AssetServiceClient

AssetServiceClient

Asset service definition.

Constructor

new AssetServiceClient(optionsopt, gaxInstanceopt)

Construct an instance of AssetServiceClient.

Parameters:
Name Type Attributes Description
options object <optional>

The configuration object. The options accepted by the constructor are described in detail in this document. The common options are:

Properties
Name Type Attributes Description
credentials object <optional>

Credentials object.

Properties
Name Type Attributes Description
client_email string <optional>
private_key string <optional>
email string <optional>

Account email address. Required when using a .pem or .p12 keyFilename.
keyFilename string <optional>

Full path to the a .json, .pem, or .p12 key downloaded from the Google Developers Console. If you provide a path to a JSON file, the projectId option below is not necessary. NOTE: .pem and .p12 require you to specify options.email as well.
port number <optional>

The port on which to connect to the remote host.
projectId string <optional>

The project ID from the Google Developer's Console, e.g. 'grape-spaceship-123'. We will also check the environment variable GCLOUD_PROJECT for your project ID. If your app is running in an environment which supports Application Default Credentials, your project ID will be detected automatically.
apiEndpoint string <optional>

The domain name of the API remote host.
clientConfig gax.ClientConfig <optional>

Client configuration override. Follows the structure of gapicConfig.
fallback boolean | "rest" <optional>

Use HTTP fallback mode. Pass "rest" to use HTTP/1.1 REST API instead of gRPC. For more information, please check the documentation.
gaxInstance gax <optional>

loaded instance of google-gax. Useful if you need to avoid loading the default gRPC version and want to use the fallback HTTP implementation. Load only fallback version and pass it to the constructor: const gax = require('google-gax/build/src/fallback'); // avoids loading google-gax with gRPC const client = new AssetServiceClient({fallback: 'rest'}, gax);

Members

apiEndpoint

The DNS address for this API service - same as servicePath(), exists for compatibility reasons.

port

The port for this API service.

scopes

The scopes needed to make gRPC calls for every method defined in this service.

servicePath

The DNS address for this API service.

Methods

accessLevelPath(access_policy, access_level) → {string}

Return a fully-qualified accessLevel resource name string.

Parameters:
Name Type Description
access_policy string
access_level string
Returns:
Type Description
string

Resource name string.

accessPolicyPath(access_policy) → {string}

Return a fully-qualified accessPolicy resource name string.

Parameters:
Name Type Description
access_policy string
Returns:
Type Description
string

Resource name string.

cancelOperation(request, optionsopt, callbackopt) → {Promise}

Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to Code.CANCELLED.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

The name of the operation resource to be cancelled.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.
Returns:
Type Description
Promise
  • The promise which resolves when API call finishes. The promise has a method named "cancel" which cancels the ongoing API call.
Example
```
const client = longrunning.operationsClient();
await client.cancelOperation({name: ''});
```

(async) checkAnalyzeIamPolicyLongrunningProgress(name) → {Promise}

Check the status of the long running operation returned by analyzeIamPolicyLongrunning().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The request query.
   */
  // const analysisQuery = {}
  /**
   *  Optional. The name of a saved query, which must be in the format of:
   *  * projects/project_number/savedQueries/saved_query_id
   *  * folders/folder_number/savedQueries/saved_query_id
   *  * organizations/organization_number/savedQueries/saved_query_id
   *  If both `analysis_query` and `saved_analysis_query` are provided, they
   *  will be merged together with the `saved_analysis_query` as base and
   *  the `analysis_query` as overrides. For more details of the merge behavior,
   *  please refer to the
   *  MergeFrom (https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.message#Message.MergeFrom.details)
   *  doc.
   *  Note that you cannot override primitive fields with default value, such as
   *  0 or empty string, etc., because we use proto3, which doesn't support field
   *  presence yet.
   */
  // const savedAnalysisQuery = 'abc123'
  /**
   *  Required. Output configuration indicating where the results will be output
   *  to.
   */
  // const outputConfig = {}

  // Imports the Asset library
  const {AssetServiceClient} = require('@google-cloud/asset').v1;

  // Instantiates a client
  const assetClient = new AssetServiceClient();

  async function callAnalyzeIamPolicyLongrunning() {
    // Construct request
    const request = {
      analysisQuery,
      outputConfig,
    };

    // Run request
    const [operation] = await assetClient.analyzeIamPolicyLongrunning(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callAnalyzeIamPolicyLongrunning();

(async) checkExportAssetsProgress(name) → {Promise}

Check the status of the long running operation returned by exportAssets().

Parameters:
Name Type Description
name String

The operation name that will be passed.
Returns:
Type Description
Promise
  • The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The relative name of the root asset. This can only be an
   *  organization number (such as "organizations/123"), a project ID (such as
   *  "projects/my-project-id"), or a project number (such as "projects/12345"),
   *  or a folder number (such as "folders/123").
   */
  // const parent = 'abc123'
  /**
   *  Timestamp to take an asset snapshot. This can only be set to a timestamp
   *  between the current time and the current time minus 35 days (inclusive).
   *  If not specified, the current time will be used. Due to delays in resource
   *  data collection and indexing, there is a volatile window during which
   *  running the same query may get different results.
   */
  // const readTime = {}
  /**
   *  A list of asset types to take a snapshot for. For example:
   *  "compute.googleapis.com/Disk".
   *  Regular expressions are also supported. For example:
   *  * "compute.googleapis.com.*" snapshots resources whose asset type starts
   *  with "compute.googleapis.com".
   *  * ".*Instance" snapshots resources whose asset type ends with "Instance".
   *  * ".*Instance.*" snapshots resources whose asset type contains "Instance".
   *  See RE2 (https://github.com/google/re2/wiki/Syntax) for all supported
   *  regular expression syntax. If the regular expression does not match any
   *  supported asset type, an INVALID_ARGUMENT error will be returned.
   *  If specified, only matching assets will be returned, otherwise, it will
   *  snapshot all asset types. See Introduction to Cloud Asset
   *  Inventory (https://cloud.google.com/asset-inventory/docs/overview)
   *  for all supported asset types.
   */
  // const assetTypes = 'abc123'
  /**
   *  Asset content type. If not specified, no content but the asset name will be
   *  returned.
   */
  // const contentType = {}
  /**
   *  Required. Output configuration indicating where the results will be output
   *  to.
   */
  // const outputConfig = {}
  /**
   *  A list of relationship types to export, for example:
   *  `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
   *  content_type=RELATIONSHIP.
   *  * If specified:
   *  it snapshots specified relationships. It returns an error if
   *  any of the relationship_types  doesn't belong to the supported
   *  relationship types of the asset_types  or if any of the asset_types 
   *  doesn't belong to the source types of the relationship_types.
   *  * Otherwise:
   *  it snapshots the supported relationships for all asset_types  or returns
   *  an error if any of the asset_types  has no relationship support.
   *  An unspecified asset types field means all supported asset_types.
   *  See Introduction to Cloud Asset
   *  Inventory (https://cloud.google.com/asset-inventory/docs/overview) for all
   *  supported asset types and relationship types.
   */
  // const relationshipTypes = 'abc123'

  // Imports the Asset library
  const {AssetServiceClient} = require('@google-cloud/asset').v1;

  // Instantiates a client
  const assetClient = new AssetServiceClient();

  async function callExportAssets() {
    // Construct request
    const request = {
      parent,
      outputConfig,
    };

    // Run request
    const [operation] = await assetClient.exportAssets(request);
    const [response] = await operation.promise();
    console.log(response);
  }

  callExportAssets();

close() → {Promise}

Terminate the gRPC channel and close the client.

