mirror of
https://github.com/OMGeeky/google-apis-rs.git
synced 2026-02-13 21:19:05 +01:00
update API descriptions
This commit is contained in:
Sebastian Thiel
@@ -149,7 +149,7 @@
|
||||
"type": "string"
|
||||
},
|
||||
"updateMask": {
|
||||
"description": "The FieldMask to use when updating the settings resource.\n\n If empty all mutable fields will be updated.",
|
||||
"description": "The FieldMask to use when updating the settings resource.\n\nIf empty all mutable fields will be updated.",
|
||||
"format": "google-fieldmask",
|
||||
"location": "query",
|
||||
"type": "string"
|
||||
@@ -214,13 +214,13 @@
|
||||
"type": "string"
|
||||
},
|
||||
"fieldMask": {
|
||||
"description": "Optional. A field mask to specify the ListAssetsResult fields to be listed in the\nresponse.\nAn empty field mask will list all fields.",
|
||||
"description": "A field mask to specify the ListAssetsResult fields to be listed in the\nresponse.\nAn empty field mask will list all fields.",
|
||||
"format": "google-fieldmask",
|
||||
"location": "query",
|
||||
"type": "string"
|
||||
},
|
||||
"filter": {
|
||||
"description": "Expression that defines the filter to apply across assets.\nThe expression is a list of zero or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. The fields map to those\ndefined in the Asset resource. Examples include:\n\n* name\n* security_center_properties.resource_name\n* resource_properties.a_property\n* security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following are the allowed field and operator combinations:\n\n* name: `=`\n* update_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n \"update_time = \\\"2019-06-10T16:07:18-07:00\\\"\"\n \"update_time = 1560208038000\"\n\n* create_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n \"create_time = \\\"2019-06-10T16:07:18-07:00\\\"\"\n \"create_time = 1560208038000\"\n\n* iam_policy.policy_blob: `=`, `:`\n* resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n* security_marks.marks: `=`, `:`\n* security_center_properties.resource_name: `=`, `:`\n* security_center_properties.resource_display_name: `=`, `:`\n* security_center_properties.resource_type: `=`, `:`\n* security_center_properties.resource_parent: `=`, `:`\n* security_center_properties.resource_parent_display_name: `=`, `:`\n* security_center_properties.resource_project: `=`, `:`\n* security_center_properties.resource_project_display_name: `=`, `:`\n* security_center_properties.resource_owners: `=`, `:`\n\nFor example, `resource_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: \"resource_properties.my_property : \\\"\\\"\"\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: \"-resource_properties.my_property : \\\"\\\"\"",
|
||||
"description": "Expression that defines the filter to apply across assets.\nThe expression is a list of zero or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. The fields map to those\ndefined in the Asset resource. Examples include:\n\n* name\n* security_center_properties.resource_name\n* resource_properties.a_property\n* security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following are the allowed field and operator combinations:\n\n* name: `=`\n* update_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n `update_time = \"2019-06-10T16:07:18-07:00\"`\n `update_time = 1560208038000`\n\n* create_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n `create_time = \"2019-06-10T16:07:18-07:00\"`\n `create_time = 1560208038000`\n\n* iam_policy.policy_blob: `=`, `:`\n* resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n* security_marks.marks: `=`, `:`\n* security_center_properties.resource_name: `=`, `:`\n* security_center_properties.resource_display_name: `=`, `:`\n* security_center_properties.resource_type: `=`, `:`\n* security_center_properties.resource_parent: `=`, `:`\n* security_center_properties.resource_parent_display_name: `=`, `:`\n* security_center_properties.resource_project: `=`, `:`\n* security_center_properties.resource_project_display_name: `=`, `:`\n* security_center_properties.resource_owners: `=`, `:`\n\nFor example, `resource_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: `resource_properties.my_property : \"\"`\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: `-resource_properties.my_property : \"\"`",
|
||||
"location": "query",
|
||||
"type": "string"
|
||||
},
|
||||
@@ -454,7 +454,7 @@
|
||||
]
|
||||
},
|
||||
"patch": {
|
||||
"description": "\nUpdates a notification config.",
|
||||
"description": "\nUpdates a notification config. The following update\nfields are allowed: description, pubsub_topic, streaming_config.filter",
|
||||
"flatPath": "v1/organizations/{organizationsId}/notificationConfigs/{notificationConfigsId}",
|
||||
"httpMethod": "PATCH",
|
||||
"id": "securitycenter.organizations.notificationConfigs.patch",
|
||||
@@ -899,13 +899,13 @@
|
||||
