@@ -229,6 +229,95 @@ async def export_assets(self,
229229 # Done; return the response.
230230 return response
231231
232+ async def list_assets (self ,
233+ request : asset_service .ListAssetsRequest = None ,
234+ * ,
235+ parent : str = None ,
236+ retry : retries .Retry = gapic_v1 .method .DEFAULT ,
237+ timeout : float = None ,
238+ metadata : Sequence [Tuple [str , str ]] = (),
239+ ) -> pagers .ListAssetsAsyncPager :
240+ r"""Lists assets with time and resource types and returns
241+ paged results in response.
242+
243+ Args:
244+ request (:class:`google.cloud.asset_v1.types.ListAssetsRequest`):
245+ The request object. ListAssets request.
246+ parent (:class:`str`):
247+ Required. Name of the organization or project the assets
248+ belong to. Format: "organizations/[organization-number]"
249+ (such as "organizations/123"), "projects/[project-id]"
250+ (such as "projects/my-project-id"), or
251+ "projects/[project-number]" (such as "projects/12345").
252+
253+ This corresponds to the ``parent`` field
254+ on the ``request`` instance; if ``request`` is provided, this
255+ should not be set.
256+ retry (google.api_core.retry.Retry): Designation of what errors, if any,
257+ should be retried.
258+ timeout (float): The timeout for this request.
259+ metadata (Sequence[Tuple[str, str]]): Strings which should be
260+ sent along with the request as metadata.
261+
262+ Returns:
263+ google.cloud.asset_v1.services.asset_service.pagers.ListAssetsAsyncPager:
264+ ListAssets response.
265+ Iterating over this object will yield
266+ results and resolve additional pages
267+ automatically.
268+
269+ """
270+ # Create or coerce a protobuf request object.
271+ # Sanity check: If we got a request object, we should *not* have
272+ # gotten any keyword arguments that map to the request.
273+ has_flattened_params = any ([parent ])
274+ if request is not None and has_flattened_params :
275+ raise ValueError ("If the `request` argument is set, then none of "
276+ "the individual field arguments should be set." )
277+
278+ request = asset_service .ListAssetsRequest (request )
279+
280+ # If we have keyword arguments corresponding to fields on the
281+ # request, apply these.
282+ if parent is not None :
283+ request .parent = parent
284+
285+ # Wrap the RPC method; this adds retry and timeout information,
286+ # and friendly error handling.
287+ rpc = gapic_v1 .method_async .wrap_method (
288+ self ._client ._transport .list_assets ,
289+ default_timeout = None ,
290+ client_info = DEFAULT_CLIENT_INFO ,
291+ )
292+
293+ # Certain fields should be provided within the metadata header;
294+ # add these here.
295+ metadata = tuple (metadata ) + (
296+ gapic_v1 .routing_header .to_grpc_metadata ((
297+ ("parent" , request .parent ),
298+ )),
299+ )
300+
301+ # Send the request.
302+ response = await rpc (
303+ request ,
304+ retry = retry ,
305+ timeout = timeout ,
306+ metadata = metadata ,
307+ )
308+
309+ # This method is paged; wrap the response in a pager, which provides
310+ # an `__aiter__` convenience method.
311+ response = pagers .ListAssetsAsyncPager (
312+ method = rpc ,
313+ request = request ,
314+ response = response ,
315+ metadata = metadata ,
316+ )
317+
318+ # Done; return the response.
319+ return response
320+
232321 async def batch_get_assets_history (self ,
233322 request : asset_service .BatchGetAssetsHistoryRequest = None ,
234323 * ,
@@ -732,7 +821,7 @@ async def search_all_resources(self,
732821 Required. A scope can be a project, a folder, or an
733822 organization. The search is limited to the resources
734823 within the ``scope``. The caller must be granted the
735- ```cloudasset.assets.searchAllResources`` <http ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
824+ ```cloudasset.assets.searchAllResources`` <https ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
736825 permission on the desired scope.
737826
738827 The allowed values are:
@@ -748,40 +837,48 @@ async def search_all_resources(self,
748837 should not be set.
749838 query (:class:`str`):
750839 Optional. The query statement. See `how to construct a
751- query <http ://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query>`__
840+ query <https ://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query>`__
752841 for more information. If not specified or empty, it will
753842 search all the resources within the specified ``scope``.
754- Note that the query string is compared against each
755- Cloud IAM policy binding, including its members, roles,
756- and Cloud IAM conditions. The returned Cloud IAM
757- policies will only contain the bindings that match your
758- query. To learn more about the IAM policy structure, see
759- `IAM policy
760- doc <https://cloud.google.com/iam/docs/policies#structure>`__.
761843
762844 Examples:
763845
764846 - ``name:Important`` to find Cloud resources whose name
765847 contains "Important" as a word.
848+ - ``name=Important`` to find the Cloud resource whose
849+ name is exactly "Important".
766850 - ``displayName:Impor*`` to find Cloud resources whose
767- display name contains "Impor" as a prefix.
768- - ``description:*por*`` to find Cloud resources whose
769- description contains "por" as a substring.
851+ display name contains "Impor" as a prefix of any word
852+ in the field.
770853 - ``location:us-west*`` to find Cloud resources whose
771- location is prefixed with "us- west".
854+ location contains both "us" and " west" as prefixes .
772855 - ``labels:prod`` to find Cloud resources whose labels
773856 contain "prod" as a key or value.
774857 - ``labels.env:prod`` to find Cloud resources that have
775858 a label "env" and its value is "prod".
776859 - ``labels.env:*`` to find Cloud resources that have a
777860 label "env".
