pub struct MethodMethods<'a, C>where
C: 'a,{ /* private fields */ }Expand description
A builder providing access to all free methods, which are not associated with a particular resource.
It is not used directly, but through the CloudAsset hub.
§Example
Instantiate a resource builder
extern crate hyper;
extern crate hyper_rustls;
extern crate google_cloudasset1 as cloudasset1;
use cloudasset1::{CloudAsset, FieldMask, hyper_rustls, hyper_util, yup_oauth2};
let secret: yup_oauth2::ApplicationSecret = Default::default();
let connector = hyper_rustls::HttpsConnectorBuilder::new()
.with_native_roots()
.unwrap()
.https_only()
.enable_http2()
.build();
let executor = hyper_util::rt::TokioExecutor::new();
let auth = yup_oauth2::InstalledFlowAuthenticator::with_client(
secret,
yup_oauth2::InstalledFlowReturnMethod::HTTPRedirect,
yup_oauth2::client::CustomHyperClientBuilder::from(
hyper_util::client::legacy::Client::builder(executor).build(connector),
),
).build().await.unwrap();
let client = hyper_util::client::legacy::Client::builder(
hyper_util::rt::TokioExecutor::new()
)
.build(
hyper_rustls::HttpsConnectorBuilder::new()
.with_native_roots()
.unwrap()
.https_or_http()
.enable_http2()
.build()
);
let mut hub = CloudAsset::new(client, auth);
// Usually you wouldn't bind this to a variable, but keep calling *CallBuilders*
// like `analyze_iam_policy(...)`, `analyze_iam_policy_longrunning(...)`, `analyze_move(...)`, `analyze_org_policies(...)`, `analyze_org_policy_governed_assets(...)`, `analyze_org_policy_governed_containers(...)`, `batch_get_assets_history(...)`, `export_assets(...)`, `query_assets(...)`, `search_all_iam_policies(...)` and `search_all_resources(...)`
// to build up your call.
let rb = hub.methods();Implementations§
Source§impl<'a, C> MethodMethods<'a, C>
impl<'a, C> MethodMethods<'a, C>
Sourcepub fn analyze_iam_policy(
&self,
scope: &str,
) -> MethodAnalyzeIamPolicyCall<'a, C>
pub fn analyze_iam_policy( &self, scope: &str, ) -> MethodAnalyzeIamPolicyCall<'a, C>
Create a builder to help you perform the following task:
Analyzes IAM policies to answer which identities have what accesses on which resources.
§Arguments
scope- Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as “organizations/123”), a folder number (such as “folders/123”), a project ID (such as “projects/my-project-id”), or a project number (such as “projects/12345”). To know how to get organization ID, visit here . To know how to get folder or project ID, visit here .
Sourcepub fn analyze_iam_policy_longrunning(
&self,
request: AnalyzeIamPolicyLongrunningRequest,
scope: &str,
) -> MethodAnalyzeIamPolicyLongrunningCall<'a, C>
pub fn analyze_iam_policy_longrunning( &self, request: AnalyzeIamPolicyLongrunningRequest, scope: &str, ) -> MethodAnalyzeIamPolicyLongrunningCall<'a, C>
Create a builder to help you perform the following task:
Analyzes IAM policies asynchronously to answer which identities have what accesses on which resources, and writes the analysis results to a Google Cloud Storage or a BigQuery destination. For Cloud Storage destination, the output format is the JSON format that represents a AnalyzeIamPolicyResponse. This method implements the google.longrunning.Operation, which allows you to track the operation status. We recommend intervals of at least 2 seconds with exponential backoff retry to poll the operation result. The metadata contains the metadata for the long-running operation.
§Arguments
request- No description provided.scope- Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as “organizations/123”), a folder number (such as “folders/123”), a project ID (such as “projects/my-project-id”), or a project number (such as “projects/12345”). To know how to get organization ID, visit here . To know how to get folder or project ID, visit here .
Sourcepub fn analyze_move(&self, resource: &str) -> MethodAnalyzeMoveCall<'a, C>
pub fn analyze_move(&self, resource: &str) -> MethodAnalyzeMoveCall<'a, C>
Create a builder to help you perform the following task:
Analyze moving a resource to a specified destination without kicking off the actual move. The analysis is best effort depending on the user’s permissions of viewing different hierarchical policies and configurations. The policies and configuration are subject to change before the actual resource migration takes place.
