@@ -236,6 +236,98 @@ async def export_assets(
236236 # Done; return the response.
237237 return response
238238
239+ async def list_assets (
240+ self ,
241+ request : asset_service .ListAssetsRequest = None ,
242+ * ,
243+ parent : str = None ,
244+ retry : retries .Retry = gapic_v1 .method .DEFAULT ,
245+ timeout : float = None ,
246+ metadata : Sequence [Tuple [str , str ]] = (),
247+ ) -> pagers .ListAssetsAsyncPager :
248+ r"""Lists assets with time and resource types and returns
249+ paged results in response.
250+
251+ Args:
252+ request (:class:`google.cloud.asset_v1.types.ListAssetsRequest`):
253+ The request object. ListAssets request.
254+ parent (:class:`str`):
255+ Required. Name of the organization or project the assets
256+ belong to. Format: "organizations/[organization-number]"
257+ (such as "organizations/123"), "projects/[project-id]"
258+ (such as "projects/my-project-id"), or
259+ "projects/[project-number]" (such as "projects/12345").
260+
261+ This corresponds to the ``parent`` field
262+ on the ``request`` instance; if ``request`` is provided, this
263+ should not be set.
264+ retry (google.api_core.retry.Retry): Designation of what errors, if any,
265+ should be retried.
266+ timeout (float): The timeout for this request.
267+ metadata (Sequence[Tuple[str, str]]): Strings which should be
268+ sent along with the request as metadata.
269+
270+ Returns:
271+ google.cloud.asset_v1.services.asset_service.pagers.ListAssetsAsyncPager:
272+ ListAssets response.
273+ Iterating over this object will yield
274+ results and resolve additional pages
275+ automatically.
276+
277+ """
278+ # Create or coerce a protobuf request object.
279+ # Sanity check: If we got a request object, we should *not* have
280+ # gotten any keyword arguments that map to the request.
281+ has_flattened_params = any ([parent ])
282+ if request is not None and has_flattened_params :
283+ raise ValueError (
284+ "If the `request` argument is set, then none of "
285+ "the individual field arguments should be set."
286+ )
287+
288+ request = asset_service .ListAssetsRequest (request )
289+
290+ # If we have keyword arguments corresponding to fields on the
291+ # request, apply these.
292+ if parent is not None :
293+ request .parent = parent
294+
295+ # Wrap the RPC method; this adds retry and timeout information,
296+ # and friendly error handling.
297+ rpc = gapic_v1 .method_async .wrap_method (
298+ self ._client ._transport .list_assets ,
299+ default_retry = retries .Retry (
300+ initial = 0.1 ,
301+ maximum = 60.0 ,
302+ multiplier = 1.3 ,
303+ predicate = retries .if_exception_type (
304+ core_exceptions .DeadlineExceeded ,
305+ core_exceptions .ServiceUnavailable ,
306+ ),
307+ deadline = 60.0 ,
308+ ),
309+ default_timeout = 60.0 ,
310+ client_info = DEFAULT_CLIENT_INFO ,
311+ )
312+
313+ # Certain fields should be provided within the metadata header;
314+ # add these here.
315+ metadata = tuple (metadata ) + (
316+ gapic_v1 .routing_header .to_grpc_metadata ((("parent" , request .parent ),)),
317+ )
318+
319+ # Send the request.
320+ response = await rpc (request , retry = retry , timeout = timeout , metadata = metadata ,)
321+
322+ # This method is paged; wrap the response in a pager, which provides
323+ # an `__aiter__` convenience method.
324+ response = pagers .ListAssetsAsyncPager (
325+ method = rpc , request = request , response = response , metadata = metadata ,
326+ )
327+
328+ # Done; return the response.
329+ return response
330+
239331 async def batch_get_assets_history (
240332 self ,
241333 request : asset_service .BatchGetAssetsHistoryRequest = None ,
@@ -730,7 +822,7 @@ async def search_all_resources(
730822 Required. A scope can be a project, a folder, or an
731823 organization. The search is limited to the resources
732824 within the ``scope``. The caller must be granted the
733- ```cloudasset.assets.searchAllResources`` <http ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
825+ ```cloudasset.assets.searchAllResources`` <https ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
734826 permission on the desired scope.
735827
736828 The allowed values are:
@@ -746,40 +838,48 @@ async def search_all_resources(
746838 should not be set.
747839 query (:class:`str`):
748840 Optional. The query statement. See `how to construct a
749- query <http ://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query>`__
841+ query <https ://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query>`__
750842 for more information. If not specified or empty, it will
751843 search all the resources within the specified ``scope``.
752- Note that the query string is compared against each
753- Cloud IAM policy binding, including its members, roles,
754- and Cloud IAM conditions. The returned Cloud IAM
755- policies will only contain the bindings that match your
756- query. To learn more about the IAM policy structure, see
757- `IAM policy
758- doc <https://cloud.google.com/iam/docs/policies#structure>`__.
759844
760845 Examples:
761846
762847 - ``name:Important`` to find Cloud resources whose name
763848 contains "Important" as a word.
849+ - ``name=Important`` to find the Cloud resource whose
850+ name is exactly "Important".
764851 - ``displayName:Impor*`` to find Cloud resources whose
765- display name contains "Impor" as a prefix.
766- - ``description:*por*`` to find Cloud resources whose
767- description contains "por" as a substring.
852+ display name contains "Impor" as a prefix of any word
853+ in the field.
768854 - ``location:us-west*`` to find Cloud resources whose
769- location is prefixed with "us- west".
855+ location contains both "us" and " west" as prefixes .
770856 - ``labels:prod`` to find Cloud resources whose labels
771857 contain "prod" as a key or value.