861+ - ``kmsKey:key`` to find Cloud resources encrypted with
862+ a customer-managed encryption key whose name contains
863+ the word "key".
864+ - ``state:ACTIVE`` to find Cloud resources whose state
865+ contains "ACTIVE" as a word.
866+ - ``NOT state:ACTIVE`` to find {{gcp_name}} resources
867+ whose state doesn't contain "ACTIVE" as a word.
868+ - ``createTime<1609459200`` to find Cloud resources
869+ that were created before "2021-01-01 00:00:00 UTC".
870+ 1609459200 is the epoch timestamp of "2021-01-01
871+ 00:00:00 UTC" in seconds.
872+ - ``updateTime>1609459200`` to find Cloud resources
873+ that were updated after "2021-01-01 00:00:00 UTC".
874+ 1609459200 is the epoch timestamp of "2021-01-01
875+ 00:00:00 UTC" in seconds.
778876 - ``Important`` to find Cloud resources that contain
779877 "Important" as a word in any of the searchable
780878 fields.
781879 - ``Impor*`` to find Cloud resources that contain
782- "Impor" as a prefix in any of the searchable fields.
783- - ``*por*`` to find Cloud resources that contain "por"
784- as a substring in any of the searchable fields.
880+ "Impor" as a prefix of any word in any of the
881+ searchable fields.
785882 - ``Important location:(us-west1 OR global)`` to find
786883 Cloud resources that contain "Important" as a word in
787884 any of the searchable fields and are also located in
@@ -796,6 +893,20 @@ async def search_all_resources(self,
796893 `searchable asset
797894 types <https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types>`__.
798895
896+ Regular expressions are also supported. For example:
897+
898+ - "compute.googleapis.com.*" snapshots resources whose
899+ asset type starts with "compute.googleapis.com".
900+ - ".*Instance" snapshots resources whose asset type
901+ ends with "Instance".
902+ - ".*Instance.*" snapshots resources whose asset type
903+ contains "Instance".
904+
905+ See `RE2 <https://github.com/google/re2/wiki/Syntax>`__
906+ for all supported regular expression syntax. If the
907+ regular expression does not match any supported asset
908+ type, an INVALID_ARGUMENT error will be returned.
909+
799910 This corresponds to the ``asset_types`` field
800911 on the ``request`` instance; if ``request`` is provided, this
801912 should not be set.
@@ -896,7 +1007,7 @@ async def search_all_iam_policies(self,
8961007 Required. A scope can be a project, a folder, or an
8971008 organization. The search is limited to the IAM policies
8981009 within the ``scope``. The caller must be granted the
899- ```cloudasset.assets.searchAllIamPolicies`` <http ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
1010+ ```cloudasset.assets.searchAllIamPolicies`` <https ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
9001011 permission on the desired scope.
9011012
9021013 The allowed values are:
@@ -915,34 +1026,54 @@ async def search_all_iam_policies(self,
9151026 query <https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query>`__
9161027 for more information. If not specified or empty, it will
9171028 search all the IAM policies within the specified
918- ``scope``.
1029+ ``scope``. Note that the query string is compared
1030+ against each Cloud IAM policy binding, including its
1031+ members, roles, and Cloud IAM conditions. The returned
1032+ Cloud IAM policies will only contain the bindings that
1033+ match your query. To learn more about the IAM policy
1034+ structure, see `IAM policy
1035+ doc <https://cloud.google.com/iam/docs/policies#structure>`__.
9191036
9201037 Examples:
9211038
9221039 - ``policy:amy@gmail.com`` to find IAM policy bindings
9231040 that specify user "amy@gmail.com".
9241041 - ``policy:roles/compute.admin`` to find IAM policy
9251042 bindings that specify the Compute Admin role.
1043+ - ``policy:comp*`` to find IAM policy bindings that
1044+ contain "comp" as a prefix of any word in the
1045+ binding.
9261046 - ``policy.role.permissions:storage.buckets.update`` to
9271047 find IAM policy bindings that specify a role
9281048 containing "storage.buckets.update" permission. Note
9291049 that if callers don't have ``iam.roles.get`` access
9301050 to a role's included permissions, policy bindings
9311051 that specify this role will be dropped from the
9321052 search results.
1053+ - ``policy.role.permissions:upd*`` to find IAM policy
1054+ bindings that specify a role containing "upd" as a
1055+ prefix of any word in the role permission. Note that
1056+ if callers don't have ``iam.roles.get`` access to a
1057+ role's included permissions, policy bindings that
1058+ specify this role will be dropped from the search
1059+ results.
9331060 - ``resource:organizations/123456`` to find IAM policy
9341061 bindings that are set on "organizations/123456".
1062+ - ``resource=//cloudresourcemanager.googleapis.com/projects/myproject``
1063+ to find IAM policy bindings that are set on the
1064+ project named "myproject".
9351065 - ``Important`` to find IAM policy bindings that
9361066 contain "Important" as a word in any of the
9371067 searchable fields (except for the included
9381068 permissions).
939- - ``*por*`` to find IAM policy bindings that contain
940- "por" as a substring in any of the searchable fields
941- (except for the included permissions).
9421069 - ``resource:(instance1 OR instance2) policy:amy`` to
9431070 find IAM policy bindings that are set on resources
9441071 "instance1" or "instance2" and also specify user
9451072 "amy".
1073+ - ``roles:roles/compute.admin`` to find IAM policy
1074+ bindings that specify the Compute Admin role.
1075+ - ``memberTypes:user`` to find IAM policy bindings that
1076+ contain the "user" member type.
9461077
9471078 This corresponds to the ``query`` field
9481079 on the ``request`` instance; if ``request`` is provided, this
0 commit comments