§Arguments
resource- Required. Name of the resource to perform the analysis against. Only Google Cloud projects are supported as of today. Hence, this can only be a project ID (such as “projects/my-project-id”) or a project number (such as “projects/12345”).
Sourcepub fn analyze_org_policies(
&self,
scope: &str,
) -> MethodAnalyzeOrgPolicyCall<'a, C>
pub fn analyze_org_policies( &self, scope: &str, ) -> MethodAnalyzeOrgPolicyCall<'a, C>
Create a builder to help you perform the following task:
Analyzes organization policies under a scope.
§Arguments
scope- Required. The organization to scope the request. Only organization policies within the scope will be analyzed. * organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
Sourcepub fn analyze_org_policy_governed_assets(
&self,
scope: &str,
) -> MethodAnalyzeOrgPolicyGovernedAssetCall<'a, C>
pub fn analyze_org_policy_governed_assets( &self, scope: &str, ) -> MethodAnalyzeOrgPolicyGovernedAssetCall<'a, C>
Create a builder to help you perform the following task:
Analyzes organization policies governed assets (Google Cloud resources or policies) under a scope. This RPC supports custom constraints and the following canned constraints: * constraints/ainotebooks.accessMode * constraints/ainotebooks.disableFileDownloads * constraints/ainotebooks.disableRootAccess * constraints/ainotebooks.disableTerminal * constraints/ainotebooks.environmentOptions * constraints/ainotebooks.requireAutoUpgradeSchedule * constraints/ainotebooks.restrictVpcNetworks * constraints/compute.disableGuestAttributesAccess * constraints/compute.disableInstanceDataAccessApis * constraints/compute.disableNestedVirtualization * constraints/compute.disableSerialPortAccess * constraints/compute.disableSerialPortLogging * constraints/compute.disableVpcExternalIpv6 * constraints/compute.requireOsLogin * constraints/compute.requireShieldedVm * constraints/compute.restrictLoadBalancerCreationForTypes * constraints/compute.restrictProtocolForwardingCreationForTypes * constraints/compute.restrictXpnProjectLienRemoval * constraints/compute.setNewProjectDefaultToZonalDNSOnly * constraints/compute.skipDefaultNetworkCreation * constraints/compute.trustedImageProjects * constraints/compute.vmCanIpForward * constraints/compute.vmExternalIpAccess * constraints/gcp.detailedAuditLoggingMode * constraints/gcp.resourceLocations * constraints/iam.allowedPolicyMemberDomains * constraints/iam.automaticIamGrantsForDefaultServiceAccounts * constraints/iam.disableServiceAccountCreation * constraints/iam.disableServiceAccountKeyCreation * constraints/iam.disableServiceAccountKeyUpload * constraints/iam.restrictCrossProjectServiceAccountLienRemoval * constraints/iam.serviceAccountKeyExpiryHours * constraints/resourcemanager.accessBoundaries * constraints/resourcemanager.allowedExportDestinations * constraints/sql.restrictAuthorizedNetworks * constraints/sql.restrictNoncompliantDiagnosticDataAccess * constraints/sql.restrictNoncompliantResourceCreation * constraints/sql.restrictPublicIp * constraints/storage.publicAccessPrevention * constraints/storage.restrictAuthTypes * constraints/storage.uniformBucketLevelAccess This RPC only returns either resources of types supported by search APIs or IAM policies.
§Arguments
scope- Required. The organization to scope the request. Only organization policies within the scope will be analyzed. The output assets will also be limited to the ones governed by those in-scope organization policies. * organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
Sourcepub fn analyze_org_policy_governed_containers(
&self,
scope: &str,
) -> MethodAnalyzeOrgPolicyGovernedContainerCall<'a, C>
pub fn analyze_org_policy_governed_containers( &self, scope: &str, ) -> MethodAnalyzeOrgPolicyGovernedContainerCall<'a, C>
Create a builder to help you perform the following task:
Analyzes organization policies governed containers (projects, folders or organization) under a scope.
§Arguments
scope- Required. The organization to scope the request. Only organization policies within the scope will be analyzed. The output containers will also be limited to the ones governed by those in-scope organization policies. * organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
Sourcepub fn batch_get_assets_history(
&self,
parent: &str,
) -> MethodBatchGetAssetsHistoryCall<'a, C>
pub fn batch_get_assets_history( &self, parent: &str, ) -> MethodBatchGetAssetsHistoryCall<'a, C>
Create a builder to help you perform the following task:
Batch gets the update history of assets that overlap a time window. For IAM_POLICY content, this API outputs history when the asset and its attached IAM POLICY both exist. This can create gaps in the output history. Otherwise, this API outputs history with asset in both non-delete or deleted status. If a specified asset does not exist, this API returns an INVALID_ARGUMENT error.