The client will no longer be usable and all future behavior is undefined.

Returns:
Type Description
Promise

A promise that resolves when the client is closed.

deleteOperation(request, optionsopt, callbackopt) → {Promise}

Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

The name of the operation resource to be deleted.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.
Returns:
Type Description
Promise
  • The promise which resolves when API call finishes. The promise has a method named "cancel" which cancels the ongoing API call.
Example
```
const client = longrunning.operationsClient();
await client.deleteOperation({name: ''});
```

folderFeedPath(folder, feed) → {string}

Return a fully-qualified folderFeed resource name string.

Parameters:
Name Type Description
folder string
feed string
Returns:
Type Description
string

Resource name string.

folderSavedQueryPath(folder, saved_query) → {string}

Return a fully-qualified folderSavedQuery resource name string.

Parameters:
Name Type Description
folder string
saved_query string
Returns:
Type Description
string

Resource name string.

getOperation(request, optionsopt, callbackopt) → {Promise}

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

The name of the operation resource.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing google.longrunning.Operation.
Returns:
Type Description
Promise
  • The promise which resolves to an array. The first element of the array is an object representing google.longrunning.Operation. The promise has a method named "cancel" which cancels the ongoing API call.
Example
```
const client = longrunning.operationsClient();
const name = '';
const [response] = await client.getOperation({name});
// doThingsWith(response)
```

getProjectId() → {Promise}

Return the project ID used by this class.

Returns:
Type Description
Promise

A promise that resolves to string containing the project ID.

initialize() → {Promise}

Initialize the client. Performs asynchronous operations (such as authentication) and prepares the client. This function will be called automatically when any class method is called for the first time, but if you need to initialize it before calling an actual method, feel free to call initialize() directly.

You can await on this method if you want to make sure the client is initialized.

Returns:
Type Description
Promise

A promise that resolves to an authenticated service stub.

inventoryPath(project, location, instance) → {string}

Return a fully-qualified inventory resource name string.

Parameters:
Name Type Description
project string
location string
instance string
Returns:
Type Description
string

Resource name string.

listAssetsAsync(request, optionsopt) → {Object}

Equivalent to listAssets, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
parent string

Required. Name of the organization, folder, or project the assets belong to. Format: "organizations/[organization-number]" (such as "organizations/123"), "projects/[project-id]" (such as "projects/my-project-id"), "projects/[project-number]" (such as "projects/12345"), or "folders/[folder-number]" (such as "folders/12345").
readTime google.protobuf.Timestamp

Timestamp to take an asset snapshot. This can only be set to a timestamp between the current time and the current time minus 35 days (inclusive). If not specified, the current time will be used. Due to delays in resource data collection and indexing, there is a volatile window during which running the same query may get different results.
assetTypes Array.<string>

A list of asset types to take a snapshot for. For example: "compute.googleapis.com/Disk".

Regular expression is also supported. For example:

  • "compute.googleapis.com.*" snapshots resources whose asset type starts with "compute.googleapis.com".
  • ".*Instance" snapshots resources whose asset type ends with "Instance".
  • ".Instance." snapshots resources whose asset type contains "Instance".

See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.

If specified, only matching assets will be returned, otherwise, it will snapshot all asset types. See Introduction to Cloud Asset Inventory for all supported asset types.
contentType google.cloud.asset.v1.ContentType

Asset content type. If not specified, no content but the asset name will be returned.
pageSize number

The maximum number of assets to be returned in a single response. Default is 100, minimum is 1, and maximum is 1000.
pageToken string

The next_page_token returned from the previous ListAssetsResponse, or unspecified for the first ListAssetsRequest. It is a continuation of a prior ListAssets call, and the API should return the next page of assets.
relationshipTypes Array.<string>

A list of relationship types to output, for example: INSTANCE_TO_INSTANCEGROUP. This field should only be specified if content_type=RELATIONSHIP.

  • If specified: it snapshots specified relationships. It returns an error if any of the [relationship_types] doesn't belong to the supported relationship types of the [asset_types] or if any of the [asset_types] doesn't belong to the source types of the [relationship_types].
  • Otherwise: it snapshots the supported relationships for all [asset_types] or returns an error if any of the [asset_types] has no relationship support. An unspecified asset types field means all supported asset_types. See Introduction to Cloud Asset Inventory for all supported asset types and relationship types.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Object

An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing Asset. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. Name of the organization, folder, or project the assets belong
   *  to. Format: "organizations/[organization-number]" (such as
   *  "organizations/123"), "projects/[project-id]" (such as
   *  "projects/my-project-id"), "projects/[project-number]" (such as
   *  "projects/12345"), or "folders/[folder-number]" (such as "folders/12345").
   */
  // const parent = 'abc123'
  /**
   *  Timestamp to take an asset snapshot. This can only be set to a timestamp
   *  between the current time and the current time minus 35 days (inclusive).
   *  If not specified, the current time will be used. Due to delays in resource
   *  data collection and indexing, there is a volatile window during which
   *  running the same query may get different results.
   */
  // const readTime = {}
  /**
   *  A list of asset types to take a snapshot for. For example:
   *  "compute.googleapis.com/Disk".
   *  Regular expression is also supported. For example:
   *  * "compute.googleapis.com.*" snapshots resources whose asset type starts
   *  with "compute.googleapis.com".
   *  * ".*Instance" snapshots resources whose asset type ends with "Instance".
   *  * ".*Instance.*" snapshots resources whose asset type contains "Instance".
   *  See RE2 (https://github.com/google/re2/wiki/Syntax) for all supported
   *  regular expression syntax. If the regular expression does not match any
   *  supported asset type, an INVALID_ARGUMENT error will be returned.
   *  If specified, only matching assets will be returned, otherwise, it will
   *  snapshot all asset types. See Introduction to Cloud Asset
   *  Inventory (https://cloud.google.com/asset-inventory/docs/overview)
   *  for all supported asset types.
   */
  // const assetTypes = 'abc123'
  /**
   *  Asset content type. If not specified, no content but the asset name will
   *  be returned.
   */
  // const contentType = {}
  /**
   *  The maximum number of assets to be returned in a single response. Default
   *  is 100, minimum is 1, and maximum is 1000.
   */
  // const pageSize = 1234
  /**
   *  The `next_page_token` returned from the previous `ListAssetsResponse`, or
   *  unspecified for the first `ListAssetsRequest`. It is a continuation of a
   *  prior `ListAssets` call, and the API should return the next page of assets.
   */
  // const pageToken = 'abc123'
  /**
   *  A list of relationship types to output, for example:
   *  `INSTANCE_TO_INSTANCEGROUP`. This field should only be specified if
   *  content_type=RELATIONSHIP.
   *  * If specified:
   *  it snapshots specified relationships. It returns an error if
   *  any of the relationship_types  doesn't belong to the supported
   *  relationship types of the asset_types  or if any of the asset_types 
   *  doesn't belong to the source types of the relationship_types.
   *  * Otherwise:
   *  it snapshots the supported relationships for all asset_types  or returns
   *  an error if any of the asset_types  has no relationship support.
   *  An unspecified asset types field means all supported asset_types.
   *  See Introduction to Cloud Asset
   *  Inventory (https://cloud.google.com/asset-inventory/docs/overview)
   *  for all supported asset types and relationship types.
   */
  // const relationshipTypes = 'abc123'

