscontextmanagerV1Condition) MarshalJSON() ([]byte, error) { 2842 type NoMethod GoogleIdentityAccesscontextmanagerV1Condition 2843 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2844 } 2845 2846 // GoogleIdentityAccesscontextmanagerV1CustomLevel: `CustomLevel` is an 2847 // `AccessLevel` using the Cloud Common Expression Language to represent the 2848 // necessary conditions for the level to apply to a request. See CEL spec at: 2849 // https://github.com/google/cel-spec 2850 type GoogleIdentityAccesscontextmanagerV1CustomLevel struct { 2851 // Expr: Required. A Cloud CEL expression evaluating to a boolean. 2852 Expr *Expr `json:"expr,omitempty"` 2853 // ForceSendFields is a list of field names (e.g. "Expr") to unconditionally 2854 // include in API requests. By default, fields with empty or default values are 2855 // omitted from API requests. See 2856 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2857 // details. 2858 ForceSendFields []string `json:"-"` 2859 // NullFields is a list of field names (e.g. "Expr") to include in API requests 2860 // with the JSON null value. By default, fields with empty values are omitted 2861 // from API requests. See 2862 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2863 NullFields []string `json:"-"` 2864 } 2865 2866 func (s *GoogleIdentityAccesscontextmanagerV1CustomLevel) MarshalJSON() ([]byte, error) { 2867 type NoMethod GoogleIdentityAccesscontextmanagerV1CustomLevel 2868 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2869 } 2870 2871 // GoogleIdentityAccesscontextmanagerV1DevicePolicy: `DevicePolicy` specifies 2872 // device specific restrictions necessary to acquire a given access level. A 2873 // `DevicePolicy` specifies requirements for requests from devices to be 2874 // granted access levels, it does not do any enforcement on the device. 2875 // `DevicePolicy` acts as an AND over all specified fields, and each repeated 2876 // field is an OR over its elements. Any unset fields are ignored. For example, 2877 // if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, 2878 // encryption_status: ENCRYPTED}, then the DevicePolicy will be true for 2879 // requests originating from encrypted Linux desktops and encrypted Windows 2880 // desktops. 2881 type GoogleIdentityAccesscontextmanagerV1DevicePolicy struct { 2882 // AllowedDeviceManagementLevels: Allowed device management levels, an empty 2883 // list allows all management levels. 2884 // 2885 // Possible values: 2886 // "MANAGEMENT_UNSPECIFIED" - The device's management level is not specified 2887 // or not known. 2888 // "NONE" - The device is not managed. 2889 // "BASIC" - Basic management is enabled, which is generally limited to 2890 // monitoring and wiping the corporate account. 2891 // "COMPLETE" - Complete device management. This includes more thorough 2892 // monitoring and the ability to directly manage the device (such as remote 2893 // wiping). This can be enabled through the Android Enterprise Platform. 2894 AllowedDeviceManagementLevels []string `json:"allowedDeviceManagementLevels,omitempty"` 2895 // AllowedEncryptionStatuses: Allowed encryptions statuses, an empty list 2896 // allows all statuses. 2897 // 2898 // Possible values: 2899 // "ENCRYPTION_UNSPECIFIED" - The encryption status of the device is not 2900 // specified or not known. 2901 // "ENCRYPTION_UNSUPPORTED" - The device does not support encryption. 2902 // "UNENCRYPTED" - The device supports encryption, but is currently 2903 // unencrypted. 2904 // "ENCRYPTED" - The device is encrypted. 2905 AllowedEncryptionStatuses []string `json:"allowedEncryptionStatuses,omitempty"` 2906 // OsConstraints: Allowed OS versions, an empty list allows all types and all 2907 // versions. 2908 OsConstraints []*GoogleIdentityAccesscontextmanagerV1OsConstraint `json:"osConstraints,omitempty"` 2909 // RequireAdminApproval: Whether the device needs to be approved by the 2910 // customer admin. 2911 RequireAdminApproval bool `json:"requireAdminApproval,omitempty"` 2912 // RequireCorpOwned: Whether the device needs to be corp owned. 2913 RequireCorpOwned bool `json:"requireCorpOwned,omitempty"` 2914 // RequireScreenlock: Whether or not screenlock is required for the 2915 // DevicePolicy to be true. Defaults to `false`. 2916 RequireScreenlock bool `json:"requireScreenlock,omitempty"` 2917 // ForceSendFields is a list of field names (e.g. 2918 // "AllowedDeviceManagementLevels") to unconditionally include in API requests. 2919 // By default, fields with empty or default values are omitted from API 2920 // requests. See https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields 2921 // for more details. 2922 ForceSendFields []string `json:"-"` 2923 // NullFields is a list of field names (e.g. "AllowedDeviceManagementLevels") 2924 // to include in API requests with the JSON null value. By default, fields with 2925 // empty values are omitted from API requests. See 2926 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2927 NullFields []string `json:"-"` 2928 } 2929 2930 func (s *GoogleIdentityAccesscontextmanagerV1DevicePolicy) MarshalJSON() ([]byte, error) { 2931 type NoMethod GoogleIdentityAccesscontextmanagerV1DevicePolicy 2932 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2933 } 2934 2935 // GoogleIdentityAccesscontextmanagerV1EgressFrom: Defines the conditions under 2936 // which an EgressPolicy matches a request. Conditions based on information 2937 // about the source of the request. Note that if the destination of the request 2938 // is also protected by a ServicePerimeter, then that ServicePerimeter must 2939 // have an IngressPolicy which allows access in order for this request to 2940 // succeed. 2941 type GoogleIdentityAccesscontextmanagerV1EgressFrom struct { 2942 // Identities: A list of identities that are allowed access through 2943 // [EgressPolicy]. Identities can be an individual user, service account, 2944 // Google group, or third-party identity. The `v1` identities that have the 2945 // prefix `user`, `group`, `serviceAccount`, `principal`, and `principalSet` in 2946 // https://cloud.google.com/iam/docs/principal-identifiers#v1 are supported. 2947 Identities []string `json:"identities,omitempty"` 2948 // IdentityType: Specifies the type of identities that are allowed access to 2949 // outside the perimeter. If left unspecified, then members of `identities` 2950 // field will be allowed access. 2951 // 2952 // Possible values: 2953 // "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified. 2954 // "ANY_IDENTITY" - Authorize access from all identities outside the 2955 // perimeter. 2956 // "ANY_USER_ACCOUNT" - Authorize access from all human users outside the 2957 // perimeter. 2958 // "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts outside 2959 // the perimeter. 2960 IdentityType string `json:"identityType,omitempty"` 2961 // SourceRestriction: Whether to enforce traffic restrictions based on 2962 // `sources` field. If the `sources` fields is non-empty, then this field must 2963 // be set to `SOURCE_RESTRICTION_ENABLED`. 2964 // 2965 // Possible values: 2966 // "SOURCE_RESTRICTION_UNSPECIFIED" - Enforcement preference unspecified, 2967 // will not enforce traffic restrictions based on `sources` in EgressFrom. 2968 // "SOURCE_RESTRICTION_ENABLED" - Enforcement preference enabled, traffic 2969 // restrictions will be enforced based on `sources` in EgressFrom. 2970 // "SOURCE_RESTRICTION_DISABLED" - Enforcement preference disabled, will not 2971 // enforce traffic restrictions based on `sources` in EgressFrom. 2972 SourceRestriction string `json:"sourceRestriction,omitempty"` 2973 // Sources: Sources that this EgressPolicy authorizes access from. If this 2974 // field is not empty, then `source_restriction` must be set to 2975 // `SOURCE_RESTRICTION_ENABLED`. 2976 Sources []*GoogleIdentityAccesscontextmanagerV1EgressSource `json:"sources,omitempty"` 2977 // ForceSendFields is a list of field names (e.g. "Identities") to 2978 // unconditionally include in API requests. By default, fields with empty or 2979 // default values are omitted from API requests. See 2980 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 2981 // details. 2982 ForceSendFields []string `json:"-"` 2983 // NullFields is a list of field names (e.g. "Identities") to include in API 2984 // requests with the JSON null value. By default, fields with empty values are 2985 // omitted from API requests. See 2986 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 2987 NullFields []string `json:"-"` 2988 } 2989 2990 func (s *GoogleIdentityAccesscontextmanagerV1EgressFrom) MarshalJSON() ([]byte, error) { 2991 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressFrom 2992 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 2993 } 2994 2995 // GoogleIdentityAccesscontextmanagerV1EgressPolicy: Policy for egress from 2996 // perimeter. EgressPolicies match requests based on `egress_from` and 2997 // `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and 2998 // `egress_to` stanzas must be matched. If an EgressPolicy matches a request, 2999 // the request is allowed to span the ServicePerimeter boundary. For example, 3000 // an EgressPolicy can be used to allow VMs on networks within the 3001 // ServicePerimeter to access a defined set of projects outside the perimeter 3002 // in certain contexts (e.g. to read data from a Cloud Storage bucket or query 3003 // against a BigQuery dataset). EgressPolicies are concerned with the 3004 // *resources* that a request relates as well as the API services and API 3005 // actions being used. They do not related to the direction of data movement. 3006 // More detailed documentation for this concept can be found in the 3007 // descriptions of EgressFrom and EgressTo. 3008 type GoogleIdentityAccesscontextmanagerV1EgressPolicy struct { 3009 // EgressFrom: Defines conditions on the source of a request causing this 3010 // EgressPolicy to apply. 3011 EgressFrom *GoogleIdentityAccesscontextmanagerV1EgressFrom `json:"egressFrom,omitempty"` 3012 // EgressTo: Defines the conditions on the ApiOperation and destination 3013 // resources that cause this EgressPolicy to apply. 3014 EgressTo *GoogleIdentityAccesscontextmanagerV1EgressTo `json:"egressTo,omitempty"` 3015 // ForceSendFields is a list of field names (e.g. "EgressFrom") to 3016 // unconditionally include in API requests. By default, fields with empty or 3017 // default values are omitted from API requests. See 3018 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3019 // details. 3020 ForceSendFields []string `json:"-"` 3021 // NullFields is a list of field names (e.g. "EgressFrom") to include in API 3022 // requests with the JSON null value. By default, fields with empty values are 3023 // omitted from API requests. See 3024 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3025 NullFields []string `json:"-"` 3026 } 3027 3028 func (s *GoogleIdentityAccesscontextmanagerV1EgressPolicy) MarshalJSON() ([]byte, error) { 3029 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressPolicy 3030 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3031 } 3032 3033 // GoogleIdentityAccesscontextmanagerV1EgressSource: The source that 3034 // EgressPolicy authorizes access from inside the ServicePerimeter to somewhere 3035 // outside the ServicePerimeter boundaries. 3036 type GoogleIdentityAccesscontextmanagerV1EgressSource struct { 3037 // AccessLevel: An AccessLevel resource name that allows protected resources 3038 // inside the ServicePerimeters to access outside the ServicePerimeter 3039 // boundaries. AccessLevels listed must be in the same policy as this 3040 // ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. 3041 // If an AccessLevel name is not specified, only resources within the perimeter 3042 // can be accessed through Google Cloud calls with request origins within the 3043 // perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a 3044 // single `*` is specified for `access_level`, then all EgressSources will be 3045 // allowed. 3046 AccessLevel string `json:"accessLevel,omitempty"` 3047 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 3048 // unconditionally include in API requests. By default, fields with empty or 3049 // default values are omitted from API requests. See 3050 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3051 // details. 3052 ForceSendFields []string `json:"-"` 3053 // NullFields is a list of field names (e.g. "AccessLevel") to include in API 3054 // requests with the JSON null value. By default, fields with empty values are 3055 // omitted from API requests. See 3056 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3057 NullFields []string `json:"-"` 3058 } 3059 3060 func (s *GoogleIdentityAccesscontextmanagerV1EgressSource) MarshalJSON() ([]byte, error) { 3061 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressSource 3062 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3063 } 3064 3065 // GoogleIdentityAccesscontextmanagerV1EgressTo: Defines the conditions under 3066 // which an EgressPolicy matches a request. Conditions are based on information 3067 // about the ApiOperation intended to be performed on the `resources` 3068 // specified. Note that if the destination of the request is also protected by 3069 // a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy 3070 // which allows access in order for this request to succeed. The request must 3071 // match `operations` AND `resources` fields in order to be allowed egress out 3072 // of the perimeter. 3073 type GoogleIdentityAccesscontextmanagerV1EgressTo struct { 3074 // ExternalResources: A list of external resources that are allowed to be 3075 // accessed. Only AWS and Azure resources are supported. For Amazon S3, the 3076 // supported formats are s3://BUCKET_NAME, s3a://BUCKET_NAME, and 3077 // s3n://BUCKET_NAME. For Azure Storage, the supported format is 3078 // azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if 3079 // it contains an external resource in this list (Example: s3://bucket/path). 3080 // Currently '*' is not allowed. 3081 ExternalResources []string `json:"externalResources,omitempty"` 3082 // Operations: A list of ApiOperations allowed to be performed by the sources 3083 // specified in the corresponding EgressFrom. A request matches if it uses an 3084 // operation/service in this list. 3085 Operations []*GoogleIdentityAccesscontextmanagerV1ApiOperation `json:"operations,omitempty"` 3086 // Resources: A list of resources, currently only projects in the form 3087 // `projects/`, that are allowed to be accessed by sources defined in the 3088 // corresponding EgressFrom. A request matches if it contains a resource in 3089 // this list. If `*` is specified for `resources`, then this EgressTo rule will 3090 // authorize access to all resources outside the perimeter. 3091 Resources []string `json:"resources,omitempty"` 3092 // ForceSendFields is a list of field names (e.g. "ExternalResources") to 3093 // unconditionally include in API requests. By default, fields with empty or 3094 // default values are omitted from API requests. See 3095 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3096 // details. 3097 ForceSendFields []string `json:"-"` 3098 // NullFields is a list of field names (e.g. "ExternalResources") to include in 3099 // API requests with the JSON null value. By default, fields with empty values 3100 // are omitted from API requests. See 3101 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3102 NullFields []string `json:"-"` 3103 } 3104 3105 func (s *GoogleIdentityAccesscontextmanagerV1EgressTo) MarshalJSON() ([]byte, error) { 3106 type NoMethod GoogleIdentityAccesscontextmanagerV1EgressTo 3107 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3108 } 3109 3110 // GoogleIdentityAccesscontextmanagerV1IngressFrom: Defines the conditions 3111 // under which an IngressPolicy matches a request. Conditions are based on 3112 // information about the source of the request. The request must satisfy what 3113 // is defined in `sources` AND identity related fields in order to match. 3114 type GoogleIdentityAccesscontextmanagerV1IngressFrom struct { 3115 // Identities: A list of identities that are allowed access through 3116 // [IngressPolicy]. Identities can be an individual user, service account, 3117 // Google group, or third-party identity. The `v1` identities that have the 3118 // prefix `user`, `group`, `serviceAccount`, `principal`, and `principalSet` in 3119 // https://cloud.google.com/iam/docs/principal-identifiers#v1 are supported. 3120 Identities []string `json:"identities,omitempty"` 3121 // IdentityType: Specifies the type of identities that are allowed access from 3122 // outside the perimeter. If left unspecified, then members of `identities` 3123 // field will be allowed access. 3124 // 3125 // Possible values: 3126 // "IDENTITY_TYPE_UNSPECIFIED" - No blanket identity group specified. 3127 // "ANY_IDENTITY" - Authorize access from all identities outside the 3128 // perimeter. 3129 // "ANY_USER_ACCOUNT" - Authorize access from all human users outside the 3130 // perimeter. 3131 // "ANY_SERVICE_ACCOUNT" - Authorize access from all service accounts outside 3132 // the perimeter. 3133 IdentityType string `json:"identityType,omitempty"` 3134 // Sources: Sources that this IngressPolicy authorizes access from. 3135 Sources []*GoogleIdentityAccesscontextmanagerV1IngressSource `json:"sources,omitempty"` 3136 // ForceSendFields is a list of field names (e.g. "Identities") to 3137 // unconditionally include in API requests. By default, fields with empty or 3138 // default values are omitted from API requests. See 3139 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3140 // details. 3141 ForceSendFields []string `json:"-"` 3142 // NullFields is a list of field names (e.g. "Identities") to include in API 3143 // requests with the JSON null value. By default, fields with empty values are 3144 // omitted from API requests. See 3145 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3146 NullFields []string `json:"-"` 3147 } 3148 3149 func (s *GoogleIdentityAccesscontextmanagerV1IngressFrom) MarshalJSON() ([]byte, error) { 3150 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressFrom 3151 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3152 } 3153 3154 // GoogleIdentityAccesscontextmanagerV1IngressPolicy: Policy for ingress into 3155 // ServicePerimeter. IngressPolicies match requests based on `ingress_from` and 3156 // `ingress_to` stanzas. For an ingress policy to match, both the 3157 // `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy 3158 // matches a request, the request is allowed through the perimeter boundary 3159 // from outside the perimeter. For example, access from the internet can be 3160 // allowed either based on an AccessLevel or, for traffic hosted on Google 3161 // Cloud, the project of the source network. For access from private networks, 3162 // using the project of the hosting network is required. Individual ingress 3163 // policies can be limited by restricting which services and/or actions they 3164 // match using the `ingress_to` field. 3165 type GoogleIdentityAccesscontextmanagerV1IngressPolicy struct { 3166 // IngressFrom: Defines the conditions on the source of a request causing this 3167 // IngressPolicy to apply. 3168 IngressFrom *GoogleIdentityAccesscontextmanagerV1IngressFrom `json:"ingressFrom,omitempty"` 3169 // IngressTo: Defines the conditions on the ApiOperation and request 3170 // destination that cause this IngressPolicy to apply. 3171 IngressTo *GoogleIdentityAccesscontextmanagerV1IngressTo `json:"ingressTo,omitempty"` 3172 // ForceSendFields is a list of field names (e.g. "IngressFrom") to 3173 // unconditionally include in API requests. By default, fields with empty or 3174 // default values are omitted from API requests. See 3175 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3176 // details. 3177 ForceSendFields []string `json:"-"` 3178 // NullFields is a list of field names (e.g. "IngressFrom") to include in API 3179 // requests with the JSON null value. By default, fields with empty values are 3180 // omitted from API requests. See 3181 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3182 NullFields []string `json:"-"` 3183 } 3184 3185 func (s *GoogleIdentityAccesscontextmanagerV1IngressPolicy) MarshalJSON() ([]byte, error) { 3186 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressPolicy 3187 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3188 } 3189 3190 // GoogleIdentityAccesscontextmanagerV1IngressSource: The source that 3191 // IngressPolicy authorizes access from. 3192 type GoogleIdentityAccesscontextmanagerV1IngressSource struct { 3193 // AccessLevel: An AccessLevel resource name that allow resources within the 3194 // ServicePerimeters to be accessed from the internet. AccessLevels listed must 3195 // be in the same policy as this ServicePerimeter. Referencing a nonexistent 3196 // AccessLevel will cause an error. If no AccessLevel names are listed, 3197 // resources within the perimeter can only be accessed via Google Cloud calls 3198 // with request origins within the perimeter. Example: 3199 // `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is 3200 // specified for `access_level`, then all IngressSources will be allowed. 3201 AccessLevel string `json:"accessLevel,omitempty"` 3202 // Resource: A Google Cloud resource that is allowed to ingress the perimeter. 3203 // Requests from these resources will be allowed to access perimeter data. 3204 // Currently only projects and VPCs are allowed. Project format: 3205 // `projects/{project_number}` VPC network format: 3206 // `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The 3207 // project may be in any Google Cloud organization, not just the organization 3208 // that the perimeter is defined in. `*` is not allowed, the case of allowing 3209 // all Google Cloud resources only is not supported. 3210 Resource string `json:"resource,omitempty"` 3211 // ForceSendFields is a list of field names (e.g. "AccessLevel") to 3212 // unconditionally include in API requests. By default, fields with empty or 3213 // default values are omitted from API requests. See 3214 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3215 // details. 3216 ForceSendFields []string `json:"-"` 3217 // NullFields is a list of field names (e.g. "AccessLevel") to include in API 3218 // requests with the JSON null value. By default, fields with empty values are 3219 // omitted from API requests. See 3220 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3221 NullFields []string `json:"-"` 3222 } 3223 3224 func (s *GoogleIdentityAccesscontextmanagerV1IngressSource) MarshalJSON() ([]byte, error) { 3225 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressSource 3226 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3227 } 3228 3229 // GoogleIdentityAccesscontextmanagerV1IngressTo: Defines the conditions under 3230 // which an IngressPolicy matches a request. Conditions are based on 3231 // information about the ApiOperation intended to be performed on the target 3232 // resource of the request. The request must satisfy what is defined in 3233 // `operations` AND `resources` in order to match. 3234 type GoogleIdentityAccesscontextmanagerV1IngressTo struct { 3235 // Operations: A list of ApiOperations allowed to be performed by the sources 3236 // specified in corresponding IngressFrom in this ServicePerimeter. 3237 Operations []*GoogleIdentityAccesscontextmanagerV1ApiOperation `json:"operations,omitempty"` 3238 // Resources: A list of resources, currently only projects in the form 3239 // `projects/`, protected by this ServicePerimeter that are allowed to be 3240 // accessed by sources defined in the corresponding IngressFrom. If a single 3241 // `*` is specified, then access to all resources inside the perimeter are 3242 // allowed. 3243 Resources []string `json:"resources,omitempty"` 3244 // ForceSendFields is a list of field names (e.g. "Operations") to 3245 // unconditionally include in API requests. By default, fields with empty or 3246 // default values are omitted from API requests. See 3247 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3248 // details. 3249 ForceSendFields []string `json:"-"` 3250 // NullFields is a list of field names (e.g. "Operations") to include in API 3251 // requests with the JSON null value. By default, fields with empty values are 3252 // omitted from API requests. See 3253 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3254 NullFields []string `json:"-"` 3255 } 3256 3257 func (s *GoogleIdentityAccesscontextmanagerV1IngressTo) MarshalJSON() ([]byte, error) { 3258 type NoMethod GoogleIdentityAccesscontextmanagerV1IngressTo 3259 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3260 } 3261 3262 // GoogleIdentityAccesscontextmanagerV1MethodSelector: An allowed method or 3263 // permission of a service specified in ApiOperation. 3264 type GoogleIdentityAccesscontextmanagerV1MethodSelector struct { 3265 // Method: A valid method name for the corresponding `service_name` in 3266 // ApiOperation. If `*` is used as the value for the `method`, then ALL methods 3267 // and permissions are allowed. 3268 Method string `json:"method,omitempty"` 3269 // Permission: A valid Cloud IAM permission for the corresponding 3270 // `service_name` in ApiOperation. 3271 Permission string `json:"permission,omitempty"` 3272 // ForceSendFields is a list of field names (e.g. "Method") to unconditionally 3273 // include in API requests. By default, fields with empty or default values are 3274 // omitted from API requests. See 3275 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3276 // details. 3277 ForceSendFields []string `json:"-"` 3278 // NullFields is a list of field names (e.g. "Method") to include in API 3279 // requests with the JSON null value. By default, fields with empty values are 3280 // omitted from API requests. See 3281 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3282 NullFields []string `json:"-"` 3283 } 3284 3285 func (s *GoogleIdentityAccesscontextmanagerV1MethodSelector) MarshalJSON() ([]byte, error) { 3286 type NoMethod GoogleIdentityAccesscontextmanagerV1MethodSelector 3287 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3288 } 3289 3290 // GoogleIdentityAccesscontextmanagerV1OsConstraint: A restriction on the OS 3291 // type and version of devices making requests. 3292 type GoogleIdentityAccesscontextmanagerV1OsConstraint struct { 3293 // MinimumVersion: The minimum allowed OS version. If not set, any version of 3294 // this OS satisfies the constraint. Format: "major.minor.patch". Examples: 3295 // "10.5.301", "9.2.1". 3296 MinimumVersion string `json:"minimumVersion,omitempty"` 3297 // OsType: Required. The allowed OS type. 3298 // 3299 // Possible values: 3300 // "OS_UNSPECIFIED" - The operating system of the device is not specified or 3301 // not known. 3302 // "DESKTOP_MAC" - A desktop Mac operating system. 3303 // "DESKTOP_WINDOWS" - A desktop Windows operating system. 3304 // "DESKTOP_LINUX" - A desktop Linux operating system. 3305 // "DESKTOP_CHROME_OS" - A desktop ChromeOS operating system. 3306 // "ANDROID" - An Android operating system. 3307 // "IOS" - An iOS operating system. 3308 OsType string `json:"osType,omitempty"` 3309 // RequireVerifiedChromeOs: Only allows requests from devices with a verified 3310 // Chrome OS. Verifications includes requirements that the device is 3311 // enterprise-managed, conformant to domain policies, and the caller has 3312 // permission to call the API targeted by the request. 3313 RequireVerifiedChromeOs bool `json:"requireVerifiedChromeOs,omitempty"` 3314 // ForceSendFields is a list of field names (e.g. "MinimumVersion") to 3315 // unconditionally include in API requests. By default, fields with empty or 3316 // default values are omitted from API requests. See 3317 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3318 // details. 3319 ForceSendFields []string `json:"-"` 3320 // NullFields is a list of field names (e.g. "MinimumVersion") to include in 3321 // API requests with the JSON null value. By default, fields with empty values 3322 // are omitted from API requests. See 3323 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3324 NullFields []string `json:"-"` 3325 } 3326 3327 func (s *GoogleIdentityAccesscontextmanagerV1OsConstraint) MarshalJSON() ([]byte, error) { 3328 type NoMethod GoogleIdentityAccesscontextmanagerV1OsConstraint 3329 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3330 } 3331 3332 // GoogleIdentityAccesscontextmanagerV1ServicePerimeter: `ServicePerimeter` 3333 // describes a set of Google Cloud resources which can freely import and export 3334 // data amongst themselves, but not export outside of the `ServicePerimeter`. 3335 // If a request with a source within this `ServicePerimeter` has a target 3336 // outside of the `ServicePerimeter`, the request will be blocked. Otherwise 3337 // the request is allowed. There are two types of Service Perimeter - Regular 3338 // and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud 3339 // project or VPC network can only belong to a single regular Service 3340 // Perimeter. Service Perimeter Bridges can contain only Google Cloud projects 3341 // as members, a single Google Cloud project may belong to multiple Service 3342 // Perimeter Bridges. 3343 type GoogleIdentityAccesscontextmanagerV1ServicePerimeter struct { 3344 // Description: Description of the `ServicePerimeter` and its use. Does not 3345 // affect behavior. 3346 Description string `json:"description,omitempty"` 3347 // Name: Resource name for the `ServicePerimeter`. Format: 3348 // `accessPolicies/{access_policy}/servicePerimeters/{service_perimeter}`. The 3349 // `service_perimeter` component must begin with a letter, followed by 3350 // alphanumeric characters or `_`. After you create a `ServicePerimeter`, you 3351 // cannot change its `name`. 3352 Name string `json:"name,omitempty"` 3353 // PerimeterType: Perimeter type indicator. A single project or VPC network is 3354 // allowed to be a member of single regular perimeter, but multiple service 3355 // perimeter bridges. A project cannot be a included in a perimeter bridge 3356 // without being included in regular perimeter. For perimeter bridges, the 3357 // restricted service list as well as access level lists must be empty. 3358 // 3359 // Possible values: 3360 // "PERIMETER_TYPE_REGULAR" - Regular Perimeter. When no value is specified, 3361 // the perimeter uses this type. 3362 // "PERIMETER_TYPE_BRIDGE" - Perimeter Bridge. 3363 PerimeterType string `json:"perimeterType,omitempty"` 3364 // Spec: Proposed (or dry run) ServicePerimeter configuration. This 3365 // configuration allows to specify and test ServicePerimeter configuration 3366 // without enforcing actual access restrictions. Only allowed to be set when 3367 // the "use_explicit_dry_run_spec" flag is set. 3368 Spec *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"spec,omitempty"` 3369 // Status: Current ServicePerimeter configuration. Specifies sets of resources, 3370 // restricted services and access levels that determine perimeter content and 3371 // boundaries. 3372 Status *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig `json:"status,omitempty"` 3373 // Title: Human readable title. Must be unique within the Policy. 3374 Title string `json:"title,omitempty"` 3375 // UseExplicitDryRunSpec: Use explicit dry run spec flag. Ordinarily, a dry-run 3376 // spec implicitly exists for all Service Perimeters, and that spec is 3377 // identical to the status for those Service Perimeters. When this flag is set, 3378 // it inhibits the generation of the implicit spec, thereby allowing the user 3379 // to explicitly provide a configuration ("spec") to use in a dry-run version 3380 // of the Service Perimeter. This allows the user to test changes to the 3381 // enforced config ("status") without actually enforcing them. This testing is 3382 // done through analyzing the differences between currently enforced and 3383 // suggested restrictions. use_explicit_dry_run_spec must bet set to True if 3384 // any of the fields in the spec are set to non-default values. 3385 UseExplicitDryRunSpec bool `json:"useExplicitDryRunSpec,omitempty"` 3386 // ForceSendFields is a list of field names (e.g. "Description") to 3387 // unconditionally include in API requests. By default, fields with empty or 3388 // default values are omitted from API requests. See 3389 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3390 // details. 3391 ForceSendFields []string `json:"-"` 3392 // NullFields is a list of field names (e.g. "Description") to include in API 3393 // requests with the JSON null value. By default, fields with empty values are 3394 // omitted from API requests. See 3395 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3396 NullFields []string `json:"-"` 3397 } 3398 3399 func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeter) MarshalJSON() ([]byte, error) { 3400 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeter 3401 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3402 } 3403 3404 // GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig: 3405 // `ServicePerimeterConfig` specifies a set of Google Cloud resources that 3406 // describe specific Service Perimeter configuration. 3407 type GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig struct { 3408 // AccessLevels: A list of `AccessLevel` resource names that allow resources 3409 // within the `ServicePerimeter` to be accessed from the internet. 3410 // `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. 3411 // Referencing a nonexistent `AccessLevel` is a syntax error. If no 3412 // `AccessLevel` names are listed, resources within the perimeter can only be 3413 // accessed via Google Cloud calls with request origins within the perimeter. 3414 // Example: "accessPolicies/MY_POLICY/accessLevels/MY_LEVEL". For Service 3415 // Perimeter Bridge, must be empty. 3416 AccessLevels []string `json:"accessLevels,omitempty"` 3417 // EgressPolicies: List of EgressPolicies to apply to the perimeter. A 3418 // perimeter may have multiple EgressPolicies, each of which is evaluated 3419 // separately. Access is granted if any EgressPolicy grants it. Must be empty 3420 // for a perimeter bridge. 3421 EgressPolicies []*GoogleIdentityAccesscontextmanagerV1EgressPolicy `json:"egressPolicies,omitempty"` 3422 // IngressPolicies: List of IngressPolicies to apply to the perimeter. A 3423 // perimeter may have multiple IngressPolicies, each of which is evaluated 3424 // separately. Access is granted if any Ingress Policy grants it. Must be empty 3425 // for a perimeter bridge. 3426 IngressPolicies []*GoogleIdentityAccesscontextmanagerV1IngressPolicy `json:"ingressPolicies,omitempty"` 3427 // Resources: A list of Google Cloud resources that are inside of the service 3428 // perimeter. Currently only projects and VPCs are allowed. Project format: 3429 // `projects/{project_number}` VPC network format: 3430 // `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. 3431 Resources []string `json:"resources,omitempty"` 3432 // RestrictedServices: Google Cloud services that are subject to the Service 3433 // Perimeter restrictions. For example, if `storage.googleapis.com` is 3434 // specified, access to the storage buckets inside the perimeter must meet the 3435 // perimeter's access restrictions. 3436 RestrictedServices []string `json:"restrictedServices,omitempty"` 3437 // VpcAccessibleServices: Configuration for APIs allowed within Perimeter. 3438 VpcAccessibleServices *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices `json:"vpcAccessibleServices,omitempty"` 3439 // ForceSendFields is a list of field names (e.g. "AccessLevels") to 3440 // unconditionally include in API requests. By default, fields with empty or 3441 // default values are omitted from API requests. See 3442 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3443 // details. 3444 ForceSendFields []string `json:"-"` 3445 // NullFields is a list of field names (e.g. "AccessLevels") to include in API 3446 // requests with the JSON null value. By default, fields with empty values are 3447 // omitted from API requests. See 3448 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3449 NullFields []string `json:"-"` 3450 } 3451 3452 func (s *GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig) MarshalJSON() ([]byte, error) { 3453 type NoMethod GoogleIdentityAccesscontextmanagerV1ServicePerimeterConfig 3454 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3455 } 3456 3457 // GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices: Specifies how 3458 // APIs are allowed to communicate within the Service Perimeter. 3459 type GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices struct { 3460 // AllowedServices: The list of APIs usable within the Service Perimeter. Must 3461 // be empty unless 'enable_restriction' is True. You can specify a list of 3462 // individual services, as well as include the 'RESTRICTED-SERVICES' value, 3463 // which automatically includes all of the services protected by the perimeter. 3464 AllowedServices []string `json:"allowedServices,omitempty"` 3465 // EnableRestriction: Whether to restrict API calls within the Service 3466 // Perimeter to the list of APIs specified in 'allowed_services'. 3467 EnableRestriction bool `json:"enableRestriction,omitempty"` 3468 // ForceSendFields is a list of field names (e.g. "AllowedServices") to 3469 // unconditionally include in API requests. By default, fields with empty or 3470 // default values are omitted from API requests. See 3471 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3472 // details. 3473 ForceSendFields []string `json:"-"` 3474 // NullFields is a list of field names (e.g. "AllowedServices") to include in 3475 // API requests with the JSON null value. By default, fields with empty values 3476 // are omitted from API requests. See 3477 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3478 NullFields []string `json:"-"` 3479 } 3480 3481 func (s *GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices) MarshalJSON() ([]byte, error) { 3482 type NoMethod GoogleIdentityAccesscontextmanagerV1VpcAccessibleServices 3483 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3484 } 3485 3486 // GoogleIdentityAccesscontextmanagerV1VpcNetworkSource: The originating 3487 // network source in Google Cloud. 3488 type GoogleIdentityAccesscontextmanagerV1VpcNetworkSource struct { 3489 // VpcSubnetwork: Sub-segment ranges of a VPC network. 3490 VpcSubnetwork *GoogleIdentityAccesscontextmanagerV1VpcSubNetwork `json:"vpcSubnetwork,omitempty"` 3491 // ForceSendFields is a list of field names (e.g. "VpcSubnetwork") to 3492 // unconditionally include in API requests. By default, fields with empty or 3493 // default values are omitted from API requests. See 3494 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3495 // details. 3496 ForceSendFields []string `json:"-"` 3497 // NullFields is a list of field names (e.g. "VpcSubnetwork") to include in API 3498 // requests with the JSON null value. By default, fields with empty values are 3499 // omitted from API requests. See 3500 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3501 NullFields []string `json:"-"` 3502 } 3503 3504 func (s *GoogleIdentityAccesscontextmanagerV1VpcNetworkSource) MarshalJSON() ([]byte, error) { 3505 type NoMethod GoogleIdentityAccesscontextmanagerV1VpcNetworkSource 3506 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3507 } 3508 3509 // GoogleIdentityAccesscontextmanagerV1VpcSubNetwork: Sub-segment ranges inside 3510 // of a VPC Network. 