The configuration object. See the subsequent
parameters for more details.
Properties
Name
Type
Attributes
Description
credentials
object
<optional>
Credentials object.
Properties
Name
Type
Attributes
Description
client_email
string
<optional>
private_key
string
<optional>
email
string
<optional>
Account email address. Required when
using a .pem or .p12 keyFilename.
keyFilename
string
<optional>
Full path to the a .json, .pem, or
.p12 key downloaded from the Google Developers Console. If you provide
a path to a JSON file, the projectId option below is not necessary.
NOTE: .pem and .p12 require you to specify options.email as well.
port
number
<optional>
The port on which to connect to
the remote host.
projectId
string
<optional>
The project ID from the Google
Developer's Console, e.g. 'grape-spaceship-123'. We will also check
the environment variable GCLOUD_PROJECT for your project ID. If your
app is running in an environment which supports
Application Default Credentials,
your project ID will be detected automatically.
apiEndpoint
string
<optional>
The domain name of the
API remote host.
Members
(static) apiEndpoint
The DNS address for this API service - same as servicePath(),
exists for compatibility reasons.
(static) port
The port for this API service.
(static) scopes
The scopes needed to make gRPC calls for every method defined
in this service.
Batch gets the update history of assets that overlap a time window.
For IAM_POLICY content, this API outputs history when the asset and its
attached IAM POLICY both exist. This can create gaps in the output history.
Otherwise, this API outputs history with asset in both non-delete or
deleted status.
If a specified asset does not exist, this API returns an INVALID_ARGUMENT
error.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
parent
string
Required. The relative name of the root asset. It can only be an
organization number (such as "organizations/123"), a project ID (such as
"projects/my-project-id")", or a project number (such as "projects/12345").
assetNames
Array.<string>
A list of the full names of the assets.
See: https://cloud.google.com/asset-inventory/docs/resource-name-format
Example:
Optional. The time window for the asset history. Both start_time and
end_time are optional and if set, it must be after the current time minus
35 days. If end_time is not set, it is default to current timestamp.
If start_time is not set, the snapshot of the assets at end_time will be
returned. The returned results contain all temporal assets whose time
window overlap with read_time_window.
Check the status of the long running operation returned by the exportAssets() method.
Parameters:
Name
Type
Description
name
String
The operation name that will be passed.
close()
Terminate the GRPC channel and close the client.
The client will no longer be usable and all future behavior is undefined.
createFeed(request, optionsopt) → {Promise}
Creates a feed in a parent project/folder/organization to listen to its
asset updates.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. The name of the project/folder/organization where this feed
should be created in. It can only be an organization number (such as
"organizations/123"), a folder number (such as "folders/123"), a project ID
(such as "projects/my-project-id")", or a project number (such as
"projects/12345").
feedId
string
Required. This is the client-assigned asset feed identifier and it needs to
be unique under a specific parent project/folder/organization.
Required. The feed details. The field name must be empty and it will be generated
in the format of:
projects/project_number/feeds/feed_id
folders/folder_number/feeds/feed_id
organizations/organization_number/feeds/feed_id
Required. The name of the feed and it must be in the format of:
projects/project_number/feeds/feed_id
folders/folder_number/feeds/feed_id
organizations/organization_number/feeds/feed_id
Exports assets with time and resource types to a given Cloud Storage
location/BigQuery table. For Cloud Storage location destinations, the
output format is newline-delimited JSON. Each line represents a
google.cloud.asset.v1.Asset in the JSON format; for BigQuery table
destinations, the output table stores the fields in asset proto as columns.
This API implements the google.longrunning.Operation API
, which allows you to keep track of the export. We recommend intervals of
at least 2 seconds with exponential retry to poll the export operation
result. For regular-size resource parent, the export operation usually
finishes within 5 minutes.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. The relative name of the root asset. This can only be an
organization number (such as "organizations/123"), a project ID (such as
"projects/my-project-id"), or a project number (such as "projects/12345"),
or a folder number (such as "folders/123").