  // Imports the Asset library
  const {AssetServiceClient} = require('@google-cloud/asset').v1;

  // Instantiates a client
  const assetClient = new AssetServiceClient();

  async function callListAssets() {
    // Construct request
    const request = {
      parent,
    };

    // Run request
    const iterable = await assetClient.listAssetsAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callListAssets();

listAssetsStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
parent string

Required. Name of the organization, folder, or project the assets belong to. Format: "organizations/[organization-number]" (such as "organizations/123"), "projects/[project-id]" (such as "projects/my-project-id"), "projects/[project-number]" (such as "projects/12345"), or "folders/[folder-number]" (such as "folders/12345").
readTime google.protobuf.Timestamp

Timestamp to take an asset snapshot. This can only be set to a timestamp between the current time and the current time minus 35 days (inclusive). If not specified, the current time will be used. Due to delays in resource data collection and indexing, there is a volatile window during which running the same query may get different results.
assetTypes Array.<string>

A list of asset types to take a snapshot for. For example: "compute.googleapis.com/Disk".

Regular expression is also supported. For example:

  • "compute.googleapis.com.*" snapshots resources whose asset type starts with "compute.googleapis.com".
  • ".*Instance" snapshots resources whose asset type ends with "Instance".
  • ".Instance." snapshots resources whose asset type contains "Instance".

See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.

If specified, only matching assets will be returned, otherwise, it will snapshot all asset types. See Introduction to Cloud Asset Inventory for all supported asset types.
contentType google.cloud.asset.v1.ContentType

Asset content type. If not specified, no content but the asset name will be returned.
pageSize number

The maximum number of assets to be returned in a single response. Default is 100, minimum is 1, and maximum is 1000.
pageToken string

The next_page_token returned from the previous ListAssetsResponse, or unspecified for the first ListAssetsRequest. It is a continuation of a prior ListAssets call, and the API should return the next page of assets.
relationshipTypes Array.<string>

A list of relationship types to output, for example: INSTANCE_TO_INSTANCEGROUP. This field should only be specified if content_type=RELATIONSHIP.

  • If specified: it snapshots specified relationships. It returns an error if any of the [relationship_types] doesn't belong to the supported relationship types of the [asset_types] or if any of the [asset_types] doesn't belong to the source types of the [relationship_types].
  • Otherwise: it snapshots the supported relationships for all [asset_types] or returns an error if any of the [asset_types] has no relationship support. An unspecified asset types field means all supported asset_types. See Introduction to Cloud Asset Inventory for all supported asset types and relationship types.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Stream

An object stream which emits an object representing Asset on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using listAssetsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listOperationsAsync(request, optionsopt) → {Object}

Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns UNIMPLEMENTED. Returns an iterable object.

For-await-of syntax is used with the iterable to recursively get response element on-demand.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
name string

The name of the operation collection.
filter string

The standard list filter.
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
Returns:
Type Description
Object

An iterable Object that conforms to @link https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols.
Example
```
const client = longrunning.operationsClient();
for await (const response of client.listOperationsAsync(request));
// doThingsWith(response)
```

listSavedQueriesAsync(request, optionsopt) → {Object}

Equivalent to listSavedQueries, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The parent project/folder/organization whose savedQueries are to be listed. It can only be using project/folder/organization number (such as "folders/12345")", or a project ID (such as "projects/my-project-id").
filter string <optional>

Optional. The expression to filter resources. The expression is a list of zero or more restrictions combined via logical operators AND and OR. When AND and OR are both used in the expression, parentheses must be appropriately used to group the combinations. The expression may also contain regular expressions.

See https://google.aip.dev/160 for more information on the grammar.
pageSize number <optional>

Optional. The maximum number of saved queries to return per page. The service may return fewer than this value. If unspecified, at most 50 will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
pageToken string <optional>

Optional. A page token, received from a previous ListSavedQueries call. Provide this to retrieve the subsequent page.

When paginating, all other parameters provided to ListSavedQueries must match the call that provided the page token.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Object

An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing SavedQuery. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. The parent project/folder/organization whose savedQueries are to
   *  be listed. It can only be using project/folder/organization number (such as
   *  "folders/12345")", or a project ID (such as "projects/my-project-id").
   */
  // const parent = 'abc123'
  /**
   *  Optional. The expression to filter resources.
   *  The expression is a list of zero or more restrictions combined via logical
   *  operators `AND` and `OR`. When `AND` and `OR` are both used in the
   *  expression, parentheses must be appropriately used to group the
   *  combinations. The expression may also contain regular expressions.
   *  See https://google.aip.dev/160 for more information on the grammar.
   */
  // const filter = 'abc123'
  /**
   *  Optional. The maximum number of saved queries to return per page. The
   *  service may return fewer than this value. If unspecified, at most 50 will
   *  be returned.
   *   The maximum value is 1000; values above 1000 will be coerced to 1000.
   */
  // const pageSize = 1234
  /**
   *  Optional. A page token, received from a previous `ListSavedQueries` call.
   *  Provide this to retrieve the subsequent page.
   *  When paginating, all other parameters provided to `ListSavedQueries` must
   *  match the call that provided the page token.
   */
  // const pageToken = 'abc123'

  // Imports the Asset library
  const {AssetServiceClient} = require('@google-cloud/asset').v1;

  // Instantiates a client
  const assetClient = new AssetServiceClient();

  async function callListSavedQueries() {
    // Construct request
    const request = {
      parent,
    };

    // Run request
    const iterable = await assetClient.listSavedQueriesAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callListSavedQueries();

listSavedQueriesStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The parent project/folder/organization whose savedQueries are to be listed. It can only be using project/folder/organization number (such as "folders/12345")", or a project ID (such as "projects/my-project-id").
filter string <optional>

Optional. The expression to filter resources. The expression is a list of zero or more restrictions combined via logical operators AND and OR. When AND and OR are both used in the expression, parentheses must be appropriately used to group the combinations. The expression may also contain regular expressions.

See https://google.aip.dev/160 for more information on the grammar.
pageSize number <optional>

Optional. The maximum number of saved queries to return per page. The service may return fewer than this value. If unspecified, at most 50 will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
pageToken string <optional>

Optional. A page token, received from a previous ListSavedQueries call. Provide this to retrieve the subsequent page.