3511 type GoogleIdentityAccesscontextmanagerV1VpcSubNetwork struct { 3512 // Network: Required. Network name. If the network is not part of the 3513 // organization, the `compute.network.get` permission must be granted to the 3514 // caller. Format: 3515 // `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME 3516 // }` Example: 3517 // `//compute.googleapis.com/projects/my-project/global/networks/network-1` 3518 Network string `json:"network,omitempty"` 3519 // VpcIpSubnetworks: CIDR block IP subnetwork specification. The IP address 3520 // must be an IPv4 address and can be a public or private IP address. Note that 3521 // for a CIDR IP address block, the specified IP address portion must be 3522 // properly truncated (i.e. all the host bits must be zero) or the input is 3523 // considered malformed. For example, "192.0.2.0/24" is accepted but 3524 // "192.0.2.1/24" is not. If empty, all IP addresses are allowed. 3525 VpcIpSubnetworks []string `json:"vpcIpSubnetworks,omitempty"` 3526 // ForceSendFields is a list of field names (e.g. "Network") to unconditionally 3527 // include in API requests. By default, fields with empty or default values are 3528 // omitted from API requests. See 3529 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3530 // details. 3531 ForceSendFields []string `json:"-"` 3532 // NullFields is a list of field names (e.g. "Network") to include in API 3533 // requests with the JSON null value. By default, fields with empty values are 3534 // omitted from API requests. See 3535 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3536 NullFields []string `json:"-"` 3537 } 3538 3539 func (s *GoogleIdentityAccesscontextmanagerV1VpcSubNetwork) MarshalJSON() ([]byte, error) { 3540 type NoMethod GoogleIdentityAccesscontextmanagerV1VpcSubNetwork 3541 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3542 } 3543 3544 // IamPolicyAnalysis: An analysis message to group the query and results. 3545 type IamPolicyAnalysis struct { 3546 // AnalysisQuery: The analysis query. 3547 AnalysisQuery *IamPolicyAnalysisQuery `json:"analysisQuery,omitempty"` 3548 // AnalysisResults: A list of IamPolicyAnalysisResult that matches the analysis 3549 // query, or empty if no result is found. 3550 AnalysisResults []*IamPolicyAnalysisResult `json:"analysisResults,omitempty"` 3551 // FullyExplored: Represents whether all entries in the analysis_results have 3552 // been fully explored to answer the query. 3553 FullyExplored bool `json:"fullyExplored,omitempty"` 3554 // NonCriticalErrors: A list of non-critical errors happened during the query 3555 // handling. 3556 NonCriticalErrors []*IamPolicyAnalysisState `json:"nonCriticalErrors,omitempty"` 3557 // ForceSendFields is a list of field names (e.g. "AnalysisQuery") to 3558 // unconditionally include in API requests. By default, fields with empty or 3559 // default values are omitted from API requests. See 3560 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3561 // details. 3562 ForceSendFields []string `json:"-"` 3563 // NullFields is a list of field names (e.g. "AnalysisQuery") to include in API 3564 // requests with the JSON null value. By default, fields with empty values are 3565 // omitted from API requests. See 3566 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3567 NullFields []string `json:"-"` 3568 } 3569 3570 func (s *IamPolicyAnalysis) MarshalJSON() ([]byte, error) { 3571 type NoMethod IamPolicyAnalysis 3572 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3573 } 3574 3575 // IamPolicyAnalysisOutputConfig: Output configuration for export IAM policy 3576 // analysis destination. 3577 type IamPolicyAnalysisOutputConfig struct { 3578 // BigqueryDestination: Destination on BigQuery. 3579 BigqueryDestination *GoogleCloudAssetV1BigQueryDestination `json:"bigqueryDestination,omitempty"` 3580 // GcsDestination: Destination on Cloud Storage. 3581 GcsDestination *GoogleCloudAssetV1GcsDestination `json:"gcsDestination,omitempty"` 3582 // ForceSendFields is a list of field names (e.g. "BigqueryDestination") to 3583 // unconditionally include in API requests. By default, fields with empty or 3584 // default values are omitted from API requests. See 3585 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3586 // details. 3587 ForceSendFields []string `json:"-"` 3588 // NullFields is a list of field names (e.g. "BigqueryDestination") to include 3589 // in API requests with the JSON null value. By default, fields with empty 3590 // values are omitted from API requests. See 3591 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3592 NullFields []string `json:"-"` 3593 } 3594 3595 func (s *IamPolicyAnalysisOutputConfig) MarshalJSON() ([]byte, error) { 3596 type NoMethod IamPolicyAnalysisOutputConfig 3597 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3598 } 3599 3600 // IamPolicyAnalysisQuery: IAM policy analysis query message. 3601 type IamPolicyAnalysisQuery struct { 3602 // AccessSelector: Optional. Specifies roles or permissions for analysis. This 3603 // is optional. 3604 AccessSelector *AccessSelector `json:"accessSelector,omitempty"` 3605 // ConditionContext: Optional. The hypothetical context for IAM conditions 3606 // evaluation. 3607 ConditionContext *ConditionContext `json:"conditionContext,omitempty"` 3608 // IdentitySelector: Optional. Specifies an identity for analysis. 3609 IdentitySelector *IdentitySelector `json:"identitySelector,omitempty"` 3610 // Options: Optional. The query options. 3611 Options *Options `json:"options,omitempty"` 3612 // ResourceSelector: Optional. Specifies a resource for analysis. 3613 ResourceSelector *ResourceSelector `json:"resourceSelector,omitempty"` 3614 // Scope: Required. The relative name of the root asset. Only resources and IAM 3615 // policies within the scope will be analyzed. This can only be an organization 3616 // number (such as "organizations/123"), a folder number (such as 3617 // "folders/123"), a project ID (such as "projects/my-project-id"), or a 3618 // project number (such as "projects/12345"). To know how to get organization 3619 // ID, visit here 3620 // (https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). 3621 // To know how to get folder or project ID, visit here 3622 // (https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). 3623 Scope string `json:"scope,omitempty"` 3624 // ForceSendFields is a list of field names (e.g. "AccessSelector") to 3625 // unconditionally include in API requests. By default, fields with empty or 3626 // default values are omitted from API requests. See 3627 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3628 // details. 3629 ForceSendFields []string `json:"-"` 3630 // NullFields is a list of field names (e.g. "AccessSelector") to include in 3631 // API requests with the JSON null value. By default, fields with empty values 3632 // are omitted from API requests. See 3633 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3634 NullFields []string `json:"-"` 3635 } 3636 3637 func (s *IamPolicyAnalysisQuery) MarshalJSON() ([]byte, error) { 3638 type NoMethod IamPolicyAnalysisQuery 3639 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3640 } 3641 3642 // IamPolicyAnalysisResult: IAM Policy analysis result, consisting of one IAM 3643 // policy binding and derived access control lists. 3644 type IamPolicyAnalysisResult struct { 3645 // AccessControlLists: The access control lists derived from the iam_binding 3646 // that match or potentially match resource and access selectors specified in 3647 // the request. 3648 AccessControlLists []*GoogleCloudAssetV1AccessControlList `json:"accessControlLists,omitempty"` 3649 // AttachedResourceFullName: The full resource name 3650 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the 3651 // resource to which the iam_binding policy attaches. 3652 AttachedResourceFullName string `json:"attachedResourceFullName,omitempty"` 3653 // FullyExplored: Represents whether all analyses on the iam_binding have 3654 // successfully finished. 3655 FullyExplored bool `json:"fullyExplored,omitempty"` 3656 // IamBinding: The IAM policy binding under analysis. 3657 IamBinding *Binding `json:"iamBinding,omitempty"` 3658 // IdentityList: The identity list derived from members of the iam_binding that 3659 // match or potentially match identity selector specified in the request. 3660 IdentityList *GoogleCloudAssetV1IdentityList `json:"identityList,omitempty"` 3661 // ForceSendFields is a list of field names (e.g. "AccessControlLists") to 3662 // unconditionally include in API requests. By default, fields with empty or 3663 // default values are omitted from API requests. See 3664 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3665 // details. 3666 ForceSendFields []string `json:"-"` 3667 // NullFields is a list of field names (e.g. "AccessControlLists") to include 3668 // in API requests with the JSON null value. By default, fields with empty 3669 // values are omitted from API requests. See 3670 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3671 NullFields []string `json:"-"` 3672 } 3673 3674 func (s *IamPolicyAnalysisResult) MarshalJSON() ([]byte, error) { 3675 type NoMethod IamPolicyAnalysisResult 3676 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3677 } 3678 3679 // IamPolicyAnalysisState: Represents the detailed state of an entity under 3680 // analysis, such as a resource, an identity or an access. 3681 type IamPolicyAnalysisState struct { 3682 // Cause: The human-readable description of the cause of failure. 3683 Cause string `json:"cause,omitempty"` 3684 // Code: The Google standard error code that best describes the state. For 3685 // example: - OK means the analysis on this entity has been successfully 3686 // finished; - PERMISSION_DENIED means an access denied error is encountered; - 3687 // DEADLINE_EXCEEDED means the analysis on this entity hasn't been started in 3688 // time; 3689 // 3690 // Possible values: 3691 // "OK" - Not an error; returned on success. HTTP Mapping: 200 OK 3692 // "CANCELLED" - The operation was cancelled, typically by the caller. HTTP 3693 // Mapping: 499 Client Closed Request 3694 // "UNKNOWN" - Unknown error. For example, this error may be returned when a 3695 // `Status` value received from another address space belongs to an error space 3696 // that is not known in this address space. Also errors raised by APIs that do 3697 // not return enough error information may be converted to this error. HTTP 3698 // Mapping: 500 Internal Server Error 3699 // "INVALID_ARGUMENT" - The client specified an invalid argument. Note that 3700 // this differs from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates 3701 // arguments that are problematic regardless of the state of the system (e.g., 3702 // a malformed file name). HTTP Mapping: 400 Bad Request 3703 // "DEADLINE_EXCEEDED" - The deadline expired before the operation could 3704 // complete. For operations that change the state of the system, this error may 3705 // be returned even if the operation has completed successfully. For example, a 3706 // successful response from a server could have been delayed long enough for 3707 // the deadline to expire. HTTP Mapping: 504 Gateway Timeout 3708 // "NOT_FOUND" - Some requested entity (e.g., file or directory) was not 3709 // found. Note to server developers: if a request is denied for an entire class 3710 // of users, such as gradual feature rollout or undocumented allowlist, 3711 // `NOT_FOUND` may be used. If a request is denied for some users within a 3712 // class of users, such as user-based access control, `PERMISSION_DENIED` must 3713 // be used. HTTP Mapping: 404 Not Found 3714 // "ALREADY_EXISTS" - The entity that a client attempted to create (e.g., 3715 // file or directory) already exists. HTTP Mapping: 409 Conflict 3716 // "PERMISSION_DENIED" - The caller does not have permission to execute the 3717 // specified operation. `PERMISSION_DENIED` must not be used for rejections 3718 // caused by exhausting some resource (use `RESOURCE_EXHAUSTED` instead for 3719 // those errors). `PERMISSION_DENIED` must not be used if the caller can not be 3720 // identified (use `UNAUTHENTICATED` instead for those errors). This error code 3721 // does not imply the request is valid or the requested entity exists or 3722 // satisfies other pre-conditions. HTTP Mapping: 403 Forbidden 3723 // "UNAUTHENTICATED" - The request does not have valid authentication 3724 // credentials for the operation. HTTP Mapping: 401 Unauthorized 3725 // "RESOURCE_EXHAUSTED" - Some resource has been exhausted, perhaps a 3726 // per-user quota, or perhaps the entire file system is out of space. HTTP 3727 // Mapping: 429 Too Many Requests 3728 // "FAILED_PRECONDITION" - The operation was rejected because the system is 3729 // not in a state required for the operation's execution. For example, the 3730 // directory to be deleted is non-empty, an rmdir operation is applied to a 3731 // non-directory, etc. Service implementors can use the following guidelines to 3732 // decide between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`: (a) Use 3733 // `UNAVAILABLE` if the client can retry just the failing call. (b) Use 3734 // `ABORTED` if the client should retry at a higher level. For example, when a 3735 // client-specified test-and-set fails, indicating the client should restart a 3736 // read-modify-write sequence. (c) Use `FAILED_PRECONDITION` if the client 3737 // should not retry until the system state has been explicitly fixed. For 3738 // example, if an "rmdir" fails because the directory is non-empty, 3739 // `FAILED_PRECONDITION` should be returned since the client should not retry 3740 // unless the files are deleted from the directory. HTTP Mapping: 400 Bad 3741 // Request 3742 // "ABORTED" - The operation was aborted, typically due to a concurrency 3743 // issue such as a sequencer check failure or transaction abort. See the 3744 // guidelines above for deciding between `FAILED_PRECONDITION`, `ABORTED`, and 3745 // `UNAVAILABLE`. HTTP Mapping: 409 Conflict 3746 // "OUT_OF_RANGE" - The operation was attempted past the valid range. E.g., 3747 // seeking or reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error 3748 // indicates a problem that may be fixed if the system state changes. For 3749 // example, a 32-bit file system will generate `INVALID_ARGUMENT` if asked to 3750 // read at an offset that is not in the range [0,2^32-1], but it will generate 3751 // `OUT_OF_RANGE` if asked to read from an offset past the current file size. 3752 // There is a fair bit of overlap between `FAILED_PRECONDITION` and 3753 // `OUT_OF_RANGE`. We recommend using `OUT_OF_RANGE` (the more specific error) 3754 // when it applies so that callers who are iterating through a space can easily 3755 // look for an `OUT_OF_RANGE` error to detect when they are done. HTTP Mapping: 3756 // 400 Bad Request 3757 // "UNIMPLEMENTED" - The operation is not implemented or is not 3758 // supported/enabled in this service. HTTP Mapping: 501 Not Implemented 3759 // "INTERNAL" - Internal errors. This means that some invariants expected by 3760 // the underlying system have been broken. This error code is reserved for 3761 // serious errors. HTTP Mapping: 500 Internal Server Error 3762 // "UNAVAILABLE" - The service is currently unavailable. This is most likely 3763 // a transient condition, which can be corrected by retrying with a backoff. 3764 // Note that it is not always safe to retry non-idempotent operations. See the 3765 // guidelines above for deciding between `FAILED_PRECONDITION`, `ABORTED`, and 3766 // `UNAVAILABLE`. HTTP Mapping: 503 Service Unavailable 3767 // "DATA_LOSS" - Unrecoverable data loss or corruption. HTTP Mapping: 500 3768 // Internal Server Error 3769 Code string `json:"code,omitempty"` 3770 // ForceSendFields is a list of field names (e.g. "Cause") to unconditionally 3771 // include in API requests. By default, fields with empty or default values are 3772 // omitted from API requests. See 3773 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3774 // details. 3775 ForceSendFields []string `json:"-"` 3776 // NullFields is a list of field names (e.g. "Cause") to include in API 3777 // requests with the JSON null value. By default, fields with empty values are 3778 // omitted from API requests. See 3779 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3780 NullFields []string `json:"-"` 3781 } 3782 3783 func (s *IamPolicyAnalysisState) MarshalJSON() ([]byte, error) { 3784 type NoMethod IamPolicyAnalysisState 3785 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3786 } 3787 3788 // IamPolicySearchResult: A result of IAM Policy search, containing information 3789 // of an IAM policy. 3790 type IamPolicySearchResult struct { 3791 // AssetType: The type of the resource associated with this IAM policy. 3792 // Example: `compute.googleapis.com/Disk`. To search against the `asset_type`: 3793 // * specify the `asset_types` field in your search request. 3794 AssetType string `json:"assetType,omitempty"` 3795 // Explanation: Explanation about the IAM policy search result. It contains 3796 // additional information to explain why the search result matches the query. 3797 Explanation *Explanation `json:"explanation,omitempty"` 3798 // Folders: The folder(s) that the IAM policy belongs to, in the form of 3799 // folders/{FOLDER_NUMBER}. This field is available when the IAM policy belongs 3800 // to one or more folders. To search against `folders`: * use a field query. 3801 // Example: `folders:(123 OR 456)` * use a free text query. Example: `123` * 3802 // specify the `scope` field as this folder in your search request. 3803 Folders []string `json:"folders,omitempty"` 3804 // Organization: The organization that the IAM policy belongs to, in the form 3805 // of organizations/{ORGANIZATION_NUMBER}. This field is available when the IAM 3806 // policy belongs to an organization. To search against `organization`: * use a 3807 // field query. Example: `organization:123` * use a free text query. Example: 3808 // `123` * specify the `scope` field as this organization in your search 3809 // request. 3810 Organization string `json:"organization,omitempty"` 3811 // Policy: The IAM policy directly set on the given resource. Note that the 3812 // original IAM policy can contain multiple bindings. This only contains the 3813 // bindings that match the given query. For queries that don't contain a 3814 // constrain on policies (e.g., an empty query), this contains all the 3815 // bindings. To search against the `policy` bindings: * use a field query: - 3816 // query by the policy contained members. Example: `policy:amy@gmail.com` - 3817 // query by the policy contained roles. Example: `policy:roles/compute.admin` - 3818 // query by the policy contained roles' included permissions. Example: 3819 // `policy.role.permissions:compute.instances.create` 3820 Policy *Policy `json:"policy,omitempty"` 3821 // Project: The project that the associated Google Cloud resource belongs to, 3822 // in the form of projects/{PROJECT_NUMBER}. If an IAM policy is set on a 3823 // resource (like VM instance, Cloud Storage bucket), the project field will 3824 // indicate the project that contains the resource. If an IAM policy is set on 3825 // a folder or orgnization, this field will be empty. To search against the 3826 // `project`: * specify the `scope` field as this project in your search 3827 // request. 3828 Project string `json:"project,omitempty"` 3829 // Resource: The full resource name of the resource associated with this IAM 3830 // policy. Example: 3831 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 3832 // nce1`. See Cloud Asset Inventory Resource Name Format 3833 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) for 3834 // more information. To search against the `resource`: * use a field query. 3835 // Example: `resource:organizations/123` 3836 Resource string `json:"resource,omitempty"` 3837 // ForceSendFields is a list of field names (e.g. "AssetType") to 3838 // unconditionally include in API requests. By default, fields with empty or 3839 // default values are omitted from API requests. See 3840 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3841 // details. 3842 ForceSendFields []string `json:"-"` 3843 // NullFields is a list of field names (e.g. "AssetType") to include in API 3844 // requests with the JSON null value. By default, fields with empty values are 3845 // omitted from API requests. See 3846 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3847 NullFields []string `json:"-"` 3848 } 3849 3850 func (s *IamPolicySearchResult) MarshalJSON() ([]byte, error) { 3851 type NoMethod IamPolicySearchResult 3852 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3853 } 3854 3855 // IdentitySelector: Specifies an identity for which to determine resource 3856 // access, based on roles assigned either directly to them or to the groups 3857 // they belong to, directly or indirectly. 3858 type IdentitySelector struct { 3859 // Identity: Required. The identity appear in the form of principals in IAM 3860 // policy binding (https://cloud.google.com/iam/reference/rest/v1/Binding). The 3861 // examples of supported forms are: "user:mike@example.com", 3862 // "group:admins@example.com", "domain:google.com", 3863 // "serviceAccount:my-project-id@appspot.gserviceaccount.com". Notice that 3864 // wildcard characters (such as * and ?) are not supported. You must give a 3865 // specific identity. 3866 Identity string `json:"identity,omitempty"` 3867 // ForceSendFields is a list of field names (e.g. "Identity") to 3868 // unconditionally include in API requests. By default, fields with empty or 3869 // default values are omitted from API requests. See 3870 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3871 // details. 3872 ForceSendFields []string `json:"-"` 3873 // NullFields is a list of field names (e.g. "Identity") to include in API 3874 // requests with the JSON null value. By default, fields with empty values are 3875 // omitted from API requests. See 3876 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3877 NullFields []string `json:"-"` 3878 } 3879 3880 func (s *IdentitySelector) MarshalJSON() ([]byte, error) { 3881 type NoMethod IdentitySelector 3882 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3883 } 3884 3885 // Inventory: This API resource represents the available inventory data for a 3886 // Compute Engine virtual machine (VM) instance at a given point in time. You 3887 // can use this API resource to determine the inventory data of your VM. For 3888 // more information, see Information provided by OS inventory management 3889 // (https://cloud.google.com/compute/docs/instances/os-inventory-management#data-collected). 3890 type Inventory struct { 3891 // Items: Inventory items related to the VM keyed by an opaque unique 3892 // identifier for each inventory item. The identifier is unique to each 3893 // distinct and addressable inventory item and will change, when there is a new 3894 // package version. 3895 Items map[string]Item `json:"items,omitempty"` 3896 // Name: Output only. The `Inventory` API resource name. Format: 3897 // `projects/{project_number}/locations/{location}/instances/{instance_id}/inven 3898 // tory` 3899 Name string `json:"name,omitempty"` 3900 // OsInfo: Base level operating system information for the VM. 3901 OsInfo *OsInfo `json:"osInfo,omitempty"` 3902 // UpdateTime: Output only. Timestamp of the last reported inventory for the 3903 // VM. 3904 UpdateTime string `json:"updateTime,omitempty"` 3905 // ForceSendFields is a list of field names (e.g. "Items") to unconditionally 3906 // include in API requests. By default, fields with empty or default values are 3907 // omitted from API requests. See 3908 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3909 // details. 3910 ForceSendFields []string `json:"-"` 3911 // NullFields is a list of field names (e.g. "Items") to include in API 3912 // requests with the JSON null value. By default, fields with empty values are 3913 // omitted from API requests. See 3914 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3915 NullFields []string `json:"-"` 3916 } 3917 3918 func (s *Inventory) MarshalJSON() ([]byte, error) { 3919 type NoMethod Inventory 3920 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3921 } 3922 3923 // Item: A single piece of inventory on a VM. 3924 type Item struct { 3925 // AvailablePackage: Software package available to be installed on the VM 3926 // instance. 3927 AvailablePackage *SoftwarePackage `json:"availablePackage,omitempty"` 3928 // CreateTime: When this inventory item was first detected. 3929 CreateTime string `json:"createTime,omitempty"` 3930 // Id: Identifier for this item, unique across items for this VM. 3931 Id string `json:"id,omitempty"` 3932 // InstalledPackage: Software package present on the VM instance. 3933 InstalledPackage *SoftwarePackage `json:"installedPackage,omitempty"` 3934 // OriginType: The origin of this inventory item. 3935 // 3936 // Possible values: 3937 // "ORIGIN_TYPE_UNSPECIFIED" - Invalid. An origin type must be specified. 3938 // "INVENTORY_REPORT" - This inventory item was discovered as the result of 3939 // the agent reporting inventory via the reporting API. 3940 OriginType string `json:"originType,omitempty"` 3941 // Type: The specific type of inventory, correlating to its specific details. 3942 // 3943 // Possible values: 3944 // "TYPE_UNSPECIFIED" - Invalid. An type must be specified. 3945 // "INSTALLED_PACKAGE" - This represents a package that is installed on the 3946 // VM. 3947 // "AVAILABLE_PACKAGE" - This represents an update that is available for a 3948 // package. 3949 Type string `json:"type,omitempty"` 3950 // UpdateTime: When this inventory item was last modified. 3951 UpdateTime string `json:"updateTime,omitempty"` 3952 // ForceSendFields is a list of field names (e.g. "AvailablePackage") to 3953 // unconditionally include in API requests. By default, fields with empty or 3954 // default values are omitted from API requests. See 3955 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3956 // details. 3957 ForceSendFields []string `json:"-"` 3958 // NullFields is a list of field names (e.g. "AvailablePackage") to include in 3959 // API requests with the JSON null value. By default, fields with empty values 3960 // are omitted from API requests. See 3961 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3962 NullFields []string `json:"-"` 3963 } 3964 3965 func (s *Item) MarshalJSON() ([]byte, error) { 3966 type NoMethod Item 3967 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3968 } 3969 3970 // ListAssetsResponse: ListAssets response. 3971 type ListAssetsResponse struct { 3972 // Assets: Assets. 3973 Assets []*Asset `json:"assets,omitempty"` 3974 // NextPageToken: Token to retrieve the next page of results. It expires 72 3975 // hours after the page token for the first page is generated. Set to empty if 3976 // there are no remaining results. 3977 NextPageToken string `json:"nextPageToken,omitempty"` 3978 // ReadTime: Time the snapshot was taken. 3979 ReadTime string `json:"readTime,omitempty"` 3980 3981 // ServerResponse contains the HTTP response code and headers from the server. 3982 googleapi.ServerResponse `json:"-"` 3983 // ForceSendFields is a list of field names (e.g. "Assets") to unconditionally 3984 // include in API requests. By default, fields with empty or default values are 3985 // omitted from API requests. See 3986 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 3987 // details. 3988 ForceSendFields []string `json:"-"` 3989 // NullFields is a list of field names (e.g. "Assets") to include in API 3990 // requests with the JSON null value. By default, fields with empty values are 3991 // omitted from API requests. See 3992 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 3993 NullFields []string `json:"-"` 3994 } 3995 3996 func (s *ListAssetsResponse) MarshalJSON() ([]byte, error) { 3997 type NoMethod ListAssetsResponse 3998 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 3999 } 4000 4001 type ListFeedsResponse struct { 4002 // Feeds: A list of feeds. 4003 Feeds []*Feed `json:"feeds,omitempty"` 4004 4005 // ServerResponse contains the HTTP response code and headers from the server. 4006 googleapi.ServerResponse `json:"-"` 4007 // ForceSendFields is a list of field names (e.g. "Feeds") to unconditionally 4008 // include in API requests. By default, fields with empty or default values are 4009 // omitted from API requests. See 4010 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4011 // details. 4012 ForceSendFields []string `json:"-"` 4013 // NullFields is a list of field names (e.g. "Feeds") to include in API 4014 // requests with the JSON null value. By default, fields with empty values are 4015 // omitted from API requests. See 4016 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4017 NullFields []string `json:"-"` 4018 } 4019 4020 func (s *ListFeedsResponse) MarshalJSON() ([]byte, error) { 4021 type NoMethod ListFeedsResponse 4022 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4023 } 4024 4025 // ListSavedQueriesResponse: Response of listing saved queries. 4026 type ListSavedQueriesResponse struct { 4027 // NextPageToken: A token, which can be sent as `page_token` to retrieve the 4028 // next page. If this field is omitted, there are no subsequent pages. 4029 NextPageToken string `json:"nextPageToken,omitempty"` 4030 // SavedQueries: A list of savedQueries. 4031 SavedQueries []*SavedQuery `json:"savedQueries,omitempty"` 4032 4033 // ServerResponse contains the HTTP response code and headers from the server. 4034 googleapi.ServerResponse `json:"-"` 4035 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 4036 // unconditionally include in API requests. By default, fields with empty or 4037 // default values are omitted from API requests. See 4038 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4039 // details. 4040 ForceSendFields []string `json:"-"` 4041 // NullFields is a list of field names (e.g. "NextPageToken") to include in API 4042 // requests with the JSON null value. By default, fields with empty values are 4043 // omitted from API requests. See 4044 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4045 NullFields []string `json:"-"` 4046 } 4047 4048 func (s *ListSavedQueriesResponse) MarshalJSON() ([]byte, error) { 4049 type NoMethod ListSavedQueriesResponse 4050 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4051 } 4052 4053 // MoveAnalysis: A message to group the analysis information. 4054 type MoveAnalysis struct { 4055 // Analysis: Analysis result of moving the target resource. 4056 Analysis *MoveAnalysisResult `json:"analysis,omitempty"` 4057 // DisplayName: The user friendly display name of the analysis. E.g. IAM, 4058 // organization policy etc. 4059 DisplayName string `json:"displayName,omitempty"` 4060 // Error: Description of error encountered when performing the analysis. 4061 Error *Status `json:"error,omitempty"` 4062 // ForceSendFields is a list of field names (e.g. "Analysis") to 4063 // unconditionally include in API requests. By default, fields with empty or 4064 // default values are omitted from API requests. See 4065 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4066 // details. 4067 ForceSendFields []string `json:"-"` 4068 // NullFields is a list of field names (e.g. "Analysis") to include in API 4069 // requests with the JSON null value. By default, fields with empty values are 4070 // omitted from API requests. See 4071 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4072 NullFields []string `json:"-"` 4073 } 4074 4075 func (s *MoveAnalysis) MarshalJSON() ([]byte, error) { 4076 type NoMethod MoveAnalysis 4077 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4078 } 4079 4080 // MoveAnalysisResult: An analysis result including blockers and warnings. 4081 type MoveAnalysisResult struct { 4082 // Blockers: Blocking information that would prevent the target resource from 4083 // moving to the specified destination at runtime. 4084 Blockers []*MoveImpact `json:"blockers,omitempty"` 4085 // Warnings: Warning information indicating that moving the target resource to 4086 // the specified destination might be unsafe. This can include important policy 4087 // information and configuration changes, but will not block moves at runtime. 4088 Warnings []*MoveImpact `json:"warnings,omitempty"` 4089 // ForceSendFields is a list of field names (e.g. "Blockers") to 4090 // unconditionally include in API requests. By default, fields with empty or 4091 // default values are omitted from API requests. See 4092 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4093 // details. 4094 ForceSendFields []string `json:"-"` 4095 // NullFields is a list of field names (e.g. "Blockers") to include in API 4096 // requests with the JSON null value. By default, fields with empty values are 4097 // omitted from API requests. See 4098 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4099 NullFields []string `json:"-"` 4100 } 4101 4102 func (s *MoveAnalysisResult) MarshalJSON() ([]byte, error) { 4103 type NoMethod MoveAnalysisResult 4104 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4105 } 4106 4107 // MoveImpact: A message to group impacts of moving the target resource. 4108 type MoveImpact struct { 4109 // Detail: User friendly impact detail in a free form message. 4110 Detail string `json:"detail,omitempty"` 4111 // ForceSendFields is a list of field names (e.g. "Detail") to unconditionally 4112 // include in API requests. By default, fields with empty or default values are 4113 // omitted from API requests. See 4114 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4115 // details. 4116 ForceSendFields []string `json:"-"` 4117 // NullFields is a list of field names (e.g. "Detail") to include in API 4118 // requests with the JSON null value. By default, fields with empty values are 4119 // omitted from API requests. See 4120 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4121 NullFields []string `json:"-"` 4122 } 4123 4124 func (s *MoveImpact) MarshalJSON() ([]byte, error) { 4125 type NoMethod MoveImpact 4126 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4127 } 4128 4129 // Operation: This resource represents a long-running operation that is the 4130 // result of a network API call. 4131 type Operation struct { 4132 // Done: If the value is `false`, it means the operation is still in progress. 4133 // If `true`, the operation is completed, and either `error` or `response` is 4134 // available. 4135 Done bool `json:"done,omitempty"` 4136 // Error: The error result of the operation in case of failure or cancellation. 4137 Error *Status `json:"error,omitempty"` 4138 // Metadata: Service-specific metadata associated with the operation. It 4139 // typically contains progress information and common metadata such as create 4140 // time. Some services might not provide such metadata. Any method that returns 4141 // a long-running operation should document the metadata type, if any. 4142 Metadata googleapi.RawMessage `json:"metadata,omitempty"` 4143 // Name: The server-assigned name, which is only unique within the same service 4144 // that originally returns it. If you use the default HTTP mapping, the `name` 4145 // should be a resource name ending with `operations/{unique_id}`. 4146 Name string `json:"name,omitempty"` 4147 // Response: The normal, successful response of the operation. If the original 4148 // method returns no data on success, such as `Delete`, the response is 4149 // `google.protobuf.Empty`. If the original method is standard 4150 // `Get`/`Create`/`Update`, the response should be the resource. For other 4151 // methods, the response should have the type `XxxResponse`, where `Xxx` is the 4152 // original method name. For example, if the original method name is 4153 // `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. 4154 Response googleapi.RawMessage `json:"response,omitempty"` 4155 4156 // ServerResponse contains the HTTP response code and headers from the server. 4157 googleapi.ServerResponse `json:"-"` 4158 // ForceSendFields is a list of field names (e.g. "Done") to unconditionally 4159 // include in API requests. By default, fields with empty or default values are 4160 // omitted from API requests. See 4161 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4162 // details. 4163 ForceSendFields []string `json:"-"` 4164 // NullFields is a list of field names (e.g. "Done") to include in API requests 4165 // with the JSON null value. By default, fields with empty values are omitted 4166 // from API requests. See 4167 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4168 NullFields []string `json:"-"` 4169 } 4170 4171 func (s *Operation) MarshalJSON() ([]byte, error) { 4172 type NoMethod Operation 4173 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4174 } 4175 4176 // Options: Contains query options. 4177 type Options struct { 4178 // AnalyzeServiceAccountImpersonation: Optional. If true, the response will 4179 // include access analysis from identities to resources via service account 4180 // impersonation. This is a very expensive operation, because many derived 4181 // queries will be executed. We highly recommend you use 4182 // AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, if the 4183 // request analyzes for which resources user A has permission P, and there's an 4184 // IAM policy states user A has iam.serviceAccounts.getAccessToken permission 4185 // to a service account SA, and there's another IAM policy states service 4186 // account SA has permission P to a Google Cloud folder F, then user A 4187 // potentially has access to the Google Cloud folder F. And those advanced 4188 // analysis results will be included in 4189 // AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another 4190 // example, if the request analyzes for who has permission P to a Google Cloud 4191 // folder F, and there's an IAM policy states user A has 4192 // iam.serviceAccounts.actAs permission to a service account SA, and there's 4193 // another IAM policy states service account SA has permission P to the Google 4194 // Cloud folder F, then user A potentially has access to the Google Cloud 4195 // folder F. And those advanced analysis results will be included in 4196 // AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Only the 4197 // following permissions are considered in this analysis: * 4198 // `iam.serviceAccounts.actAs` * `iam.serviceAccounts.signBlob` * 4199 // `iam.serviceAccounts.signJwt` * `iam.serviceAccounts.getAccessToken` * 4200 // `iam.serviceAccounts.getOpenIdToken` * 4201 // `iam.serviceAccounts.implicitDelegation` Default is false. 4202 AnalyzeServiceAccountImpersonation bool `json:"analyzeServiceAccountImpersonation,omitempty"` 4203 // ExpandGroups: Optional. If true, the identities section of the result will 4204 // expand any Google groups appearing in an IAM policy binding. If 4205 // IamPolicyAnalysisQuery.identity_selector is specified, the identity in the 4206 // result will be determined by the selector, and this flag is not allowed to 4207 // set. If true, the default max expansion per group is 1000 for 4208 // AssetService.AnalyzeIamPolicy][]. Default is false. 4209 ExpandGroups bool `json:"expandGroups,omitempty"` 4210 // ExpandResources: Optional. If true and 4211 // IamPolicyAnalysisQuery.resource_selector is not specified, the resource 4212 // section of the result will expand any resource attached to an IAM policy to 4213 // include resources lower in the resource hierarchy. For example, if the 4214 // request analyzes for which resources user A has permission P, and the 4215 // results include an IAM policy with P on a Google Cloud folder, the results 4216 // will also include resources in that folder with permission P. If true and 4217 // IamPolicyAnalysisQuery.resource_selector is specified, the resource section 4218 // of the result will expand the specified resource to include resources lower 4219 // in the resource hierarchy. Only project or lower resources are supported. 