class Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1Asset

An asset in Google Cloud. An asset can be any resource in the Google Cloud [ resource hierarchy](cloud.google.com/resource-manager/docs/cloud- platform-resource-hierarchy), a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy). See [Supported asset types](cloud.google.com/ asset-inventory/docs/supported-asset-types) for more information.

Attributes

access_level[RW]

An `AccessLevel` is a label that can be applied to requests to Google Cloud services, along with a list of requirements necessary for the label to be applied. Corresponds to the JSON property `accessLevel` @return [Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessLevel]

access_policy[RW]

`AccessPolicy` is a container for `AccessLevels` (which define the necessary attributes to use Google Cloud services) and `ServicePerimeters` (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization. Corresponds to the JSON property `accessPolicy` @return [Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1AccessPolicy]

ancestors[RW]

The ancestry path of an asset in Google Cloud [resource hierarchy](https:// cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy), represented as a list of relative resource names. An ancestry path starts with the closest ancestor in the hierarchy and ends at root. If the asset is a project, folder, or organization, the ancestry path starts from the asset itself. Example: `[“projects/123456789”, “folders/5432”, “organizations/1234”]` Corresponds to the JSON property `ancestors` @return [Array<String>]

asset_type[RW]

The type of the asset. Example: `compute.googleapis.com/Disk` See [Supported asset types](cloud.google.com/asset-inventory/docs/supported-asset- types) for more information. Corresponds to the JSON property `assetType` @return [String]

iam_policy[RW]

An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](cloud.google.com/iam/help/conditions/ resource-policies). **JSON example:** ` “bindings”: [ ` “role”: “roles/ resourcemanager.organizationAdmin”, “members”: [ “user:mike@example.com”, “ group:admins@example.com”, “domain:google.com”, “serviceAccount:my-project-id@ appspot.gserviceaccount.com” ] `, ` “role”: “roles/resourcemanager. organizationViewer”, “members”: [ “user:eve@example.com” ], “condition”: ` “ title”: “expirable access”, “description”: “Does not grant access after Sep 2020”, “expression”: “request.time < timestamp('2020-10-01T00:00:00.000Z')”, ` ` ], “etag”: “BwWWja0YfJA=”, “version”: 3 ` **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google. com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/ resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](cloud. google.com/iam/docs/). Corresponds to the JSON property `iamPolicy` @return [Google::Apis::CloudassetV1::Policy]

name[RW]

The full name of the asset. Example: `//compute.googleapis.com/projects/ my_project_123/zones/zone1/instances/instance1` See [Resource names](https:// cloud.google.com/apis/design/resource_names#full_resource_name) for more information. Corresponds to the JSON property `name` @return [String]

org_policy[RW]

A representation of an [organization policy](cloud.google.com/resource- manager/docs/organization-policy/overview#organization_policy). There can be more than one organization policy with different constraints set on a given resource. Corresponds to the JSON property `orgPolicy` @return [Array<Google::Apis::CloudassetV1::GoogleCloudOrgpolicyV1Policy>]

resource[RW]

A representation of a Google Cloud resource. Corresponds to the JSON property `resource` @return [Google::Apis::CloudassetV1::GoogleCloudAssetV1p7beta1Resource]

service_perimeter[RW]

`ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the ` ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges. Corresponds to the JSON property `servicePerimeter` @return [Google::Apis::CloudassetV1::GoogleIdentityAccesscontextmanagerV1ServicePerimeter]

update_time[RW]

The last update timestamp of an asset. update_time is updated when create/ update/delete operation is performed. Corresponds to the JSON property `updateTime` @return [String]

Public Class Methods

new(**args) click to toggle source
# File lib/google/apis/cloudasset_v1/classes.rb, line 1399
def initialize(**args)
   update!(**args)
end

Public Instance Methods

update!(**args) click to toggle source

Update properties of this object

# File lib/google/apis/cloudasset_v1/classes.rb, line 1404
def update!(**args)
  @access_level = args[:access_level] if args.key?(:access_level)
  @access_policy = args[:access_policy] if args.key?(:access_policy)
  @ancestors = args[:ancestors] if args.key?(:ancestors)
  @asset_type = args[:asset_type] if args.key?(:asset_type)
  @iam_policy = args[:iam_policy] if args.key?(:iam_policy)
  @name = args[:name] if args.key?(:name)
  @org_policy = args[:org_policy] if args.key?(:org_policy)
  @related_assets = args[:related_assets] if args.key?(:related_assets)
  @resource = args[:resource] if args.key?(:resource)
  @service_perimeter = args[:service_perimeter] if args.key?(:service_perimeter)
  @update_time = args[:update_time] if args.key?(:update_time)
end