When paginating, all other parameters provided to ListSavedQueries must match the call that provided the page token.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Stream

An object stream which emits an object representing SavedQuery on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using listSavedQueriesAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

matchAccessLevelFromAccessLevelName(accessLevelName) → {string}

Parse the access_level from AccessLevel resource.

Parameters:
Name Type Description
accessLevelName string

A fully-qualified path representing AccessLevel resource.
Returns:
Type Description
string

A string representing the access_level.

matchAccessPolicyFromAccessLevelName(accessLevelName) → {string}

Parse the access_policy from AccessLevel resource.

Parameters:
Name Type Description
accessLevelName string

A fully-qualified path representing AccessLevel resource.
Returns:
Type Description
string

A string representing the access_policy.

matchAccessPolicyFromAccessPolicyName(accessPolicyName) → {string}

Parse the access_policy from AccessPolicy resource.

Parameters:
Name Type Description
accessPolicyName string

A fully-qualified path representing AccessPolicy resource.
Returns:
Type Description
string

A string representing the access_policy.

matchAccessPolicyFromServicePerimeterName(servicePerimeterName) → {string}

Parse the access_policy from ServicePerimeter resource.

Parameters:
Name Type Description
servicePerimeterName string

A fully-qualified path representing ServicePerimeter resource.
Returns:
Type Description
string

A string representing the access_policy.

matchFeedFromFolderFeedName(folderFeedName) → {string}

Parse the feed from FolderFeed resource.

Parameters:
Name Type Description
folderFeedName string

A fully-qualified path representing folder_feed resource.
Returns:
Type Description
string

A string representing the feed.

matchFeedFromOrganizationFeedName(organizationFeedName) → {string}

Parse the feed from OrganizationFeed resource.

Parameters:
Name Type Description
organizationFeedName string

A fully-qualified path representing organization_feed resource.
Returns:
Type Description
string

A string representing the feed.

matchFeedFromProjectFeedName(projectFeedName) → {string}

Parse the feed from ProjectFeed resource.

Parameters:
Name Type Description
projectFeedName string

A fully-qualified path representing project_feed resource.
Returns:
Type Description
string

A string representing the feed.

matchFolderFromFolderFeedName(folderFeedName) → {string}

Parse the folder from FolderFeed resource.

Parameters:
Name Type Description
folderFeedName string

A fully-qualified path representing folder_feed resource.
Returns:
Type Description
string

A string representing the folder.

matchFolderFromFolderSavedQueryName(folderSavedQueryName) → {string}

Parse the folder from FolderSavedQuery resource.

Parameters:
Name Type Description
folderSavedQueryName string

A fully-qualified path representing folder_saved_query resource.
Returns:
Type Description
string

A string representing the folder.

matchInstanceFromInventoryName(inventoryName) → {string}

Parse the instance from Inventory resource.

Parameters:
Name Type Description
inventoryName string

A fully-qualified path representing Inventory resource.
Returns:
Type Description
string

A string representing the instance.

matchLocationFromInventoryName(inventoryName) → {string}

Parse the location from Inventory resource.

Parameters:
Name Type Description
inventoryName string

A fully-qualified path representing Inventory resource.
Returns:
Type Description
string

A string representing the location.

matchOrganizationFromOrganizationFeedName(organizationFeedName) → {string}

Parse the organization from OrganizationFeed resource.

Parameters:
Name Type Description
organizationFeedName string

A fully-qualified path representing organization_feed resource.
Returns:
Type Description
string

A string representing the organization.

matchOrganizationFromOrganizationSavedQueryName(organizationSavedQueryName) → {string}

Parse the organization from OrganizationSavedQuery resource.

Parameters:
Name Type Description
organizationSavedQueryName string

A fully-qualified path representing organization_saved_query resource.
Returns:
Type Description
string

A string representing the organization.

matchProjectFromInventoryName(inventoryName) → {string}

Parse the project from Inventory resource.

Parameters:
Name Type Description
inventoryName string

A fully-qualified path representing Inventory resource.
Returns:
Type Description
string

A string representing the project.

matchProjectFromProjectFeedName(projectFeedName) → {string}

Parse the project from ProjectFeed resource.

Parameters:
Name Type Description
projectFeedName string

A fully-qualified path representing project_feed resource.
Returns:
Type Description
string

A string representing the project.

matchProjectFromProjectName(projectName) → {string}

Parse the project from Project resource.

Parameters:
Name Type Description
projectName string

A fully-qualified path representing Project resource.
Returns:
Type Description
string

A string representing the project.

matchProjectFromProjectSavedQueryName(projectSavedQueryName) → {string}

Parse the project from ProjectSavedQuery resource.

Parameters:
Name Type Description
projectSavedQueryName string

A fully-qualified path representing project_saved_query resource.
Returns:
Type Description
string

A string representing the project.

matchSavedQueryFromFolderSavedQueryName(folderSavedQueryName) → {string}

Parse the saved_query from FolderSavedQuery resource.

Parameters:
Name Type Description
folderSavedQueryName string

A fully-qualified path representing folder_saved_query resource.
Returns:
Type Description
string

A string representing the saved_query.

matchSavedQueryFromOrganizationSavedQueryName(organizationSavedQueryName) → {string}

Parse the saved_query from OrganizationSavedQuery resource.

Parameters:
Name Type Description
organizationSavedQueryName string

A fully-qualified path representing organization_saved_query resource.
Returns:
Type Description
string

A string representing the saved_query.

matchSavedQueryFromProjectSavedQueryName(projectSavedQueryName) → {string}

Parse the saved_query from ProjectSavedQuery resource.

Parameters:
Name Type Description
projectSavedQueryName string

A fully-qualified path representing project_saved_query resource.
Returns:
Type Description
string

A string representing the saved_query.

matchServicePerimeterFromServicePerimeterName(servicePerimeterName) → {string}

Parse the service_perimeter from ServicePerimeter resource.

Parameters:
Name Type Description
servicePerimeterName string

A fully-qualified path representing ServicePerimeter resource.
Returns:
Type Description
string

A string representing the service_perimeter.

organizationFeedPath(organization, feed) → {string}

Return a fully-qualified organizationFeed resource name string.

Parameters:
Name Type Description
organization string
feed string
Returns:
Type Description
string

Resource name string.

organizationSavedQueryPath(organization, saved_query) → {string}

Return a fully-qualified organizationSavedQuery resource name string.

Parameters:
Name Type Description
organization string
saved_query string
Returns:
Type Description
string

Resource name string.

projectFeedPath(project, feed) → {string}

Return a fully-qualified projectFeed resource name string.

Parameters:
Name Type Description
project string
feed string
Returns:
Type Description
string

Resource name string.

projectPath(project) → {string}

Return a fully-qualified project resource name string.

Parameters:
Name Type Description
project string
Returns:
Type Description
string

Resource name string.

projectSavedQueryPath(project, saved_query) → {string}

Return a fully-qualified projectSavedQuery resource name string.