4220 // Folder and organization resources cannot be used together with this option. 4221 // For example, if the request analyzes for which users have permission P on a 4222 // Google Cloud project with this option enabled, the results will include all 4223 // users who have permission P on that project or any lower resource. If true, 4224 // the default max expansion per resource is 1000 for 4225 // AssetService.AnalyzeIamPolicy][] and 100000 for 4226 // AssetService.AnalyzeIamPolicyLongrunning][]. Default is false. 4227 ExpandResources bool `json:"expandResources,omitempty"` 4228 // ExpandRoles: Optional. If true, the access section of result will expand any 4229 // roles appearing in IAM policy bindings to include their permissions. If 4230 // IamPolicyAnalysisQuery.access_selector is specified, the access section of 4231 // the result will be determined by the selector, and this flag is not allowed 4232 // to set. Default is false. 4233 ExpandRoles bool `json:"expandRoles,omitempty"` 4234 // OutputGroupEdges: Optional. If true, the result will output the relevant 4235 // membership relationships between groups and other groups, and between groups 4236 // and principals. Default is false. 4237 OutputGroupEdges bool `json:"outputGroupEdges,omitempty"` 4238 // OutputResourceEdges: Optional. If true, the result will output the relevant 4239 // parent/child relationships between resources. Default is false. 4240 OutputResourceEdges bool `json:"outputResourceEdges,omitempty"` 4241 // ForceSendFields is a list of field names (e.g. 4242 // "AnalyzeServiceAccountImpersonation") to unconditionally include in API 4243 // requests. By default, fields with empty or default values are omitted from 4244 // API requests. See 4245 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4246 // details. 4247 ForceSendFields []string `json:"-"` 4248 // NullFields is a list of field names (e.g. 4249 // "AnalyzeServiceAccountImpersonation") to include in API requests with the 4250 // JSON null value. By default, fields with empty values are omitted from API 4251 // requests. See https://pkg.go.dev/google.golang.org/api#hdr-NullFields for 4252 // more details. 4253 NullFields []string `json:"-"` 4254 } 4255 4256 func (s *Options) MarshalJSON() ([]byte, error) { 4257 type NoMethod Options 4258 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4259 } 4260 4261 // OrgPolicyResult: The organization policy result to the query. 4262 type OrgPolicyResult struct { 4263 // ConsolidatedPolicy: The consolidated organization policy for the analyzed 4264 // resource. The consolidated organization policy is computed by merging and 4265 // evaluating AnalyzeOrgPoliciesResponse.policy_bundle. The evaluation will 4266 // respect the organization policy hierarchy rules 4267 // (https://cloud.google.com/resource-manager/docs/organization-policy/understanding-hierarchy). 4268 ConsolidatedPolicy *AnalyzerOrgPolicy `json:"consolidatedPolicy,omitempty"` 4269 // Folders: The folder(s) that this consolidated policy belongs to, in the 4270 // format of folders/{FOLDER_NUMBER}. This field is available when the 4271 // consolidated policy belongs (directly or cascadingly) to one or more 4272 // folders. 4273 Folders []string `json:"folders,omitempty"` 4274 // Organization: The organization that this consolidated policy belongs to, in 4275 // the format of organizations/{ORGANIZATION_NUMBER}. This field is available 4276 // when the consolidated policy belongs (directly or cascadingly) to an 4277 // organization. 4278 Organization string `json:"organization,omitempty"` 4279 // PolicyBundle: The ordered list of all organization policies from the 4280 // AnalyzeOrgPoliciesResponse.OrgPolicyResult.consolidated_policy.attached_resou 4281 // rce. to the scope specified in the request. If the constraint is defined 4282 // with default policy, it will also appear in the list. 4283 PolicyBundle []*AnalyzerOrgPolicy `json:"policyBundle,omitempty"` 4284 // Project: The project that this consolidated policy belongs to, in the format 4285 // of projects/{PROJECT_NUMBER}. This field is available when the consolidated 4286 // policy belongs to a project. 4287 Project string `json:"project,omitempty"` 4288 // ForceSendFields is a list of field names (e.g. "ConsolidatedPolicy") to 4289 // unconditionally include in API requests. By default, fields with empty or 4290 // default values are omitted from API requests. See 4291 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4292 // details. 4293 ForceSendFields []string `json:"-"` 4294 // NullFields is a list of field names (e.g. "ConsolidatedPolicy") to include 4295 // in API requests with the JSON null value. By default, fields with empty 4296 // values are omitted from API requests. See 4297 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4298 NullFields []string `json:"-"` 4299 } 4300 4301 func (s *OrgPolicyResult) MarshalJSON() ([]byte, error) { 4302 type NoMethod OrgPolicyResult 4303 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4304 } 4305 4306 // OsInfo: Operating system information for the VM. 4307 type OsInfo struct { 4308 // Architecture: The system architecture of the operating system. 4309 Architecture string `json:"architecture,omitempty"` 4310 // Hostname: The VM hostname. 4311 Hostname string `json:"hostname,omitempty"` 4312 // KernelRelease: The kernel release of the operating system. 4313 KernelRelease string `json:"kernelRelease,omitempty"` 4314 // KernelVersion: The kernel version of the operating system. 4315 KernelVersion string `json:"kernelVersion,omitempty"` 4316 // LongName: The operating system long name. For example 'Debian GNU/Linux 9' 4317 // or 'Microsoft Window Server 2019 Datacenter'. 4318 LongName string `json:"longName,omitempty"` 4319 // OsconfigAgentVersion: The current version of the OS Config agent running on 4320 // the VM. 4321 OsconfigAgentVersion string `json:"osconfigAgentVersion,omitempty"` 4322 // ShortName: The operating system short name. For example, 'windows' or 4323 // 'debian'. 4324 ShortName string `json:"shortName,omitempty"` 4325 // Version: The version of the operating system. 4326 Version string `json:"version,omitempty"` 4327 // ForceSendFields is a list of field names (e.g. "Architecture") to 4328 // unconditionally include in API requests. By default, fields with empty or 4329 // default values are omitted from API requests. See 4330 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4331 // details. 4332 ForceSendFields []string `json:"-"` 4333 // NullFields is a list of field names (e.g. "Architecture") to include in API 4334 // requests with the JSON null value. By default, fields with empty values are 4335 // omitted from API requests. See 4336 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4337 NullFields []string `json:"-"` 4338 } 4339 4340 func (s *OsInfo) MarshalJSON() ([]byte, error) { 4341 type NoMethod OsInfo 4342 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4343 } 4344 4345 // OutputConfig: Output configuration for export assets destination. 4346 type OutputConfig struct { 4347 // BigqueryDestination: Destination on BigQuery. The output table stores the 4348 // fields in asset Protobuf as columns in BigQuery. 4349 BigqueryDestination *BigQueryDestination `json:"bigqueryDestination,omitempty"` 4350 // GcsDestination: Destination on Cloud Storage. 4351 GcsDestination *GcsDestination `json:"gcsDestination,omitempty"` 4352 // ForceSendFields is a list of field names (e.g. "BigqueryDestination") to 4353 // unconditionally include in API requests. By default, fields with empty or 4354 // default values are omitted from API requests. See 4355 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4356 // details. 4357 ForceSendFields []string `json:"-"` 4358 // NullFields is a list of field names (e.g. "BigqueryDestination") to include 4359 // in API requests with the JSON null value. By default, fields with empty 4360 // values are omitted from API requests. See 4361 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4362 NullFields []string `json:"-"` 4363 } 4364 4365 func (s *OutputConfig) MarshalJSON() ([]byte, error) { 4366 type NoMethod OutputConfig 4367 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4368 } 4369 4370 // PartitionSpec: Specifications of BigQuery partitioned table as export 4371 // destination. 4372 type PartitionSpec struct { 4373 // PartitionKey: The partition key for BigQuery partitioned table. 4374 // 4375 // Possible values: 4376 // "PARTITION_KEY_UNSPECIFIED" - Unspecified partition key. If used, it means 4377 // using non-partitioned table. 4378 // "READ_TIME" - The time when the snapshot is taken. If specified as 4379 // partition key, the result table(s) is partitoned by the additional timestamp 4380 // column, readTime. If [read_time] in ExportAssetsRequest is specified, the 4381 // readTime column's value will be the same as it. Otherwise, its value will be 4382 // the current time that is used to take the snapshot. 4383 // "REQUEST_TIME" - The time when the request is received and started to be 4384 // processed. If specified as partition key, the result table(s) is partitoned 4385 // by the requestTime column, an additional timestamp column representing when 4386 // the request was received. 4387 PartitionKey string `json:"partitionKey,omitempty"` 4388 // ForceSendFields is a list of field names (e.g. "PartitionKey") to 4389 // unconditionally include in API requests. By default, fields with empty or 4390 // default values are omitted from API requests. See 4391 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4392 // details. 4393 ForceSendFields []string `json:"-"` 4394 // NullFields is a list of field names (e.g. "PartitionKey") to include in API 4395 // requests with the JSON null value. By default, fields with empty values are 4396 // omitted from API requests. See 4397 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4398 NullFields []string `json:"-"` 4399 } 4400 4401 func (s *PartitionSpec) MarshalJSON() ([]byte, error) { 4402 type NoMethod PartitionSpec 4403 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4404 } 4405 4406 // Permissions: IAM permissions 4407 type Permissions struct { 4408 // Permissions: A list of permissions. A sample permission string: 4409 // `compute.disk.get`. 4410 Permissions []string `json:"permissions,omitempty"` 4411 // ForceSendFields is a list of field names (e.g. "Permissions") to 4412 // unconditionally include in API requests. By default, fields with empty or 4413 // default values are omitted from API requests. See 4414 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4415 // details. 4416 ForceSendFields []string `json:"-"` 4417 // NullFields is a list of field names (e.g. "Permissions") to include in API 4418 // requests with the JSON null value. By default, fields with empty values are 4419 // omitted from API requests. See 4420 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4421 NullFields []string `json:"-"` 4422 } 4423 4424 func (s *Permissions) MarshalJSON() ([]byte, error) { 4425 type NoMethod Permissions 4426 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4427 } 4428 4429 // Policy: An Identity and Access Management (IAM) policy, which specifies 4430 // access controls for Google Cloud resources. A `Policy` is a collection of 4431 // `bindings`. A `binding` binds one or more `members`, or principals, to a 4432 // single `role`. Principals can be user accounts, service accounts, Google 4433 // groups, and domains (such as G Suite). A `role` is a named list of 4434 // permissions; each `role` can be an IAM predefined role or a user-created 4435 // custom role. For some types of Google Cloud resources, a `binding` can also 4436 // specify a `condition`, which is a logical expression that allows access to a 4437 // resource only if the expression evaluates to `true`. A condition can add 4438 // constraints based on attributes of the request, the resource, or both. To 4439 // learn which resources support conditions in their IAM policies, see the IAM 4440 // documentation 4441 // (https://cloud.google.com/iam/help/conditions/resource-policies). **JSON 4442 // example:** ``` { "bindings": [ { "role": 4443 // "roles/resourcemanager.organizationAdmin", "members": [ 4444 // "user:mike@example.com", "group:admins@example.com", "domain:google.com", 4445 // "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": 4446 // "roles/resourcemanager.organizationViewer", "members": [ 4447 // "user:eve@example.com" ], "condition": { "title": "expirable access", 4448 // "description": "Does not grant access after Sep 2020", "expression": 4449 // "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": 4450 // "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - 4451 // members: - user:mike@example.com - group:admins@example.com - 4452 // domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com 4453 // role: roles/resourcemanager.organizationAdmin - members: - 4454 // user:eve@example.com role: roles/resourcemanager.organizationViewer 4455 // condition: title: expirable access description: Does not grant access after 4456 // Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') 4457 // etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, 4458 // see the IAM documentation (https://cloud.google.com/iam/docs/). 4459 type Policy struct { 4460 // AuditConfigs: Specifies cloud audit logging configuration for this policy. 4461 AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"` 4462 // Bindings: Associates a list of `members`, or principals, with a `role`. 4463 // Optionally, may specify a `condition` that determines how and when the 4464 // `bindings` are applied. Each of the `bindings` must contain at least one 4465 // principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; 4466 // up to 250 of these principals can be Google groups. Each occurrence of a 4467 // principal counts towards these limits. For example, if the `bindings` grant 4468 // 50 different roles to `user:alice@example.com`, and not to any other 4469 // principal, then you can add another 1,450 principals to the `bindings` in 4470 // the `Policy`. 4471 Bindings []*Binding `json:"bindings,omitempty"` 4472 // Etag: `etag` is used for optimistic concurrency control as a way to help 4473 // prevent simultaneous updates of a policy from overwriting each other. It is 4474 // strongly suggested that systems make use of the `etag` in the 4475 // read-modify-write cycle to perform policy updates in order to avoid race 4476 // conditions: An `etag` is returned in the response to `getIamPolicy`, and 4477 // systems are expected to put that etag in the request to `setIamPolicy` to 4478 // ensure that their change will be applied to the same version of the policy. 4479 // **Important:** If you use IAM Conditions, you must include the `etag` field 4480 // whenever you call `setIamPolicy`. If you omit this field, then IAM allows 4481 // you to overwrite a version `3` policy with a version `1` policy, and all of 4482 // the conditions in the version `3` policy are lost. 4483 Etag string `json:"etag,omitempty"` 4484 // Version: Specifies the format of the policy. Valid values are `0`, `1`, and 4485 // `3`. Requests that specify an invalid value are rejected. Any operation that 4486 // affects conditional role bindings must specify version `3`. This requirement 4487 // applies to the following operations: * Getting a policy that includes a 4488 // conditional role binding * Adding a conditional role binding to a policy * 4489 // Changing a conditional role binding in a policy * Removing any role binding, 4490 // with or without a condition, from a policy that includes conditions 4491 // **Important:** If you use IAM Conditions, you must include the `etag` field 4492 // whenever you call `setIamPolicy`. If you omit this field, then IAM allows 4493 // you to overwrite a version `3` policy with a version `1` policy, and all of 4494 // the conditions in the version `3` policy are lost. If a policy does not 4495 // include any conditions, operations on that policy may specify any valid 4496 // version or leave the field unset. To learn which resources support 4497 // conditions in their IAM policies, see the IAM documentation 4498 // (https://cloud.google.com/iam/help/conditions/resource-policies). 4499 Version int64 `json:"version,omitempty"` 4500 // ForceSendFields is a list of field names (e.g. "AuditConfigs") to 4501 // unconditionally include in API requests. By default, fields with empty or 4502 // default values are omitted from API requests. See 4503 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4504 // details. 4505 ForceSendFields []string `json:"-"` 4506 // NullFields is a list of field names (e.g. "AuditConfigs") to include in API 4507 // requests with the JSON null value. By default, fields with empty values are 4508 // omitted from API requests. See 4509 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4510 NullFields []string `json:"-"` 4511 } 4512 4513 func (s *Policy) MarshalJSON() ([]byte, error) { 4514 type NoMethod Policy 4515 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4516 } 4517 4518 // PolicyInfo: The IAM policy and its attached resource. 4519 type PolicyInfo struct { 4520 // AttachedResource: The full resource name the policy is directly attached to. 4521 AttachedResource string `json:"attachedResource,omitempty"` 4522 // Policy: The IAM policy that's directly attached to the attached_resource. 4523 Policy *Policy `json:"policy,omitempty"` 4524 // ForceSendFields is a list of field names (e.g. "AttachedResource") to 4525 // unconditionally include in API requests. By default, fields with empty or 4526 // default values are omitted from API requests. See 4527 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4528 // details. 4529 ForceSendFields []string `json:"-"` 4530 // NullFields is a list of field names (e.g. "AttachedResource") to include in 4531 // API requests with the JSON null value. By default, fields with empty values 4532 // are omitted from API requests. See 4533 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4534 NullFields []string `json:"-"` 4535 } 4536 4537 func (s *PolicyInfo) MarshalJSON() ([]byte, error) { 4538 type NoMethod PolicyInfo 4539 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4540 } 4541 4542 // PubsubDestination: A Pub/Sub destination. 4543 type PubsubDestination struct { 4544 // Topic: The name of the Pub/Sub topic to publish to. Example: 4545 // `projects/PROJECT_ID/topics/TOPIC_ID`. 4546 Topic string `json:"topic,omitempty"` 4547 // ForceSendFields is a list of field names (e.g. "Topic") to unconditionally 4548 // include in API requests. By default, fields with empty or default values are 4549 // omitted from API requests. See 4550 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4551 // details. 4552 ForceSendFields []string `json:"-"` 4553 // NullFields is a list of field names (e.g. "Topic") to include in API 4554 // requests with the JSON null value. By default, fields with empty values are 4555 // omitted from API requests. See 4556 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4557 NullFields []string `json:"-"` 4558 } 4559 4560 func (s *PubsubDestination) MarshalJSON() ([]byte, error) { 4561 type NoMethod PubsubDestination 4562 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4563 } 4564 4565 // QueryAssetsOutputConfig: Output configuration query assets. 4566 type QueryAssetsOutputConfig struct { 4567 // BigqueryDestination: BigQuery destination where the query results will be 4568 // saved. 4569 BigqueryDestination *GoogleCloudAssetV1QueryAssetsOutputConfigBigQueryDestination `json:"bigqueryDestination,omitempty"` 4570 // ForceSendFields is a list of field names (e.g. "BigqueryDestination") to 4571 // unconditionally include in API requests. By default, fields with empty or 4572 // default values are omitted from API requests. See 4573 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4574 // details. 4575 ForceSendFields []string `json:"-"` 4576 // NullFields is a list of field names (e.g. "BigqueryDestination") to include 4577 // in API requests with the JSON null value. By default, fields with empty 4578 // values are omitted from API requests. See 4579 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4580 NullFields []string `json:"-"` 4581 } 4582 4583 func (s *QueryAssetsOutputConfig) MarshalJSON() ([]byte, error) { 4584 type NoMethod QueryAssetsOutputConfig 4585 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4586 } 4587 4588 // QueryAssetsRequest: QueryAssets request. 4589 type QueryAssetsRequest struct { 4590 // JobReference: Optional. Reference to the query job, which is from the 4591 // `QueryAssetsResponse` of previous `QueryAssets` call. 4592 JobReference string `json:"jobReference,omitempty"` 4593 // OutputConfig: Optional. Destination where the query results will be saved. 4594 // When this field is specified, the query results won't be saved in the 4595 // [QueryAssetsResponse.query_result]. Instead 4596 // [QueryAssetsResponse.output_config] will be set. Meanwhile, 4597 // [QueryAssetsResponse.job_reference] will be set and can be used to check the 4598 // status of the query job when passed to a following [QueryAssets] API call. 4599 OutputConfig *QueryAssetsOutputConfig `json:"outputConfig,omitempty"` 4600 // PageSize: Optional. The maximum number of rows to return in the results. 4601 // Responses are limited to 10 MB and 1000 rows. By default, the maximum row 4602 // count is 1000. When the byte or row count limit is reached, the rest of the 4603 // query results will be paginated. The field will be ignored when 4604 // [output_config] is specified. 4605 PageSize int64 `json:"pageSize,omitempty"` 4606 // PageToken: Optional. A page token received from previous `QueryAssets`. The 4607 // field will be ignored when [output_config] is specified. 4608 PageToken string `json:"pageToken,omitempty"` 4609 // ReadTime: Optional. Queries cloud assets as they appeared at the specified 4610 // point in time. 4611 ReadTime string `json:"readTime,omitempty"` 4612 // ReadTimeWindow: Optional. [start_time] is required. [start_time] must be 4613 // less than [end_time] Defaults [end_time] to now if [start_time] is set and 4614 // [end_time] isn't. Maximum permitted time range is 7 days. 4615 ReadTimeWindow *TimeWindow `json:"readTimeWindow,omitempty"` 4616 // Statement: Optional. A SQL statement that's compatible with BigQuery SQL 4617 // (https://cloud.google.com/bigquery/docs/introduction-sql). 4618 Statement string `json:"statement,omitempty"` 4619 // Timeout: Optional. Specifies the maximum amount of time that the client is 4620 // willing to wait for the query to complete. By default, this limit is 5 min 4621 // for the first query, and 1 minute for the following queries. If the query is 4622 // complete, the `done` field in the `QueryAssetsResponse` is true, otherwise 4623 // false. Like BigQuery jobs.query API 4624 // (https://cloud.google.com/bigquery/docs/reference/rest/v2/jobs/query#queryrequest) 4625 // The call is not guaranteed to wait for the specified timeout; it typically 4626 // returns after around 200 seconds (200,000 milliseconds), even if the query 4627 // is not complete. The field will be ignored when [output_config] is 4628 // specified. 4629 Timeout string `json:"timeout,omitempty"` 4630 // ForceSendFields is a list of field names (e.g. "JobReference") to 4631 // unconditionally include in API requests. By default, fields with empty or 4632 // default values are omitted from API requests. See 4633 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4634 // details. 4635 ForceSendFields []string `json:"-"` 4636 // NullFields is a list of field names (e.g. "JobReference") to include in API 4637 // requests with the JSON null value. By default, fields with empty values are 4638 // omitted from API requests. See 4639 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4640 NullFields []string `json:"-"` 4641 } 4642 4643 func (s *QueryAssetsRequest) MarshalJSON() ([]byte, error) { 4644 type NoMethod QueryAssetsRequest 4645 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4646 } 4647 4648 // QueryAssetsResponse: QueryAssets response. 4649 type QueryAssetsResponse struct { 4650 // Done: The query response, which can be either an `error` or a valid 4651 // `response`. If `done` == `false` and the query result is being saved in a 4652 // output, the output_config field will be set. If `done` == `true`, exactly 4653 // one of `error`, `query_result` or `output_config` will be set. 4654 Done bool `json:"done,omitempty"` 4655 // Error: Error status. 4656 Error *Status `json:"error,omitempty"` 4657 // JobReference: Reference to a query job. 4658 JobReference string `json:"jobReference,omitempty"` 4659 // OutputConfig: Output configuration which indicates instead of being returned 4660 // in API response on the fly, the query result will be saved in a specific 4661 // output. 4662 OutputConfig *QueryAssetsOutputConfig `json:"outputConfig,omitempty"` 4663 // QueryResult: Result of the query. 4664 QueryResult *QueryResult `json:"queryResult,omitempty"` 4665 4666 // ServerResponse contains the HTTP response code and headers from the server. 4667 googleapi.ServerResponse `json:"-"` 4668 // ForceSendFields is a list of field names (e.g. "Done") to unconditionally 4669 // include in API requests. By default, fields with empty or default values are 4670 // omitted from API requests. See 4671 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4672 // details. 4673 ForceSendFields []string `json:"-"` 4674 // NullFields is a list of field names (e.g. "Done") to include in API requests 4675 // with the JSON null value. By default, fields with empty values are omitted 4676 // from API requests. See 4677 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4678 NullFields []string `json:"-"` 4679 } 4680 4681 func (s *QueryAssetsResponse) MarshalJSON() ([]byte, error) { 4682 type NoMethod QueryAssetsResponse 4683 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4684 } 4685 4686 // QueryContent: The query content. 4687 type QueryContent struct { 4688 // IamPolicyAnalysisQuery: An IAM Policy Analysis query, which could be used in 4689 // the AssetService.AnalyzeIamPolicy RPC or the 4690 // AssetService.AnalyzeIamPolicyLongrunning RPC. 4691 IamPolicyAnalysisQuery *IamPolicyAnalysisQuery `json:"iamPolicyAnalysisQuery,omitempty"` 4692 // ForceSendFields is a list of field names (e.g. "IamPolicyAnalysisQuery") to 4693 // unconditionally include in API requests. By default, fields with empty or 4694 // default values are omitted from API requests. See 4695 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4696 // details. 4697 ForceSendFields []string `json:"-"` 4698 // NullFields is a list of field names (e.g. "IamPolicyAnalysisQuery") to 4699 // include in API requests with the JSON null value. By default, fields with 4700 // empty values are omitted from API requests. See 4701 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4702 NullFields []string `json:"-"` 4703 } 4704 4705 func (s *QueryContent) MarshalJSON() ([]byte, error) { 4706 type NoMethod QueryContent 4707 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4708 } 4709 4710 // QueryResult: Execution results of the query. The result is formatted as rows 4711 // represented by BigQuery compatible [schema]. When pagination is necessary, 4712 // it will contains the page token to retrieve the results of following pages. 4713 type QueryResult struct { 4714 // NextPageToken: Token to retrieve the next page of the results. 4715 NextPageToken string `json:"nextPageToken,omitempty"` 4716 // Rows: Each row hold a query result in the format of `Struct`. 4717 Rows []googleapi.RawMessage `json:"rows,omitempty"` 4718 // Schema: Describes the format of the [rows]. 4719 Schema *TableSchema `json:"schema,omitempty"` 4720 // TotalRows: Total rows of the whole query results. 4721 TotalRows int64 `json:"totalRows,omitempty,string"` 4722 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 4723 // unconditionally include in API requests. By default, fields with empty or 4724 // default values are omitted from API requests. See 4725 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4726 // details. 4727 ForceSendFields []string `json:"-"` 4728 // NullFields is a list of field names (e.g. "NextPageToken") to include in API 4729 // requests with the JSON null value. By default, fields with empty values are 4730 // omitted from API requests. See 4731 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4732 NullFields []string `json:"-"` 4733 } 4734 4735 func (s *QueryResult) MarshalJSON() ([]byte, error) { 4736 type NoMethod QueryResult 4737 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4738 } 4739 4740 // RelatedAsset: An asset identifier in Google Cloud which contains its name, 4741 // type and ancestors. An asset can be any resource in the Google Cloud 4742 // resource hierarchy 4743 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 4744 // a resource outside the Google Cloud resource hierarchy (such as Google 4745 // Kubernetes Engine clusters and objects), or a policy (e.g. IAM policy). See 4746 // Supported asset types 4747 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 4748 // more information. 4749 type RelatedAsset struct { 4750 // Ancestors: The ancestors of an asset in Google Cloud resource hierarchy 4751 // (https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), 4752 // represented as a list of relative resource names. An ancestry path starts 4753 // with the closest ancestor in the hierarchy and ends at root. Example: 4754 // `["projects/123456789", "folders/5432", "organizations/1234"]` 4755 Ancestors []string `json:"ancestors,omitempty"` 4756 // Asset: The full name of the asset. Example: 4757 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 4758 // nce1` See Resource names 4759 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) for 4760 // more information. 4761 Asset string `json:"asset,omitempty"` 4762 // AssetType: The type of the asset. Example: `compute.googleapis.com/Disk` See 4763 // Supported asset types 4764 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) for 4765 // more information. 4766 AssetType string `json:"assetType,omitempty"` 4767 // RelationshipType: The unique identifier of the relationship type. Example: 4768 // `INSTANCE_TO_INSTANCEGROUP` 4769 RelationshipType string `json:"relationshipType,omitempty"` 4770 // ForceSendFields is a list of field names (e.g. "Ancestors") to 4771 // unconditionally include in API requests. By default, fields with empty or 4772 // default values are omitted from API requests. See 4773 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4774 // details. 4775 ForceSendFields []string `json:"-"` 4776 // NullFields is a list of field names (e.g. "Ancestors") to include in API 4777 // requests with the JSON null value. By default, fields with empty values are 4778 // omitted from API requests. See 4779 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4780 NullFields []string `json:"-"` 4781 } 4782 4783 func (s *RelatedAsset) MarshalJSON() ([]byte, error) { 4784 type NoMethod RelatedAsset 4785 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4786 } 4787 4788 // RelatedAssets: DEPRECATED. This message only presents for the purpose of 4789 // backward-compatibility. The server will never populate this message in 4790 // responses. The detailed related assets with the `relationship_type`. 4791 type RelatedAssets struct { 4792 // Assets: The peer resources of the relationship. 4793 Assets []*RelatedAsset `json:"assets,omitempty"` 4794 // RelationshipAttributes: The detailed relationship attributes. 4795 RelationshipAttributes *RelationshipAttributes `json:"relationshipAttributes,omitempty"` 4796 // ForceSendFields is a list of field names (e.g. "Assets") to unconditionally 4797 // include in API requests. By default, fields with empty or default values are 4798 // omitted from API requests. See 4799 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4800 // details. 4801 ForceSendFields []string `json:"-"` 4802 // NullFields is a list of field names (e.g. "Assets") to include in API 4803 // requests with the JSON null value. By default, fields with empty values are 4804 // omitted from API requests. See 4805 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4806 NullFields []string `json:"-"` 4807 } 4808 4809 func (s *RelatedAssets) MarshalJSON() ([]byte, error) { 4810 type NoMethod RelatedAssets 4811 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4812 } 4813 4814 // RelatedResource: The detailed related resource. 4815 type RelatedResource struct { 4816 // AssetType: The type of the asset. Example: `compute.googleapis.com/Instance` 4817 AssetType string `json:"assetType,omitempty"` 4818 // FullResourceName: The full resource name of the related resource. Example: 4819 // `//compute.googleapis.com/projects/my_proj_123/zones/instance/instance123` 4820 FullResourceName string `json:"fullResourceName,omitempty"` 4821 // ForceSendFields is a list of field names (e.g. "AssetType") to 4822 // unconditionally include in API requests. By default, fields with empty or 4823 // default values are omitted from API requests. See 4824 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4825 // details. 4826 ForceSendFields []string `json:"-"` 4827 // NullFields is a list of field names (e.g. "AssetType") to include in API 4828 // requests with the JSON null value. By default, fields with empty values are 4829 // omitted from API requests. See 4830 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4831 NullFields []string `json:"-"` 4832 } 4833 4834 func (s *RelatedResource) MarshalJSON() ([]byte, error) { 4835 type NoMethod RelatedResource 4836 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4837 } 4838 4839 // RelatedResources: The related resources of the primary resource. 4840 type RelatedResources struct { 4841 // RelatedResources: The detailed related resources of the primary resource. 4842 RelatedResources []*RelatedResource `json:"relatedResources,omitempty"` 4843 // ForceSendFields is a list of field names (e.g. "RelatedResources") to 4844 // unconditionally include in API requests. By default, fields with empty or 4845 // default values are omitted from API requests. See 4846 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4847 // details. 4848 ForceSendFields []string `json:"-"` 4849 // NullFields is a list of field names (e.g. "RelatedResources") to include in 4850 // API requests with the JSON null value. By default, fields with empty values 4851 // are omitted from API requests. See 4852 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4853 NullFields []string `json:"-"` 4854 } 4855 4856 func (s *RelatedResources) MarshalJSON() ([]byte, error) { 4857 type NoMethod RelatedResources 4858 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4859 } 4860 4861 // RelationshipAttributes: DEPRECATED. This message only presents for the 4862 // purpose of backward-compatibility. The server will never populate this 4863 // message in responses. The relationship attributes which include `type`, 4864 // `source_resource_type`, `target_resource_type` and `action`. 4865 type RelationshipAttributes struct { 4866 // Action: The detail of the relationship, e.g. `contains`, `attaches` 4867 Action string `json:"action,omitempty"` 4868 // SourceResourceType: The source asset type. Example: 4869 // `compute.googleapis.com/Instance` 4870 SourceResourceType string `json:"sourceResourceType,omitempty"` 4871 // TargetResourceType: The target asset type. Example: 4872 // `compute.googleapis.com/Disk` 4873 TargetResourceType string `json:"targetResourceType,omitempty"` 4874 // Type: The unique identifier of the relationship type. Example: 4875 // `INSTANCE_TO_INSTANCEGROUP` 4876 Type string `json:"type,omitempty"` 4877 // ForceSendFields is a list of field names (e.g. "Action") to unconditionally 4878 // include in API requests. By default, fields with empty or default values are 4879 // omitted from API requests. See 4880 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4881 // details. 4882 ForceSendFields []string `json:"-"` 4883 // NullFields is a list of field names (e.g. "Action") to include in API 4884 // requests with the JSON null value. By default, fields with empty values are 4885 // omitted from API requests. See 4886 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4887 NullFields []string `json:"-"` 4888 } 4889 4890 func (s *RelationshipAttributes) MarshalJSON() ([]byte, error) { 4891 type NoMethod RelationshipAttributes 4892 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4893 } 4894 4895 // Resource: A representation of a Google Cloud resource. 4896 type Resource struct { 4897 // Data: The content of the resource, in which some sensitive fields are 4898 // removed and may not be present. 4899 Data googleapi.RawMessage `json:"data,omitempty"` 4900 // DiscoveryDocumentUri: The URL of the discovery document containing the 4901 // resource's JSON schema. Example: 4902 // `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This value is 4903 // unspecified for resources that do not have an API based on a discovery 4904 // document, such as Cloud Bigtable. 4905 DiscoveryDocumentUri string `json:"discoveryDocumentUri,omitempty"` 4906 // DiscoveryName: The JSON schema name listed in the discovery document. 4907 // Example: `Project` This value is unspecified for resources that do not have 4908 // an API based on a discovery document, such as Cloud Bigtable. 4909 DiscoveryName string `json:"discoveryName,omitempty"` 4910 // Location: The location of the resource in Google Cloud, such as its zone and 4911 // region. For more information, see https://cloud.google.com/about/locations/. 4912 Location string `json:"location,omitempty"` 4913 // Parent: The full name of the immediate parent of this resource. See Resource 4914 // Names 4915 // (https://cloud.google.com/apis/design/resource_names#full_resource_name) for 4916 // more information. For Google Cloud assets, this value is the parent resource 4917 // defined in the IAM policy hierarchy 4918 // (https://cloud.google.com/iam/docs/overview#policy_hierarchy). Example: 4919 // `//cloudresourcemanager.googleapis.com/projects/my_project_123` 4920 Parent string `json:"parent,omitempty"` 4921 // ResourceUrl: The REST URL for accessing the resource. An HTTP `GET` request 4922 // using this URL returns the resource itself. Example: 4923 // `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` 4924 // This value is unspecified for resources without a REST API. 4925 ResourceUrl string `json:"resourceUrl,omitempty"` 4926 // Version: The API version. Example: `v1` 4927 Version string `json:"version,omitempty"` 4928 // ForceSendFields is a list of field names (e.g. "Data") to unconditionally 4929 // include in API requests. By default, fields with empty or default values are 4930 // omitted from API requests. See 4931 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 4932 // details. 