--- /dev/null
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.asset.v1;
+
+import "google/api/annotations.proto";
+import "google/cloud/asset/v1/assets.proto";
+import "google/longrunning/operations.proto";
+import "google/protobuf/timestamp.proto";
+
+option csharp_namespace = "Google.Cloud.Asset.V1";
+option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1;asset";
+option java_multiple_files = true;
+option java_outer_classname = "AssetServiceProto";
+option java_package = "com.google.cloud.asset.v1";
+option php_namespace = "Google\\Cloud\\Asset\\V1";
+
+
+// Asset service definition.
+service AssetService {
+ // Exports assets with time and resource types to a given Cloud Storage
+ // location. The output format is newline-delimited JSON.
+ // This API implements the [google.longrunning.Operation][google.longrunning.Operation] API allowing you
+ // to keep track of the export.
+ rpc ExportAssets(ExportAssetsRequest) returns (google.longrunning.Operation) {
+ option (google.api.http) = {
+ post: "/v1/{parent=*/*}:exportAssets"
+ body: "*"
+ };
+ }
+
+ // Batch gets the update history of assets that overlap a time window.
+ // For RESOURCE content, this API outputs history with asset in both
+ // non-delete or deleted status.
+ // For IAM_POLICY content, this API outputs history when the asset and its
+ // attached IAM POLICY both exist. This can create gaps in the output history.
+ // If a specified asset does not exist, this API returns an INVALID_ARGUMENT
+ // error.
+ rpc BatchGetAssetsHistory(BatchGetAssetsHistoryRequest) returns (BatchGetAssetsHistoryResponse) {
+ option (google.api.http) = {
+ get: "/v1/{parent=*/*}:batchGetAssetsHistory"
+ };
+ }
+}
+
+// Export asset request.
+message ExportAssetsRequest {
+ // Required. The relative name of the root asset. This can only be an
+ // organization number (such as "organizations/123"), a project ID (such as
+ // "projects/my-project-id"), or a project number (such as "projects/12345"),
+ // or a folder number (such as "folders/123").
+ string parent = 1;
+
+ // Timestamp to take an asset snapshot. This can only be set to a timestamp
+ // between 2018-10-02 UTC (inclusive) and the current time. If not specified,
+ // the current time will be used. Due to delays in resource data collection
+ // and indexing, there is a volatile window during which running the same
+ // query may get different results.
+ google.protobuf.Timestamp read_time = 2;
+
+ // A list of asset types of which to take a snapshot for. For example:
+ // "compute.googleapis.com/Disk". If specified, only matching assets will be returned.
+ // See [Introduction to Cloud Asset
+ // Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview)
+ // for all supported asset types.
+ repeated string asset_types = 3;
+
+ // Asset content type. If not specified, no content but the asset name will be
+ // returned.
+ ContentType content_type = 4;
+
+ // Required. Output configuration indicating where the results will be output
+ // to. All results will be in newline delimited JSON format.
+ OutputConfig output_config = 5;
+}
+
+// The export asset response. This message is returned by the
+// [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation] method in the returned
+// [google.longrunning.Operation.response][google.longrunning.Operation.response] field.
+message ExportAssetsResponse {
+ // Time the snapshot was taken.
+ google.protobuf.Timestamp read_time = 1;
+
+ // Output configuration indicating where the results were output to.
+ // All results are in JSON format.
+ OutputConfig output_config = 2;
+}
+
+// Batch get assets history request.
+message BatchGetAssetsHistoryRequest {
+ // Required. The relative name of the root asset. It can only be an
+ // organization number (such as "organizations/123"), a project ID (such as
+ // "projects/my-project-id")", or a project number (such as "projects/12345").
+ string parent = 1;
+
+ // A list of the full names of the assets. For example:
+ // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`.
+ // See [Resource
+ // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
+ // and [Resource Name Format](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/resource-name-format)
+ // for more info.
+ //
+ // The request becomes a no-op if the asset name list is empty, and the max
+ // size of the asset name list is 100 in one request.
+ repeated string asset_names = 2;
+
+ // Required. The content type.
+ ContentType content_type = 3;
+
+ // Optional. The time window for the asset history. Both start_time and
+ // end_time are optional and if set, it must be after 2018-10-02 UTC. If
+ // end_time is not set, it is default to current timestamp. If start_time is
+ // not set, the snapshot of the assets at end_time will be returned. The
+ // returned results contain all temporal assets whose time window overlap with
+ // read_time_window.
+ TimeWindow read_time_window = 4;
+}
+
+// Batch get assets history response.
+message BatchGetAssetsHistoryResponse {
+ // A list of assets with valid time windows.
+ repeated TemporalAsset assets = 1;
+}
+
+// Output configuration for export assets destination.
+message OutputConfig {
+ // Asset export destination.
+ oneof destination {
+ // Destination on Cloud Storage.
+ GcsDestination gcs_destination = 1;
+ }
+}
+
+// A Cloud Storage location.
+message GcsDestination {
+ // Required.
+ oneof object_uri {
+ // The uri of the Cloud Storage object. It's the same uri that is used by
+ // gsutil. For example: "gs://bucket_name/object_name". See [Viewing and
+ // Editing Object
+ // Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
+ // for more information.
+ string uri = 1;
+ }
+}
+
+// Asset content type.
+enum ContentType {
+ // Unspecified content type.
+ CONTENT_TYPE_UNSPECIFIED = 0;
+
+ // Resource metadata.
+ RESOURCE = 1;
+
+ // The actual IAM policy set on a resource.
+ IAM_POLICY = 2;
+}