Parameters:
Name Type Description
project string
saved_query string
Returns:
Type Description
string

Resource name string.

searchAllIamPoliciesAsync(request, optionsopt) → {Object}

Equivalent to searchAllIamPolicies, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
scope string

Required. A scope can be a project, a folder, or an organization. The search is limited to the IAM policies within the scope. The caller must be granted the cloudasset.assets.searchAllIamPolicies permission on the desired scope.

The allowed values are:

  • projects/{PROJECT_ID} (e.g., "projects/foo-bar")
  • projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
  • folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
  • organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
query string <optional>

Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the IAM policies within the specified scope. Note that the query string is compared against each Cloud IAM policy binding, including its principals, roles, and Cloud IAM conditions. The returned Cloud IAM policies will only contain the bindings that match your query. To learn more about the IAM policy structure, see the IAM policy documentation.

Examples:

  • policy:amy@gmail.com to find IAM policy bindings that specify user "amy@gmail.com".
  • policy:roles/compute.admin to find IAM policy bindings that specify the Compute Admin role.
  • policy:comp* to find IAM policy bindings that contain "comp" as a prefix of any word in the binding.
  • policy.role.permissions:storage.buckets.update to find IAM policy bindings that specify a role containing "storage.buckets.update" permission. Note that if callers don't have iam.roles.get access to a role's included permissions, policy bindings that specify this role will be dropped from the search results.
  • policy.role.permissions:upd* to find IAM policy bindings that specify a role containing "upd" as a prefix of any word in the role permission. Note that if callers don't have iam.roles.get access to a role's included permissions, policy bindings that specify this role will be dropped from the search results.
  • resource:organizations/123456 to find IAM policy bindings that are set on "organizations/123456".
  • resource=//cloudresourcemanager.googleapis.com/projects/myproject to find IAM policy bindings that are set on the project named "myproject".
  • Important to find IAM policy bindings that contain "Important" as a word in any of the searchable fields (except for the included permissions).
  • resource:(instance1 OR instance2) policy:amy to find IAM policy bindings that are set on resources "instance1" or "instance2" and also specify user "amy".
  • roles:roles/compute.admin to find IAM policy bindings that specify the Compute Admin role.
  • memberTypes:user to find IAM policy bindings that contain the principal type "user".
pageSize number <optional>

Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set to zero, server will pick an appropriate default. Returned results may be fewer than requested. When this happens, there could be more results as long as next_page_token is returned.
pageToken string <optional>

Optional. If present, retrieve the next batch of results from the preceding call to this method. page_token must be the value of next_page_token from the previous response. The values of all other method parameters must be identical to those in the previous call.
assetTypes Array.<string> <optional>

Optional. A list of asset types that the IAM policies are attached to. If empty, it will search the IAM policies that are attached to all the searchable asset types.

Regular expressions are also supported. For example:

  • "compute.googleapis.com.*" snapshots IAM policies attached to asset type starts with "compute.googleapis.com".
  • ".*Instance" snapshots IAM policies attached to asset type ends with "Instance".
  • ".Instance." snapshots IAM policies attached to asset type contains "Instance".

See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.
orderBy string <optional>

Optional. A comma-separated list of fields specifying the sorting order of the results. The default order is ascending. Add " DESC" after the field name to indicate descending order. Redundant space characters are ignored. Example: "assetType DESC, resource". Only singular primitive fields in the response are sortable: * resource * assetType * project All the other fields such as repeated fields (e.g., folders) and non-primitive fields (e.g., policy) are not supported.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Object

An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing IamPolicySearchResult. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. A scope can be a project, a folder, or an organization. The
   *  search is limited to the IAM policies within the `scope`. The caller must
   *  be granted the
   *  `cloudasset.assets.searchAllIamPolicies` (https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
   *  permission on the desired scope.
   *  The allowed values are:
   *  * projects/{PROJECT_ID} (e.g., "projects/foo-bar")
   *  * projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
   *  * folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
   *  * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
   */
  // const scope = 'abc123'
  /**
   *  Optional. The query statement. See how to construct a
   *  query (https://cloud.google.com/asset-inventory/docs/searching-iam-policies#how_to_construct_a_query)
   *  for more information. If not specified or empty, it will search all the
   *  IAM policies within the specified `scope`. Note that the query string is
   *  compared against each Cloud IAM policy binding, including its principals,
   *  roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
   *  contain the bindings that match your query. To learn more about the IAM
   *  policy structure, see the IAM policy
   *  documentation (https://cloud.google.com/iam/help/allow-policies/structure).
   *  Examples:
   *  * `policy:amy@gmail.com` to find IAM policy bindings that specify user
   *    "amy@gmail.com".
   *  * `policy:roles/compute.admin` to find IAM policy bindings that specify
   *    the Compute Admin role.
   *  * `policy:comp*` to find IAM policy bindings that contain "comp" as a
   *    prefix of any word in the binding.
   *  * `policy.role.permissions:storage.buckets.update` to find IAM policy
   *    bindings that specify a role containing "storage.buckets.update"
   *    permission. Note that if callers don't have `iam.roles.get` access to a
   *    role's included permissions, policy bindings that specify this role will
   *    be dropped from the search results.
   *  * `policy.role.permissions:upd*` to find IAM policy bindings that specify a
   *    role containing "upd" as a prefix of any word in the role permission.
   *    Note that if callers don't have `iam.roles.get` access to a role's
   *    included permissions, policy bindings that specify this role will be
   *    dropped from the search results.
   *  * `resource:organizations/123456` to find IAM policy bindings
   *    that are set on "organizations/123456".
   *  * `resource=//cloudresourcemanager.googleapis.com/projects/myproject` to
   *    find IAM policy bindings that are set on the project named "myproject".
   *  * `Important` to find IAM policy bindings that contain "Important" as a
   *    word in any of the searchable fields (except for the included
   *    permissions).
   *  * `resource:(instance1 OR instance2) policy:amy` to find
   *    IAM policy bindings that are set on resources "instance1" or
   *    "instance2" and also specify user "amy".
   *  * `roles:roles/compute.admin` to find IAM policy bindings that specify the
   *    Compute Admin role.
   *  * `memberTypes:user` to find IAM policy bindings that contain the
   *    principal type "user".
   */
  // const query = 'abc123'
  /**
   *  Optional. The page size for search result pagination. Page size is capped
   *  at 500 even if a larger value is given. If set to zero, server will pick an
   *  appropriate default. Returned results may be fewer than requested. When
   *  this happens, there could be more results as long as `next_page_token` is
   *  returned.
   */
  // const pageSize = 1234
  /**
   *  Optional. If present, retrieve the next batch of results from the preceding
   *  call to this method. `page_token` must be the value of `next_page_token`
   *  from the previous response. The values of all other method parameters must
   *  be identical to those in the previous call.
   */
  // const pageToken = 'abc123'
  /**
   *  Optional. A list of asset types that the IAM policies are attached to. If
   *  empty, it will search the IAM policies that are attached to all the
   *  searchable asset
   *  types (https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).
   *  Regular expressions are also supported. For example:
   *  * "compute.googleapis.com.*" snapshots IAM policies attached to asset type
   *  starts with "compute.googleapis.com".
   *  * ".*Instance" snapshots IAM policies attached to asset type ends with
   *  "Instance".
   *  * ".*Instance.*" snapshots IAM policies attached to asset type contains
   *  "Instance".
   *  See RE2 (https://github.com/google/re2/wiki/Syntax) for all supported
   *  regular expression syntax. If the regular expression does not match any
   *  supported asset type, an INVALID_ARGUMENT error will be returned.
   */
  // const assetTypes = 'abc123'
  /**
   *  Optional. A comma-separated list of fields specifying the sorting order of
   *  the results. The default order is ascending. Add " DESC" after the field
   *  name to indicate descending order. Redundant space characters are ignored.
   *  Example: "assetType DESC, resource".
   *  Only singular primitive fields in the response are sortable:
   *    * resource
   *    * assetType
   *    * project
   *  All the other fields such as repeated fields (e.g., `folders`) and
   *  non-primitive fields (e.g., `policy`) are not supported.
   */
  // const orderBy = 'abc123'