4933 ForceSendFields []string `json:"-"` 4934 // NullFields is a list of field names (e.g. "Data") to include in API requests 4935 // with the JSON null value. By default, fields with empty values are omitted 4936 // from API requests. See 4937 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 4938 NullFields []string `json:"-"` 4939 } 4940 4941 func (s *Resource) MarshalJSON() ([]byte, error) { 4942 type NoMethod Resource 4943 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 4944 } 4945 4946 // ResourceSearchResult: A result of Resource Search, containing information of 4947 // a cloud resource. Next ID: 34 4948 type ResourceSearchResult struct { 4949 // AdditionalAttributes: The additional searchable attributes of this resource. 4950 // The attributes may vary from one resource type to another. Examples: 4951 // `projectId` for Project, `dnsName` for DNS ManagedZone. This field contains 4952 // a subset of the resource metadata fields that are returned by the List or 4953 // Get APIs provided by the corresponding Google Cloud service (e.g., Compute 4954 // Engine). see API references and supported searchable attributes 4955 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) to see 4956 // which fields are included. You can search values of these fields through 4957 // free text search. However, you should not consume the field programically as 4958 // the field names and values may change as the Google Cloud service updates to 4959 // a new incompatible API version. To search against the 4960 // `additional_attributes`: * Use a free text query to match the attributes 4961 // values. Example: to search `additional_attributes = { dnsName: "foobar" }`, 4962 // you can issue a query `foobar`. 4963 AdditionalAttributes googleapi.RawMessage `json:"additionalAttributes,omitempty"` 4964 // AssetType: The type of this resource. Example: 4965 // `compute.googleapis.com/Disk`. To search against the `asset_type`: * Specify 4966 // the `asset_type` field in your search request. 4967 AssetType string `json:"assetType,omitempty"` 4968 // AttachedResources: Attached resources of this resource. For example, an 4969 // OSConfig Inventory is an attached resource of a Compute Instance. This field 4970 // is repeated because a resource could have multiple attached resources. This 4971 // `attached_resources` field is not searchable. Some attributes of the 4972 // attached resources are exposed in `additional_attributes` field, so as to 4973 // allow users to search on them. 4974 AttachedResources []*AttachedResource `json:"attachedResources,omitempty"` 4975 // CreateTime: The create timestamp of this resource, at which the resource was 4976 // created. The granularity is in seconds. Timestamp.nanos will always be 0. 4977 // This field is available only when the resource's Protobuf contains it. To 4978 // search against `create_time`: * Use a field query. - value in seconds since 4979 // unix epoch. Example: `createTime > 1609459200` - value in date string. 4980 // Example: `createTime > 2021-01-01` - value in date-time string (must be 4981 // quoted). Example: `createTime > "2021-01-01T00:00:00" 4982 CreateTime string `json:"createTime,omitempty"` 4983 // Description: One or more paragraphs of text description of this resource. 4984 // Maximum length could be up to 1M bytes. This field is available only when 4985 // the resource's Protobuf contains it. To search against the `description`: * 4986 // Use a field query. Example: `description:"important instance" * Use a free 4987 // text query. Example: "important instance" 4988 Description string `json:"description,omitempty"` 4989 // DisplayName: The display name of this resource. This field is available only 4990 // when the resource's Protobuf contains it. To search against the 4991 // `display_name`: * Use a field query. Example: `displayName:"My Instance" * 4992 // Use a free text query. Example: "My Instance" 4993 DisplayName string `json:"displayName,omitempty"` 4994 // EffectiveTags: The effective tags on this resource. All of the tags that are 4995 // both attached to and inherited by a resource are collectively called the 4996 // effective tags. For more information, see tag inheritance 4997 // (https://cloud.google.com/resource-manager/docs/tags/tags-overview#inheritance). 4998 // To search against the `effective_tags`: * Use a field query. Example: - 4999 // `effectiveTagKeys:"123456789/env*" - `effectiveTagKeys="123456789/env" - 5000 // `effectiveTagKeys:"env" - `effectiveTagKeyIds="tagKeys/123" - 5001 // `effectiveTagValues:"env" - `effectiveTagValues:"env/prod" - 5002 // `effectiveTagValues:"123456789/env/prod*" - 5003 // `effectiveTagValues="123456789/env/prod" - 5004 // `effectiveTagValueIds="tagValues/456" 5005 EffectiveTags []*EffectiveTagDetails `json:"effectiveTags,omitempty"` 5006 // Folders: The folder(s) that this resource belongs to, in the form of 5007 // folders/{FOLDER_NUMBER}. This field is available when the resource belongs 5008 // to one or more folders. To search against `folders`: * Use a field query. 5009 // Example: `folders:(123 OR 456)` * Use a free text query. Example: `123` * 5010 // Specify the `scope` field as this folder in your search request. 5011 Folders []string `json:"folders,omitempty"` 5012 // KmsKey: The Cloud KMS CryptoKey 5013 // (https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) 5014 // name or CryptoKeyVersion 5015 // (https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) 5016 // name. This field only presents for the purpose of backward compatibility. 5017 // Use the `kms_keys` field to retrieve Cloud KMS key information. This field 5018 // is available only when the resource's Protobuf contains it and will only be 5019 // populated for these resource types 5020 // (https://cloud.google.com/asset-inventory/docs/legacy-field-names#resource_types_with_the_to_be_deprecated_kmskey_field) 5021 // for backward compatible purposes. To search against the `kms_key`: * Use a 5022 // field query. Example: `kmsKey:key` * Use a free text query. Example: `key` 5023 KmsKey string `json:"kmsKey,omitempty"` 5024 // KmsKeys: The Cloud KMS CryptoKey 5025 // (https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) 5026 // names or CryptoKeyVersion 5027 // (https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) 5028 // names. This field is available only when the resource's Protobuf contains 5029 // it. To search against the `kms_keys`: * Use a field query. Example: 5030 // `kmsKeys:key` * Use a free text query. Example: `key` 5031 KmsKeys []string `json:"kmsKeys,omitempty"` 5032 // Labels: Labels associated with this resource. See Labelling and grouping 5033 // Google Cloud resources 5034 // (https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) 5035 // for more information. This field is available only when the resource's 5036 // Protobuf contains it. To search against the `labels`: * Use a field query: - 5037 // query on any label's key or value. Example: `labels:prod` - query by a given 5038 // label. Example: `labels.env:prod` - query by a given label's existence. 5039 // Example: `labels.env:*` * Use a free text query. Example: `prod` 5040 Labels map[string]string `json:"labels,omitempty"` 5041 // Location: Location can be `global`, regional like `us-east1`, or zonal like 5042 // `us-west1-b`. This field is available only when the resource's Protobuf 5043 // contains it. To search against the `location`: * Use a field query. Example: 5044 // `location:us-west*` * Use a free text query. Example: `us-west*` 5045 Location string `json:"location,omitempty"` 5046 // Name: The full resource name of this resource. Example: 5047 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 5048 // nce1`. See Cloud Asset Inventory Resource Name Format 5049 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) for 5050 // more information. To search against the `name`: * Use a field query. 5051 // Example: `name:instance1` * Use a free text query. Example: `instance1` 5052 Name string `json:"name,omitempty"` 5053 // NetworkTags: Network tags associated with this resource. Like labels, 5054 // network tags are a type of annotations used to group Google Cloud resources. 5055 // See Labelling Google Cloud resources 5056 // (https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources) 5057 // for more information. This field is available only when the resource's 5058 // Protobuf contains it. To search against the `network_tags`: * Use a field 5059 // query. Example: `networkTags:internal` * Use a free text query. Example: 5060 // `internal` 5061 NetworkTags []string `json:"networkTags,omitempty"` 5062 // Organization: The organization that this resource belongs to, in the form of 5063 // organizations/{ORGANIZATION_NUMBER}. This field is available when the 5064 // resource belongs to an organization. To search against `organization`: * Use 5065 // a field query. Example: `organization:123` * Use a free text query. Example: 5066 // `123` * Specify the `scope` field as this organization in your search 5067 // request. 5068 Organization string `json:"organization,omitempty"` 5069 // ParentAssetType: The type of this resource's immediate parent, if there is 5070 // one. To search against the `parent_asset_type`: * Use a field query. 5071 // Example: `parentAssetType:"cloudresourcemanager.googleapis.com/Project" * 5072 // Use a free text query. Example: 5073 // `cloudresourcemanager.googleapis.com/Project` 5074 ParentAssetType string `json:"parentAssetType,omitempty"` 5075 // ParentFullResourceName: The full resource name of this resource's parent, if 5076 // it has one. To search against the `parent_full_resource_name`: * Use a field 5077 // query. Example: `parentFullResourceName:"project-name" * Use a free text 5078 // query. Example: `project-name` 5079 ParentFullResourceName string `json:"parentFullResourceName,omitempty"` 5080 // Project: The project that this resource belongs to, in the form of 5081 // projects/{PROJECT_NUMBER}. This field is available when the resource belongs 5082 // to a project. To search against `project`: * Use a field query. Example: 5083 // `project:12345` * Use a free text query. Example: `12345` * Specify the 5084 // `scope` field as this project in your search request. 5085 Project string `json:"project,omitempty"` 5086 // Relationships: A map of related resources of this resource, keyed by the 5087 // relationship type. A relationship type is in the format of 5088 // {SourceType}_{ACTION}_{DestType}. Example: `DISK_TO_INSTANCE`, 5089 // `DISK_TO_NETWORK`, `INSTANCE_TO_INSTANCEGROUP`. See supported relationship 5090 // types 5091 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types#supported_relationship_types). 5092 Relationships map[string]RelatedResources `json:"relationships,omitempty"` 5093 // SccSecurityMarks: The actual content of Security Command Center security 5094 // marks associated with the asset. To search against SCC SecurityMarks field: 5095 // * Use a field query: - query by a given key value pair. Example: 5096 // `sccSecurityMarks.foo=bar` - query by a given key's existence. Example: 5097 // `sccSecurityMarks.foo:*` 5098 SccSecurityMarks map[string]string `json:"sccSecurityMarks,omitempty"` 5099 // State: The state of this resource. Different resources types have different 5100 // state definitions that are mapped from various fields of different resource 5101 // types. This field is available only when the resource's Protobuf contains 5102 // it. Example: If the resource is an instance provided by Compute Engine, its 5103 // state will include PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, 5104 // SUSPENDED, REPAIRING, and TERMINATED. See `status` definition in API 5105 // Reference 5106 // (https://cloud.google.com/compute/docs/reference/rest/v1/instances). If the 5107 // resource is a project provided by Resource Manager, its state will include 5108 // LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED and 5109 // DELETE_IN_PROGRESS. See `lifecycleState` definition in API Reference 5110 // (https://cloud.google.com/resource-manager/reference/rest/v1/projects). To 5111 // search against the `state`: * Use a field query. Example: `state:RUNNING` * 5112 // Use a free text query. Example: `RUNNING` 5113 State string `json:"state,omitempty"` 5114 // TagKeys: This field is only present for the purpose of backward 5115 // compatibility. Use the `tags` field instead. TagKey namespaced names, in the 5116 // format of {ORG_ID}/{TAG_KEY_SHORT_NAME}. To search against the `tagKeys`: * 5117 // Use a field query. Example: - `tagKeys:"123456789/env*" - 5118 // `tagKeys="123456789/env" - `tagKeys:"env" * Use a free text query. 5119 // Example: - `env` 5120 TagKeys []string `json:"tagKeys,omitempty"` 5121 // TagValueIds: This field is only present for the purpose of backward 5122 // compatibility. Use the `tags` field instead. TagValue IDs, in the format of 5123 // tagValues/{TAG_VALUE_ID}. To search against the `tagValueIds`: * Use a field 5124 // query. Example: - `tagValueIds="tagValues/456" * Use a free text query. 5125 // Example: - `456` 5126 TagValueIds []string `json:"tagValueIds,omitempty"` 5127 // TagValues: This field is only present for the purpose of backward 5128 // compatibility. Use the `tags` field instead. TagValue namespaced names, in 5129 // the format of {ORG_ID}/{TAG_KEY_SHORT_NAME}/{TAG_VALUE_SHORT_NAME}. To 5130 // search against the `tagValues`: * Use a field query. Example: - 5131 // `tagValues:"env" - `tagValues:"env/prod" - 5132 // `tagValues:"123456789/env/prod*" - `tagValues="123456789/env/prod" * Use a 5133 // free text query. Example: - `prod` 5134 TagValues []string `json:"tagValues,omitempty"` 5135 // Tags: The tags directly attached to this resource. To search against the 5136 // `tags`: * Use a field query. Example: - `tagKeys:"123456789/env*" - 5137 // `tagKeys="123456789/env" - `tagKeys:"env" - `tagKeyIds="tagKeys/123" - 5138 // `tagValues:"env" - `tagValues:"env/prod" - 5139 // `tagValues:"123456789/env/prod*" - `tagValues="123456789/env/prod" - 5140 // `tagValueIds="tagValues/456" * Use a free text query. Example: - `env/prod` 5141 Tags []*Tag `json:"tags,omitempty"` 5142 // UpdateTime: The last update timestamp of this resource, at which the 5143 // resource was last modified or deleted. The granularity is in seconds. 5144 // Timestamp.nanos will always be 0. This field is available only when the 5145 // resource's Protobuf contains it. To search against `update_time`: * Use a 5146 // field query. - value in seconds since unix epoch. Example: `updateTime < 5147 // 1609459200` - value in date string. Example: `updateTime < 2021-01-01` - 5148 // value in date-time string (must be quoted). Example: `updateTime < 5149 // "2021-01-01T00:00:00" 5150 UpdateTime string `json:"updateTime,omitempty"` 5151 // VersionedResources: Versioned resource representations of this resource. 5152 // This is repeated because there could be multiple versions of resource 5153 // representations during version migration. This `versioned_resources` field 5154 // is not searchable. Some attributes of the resource representations are 5155 // exposed in `additional_attributes` field, so as to allow users to search on 5156 // them. 5157 VersionedResources []*VersionedResource `json:"versionedResources,omitempty"` 5158 // ForceSendFields is a list of field names (e.g. "AdditionalAttributes") to 5159 // unconditionally include in API requests. By default, fields with empty or 5160 // default values are omitted from API requests. See 5161 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5162 // details. 5163 ForceSendFields []string `json:"-"` 5164 // NullFields is a list of field names (e.g. "AdditionalAttributes") to include 5165 // in API requests with the JSON null value. By default, fields with empty 5166 // values are omitted from API requests. See 5167 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5168 NullFields []string `json:"-"` 5169 } 5170 5171 func (s *ResourceSearchResult) MarshalJSON() ([]byte, error) { 5172 type NoMethod ResourceSearchResult 5173 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5174 } 5175 5176 // ResourceSelector: Specifies the resource to analyze for access policies, 5177 // which may be set directly on the resource, or on ancestors such as 5178 // organizations, folders or projects. 5179 type ResourceSelector struct { 5180 // FullResourceName: Required. The [full resource name] 5181 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a 5182 // resource of supported resource types 5183 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types). 5184 FullResourceName string `json:"fullResourceName,omitempty"` 5185 // ForceSendFields is a list of field names (e.g. "FullResourceName") to 5186 // unconditionally include in API requests. By default, fields with empty or 5187 // default values are omitted from API requests. See 5188 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5189 // details. 5190 ForceSendFields []string `json:"-"` 5191 // NullFields is a list of field names (e.g. "FullResourceName") to include in 5192 // API requests with the JSON null value. By default, fields with empty values 5193 // are omitted from API requests. See 5194 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5195 NullFields []string `json:"-"` 5196 } 5197 5198 func (s *ResourceSelector) MarshalJSON() ([]byte, error) { 5199 type NoMethod ResourceSelector 5200 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5201 } 5202 5203 // SavedQuery: A saved query which can be shared with others or used later. 5204 type SavedQuery struct { 5205 // Content: The query content. 5206 Content *QueryContent `json:"content,omitempty"` 5207 // CreateTime: Output only. The create time of this saved query. 5208 CreateTime string `json:"createTime,omitempty"` 5209 // Creator: Output only. The account's email address who has created this saved 5210 // query. 5211 Creator string `json:"creator,omitempty"` 5212 // Description: The description of this saved query. This value should be fewer 5213 // than 255 characters. 5214 Description string `json:"description,omitempty"` 5215 // Labels: Labels applied on the resource. This value should not contain more 5216 // than 10 entries. The key and value of each entry must be non-empty and fewer 5217 // than 64 characters. 5218 Labels map[string]string `json:"labels,omitempty"` 5219 // LastUpdateTime: Output only. The last update time of this saved query. 5220 LastUpdateTime string `json:"lastUpdateTime,omitempty"` 5221 // LastUpdater: Output only. The account's email address who has updated this 5222 // saved query most recently. 5223 LastUpdater string `json:"lastUpdater,omitempty"` 5224 // Name: The resource name of the saved query. The format must be: * 5225 // projects/project_number/savedQueries/saved_query_id * 5226 // folders/folder_number/savedQueries/saved_query_id * 5227 // organizations/organization_number/savedQueries/saved_query_id 5228 Name string `json:"name,omitempty"` 5229 5230 // ServerResponse contains the HTTP response code and headers from the server. 5231 googleapi.ServerResponse `json:"-"` 5232 // ForceSendFields is a list of field names (e.g. "Content") to unconditionally 5233 // include in API requests. By default, fields with empty or default values are 5234 // omitted from API requests. See 5235 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5236 // details. 5237 ForceSendFields []string `json:"-"` 5238 // NullFields is a list of field names (e.g. "Content") to include in API 5239 // requests with the JSON null value. By default, fields with empty values are 5240 // omitted from API requests. See 5241 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5242 NullFields []string `json:"-"` 5243 } 5244 5245 func (s *SavedQuery) MarshalJSON() ([]byte, error) { 5246 type NoMethod SavedQuery 5247 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5248 } 5249 5250 // SearchAllIamPoliciesResponse: Search all IAM policies response. 5251 type SearchAllIamPoliciesResponse struct { 5252 // NextPageToken: Set if there are more results than those appearing in this 5253 // response; to get the next set of results, call this method again, using this 5254 // value as the `page_token`. 5255 NextPageToken string `json:"nextPageToken,omitempty"` 5256 // Results: A list of IAM policies that match the search query. Related 5257 // information such as the associated resource is returned along with the 5258 // policy. 5259 Results []*IamPolicySearchResult `json:"results,omitempty"` 5260 5261 // ServerResponse contains the HTTP response code and headers from the server. 5262 googleapi.ServerResponse `json:"-"` 5263 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 5264 // unconditionally include in API requests. By default, fields with empty or 5265 // default values are omitted from API requests. See 5266 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5267 // details. 5268 ForceSendFields []string `json:"-"` 5269 // NullFields is a list of field names (e.g. "NextPageToken") to include in API 5270 // requests with the JSON null value. By default, fields with empty values are 5271 // omitted from API requests. See 5272 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5273 NullFields []string `json:"-"` 5274 } 5275 5276 func (s *SearchAllIamPoliciesResponse) MarshalJSON() ([]byte, error) { 5277 type NoMethod SearchAllIamPoliciesResponse 5278 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5279 } 5280 5281 // SearchAllResourcesResponse: Search all resources response. 5282 type SearchAllResourcesResponse struct { 5283 // NextPageToken: If there are more results than those appearing in this 5284 // response, then `next_page_token` is included. To get the next set of 5285 // results, call this method again using the value of `next_page_token` as 5286 // `page_token`. 5287 NextPageToken string `json:"nextPageToken,omitempty"` 5288 // Results: A list of Resources that match the search query. It contains the 5289 // resource standard metadata information. 5290 Results []*ResourceSearchResult `json:"results,omitempty"` 5291 5292 // ServerResponse contains the HTTP response code and headers from the server. 5293 googleapi.ServerResponse `json:"-"` 5294 // ForceSendFields is a list of field names (e.g. "NextPageToken") to 5295 // unconditionally include in API requests. By default, fields with empty or 5296 // default values are omitted from API requests. See 5297 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5298 // details. 5299 ForceSendFields []string `json:"-"` 5300 // NullFields is a list of field names (e.g. "NextPageToken") to include in API 5301 // requests with the JSON null value. By default, fields with empty values are 5302 // omitted from API requests. See 5303 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5304 NullFields []string `json:"-"` 5305 } 5306 5307 func (s *SearchAllResourcesResponse) MarshalJSON() ([]byte, error) { 5308 type NoMethod SearchAllResourcesResponse 5309 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5310 } 5311 5312 // SoftwarePackage: Software package information of the operating system. 5313 type SoftwarePackage struct { 5314 // AptPackage: Details of an APT package. For details about the apt package 5315 // manager, see https://wiki.debian.org/Apt. 5316 AptPackage *VersionedPackage `json:"aptPackage,omitempty"` 5317 // CosPackage: Details of a COS package. 5318 CosPackage *VersionedPackage `json:"cosPackage,omitempty"` 5319 // GoogetPackage: Details of a Googet package. For details about the googet 5320 // package manager, see https://github.com/google/googet. 5321 GoogetPackage *VersionedPackage `json:"googetPackage,omitempty"` 5322 // QfePackage: Details of a Windows Quick Fix engineering package. See 5323 // https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering 5324 // for info in Windows Quick Fix Engineering. 5325 QfePackage *WindowsQuickFixEngineeringPackage `json:"qfePackage,omitempty"` 5326 // WindowsApplication: Details of Windows Application. 5327 WindowsApplication *WindowsApplication `json:"windowsApplication,omitempty"` 5328 // WuaPackage: Details of a Windows Update package. See 5329 // https://docs.microsoft.com/en-us/windows/win32/api/_wua/ for information 5330 // about Windows Update. 5331 WuaPackage *WindowsUpdatePackage `json:"wuaPackage,omitempty"` 5332 // YumPackage: Yum package info. For details about the yum package manager, see 5333 // https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/ch-yum. 5334 YumPackage *VersionedPackage `json:"yumPackage,omitempty"` 5335 // ZypperPackage: Details of a Zypper package. For details about the Zypper 5336 // package manager, see https://en.opensuse.org/SDB:Zypper_manual. 5337 ZypperPackage *VersionedPackage `json:"zypperPackage,omitempty"` 5338 // ZypperPatch: Details of a Zypper patch. For details about the Zypper package 5339 // manager, see https://en.opensuse.org/SDB:Zypper_manual. 5340 ZypperPatch *ZypperPatch `json:"zypperPatch,omitempty"` 5341 // ForceSendFields is a list of field names (e.g. "AptPackage") to 5342 // unconditionally include in API requests. By default, fields with empty or 5343 // default values are omitted from API requests. See 5344 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5345 // details. 5346 ForceSendFields []string `json:"-"` 5347 // NullFields is a list of field names (e.g. "AptPackage") to include in API 5348 // requests with the JSON null value. By default, fields with empty values are 5349 // omitted from API requests. See 5350 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5351 NullFields []string `json:"-"` 5352 } 5353 5354 func (s *SoftwarePackage) MarshalJSON() ([]byte, error) { 5355 type NoMethod SoftwarePackage 5356 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5357 } 5358 5359 // Status: The `Status` type defines a logical error model that is suitable for 5360 // different programming environments, including REST APIs and RPC APIs. It is 5361 // used by gRPC (https://github.com/grpc). Each `Status` message contains three 5362 // pieces of data: error code, error message, and error details. You can find 5363 // out more about this error model and how to work with it in the API Design 5364 // Guide (https://cloud.google.com/apis/design/errors). 5365 type Status struct { 5366 // Code: The status code, which should be an enum value of google.rpc.Code. 5367 Code int64 `json:"code,omitempty"` 5368 // Details: A list of messages that carry the error details. There is a common 5369 // set of message types for APIs to use. 5370 Details []googleapi.RawMessage `json:"details,omitempty"` 5371 // Message: A developer-facing error message, which should be in English. Any 5372 // user-facing error message should be localized and sent in the 5373 // google.rpc.Status.details field, or localized by the client. 5374 Message string `json:"message,omitempty"` 5375 // ForceSendFields is a list of field names (e.g. "Code") to unconditionally 5376 // include in API requests. By default, fields with empty or default values are 5377 // omitted from API requests. See 5378 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5379 // details. 5380 ForceSendFields []string `json:"-"` 5381 // NullFields is a list of field names (e.g. "Code") to include in API requests 5382 // with the JSON null value. By default, fields with empty values are omitted 5383 // from API requests. See 5384 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5385 NullFields []string `json:"-"` 5386 } 5387 5388 func (s *Status) MarshalJSON() ([]byte, error) { 5389 type NoMethod Status 5390 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5391 } 5392 5393 // TableFieldSchema: A field in TableSchema. 5394 type TableFieldSchema struct { 5395 // Field: The field name. The name must contain only letters (a-z, A-Z), 5396 // numbers (0-9), or underscores (_), and must start with a letter or 5397 // underscore. The maximum length is 128 characters. 5398 Field string `json:"field,omitempty"` 5399 // Fields: Describes the nested schema fields if the type property is set to 5400 // RECORD. 5401 Fields []*TableFieldSchema `json:"fields,omitempty"` 5402 // Mode: The field mode. Possible values include NULLABLE, REQUIRED and 5403 // REPEATED. The default value is NULLABLE. 5404 Mode string `json:"mode,omitempty"` 5405 // Type: The field data type. Possible values include * STRING * BYTES * 5406 // INTEGER * FLOAT * BOOLEAN * TIMESTAMP * DATE * TIME * DATETIME * GEOGRAPHY, 5407 // * NUMERIC, * BIGNUMERIC, * RECORD (where RECORD indicates that the field 5408 // contains a nested schema). 5409 Type string `json:"type,omitempty"` 5410 // ForceSendFields is a list of field names (e.g. "Field") to unconditionally 5411 // include in API requests. By default, fields with empty or default values are 5412 // omitted from API requests. See 5413 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5414 // details. 5415 ForceSendFields []string `json:"-"` 5416 // NullFields is a list of field names (e.g. "Field") to include in API 5417 // requests with the JSON null value. By default, fields with empty values are 5418 // omitted from API requests. See 5419 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5420 NullFields []string `json:"-"` 5421 } 5422 5423 func (s *TableFieldSchema) MarshalJSON() ([]byte, error) { 5424 type NoMethod TableFieldSchema 5425 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5426 } 5427 5428 // TableSchema: BigQuery Compatible table schema. 5429 type TableSchema struct { 5430 // Fields: Describes the fields in a table. 5431 Fields []*TableFieldSchema `json:"fields,omitempty"` 5432 // ForceSendFields is a list of field names (e.g. "Fields") to unconditionally 5433 // include in API requests. By default, fields with empty or default values are 5434 // omitted from API requests. See 5435 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5436 // details. 5437 ForceSendFields []string `json:"-"` 5438 // NullFields is a list of field names (e.g. "Fields") to include in API 5439 // requests with the JSON null value. By default, fields with empty values are 5440 // omitted from API requests. See 5441 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5442 NullFields []string `json:"-"` 5443 } 5444 5445 func (s *TableSchema) MarshalJSON() ([]byte, error) { 5446 type NoMethod TableSchema 5447 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5448 } 5449 5450 // Tag: The key and value for a tag 5451 // (https://cloud.google.com/resource-manager/docs/tags/tags-overview). 5452 type Tag struct { 5453 // TagKey: TagKey namespaced name, in the format of 5454 // {ORG_ID}/{TAG_KEY_SHORT_NAME}. 5455 TagKey string `json:"tagKey,omitempty"` 5456 // TagKeyId: TagKey ID, in the format of tagKeys/{TAG_KEY_ID}. 5457 TagKeyId string `json:"tagKeyId,omitempty"` 5458 // TagValue: TagValue namespaced name, in the format of 5459 // {ORG_ID}/{TAG_KEY_SHORT_NAME}/{TAG_VALUE_SHORT_NAME}. 5460 TagValue string `json:"tagValue,omitempty"` 5461 // TagValueId: TagValue ID, in the format of tagValues/{TAG_VALUE_ID}. 5462 TagValueId string `json:"tagValueId,omitempty"` 5463 // ForceSendFields is a list of field names (e.g. "TagKey") to unconditionally 5464 // include in API requests. By default, fields with empty or default values are 5465 // omitted from API requests. See 5466 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5467 // details. 5468 ForceSendFields []string `json:"-"` 5469 // NullFields is a list of field names (e.g. "TagKey") to include in API 5470 // requests with the JSON null value. By default, fields with empty values are 5471 // omitted from API requests. See 5472 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5473 NullFields []string `json:"-"` 5474 } 5475 5476 func (s *Tag) MarshalJSON() ([]byte, error) { 5477 type NoMethod Tag 5478 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5479 } 5480 5481 // TemporalAsset: An asset in Google Cloud and its temporal metadata, including 5482 // the time window when it was observed and its status during that window. 5483 type TemporalAsset struct { 5484 // Asset: An asset in Google Cloud. 5485 Asset *Asset `json:"asset,omitempty"` 5486 // Deleted: Whether the asset has been deleted or not. 5487 Deleted bool `json:"deleted,omitempty"` 5488 // PriorAsset: Prior copy of the asset. Populated if prior_asset_state is 5489 // PRESENT. Currently this is only set for responses in Real-Time Feed. 5490 PriorAsset *Asset `json:"priorAsset,omitempty"` 5491 // PriorAssetState: State of prior_asset. 5492 // 5493 // Possible values: 5494 // "PRIOR_ASSET_STATE_UNSPECIFIED" - prior_asset is not applicable for the 5495 // current asset. 5496 // "PRESENT" - prior_asset is populated correctly. 5497 // "INVALID" - Failed to set prior_asset. 5498 // "DOES_NOT_EXIST" - Current asset is the first known state. 5499 // "DELETED" - prior_asset is a deletion. 5500 PriorAssetState string `json:"priorAssetState,omitempty"` 5501 // Window: The time window when the asset data and state was observed. 5502 Window *TimeWindow `json:"window,omitempty"` 5503 // ForceSendFields is a list of field names (e.g. "Asset") to unconditionally 5504 // include in API requests. By default, fields with empty or default values are 5505 // omitted from API requests. See 5506 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5507 // details. 5508 ForceSendFields []string `json:"-"` 5509 // NullFields is a list of field names (e.g. "Asset") to include in API 5510 // requests with the JSON null value. By default, fields with empty values are 5511 // omitted from API requests. See 5512 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5513 NullFields []string `json:"-"` 5514 } 5515 5516 func (s *TemporalAsset) MarshalJSON() ([]byte, error) { 5517 type NoMethod TemporalAsset 5518 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5519 } 5520 5521 // TimeWindow: A time window specified by its `start_time` and `end_time`. 5522 type TimeWindow struct { 5523 // EndTime: End time of the time window (inclusive). If not specified, the 5524 // current timestamp is used instead. 5525 EndTime string `json:"endTime,omitempty"` 5526 // StartTime: Start time of the time window (exclusive). 5527 StartTime string `json:"startTime,omitempty"` 5528 // ForceSendFields is a list of field names (e.g. "EndTime") to unconditionally 5529 // include in API requests. By default, fields with empty or default values are 5530 // omitted from API requests. See 5531 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5532 // details. 5533 ForceSendFields []string `json:"-"` 5534 // NullFields is a list of field names (e.g. "EndTime") to include in API 5535 // requests with the JSON null value. By default, fields with empty values are 5536 // omitted from API requests. See 5537 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5538 NullFields []string `json:"-"` 5539 } 5540 5541 func (s *TimeWindow) MarshalJSON() ([]byte, error) { 5542 type NoMethod TimeWindow 5543 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5544 } 5545 5546 // UpdateFeedRequest: Update asset feed request. 5547 type UpdateFeedRequest struct { 5548 // Feed: Required. The new values of feed details. It must match an existing 5549 // feed and the field `name` must be in the format of: 5550 // projects/project_number/feeds/feed_id or folders/folder_number/feeds/feed_id 5551 // or organizations/organization_number/feeds/feed_id. 5552 Feed *Feed `json:"feed,omitempty"` 5553 // UpdateMask: Required. Only updates the `feed` fields indicated by this mask. 5554 // The field mask must not be empty, and it must not contain fields that are 5555 // immutable or only set by the server. 5556 UpdateMask string `json:"updateMask,omitempty"` 5557 // ForceSendFields is a list of field names (e.g. "Feed") to unconditionally 5558 // include in API requests. By default, fields with empty or default values are 5559 // omitted from API requests. See 5560 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5561 // details. 5562 ForceSendFields []string `json:"-"` 5563 // NullFields is a list of field names (e.g. "Feed") to include in API requests 5564 // with the JSON null value. By default, fields with empty values are omitted 5565 // from API requests. See 5566 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5567 NullFields []string `json:"-"` 5568 } 5569 5570 func (s *UpdateFeedRequest) MarshalJSON() ([]byte, error) { 5571 type NoMethod UpdateFeedRequest 5572 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5573 } 5574 5575 // VersionedPackage: Information related to the a standard versioned package. 5576 // This includes package info for APT, Yum, Zypper, and Googet package 5577 // managers. 5578 type VersionedPackage struct { 5579 // Architecture: The system architecture this package is intended for. 5580 Architecture string `json:"architecture,omitempty"` 5581 // PackageName: The name of the package. 5582 PackageName string `json:"packageName,omitempty"` 5583 // Version: The version of the package. 5584 Version string `json:"version,omitempty"` 5585 // ForceSendFields is a list of field names (e.g. "Architecture") to 5586 // unconditionally include in API requests. By default, fields with empty or 5587 // default values are omitted from API requests. See 5588 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5589 // details. 5590 ForceSendFields []string `json:"-"` 5591 // NullFields is a list of field names (e.g. "Architecture") to include in API 5592 // requests with the JSON null value. By default, fields with empty values are 5593 // omitted from API requests. See 5594 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5595 NullFields []string `json:"-"` 5596 } 5597 5598 func (s *VersionedPackage) MarshalJSON() ([]byte, error) { 5599 type NoMethod VersionedPackage 5600 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5601 } 5602 5603 // VersionedResource: Resource representation as defined by the corresponding 5604 // service providing the resource for a given API version. 5605 type VersionedResource struct { 5606 // Resource: JSON representation of the resource as defined by the 5607 // corresponding service providing this resource. Example: If the resource is 5608 // an instance provided by Compute Engine, this field will contain the JSON 5609 // representation of the instance as defined by Compute Engine: 5610 // `https://cloud.google.com/compute/docs/reference/rest/v1/instances`. You can 5611 // find the resource definition for each supported resource type in this table: 5612 // `https://cloud.google.com/asset-inventory/docs/supported-asset-types` 5613 Resource googleapi.RawMessage `json:"resource,omitempty"` 5614 // Version: API version of the resource. Example: If the resource is an 5615 // instance provided by Compute Engine v1 API as defined in 5616 // `https://cloud.google.com/compute/docs/reference/rest/v1/instances`, version 5617 // will be "v1". 5618 Version string `json:"version,omitempty"` 5619 // ForceSendFields is a list of field names (e.g. "Resource") to 5620 // unconditionally include in API requests. By default, fields with empty or 5621 // default values are omitted from API requests. See 5622 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5623 // details. 5624 ForceSendFields []string `json:"-"` 5625 // NullFields is a list of field names (e.g. "Resource") to include in API 5626 // requests with the JSON null value. By default, fields with empty values are 5627 // omitted from API requests. See 5628 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5629 NullFields []string `json:"-"` 5630 } 5631 5632 func (s *VersionedResource) MarshalJSON() ([]byte, error) { 5633 type NoMethod VersionedResource 5634 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5635 } 5636 5637 // WindowsApplication: Contains information about a Windows application that is 5638 // retrieved from the Windows Registry. For more information about these 5639 // fields, see: 5640 // https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key 5641 type WindowsApplication struct { 5642 // DisplayName: The name of the application or product. 