Timestamp to take an asset snapshot. This can only be set to a timestamp
between the current time and the current time minus 35 days (inclusive).
If not specified, the current time will be used. Due to delays in resource
data collection and indexing, there is a volatile window during which
running the same query may get different results.
assetTypes
Array.<string>
A list of asset types to take a snapshot for. For example:
"compute.googleapis.com/Disk".
Regular expressions are also supported. For example:
"compute.googleapis.com.*" snapshots resources whose asset type starts
with "compute.googleapis.com".
".*Instance" snapshots resources whose asset type ends with "Instance".
".Instance." snapshots resources whose asset type contains "Instance".
See RE2 for all supported
regular expression syntax. If the regular expression does not match any
supported asset type, an INVALID_ARGUMENT error will be returned.
If specified, only matching assets will be returned, otherwise, it will
snapshot all asset types. See Introduction to Cloud Asset
Inventory
for all supported asset types.
Return a fully-qualified folderFeed resource name string.
Parameters:
Name
Type
Description
folder
string
feed
string
getFeed(request, optionsopt) → {Promise}
Gets details about an asset feed.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
name
string
Required. The name of the Feed and it must be in the format of:
projects/project_number/feeds/feed_id
folders/folder_number/feeds/feed_id
organizations/organization_number/feeds/feed_id
the callback to
be called with the current project Id.
initialize() → {Promise}
Initialize the client.
Performs asynchronous operations (such as authentication) and prepares the client.
This function will be called automatically when any class method is called for the
first time, but if you need to initialize it before calling an actual method,
feel free to call initialize() directly.
You can await on this method if you want to make sure the client is initialized.
listFeeds(request, optionsopt) → {Promise}
Lists all asset feeds in a parent project/folder/organization.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. The parent project/folder/organization whose feeds are to be
listed. It can only be using project/folder/organization number (such as
"folders/12345")", or a project ID (such as "projects/my-project-id").
Searches all IAM policies within the specified scope, such as a project,
folder, or organization. The caller must be granted the
cloudasset.assets.searchAllIamPolicies permission on the desired scope,
otherwise the request will be rejected.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
scope
string
Required. A scope can be a project, a folder, or an organization. The search is
limited to the IAM policies within the scope. The caller must be granted
the
cloudasset.assets.searchAllIamPolicies
permission on the desired scope.
Optional. The query statement. See how to construct a
query
for more information. If not specified or empty, it will search all the
IAM policies within the specified scope.
Examples:
policy:amy@gmail.com to find IAM policy bindings that specify user
"amy@gmail.com".
policy:roles/compute.admin to find IAM policy bindings that specify
the Compute Admin role.
policy.role.permissions:storage.buckets.update to find IAM policy
bindings that specify a role containing "storage.buckets.update"
permission. Note that if callers don't have iam.roles.get access to a
role's included permissions, policy bindings that specify this role will
be dropped from the search results.
resource:organizations/123456 to find IAM policy bindings
that are set on "organizations/123456".
Important to find IAM policy bindings that contain "Important" as a
word in any of the searchable fields (except for the included
permissions).
*por* to find IAM policy bindings that contain "por" as a substring
in any of the searchable fields (except for the included permissions).
resource:(instance1 OR instance2) policy:amy to find
IAM policy bindings that are set on resources "instance1" or
"instance2" and also specify user "amy".
pageSize
number
<optional>
Optional. The page size for search result pagination. Page size is capped at 500 even
if a larger value is given. If set to zero, server will pick an appropriate
default. Returned results may be fewer than requested. When this happens,
there could be more results as long as next_page_token is returned.
pageToken
string
<optional>
Optional. If present, retrieve the next batch of results from the preceding call to
this method. page_token must be the value of next_page_token from the
previous response. The values of all other method parameters must be
identical to those in the previous call.
Equivalent to searchAllIamPolicies, but returns an iterable object.
for-await-of syntax is used with the iterable to recursively get response element on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
scope
string
Required. A scope can be a project, a folder, or an organization. The search is
limited to the IAM policies within the scope. The caller must be granted
the
cloudasset.assets.searchAllIamPolicies
permission on the desired scope.