  // Imports the Asset library
  const {AssetServiceClient} = require('@google-cloud/asset').v1;

  // Instantiates a client
  const assetClient = new AssetServiceClient();

  async function callSearchAllIamPolicies() {
    // Construct request
    const request = {
      scope,
    };

    // Run request
    const iterable = await assetClient.searchAllIamPoliciesAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callSearchAllIamPolicies();

searchAllIamPoliciesStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
scope string

Required. A scope can be a project, a folder, or an organization. The search is limited to the IAM policies within the scope. The caller must be granted the cloudasset.assets.searchAllIamPolicies permission on the desired scope.

The allowed values are:

  • projects/{PROJECT_ID} (e.g., "projects/foo-bar")
  • projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
  • folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
  • organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
query string <optional>

Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the IAM policies within the specified scope. Note that the query string is compared against each Cloud IAM policy binding, including its principals, roles, and Cloud IAM conditions. The returned Cloud IAM policies will only contain the bindings that match your query. To learn more about the IAM policy structure, see the IAM policy documentation.

Examples:

  • policy:amy@gmail.com to find IAM policy bindings that specify user "amy@gmail.com".
  • policy:roles/compute.admin to find IAM policy bindings that specify the Compute Admin role.
  • policy:comp* to find IAM policy bindings that contain "comp" as a prefix of any word in the binding.
  • policy.role.permissions:storage.buckets.update to find IAM policy bindings that specify a role containing "storage.buckets.update" permission. Note that if callers don't have iam.roles.get access to a role's included permissions, policy bindings that specify this role will be dropped from the search results.
  • policy.role.permissions:upd* to find IAM policy bindings that specify a role containing "upd" as a prefix of any word in the role permission. Note that if callers don't have iam.roles.get access to a role's included permissions, policy bindings that specify this role will be dropped from the search results.
  • resource:organizations/123456 to find IAM policy bindings that are set on "organizations/123456".
  • resource=//cloudresourcemanager.googleapis.com/projects/myproject to find IAM policy bindings that are set on the project named "myproject".
  • Important to find IAM policy bindings that contain "Important" as a word in any of the searchable fields (except for the included permissions).
  • resource:(instance1 OR instance2) policy:amy to find IAM policy bindings that are set on resources "instance1" or "instance2" and also specify user "amy".
  • roles:roles/compute.admin to find IAM policy bindings that specify the Compute Admin role.
  • memberTypes:user to find IAM policy bindings that contain the principal type "user".
pageSize number <optional>

Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set to zero, server will pick an appropriate default. Returned results may be fewer than requested. When this happens, there could be more results as long as next_page_token is returned.
pageToken string <optional>

Optional. If present, retrieve the next batch of results from the preceding call to this method. page_token must be the value of next_page_token from the previous response. The values of all other method parameters must be identical to those in the previous call.
assetTypes Array.<string> <optional>

Optional. A list of asset types that the IAM policies are attached to. If empty, it will search the IAM policies that are attached to all the searchable asset types.

Regular expressions are also supported. For example:

  • "compute.googleapis.com.*" snapshots IAM policies attached to asset type starts with "compute.googleapis.com".
  • ".*Instance" snapshots IAM policies attached to asset type ends with "Instance".
  • ".Instance." snapshots IAM policies attached to asset type contains "Instance".

See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.
orderBy string <optional>

Optional. A comma-separated list of fields specifying the sorting order of the results. The default order is ascending. Add " DESC" after the field name to indicate descending order. Redundant space characters are ignored. Example: "assetType DESC, resource". Only singular primitive fields in the response are sortable: * resource * assetType * project All the other fields such as repeated fields (e.g., folders) and non-primitive fields (e.g., policy) are not supported.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Stream

An object stream which emits an object representing IamPolicySearchResult on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using searchAllIamPoliciesAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

searchAllResourcesAsync(request, optionsopt) → {Object}

Equivalent to searchAllResources, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
scope string

Required. A scope can be a project, a folder, or an organization. The search is limited to the resources within the scope. The caller must be granted the cloudasset.assets.searchAllResources permission on the desired scope.

The allowed values are:

  • projects/{PROJECT_ID} (e.g., "projects/foo-bar")
  • projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
  • folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
  • organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
query string <optional>

Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the resources within the specified scope.

Examples:

  • name:Important to find Cloud resources whose name contains "Important" as a word.
  • name=Important to find the Cloud resource whose name is exactly "Important".
  • displayName:Impor* to find Cloud resources whose display name contains "Impor" as a prefix of any word in the field.
  • location:us-west* to find Cloud resources whose location contains both "us" and "west" as prefixes.
  • labels:prod to find Cloud resources whose labels contain "prod" as a key or value.
  • labels.env:prod to find Cloud resources that have a label "env" and its value is "prod".
  • labels.env:* to find Cloud resources that have a label "env".
  • kmsKey:key to find Cloud resources encrypted with a customer-managed encryption key whose name contains the word "key".
  • relationships:instance-group-1 to find Cloud resources that have relationships with "instance-group-1" in the related resource name.
  • relationships:INSTANCE_TO_INSTANCEGROUP to find compute instances that have relationships of type "INSTANCE_TO_INSTANCEGROUP".
  • relationships.INSTANCE_TO_INSTANCEGROUP:instance-group-1 to find compute instances that have relationships with "instance-group-1" in the compute instance group resource name, for relationship type "INSTANCE_TO_INSTANCEGROUP".
  • state:ACTIVE to find Cloud resources whose state contains "ACTIVE" as a word.
  • NOT state:ACTIVE to find Cloud resources whose state doesn't contain "ACTIVE" as a word.
  • createTime<1609459200 to find Cloud resources that were created before "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00 UTC" in seconds.
  • updateTime>1609459200 to find Cloud resources that were updated after "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00 UTC" in seconds.
  • Important to find Cloud resources that contain "Important" as a word in any of the searchable fields.
  • Impor* to find Cloud resources that contain "Impor" as a prefix of any word in any of the searchable fields.
  • Important location:(us-west1 OR global) to find Cloud resources that contain "Important" as a word in any of the searchable fields and are also located in the "us-west1" region or the "global" location.
assetTypes Array.<string> <optional>

Optional. A list of asset types that this request searches for. If empty, it will search all the searchable asset types.