5643 DisplayName string `json:"displayName,omitempty"` 5644 // DisplayVersion: The version of the product or application in string format. 5645 DisplayVersion string `json:"displayVersion,omitempty"` 5646 // HelpLink: The internet address for technical support. 5647 HelpLink string `json:"helpLink,omitempty"` 5648 // InstallDate: The last time this product received service. The value of this 5649 // property is replaced each time a patch is applied or removed from the 5650 // product or the command-line option is used to repair the product. 5651 InstallDate *Date `json:"installDate,omitempty"` 5652 // Publisher: The name of the manufacturer for the product or application. 5653 Publisher string `json:"publisher,omitempty"` 5654 // ForceSendFields is a list of field names (e.g. "DisplayName") to 5655 // unconditionally include in API requests. By default, fields with empty or 5656 // default values are omitted from API requests. See 5657 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5658 // details. 5659 ForceSendFields []string `json:"-"` 5660 // NullFields is a list of field names (e.g. "DisplayName") to include in API 5661 // requests with the JSON null value. By default, fields with empty values are 5662 // omitted from API requests. See 5663 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5664 NullFields []string `json:"-"` 5665 } 5666 5667 func (s *WindowsApplication) MarshalJSON() ([]byte, error) { 5668 type NoMethod WindowsApplication 5669 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5670 } 5671 5672 // WindowsQuickFixEngineeringPackage: Information related to a Quick Fix 5673 // Engineering package. Fields are taken from Windows QuickFixEngineering 5674 // Interface and match the source names: 5675 // https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-quickfixengineering 5676 type WindowsQuickFixEngineeringPackage struct { 5677 // Caption: A short textual description of the QFE update. 5678 Caption string `json:"caption,omitempty"` 5679 // Description: A textual description of the QFE update. 5680 Description string `json:"description,omitempty"` 5681 // HotFixId: Unique identifier associated with a particular QFE update. 5682 HotFixId string `json:"hotFixId,omitempty"` 5683 // InstallTime: Date that the QFE update was installed. Mapped from 5684 // installed_on field. 5685 InstallTime string `json:"installTime,omitempty"` 5686 // ForceSendFields is a list of field names (e.g. "Caption") to unconditionally 5687 // include in API requests. By default, fields with empty or default values are 5688 // omitted from API requests. See 5689 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5690 // details. 5691 ForceSendFields []string `json:"-"` 5692 // NullFields is a list of field names (e.g. "Caption") to include in API 5693 // requests with the JSON null value. By default, fields with empty values are 5694 // omitted from API requests. See 5695 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5696 NullFields []string `json:"-"` 5697 } 5698 5699 func (s *WindowsQuickFixEngineeringPackage) MarshalJSON() ([]byte, error) { 5700 type NoMethod WindowsQuickFixEngineeringPackage 5701 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5702 } 5703 5704 // WindowsUpdateCategory: Categories specified by the Windows Update. 5705 type WindowsUpdateCategory struct { 5706 // Id: The identifier of the windows update category. 5707 Id string `json:"id,omitempty"` 5708 // Name: The name of the windows update category. 5709 Name string `json:"name,omitempty"` 5710 // ForceSendFields is a list of field names (e.g. "Id") to unconditionally 5711 // include in API requests. By default, fields with empty or default values are 5712 // omitted from API requests. See 5713 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5714 // details. 5715 ForceSendFields []string `json:"-"` 5716 // NullFields is a list of field names (e.g. "Id") to include in API requests 5717 // with the JSON null value. By default, fields with empty values are omitted 5718 // from API requests. See 5719 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5720 NullFields []string `json:"-"` 5721 } 5722 5723 func (s *WindowsUpdateCategory) MarshalJSON() ([]byte, error) { 5724 type NoMethod WindowsUpdateCategory 5725 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5726 } 5727 5728 // WindowsUpdatePackage: Details related to a Windows Update package. Field 5729 // data and names are taken from Windows Update API IUpdate Interface: 5730 // https://docs.microsoft.com/en-us/windows/win32/api/_wua/ Descriptive fields 5731 // like title, and description are localized based on the locale of the VM 5732 // being updated. 5733 type WindowsUpdatePackage struct { 5734 // Categories: The categories that are associated with this update package. 5735 Categories []*WindowsUpdateCategory `json:"categories,omitempty"` 5736 // Description: The localized description of the update package. 5737 Description string `json:"description,omitempty"` 5738 // KbArticleIds: A collection of Microsoft Knowledge Base article IDs that are 5739 // associated with the update package. 5740 KbArticleIds []string `json:"kbArticleIds,omitempty"` 5741 // LastDeploymentChangeTime: The last published date of the update, in (UTC) 5742 // date and time. 5743 LastDeploymentChangeTime string `json:"lastDeploymentChangeTime,omitempty"` 5744 // MoreInfoUrls: A collection of URLs that provide more information about the 5745 // update package. 5746 MoreInfoUrls []string `json:"moreInfoUrls,omitempty"` 5747 // RevisionNumber: The revision number of this update package. 5748 RevisionNumber int64 `json:"revisionNumber,omitempty"` 5749 // SupportUrl: A hyperlink to the language-specific support information for the 5750 // update. 5751 SupportUrl string `json:"supportUrl,omitempty"` 5752 // Title: The localized title of the update package. 5753 Title string `json:"title,omitempty"` 5754 // UpdateId: Gets the identifier of an update package. Stays the same across 5755 // revisions. 5756 UpdateId string `json:"updateId,omitempty"` 5757 // ForceSendFields is a list of field names (e.g. "Categories") to 5758 // unconditionally include in API requests. By default, fields with empty or 5759 // default values are omitted from API requests. See 5760 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5761 // details. 5762 ForceSendFields []string `json:"-"` 5763 // NullFields is a list of field names (e.g. "Categories") to include in API 5764 // requests with the JSON null value. By default, fields with empty values are 5765 // omitted from API requests. See 5766 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5767 NullFields []string `json:"-"` 5768 } 5769 5770 func (s *WindowsUpdatePackage) MarshalJSON() ([]byte, error) { 5771 type NoMethod WindowsUpdatePackage 5772 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5773 } 5774 5775 // ZypperPatch: Details related to a Zypper Patch. 5776 type ZypperPatch struct { 5777 // Category: The category of the patch. 5778 Category string `json:"category,omitempty"` 5779 // PatchName: The name of the patch. 5780 PatchName string `json:"patchName,omitempty"` 5781 // Severity: The severity specified for this patch 5782 Severity string `json:"severity,omitempty"` 5783 // Summary: Any summary information provided about this patch. 5784 Summary string `json:"summary,omitempty"` 5785 // ForceSendFields is a list of field names (e.g. "Category") to 5786 // unconditionally include in API requests. By default, fields with empty or 5787 // default values are omitted from API requests. See 5788 // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more 5789 // details. 5790 ForceSendFields []string `json:"-"` 5791 // NullFields is a list of field names (e.g. "Category") to include in API 5792 // requests with the JSON null value. By default, fields with empty values are 5793 // omitted from API requests. See 5794 // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. 5795 NullFields []string `json:"-"` 5796 } 5797 5798 func (s *ZypperPatch) MarshalJSON() ([]byte, error) { 5799 type NoMethod ZypperPatch 5800 return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields) 5801 } 5802 5803 type AssetsListCall struct { 5804 s *Service 5805 parent string 5806 urlParams_ gensupport.URLParams 5807 ifNoneMatch_ string 5808 ctx_ context.Context 5809 header_ http.Header 5810 } 5811 5812 // List: Lists assets with time and resource types and returns paged results in 5813 // response. 5814 // 5815 // - parent: Name of the organization, folder, or project the assets belong to. 5816 // Format: "organizations/[organization-number]" (such as 5817 // "organizations/123"), "projects/[project-id]" (such as 5818 // "projects/my-project-id"), "projects/[project-number]" (such as 5819 // "projects/12345"), or "folders/[folder-number]" (such as "folders/12345"). 5820 func (r *AssetsService) List(parent string) *AssetsListCall { 5821 c := &AssetsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 5822 c.parent = parent 5823 return c 5824 } 5825 5826 // AssetTypes sets the optional parameter "assetTypes": A list of asset types 5827 // to take a snapshot for. For example: "compute.googleapis.com/Disk". Regular 5828 // expression is also supported. For example: * "compute.googleapis.com.*" 5829 // snapshots resources whose asset type starts with "compute.googleapis.com". * 5830 // ".*Instance" snapshots resources whose asset type ends with "Instance". * 5831 // ".*Instance.*" snapshots resources whose asset type contains "Instance". See 5832 // RE2 (https://github.com/google/re2/wiki/Syntax) for all supported regular 5833 // expression syntax. If the regular expression does not match any supported 5834 // asset type, an INVALID_ARGUMENT error will be returned. If specified, only 5835 // matching assets will be returned, otherwise, it will snapshot all asset 5836 // types. See Introduction to Cloud Asset Inventory 5837 // (https://cloud.google.com/asset-inventory/docs/overview) for all supported 5838 // asset types. 5839 func (c *AssetsListCall) AssetTypes(assetTypes ...string) *AssetsListCall { 5840 c.urlParams_.SetMulti("assetTypes", append([]string{}, assetTypes...)) 5841 return c 5842 } 5843 5844 // ContentType sets the optional parameter "contentType": Asset content type. 5845 // If not specified, no content but the asset name will be returned. 5846 // 5847 // Possible values: 5848 // 5849 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 5850 // "RESOURCE" - Resource metadata. 5851 // "IAM_POLICY" - The actual IAM policy set on a resource. 5852 // "ORG_POLICY" - The organization policy set on an asset. 5853 // "ACCESS_POLICY" - The Access Context Manager policy set on an asset. 5854 // "OS_INVENTORY" - The runtime OS Inventory information. 5855 // "RELATIONSHIP" - The related resources. 5856 func (c *AssetsListCall) ContentType(contentType string) *AssetsListCall { 5857 c.urlParams_.Set("contentType", contentType) 5858 return c 5859 } 5860 5861 // PageSize sets the optional parameter "pageSize": The maximum number of 5862 // assets to be returned in a single response. Default is 100, minimum is 1, 5863 // and maximum is 1000. 5864 func (c *AssetsListCall) PageSize(pageSize int64) *AssetsListCall { 5865 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 5866 return c 5867 } 5868 5869 // PageToken sets the optional parameter "pageToken": The `next_page_token` 5870 // returned from the previous `ListAssetsResponse`, or unspecified for the 5871 // first `ListAssetsRequest`. It is a continuation of a prior `ListAssets` 5872 // call, and the API should return the next page of assets. 5873 func (c *AssetsListCall) PageToken(pageToken string) *AssetsListCall { 5874 c.urlParams_.Set("pageToken", pageToken) 5875 return c 5876 } 5877 5878 // ReadTime sets the optional parameter "readTime": Timestamp to take an asset 5879 // snapshot. This can only be set to a timestamp between the current time and 5880 // the current time minus 35 days (inclusive). If not specified, the current 5881 // time will be used. Due to delays in resource data collection and indexing, 5882 // there is a volatile window during which running the same query may get 5883 // different results. 5884 func (c *AssetsListCall) ReadTime(readTime string) *AssetsListCall { 5885 c.urlParams_.Set("readTime", readTime) 5886 return c 5887 } 5888 5889 // RelationshipTypes sets the optional parameter "relationshipTypes": A list of 5890 // relationship types to output, for example: `INSTANCE_TO_INSTANCEGROUP`. This 5891 // field should only be specified if content_type=RELATIONSHIP. * If specified: 5892 // it snapshots specified relationships. It returns an error if any of the 5893 // [relationship_types] doesn't belong to the supported relationship types of 5894 // the [asset_types] or if any of the [asset_types] doesn't belong to the 5895 // source types of the [relationship_types]. * Otherwise: it snapshots the 5896 // supported relationships for all [asset_types] or returns an error if any of 5897 // the [asset_types] has no relationship support. An unspecified asset types 5898 // field means all supported asset_types. See Introduction to Cloud Asset 5899 // Inventory (https://cloud.google.com/asset-inventory/docs/overview) for all 5900 // supported asset types and relationship types. 5901 func (c *AssetsListCall) RelationshipTypes(relationshipTypes ...string) *AssetsListCall { 5902 c.urlParams_.SetMulti("relationshipTypes", append([]string{}, relationshipTypes...)) 5903 return c 5904 } 5905 5906 // Fields allows partial responses to be retrieved. See 5907 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 5908 // details. 5909 func (c *AssetsListCall) Fields(s ...googleapi.Field) *AssetsListCall { 5910 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 5911 return c 5912 } 5913 5914 // IfNoneMatch sets an optional parameter which makes the operation fail if the 5915 // object's ETag matches the given value. This is useful for getting updates 5916 // only after the object has changed since the last request. 5917 func (c *AssetsListCall) IfNoneMatch(entityTag string) *AssetsListCall { 5918 c.ifNoneMatch_ = entityTag 5919 return c 5920 } 5921 5922 // Context sets the context to be used in this call's Do method. 5923 func (c *AssetsListCall) Context(ctx context.Context) *AssetsListCall { 5924 c.ctx_ = ctx 5925 return c 5926 } 5927 5928 // Header returns a http.Header that can be modified by the caller to add 5929 // headers to the request. 5930 func (c *AssetsListCall) Header() http.Header { 5931 if c.header_ == nil { 5932 c.header_ = make(http.Header) 5933 } 5934 return c.header_ 5935 } 5936 5937 func (c *AssetsListCall) doRequest(alt string) (*http.Response, error) { 5938 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 5939 if c.ifNoneMatch_ != "" { 5940 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 5941 } 5942 var body io.Reader = nil 5943 c.urlParams_.Set("alt", alt) 5944 c.urlParams_.Set("prettyPrint", "false") 5945 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/assets") 5946 urls += "?" + c.urlParams_.Encode() 5947 req, err := http.NewRequest("GET", urls, body) 5948 if err != nil { 5949 return nil, err 5950 } 5951 req.Header = reqHeaders 5952 googleapi.Expand(req.URL, map[string]string{ 5953 "parent": c.parent, 5954 }) 5955 return gensupport.SendRequest(c.ctx_, c.s.client, req) 5956 } 5957 5958 // Do executes the "cloudasset.assets.list" call. 5959 // Any non-2xx status code is an error. Response headers are in either 5960 // *ListAssetsResponse.ServerResponse.Header or (if a response was returned at 5961 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 5962 // check whether the returned error was because http.StatusNotModified was 5963 // returned. 5964 func (c *AssetsListCall) Do(opts ...googleapi.CallOption) (*ListAssetsResponse, error) { 5965 gensupport.SetOptions(c.urlParams_, opts...) 5966 res, err := c.doRequest("json") 5967 if res != nil && res.StatusCode == http.StatusNotModified { 5968 if res.Body != nil { 5969 res.Body.Close() 5970 } 5971 return nil, gensupport.WrapError(&googleapi.Error{ 5972 Code: res.StatusCode, 5973 Header: res.Header, 5974 }) 5975 } 5976 if err != nil { 5977 return nil, err 5978 } 5979 defer googleapi.CloseBody(res) 5980 if err := googleapi.CheckResponse(res); err != nil { 5981 return nil, gensupport.WrapError(err) 5982 } 5983 ret := &ListAssetsResponse{ 5984 ServerResponse: googleapi.ServerResponse{ 5985 Header: res.Header, 5986 HTTPStatusCode: res.StatusCode, 5987 }, 5988 } 5989 target := &ret 5990 if err := gensupport.DecodeResponse(target, res); err != nil { 5991 return nil, err 5992 } 5993 return ret, nil 5994 } 5995 5996 // Pages invokes f for each page of results. 5997 // A non-nil error returned from f will halt the iteration. 5998 // The provided context supersedes any context provided to the Context method. 5999 func (c *AssetsListCall) Pages(ctx context.Context, f func(*ListAssetsResponse) error) error { 6000 c.ctx_ = ctx 6001 defer c.PageToken(c.urlParams_.Get("pageToken")) 6002 for { 6003 x, err := c.Do() 6004 if err != nil { 6005 return err 6006 } 6007 if err := f(x); err != nil { 6008 return err 6009 } 6010 if x.NextPageToken == "" { 6011 return nil 6012 } 6013 c.PageToken(x.NextPageToken) 6014 } 6015 } 6016 6017 type EffectiveIamPoliciesBatchGetCall struct { 6018 s *Service 6019 scope string 6020 urlParams_ gensupport.URLParams 6021 ifNoneMatch_ string 6022 ctx_ context.Context 6023 header_ http.Header 6024 } 6025 6026 // BatchGet: Gets effective IAM policies for a batch of resources. 6027 // 6028 // - scope: Only IAM policies on or below the scope will be returned. This can 6029 // only be an organization number (such as "organizations/123"), a folder 6030 // number (such as "folders/123"), a project ID (such as 6031 // "projects/my-project-id"), or a project number (such as "projects/12345"). 6032 // To know how to get organization ID, visit here 6033 // (https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). 6034 // To know how to get folder or project ID, visit here 6035 // (https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). 6036 func (r *EffectiveIamPoliciesService) BatchGet(scope string) *EffectiveIamPoliciesBatchGetCall { 6037 c := &EffectiveIamPoliciesBatchGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6038 c.scope = scope 6039 return c 6040 } 6041 6042 // Names sets the optional parameter "names": Required. The names refer to the 6043 // [full_resource_names] 6044 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of the 6045 // asset types supported by search APIs 6046 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types). A 6047 // maximum of 20 resources' effective policies can be retrieved in a batch. 6048 func (c *EffectiveIamPoliciesBatchGetCall) Names(names ...string) *EffectiveIamPoliciesBatchGetCall { 6049 c.urlParams_.SetMulti("names", append([]string{}, names...)) 6050 return c 6051 } 6052 6053 // Fields allows partial responses to be retrieved. See 6054 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6055 // details. 6056 func (c *EffectiveIamPoliciesBatchGetCall) Fields(s ...googleapi.Field) *EffectiveIamPoliciesBatchGetCall { 6057 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6058 return c 6059 } 6060 6061 // IfNoneMatch sets an optional parameter which makes the operation fail if the 6062 // object's ETag matches the given value. This is useful for getting updates 6063 // only after the object has changed since the last request. 6064 func (c *EffectiveIamPoliciesBatchGetCall) IfNoneMatch(entityTag string) *EffectiveIamPoliciesBatchGetCall { 6065 c.ifNoneMatch_ = entityTag 6066 return c 6067 } 6068 6069 // Context sets the context to be used in this call's Do method. 6070 func (c *EffectiveIamPoliciesBatchGetCall) Context(ctx context.Context) *EffectiveIamPoliciesBatchGetCall { 6071 c.ctx_ = ctx 6072 return c 6073 } 6074 6075 // Header returns a http.Header that can be modified by the caller to add 6076 // headers to the request. 6077 func (c *EffectiveIamPoliciesBatchGetCall) Header() http.Header { 6078 if c.header_ == nil { 6079 c.header_ = make(http.Header) 6080 } 6081 return c.header_ 6082 } 6083 6084 func (c *EffectiveIamPoliciesBatchGetCall) doRequest(alt string) (*http.Response, error) { 6085 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 6086 if c.ifNoneMatch_ != "" { 6087 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6088 } 6089 var body io.Reader = nil 6090 c.urlParams_.Set("alt", alt) 6091 c.urlParams_.Set("prettyPrint", "false") 6092 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}/effectiveIamPolicies:batchGet") 6093 urls += "?" + c.urlParams_.Encode() 6094 req, err := http.NewRequest("GET", urls, body) 6095 if err != nil { 6096 return nil, err 6097 } 6098 req.Header = reqHeaders 6099 googleapi.Expand(req.URL, map[string]string{ 6100 "scope": c.scope, 6101 }) 6102 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6103 } 6104 6105 // Do executes the "cloudasset.effectiveIamPolicies.batchGet" call. 6106 // Any non-2xx status code is an error. Response headers are in either 6107 // *BatchGetEffectiveIamPoliciesResponse.ServerResponse.Header or (if a 6108 // response was returned at all) in error.(*googleapi.Error).Header. Use 6109 // googleapi.IsNotModified to check whether the returned error was because 6110 // http.StatusNotModified was returned. 6111 func (c *EffectiveIamPoliciesBatchGetCall) Do(opts ...googleapi.CallOption) (*BatchGetEffectiveIamPoliciesResponse, error) { 6112 gensupport.SetOptions(c.urlParams_, opts...) 6113 res, err := c.doRequest("json") 6114 if res != nil && res.StatusCode == http.StatusNotModified { 6115 if res.Body != nil { 6116 res.Body.Close() 6117 } 6118 return nil, gensupport.WrapError(&googleapi.Error{ 6119 Code: res.StatusCode, 6120 Header: res.Header, 6121 }) 6122 } 6123 if err != nil { 6124 return nil, err 6125 } 6126 defer googleapi.CloseBody(res) 6127 if err := googleapi.CheckResponse(res); err != nil { 6128 return nil, gensupport.WrapError(err) 6129 } 6130 ret := &BatchGetEffectiveIamPoliciesResponse{ 6131 ServerResponse: googleapi.ServerResponse{ 6132 Header: res.Header, 6133 HTTPStatusCode: res.StatusCode, 6134 }, 6135 } 6136 target := &ret 6137 if err := gensupport.DecodeResponse(target, res); err != nil { 6138 return nil, err 6139 } 6140 return ret, nil 6141 } 6142 6143 type FeedsCreateCall struct { 6144 s *Service 6145 parent string 6146 createfeedrequest *CreateFeedRequest 6147 urlParams_ gensupport.URLParams 6148 ctx_ context.Context 6149 header_ http.Header 6150 } 6151 6152 // Create: Creates a feed in a parent project/folder/organization to listen to 6153 // its asset updates. 6154 // 6155 // - parent: The name of the project/folder/organization where this feed should 6156 // be created in. It can only be an organization number (such as 6157 // "organizations/123"), a folder number (such as "folders/123"), a project 6158 // ID (such as "projects/my-project-id"), or a project number (such as 6159 // "projects/12345"). 6160 func (r *FeedsService) Create(parent string, createfeedrequest *CreateFeedRequest) *FeedsCreateCall { 6161 c := &FeedsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6162 c.parent = parent 6163 c.createfeedrequest = createfeedrequest 6164 return c 6165 } 6166 6167 // Fields allows partial responses to be retrieved. See 6168 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6169 // details. 6170 func (c *FeedsCreateCall) Fields(s ...googleapi.Field) *FeedsCreateCall { 6171 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6172 return c 6173 } 6174 6175 // Context sets the context to be used in this call's Do method. 6176 func (c *FeedsCreateCall) Context(ctx context.Context) *FeedsCreateCall { 6177 c.ctx_ = ctx 6178 return c 6179 } 6180 6181 // Header returns a http.Header that can be modified by the caller to add 6182 // headers to the request. 6183 func (c *FeedsCreateCall) Header() http.Header { 6184 if c.header_ == nil { 6185 c.header_ = make(http.Header) 6186 } 6187 return c.header_ 6188 } 6189 6190 func (c *FeedsCreateCall) doRequest(alt string) (*http.Response, error) { 6191 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) 6192 var body io.Reader = nil 6193 body, err := googleapi.WithoutDataWrapper.JSONReader(c.createfeedrequest) 6194 if err != nil { 6195 return nil, err 6196 } 6197 c.urlParams_.Set("alt", alt) 6198 c.urlParams_.Set("prettyPrint", "false") 6199 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/feeds") 6200 urls += "?" + c.urlParams_.Encode() 6201 req, err := http.NewRequest("POST", urls, body) 6202 if err != nil { 6203 return nil, err 6204 } 6205 req.Header = reqHeaders 6206 googleapi.Expand(req.URL, map[string]string{ 6207 "parent": c.parent, 6208 }) 6209 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6210 } 6211 6212 // Do executes the "cloudasset.feeds.create" call. 6213 // Any non-2xx status code is an error. Response headers are in either 6214 // *Feed.ServerResponse.Header or (if a response was returned at all) in 6215 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6216 // whether the returned error was because http.StatusNotModified was returned. 6217 func (c *FeedsCreateCall) Do(opts ...googleapi.CallOption) (*Feed, error) { 6218 gensupport.SetOptions(c.urlParams_, opts...) 6219 res, err := c.doRequest("json") 6220 if res != nil && res.StatusCode == http.StatusNotModified { 6221 if res.Body != nil { 6222 res.Body.Close() 6223 } 6224 return nil, gensupport.WrapError(&googleapi.Error{ 6225 Code: res.StatusCode, 6226 Header: res.Header, 6227 }) 6228 } 6229 if err != nil { 6230 return nil, err 6231 } 6232 defer googleapi.CloseBody(res) 6233 if err := googleapi.CheckResponse(res); err != nil { 6234 return nil, gensupport.WrapError(err) 6235 } 6236 ret := &Feed{ 6237 ServerResponse: googleapi.ServerResponse{ 6238 Header: res.Header, 6239 HTTPStatusCode: res.StatusCode, 6240 }, 6241 } 6242 target := &ret 6243 if err := gensupport.DecodeResponse(target, res); err != nil { 6244 return nil, err 6245 } 6246 return ret, nil 6247 } 6248 6249 type FeedsDeleteCall struct { 6250 s *Service 6251 name string 6252 urlParams_ gensupport.URLParams 6253 ctx_ context.Context 6254 header_ http.Header 6255 } 6256 6257 // Delete: Deletes an asset feed. 6258 // 6259 // - name: The name of the feed and it must be in the format of: 6260 // projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id 6261 // organizations/organization_number/feeds/feed_id. 6262 func (r *FeedsService) Delete(name string) *FeedsDeleteCall { 6263 c := &FeedsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6264 c.name = name 6265 return c 6266 } 6267 6268 // Fields allows partial responses to be retrieved. See 6269 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6270 // details. 6271 func (c *FeedsDeleteCall) Fields(s ...googleapi.Field) *FeedsDeleteCall { 6272 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6273 return c 6274 } 6275 6276 // Context sets the context to be used in this call's Do method. 6277 func (c *FeedsDeleteCall) Context(ctx context.Context) *FeedsDeleteCall { 6278 c.ctx_ = ctx 6279 return c 6280 } 6281 6282 // Header returns a http.Header that can be modified by the caller to add 6283 // headers to the request. 6284 func (c *FeedsDeleteCall) Header() http.Header { 6285 if c.header_ == nil { 6286 c.header_ = make(http.Header) 6287 } 6288 return c.header_ 6289 } 6290 6291 func (c *FeedsDeleteCall) doRequest(alt string) (*http.Response, error) { 6292 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 6293 var body io.Reader = nil 6294 c.urlParams_.Set("alt", alt) 6295 c.urlParams_.Set("prettyPrint", "false") 6296 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6297 urls += "?" + c.urlParams_.Encode() 6298 req, err := http.NewRequest("DELETE", urls, body) 6299 if err != nil { 6300 return nil, err 6301 } 6302 req.Header = reqHeaders 6303 googleapi.Expand(req.URL, map[string]string{ 6304 "name": c.name, 6305 }) 6306 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6307 } 6308 6309 // Do executes the "cloudasset.feeds.delete" call. 6310 // Any non-2xx status code is an error. Response headers are in either 6311 // *Empty.ServerResponse.Header or (if a response was returned at all) in 6312 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6313 // whether the returned error was because http.StatusNotModified was returned. 6314 func (c *FeedsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 6315 gensupport.SetOptions(c.urlParams_, opts...) 6316 res, err := c.doRequest("json") 6317 if res != nil && res.StatusCode == http.StatusNotModified { 6318 if res.Body != nil { 6319 res.Body.Close() 6320 } 6321 return nil, gensupport.WrapError(&googleapi.Error{ 6322 Code: res.StatusCode, 6323 Header: res.Header, 6324 }) 6325 } 6326 if err != nil { 6327 return nil, err 6328 } 6329 defer googleapi.CloseBody(res) 6330 if err := googleapi.CheckResponse(res); err != nil { 6331 return nil, gensupport.WrapError(err) 6332 } 6333 ret := &Empty{ 6334 ServerResponse: googleapi.ServerResponse{ 6335 Header: res.Header, 6336 HTTPStatusCode: res.StatusCode, 6337 }, 6338 } 6339 target := &ret 6340 if err := gensupport.DecodeResponse(target, res); err != nil { 6341 return nil, err 6342 } 6343 return ret, nil 6344 } 6345 6346 type FeedsGetCall struct { 6347 s *Service 6348 name string 6349 urlParams_ gensupport.URLParams 6350 ifNoneMatch_ string 6351 ctx_ context.Context 6352 header_ http.Header 6353 } 6354 6355 // Get: Gets details about an asset feed. 6356 // 6357 // - name: The name of the Feed and it must be in the format of: 6358 // projects/project_number/feeds/feed_id folders/folder_number/feeds/feed_id 6359 // organizations/organization_number/feeds/feed_id. 6360 func (r *FeedsService) Get(name string) *FeedsGetCall { 6361 c := &FeedsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6362 c.name = name 6363 return c 6364 } 6365 6366 // Fields allows partial responses to be retrieved. See 6367 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6368 // details. 6369 func (c *FeedsGetCall) Fields(s ...googleapi.Field) *FeedsGetCall { 6370 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6371 return c 6372 } 6373 6374 // IfNoneMatch sets an optional parameter which makes the operation fail if the 6375 // object's ETag matches the given value. This is useful for getting updates 6376 // only after the object has changed since the last request. 6377 func (c *FeedsGetCall) IfNoneMatch(entityTag string) *FeedsGetCall { 6378 c.ifNoneMatch_ = entityTag 6379 return c 6380 } 6381 6382 // Context sets the context to be used in this call's Do method. 6383 func (c *FeedsGetCall) Context(ctx context.Context) *FeedsGetCall { 6384 c.ctx_ = ctx 6385 return c 6386 } 6387 6388 // Header returns a http.Header that can be modified by the caller to add 6389 // headers to the request. 6390 func (c *FeedsGetCall) Header() http.Header { 6391 if c.header_ == nil { 6392 c.header_ = make(http.Header) 6393 } 6394 return c.header_ 6395 } 6396 6397 func (c *FeedsGetCall) doRequest(alt string) (*http.Response, error) { 6398 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 6399 if c.ifNoneMatch_ != "" { 6400 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6401 } 6402 var body io.Reader = nil 6403 c.urlParams_.Set("alt", alt) 6404 c.urlParams_.Set("prettyPrint", "false") 6405 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6406 urls += "?" + c.urlParams_.Encode() 6407 req, err := http.NewRequest("GET", urls, body) 6408 if err != nil { 6409 return nil, err 6410 } 6411 req.Header = reqHeaders 6412 googleapi.Expand(req.URL, map[string]string{ 6413 "name": c.name, 6414 }) 6415 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6416 } 6417 6418 // Do executes the "cloudasset.feeds.get" call. 6419 // Any non-2xx status code is an error. Response headers are in either 6420 // *Feed.ServerResponse.Header or (if a response was returned at all) in 6421 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6422 // whether the returned error was because http.StatusNotModified was returned. 6423 func (c *FeedsGetCall) Do(opts ...googleapi.CallOption) (*Feed, error) { 6424 gensupport.SetOptions(c.urlParams_, opts...) 6425 res, err := c.doRequest("json") 6426 if res != nil && res.StatusCode == http.StatusNotModified { 6427 if res.Body != nil { 6428 res.Body.Close() 6429 } 6430 return nil, gensupport.WrapError(&googleapi.Error{ 6431 Code: res.StatusCode, 6432 Header: res.Header, 6433 }) 6434 } 6435 if err != nil { 6436 return nil, err 6437 } 6438 defer googleapi.CloseBody(res) 6439 if err := googleapi.CheckResponse(res); err != nil { 6440 return nil, gensupport.WrapError(err) 6441 } 6442 ret := &Feed{ 6443 ServerResponse: googleapi.ServerResponse{ 6444 Header: res.Header, 6445 HTTPStatusCode: res.StatusCode, 6446 }, 6447 } 6448 target := &ret 6449 if err := gensupport.DecodeResponse(target, res); err != nil { 6450 return nil, err 6451 } 6452 return ret, nil 6453 } 6454 6455 type FeedsListCall struct { 6456 s *Service 6457 parent string 6458 urlParams_ gensupport.URLParams 6459 ifNoneMatch_ string 6460 ctx_ context.Context 6461 header_ http.Header 6462 } 6463 6464 // List: Lists all asset feeds in a parent project/folder/organization. 6465 // 6466 // - parent: The parent project/folder/organization whose feeds are to be 6467 // listed. It can only be using project/folder/organization number (such as 6468 // "folders/12345")", or a project ID (such as "projects/my-project-id"). 6469 func (r *FeedsService) List(parent string) *FeedsListCall { 6470 c := &FeedsListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6471 c.parent = parent 6472 return c 6473 } 6474 6475 // Fields allows partial responses to be retrieved. See 6476 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6477 // details. 6478 func (c *FeedsListCall) Fields(s ...googleapi.Field) *FeedsListCall { 6479 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6480 return c 6481 } 6482 6483 // IfNoneMatch sets an optional parameter which makes the operation fail if the 6484 // object's ETag matches the given value. This is useful for getting updates 6485 // only after the object has changed since the last request. 6486 func (c *FeedsListCall) IfNoneMatch(entityTag string) *FeedsListCall { 6487 c.ifNoneMatch_ = entityTag 6488 return c 6489 } 6490 6491 // Context sets the context to be used in this call's Do method. 6492 func (c *FeedsListCall) Context(ctx context.Context) *FeedsListCall { 6493 c.ctx_ = ctx 6494 return c 6495 } 6496 6497 // Header returns a http.Header that can be modified by the caller to add 6498 // headers to the request. 6499 func (c *FeedsListCall) Header() http.Header { 6500 if c.header_ == nil { 6501 c.header_ = make(http.Header) 6502 } 6503 return c.header_ 6504 } 6505 6506 func (c *FeedsListCall) doRequest(alt string) (*http.Response, error) { 6507 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 6508 if c.ifNoneMatch_ != "" { 6509 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6510 } 6511 var body io.Reader = nil 6512 c.urlParams_.Set("alt", alt) 6513 c.urlParams_.Set("prettyPrint", "false") 6514 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/feeds") 6515 urls += "?" + c.urlParams_.Encode() 6516 req, err := http.NewRequest("GET", urls, body) 6517 if err != nil { 6518 return nil, err 6519 } 6520 req.Header = reqHeaders 6521 googleapi.Expand(req.URL, map[string]string{ 6522 "parent": c.parent, 6523 }) 6524 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6525 } 6526 6527 // Do executes the "cloudasset.feeds.list" call. 6528 // Any non-2xx status code is an error. Response headers are in either 6529 // *ListFeedsResponse.ServerResponse.Header or (if a response was returned at 6530 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 6531 // check whether the returned error was because http.StatusNotModified was 6532 // returned. 6533 func (c *FeedsListCall) Do(opts ...googleapi.CallOption) (*ListFeedsResponse, error) { 6534 gensupport.SetOptions(c.urlParams_, opts...) 6535 res, err := c.doRequest("json") 6536 if res != nil && res.StatusCode == http.StatusNotModified { 6537 if res.Body != nil { 6538 res.Body.Close() 6539 } 6540 return nil, gensupport.WrapError(&googleapi.Error{ 6541 Code: res.StatusCode, 6542 Header: res.Header, 6543 }) 6544 } 6545 if err != nil { 6546 return nil, err 6547 } 6548 defer googleapi.CloseBody(res) 6549 if err := googleapi.CheckResponse(res); err != nil { 6550 return nil, gensupport.WrapError(err) 6551 } 6552 ret := &ListFeedsResponse{ 6553 ServerResponse: googleapi.ServerResponse{ 6554 Header: res.Header, 6555 HTTPStatusCode: res.StatusCode, 6556 }, 6557 } 6558 target := &ret 6559 if err := gensupport.DecodeResponse(target, res); err != nil { 6560 return nil, err 6561 } 6562 return ret, nil 6563 } 6564 6565 type FeedsPatchCall struct { 6566 s *Service 6567 nameid string 6568 updatefeedrequest *UpdateFeedRequest 6569 urlParams_ gensupport.URLParams 6570 ctx_ context.Context 6571 header_ http.Header 6572 } 6573 6574 // Patch: Updates an asset feed configuration. 6575 // 6576 // - name: The format will be 6577 // projects/{project_number}/feeds/{client-assigned_feed_identifier} or 6578 // folders/{folder_number}/feeds/{client-assigned_feed_identifier} or 6579 // organizations/{organization_number}/feeds/{client-assigned_feed_identifier} 6580 // The client-assigned feed identifier must be unique within the parent 6581 // project/folder/organization. 6582 func (r *FeedsService) Patch(nameid string, updatefeedrequest *UpdateFeedRequest) *FeedsPatchCall { 6583 c := &FeedsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6584 c.nameid = nameid 6585 c.updatefeedrequest = updatefeedrequest 6586 return c 6587 } 6588 6589 // Fields allows partial responses to be retrieved. See 6590 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6591 // details. 6592 func (c *FeedsPatchCall) Fields(s ...googleapi.Field) *FeedsPatchCall { 6593 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6594 return c 6595 } 6596 6597 // Context sets the context to be used in this call's Do method. 6598 func (c *FeedsPatchCall) Context(ctx context.Context) *FeedsPatchCall { 6599 c.ctx_ = ctx 6600 return c 6601 } 6602 6603 // Header returns a http.Header that can be modified by the caller to add 6604 // headers to the request. 6605 func (c *FeedsPatchCall) Header() http.Header { 6606 if c.header_ == nil { 6607 c.header_ = make(http.Header) 6608 } 6609 return c.header_ 6610 } 6611 6612 func (c *FeedsPatchCall) doRequest(alt string) (*http.Response, error) { 6613 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) 6614 var body io.Reader = nil 6615 body, err := googleapi.WithoutDataWrapper.JSONReader(c.updatefeedrequest) 6616 if err != nil { 6617 return nil, err 6618 } 6619 c.urlParams_.Set("alt", alt) 6620 c.urlParams_.Set("prettyPrint", "false") 6621 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6622 urls += "?" + c.urlParams_.Encode() 6623 req, err := http.NewRequest("PATCH", urls, body) 6624 if err != nil { 6625 return nil, err 6626 } 6627 req.Header = reqHeaders 6628 googleapi.Expand(req.URL, map[string]string{ 6629 "name": c.nameid, 6630 }) 6631 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6632 } 6633 6634 // Do executes the "cloudasset.feeds.patch" call. 6635 // Any non-2xx status code is an error. Response headers are in either 6636 // *Feed.ServerResponse.Header or (if a response was returned at all) in 6637 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6638 // whether the returned error was because http.StatusNotModified was returned. 