Optional. The query statement. See how to construct a
query
for more information. If not specified or empty, it will search all the
IAM policies within the specified scope.
Examples:
policy:amy@gmail.com to find IAM policy bindings that specify user
"amy@gmail.com".
policy:roles/compute.admin to find IAM policy bindings that specify
the Compute Admin role.
policy.role.permissions:storage.buckets.update to find IAM policy
bindings that specify a role containing "storage.buckets.update"
permission. Note that if callers don't have iam.roles.get access to a
role's included permissions, policy bindings that specify this role will
be dropped from the search results.
resource:organizations/123456 to find IAM policy bindings
that are set on "organizations/123456".
Important to find IAM policy bindings that contain "Important" as a
word in any of the searchable fields (except for the included
permissions).
*por* to find IAM policy bindings that contain "por" as a substring
in any of the searchable fields (except for the included permissions).
resource:(instance1 OR instance2) policy:amy to find
IAM policy bindings that are set on resources "instance1" or
"instance2" and also specify user "amy".
pageSize
number
<optional>
Optional. The page size for search result pagination. Page size is capped at 500 even
if a larger value is given. If set to zero, server will pick an appropriate
default. Returned results may be fewer than requested. When this happens,
there could be more results as long as next_page_token is returned.
pageToken
string
<optional>
Optional. If present, retrieve the next batch of results from the preceding call to
this method. page_token must be the value of next_page_token from the
previous response. The values of all other method parameters must be
identical to those in the previous call.
Equivalent to searchAllIamPolicies, but returns a NodeJS Stream object.
This fetches the paged responses for searchAllIamPolicies continuously
and invokes the callback registered for 'data' event for each element in the
responses.
The returned object has 'end' method when no more elements are required.
autoPaginate option will be ignored.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
scope
string
Required. A scope can be a project, a folder, or an organization. The search is
limited to the IAM policies within the scope. The caller must be granted
the
cloudasset.assets.searchAllIamPolicies
permission on the desired scope.
Optional. The query statement. See how to construct a
query
for more information. If not specified or empty, it will search all the
IAM policies within the specified scope.
Examples:
policy:amy@gmail.com to find IAM policy bindings that specify user
"amy@gmail.com".
policy:roles/compute.admin to find IAM policy bindings that specify
the Compute Admin role.
policy.role.permissions:storage.buckets.update to find IAM policy
bindings that specify a role containing "storage.buckets.update"
permission. Note that if callers don't have iam.roles.get access to a
role's included permissions, policy bindings that specify this role will
be dropped from the search results.
resource:organizations/123456 to find IAM policy bindings
that are set on "organizations/123456".
Important to find IAM policy bindings that contain "Important" as a
word in any of the searchable fields (except for the included
permissions).
*por* to find IAM policy bindings that contain "por" as a substring
in any of the searchable fields (except for the included permissions).
resource:(instance1 OR instance2) policy:amy to find
IAM policy bindings that are set on resources "instance1" or
"instance2" and also specify user "amy".
pageSize
number
<optional>
Optional. The page size for search result pagination. Page size is capped at 500 even
if a larger value is given. If set to zero, server will pick an appropriate
default. Returned results may be fewer than requested. When this happens,
there could be more results as long as next_page_token is returned.
pageToken
string
<optional>
Optional. If present, retrieve the next batch of results from the preceding call to
this method. page_token must be the value of next_page_token from the
previous response. The values of all other method parameters must be
identical to those in the previous call.
Searches all Cloud resources within the specified scope, such as a project,
folder, or organization. The caller must be granted the
cloudasset.assets.searchAllResources permission on the desired scope,
otherwise the request will be rejected.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
scope
string
Required. A scope can be a project, a folder, or an organization. The search is
limited to the resources within the scope. The caller must be granted the
cloudasset.assets.searchAllResources
permission on the desired scope.