Regular expressions are also supported. For example:

  • "compute.googleapis.com.*" snapshots resources whose asset type starts with "compute.googleapis.com".
  • ".*Instance" snapshots resources whose asset type ends with "Instance".
  • ".Instance." snapshots resources whose asset type contains "Instance".

See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.
pageSize number <optional>

Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set to zero, server will pick an appropriate default. Returned results may be fewer than requested. When this happens, there could be more results as long as next_page_token is returned.
pageToken string <optional>

Optional. If present, then retrieve the next batch of results from the preceding call to this method. page_token must be the value of next_page_token from the previous response. The values of all other method parameters, must be identical to those in the previous call.
orderBy string <optional>

Optional. A comma-separated list of fields specifying the sorting order of the results. The default order is ascending. Add " DESC" after the field name to indicate descending order. Redundant space characters are ignored. Example: "location DESC, name". Only singular primitive fields in the response are sortable:

* name
* assetType
* project
* displayName
* description
* location
* kmsKey
* createTime
* updateTime
* state
* parentFullResourceName
* parentAssetType

All the other fields such as repeated fields (e.g., networkTags), map fields (e.g., labels) and struct fields (e.g., additionalAttributes) are not supported.
readMask google.protobuf.FieldMask <optional>

Optional. A comma-separated list of fields specifying which fields to be returned in ResourceSearchResult. Only '*' or combination of top level fields can be specified. Field names of both snake_case and camelCase are supported. Examples: "*", "name,location", "name,versionedResources".

The read_mask paths must be valid field paths listed but not limited to (both snake_case and camelCase are supported):

* name
* assetType
* project
* displayName
* description
* location
* tagKeys
* tagValues
* tagValueIds
* labels
* networkTags
* kmsKey
* createTime
* updateTime
* state
* additionalAttributes
* versionedResources

If read_mask is not specified, all fields except versionedResources will be returned. If only '*' is specified, all fields including versionedResources will be returned. Any invalid field path will trigger INVALID_ARGUMENT error.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Object

An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing ResourceSearchResult. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.
Example
  /**
   * This snippet has been automatically generated and should be regarded as a code template only.
   * It will require modifications to work.
   * It may require correct/in-range values for request initialization.
   * TODO(developer): Uncomment these variables before running the sample.
   */
  /**
   *  Required. A scope can be a project, a folder, or an organization. The
   *  search is limited to the resources within the `scope`. The caller must be
   *  granted the
   *  `cloudasset.assets.searchAllResources` (https://cloud.google.com/asset-inventory/docs/access-control#required_permissions)
   *  permission on the desired scope.
   *  The allowed values are:
   *  * projects/{PROJECT_ID} (e.g., "projects/foo-bar")
   *  * projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
   *  * folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
   *  * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
   */
  // const scope = 'abc123'
  /**
   *  Optional. The query statement. See how to construct a
   *  query (https://cloud.google.com/asset-inventory/docs/searching-resources#how_to_construct_a_query)
   *  for more information. If not specified or empty, it will search all the
   *  resources within the specified `scope`.
   *  Examples:
   *  * `name:Important` to find Cloud resources whose name contains
   *    "Important" as a word.
   *  * `name=Important` to find the Cloud resource whose name is exactly
   *    "Important".
   *  * `displayName:Impor*` to find Cloud resources whose display name
   *    contains "Impor" as a prefix of any word in the field.
   *  * `location:us-west*` to find Cloud resources whose location contains both
   *    "us" and "west" as prefixes.
   *  * `labels:prod` to find Cloud resources whose labels contain "prod" as
   *    a key or value.
   *  * `labels.env:prod` to find Cloud resources that have a label "env"
   *    and its value is "prod".
   *  * `labels.env:*` to find Cloud resources that have a label "env".
   *  * `kmsKey:key` to find Cloud resources encrypted with a customer-managed
   *    encryption key whose name contains the word "key".
   *  * `relationships:instance-group-1` to find Cloud resources that have
   *    relationships with "instance-group-1" in the related resource name.
   *  * `relationships:INSTANCE_TO_INSTANCEGROUP` to find compute instances that
   *    have relationships of type "INSTANCE_TO_INSTANCEGROUP".
   *  * `relationships.INSTANCE_TO_INSTANCEGROUP:instance-group-1` to find
   *    compute instances that have relationships with "instance-group-1" in the
   *    compute instance group resource name, for relationship type
   *    "INSTANCE_TO_INSTANCEGROUP".
   *  * `state:ACTIVE` to find Cloud resources whose state contains "ACTIVE" as a
   *    word.
   *  * `NOT state:ACTIVE` to find Cloud resources whose state doesn't contain
   *    "ACTIVE" as a word.
   *  * `createTime<1609459200` to find Cloud resources that were created before
   *    "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
   *    "2021-01-01 00:00:00 UTC" in seconds.
   *  * `updateTime>1609459200` to find Cloud resources that were updated after
   *    "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of
   *    "2021-01-01 00:00:00 UTC" in seconds.
   *  * `Important` to find Cloud resources that contain "Important" as a word
   *    in any of the searchable fields.
   *  * `Impor*` to find Cloud resources that contain "Impor" as a prefix of any
   *    word in any of the searchable fields.
   *  * `Important location:(us-west1 OR global)` to find Cloud
   *    resources that contain "Important" as a word in any of the searchable
   *    fields and are also located in the "us-west1" region or the "global"
   *    location.
   */
  // const query = 'abc123'
  /**
   *  Optional. A list of asset types that this request searches for. If empty,
   *  it will search all the searchable asset
   *  types (https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types).
   *  Regular expressions are also supported. For example:
   *  * "compute.googleapis.com.*" snapshots resources whose asset type starts
   *  with "compute.googleapis.com".
   *  * ".*Instance" snapshots resources whose asset type ends with "Instance".
   *  * ".*Instance.*" snapshots resources whose asset type contains "Instance".
   *  See RE2 (https://github.com/google/re2/wiki/Syntax) for all supported
   *  regular expression syntax. If the regular expression does not match any
   *  supported asset type, an INVALID_ARGUMENT error will be returned.
   */
  // const assetTypes = 'abc123'
  /**
   *  Optional. The page size for search result pagination. Page size is capped
   *  at 500 even if a larger value is given. If set to zero, server will pick an
   *  appropriate default. Returned results may be fewer than requested. When
   *  this happens, there could be more results as long as `next_page_token` is
   *  returned.
   */
  // const pageSize = 1234
  /**
   *  Optional. If present, then retrieve the next batch of results from the
   *  preceding call to this method. `page_token` must be the value of
   *  `next_page_token` from the previous response. The values of all other
   *  method parameters, must be identical to those in the previous call.
   */
  // const pageToken = 'abc123'
  /**
   *  Optional. A comma-separated list of fields specifying the sorting order of
   *  the results. The default order is ascending. Add " DESC" after the field
   *  name to indicate descending order. Redundant space characters are ignored.
   *  Example: "location DESC, name".
   *  Only singular primitive fields in the response are sortable:
   *    * name
   *    * assetType
   *    * project
   *    * displayName
   *    * description
   *    * location
   *    * kmsKey
   *    * createTime
   *    * updateTime
   *    * state
   *    * parentFullResourceName
   *    * parentAssetType
   *  All the other fields such as repeated fields (e.g., `networkTags`), map
   *  fields (e.g., `labels`) and struct fields (e.g., `additionalAttributes`)
   *  are not supported.
   */
  // const orderBy = 'abc123'
  /**
   *  Optional. A comma-separated list of fields specifying which fields to be
   *  returned in ResourceSearchResult. Only '*' or combination of top level
   *  fields can be specified. Field names of both snake_case and camelCase are
   *  supported. Examples: `"*"`, `"name,location"`, `"name,versionedResources"`.
   *  The read_mask paths must be valid field paths listed but not limited to
   *  (both snake_case and camelCase are supported):
   *    * name
   *    * assetType
   *    * project
   *    * displayName
   *    * description
   *    * location
   *    * tagKeys
   *    * tagValues
   *    * tagValueIds
   *    * labels
   *    * networkTags
   *    * kmsKey
   *    * createTime
   *    * updateTime
   *    * state
   *    * additionalAttributes
   *    * versionedResources
   *  If read_mask is not specified, all fields except versionedResources will
   *  be returned.
   *  If only '*' is specified, all fields including versionedResources will be
   *  returned.
   *  Any invalid field path will trigger INVALID_ARGUMENT error.
   */
  // const readMask = {}