6639 func (c *FeedsPatchCall) Do(opts ...googleapi.CallOption) (*Feed, error) { 6640 gensupport.SetOptions(c.urlParams_, opts...) 6641 res, err := c.doRequest("json") 6642 if res != nil && res.StatusCode == http.StatusNotModified { 6643 if res.Body != nil { 6644 res.Body.Close() 6645 } 6646 return nil, gensupport.WrapError(&googleapi.Error{ 6647 Code: res.StatusCode, 6648 Header: res.Header, 6649 }) 6650 } 6651 if err != nil { 6652 return nil, err 6653 } 6654 defer googleapi.CloseBody(res) 6655 if err := googleapi.CheckResponse(res); err != nil { 6656 return nil, gensupport.WrapError(err) 6657 } 6658 ret := &Feed{ 6659 ServerResponse: googleapi.ServerResponse{ 6660 Header: res.Header, 6661 HTTPStatusCode: res.StatusCode, 6662 }, 6663 } 6664 target := &ret 6665 if err := gensupport.DecodeResponse(target, res); err != nil { 6666 return nil, err 6667 } 6668 return ret, nil 6669 } 6670 6671 type OperationsGetCall struct { 6672 s *Service 6673 name string 6674 urlParams_ gensupport.URLParams 6675 ifNoneMatch_ string 6676 ctx_ context.Context 6677 header_ http.Header 6678 } 6679 6680 // Get: Gets the latest state of a long-running operation. Clients can use this 6681 // method to poll the operation result at intervals as recommended by the API 6682 // service. 6683 // 6684 // - name: The name of the operation resource. 6685 func (r *OperationsService) Get(name string) *OperationsGetCall { 6686 c := &OperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6687 c.name = name 6688 return c 6689 } 6690 6691 // Fields allows partial responses to be retrieved. See 6692 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6693 // details. 6694 func (c *OperationsGetCall) Fields(s ...googleapi.Field) *OperationsGetCall { 6695 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6696 return c 6697 } 6698 6699 // IfNoneMatch sets an optional parameter which makes the operation fail if the 6700 // object's ETag matches the given value. This is useful for getting updates 6701 // only after the object has changed since the last request. 6702 func (c *OperationsGetCall) IfNoneMatch(entityTag string) *OperationsGetCall { 6703 c.ifNoneMatch_ = entityTag 6704 return c 6705 } 6706 6707 // Context sets the context to be used in this call's Do method. 6708 func (c *OperationsGetCall) Context(ctx context.Context) *OperationsGetCall { 6709 c.ctx_ = ctx 6710 return c 6711 } 6712 6713 // Header returns a http.Header that can be modified by the caller to add 6714 // headers to the request. 6715 func (c *OperationsGetCall) Header() http.Header { 6716 if c.header_ == nil { 6717 c.header_ = make(http.Header) 6718 } 6719 return c.header_ 6720 } 6721 6722 func (c *OperationsGetCall) doRequest(alt string) (*http.Response, error) { 6723 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 6724 if c.ifNoneMatch_ != "" { 6725 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 6726 } 6727 var body io.Reader = nil 6728 c.urlParams_.Set("alt", alt) 6729 c.urlParams_.Set("prettyPrint", "false") 6730 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6731 urls += "?" + c.urlParams_.Encode() 6732 req, err := http.NewRequest("GET", urls, body) 6733 if err != nil { 6734 return nil, err 6735 } 6736 req.Header = reqHeaders 6737 googleapi.Expand(req.URL, map[string]string{ 6738 "name": c.name, 6739 }) 6740 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6741 } 6742 6743 // Do executes the "cloudasset.operations.get" call. 6744 // Any non-2xx status code is an error. Response headers are in either 6745 // *Operation.ServerResponse.Header or (if a response was returned at all) in 6746 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6747 // whether the returned error was because http.StatusNotModified was returned. 6748 func (c *OperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 6749 gensupport.SetOptions(c.urlParams_, opts...) 6750 res, err := c.doRequest("json") 6751 if res != nil && res.StatusCode == http.StatusNotModified { 6752 if res.Body != nil { 6753 res.Body.Close() 6754 } 6755 return nil, gensupport.WrapError(&googleapi.Error{ 6756 Code: res.StatusCode, 6757 Header: res.Header, 6758 }) 6759 } 6760 if err != nil { 6761 return nil, err 6762 } 6763 defer googleapi.CloseBody(res) 6764 if err := googleapi.CheckResponse(res); err != nil { 6765 return nil, gensupport.WrapError(err) 6766 } 6767 ret := &Operation{ 6768 ServerResponse: googleapi.ServerResponse{ 6769 Header: res.Header, 6770 HTTPStatusCode: res.StatusCode, 6771 }, 6772 } 6773 target := &ret 6774 if err := gensupport.DecodeResponse(target, res); err != nil { 6775 return nil, err 6776 } 6777 return ret, nil 6778 } 6779 6780 type SavedQueriesCreateCall struct { 6781 s *Service 6782 parent string 6783 savedquery *SavedQuery 6784 urlParams_ gensupport.URLParams 6785 ctx_ context.Context 6786 header_ http.Header 6787 } 6788 6789 // Create: Creates a saved query in a parent project/folder/organization. 6790 // 6791 // - parent: The name of the project/folder/organization where this saved_query 6792 // should be created in. It can only be an organization number (such as 6793 // "organizations/123"), a folder number (such as "folders/123"), a project 6794 // ID (such as "projects/my-project-id"), or a project number (such as 6795 // "projects/12345"). 6796 func (r *SavedQueriesService) Create(parent string, savedquery *SavedQuery) *SavedQueriesCreateCall { 6797 c := &SavedQueriesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6798 c.parent = parent 6799 c.savedquery = savedquery 6800 return c 6801 } 6802 6803 // SavedQueryId sets the optional parameter "savedQueryId": Required. The ID to 6804 // use for the saved query, which must be unique in the specified parent. It 6805 // will become the final component of the saved query's resource name. This 6806 // value should be 4-63 characters, and valid characters are `a-z-`. Notice 6807 // that this field is required in the saved query creation, and the `name` 6808 // field of the `saved_query` will be ignored. 6809 func (c *SavedQueriesCreateCall) SavedQueryId(savedQueryId string) *SavedQueriesCreateCall { 6810 c.urlParams_.Set("savedQueryId", savedQueryId) 6811 return c 6812 } 6813 6814 // Fields allows partial responses to be retrieved. See 6815 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6816 // details. 6817 func (c *SavedQueriesCreateCall) Fields(s ...googleapi.Field) *SavedQueriesCreateCall { 6818 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6819 return c 6820 } 6821 6822 // Context sets the context to be used in this call's Do method. 6823 func (c *SavedQueriesCreateCall) Context(ctx context.Context) *SavedQueriesCreateCall { 6824 c.ctx_ = ctx 6825 return c 6826 } 6827 6828 // Header returns a http.Header that can be modified by the caller to add 6829 // headers to the request. 6830 func (c *SavedQueriesCreateCall) Header() http.Header { 6831 if c.header_ == nil { 6832 c.header_ = make(http.Header) 6833 } 6834 return c.header_ 6835 } 6836 6837 func (c *SavedQueriesCreateCall) doRequest(alt string) (*http.Response, error) { 6838 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) 6839 var body io.Reader = nil 6840 body, err := googleapi.WithoutDataWrapper.JSONReader(c.savedquery) 6841 if err != nil { 6842 return nil, err 6843 } 6844 c.urlParams_.Set("alt", alt) 6845 c.urlParams_.Set("prettyPrint", "false") 6846 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/savedQueries") 6847 urls += "?" + c.urlParams_.Encode() 6848 req, err := http.NewRequest("POST", urls, body) 6849 if err != nil { 6850 return nil, err 6851 } 6852 req.Header = reqHeaders 6853 googleapi.Expand(req.URL, map[string]string{ 6854 "parent": c.parent, 6855 }) 6856 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6857 } 6858 6859 // Do executes the "cloudasset.savedQueries.create" call. 6860 // Any non-2xx status code is an error. Response headers are in either 6861 // *SavedQuery.ServerResponse.Header or (if a response was returned at all) in 6862 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6863 // whether the returned error was because http.StatusNotModified was returned. 6864 func (c *SavedQueriesCreateCall) Do(opts ...googleapi.CallOption) (*SavedQuery, error) { 6865 gensupport.SetOptions(c.urlParams_, opts...) 6866 res, err := c.doRequest("json") 6867 if res != nil && res.StatusCode == http.StatusNotModified { 6868 if res.Body != nil { 6869 res.Body.Close() 6870 } 6871 return nil, gensupport.WrapError(&googleapi.Error{ 6872 Code: res.StatusCode, 6873 Header: res.Header, 6874 }) 6875 } 6876 if err != nil { 6877 return nil, err 6878 } 6879 defer googleapi.CloseBody(res) 6880 if err := googleapi.CheckResponse(res); err != nil { 6881 return nil, gensupport.WrapError(err) 6882 } 6883 ret := &SavedQuery{ 6884 ServerResponse: googleapi.ServerResponse{ 6885 Header: res.Header, 6886 HTTPStatusCode: res.StatusCode, 6887 }, 6888 } 6889 target := &ret 6890 if err := gensupport.DecodeResponse(target, res); err != nil { 6891 return nil, err 6892 } 6893 return ret, nil 6894 } 6895 6896 type SavedQueriesDeleteCall struct { 6897 s *Service 6898 name string 6899 urlParams_ gensupport.URLParams 6900 ctx_ context.Context 6901 header_ http.Header 6902 } 6903 6904 // Delete: Deletes a saved query. 6905 // 6906 // - name: The name of the saved query to delete. It must be in the format of: 6907 // - projects/project_number/savedQueries/saved_query_id * 6908 // folders/folder_number/savedQueries/saved_query_id * 6909 // organizations/organization_number/savedQueries/saved_query_id. 6910 func (r *SavedQueriesService) Delete(name string) *SavedQueriesDeleteCall { 6911 c := &SavedQueriesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} 6912 c.name = name 6913 return c 6914 } 6915 6916 // Fields allows partial responses to be retrieved. See 6917 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 6918 // details. 6919 func (c *SavedQueriesDeleteCall) Fields(s ...googleapi.Field) *SavedQueriesDeleteCall { 6920 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 6921 return c 6922 } 6923 6924 // Context sets the context to be used in this call's Do method. 6925 func (c *SavedQueriesDeleteCall) Context(ctx context.Context) *SavedQueriesDeleteCall { 6926 c.ctx_ = ctx 6927 return c 6928 } 6929 6930 // Header returns a http.Header that can be modified by the caller to add 6931 // headers to the request. 6932 func (c *SavedQueriesDeleteCall) Header() http.Header { 6933 if c.header_ == nil { 6934 c.header_ = make(http.Header) 6935 } 6936 return c.header_ 6937 } 6938 6939 func (c *SavedQueriesDeleteCall) doRequest(alt string) (*http.Response, error) { 6940 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 6941 var body io.Reader = nil 6942 c.urlParams_.Set("alt", alt) 6943 c.urlParams_.Set("prettyPrint", "false") 6944 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 6945 urls += "?" + c.urlParams_.Encode() 6946 req, err := http.NewRequest("DELETE", urls, body) 6947 if err != nil { 6948 return nil, err 6949 } 6950 req.Header = reqHeaders 6951 googleapi.Expand(req.URL, map[string]string{ 6952 "name": c.name, 6953 }) 6954 return gensupport.SendRequest(c.ctx_, c.s.client, req) 6955 } 6956 6957 // Do executes the "cloudasset.savedQueries.delete" call. 6958 // Any non-2xx status code is an error. Response headers are in either 6959 // *Empty.ServerResponse.Header or (if a response was returned at all) in 6960 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 6961 // whether the returned error was because http.StatusNotModified was returned. 6962 func (c *SavedQueriesDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) { 6963 gensupport.SetOptions(c.urlParams_, opts...) 6964 res, err := c.doRequest("json") 6965 if res != nil && res.StatusCode == http.StatusNotModified { 6966 if res.Body != nil { 6967 res.Body.Close() 6968 } 6969 return nil, gensupport.WrapError(&googleapi.Error{ 6970 Code: res.StatusCode, 6971 Header: res.Header, 6972 }) 6973 } 6974 if err != nil { 6975 return nil, err 6976 } 6977 defer googleapi.CloseBody(res) 6978 if err := googleapi.CheckResponse(res); err != nil { 6979 return nil, gensupport.WrapError(err) 6980 } 6981 ret := &Empty{ 6982 ServerResponse: googleapi.ServerResponse{ 6983 Header: res.Header, 6984 HTTPStatusCode: res.StatusCode, 6985 }, 6986 } 6987 target := &ret 6988 if err := gensupport.DecodeResponse(target, res); err != nil { 6989 return nil, err 6990 } 6991 return ret, nil 6992 } 6993 6994 type SavedQueriesGetCall struct { 6995 s *Service 6996 name string 6997 urlParams_ gensupport.URLParams 6998 ifNoneMatch_ string 6999 ctx_ context.Context 7000 header_ http.Header 7001 } 7002 7003 // Get: Gets details about a saved query. 7004 // 7005 // - name: The name of the saved query and it must be in the format of: * 7006 // projects/project_number/savedQueries/saved_query_id * 7007 // folders/folder_number/savedQueries/saved_query_id * 7008 // organizations/organization_number/savedQueries/saved_query_id. 7009 func (r *SavedQueriesService) Get(name string) *SavedQueriesGetCall { 7010 c := &SavedQueriesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7011 c.name = name 7012 return c 7013 } 7014 7015 // Fields allows partial responses to be retrieved. See 7016 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 7017 // details. 7018 func (c *SavedQueriesGetCall) Fields(s ...googleapi.Field) *SavedQueriesGetCall { 7019 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7020 return c 7021 } 7022 7023 // IfNoneMatch sets an optional parameter which makes the operation fail if the 7024 // object's ETag matches the given value. This is useful for getting updates 7025 // only after the object has changed since the last request. 7026 func (c *SavedQueriesGetCall) IfNoneMatch(entityTag string) *SavedQueriesGetCall { 7027 c.ifNoneMatch_ = entityTag 7028 return c 7029 } 7030 7031 // Context sets the context to be used in this call's Do method. 7032 func (c *SavedQueriesGetCall) Context(ctx context.Context) *SavedQueriesGetCall { 7033 c.ctx_ = ctx 7034 return c 7035 } 7036 7037 // Header returns a http.Header that can be modified by the caller to add 7038 // headers to the request. 7039 func (c *SavedQueriesGetCall) Header() http.Header { 7040 if c.header_ == nil { 7041 c.header_ = make(http.Header) 7042 } 7043 return c.header_ 7044 } 7045 7046 func (c *SavedQueriesGetCall) doRequest(alt string) (*http.Response, error) { 7047 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 7048 if c.ifNoneMatch_ != "" { 7049 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7050 } 7051 var body io.Reader = nil 7052 c.urlParams_.Set("alt", alt) 7053 c.urlParams_.Set("prettyPrint", "false") 7054 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7055 urls += "?" + c.urlParams_.Encode() 7056 req, err := http.NewRequest("GET", urls, body) 7057 if err != nil { 7058 return nil, err 7059 } 7060 req.Header = reqHeaders 7061 googleapi.Expand(req.URL, map[string]string{ 7062 "name": c.name, 7063 }) 7064 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7065 } 7066 7067 // Do executes the "cloudasset.savedQueries.get" call. 7068 // Any non-2xx status code is an error. Response headers are in either 7069 // *SavedQuery.ServerResponse.Header or (if a response was returned at all) in 7070 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7071 // whether the returned error was because http.StatusNotModified was returned. 7072 func (c *SavedQueriesGetCall) Do(opts ...googleapi.CallOption) (*SavedQuery, error) { 7073 gensupport.SetOptions(c.urlParams_, opts...) 7074 res, err := c.doRequest("json") 7075 if res != nil && res.StatusCode == http.StatusNotModified { 7076 if res.Body != nil { 7077 res.Body.Close() 7078 } 7079 return nil, gensupport.WrapError(&googleapi.Error{ 7080 Code: res.StatusCode, 7081 Header: res.Header, 7082 }) 7083 } 7084 if err != nil { 7085 return nil, err 7086 } 7087 defer googleapi.CloseBody(res) 7088 if err := googleapi.CheckResponse(res); err != nil { 7089 return nil, gensupport.WrapError(err) 7090 } 7091 ret := &SavedQuery{ 7092 ServerResponse: googleapi.ServerResponse{ 7093 Header: res.Header, 7094 HTTPStatusCode: res.StatusCode, 7095 }, 7096 } 7097 target := &ret 7098 if err := gensupport.DecodeResponse(target, res); err != nil { 7099 return nil, err 7100 } 7101 return ret, nil 7102 } 7103 7104 type SavedQueriesListCall struct { 7105 s *Service 7106 parent string 7107 urlParams_ gensupport.URLParams 7108 ifNoneMatch_ string 7109 ctx_ context.Context 7110 header_ http.Header 7111 } 7112 7113 // List: Lists all saved queries in a parent project/folder/organization. 7114 // 7115 // - parent: The parent project/folder/organization whose savedQueries are to 7116 // be listed. It can only be using project/folder/organization number (such 7117 // as "folders/12345")", or a project ID (such as "projects/my-project-id"). 7118 func (r *SavedQueriesService) List(parent string) *SavedQueriesListCall { 7119 c := &SavedQueriesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7120 c.parent = parent 7121 return c 7122 } 7123 7124 // Filter sets the optional parameter "filter": The expression to filter 7125 // resources. The expression is a list of zero or more restrictions combined 7126 // via logical operators `AND` and `OR`. When `AND` and `OR` are both used in 7127 // the expression, parentheses must be appropriately used to group the 7128 // combinations. The expression may also contain regular expressions. See 7129 // https://google.aip.dev/160 for more information on the grammar. 7130 func (c *SavedQueriesListCall) Filter(filter string) *SavedQueriesListCall { 7131 c.urlParams_.Set("filter", filter) 7132 return c 7133 } 7134 7135 // PageSize sets the optional parameter "pageSize": The maximum number of saved 7136 // queries to return per page. The service may return fewer than this value. If 7137 // unspecified, at most 50 will be returned. The maximum value is 1000; values 7138 // above 1000 will be coerced to 1000. 7139 func (c *SavedQueriesListCall) PageSize(pageSize int64) *SavedQueriesListCall { 7140 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 7141 return c 7142 } 7143 7144 // PageToken sets the optional parameter "pageToken": A page token, received 7145 // from a previous `ListSavedQueries` call. Provide this to retrieve the 7146 // subsequent page. When paginating, all other parameters provided to 7147 // `ListSavedQueries` must match the call that provided the page token. 7148 func (c *SavedQueriesListCall) PageToken(pageToken string) *SavedQueriesListCall { 7149 c.urlParams_.Set("pageToken", pageToken) 7150 return c 7151 } 7152 7153 // Fields allows partial responses to be retrieved. See 7154 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 7155 // details. 7156 func (c *SavedQueriesListCall) Fields(s ...googleapi.Field) *SavedQueriesListCall { 7157 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7158 return c 7159 } 7160 7161 // IfNoneMatch sets an optional parameter which makes the operation fail if the 7162 // object's ETag matches the given value. This is useful for getting updates 7163 // only after the object has changed since the last request. 7164 func (c *SavedQueriesListCall) IfNoneMatch(entityTag string) *SavedQueriesListCall { 7165 c.ifNoneMatch_ = entityTag 7166 return c 7167 } 7168 7169 // Context sets the context to be used in this call's Do method. 7170 func (c *SavedQueriesListCall) Context(ctx context.Context) *SavedQueriesListCall { 7171 c.ctx_ = ctx 7172 return c 7173 } 7174 7175 // Header returns a http.Header that can be modified by the caller to add 7176 // headers to the request. 7177 func (c *SavedQueriesListCall) Header() http.Header { 7178 if c.header_ == nil { 7179 c.header_ = make(http.Header) 7180 } 7181 return c.header_ 7182 } 7183 7184 func (c *SavedQueriesListCall) doRequest(alt string) (*http.Response, error) { 7185 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 7186 if c.ifNoneMatch_ != "" { 7187 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7188 } 7189 var body io.Reader = nil 7190 c.urlParams_.Set("alt", alt) 7191 c.urlParams_.Set("prettyPrint", "false") 7192 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/savedQueries") 7193 urls += "?" + c.urlParams_.Encode() 7194 req, err := http.NewRequest("GET", urls, body) 7195 if err != nil { 7196 return nil, err 7197 } 7198 req.Header = reqHeaders 7199 googleapi.Expand(req.URL, map[string]string{ 7200 "parent": c.parent, 7201 }) 7202 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7203 } 7204 7205 // Do executes the "cloudasset.savedQueries.list" call. 7206 // Any non-2xx status code is an error. Response headers are in either 7207 // *ListSavedQueriesResponse.ServerResponse.Header or (if a response was 7208 // returned at all) in error.(*googleapi.Error).Header. Use 7209 // googleapi.IsNotModified to check whether the returned error was because 7210 // http.StatusNotModified was returned. 7211 func (c *SavedQueriesListCall) Do(opts ...googleapi.CallOption) (*ListSavedQueriesResponse, error) { 7212 gensupport.SetOptions(c.urlParams_, opts...) 7213 res, err := c.doRequest("json") 7214 if res != nil && res.StatusCode == http.StatusNotModified { 7215 if res.Body != nil { 7216 res.Body.Close() 7217 } 7218 return nil, gensupport.WrapError(&googleapi.Error{ 7219 Code: res.StatusCode, 7220 Header: res.Header, 7221 }) 7222 } 7223 if err != nil { 7224 return nil, err 7225 } 7226 defer googleapi.CloseBody(res) 7227 if err := googleapi.CheckResponse(res); err != nil { 7228 return nil, gensupport.WrapError(err) 7229 } 7230 ret := &ListSavedQueriesResponse{ 7231 ServerResponse: googleapi.ServerResponse{ 7232 Header: res.Header, 7233 HTTPStatusCode: res.StatusCode, 7234 }, 7235 } 7236 target := &ret 7237 if err := gensupport.DecodeResponse(target, res); err != nil { 7238 return nil, err 7239 } 7240 return ret, nil 7241 } 7242 7243 // Pages invokes f for each page of results. 7244 // A non-nil error returned from f will halt the iteration. 7245 // The provided context supersedes any context provided to the Context method. 7246 func (c *SavedQueriesListCall) Pages(ctx context.Context, f func(*ListSavedQueriesResponse) error) error { 7247 c.ctx_ = ctx 7248 defer c.PageToken(c.urlParams_.Get("pageToken")) 7249 for { 7250 x, err := c.Do() 7251 if err != nil { 7252 return err 7253 } 7254 if err := f(x); err != nil { 7255 return err 7256 } 7257 if x.NextPageToken == "" { 7258 return nil 7259 } 7260 c.PageToken(x.NextPageToken) 7261 } 7262 } 7263 7264 type SavedQueriesPatchCall struct { 7265 s *Service 7266 name string 7267 savedquery *SavedQuery 7268 urlParams_ gensupport.URLParams 7269 ctx_ context.Context 7270 header_ http.Header 7271 } 7272 7273 // Patch: Updates a saved query. 7274 // 7275 // - name: The resource name of the saved query. The format must be: * 7276 // projects/project_number/savedQueries/saved_query_id * 7277 // folders/folder_number/savedQueries/saved_query_id * 7278 // organizations/organization_number/savedQueries/saved_query_id. 7279 func (r *SavedQueriesService) Patch(name string, savedquery *SavedQuery) *SavedQueriesPatchCall { 7280 c := &SavedQueriesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7281 c.name = name 7282 c.savedquery = savedquery 7283 return c 7284 } 7285 7286 // UpdateMask sets the optional parameter "updateMask": Required. The list of 7287 // fields to update. 7288 func (c *SavedQueriesPatchCall) UpdateMask(updateMask string) *SavedQueriesPatchCall { 7289 c.urlParams_.Set("updateMask", updateMask) 7290 return c 7291 } 7292 7293 // Fields allows partial responses to be retrieved. See 7294 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 7295 // details. 7296 func (c *SavedQueriesPatchCall) Fields(s ...googleapi.Field) *SavedQueriesPatchCall { 7297 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7298 return c 7299 } 7300 7301 // Context sets the context to be used in this call's Do method. 7302 func (c *SavedQueriesPatchCall) Context(ctx context.Context) *SavedQueriesPatchCall { 7303 c.ctx_ = ctx 7304 return c 7305 } 7306 7307 // Header returns a http.Header that can be modified by the caller to add 7308 // headers to the request. 7309 func (c *SavedQueriesPatchCall) Header() http.Header { 7310 if c.header_ == nil { 7311 c.header_ = make(http.Header) 7312 } 7313 return c.header_ 7314 } 7315 7316 func (c *SavedQueriesPatchCall) doRequest(alt string) (*http.Response, error) { 7317 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) 7318 var body io.Reader = nil 7319 body, err := googleapi.WithoutDataWrapper.JSONReader(c.savedquery) 7320 if err != nil { 7321 return nil, err 7322 } 7323 c.urlParams_.Set("alt", alt) 7324 c.urlParams_.Set("prettyPrint", "false") 7325 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}") 7326 urls += "?" + c.urlParams_.Encode() 7327 req, err := http.NewRequest("PATCH", urls, body) 7328 if err != nil { 7329 return nil, err 7330 } 7331 req.Header = reqHeaders 7332 googleapi.Expand(req.URL, map[string]string{ 7333 "name": c.name, 7334 }) 7335 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7336 } 7337 7338 // Do executes the "cloudasset.savedQueries.patch" call. 7339 // Any non-2xx status code is an error. Response headers are in either 7340 // *SavedQuery.ServerResponse.Header or (if a response was returned at all) in 7341 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7342 // whether the returned error was because http.StatusNotModified was returned. 7343 func (c *SavedQueriesPatchCall) Do(opts ...googleapi.CallOption) (*SavedQuery, error) { 7344 gensupport.SetOptions(c.urlParams_, opts...) 7345 res, err := c.doRequest("json") 7346 if res != nil && res.StatusCode == http.StatusNotModified { 7347 if res.Body != nil { 7348 res.Body.Close() 7349 } 7350 return nil, gensupport.WrapError(&googleapi.Error{ 7351 Code: res.StatusCode, 7352 Header: res.Header, 7353 }) 7354 } 7355 if err != nil { 7356 return nil, err 7357 } 7358 defer googleapi.CloseBody(res) 7359 if err := googleapi.CheckResponse(res); err != nil { 7360 return nil, gensupport.WrapError(err) 7361 } 7362 ret := &SavedQuery{ 7363 ServerResponse: googleapi.ServerResponse{ 7364 Header: res.Header, 7365 HTTPStatusCode: res.StatusCode, 7366 }, 7367 } 7368 target := &ret 7369 if err := gensupport.DecodeResponse(target, res); err != nil { 7370 return nil, err 7371 } 7372 return ret, nil 7373 } 7374 7375 type V1AnalyzeIamPolicyCall struct { 7376 s *Service 7377 scope string 7378 urlParams_ gensupport.URLParams 7379 ifNoneMatch_ string 7380 ctx_ context.Context 7381 header_ http.Header 7382 } 7383 7384 // AnalyzeIamPolicy: Analyzes IAM policies to answer which identities have what 7385 // accesses on which resources. 7386 // 7387 // - scope: The relative name of the root asset. Only resources and IAM 7388 // policies within the scope will be analyzed. This can only be an 7389 // organization number (such as "organizations/123"), a folder number (such 7390 // as "folders/123"), a project ID (such as "projects/my-project-id"), or a 7391 // project number (such as "projects/12345"). To know how to get organization 7392 // ID, visit here 7393 // (https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). 7394 // To know how to get folder or project ID, visit here 7395 // (https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). 7396 func (r *V1Service) AnalyzeIamPolicy(scope string) *V1AnalyzeIamPolicyCall { 7397 c := &V1AnalyzeIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7398 c.scope = scope 7399 return c 7400 } 7401 7402 // AnalysisQueryAccessSelectorPermissions sets the optional parameter 7403 // "analysisQuery.accessSelector.permissions": The permissions to appear in 7404 // result. 7405 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryAccessSelectorPermissions(analysisQueryAccessSelectorPermissions ...string) *V1AnalyzeIamPolicyCall { 7406 c.urlParams_.SetMulti("analysisQuery.accessSelector.permissions", append([]string{}, analysisQueryAccessSelectorPermissions...)) 7407 return c 7408 } 7409 7410 // AnalysisQueryAccessSelectorRoles sets the optional parameter 7411 // "analysisQuery.accessSelector.roles": The roles to appear in result. 7412 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryAccessSelectorRoles(analysisQueryAccessSelectorRoles ...string) *V1AnalyzeIamPolicyCall { 7413 c.urlParams_.SetMulti("analysisQuery.accessSelector.roles", append([]string{}, analysisQueryAccessSelectorRoles...)) 7414 return c 7415 } 7416 7417 // AnalysisQueryConditionContextAccessTime sets the optional parameter 7418 // "analysisQuery.conditionContext.accessTime": The hypothetical access 7419 // timestamp to evaluate IAM conditions. Note that this value must not be 7420 // earlier than the current time; otherwise, an INVALID_ARGUMENT error will be 7421 // returned. 7422 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryConditionContextAccessTime(analysisQueryConditionContextAccessTime string) *V1AnalyzeIamPolicyCall { 7423 c.urlParams_.Set("analysisQuery.conditionContext.accessTime", analysisQueryConditionContextAccessTime) 7424 return c 7425 } 7426 7427 // AnalysisQueryIdentitySelectorIdentity sets the optional parameter 7428 // "analysisQuery.identitySelector.identity": Required. The identity appear in 7429 // the form of principals in IAM policy binding 7430 // (https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of 7431 // supported forms are: "user:mike@example.com", "group:admins@example.com", 7432 // "domain:google.com", 7433 // "serviceAccount:my-project-id@appspot.gserviceaccount.com". Notice that 7434 // wildcard characters (such as * and ?) are not supported. You must give a 7435 // specific identity. 7436 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryIdentitySelectorIdentity(analysisQueryIdentitySelectorIdentity string) *V1AnalyzeIamPolicyCall { 7437 c.urlParams_.Set("analysisQuery.identitySelector.identity", analysisQueryIdentitySelectorIdentity) 7438 return c 7439 } 7440 7441 // AnalysisQueryOptionsAnalyzeServiceAccountImpersonation sets the optional 7442 // parameter "analysisQuery.options.analyzeServiceAccountImpersonation": If 7443 // true, the response will include access analysis from identities to resources 7444 // via service account impersonation. This is a very expensive operation, 7445 // because many derived queries will be executed. We highly recommend you use 7446 // AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, if the 7447 // request analyzes for which resources user A has permission P, and there's an 7448 // IAM policy states user A has iam.serviceAccounts.getAccessToken permission 7449 // to a service account SA, and there's another IAM policy states service 7450 // account SA has permission P to a Google Cloud folder F, then user A 7451 // potentially has access to the Google Cloud folder F. And those advanced 7452 // analysis results will be included in 7453 // AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another 7454 // example, if the request analyzes for who has permission P to a Google Cloud 7455 // folder F, and there's an IAM policy states user A has 7456 // iam.serviceAccounts.actAs permission to a service account SA, and there's 7457 // another IAM policy states service account SA has permission P to the Google 7458 // Cloud folder F, then user A potentially has access to the Google Cloud 7459 // folder F. And those advanced analysis results will be included in 7460 // AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Only the 7461 // following permissions are considered in this analysis: * 7462 // `iam.serviceAccounts.actAs` * `iam.serviceAccounts.signBlob` * 7463 // `iam.serviceAccounts.signJwt` * `iam.serviceAccounts.getAccessToken` * 7464 // `iam.serviceAccounts.getOpenIdToken` * 7465 // `iam.serviceAccounts.implicitDelegation` Default is false. 7466 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsAnalyzeServiceAccountImpersonation(analysisQueryOptionsAnalyzeServiceAccountImpersonation bool) *V1AnalyzeIamPolicyCall { 7467 c.urlParams_.Set("analysisQuery.options.analyzeServiceAccountImpersonation", fmt.Sprint(analysisQueryOptionsAnalyzeServiceAccountImpersonation)) 7468 return c 7469 } 7470 7471 // AnalysisQueryOptionsExpandGroups sets the optional parameter 7472 // "analysisQuery.options.expandGroups": If true, the identities section of the 7473 // result will expand any Google groups appearing in an IAM policy binding. If 7474 // IamPolicyAnalysisQuery.identity_selector is specified, the identity in the 7475 // result will be determined by the selector, and this flag is not allowed to 7476 // set. If true, the default max expansion per group is 1000 for 7477 // AssetService.AnalyzeIamPolicy][]. Default is false. 7478 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsExpandGroups(analysisQueryOptionsExpandGroups bool) *V1AnalyzeIamPolicyCall { 7479 c.urlParams_.Set("analysisQuery.options.expandGroups", fmt.Sprint(analysisQueryOptionsExpandGroups)) 7480 return c 7481 } 7482 7483 // AnalysisQueryOptionsExpandResources sets the optional parameter 7484 // "analysisQuery.options.expandResources": If true and 7485 // IamPolicyAnalysisQuery.resource_selector is not specified, the resource 7486 // section of the result will expand any resource attached to an IAM policy to 7487 // include resources lower in the resource hierarchy. For example, if the 7488 // request analyzes for which resources user A has permission P, and the 7489 // results include an IAM policy with P on a Google Cloud folder, the results 7490 // will also include resources in that folder with permission P. If true and 7491 // IamPolicyAnalysisQuery.resource_selector is specified, the resource section 7492 // of the result will expand the specified resource to include resources lower 7493 // in the resource hierarchy. Only project or lower resources are supported. 7494 // Folder and organization resources cannot be used together with this option. 7495 // For example, if the request analyzes for which users have permission P on a 7496 // Google Cloud project with this option enabled, the results will include all 7497 // users who have permission P on that project or any lower resource. If true, 7498 // the default max expansion per resource is 1000 for 7499 // AssetService.AnalyzeIamPolicy][] and 100000 for 7500 // AssetService.AnalyzeIamPolicyLongrunning][]. Default is false. 7501 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsExpandResources(analysisQueryOptionsExpandResources bool) *V1AnalyzeIamPolicyCall { 7502 c.urlParams_.Set("analysisQuery.options.expandResources", fmt.Sprint(analysisQueryOptionsExpandResources)) 7503 return c 7504 } 7505 7506 // AnalysisQueryOptionsExpandRoles sets the optional parameter 7507 // "analysisQuery.options.expandRoles": If true, the access section of result 7508 // will expand any roles appearing in IAM policy bindings to include their 7509 // permissions. If IamPolicyAnalysisQuery.access_selector is specified, the 7510 // access section of the result will be determined by the selector, and this 7511 // flag is not allowed to set. Default is false. 7512 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsExpandRoles(analysisQueryOptionsExpandRoles bool) *V1AnalyzeIamPolicyCall { 7513 c.urlParams_.Set("analysisQuery.options.expandRoles", fmt.Sprint(analysisQueryOptionsExpandRoles)) 7514 return c 7515 } 7516 7517 // AnalysisQueryOptionsOutputGroupEdges sets the optional parameter 7518 // "analysisQuery.options.outputGroupEdges": If true, the result will output 7519 // the relevant membership relationships between groups and other groups, and 7520 // between groups and principals. Default is false. 7521 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsOutputGroupEdges(analysisQueryOptionsOutputGroupEdges bool) *V1AnalyzeIamPolicyCall { 7522 c.urlParams_.Set("analysisQuery.options.outputGroupEdges", fmt.Sprint(analysisQueryOptionsOutputGroupEdges)) 7523 return c 7524 } 7525 7526 // AnalysisQueryOptionsOutputResourceEdges sets the optional parameter 7527 // "analysisQuery.options.outputResourceEdges": If true, the result will output 7528 // the relevant parent/child relationships between resources. Default is false. 7529 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryOptionsOutputResourceEdges(analysisQueryOptionsOutputResourceEdges bool) *V1AnalyzeIamPolicyCall { 7530 c.urlParams_.Set("analysisQuery.options.outputResourceEdges", fmt.Sprint(analysisQueryOptionsOutputResourceEdges)) 7531 return c 7532 } 7533 7534 // AnalysisQueryResourceSelectorFullResourceName sets the optional parameter 7535 // "analysisQuery.resourceSelector.fullResourceName": Required. The [full 7536 // resource name] 7537 // (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a 7538 // resource of supported resource types 7539 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types). 7540 func (c *V1AnalyzeIamPolicyCall) AnalysisQueryResourceSelectorFullResourceName(analysisQueryResourceSelectorFullResourceName string) *V1AnalyzeIamPolicyCall { 7541 c.urlParams_.Set("analysisQuery.resourceSelector.fullResourceName", analysisQueryResourceSelectorFullResourceName) 7542 return c 7543 } 7544 7545 // ExecutionTimeout sets the optional parameter "executionTimeout": Amount of 7546 // time executable has to complete. See JSON representation of Duration 7547 // (https://developers.google.com/protocol-buffers/docs/proto3#json). If this 7548 // field is set with a value less than the RPC deadline, and the execution of 7549 // your query hasn't finished in the specified execution timeout, you will get 7550 // a response with partial result. Otherwise, your query's execution will 7551 // continue until the RPC deadline. If it's not finished until then, you will 7552 // get a DEADLINE_EXCEEDED error. Default is empty. 7553 func (c *V1AnalyzeIamPolicyCall) ExecutionTimeout(executionTimeout string) *V1AnalyzeIamPolicyCall { 7554 c.urlParams_.Set("executionTimeout", executionTimeout) 7555 return c 7556 } 7557 7558 // SavedAnalysisQuery sets the optional parameter "savedAnalysisQuery": The 7559 // name of a saved query, which must be in the format of: * 7560 // projects/project_number/savedQueries/saved_query_id * 7561 // folders/folder_number/savedQueries/saved_query_id * 7562 // organizations/organization_number/savedQueries/saved_query_id If both 7563 // `analysis_query` and `saved_analysis_query` are provided, they will be 7564 // merged together with the `saved_analysis_query` as base and the 7565 // `analysis_query` as overrides. For more details of the merge behavior, refer 7566 // to the MergeFrom 7567 // (https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.message#Message.MergeFrom.details) 7568 // page. Note that you cannot override primitive fields with default value, 7569 // such as 0 or empty string, etc., because we use proto3, which doesn't 7570 // support field presence yet. 7571 func (c *V1AnalyzeIamPolicyCall) SavedAnalysisQuery(savedAnalysisQuery string) *V1AnalyzeIamPolicyCall { 7572 c.urlParams_.Set("savedAnalysisQuery", savedAnalysisQuery) 7573 return c 7574 } 7575 7576 // Fields allows partial responses to be retrieved. See 7577 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 7578 // details. 7579 func (c *V1AnalyzeIamPolicyCall) Fields(s ...googleapi.Field) *V1AnalyzeIamPolicyCall { 7580 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7581 return c 7582 } 7583 7584 // IfNoneMatch sets an optional parameter which makes the operation fail if the 7585 // object's ETag matches the given value. This is useful for getting updates 7586 // only after the object has changed since the last request. 7587 func (c *V1AnalyzeIamPolicyCall) IfNoneMatch(entityTag string) *V1AnalyzeIamPolicyCall { 7588 c.ifNoneMatch_ = entityTag 7589 return c 7590 } 7591 7592 // Context sets the context to be used in this call's Do method. 