772858 - ``labels.env:prod`` to find Cloud resources that have
773859 a label "env" and its value is "prod".
774860 - ``labels.env:*`` to find Cloud resources that have a
775861 label "env".
862+ - ``kmsKey:key`` to find Cloud resources encrypted with
863+ a customer-managed encryption key whose name contains
864+ the word "key".
865+ - ``state:ACTIVE`` to find Cloud resources whose state
866+ contains "ACTIVE" as a word.
867+ - ``NOT state:ACTIVE`` to find {{gcp_name}} resources
868+ whose state doesn't contain "ACTIVE" as a word.
869+ - ``createTime<1609459200`` to find Cloud resources
870+ that were created before "2021-01-01 00:00:00 UTC".
871+ 1609459200 is the epoch timestamp of "2021-01-01
872+ 00:00:00 UTC" in seconds.
873+ - ``updateTime>1609459200`` to find Cloud resources
874+ that were updated after "2021-01-01 00:00:00 UTC".
875+ 1609459200 is the epoch timestamp of "2021-01-01
876+ 00:00:00 UTC" in seconds.
776877 - ``Important`` to find Cloud resources that contain
777878 "Important" as a word in any of the searchable
778879 fields.
779880 - ``Impor*`` to find Cloud resources that contain
780- "Impor" as a prefix in any of the searchable fields.
781- - ``*por*`` to find Cloud resources that contain "por"
782- as a substring in any of the searchable fields.
881+ "Impor" as a prefix of any word in any of the
882+ searchable fields.
783883 - ``Important location:(us-west1 OR global)`` to find
784884 Cloud resources that contain "Important" as a word in
785885 any of the searchable fields and are also located in
@@ -794,6 +894,20 @@ async def search_all_resources(
794894 `searchable asset
795895 types <https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types>`__.
796896
897+ Regular expressions are also supported. For example:
898+
899+ - "compute.googleapis.com.*" snapshots resources whose
900+ asset type starts with "compute.googleapis.com".
901+ - ".*Instance" snapshots resources whose asset type
902+ ends with "Instance".
903+ - ".*Instance.*" snapshots resources whose asset type
904+ contains "Instance".
905+
906+ See `RE2 <https://github.com/google/re2/wiki/Syntax>`__
907+ for all supported regular expression syntax. If the
908+ regular expression does not match any supported asset
909+ type, an INVALID_ARGUMENT error will be returned.
910+
797911 This corresponds to the ``asset_types`` field
798912 on the ``request`` instance; if ``request`` is provided, this
799913 should not be set.
@@ -890,7 +1004,7 @@ async def search_all_iam_policies(
8901004 Required. A scope can be a project, a folder, or an
8911005 organization. The search is limited to the IAM policies
8921006 within the ``scope``. The caller must be granted the
893- ```cloudasset.assets.searchAllIamPolicies`` <http ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
1007+ ```cloudasset.assets.searchAllIamPolicies`` <https ://cloud.google.com/asset-inventory/docs/access-control#required_permissions>`__
8941008 permission on the desired scope.
8951009
8961010 The allowed values are:
@@ -909,30 +1023,46 @@ async def search_all_iam_policies(
9091023 query <https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query>`__
9101024 for more information. If not specified or empty, it will
9111025 search all the IAM policies within the specified
912- ``scope``.
1026+ ``scope``. Note that the query string is compared
1027+ against each Cloud IAM policy binding, including its
1028+ members, roles, and Cloud IAM conditions. The returned
1029+ Cloud IAM policies will only contain the bindings that
1030+ match your query. To learn more about the IAM policy
1031+ structure, see `IAM policy
1032+ doc <https://cloud.google.com/iam/docs/policies#structure>`__.
9131033
9141034 Examples:
9151035
9161036 - ``policy:amy@gmail.com`` to find IAM policy bindings
9171037 that specify user "amy@gmail.com".
9181038 - ``policy:roles/compute.admin`` to find IAM policy
9191039 bindings that specify the Compute Admin role.
1040+ - ``policy:comp*`` to find IAM policy bindings that
1041+ contain "comp" as a prefix of any word in the
1042+ binding.
9201043 - ``policy.role.permissions:storage.buckets.update`` to
9211044 find IAM policy bindings that specify a role
9221045 containing "storage.buckets.update" permission. Note
9231046 that if callers don't have ``iam.roles.get`` access
9241047 to a role's included permissions, policy bindings
9251048 that specify this role will be dropped from the
9261049 search results.
1050+ - ``policy.role.permissions:upd*`` to find IAM policy
1051+ bindings that specify a role containing "upd" as a
1052+ prefix of any word in the role permission. Note that
1053+ if callers don't have ``iam.roles.get`` access to a
1054+ role's included permissions, policy bindings that
1055+ specify this role will be dropped from the search
1056+ results.
9271057 - ``resource:organizations/123456`` to find IAM policy
9281058 bindings that are set on "organizations/123456".
1059+ - ``resource=//cloudresourcemanager.googleapis.com/projects/myproject``
1060+ to find IAM policy bindings that are set on the
1061+ project named "myproject".
9291062 - ``Important`` to find IAM policy bindings that
9301063 contain "Important" as a word in any of the
9311064 searchable fields (except for the included
9321065 permissions).
933- - ``*por*`` to find IAM policy bindings that contain
934- "por" as a substring in any of the searchable fields
935- (except for the included permissions).
9361066 - ``resource:(instance1 OR instance2) policy:amy`` to
9371067 find IAM policy bindings that are set on resources
9381068 "instance1" or "instance2" and also specify user
![gcf-owl-bot[bot]](https://avatars.githubusercontent.com/in/99011?v=4&size=40){kind=avatar}
0 commit comments