Optional. The query statement. See how to construct a
query
for more information. If not specified or empty, it will search all the
resources within the specified scope. Note that the query string is
compared against each Cloud IAM policy binding, including its members,
roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
contain the bindings that match your query. To learn more about the IAM
policy structure, see IAM policy
doc.
Examples:
name:Important to find Cloud resources whose name contains
"Important" as a word.
displayName:Impor* to find Cloud resources whose display name
contains "Impor" as a prefix.
description:*por* to find Cloud resources whose description
contains "por" as a substring.
location:us-west* to find Cloud resources whose location is
prefixed with "us-west".
labels:prod to find Cloud resources whose labels contain "prod" as
a key or value.
labels.env:prod to find Cloud resources that have a label "env"
and its value is "prod".
labels.env:* to find Cloud resources that have a label "env".
Important to find Cloud resources that contain "Important" as a word
in any of the searchable fields.
Impor* to find Cloud resources that contain "Impor" as a prefix
in any of the searchable fields.
*por* to find Cloud resources that contain "por" as a substring in
any of the searchable fields.
Important location:(us-west1 OR global) to find Cloud
resources that contain "Important" as a word in any of the searchable
fields and are also located in the "us-west1" region or the "global"
location.
assetTypes
Array.<string>
<optional>
Optional. A list of asset types that this request searches for. If empty, it will
search all the searchable asset
types.
pageSize
number
<optional>
Optional. The page size for search result pagination. Page size is capped at 500 even
if a larger value is given. If set to zero, server will pick an appropriate
default. Returned results may be fewer than requested. When this happens,
there could be more results as long as next_page_token is returned.
pageToken
string
<optional>
Optional. If present, then retrieve the next batch of results from the preceding call
to this method. page_token must be the value of next_page_token from
the previous response. The values of all other method parameters, must be
identical to those in the previous call.
orderBy
string
<optional>
Optional. A comma separated list of fields specifying the sorting order of the
results. The default order is ascending. Add " DESC" after the field name
to indicate descending order. Redundant space characters are ignored.
Example: "location DESC, name". Only string fields in the response are
sortable, including name, displayName, description, location. All
the other fields such as repeated fields (e.g., networkTags), map
fields (e.g., labels) and struct fields (e.g., additionalAttributes)
are not supported.
Equivalent to searchAllResources, but returns an iterable object.
for-await-of syntax is used with the iterable to recursively get response element on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
scope
string
Required. A scope can be a project, a folder, or an organization. The search is
limited to the resources within the scope. The caller must be granted the
cloudasset.assets.searchAllResources
permission on the desired scope.
Optional. The query statement. See how to construct a
query
for more information. If not specified or empty, it will search all the
resources within the specified scope. Note that the query string is
compared against each Cloud IAM policy binding, including its members,
roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
contain the bindings that match your query. To learn more about the IAM
policy structure, see IAM policy
doc.
Examples:
name:Important to find Cloud resources whose name contains
"Important" as a word.
displayName:Impor* to find Cloud resources whose display name
contains "Impor" as a prefix.
description:*por* to find Cloud resources whose description
contains "por" as a substring.
location:us-west* to find Cloud resources whose location is
prefixed with "us-west".
labels:prod to find Cloud resources whose labels contain "prod" as
a key or value.
labels.env:prod to find Cloud resources that have a label "env"
and its value is "prod".
labels.env:* to find Cloud resources that have a label "env".
Important to find Cloud resources that contain "Important" as a word
in any of the searchable fields.
Impor* to find Cloud resources that contain "Impor" as a prefix
in any of the searchable fields.
*por* to find Cloud resources that contain "por" as a substring in
any of the searchable fields.