§Arguments
parent- Required. The relative name of the root asset. It can only be an organization number (such as “organizations/123”), a project ID (such as “projects/my-project-id”)“, or a project number (such as “projects/12345”).
Sourcepub fn export_assets(
&self,
request: ExportAssetsRequest,
parent: &str,
) -> MethodExportAssetCall<'a, C>
pub fn export_assets( &self, request: ExportAssetsRequest, parent: &str, ) -> MethodExportAssetCall<'a, C>
Create a builder to help you perform the following task:
Exports assets with time and resource types to a given Cloud Storage location/BigQuery table. For Cloud Storage location destinations, the output format is newline-delimited JSON. Each line represents a google.cloud.asset.v1.Asset in the JSON format; for BigQuery table destinations, the output table stores the fields in asset Protobuf as columns. This API implements the google.longrunning.Operation API, which allows you to keep track of the export. We recommend intervals of at least 2 seconds with exponential retry to poll the export operation result. For regular-size resource parent, the export operation usually finishes within 5 minutes.
§Arguments
request- No description provided.parent- Required. The relative name of the root asset. This can only be an organization number (such as “organizations/123”), a project ID (such as “projects/my-project-id”), or a project number (such as “projects/12345”), or a folder number (such as “folders/123”).
Sourcepub fn query_assets(
&self,
request: QueryAssetsRequest,
parent: &str,
) -> MethodQueryAssetCall<'a, C>
pub fn query_assets( &self, request: QueryAssetsRequest, parent: &str, ) -> MethodQueryAssetCall<'a, C>
Create a builder to help you perform the following task:
Issue a job that queries assets using a SQL statement compatible with BigQuery SQL. If the query execution finishes within timeout and there’s no pagination, the full query results will be returned in the QueryAssetsResponse. Otherwise, full query results can be obtained by issuing extra requests with the job_reference from the a previous QueryAssets call. Note, the query result has approximately 10 GB limitation enforced by BigQuery. Queries return larger results will result in errors.
§Arguments
request- No description provided.parent- Required. The relative name of the root asset. This can only be an organization number (such as “organizations/123”), a project ID (such as “projects/my-project-id”), or a project number (such as “projects/12345”), or a folder number (such as “folders/123”). Only assets belonging to theparentwill be returned.
Sourcepub fn search_all_iam_policies(
&self,
scope: &str,
) -> MethodSearchAllIamPolicyCall<'a, C>
pub fn search_all_iam_policies( &self, scope: &str, ) -> MethodSearchAllIamPolicyCall<'a, C>
Create a builder to help you perform the following task:
Searches all IAM policies within the specified scope, such as a project, folder, or organization. The caller must be granted the cloudasset.assets.searchAllIamPolicies permission on the desired scope, otherwise the request will be rejected.
§Arguments
scope- Required. A scope can be a project, a folder, or an organization. The search is limited to the IAM policies within thescope. The caller must be granted thecloudasset.assets.searchAllIamPoliciespermission on the desired scope. The allowed values are: * projects/{PROJECT_ID} (e.g., “projects/foo-bar”) * projects/{PROJECT_NUMBER} (e.g., “projects/12345678”) * folders/{FOLDER_NUMBER} (e.g., “folders/1234567”) * organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)
Sourcepub fn search_all_resources(
&self,
scope: &str,
) -> MethodSearchAllResourceCall<'a, C>
pub fn search_all_resources( &self, scope: &str, ) -> MethodSearchAllResourceCall<'a, C>
Create a builder to help you perform the following task:
Searches all Google Cloud resources within the specified scope, such as a project, folder, or organization. The caller must be granted the cloudasset.assets.searchAllResources permission on the desired scope, otherwise the request will be rejected.
§Arguments
scope- Required. A scope can be a project, a folder, or an organization. The search is limited to the resources within thescope. The caller must be granted thecloudasset.assets.searchAllResourcespermission on the desired scope. The allowed values are: * projects/{PROJECT_ID} (e.g., “projects/foo-bar”) * projects/{PROJECT_NUMBER} (e.g., “projects/12345678”) * folders/{FOLDER_NUMBER} (e.g., “folders/1234567”) * organizations/{ORGANIZATION_NUMBER} (e.g., “organizations/123456”)