7593 func (c *V1AnalyzeIamPolicyCall) Context(ctx context.Context) *V1AnalyzeIamPolicyCall { 7594 c.ctx_ = ctx 7595 return c 7596 } 7597 7598 // Header returns a http.Header that can be modified by the caller to add 7599 // headers to the request. 7600 func (c *V1AnalyzeIamPolicyCall) Header() http.Header { 7601 if c.header_ == nil { 7602 c.header_ = make(http.Header) 7603 } 7604 return c.header_ 7605 } 7606 7607 func (c *V1AnalyzeIamPolicyCall) doRequest(alt string) (*http.Response, error) { 7608 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 7609 if c.ifNoneMatch_ != "" { 7610 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7611 } 7612 var body io.Reader = nil 7613 c.urlParams_.Set("alt", alt) 7614 c.urlParams_.Set("prettyPrint", "false") 7615 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:analyzeIamPolicy") 7616 urls += "?" + c.urlParams_.Encode() 7617 req, err := http.NewRequest("GET", urls, body) 7618 if err != nil { 7619 return nil, err 7620 } 7621 req.Header = reqHeaders 7622 googleapi.Expand(req.URL, map[string]string{ 7623 "scope": c.scope, 7624 }) 7625 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7626 } 7627 7628 // Do executes the "cloudasset.analyzeIamPolicy" call. 7629 // Any non-2xx status code is an error. Response headers are in either 7630 // *AnalyzeIamPolicyResponse.ServerResponse.Header or (if a response was 7631 // returned at all) in error.(*googleapi.Error).Header. Use 7632 // googleapi.IsNotModified to check whether the returned error was because 7633 // http.StatusNotModified was returned. 7634 func (c *V1AnalyzeIamPolicyCall) Do(opts ...googleapi.CallOption) (*AnalyzeIamPolicyResponse, error) { 7635 gensupport.SetOptions(c.urlParams_, opts...) 7636 res, err := c.doRequest("json") 7637 if res != nil && res.StatusCode == http.StatusNotModified { 7638 if res.Body != nil { 7639 res.Body.Close() 7640 } 7641 return nil, gensupport.WrapError(&googleapi.Error{ 7642 Code: res.StatusCode, 7643 Header: res.Header, 7644 }) 7645 } 7646 if err != nil { 7647 return nil, err 7648 } 7649 defer googleapi.CloseBody(res) 7650 if err := googleapi.CheckResponse(res); err != nil { 7651 return nil, gensupport.WrapError(err) 7652 } 7653 ret := &AnalyzeIamPolicyResponse{ 7654 ServerResponse: googleapi.ServerResponse{ 7655 Header: res.Header, 7656 HTTPStatusCode: res.StatusCode, 7657 }, 7658 } 7659 target := &ret 7660 if err := gensupport.DecodeResponse(target, res); err != nil { 7661 return nil, err 7662 } 7663 return ret, nil 7664 } 7665 7666 type V1AnalyzeIamPolicyLongrunningCall struct { 7667 s *Service 7668 scope string 7669 analyzeiampolicylongrunningrequest *AnalyzeIamPolicyLongrunningRequest 7670 urlParams_ gensupport.URLParams 7671 ctx_ context.Context 7672 header_ http.Header 7673 } 7674 7675 // AnalyzeIamPolicyLongrunning: Analyzes IAM policies asynchronously to answer 7676 // which identities have what accesses on which resources, and writes the 7677 // analysis results to a Google Cloud Storage or a BigQuery destination. For 7678 // Cloud Storage destination, the output format is the JSON format that 7679 // represents a AnalyzeIamPolicyResponse. This method implements the 7680 // google.longrunning.Operation, which allows you to track the operation 7681 // status. We recommend intervals of at least 2 seconds with exponential 7682 // backoff retry to poll the operation result. The metadata contains the 7683 // metadata for the long-running operation. 7684 // 7685 // - scope: The relative name of the root asset. Only resources and IAM 7686 // policies within the scope will be analyzed. This can only be an 7687 // organization number (such as "organizations/123"), a folder number (such 7688 // as "folders/123"), a project ID (such as "projects/my-project-id"), or a 7689 // project number (such as "projects/12345"). To know how to get organization 7690 // ID, visit here 7691 // (https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). 7692 // To know how to get folder or project ID, visit here 7693 // (https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects). 7694 func (r *V1Service) AnalyzeIamPolicyLongrunning(scope string, analyzeiampolicylongrunningrequest *AnalyzeIamPolicyLongrunningRequest) *V1AnalyzeIamPolicyLongrunningCall { 7695 c := &V1AnalyzeIamPolicyLongrunningCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7696 c.scope = scope 7697 c.analyzeiampolicylongrunningrequest = analyzeiampolicylongrunningrequest 7698 return c 7699 } 7700 7701 // Fields allows partial responses to be retrieved. See 7702 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 7703 // details. 7704 func (c *V1AnalyzeIamPolicyLongrunningCall) Fields(s ...googleapi.Field) *V1AnalyzeIamPolicyLongrunningCall { 7705 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7706 return c 7707 } 7708 7709 // Context sets the context to be used in this call's Do method. 7710 func (c *V1AnalyzeIamPolicyLongrunningCall) Context(ctx context.Context) *V1AnalyzeIamPolicyLongrunningCall { 7711 c.ctx_ = ctx 7712 return c 7713 } 7714 7715 // Header returns a http.Header that can be modified by the caller to add 7716 // headers to the request. 7717 func (c *V1AnalyzeIamPolicyLongrunningCall) Header() http.Header { 7718 if c.header_ == nil { 7719 c.header_ = make(http.Header) 7720 } 7721 return c.header_ 7722 } 7723 7724 func (c *V1AnalyzeIamPolicyLongrunningCall) doRequest(alt string) (*http.Response, error) { 7725 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) 7726 var body io.Reader = nil 7727 body, err := googleapi.WithoutDataWrapper.JSONReader(c.analyzeiampolicylongrunningrequest) 7728 if err != nil { 7729 return nil, err 7730 } 7731 c.urlParams_.Set("alt", alt) 7732 c.urlParams_.Set("prettyPrint", "false") 7733 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:analyzeIamPolicyLongrunning") 7734 urls += "?" + c.urlParams_.Encode() 7735 req, err := http.NewRequest("POST", urls, body) 7736 if err != nil { 7737 return nil, err 7738 } 7739 req.Header = reqHeaders 7740 googleapi.Expand(req.URL, map[string]string{ 7741 "scope": c.scope, 7742 }) 7743 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7744 } 7745 7746 // Do executes the "cloudasset.analyzeIamPolicyLongrunning" call. 7747 // Any non-2xx status code is an error. Response headers are in either 7748 // *Operation.ServerResponse.Header or (if a response was returned at all) in 7749 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 7750 // whether the returned error was because http.StatusNotModified was returned. 7751 func (c *V1AnalyzeIamPolicyLongrunningCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 7752 gensupport.SetOptions(c.urlParams_, opts...) 7753 res, err := c.doRequest("json") 7754 if res != nil && res.StatusCode == http.StatusNotModified { 7755 if res.Body != nil { 7756 res.Body.Close() 7757 } 7758 return nil, gensupport.WrapError(&googleapi.Error{ 7759 Code: res.StatusCode, 7760 Header: res.Header, 7761 }) 7762 } 7763 if err != nil { 7764 return nil, err 7765 } 7766 defer googleapi.CloseBody(res) 7767 if err := googleapi.CheckResponse(res); err != nil { 7768 return nil, gensupport.WrapError(err) 7769 } 7770 ret := &Operation{ 7771 ServerResponse: googleapi.ServerResponse{ 7772 Header: res.Header, 7773 HTTPStatusCode: res.StatusCode, 7774 }, 7775 } 7776 target := &ret 7777 if err := gensupport.DecodeResponse(target, res); err != nil { 7778 return nil, err 7779 } 7780 return ret, nil 7781 } 7782 7783 type V1AnalyzeMoveCall struct { 7784 s *Service 7785 resource string 7786 urlParams_ gensupport.URLParams 7787 ifNoneMatch_ string 7788 ctx_ context.Context 7789 header_ http.Header 7790 } 7791 7792 // AnalyzeMove: Analyze moving a resource to a specified destination without 7793 // kicking off the actual move. The analysis is best effort depending on the 7794 // user's permissions of viewing different hierarchical policies and 7795 // configurations. The policies and configuration are subject to change before 7796 // the actual resource migration takes place. 7797 // 7798 // - resource: Name of the resource to perform the analysis against. Only 7799 // Google Cloud projects are supported as of today. Hence, this can only be a 7800 // project ID (such as "projects/my-project-id") or a project number (such as 7801 // "projects/12345"). 7802 func (r *V1Service) AnalyzeMove(resource string) *V1AnalyzeMoveCall { 7803 c := &V1AnalyzeMoveCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7804 c.resource = resource 7805 return c 7806 } 7807 7808 // DestinationParent sets the optional parameter "destinationParent": Required. 7809 // Name of the Google Cloud folder or organization to reparent the target 7810 // resource. The analysis will be performed against hypothetically moving the 7811 // resource to this specified desitination parent. This can only be a folder 7812 // number (such as "folders/123") or an organization number (such as 7813 // "organizations/123"). 7814 func (c *V1AnalyzeMoveCall) DestinationParent(destinationParent string) *V1AnalyzeMoveCall { 7815 c.urlParams_.Set("destinationParent", destinationParent) 7816 return c 7817 } 7818 7819 // View sets the optional parameter "view": Analysis view indicating what 7820 // information should be included in the analysis response. If unspecified, the 7821 // default view is FULL. 7822 // 7823 // Possible values: 7824 // 7825 // "ANALYSIS_VIEW_UNSPECIFIED" - The default/unset value. The API will 7826 // 7827 // default to the FULL view. 7828 // 7829 // "FULL" - Full analysis including all level of impacts of the specified 7830 // 7831 // resource move. 7832 // 7833 // "BASIC" - Basic analysis only including blockers which will prevent the 7834 // 7835 // specified resource move at runtime. 7836 func (c *V1AnalyzeMoveCall) View(view string) *V1AnalyzeMoveCall { 7837 c.urlParams_.Set("view", view) 7838 return c 7839 } 7840 7841 // Fields allows partial responses to be retrieved. See 7842 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 7843 // details. 7844 func (c *V1AnalyzeMoveCall) Fields(s ...googleapi.Field) *V1AnalyzeMoveCall { 7845 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7846 return c 7847 } 7848 7849 // IfNoneMatch sets an optional parameter which makes the operation fail if the 7850 // object's ETag matches the given value. This is useful for getting updates 7851 // only after the object has changed since the last request. 7852 func (c *V1AnalyzeMoveCall) IfNoneMatch(entityTag string) *V1AnalyzeMoveCall { 7853 c.ifNoneMatch_ = entityTag 7854 return c 7855 } 7856 7857 // Context sets the context to be used in this call's Do method. 7858 func (c *V1AnalyzeMoveCall) Context(ctx context.Context) *V1AnalyzeMoveCall { 7859 c.ctx_ = ctx 7860 return c 7861 } 7862 7863 // Header returns a http.Header that can be modified by the caller to add 7864 // headers to the request. 7865 func (c *V1AnalyzeMoveCall) Header() http.Header { 7866 if c.header_ == nil { 7867 c.header_ = make(http.Header) 7868 } 7869 return c.header_ 7870 } 7871 7872 func (c *V1AnalyzeMoveCall) doRequest(alt string) (*http.Response, error) { 7873 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 7874 if c.ifNoneMatch_ != "" { 7875 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 7876 } 7877 var body io.Reader = nil 7878 c.urlParams_.Set("alt", alt) 7879 c.urlParams_.Set("prettyPrint", "false") 7880 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:analyzeMove") 7881 urls += "?" + c.urlParams_.Encode() 7882 req, err := http.NewRequest("GET", urls, body) 7883 if err != nil { 7884 return nil, err 7885 } 7886 req.Header = reqHeaders 7887 googleapi.Expand(req.URL, map[string]string{ 7888 "resource": c.resource, 7889 }) 7890 return gensupport.SendRequest(c.ctx_, c.s.client, req) 7891 } 7892 7893 // Do executes the "cloudasset.analyzeMove" call. 7894 // Any non-2xx status code is an error. Response headers are in either 7895 // *AnalyzeMoveResponse.ServerResponse.Header or (if a response was returned at 7896 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 7897 // check whether the returned error was because http.StatusNotModified was 7898 // returned. 7899 func (c *V1AnalyzeMoveCall) Do(opts ...googleapi.CallOption) (*AnalyzeMoveResponse, error) { 7900 gensupport.SetOptions(c.urlParams_, opts...) 7901 res, err := c.doRequest("json") 7902 if res != nil && res.StatusCode == http.StatusNotModified { 7903 if res.Body != nil { 7904 res.Body.Close() 7905 } 7906 return nil, gensupport.WrapError(&googleapi.Error{ 7907 Code: res.StatusCode, 7908 Header: res.Header, 7909 }) 7910 } 7911 if err != nil { 7912 return nil, err 7913 } 7914 defer googleapi.CloseBody(res) 7915 if err := googleapi.CheckResponse(res); err != nil { 7916 return nil, gensupport.WrapError(err) 7917 } 7918 ret := &AnalyzeMoveResponse{ 7919 ServerResponse: googleapi.ServerResponse{ 7920 Header: res.Header, 7921 HTTPStatusCode: res.StatusCode, 7922 }, 7923 } 7924 target := &ret 7925 if err := gensupport.DecodeResponse(target, res); err != nil { 7926 return nil, err 7927 } 7928 return ret, nil 7929 } 7930 7931 type V1AnalyzeOrgPoliciesCall struct { 7932 s *Service 7933 scope string 7934 urlParams_ gensupport.URLParams 7935 ifNoneMatch_ string 7936 ctx_ context.Context 7937 header_ http.Header 7938 } 7939 7940 // AnalyzeOrgPolicies: Analyzes organization policies under a scope. 7941 // 7942 // - scope: The organization to scope the request. Only organization policies 7943 // within the scope will be analyzed. * organizations/{ORGANIZATION_NUMBER} 7944 // (e.g., "organizations/123456"). 7945 func (r *V1Service) AnalyzeOrgPolicies(scope string) *V1AnalyzeOrgPoliciesCall { 7946 c := &V1AnalyzeOrgPoliciesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 7947 c.scope = scope 7948 return c 7949 } 7950 7951 // Constraint sets the optional parameter "constraint": Required. The name of 7952 // the constraint to analyze organization policies for. The response only 7953 // contains analyzed organization policies for the provided constraint. 7954 func (c *V1AnalyzeOrgPoliciesCall) Constraint(constraint string) *V1AnalyzeOrgPoliciesCall { 7955 c.urlParams_.Set("constraint", constraint) 7956 return c 7957 } 7958 7959 // Filter sets the optional parameter "filter": The expression to filter 7960 // AnalyzeOrgPoliciesResponse.org_policy_results. Filtering is currently 7961 // available for bare literal values and the following fields: * 7962 // consolidated_policy.attached_resource * consolidated_policy.rules.enforce 7963 // When filtering by a specific field, the only supported operator is `=`. For 7964 // example, filtering by 7965 // consolidated_policy.attached_resource="//cloudresourcemanager.googleapis.com/ 7966 // folders/001" will return all the Organization Policy results attached to 7967 // "folders/001". 7968 func (c *V1AnalyzeOrgPoliciesCall) Filter(filter string) *V1AnalyzeOrgPoliciesCall { 7969 c.urlParams_.Set("filter", filter) 7970 return c 7971 } 7972 7973 // PageSize sets the optional parameter "pageSize": The maximum number of items 7974 // to return per page. If unspecified, 7975 // AnalyzeOrgPoliciesResponse.org_policy_results will contain 20 items with a 7976 // maximum of 200. 7977 func (c *V1AnalyzeOrgPoliciesCall) PageSize(pageSize int64) *V1AnalyzeOrgPoliciesCall { 7978 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 7979 return c 7980 } 7981 7982 // PageToken sets the optional parameter "pageToken": The pagination token to 7983 // retrieve the next page. 7984 func (c *V1AnalyzeOrgPoliciesCall) PageToken(pageToken string) *V1AnalyzeOrgPoliciesCall { 7985 c.urlParams_.Set("pageToken", pageToken) 7986 return c 7987 } 7988 7989 // Fields allows partial responses to be retrieved. See 7990 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 7991 // details. 7992 func (c *V1AnalyzeOrgPoliciesCall) Fields(s ...googleapi.Field) *V1AnalyzeOrgPoliciesCall { 7993 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 7994 return c 7995 } 7996 7997 // IfNoneMatch sets an optional parameter which makes the operation fail if the 7998 // object's ETag matches the given value. This is useful for getting updates 7999 // only after the object has changed since the last request. 8000 func (c *V1AnalyzeOrgPoliciesCall) IfNoneMatch(entityTag string) *V1AnalyzeOrgPoliciesCall { 8001 c.ifNoneMatch_ = entityTag 8002 return c 8003 } 8004 8005 // Context sets the context to be used in this call's Do method. 8006 func (c *V1AnalyzeOrgPoliciesCall) Context(ctx context.Context) *V1AnalyzeOrgPoliciesCall { 8007 c.ctx_ = ctx 8008 return c 8009 } 8010 8011 // Header returns a http.Header that can be modified by the caller to add 8012 // headers to the request. 8013 func (c *V1AnalyzeOrgPoliciesCall) Header() http.Header { 8014 if c.header_ == nil { 8015 c.header_ = make(http.Header) 8016 } 8017 return c.header_ 8018 } 8019 8020 func (c *V1AnalyzeOrgPoliciesCall) doRequest(alt string) (*http.Response, error) { 8021 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 8022 if c.ifNoneMatch_ != "" { 8023 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8024 } 8025 var body io.Reader = nil 8026 c.urlParams_.Set("alt", alt) 8027 c.urlParams_.Set("prettyPrint", "false") 8028 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:analyzeOrgPolicies") 8029 urls += "?" + c.urlParams_.Encode() 8030 req, err := http.NewRequest("GET", urls, body) 8031 if err != nil { 8032 return nil, err 8033 } 8034 req.Header = reqHeaders 8035 googleapi.Expand(req.URL, map[string]string{ 8036 "scope": c.scope, 8037 }) 8038 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8039 } 8040 8041 // Do executes the "cloudasset.analyzeOrgPolicies" call. 8042 // Any non-2xx status code is an error. Response headers are in either 8043 // *AnalyzeOrgPoliciesResponse.ServerResponse.Header or (if a response was 8044 // returned at all) in error.(*googleapi.Error).Header. Use 8045 // googleapi.IsNotModified to check whether the returned error was because 8046 // http.StatusNotModified was returned. 8047 func (c *V1AnalyzeOrgPoliciesCall) Do(opts ...googleapi.CallOption) (*AnalyzeOrgPoliciesResponse, error) { 8048 gensupport.SetOptions(c.urlParams_, opts...) 8049 res, err := c.doRequest("json") 8050 if res != nil && res.StatusCode == http.StatusNotModified { 8051 if res.Body != nil { 8052 res.Body.Close() 8053 } 8054 return nil, gensupport.WrapError(&googleapi.Error{ 8055 Code: res.StatusCode, 8056 Header: res.Header, 8057 }) 8058 } 8059 if err != nil { 8060 return nil, err 8061 } 8062 defer googleapi.CloseBody(res) 8063 if err := googleapi.CheckResponse(res); err != nil { 8064 return nil, gensupport.WrapError(err) 8065 } 8066 ret := &AnalyzeOrgPoliciesResponse{ 8067 ServerResponse: googleapi.ServerResponse{ 8068 Header: res.Header, 8069 HTTPStatusCode: res.StatusCode, 8070 }, 8071 } 8072 target := &ret 8073 if err := gensupport.DecodeResponse(target, res); err != nil { 8074 return nil, err 8075 } 8076 return ret, nil 8077 } 8078 8079 // Pages invokes f for each page of results. 8080 // A non-nil error returned from f will halt the iteration. 8081 // The provided context supersedes any context provided to the Context method. 8082 func (c *V1AnalyzeOrgPoliciesCall) Pages(ctx context.Context, f func(*AnalyzeOrgPoliciesResponse) error) error { 8083 c.ctx_ = ctx 8084 defer c.PageToken(c.urlParams_.Get("pageToken")) 8085 for { 8086 x, err := c.Do() 8087 if err != nil { 8088 return err 8089 } 8090 if err := f(x); err != nil { 8091 return err 8092 } 8093 if x.NextPageToken == "" { 8094 return nil 8095 } 8096 c.PageToken(x.NextPageToken) 8097 } 8098 } 8099 8100 type V1AnalyzeOrgPolicyGovernedAssetsCall struct { 8101 s *Service 8102 scope string 8103 urlParams_ gensupport.URLParams 8104 ifNoneMatch_ string 8105 ctx_ context.Context 8106 header_ http.Header 8107 } 8108 8109 // AnalyzeOrgPolicyGovernedAssets: Analyzes organization policies governed 8110 // assets (Google Cloud resources or policies) under a scope. This RPC supports 8111 // custom constraints and the following canned constraints: * 8112 // constraints/ainotebooks.accessMode * 8113 // constraints/ainotebooks.disableFileDownloads * 8114 // constraints/ainotebooks.disableRootAccess * 8115 // constraints/ainotebooks.disableTerminal * 8116 // constraints/ainotebooks.environmentOptions * 8117 // constraints/ainotebooks.requireAutoUpgradeSchedule * 8118 // constraints/ainotebooks.restrictVpcNetworks * 8119 // constraints/compute.disableGuestAttributesAccess * 8120 // constraints/compute.disableInstanceDataAccessApis * 8121 // constraints/compute.disableNestedVirtualization * 8122 // constraints/compute.disableSerialPortAccess * 8123 // constraints/compute.disableSerialPortLogging * 8124 // constraints/compute.disableVpcExternalIpv6 * 8125 // constraints/compute.requireOsLogin * constraints/compute.requireShieldedVm * 8126 // constraints/compute.restrictLoadBalancerCreationForTypes * 8127 // constraints/compute.restrictProtocolForwardingCreationForTypes * 8128 // constraints/compute.restrictXpnProjectLienRemoval * 8129 // constraints/compute.setNewProjectDefaultToZonalDNSOnly * 8130 // constraints/compute.skipDefaultNetworkCreation * 8131 // constraints/compute.trustedImageProjects * 8132 // constraints/compute.vmCanIpForward * constraints/compute.vmExternalIpAccess 8133 // * constraints/gcp.detailedAuditLoggingMode * 8134 // constraints/gcp.resourceLocations * 8135 // constraints/iam.allowedPolicyMemberDomains * 8136 // constraints/iam.automaticIamGrantsForDefaultServiceAccounts * 8137 // constraints/iam.disableServiceAccountCreation * 8138 // constraints/iam.disableServiceAccountKeyCreation * 8139 // constraints/iam.disableServiceAccountKeyUpload * 8140 // constraints/iam.restrictCrossProjectServiceAccountLienRemoval * 8141 // constraints/iam.serviceAccountKeyExpiryHours * 8142 // constraints/resourcemanager.accessBoundaries * 8143 // constraints/resourcemanager.allowedExportDestinations * 8144 // constraints/sql.restrictAuthorizedNetworks * 8145 // constraints/sql.restrictNoncompliantDiagnosticDataAccess * 8146 // constraints/sql.restrictNoncompliantResourceCreation * 8147 // constraints/sql.restrictPublicIp * 8148 // constraints/storage.publicAccessPrevention * 8149 // constraints/storage.restrictAuthTypes * 8150 // constraints/storage.uniformBucketLevelAccess This RPC only returns either 8151 // resources of types supported by search APIs 8152 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) or IAM 8153 // policies. 8154 // 8155 // - scope: The organization to scope the request. Only organization policies 8156 // within the scope will be analyzed. The output assets will also be limited 8157 // to the ones governed by those in-scope organization policies. * 8158 // organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456"). 8159 func (r *V1Service) AnalyzeOrgPolicyGovernedAssets(scope string) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8160 c := &V1AnalyzeOrgPolicyGovernedAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8161 c.scope = scope 8162 return c 8163 } 8164 8165 // Constraint sets the optional parameter "constraint": Required. The name of 8166 // the constraint to analyze governed assets for. The analysis only contains 8167 // analyzed organization policies for the provided constraint. 8168 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) Constraint(constraint string) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8169 c.urlParams_.Set("constraint", constraint) 8170 return c 8171 } 8172 8173 // Filter sets the optional parameter "filter": The expression to filter 8174 // AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets. For governed 8175 // resources, filtering is currently available for bare literal values and the 8176 // following fields: * governed_resource.project * governed_resource.folders * 8177 // consolidated_policy.rules.enforce When filtering by 8178 // `governed_resource.project` or `consolidated_policy.rules.enforce`, the only 8179 // supported operator is `=`. When filtering by `governed_resource.folders`, 8180 // the supported operators are `=` and `:`. For example, filtering by 8181 // `governed_resource.project="projects/12345678" will return all the governed 8182 // resources under "projects/12345678", including the project itself if 8183 // applicable. For governed IAM policies, filtering is currently available for 8184 // bare literal values and the following fields: * governed_iam_policy.project 8185 // * governed_iam_policy.folders * consolidated_policy.rules.enforce When 8186 // filtering by `governed_iam_policy.project` or 8187 // `consolidated_policy.rules.enforce`, the only supported operator is `=`. 8188 // When filtering by `governed_iam_policy.folders`, the supported operators are 8189 // `=` and `:`. For example, filtering by 8190 // `governed_iam_policy.folders:"folders/12345678" will return all the 8191 // governed IAM policies under "folders/001". 8192 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) Filter(filter string) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8193 c.urlParams_.Set("filter", filter) 8194 return c 8195 } 8196 8197 // PageSize sets the optional parameter "pageSize": The maximum number of items 8198 // to return per page. If unspecified, 8199 // AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets will contain 100 8200 // items with a maximum of 200. 8201 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) PageSize(pageSize int64) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8202 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 8203 return c 8204 } 8205 8206 // PageToken sets the optional parameter "pageToken": The pagination token to 8207 // retrieve the next page. 8208 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) PageToken(pageToken string) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8209 c.urlParams_.Set("pageToken", pageToken) 8210 return c 8211 } 8212 8213 // Fields allows partial responses to be retrieved. See 8214 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 8215 // details. 8216 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) Fields(s ...googleapi.Field) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8217 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8218 return c 8219 } 8220 8221 // IfNoneMatch sets an optional parameter which makes the operation fail if the 8222 // object's ETag matches the given value. This is useful for getting updates 8223 // only after the object has changed since the last request. 8224 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) IfNoneMatch(entityTag string) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8225 c.ifNoneMatch_ = entityTag 8226 return c 8227 } 8228 8229 // Context sets the context to be used in this call's Do method. 8230 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) Context(ctx context.Context) *V1AnalyzeOrgPolicyGovernedAssetsCall { 8231 c.ctx_ = ctx 8232 return c 8233 } 8234 8235 // Header returns a http.Header that can be modified by the caller to add 8236 // headers to the request. 8237 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) Header() http.Header { 8238 if c.header_ == nil { 8239 c.header_ = make(http.Header) 8240 } 8241 return c.header_ 8242 } 8243 8244 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) doRequest(alt string) (*http.Response, error) { 8245 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 8246 if c.ifNoneMatch_ != "" { 8247 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8248 } 8249 var body io.Reader = nil 8250 c.urlParams_.Set("alt", alt) 8251 c.urlParams_.Set("prettyPrint", "false") 8252 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:analyzeOrgPolicyGovernedAssets") 8253 urls += "?" + c.urlParams_.Encode() 8254 req, err := http.NewRequest("GET", urls, body) 8255 if err != nil { 8256 return nil, err 8257 } 8258 req.Header = reqHeaders 8259 googleapi.Expand(req.URL, map[string]string{ 8260 "scope": c.scope, 8261 }) 8262 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8263 } 8264 8265 // Do executes the "cloudasset.analyzeOrgPolicyGovernedAssets" call. 8266 // Any non-2xx status code is an error. Response headers are in either 8267 // *AnalyzeOrgPolicyGovernedAssetsResponse.ServerResponse.Header or (if a 8268 // response was returned at all) in error.(*googleapi.Error).Header. Use 8269 // googleapi.IsNotModified to check whether the returned error was because 8270 // http.StatusNotModified was returned. 8271 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) Do(opts ...googleapi.CallOption) (*AnalyzeOrgPolicyGovernedAssetsResponse, error) { 8272 gensupport.SetOptions(c.urlParams_, opts...) 8273 res, err := c.doRequest("json") 8274 if res != nil && res.StatusCode == http.StatusNotModified { 8275 if res.Body != nil { 8276 res.Body.Close() 8277 } 8278 return nil, gensupport.WrapError(&googleapi.Error{ 8279 Code: res.StatusCode, 8280 Header: res.Header, 8281 }) 8282 } 8283 if err != nil { 8284 return nil, err 8285 } 8286 defer googleapi.CloseBody(res) 8287 if err := googleapi.CheckResponse(res); err != nil { 8288 return nil, gensupport.WrapError(err) 8289 } 8290 ret := &AnalyzeOrgPolicyGovernedAssetsResponse{ 8291 ServerResponse: googleapi.ServerResponse{ 8292 Header: res.Header, 8293 HTTPStatusCode: res.StatusCode, 8294 }, 8295 } 8296 target := &ret 8297 if err := gensupport.DecodeResponse(target, res); err != nil { 8298 return nil, err 8299 } 8300 return ret, nil 8301 } 8302 8303 // Pages invokes f for each page of results. 8304 // A non-nil error returned from f will halt the iteration. 8305 // The provided context supersedes any context provided to the Context method. 8306 func (c *V1AnalyzeOrgPolicyGovernedAssetsCall) Pages(ctx context.Context, f func(*AnalyzeOrgPolicyGovernedAssetsResponse) error) error { 8307 c.ctx_ = ctx 8308 defer c.PageToken(c.urlParams_.Get("pageToken")) 8309 for { 8310 x, err := c.Do() 8311 if err != nil { 8312 return err 8313 } 8314 if err := f(x); err != nil { 8315 return err 8316 } 8317 if x.NextPageToken == "" { 8318 return nil 8319 } 8320 c.PageToken(x.NextPageToken) 8321 } 8322 } 8323 8324 type V1AnalyzeOrgPolicyGovernedContainersCall struct { 8325 s *Service 8326 scope string 8327 urlParams_ gensupport.URLParams 8328 ifNoneMatch_ string 8329 ctx_ context.Context 8330 header_ http.Header 8331 } 8332 8333 // AnalyzeOrgPolicyGovernedContainers: Analyzes organization policies governed 8334 // containers (projects, folders or organization) under a scope. 8335 // 8336 // - scope: The organization to scope the request. Only organization policies 8337 // within the scope will be analyzed. The output containers will also be 8338 // limited to the ones governed by those in-scope organization policies. * 8339 // organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456"). 8340 func (r *V1Service) AnalyzeOrgPolicyGovernedContainers(scope string) *V1AnalyzeOrgPolicyGovernedContainersCall { 8341 c := &V1AnalyzeOrgPolicyGovernedContainersCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8342 c.scope = scope 8343 return c 8344 } 8345 8346 // Constraint sets the optional parameter "constraint": Required. The name of 8347 // the constraint to analyze governed containers for. The analysis only 8348 // contains organization policies for the provided constraint. 8349 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) Constraint(constraint string) *V1AnalyzeOrgPolicyGovernedContainersCall { 8350 c.urlParams_.Set("constraint", constraint) 8351 return c 8352 } 8353 8354 // Filter sets the optional parameter "filter": The expression to filter 8355 // AnalyzeOrgPolicyGovernedContainersResponse.governed_containers. Filtering is 8356 // currently available for bare literal values and the following fields: * 8357 // parent * consolidated_policy.rules.enforce When filtering by a specific 8358 // field, the only supported operator is `=`. For example, filtering by 8359 // parent="//cloudresourcemanager.googleapis.com/folders/001" will return all 8360 // the containers under "folders/001". 8361 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) Filter(filter string) *V1AnalyzeOrgPolicyGovernedContainersCall { 8362 c.urlParams_.Set("filter", filter) 8363 return c 8364 } 8365 8366 // PageSize sets the optional parameter "pageSize": The maximum number of items 8367 // to return per page. If unspecified, 8368 // AnalyzeOrgPolicyGovernedContainersResponse.governed_containers will contain 8369 // 100 items with a maximum of 200. 8370 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) PageSize(pageSize int64) *V1AnalyzeOrgPolicyGovernedContainersCall { 8371 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 8372 return c 8373 } 8374 8375 // PageToken sets the optional parameter "pageToken": The pagination token to 8376 // retrieve the next page. 8377 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) PageToken(pageToken string) *V1AnalyzeOrgPolicyGovernedContainersCall { 8378 c.urlParams_.Set("pageToken", pageToken) 8379 return c 8380 } 8381 8382 // Fields allows partial responses to be retrieved. See 8383 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 8384 // details. 8385 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) Fields(s ...googleapi.Field) *V1AnalyzeOrgPolicyGovernedContainersCall { 8386 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8387 return c 8388 } 8389 8390 // IfNoneMatch sets an optional parameter which makes the operation fail if the 8391 // object's ETag matches the given value. This is useful for getting updates 8392 // only after the object has changed since the last request. 8393 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) IfNoneMatch(entityTag string) *V1AnalyzeOrgPolicyGovernedContainersCall { 8394 c.ifNoneMatch_ = entityTag 8395 return c 8396 } 8397 8398 // Context sets the context to be used in this call's Do method. 8399 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) Context(ctx context.Context) *V1AnalyzeOrgPolicyGovernedContainersCall { 8400 c.ctx_ = ctx 8401 return c 8402 } 8403 8404 // Header returns a http.Header that can be modified by the caller to add 8405 // headers to the request. 8406 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) Header() http.Header { 8407 if c.header_ == nil { 8408 c.header_ = make(http.Header) 8409 } 8410 return c.header_ 8411 } 8412 8413 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) doRequest(alt string) (*http.Response, error) { 8414 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 8415 if c.ifNoneMatch_ != "" { 8416 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8417 } 8418 var body io.Reader = nil 8419 c.urlParams_.Set("alt", alt) 8420 c.urlParams_.Set("prettyPrint", "false") 8421 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:analyzeOrgPolicyGovernedContainers") 8422 urls += "?" + c.urlParams_.Encode() 8423 req, err := http.NewRequest("GET", urls, body) 8424 if err != nil { 8425 return nil, err 8426 } 8427 req.Header = reqHeaders 8428 googleapi.Expand(req.URL, map[string]string{ 8429 "scope": c.scope, 8430 }) 8431 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8432 } 8433 8434 // Do executes the "cloudasset.analyzeOrgPolicyGovernedContainers" call. 8435 // Any non-2xx status code is an error. Response headers are in either 8436 // *AnalyzeOrgPolicyGovernedContainersResponse.ServerResponse.Header or (if a 8437 // response was returned at all) in error.(*googleapi.Error).Header. Use 8438 // googleapi.IsNotModified to check whether the returned error was because 8439 // http.StatusNotModified was returned. 8440 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) Do(opts ...googleapi.CallOption) (*AnalyzeOrgPolicyGovernedContainersResponse, error) { 8441 gensupport.SetOptions(c.urlParams_, opts...) 8442 res, err := c.doRequest("json") 8443 if res != nil && res.StatusCode == http.StatusNotModified { 8444 if res.Body != nil { 8445 res.Body.Close() 8446 } 8447 return nil, gensupport.WrapError(&googleapi.Error{ 8448 Code: res.StatusCode, 8449 Header: res.Header, 8450 }) 8451 } 8452 if err != nil { 8453 return nil, err 8454 } 8455 defer googleapi.CloseBody(res) 8456 if err := googleapi.CheckResponse(res); err != nil { 8457 return nil, gensupport.WrapError(err) 8458 } 8459 ret := &AnalyzeOrgPolicyGovernedContainersResponse{ 8460 ServerResponse: googleapi.ServerResponse{ 8461 Header: res.Header, 8462 HTTPStatusCode: res.StatusCode, 8463 }, 8464 } 8465 target := &ret 8466 if err := gensupport.DecodeResponse(target, res); err != nil { 8467 return nil, err 8468 } 8469 return ret, nil 8470 } 8471 8472 // Pages invokes f for each page of results. 8473 // A non-nil error returned from f will halt the iteration. 8474 // The provided context supersedes any context provided to the Context method. 8475 func (c *V1AnalyzeOrgPolicyGovernedContainersCall) Pages(ctx context.Context, f func(*AnalyzeOrgPolicyGovernedContainersResponse) error) error { 8476 c.ctx_ = ctx 8477 defer c.PageToken(c.urlParams_.Get("pageToken")) 8478 for { 8479 x, err := c.Do() 8480 if err != nil { 8481 return err 8482 } 8483 if err := f(x); err != nil { 8484 return err 8485 } 8486 if x.NextPageToken == "" { 8487 return nil 8488 } 8489 c.PageToken(x.NextPageToken) 8490 } 8491 } 8492 8493 type V1BatchGetAssetsHistoryCall struct { 8494 s *Service 8495 parent string 8496 urlParams_ gensupport.URLParams 8497 ifNoneMatch_ string 8498 ctx_ context.Context 8499 header_ http.Header 8500 } 8501 8502 // BatchGetAssetsHistory: Batch gets the update history of assets that overlap 8503 // a time window. For IAM_POLICY content, this API outputs history when the 8504 // asset and its attached IAM POLICY both exist. This can create gaps in the 8505 // output history. Otherwise, this API outputs history with asset in both 8506 // non-delete or deleted status. If a specified asset does not exist, this API 8507 // returns an INVALID_ARGUMENT error. 8508 // 8509 // - parent: The relative name of the root asset. It can only be an 8510 // organization number (such as "organizations/123"), a project ID (such as 8511 // "projects/my-project-id")", or a project number (such as 8512 // "projects/12345"). 8513 func (r *V1Service) BatchGetAssetsHistory(parent string) *V1BatchGetAssetsHistoryCall { 8514 c := &V1BatchGetAssetsHistoryCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8515 c.parent = parent 8516 return c 8517 } 8518 8519 // AssetNames sets the optional parameter "assetNames": A list of the full 8520 // names of the assets. See: 8521 // https://cloud.google.com/asset-inventory/docs/resource-name-format Example: 8522 // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/insta 8523 // nce1`. The request becomes a no-op if the asset name list is empty, and the 8524 // max size of the asset name list is 100 in one request. 8525 func (c *V1BatchGetAssetsHistoryCall) AssetNames(assetNames ...string) *V1BatchGetAssetsHistoryCall { 8526 c.urlParams_.SetMulti("assetNames", append([]string{}, assetNames...)) 8527 return c 8528 } 8529 8530 // ContentType sets the optional parameter "contentType": The content type. 8531 // 8532 // Possible values: 8533 // 8534 // "CONTENT_TYPE_UNSPECIFIED" - Unspecified content type. 8535 // "RESOURCE" - Resource metadata. 8536 // "IAM_POLICY" - The actual IAM policy set on a resource. 8537 // "ORG_POLICY" - The organization policy set on an asset. 8538 // "ACCESS_POLICY" - The Access Context Manager policy set on an asset. 8539 // "OS_INVENTORY" - The runtime OS Inventory information. 8540 // "RELATIONSHIP" - The related resources. 8541 func (c *V1BatchGetAssetsHistoryCall) ContentType(contentType string) *V1BatchGetAssetsHistoryCall { 8542 c.urlParams_.Set("contentType", contentType) 8543 return c 8544 } 8545 8546 // ReadTimeWindowEndTime sets the optional parameter "readTimeWindow.endTime": 8547 // End time of the time window (inclusive). If not specified, the current 8548 // timestamp is used instead. 