Important location:(us-west1 OR global) to find Cloud
resources that contain "Important" as a word in any of the searchable
fields and are also located in the "us-west1" region or the "global"
location.
assetTypes
Array.<string>
<optional>
Optional. A list of asset types that this request searches for. If empty, it will
search all the searchable asset
types.
pageSize
number
<optional>
Optional. The page size for search result pagination. Page size is capped at 500 even
if a larger value is given. If set to zero, server will pick an appropriate
default. Returned results may be fewer than requested. When this happens,
there could be more results as long as next_page_token is returned.
pageToken
string
<optional>
Optional. If present, then retrieve the next batch of results from the preceding call
to this method. page_token must be the value of next_page_token from
the previous response. The values of all other method parameters, must be
identical to those in the previous call.
orderBy
string
<optional>
Optional. A comma separated list of fields specifying the sorting order of the
results. The default order is ascending. Add " DESC" after the field name
to indicate descending order. Redundant space characters are ignored.
Example: "location DESC, name". Only string fields in the response are
sortable, including name, displayName, description, location. All
the other fields such as repeated fields (e.g., networkTags), map
fields (e.g., labels) and struct fields (e.g., additionalAttributes)
are not supported.
Equivalent to searchAllResources, but returns a NodeJS Stream object.
This fetches the paged responses for searchAllResources continuously
and invokes the callback registered for 'data' event for each element in the
responses.
The returned object has 'end' method when no more elements are required.
autoPaginate option will be ignored.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
scope
string
Required. A scope can be a project, a folder, or an organization. The search is
limited to the resources within the scope. The caller must be granted the
cloudasset.assets.searchAllResources
permission on the desired scope.
Optional. The query statement. See how to construct a
query
for more information. If not specified or empty, it will search all the
resources within the specified scope. Note that the query string is
compared against each Cloud IAM policy binding, including its members,
roles, and Cloud IAM conditions. The returned Cloud IAM policies will only
contain the bindings that match your query. To learn more about the IAM
policy structure, see IAM policy
doc.
Examples:
name:Important to find Cloud resources whose name contains
"Important" as a word.
displayName:Impor* to find Cloud resources whose display name
contains "Impor" as a prefix.
description:*por* to find Cloud resources whose description
contains "por" as a substring.
location:us-west* to find Cloud resources whose location is
prefixed with "us-west".
labels:prod to find Cloud resources whose labels contain "prod" as
a key or value.
labels.env:prod to find Cloud resources that have a label "env"
and its value is "prod".
labels.env:* to find Cloud resources that have a label "env".
Important to find Cloud resources that contain "Important" as a word
in any of the searchable fields.
Impor* to find Cloud resources that contain "Impor" as a prefix
in any of the searchable fields.
*por* to find Cloud resources that contain "por" as a substring in
any of the searchable fields.
Important location:(us-west1 OR global) to find Cloud
resources that contain "Important" as a word in any of the searchable
fields and are also located in the "us-west1" region or the "global"
location.
assetTypes
Array.<string>
<optional>
Optional. A list of asset types that this request searches for. If empty, it will
search all the searchable asset
types.
pageSize
number
<optional>
Optional. The page size for search result pagination. Page size is capped at 500 even
if a larger value is given. If set to zero, server will pick an appropriate
default. Returned results may be fewer than requested. When this happens,
there could be more results as long as next_page_token is returned.
pageToken
string
<optional>
Optional. If present, then retrieve the next batch of results from the preceding call
to this method. page_token must be the value of next_page_token from
the previous response. The values of all other method parameters, must be
identical to those in the previous call.
orderBy
string
<optional>
Optional. A comma separated list of fields specifying the sorting order of the
results. The default order is ascending. Add " DESC" after the field name
to indicate descending order. Redundant space characters are ignored.
Example: "location DESC, name". Only string fields in the response are
sortable, including name, displayName, description, location. All
the other fields such as repeated fields (e.g., networkTags), map
fields (e.g., labels) and struct fields (e.g., additionalAttributes)
are not supported.
Required. The new values of feed details. It must match an existing feed and the
field name must be in the format of:
projects/project_number/feeds/feed_id or
folders/folder_number/feeds/feed_id or
organizations/organization_number/feeds/feed_id.
Required. Only updates the feed fields indicated by this mask.
The field mask must not be empty, and it must not contain fields that
are immutable or only set by the server.