  // Imports the Asset library
  const {AssetServiceClient} = require('@google-cloud/asset').v1;

  // Instantiates a client
  const assetClient = new AssetServiceClient();

  async function callSearchAllResources() {
    // Construct request
    const request = {
      scope,
    };

    // Run request
    const iterable = await assetClient.searchAllResourcesAsync(request);
    for await (const response of iterable) {
        console.log(response);
    }
  }

  callSearchAllResources();

searchAllResourcesStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
scope string

Required. A scope can be a project, a folder, or an organization. The search is limited to the resources within the scope. The caller must be granted the cloudasset.assets.searchAllResources permission on the desired scope.

The allowed values are:

  • projects/{PROJECT_ID} (e.g., "projects/foo-bar")
  • projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
  • folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
  • organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
query string <optional>

Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the resources within the specified scope.

Examples:

  • name:Important to find Cloud resources whose name contains "Important" as a word.
  • name=Important to find the Cloud resource whose name is exactly "Important".
  • displayName:Impor* to find Cloud resources whose display name contains "Impor" as a prefix of any word in the field.
  • location:us-west* to find Cloud resources whose location contains both "us" and "west" as prefixes.
  • labels:prod to find Cloud resources whose labels contain "prod" as a key or value.
  • labels.env:prod to find Cloud resources that have a label "env" and its value is "prod".
  • labels.env:* to find Cloud resources that have a label "env".
  • kmsKey:key to find Cloud resources encrypted with a customer-managed encryption key whose name contains the word "key".
  • relationships:instance-group-1 to find Cloud resources that have relationships with "instance-group-1" in the related resource name.
  • relationships:INSTANCE_TO_INSTANCEGROUP to find compute instances that have relationships of type "INSTANCE_TO_INSTANCEGROUP".
  • relationships.INSTANCE_TO_INSTANCEGROUP:instance-group-1 to find compute instances that have relationships with "instance-group-1" in the compute instance group resource name, for relationship type "INSTANCE_TO_INSTANCEGROUP".
  • state:ACTIVE to find Cloud resources whose state contains "ACTIVE" as a word.
  • NOT state:ACTIVE to find Cloud resources whose state doesn't contain "ACTIVE" as a word.
  • createTime<1609459200 to find Cloud resources that were created before "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00 UTC" in seconds.
  • updateTime>1609459200 to find Cloud resources that were updated after "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00 UTC" in seconds.
  • Important to find Cloud resources that contain "Important" as a word in any of the searchable fields.
  • Impor* to find Cloud resources that contain "Impor" as a prefix of any word in any of the searchable fields.
  • Important location:(us-west1 OR global) to find Cloud resources that contain "Important" as a word in any of the searchable fields and are also located in the "us-west1" region or the "global" location.
assetTypes Array.<string> <optional>

Optional. A list of asset types that this request searches for. If empty, it will search all the searchable asset types.

Regular expressions are also supported. For example:

  • "compute.googleapis.com.*" snapshots resources whose asset type starts with "compute.googleapis.com".
  • ".*Instance" snapshots resources whose asset type ends with "Instance".
  • ".Instance." snapshots resources whose asset type contains "Instance".

See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.
pageSize number <optional>

Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set to zero, server will pick an appropriate default. Returned results may be fewer than requested. When this happens, there could be more results as long as next_page_token is returned.
pageToken string <optional>

Optional. If present, then retrieve the next batch of results from the preceding call to this method. page_token must be the value of next_page_token from the previous response. The values of all other method parameters, must be identical to those in the previous call.
orderBy string <optional>

Optional. A comma-separated list of fields specifying the sorting order of the results. The default order is ascending. Add " DESC" after the field name to indicate descending order. Redundant space characters are ignored. Example: "location DESC, name". Only singular primitive fields in the response are sortable:

* name
* assetType
* project
* displayName
* description
* location
* kmsKey
* createTime
* updateTime
* state
* parentFullResourceName
* parentAssetType

All the other fields such as repeated fields (e.g., networkTags), map fields (e.g., labels) and struct fields (e.g., additionalAttributes) are not supported.
readMask google.protobuf.FieldMask <optional>

Optional. A comma-separated list of fields specifying which fields to be returned in ResourceSearchResult. Only '*' or combination of top level fields can be specified. Field names of both snake_case and camelCase are supported. Examples: "*", "name,location", "name,versionedResources".

The read_mask paths must be valid field paths listed but not limited to (both snake_case and camelCase are supported):

* name
* assetType
* project
* displayName
* description
* location
* tagKeys
* tagValues
* tagValueIds
* labels
* networkTags
* kmsKey
* createTime
* updateTime
* state
* additionalAttributes
* versionedResources

If read_mask is not specified, all fields except versionedResources will be returned. If only '*' is specified, all fields including versionedResources will be returned. Any invalid field path will trigger INVALID_ARGUMENT error.
options object <optional>

Call options. See CallOptions for more details.
Returns:
Type Description
Stream

An object stream which emits an object representing ResourceSearchResult on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using searchAllResourcesAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

servicePerimeterPath(access_policy, service_perimeter) → {string}

Return a fully-qualified servicePerimeter resource name string.

Parameters:
Name Type Description
access_policy string
service_perimeter string
Returns:
Type Description
string

Resource name string.