8549 func (c *V1BatchGetAssetsHistoryCall) ReadTimeWindowEndTime(readTimeWindowEndTime string) *V1BatchGetAssetsHistoryCall { 8550 c.urlParams_.Set("readTimeWindow.endTime", readTimeWindowEndTime) 8551 return c 8552 } 8553 8554 // ReadTimeWindowStartTime sets the optional parameter 8555 // "readTimeWindow.startTime": Start time of the time window (exclusive). 8556 func (c *V1BatchGetAssetsHistoryCall) ReadTimeWindowStartTime(readTimeWindowStartTime string) *V1BatchGetAssetsHistoryCall { 8557 c.urlParams_.Set("readTimeWindow.startTime", readTimeWindowStartTime) 8558 return c 8559 } 8560 8561 // RelationshipTypes sets the optional parameter "relationshipTypes": A list of 8562 // relationship types to output, for example: `INSTANCE_TO_INSTANCEGROUP`. This 8563 // field should only be specified if content_type=RELATIONSHIP. * If specified: 8564 // it outputs specified relationships' history on the [asset_names]. It returns 8565 // an error if any of the [relationship_types] doesn't belong to the supported 8566 // relationship types of the [asset_names] or if any of the [asset_names]'s 8567 // types doesn't belong to the source types of the [relationship_types]. * 8568 // Otherwise: it outputs the supported relationships' history on the 8569 // [asset_names] or returns an error if any of the [asset_names]'s types has no 8570 // relationship support. See Introduction to Cloud Asset Inventory 8571 // (https://cloud.google.com/asset-inventory/docs/overview) for all supported 8572 // asset types and relationship types. 8573 func (c *V1BatchGetAssetsHistoryCall) RelationshipTypes(relationshipTypes ...string) *V1BatchGetAssetsHistoryCall { 8574 c.urlParams_.SetMulti("relationshipTypes", append([]string{}, relationshipTypes...)) 8575 return c 8576 } 8577 8578 // Fields allows partial responses to be retrieved. See 8579 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 8580 // details. 8581 func (c *V1BatchGetAssetsHistoryCall) Fields(s ...googleapi.Field) *V1BatchGetAssetsHistoryCall { 8582 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8583 return c 8584 } 8585 8586 // IfNoneMatch sets an optional parameter which makes the operation fail if the 8587 // object's ETag matches the given value. This is useful for getting updates 8588 // only after the object has changed since the last request. 8589 func (c *V1BatchGetAssetsHistoryCall) IfNoneMatch(entityTag string) *V1BatchGetAssetsHistoryCall { 8590 c.ifNoneMatch_ = entityTag 8591 return c 8592 } 8593 8594 // Context sets the context to be used in this call's Do method. 8595 func (c *V1BatchGetAssetsHistoryCall) Context(ctx context.Context) *V1BatchGetAssetsHistoryCall { 8596 c.ctx_ = ctx 8597 return c 8598 } 8599 8600 // Header returns a http.Header that can be modified by the caller to add 8601 // headers to the request. 8602 func (c *V1BatchGetAssetsHistoryCall) Header() http.Header { 8603 if c.header_ == nil { 8604 c.header_ = make(http.Header) 8605 } 8606 return c.header_ 8607 } 8608 8609 func (c *V1BatchGetAssetsHistoryCall) doRequest(alt string) (*http.Response, error) { 8610 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 8611 if c.ifNoneMatch_ != "" { 8612 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 8613 } 8614 var body io.Reader = nil 8615 c.urlParams_.Set("alt", alt) 8616 c.urlParams_.Set("prettyPrint", "false") 8617 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}:batchGetAssetsHistory") 8618 urls += "?" + c.urlParams_.Encode() 8619 req, err := http.NewRequest("GET", urls, body) 8620 if err != nil { 8621 return nil, err 8622 } 8623 req.Header = reqHeaders 8624 googleapi.Expand(req.URL, map[string]string{ 8625 "parent": c.parent, 8626 }) 8627 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8628 } 8629 8630 // Do executes the "cloudasset.batchGetAssetsHistory" call. 8631 // Any non-2xx status code is an error. Response headers are in either 8632 // *BatchGetAssetsHistoryResponse.ServerResponse.Header or (if a response was 8633 // returned at all) in error.(*googleapi.Error).Header. Use 8634 // googleapi.IsNotModified to check whether the returned error was because 8635 // http.StatusNotModified was returned. 8636 func (c *V1BatchGetAssetsHistoryCall) Do(opts ...googleapi.CallOption) (*BatchGetAssetsHistoryResponse, error) { 8637 gensupport.SetOptions(c.urlParams_, opts...) 8638 res, err := c.doRequest("json") 8639 if res != nil && res.StatusCode == http.StatusNotModified { 8640 if res.Body != nil { 8641 res.Body.Close() 8642 } 8643 return nil, gensupport.WrapError(&googleapi.Error{ 8644 Code: res.StatusCode, 8645 Header: res.Header, 8646 }) 8647 } 8648 if err != nil { 8649 return nil, err 8650 } 8651 defer googleapi.CloseBody(res) 8652 if err := googleapi.CheckResponse(res); err != nil { 8653 return nil, gensupport.WrapError(err) 8654 } 8655 ret := &BatchGetAssetsHistoryResponse{ 8656 ServerResponse: googleapi.ServerResponse{ 8657 Header: res.Header, 8658 HTTPStatusCode: res.StatusCode, 8659 }, 8660 } 8661 target := &ret 8662 if err := gensupport.DecodeResponse(target, res); err != nil { 8663 return nil, err 8664 } 8665 return ret, nil 8666 } 8667 8668 type V1ExportAssetsCall struct { 8669 s *Service 8670 parent string 8671 exportassetsrequest *ExportAssetsRequest 8672 urlParams_ gensupport.URLParams 8673 ctx_ context.Context 8674 header_ http.Header 8675 } 8676 8677 // ExportAssets: Exports assets with time and resource types to a given Cloud 8678 // Storage location/BigQuery table. For Cloud Storage location destinations, 8679 // the output format is newline-delimited JSON. Each line represents a 8680 // google.cloud.asset.v1.Asset in the JSON format; for BigQuery table 8681 // destinations, the output table stores the fields in asset Protobuf as 8682 // columns. This API implements the google.longrunning.Operation API, which 8683 // allows you to keep track of the export. We recommend intervals of at least 2 8684 // seconds with exponential retry to poll the export operation result. For 8685 // regular-size resource parent, the export operation usually finishes within 5 8686 // minutes. 8687 // 8688 // - parent: The relative name of the root asset. This can only be an 8689 // organization number (such as "organizations/123"), a project ID (such as 8690 // "projects/my-project-id"), or a project number (such as "projects/12345"), 8691 // or a folder number (such as "folders/123"). 8692 func (r *V1Service) ExportAssets(parent string, exportassetsrequest *ExportAssetsRequest) *V1ExportAssetsCall { 8693 c := &V1ExportAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8694 c.parent = parent 8695 c.exportassetsrequest = exportassetsrequest 8696 return c 8697 } 8698 8699 // Fields allows partial responses to be retrieved. See 8700 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 8701 // details. 8702 func (c *V1ExportAssetsCall) Fields(s ...googleapi.Field) *V1ExportAssetsCall { 8703 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8704 return c 8705 } 8706 8707 // Context sets the context to be used in this call's Do method. 8708 func (c *V1ExportAssetsCall) Context(ctx context.Context) *V1ExportAssetsCall { 8709 c.ctx_ = ctx 8710 return c 8711 } 8712 8713 // Header returns a http.Header that can be modified by the caller to add 8714 // headers to the request. 8715 func (c *V1ExportAssetsCall) Header() http.Header { 8716 if c.header_ == nil { 8717 c.header_ = make(http.Header) 8718 } 8719 return c.header_ 8720 } 8721 8722 func (c *V1ExportAssetsCall) doRequest(alt string) (*http.Response, error) { 8723 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) 8724 var body io.Reader = nil 8725 body, err := googleapi.WithoutDataWrapper.JSONReader(c.exportassetsrequest) 8726 if err != nil { 8727 return nil, err 8728 } 8729 c.urlParams_.Set("alt", alt) 8730 c.urlParams_.Set("prettyPrint", "false") 8731 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}:exportAssets") 8732 urls += "?" + c.urlParams_.Encode() 8733 req, err := http.NewRequest("POST", urls, body) 8734 if err != nil { 8735 return nil, err 8736 } 8737 req.Header = reqHeaders 8738 googleapi.Expand(req.URL, map[string]string{ 8739 "parent": c.parent, 8740 }) 8741 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8742 } 8743 8744 // Do executes the "cloudasset.exportAssets" call. 8745 // Any non-2xx status code is an error. Response headers are in either 8746 // *Operation.ServerResponse.Header or (if a response was returned at all) in 8747 // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check 8748 // whether the returned error was because http.StatusNotModified was returned. 8749 func (c *V1ExportAssetsCall) Do(opts ...googleapi.CallOption) (*Operation, error) { 8750 gensupport.SetOptions(c.urlParams_, opts...) 8751 res, err := c.doRequest("json") 8752 if res != nil && res.StatusCode == http.StatusNotModified { 8753 if res.Body != nil { 8754 res.Body.Close() 8755 } 8756 return nil, gensupport.WrapError(&googleapi.Error{ 8757 Code: res.StatusCode, 8758 Header: res.Header, 8759 }) 8760 } 8761 if err != nil { 8762 return nil, err 8763 } 8764 defer googleapi.CloseBody(res) 8765 if err := googleapi.CheckResponse(res); err != nil { 8766 return nil, gensupport.WrapError(err) 8767 } 8768 ret := &Operation{ 8769 ServerResponse: googleapi.ServerResponse{ 8770 Header: res.Header, 8771 HTTPStatusCode: res.StatusCode, 8772 }, 8773 } 8774 target := &ret 8775 if err := gensupport.DecodeResponse(target, res); err != nil { 8776 return nil, err 8777 } 8778 return ret, nil 8779 } 8780 8781 type V1QueryAssetsCall struct { 8782 s *Service 8783 parent string 8784 queryassetsrequest *QueryAssetsRequest 8785 urlParams_ gensupport.URLParams 8786 ctx_ context.Context 8787 header_ http.Header 8788 } 8789 8790 // QueryAssets: Issue a job that queries assets using a SQL statement 8791 // compatible with BigQuery SQL 8792 // (https://cloud.google.com/bigquery/docs/introduction-sql). If the query 8793 // execution finishes within timeout and there's no pagination, the full query 8794 // results will be returned in the `QueryAssetsResponse`. Otherwise, full query 8795 // results can be obtained by issuing extra requests with the `job_reference` 8796 // from the a previous `QueryAssets` call. Note, the query result has 8797 // approximately 10 GB limitation enforced by BigQuery 8798 // (https://cloud.google.com/bigquery/docs/best-practices-performance-output). 8799 // Queries return larger results will result in errors. 8800 // 8801 // - parent: The relative name of the root asset. This can only be an 8802 // organization number (such as "organizations/123"), a project ID (such as 8803 // "projects/my-project-id"), or a project number (such as "projects/12345"), 8804 // or a folder number (such as "folders/123"). Only assets belonging to the 8805 // `parent` will be returned. 8806 func (r *V1Service) QueryAssets(parent string, queryassetsrequest *QueryAssetsRequest) *V1QueryAssetsCall { 8807 c := &V1QueryAssetsCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8808 c.parent = parent 8809 c.queryassetsrequest = queryassetsrequest 8810 return c 8811 } 8812 8813 // Fields allows partial responses to be retrieved. See 8814 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 8815 // details. 8816 func (c *V1QueryAssetsCall) Fields(s ...googleapi.Field) *V1QueryAssetsCall { 8817 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 8818 return c 8819 } 8820 8821 // Context sets the context to be used in this call's Do method. 8822 func (c *V1QueryAssetsCall) Context(ctx context.Context) *V1QueryAssetsCall { 8823 c.ctx_ = ctx 8824 return c 8825 } 8826 8827 // Header returns a http.Header that can be modified by the caller to add 8828 // headers to the request. 8829 func (c *V1QueryAssetsCall) Header() http.Header { 8830 if c.header_ == nil { 8831 c.header_ = make(http.Header) 8832 } 8833 return c.header_ 8834 } 8835 8836 func (c *V1QueryAssetsCall) doRequest(alt string) (*http.Response, error) { 8837 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_) 8838 var body io.Reader = nil 8839 body, err := googleapi.WithoutDataWrapper.JSONReader(c.queryassetsrequest) 8840 if err != nil { 8841 return nil, err 8842 } 8843 c.urlParams_.Set("alt", alt) 8844 c.urlParams_.Set("prettyPrint", "false") 8845 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}:queryAssets") 8846 urls += "?" + c.urlParams_.Encode() 8847 req, err := http.NewRequest("POST", urls, body) 8848 if err != nil { 8849 return nil, err 8850 } 8851 req.Header = reqHeaders 8852 googleapi.Expand(req.URL, map[string]string{ 8853 "parent": c.parent, 8854 }) 8855 return gensupport.SendRequest(c.ctx_, c.s.client, req) 8856 } 8857 8858 // Do executes the "cloudasset.queryAssets" call. 8859 // Any non-2xx status code is an error. Response headers are in either 8860 // *QueryAssetsResponse.ServerResponse.Header or (if a response was returned at 8861 // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to 8862 // check whether the returned error was because http.StatusNotModified was 8863 // returned. 8864 func (c *V1QueryAssetsCall) Do(opts ...googleapi.CallOption) (*QueryAssetsResponse, error) { 8865 gensupport.SetOptions(c.urlParams_, opts...) 8866 res, err := c.doRequest("json") 8867 if res != nil && res.StatusCode == http.StatusNotModified { 8868 if res.Body != nil { 8869 res.Body.Close() 8870 } 8871 return nil, gensupport.WrapError(&googleapi.Error{ 8872 Code: res.StatusCode, 8873 Header: res.Header, 8874 }) 8875 } 8876 if err != nil { 8877 return nil, err 8878 } 8879 defer googleapi.CloseBody(res) 8880 if err := googleapi.CheckResponse(res); err != nil { 8881 return nil, gensupport.WrapError(err) 8882 } 8883 ret := &QueryAssetsResponse{ 8884 ServerResponse: googleapi.ServerResponse{ 8885 Header: res.Header, 8886 HTTPStatusCode: res.StatusCode, 8887 }, 8888 } 8889 target := &ret 8890 if err := gensupport.DecodeResponse(target, res); err != nil { 8891 return nil, err 8892 } 8893 return ret, nil 8894 } 8895 8896 type V1SearchAllIamPoliciesCall struct { 8897 s *Service 8898 scope string 8899 urlParams_ gensupport.URLParams 8900 ifNoneMatch_ string 8901 ctx_ context.Context 8902 header_ http.Header 8903 } 8904 8905 // SearchAllIamPolicies: Searches all IAM policies within the specified scope, 8906 // such as a project, folder, or organization. The caller must be granted the 8907 // `cloudasset.assets.searchAllIamPolicies` permission on the desired scope, 8908 // otherwise the request will be rejected. 8909 // 8910 // - scope: A scope can be a project, a folder, or an organization. The search 8911 // is limited to the IAM policies within the `scope`. The caller must be 8912 // granted the `cloudasset.assets.searchAllIamPolicies` 8913 // (https://cloud.google.com/asset-inventory/docs/access-control#required_permissions) 8914 // permission on the desired scope. The allowed values are: * 8915 // projects/{PROJECT_ID} (e.g., "projects/foo-bar") * 8916 // projects/{PROJECT_NUMBER} (e.g., "projects/12345678") * 8917 // folders/{FOLDER_NUMBER} (e.g., "folders/1234567") * 8918 // organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456"). 8919 func (r *V1Service) SearchAllIamPolicies(scope string) *V1SearchAllIamPoliciesCall { 8920 c := &V1SearchAllIamPoliciesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 8921 c.scope = scope 8922 return c 8923 } 8924 8925 // AssetTypes sets the optional parameter "assetTypes": A list of asset types 8926 // that the IAM policies are attached to. If empty, it will search the IAM 8927 // policies that are attached to all the asset types supported by search APIs 8928 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types) 8929 // Regular expressions are also supported. For example: * 8930 // "compute.googleapis.com.*" snapshots IAM policies attached to asset type 8931 // starts with "compute.googleapis.com". * ".*Instance" snapshots IAM policies 8932 // attached to asset type ends with "Instance". * ".*Instance.*" snapshots IAM 8933 // policies attached to asset type contains "Instance". See RE2 8934 // (https://github.com/google/re2/wiki/Syntax) for all supported regular 8935 // expression syntax. If the regular expression does not match any supported 8936 // asset type, an INVALID_ARGUMENT error will be returned. 8937 func (c *V1SearchAllIamPoliciesCall) AssetTypes(assetTypes ...string) *V1SearchAllIamPoliciesCall { 8938 c.urlParams_.SetMulti("assetTypes", append([]string{}, assetTypes...)) 8939 return c 8940 } 8941 8942 // OrderBy sets the optional parameter "orderBy": A comma-separated list of 8943 // fields specifying the sorting order of the results. The default order is 8944 // ascending. Add " DESC" after the field name to indicate descending order. 8945 // Redundant space characters are ignored. Example: "assetType DESC, resource". 8946 // Only singular primitive fields in the response are sortable: * resource * 8947 // assetType * project All the other fields such as repeated fields (e.g., 8948 // `folders`) and non-primitive fields (e.g., `policy`) are not supported. 8949 func (c *V1SearchAllIamPoliciesCall) OrderBy(orderBy string) *V1SearchAllIamPoliciesCall { 8950 c.urlParams_.Set("orderBy", orderBy) 8951 return c 8952 } 8953 8954 // PageSize sets the optional parameter "pageSize": The page size for search 8955 // result pagination. Page size is capped at 500 even if a larger value is 8956 // given. If set to zero or a negative value, server will pick an appropriate 8957 // default. Returned results may be fewer than requested. When this happens, 8958 // there could be more results as long as `next_page_token` is returned. 8959 func (c *V1SearchAllIamPoliciesCall) PageSize(pageSize int64) *V1SearchAllIamPoliciesCall { 8960 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 8961 return c 8962 } 8963 8964 // PageToken sets the optional parameter "pageToken": If present, retrieve the 8965 // next batch of results from the preceding call to this method. `page_token` 8966 // must be the value of `next_page_token` from the previous response. The 8967 // values of all other method parameters must be identical to those in the 8968 // previous call. 8969 func (c *V1SearchAllIamPoliciesCall) PageToken(pageToken string) *V1SearchAllIamPoliciesCall { 8970 c.urlParams_.Set("pageToken", pageToken) 8971 return c 8972 } 8973 8974 // Query sets the optional parameter "query": The query statement. See how to 8975 // construct a query 8976 // (https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query) 8977 // for more information. If not specified or empty, it will search all the IAM 8978 // policies within the specified `scope`. Note that the query string is 8979 // compared against each IAM policy binding, including its principals, roles, 8980 // and IAM conditions. The returned IAM policies will only contain the bindings 8981 // that match your query. To learn more about the IAM policy structure, see the 8982 // IAM policy documentation 8983 // (https://cloud.google.com/iam/help/allow-policies/structure). Examples: * 8984 // `policy:amy@gmail.com` to find IAM policy bindings that specify user 8985 // "amy@gmail.com". * `policy:roles/compute.admin` to find IAM policy bindings 8986 // that specify the Compute Admin role. * `policy:comp*` to find IAM policy 8987 // bindings that contain "comp" as a prefix of any word in the binding. * 8988 // `policy.role.permissions:storage.buckets.update` to find IAM policy bindings 8989 // that specify a role containing "storage.buckets.update" permission. Note 8990 // that if callers don't have `iam.roles.get` access to a role's included 8991 // permissions, policy bindings that specify this role will be dropped from the 8992 // search results. * `policy.role.permissions:upd*` to find IAM policy bindings 8993 // that specify a role containing "upd" as a prefix of any word in the role 8994 // permission. Note that if callers don't have `iam.roles.get` access to a 8995 // role's included permissions, policy bindings that specify this role will be 8996 // dropped from the search results. * `resource:organizations/123456` to find 8997 // IAM policy bindings that are set on "organizations/123456". * 8998 // `resource=//cloudresourcemanager.googleapis.com/projects/myproject` to find 8999 // IAM policy bindings that are set on the project named "myproject". * 9000 // `Important` to find IAM policy bindings that contain "Important" as a word 9001 // in any of the searchable fields (except for the included permissions). * 9002 // `resource:(instance1 OR instance2) policy:amy` to find IAM policy bindings 9003 // that are set on resources "instance1" or "instance2" and also specify user 9004 // "amy". * `roles:roles/compute.admin` to find IAM policy bindings that 9005 // specify the Compute Admin role. * `memberTypes:user` to find IAM policy 9006 // bindings that contain the principal type "user". 9007 func (c *V1SearchAllIamPoliciesCall) Query(query string) *V1SearchAllIamPoliciesCall { 9008 c.urlParams_.Set("query", query) 9009 return c 9010 } 9011 9012 // Fields allows partial responses to be retrieved. See 9013 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 9014 // details. 9015 func (c *V1SearchAllIamPoliciesCall) Fields(s ...googleapi.Field) *V1SearchAllIamPoliciesCall { 9016 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9017 return c 9018 } 9019 9020 // IfNoneMatch sets an optional parameter which makes the operation fail if the 9021 // object's ETag matches the given value. This is useful for getting updates 9022 // only after the object has changed since the last request. 9023 func (c *V1SearchAllIamPoliciesCall) IfNoneMatch(entityTag string) *V1SearchAllIamPoliciesCall { 9024 c.ifNoneMatch_ = entityTag 9025 return c 9026 } 9027 9028 // Context sets the context to be used in this call's Do method. 9029 func (c *V1SearchAllIamPoliciesCall) Context(ctx context.Context) *V1SearchAllIamPoliciesCall { 9030 c.ctx_ = ctx 9031 return c 9032 } 9033 9034 // Header returns a http.Header that can be modified by the caller to add 9035 // headers to the request. 9036 func (c *V1SearchAllIamPoliciesCall) Header() http.Header { 9037 if c.header_ == nil { 9038 c.header_ = make(http.Header) 9039 } 9040 return c.header_ 9041 } 9042 9043 func (c *V1SearchAllIamPoliciesCall) doRequest(alt string) (*http.Response, error) { 9044 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 9045 if c.ifNoneMatch_ != "" { 9046 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 9047 } 9048 var body io.Reader = nil 9049 c.urlParams_.Set("alt", alt) 9050 c.urlParams_.Set("prettyPrint", "false") 9051 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:searchAllIamPolicies") 9052 urls += "?" + c.urlParams_.Encode() 9053 req, err := http.NewRequest("GET", urls, body) 9054 if err != nil { 9055 return nil, err 9056 } 9057 req.Header = reqHeaders 9058 googleapi.Expand(req.URL, map[string]string{ 9059 "scope": c.scope, 9060 }) 9061 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9062 } 9063 9064 // Do executes the "cloudasset.searchAllIamPolicies" call. 9065 // Any non-2xx status code is an error. Response headers are in either 9066 // *SearchAllIamPoliciesResponse.ServerResponse.Header or (if a response was 9067 // returned at all) in error.(*googleapi.Error).Header. Use 9068 // googleapi.IsNotModified to check whether the returned error was because 9069 // http.StatusNotModified was returned. 9070 func (c *V1SearchAllIamPoliciesCall) Do(opts ...googleapi.CallOption) (*SearchAllIamPoliciesResponse, error) { 9071 gensupport.SetOptions(c.urlParams_, opts...) 9072 res, err := c.doRequest("json") 9073 if res != nil && res.StatusCode == http.StatusNotModified { 9074 if res.Body != nil { 9075 res.Body.Close() 9076 } 9077 return nil, gensupport.WrapError(&googleapi.Error{ 9078 Code: res.StatusCode, 9079 Header: res.Header, 9080 }) 9081 } 9082 if err != nil { 9083 return nil, err 9084 } 9085 defer googleapi.CloseBody(res) 9086 if err := googleapi.CheckResponse(res); err != nil { 9087 return nil, gensupport.WrapError(err) 9088 } 9089 ret := &SearchAllIamPoliciesResponse{ 9090 ServerResponse: googleapi.ServerResponse{ 9091 Header: res.Header, 9092 HTTPStatusCode: res.StatusCode, 9093 }, 9094 } 9095 target := &ret 9096 if err := gensupport.DecodeResponse(target, res); err != nil { 9097 return nil, err 9098 } 9099 return ret, nil 9100 } 9101 9102 // Pages invokes f for each page of results. 9103 // A non-nil error returned from f will halt the iteration. 9104 // The provided context supersedes any context provided to the Context method. 9105 func (c *V1SearchAllIamPoliciesCall) Pages(ctx context.Context, f func(*SearchAllIamPoliciesResponse) error) error { 9106 c.ctx_ = ctx 9107 defer c.PageToken(c.urlParams_.Get("pageToken")) 9108 for { 9109 x, err := c.Do() 9110 if err != nil { 9111 return err 9112 } 9113 if err := f(x); err != nil { 9114 return err 9115 } 9116 if x.NextPageToken == "" { 9117 return nil 9118 } 9119 c.PageToken(x.NextPageToken) 9120 } 9121 } 9122 9123 type V1SearchAllResourcesCall struct { 9124 s *Service 9125 scope string 9126 urlParams_ gensupport.URLParams 9127 ifNoneMatch_ string 9128 ctx_ context.Context 9129 header_ http.Header 9130 } 9131 9132 // SearchAllResources: Searches all Google Cloud resources within the specified 9133 // scope, such as a project, folder, or organization. The caller must be 9134 // granted the `cloudasset.assets.searchAllResources` permission on the desired 9135 // scope, otherwise the request will be rejected. 9136 // 9137 // - scope: A scope can be a project, a folder, or an organization. The search 9138 // is limited to the resources within the `scope`. The caller must be granted 9139 // the `cloudasset.assets.searchAllResources` 9140 // (https://cloud.google.com/asset-inventory/docs/access-control#required_permissions) 9141 // permission on the desired scope. The allowed values are: * 9142 // projects/{PROJECT_ID} (e.g., "projects/foo-bar") * 9143 // projects/{PROJECT_NUMBER} (e.g., "projects/12345678") * 9144 // folders/{FOLDER_NUMBER} (e.g., "folders/1234567") * 9145 // organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456"). 9146 func (r *V1Service) SearchAllResources(scope string) *V1SearchAllResourcesCall { 9147 c := &V1SearchAllResourcesCall{s: r.s, urlParams_: make(gensupport.URLParams)} 9148 c.scope = scope 9149 return c 9150 } 9151 9152 // AssetTypes sets the optional parameter "assetTypes": A list of asset types 9153 // that this request searches for. If empty, it will search all the asset types 9154 // supported by search APIs 9155 // (https://cloud.google.com/asset-inventory/docs/supported-asset-types). 9156 // Regular expressions are also supported. For example: * 9157 // "compute.googleapis.com.*" snapshots resources whose asset type starts with 9158 // "compute.googleapis.com". * ".*Instance" snapshots resources whose asset 9159 // type ends with "Instance". * ".*Instance.*" snapshots resources whose asset 9160 // type contains "Instance". See RE2 9161 // (https://github.com/google/re2/wiki/Syntax) for all supported regular 9162 // expression syntax. If the regular expression does not match any supported 9163 // asset type, an INVALID_ARGUMENT error will be returned. 9164 func (c *V1SearchAllResourcesCall) AssetTypes(assetTypes ...string) *V1SearchAllResourcesCall { 9165 c.urlParams_.SetMulti("assetTypes", append([]string{}, assetTypes...)) 9166 return c 9167 } 9168 9169 // OrderBy sets the optional parameter "orderBy": A comma-separated list of 9170 // fields specifying the sorting order of the results. The default order is 9171 // ascending. Add " DESC" after the field name to indicate descending order. 9172 // Redundant space characters are ignored. Example: "location DESC, name". Only 9173 // the following fields in the response are sortable: * name * assetType * 9174 // project * displayName * description * location * createTime * updateTime * 9175 // state * parentFullResourceName * parentAssetType 9176 func (c *V1SearchAllResourcesCall) OrderBy(orderBy string) *V1SearchAllResourcesCall { 9177 c.urlParams_.Set("orderBy", orderBy) 9178 return c 9179 } 9180 9181 // PageSize sets the optional parameter "pageSize": The page size for search 9182 // result pagination. Page size is capped at 500 even if a larger value is 9183 // given. If set to zero or a negative value, server will pick an appropriate 9184 // default. Returned results may be fewer than requested. When this happens, 9185 // there could be more results as long as `next_page_token` is returned. 9186 func (c *V1SearchAllResourcesCall) PageSize(pageSize int64) *V1SearchAllResourcesCall { 9187 c.urlParams_.Set("pageSize", fmt.Sprint(pageSize)) 9188 return c 9189 } 9190 9191 // PageToken sets the optional parameter "pageToken": If present, then retrieve 9192 // the next batch of results from the preceding call to this method. 9193 // `page_token` must be the value of `next_page_token` from the previous 9194 // response. The values of all other method parameters, must be identical to 9195 // those in the previous call. 9196 func (c *V1SearchAllResourcesCall) PageToken(pageToken string) *V1SearchAllResourcesCall { 9197 c.urlParams_.Set("pageToken", pageToken) 9198 return c 9199 } 9200 9201 // Query sets the optional parameter "query": The query statement. See how to 9202 // construct a query 9203 // (https://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query) 9204 // for more information. If not specified or empty, it will search all the 9205 // resources within the specified `scope`. Examples: * `name:Important` to find 9206 // Google Cloud resources whose name contains `Important` as a word. * 9207 // `name=Important` to find the Google Cloud resource whose name is exactly 9208 // `Important`. * `displayName:Impor*` to find Google Cloud resources whose 9209 // display name contains `Impor` as a prefix of any word in the field. * 9210 // `location:us-west*` to find Google Cloud resources whose location contains 9211 // both `us` and `west` as prefixes. * `labels:prod` to find Google Cloud 9212 // resources whose labels contain `prod` as a key or value. * `labels.env:prod` 9213 // to find Google Cloud resources that have a label `env` and its value is 9214 // `prod`. * `labels.env:*` to find Google Cloud resources that have a label 9215 // `env`. * `tagKeys:env` to find Google Cloud resources that have directly 9216 // attached tags where the `TagKey.namespacedName` 9217 // (https://cloud.google.com/resource-manager/reference/rest/v3/tagKeys#resource:-tagkey) 9218 // contains `env`. * `tagValues:prod*` to find Google Cloud resources that have 9219 // directly attached tags where the `TagValue.namespacedName` 9220 // (https://cloud.google.com/resource-manager/reference/rest/v3/tagValues#resource:-tagvalue) 9221 // contains a word prefixed by `prod`. * `tagValueIds=tagValues/123` to find 9222 // Google Cloud resources that have directly attached tags where the 9223 // `TagValue.name` 9224 // (https://cloud.google.com/resource-manager/reference/rest/v3/tagValues#resource:-tagvalue) 9225 // is exactly `tagValues/123`. * `effectiveTagKeys:env` to find Google Cloud 9226 // resources that have directly attached or inherited tags where the 9227 // `TagKey.namespacedName` 9228 // (https://cloud.google.com/resource-manager/reference/rest/v3/tagKeys#resource:-tagkey) 9229 // contains `env`. * `effectiveTagValues:prod*` to find Google Cloud resources 9230 // that have directly attached or inherited tags where the 9231 // `TagValue.namespacedName` 9232 // (https://cloud.google.com/resource-manager/reference/rest/v3/tagValues#resource:-tagvalue) 9233 // contains a word prefixed by `prod`. * `effectiveTagValueIds=tagValues/123` 9234 // to find Google Cloud resources that have directly attached or inherited tags 9235 // where the `TagValue.name` 9236 // (https://cloud.google.com/resource-manager/reference/rest/v3/tagValues#resource:-tagvalue) 9237 // is exactly `tagValues/123`. * `kmsKey:key` to find Google Cloud resources 9238 // encrypted with a customer-managed encryption key whose name contains `key` 9239 // as a word. This field is deprecated. Use the `kmsKeys` field to retrieve 9240 // Cloud KMS key information. * `kmsKeys:key` to find Google Cloud resources 9241 // encrypted with customer-managed encryption keys whose name contains the word 9242 // `key`. * `relationships:instance-group-1` to find Google Cloud resources 9243 // that have relationships with `instance-group-1` in the related resource 9244 // name. * `relationships:INSTANCE_TO_INSTANCEGROUP` to find Compute Engine 9245 // instances that have relationships of type `INSTANCE_TO_INSTANCEGROUP`. * 9246 // `relationships.INSTANCE_TO_INSTANCEGROUP:instance-group-1` to find Compute 9247 // Engine instances that have relationships with `instance-group-1` in the 9248 // Compute Engine instance group resource name, for relationship type 9249 // `INSTANCE_TO_INSTANCEGROUP`. * `sccSecurityMarks.key=value` to find Cloud 9250 // resources that are attached with security marks whose key is `key` and value 9251 // is `value`. * `sccSecurityMarks.key:*` to find Cloud resources that are 9252 // attached with security marks whose key is `key`. * `state:ACTIVE` to find 9253 // Google Cloud resources whose state contains `ACTIVE` as a word. * `NOT 9254 // state:ACTIVE` to find Google Cloud resources whose state doesn't contain 9255 // `ACTIVE` as a word. * `createTime<1609459200` to find Google Cloud resources 9256 // that were created before `2021-01-01 00:00:00 UTC`. `1609459200` is the 9257 // epoch timestamp of `2021-01-01 00:00:00 UTC` in seconds. * 9258 // `updateTime>1609459200` to find Google Cloud resources that were updated 9259 // after `2021-01-01 00:00:00 UTC`. `1609459200` is the epoch timestamp of 9260 // `2021-01-01 00:00:00 UTC` in seconds. * `Important` to find Google Cloud 9261 // resources that contain `Important` as a word in any of the searchable 9262 // fields. * `Impor*` to find Google Cloud resources that contain `Impor` as a 9263 // prefix of any word in any of the searchable fields. * `Important 9264 // location:(us-west1 OR global)` to find Google Cloud resources that contain 9265 // `Important` as a word in any of the searchable fields and are also located 9266 // in the `us-west1` region or the `global` location. 9267 func (c *V1SearchAllResourcesCall) Query(query string) *V1SearchAllResourcesCall { 9268 c.urlParams_.Set("query", query) 9269 return c 9270 } 9271 9272 // ReadMask sets the optional parameter "readMask": A comma-separated list of 9273 // fields that you want returned in the results. The following fields are 9274 // returned by default if not specified: * `name` * `assetType` * `project` * 9275 // `folders` * `organization` * `displayName` * `description` * `location` * 9276 // `labels` * `tags` * `effectiveTags` * `networkTags` * `kmsKeys` * 9277 // `createTime` * `updateTime` * `state` * `additionalAttributes` * 9278 // `parentFullResourceName` * `parentAssetType` Some fields of large size, such 9279 // as `versionedResources`, `attachedResources`, `effectiveTags` etc., are not 9280 // returned by default, but you can specify them in the `read_mask` parameter 9281 // if you want to include them. If "*" is specified, all available fields 9282 // (https://cloud.google.com/asset-inventory/docs/reference/rest/v1/TopLevel/searchAllResources#resourcesearchresult) 9283 // are returned. Examples: "name,location", "name,versionedResources", 9284 // "*". Any invalid field path will trigger INVALID_ARGUMENT error. 9285 func (c *V1SearchAllResourcesCall) ReadMask(readMask string) *V1SearchAllResourcesCall { 9286 c.urlParams_.Set("readMask", readMask) 9287 return c 9288 } 9289 9290 // Fields allows partial responses to be retrieved. See 9291 // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more 9292 // details. 9293 func (c *V1SearchAllResourcesCall) Fields(s ...googleapi.Field) *V1SearchAllResourcesCall { 9294 c.urlParams_.Set("fields", googleapi.CombineFields(s)) 9295 return c 9296 } 9297 9298 // IfNoneMatch sets an optional parameter which makes the operation fail if the 9299 // object's ETag matches the given value. This is useful for getting updates 9300 // only after the object has changed since the last request. 9301 func (c *V1SearchAllResourcesCall) IfNoneMatch(entityTag string) *V1SearchAllResourcesCall { 9302 c.ifNoneMatch_ = entityTag 9303 return c 9304 } 9305 9306 // Context sets the context to be used in this call's Do method. 9307 func (c *V1SearchAllResourcesCall) Context(ctx context.Context) *V1SearchAllResourcesCall { 9308 c.ctx_ = ctx 9309 return c 9310 } 9311 9312 // Header returns a http.Header that can be modified by the caller to add 9313 // headers to the request. 9314 func (c *V1SearchAllResourcesCall) Header() http.Header { 9315 if c.header_ == nil { 9316 c.header_ = make(http.Header) 9317 } 9318 return c.header_ 9319 } 9320 9321 func (c *V1SearchAllResourcesCall) doRequest(alt string) (*http.Response, error) { 9322 reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_) 9323 if c.ifNoneMatch_ != "" { 9324 reqHeaders.Set("If-None-Match", c.ifNoneMatch_) 9325 } 9326 var body io.Reader = nil 9327 c.urlParams_.Set("alt", alt) 9328 c.urlParams_.Set("prettyPrint", "false") 9329 urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+scope}:searchAllResources") 9330 urls += "?" + c.urlParams_.Encode() 9331 req, err := http.NewRequest("GET", urls, body) 9332 if err != nil { 9333 return nil, err 9334 } 9335 req.Header = reqHeaders 9336 googleapi.Expand(req.URL, map[string]string{ 9337 "scope": c.scope, 9338 }) 9339 return gensupport.SendRequest(c.ctx_, c.s.client, req) 9340 } 9341 9342 // Do executes the "cloudasset.searchAllResources" call. 9343 // Any non-2xx status code is an error. Response headers are in either 9344 // *SearchAllResourcesResponse.ServerResponse.Header or (if a response was 9345 // returned at all) in error.(*googleapi.Error).Header. Use 9346 // googleapi.IsNotModified to check whether the returned error was because 9347 // http.StatusNotModified was returned. 9348 func (c *V1SearchAllResourcesCall) Do(opts ...googleapi.CallOption) (*SearchAllResourcesResponse, error) { 9349 gensupport.SetOptions(c.urlParams_, opts...) 9350 res, err := c.doRequest("json") 9351 if res != nil && res.StatusCode == http.StatusNotModified { 9352 if res.Body != nil { 9353 res.Body.Close() 9354 } 9355 return nil, gensupport.WrapError(&googleapi.Error{ 9356 Code: res.StatusCode, 9357 Header: res.Header, 9358 }) 9359 } 9360 if err != nil { 9361 return nil, err 9362 } 9363 defer googleapi.CloseBody(res) 9364 if err := googleapi.CheckResponse(res); err != nil { 9365 return nil, gensupport.WrapError(err) 9366 } 9367 ret := &SearchAllResourcesResponse{ 9368 ServerResponse: googleapi.ServerResponse{ 9369 Header: res.Header, 9370 HTTPStatusCode: res.StatusCode, 9371 }, 9372 } 9373 target := &ret 9374 if err := gensupport.DecodeResponse(target, res); err != nil { 9375 return nil, err 9376 } 9377 return ret, nil 9378 } 9379 9380 // Pages invokes f for each page of results. 9381 // A non-nil error returned from f will halt the iteration. 9382 // The provided context supersedes any context provided to the Context method. 9383 func (c *V1SearchAllResourcesCall) Pages(ctx context.Context, f func(*SearchAllResourcesResponse) error) error { 9384 c.ctx_ = ctx 9385 defer c.PageToken(c.urlParams_.Get("pageToken")) 9386 for { 9387 x, err := c.Do() 9388 if err != nil { 9389 return err 9390 } 9391 if err := f(x); err != nil { 9392 return err 9393 } 9394 if x.NextPageToken == "" { 9395 return nil 9396 } 9397 c.PageToken(x.NextPageToken) 9398 } 9399 } 9400