"type": "string"
|
||||
},
|
||||
"fieldMask": {
|
||||
"description": "Optional. A field mask to specify the Finding fields to be listed in the response.\nAn empty field mask will list all fields.",
|
||||
"description": "A field mask to specify the Finding fields to be listed in the response.\nAn empty field mask will list all fields.",
|
||||
"format": "google-fieldmask",
|
||||
"location": "query",
|
||||
"type": "string"
|
||||
},
|
||||
"filter": {
|
||||
"description": "Expression that defines the filter to apply across findings.\nThe expression is a list of one or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. Examples include:\n\n * name\n * source_properties.a_property\n * security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following field and operator combinations are supported:\n\nname: `=`\nparent: `=`, `:`\nresource_name: `=`, `:`\nstate: `=`, `:`\ncategory: `=`, `:`\nexternal_uri: `=`, `:`\nevent_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n \"event_time = \\\"2019-06-10T16:07:18-07:00\\\"\"\n \"event_time = 1560208038000\"\n\nsecurity_marks.marks: `=`, `:`\nsource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n\nFor example, `source_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: \"source_properties.my_property : \\\"\\\"\"\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: \"-source_properties.my_property : \\\"\\\"\"",
|
||||
"description": "Expression that defines the filter to apply across findings.\nThe expression is a list of one or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. Examples include:\n\n * name\n * source_properties.a_property\n * security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following field and operator combinations are supported:\n\nname: `=`\nparent: `=`, `:`\nresource_name: `=`, `:`\nstate: `=`, `:`\ncategory: `=`, `:`\nexternal_uri: `=`, `:`\nevent_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n `event_time = \"2019-06-10T16:07:18-07:00\"`\n `event_time = 1560208038000`\n\nsecurity_marks.marks: `=`, `:`\nsource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n\nFor example, `source_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: `source_properties.my_property : \"\"`\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: `-source_properties.my_property : \"\"`",
|
||||
"location": "query",
|
||||
"type": "string"
|
||||
},
|
||||
@@ -1056,7 +1056,7 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"revision": "20200406",
|
||||
"revision": "20200703",
|
||||
"rootUrl": "https://securitycenter.googleapis.com/",
|
||||
"schemas": {
|
||||
"Asset": {
|
||||
@@ -1128,7 +1128,7 @@
|
||||
"type": "object"
|
||||
},
|
||||
"AuditConfig": {
|
||||
"description": "Specifies the audit configuration for a service.\nThe configuration determines which permission types are logged, and what\nidentities, if any, are exempted from logging.\nAn AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_types\nspecified in each AuditConfig are enabled, and the exempted_members in each\nAuditLogConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n {\n \"audit_configs\": [\n {\n \"service\": \"allServices\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:jose@example.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n },\n {\n \"log_type\": \"ADMIN_READ\",\n }\n ]\n },\n {\n \"service\": \"sampleservice.googleapis.com\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n },\n {\n \"log_type\": \"DATA_WRITE\",\n \"exempted_members\": [\n \"user:aliya@example.com\"\n ]\n }\n ]\n }\n ]\n }\n\nFor sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts jose@example.com from DATA_READ logging, and\naliya@example.com from DATA_WRITE logging.",
|
||||
"description": "Specifies the audit configuration for a service.\nThe configuration determines which permission types are logged, and what\nidentities, if any, are exempted from logging.\nAn AuditConfig must have one or more AuditLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_types\nspecified in each AuditConfig are enabled, and the exempted_members in each\nAuditLogConfig are exempted.\n\nExample Policy with multiple AuditConfigs:\n\n {\n \"audit_configs\": [\n {\n \"service\": \"allServices\",\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:jose@example.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\"\n },\n {\n \"log_type\": \"ADMIN_READ\"\n }\n ]\n },\n {\n \"service\": \"sampleservice.googleapis.com\",\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\"\n },\n {\n \"log_type\": \"DATA_WRITE\",\n \"exempted_members\": [\n \"user:aliya@example.com\"\n ]\n }\n ]\n }\n ]\n }\n\nFor sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts jose@example.com from DATA_READ logging, and\naliya@example.com from DATA_WRITE logging.",
|
||||
"id": "AuditConfig",
|
||||
"properties": {
|
||||
"auditLogConfigs": {
|
||||
@@ -1146,7 +1146,7 @@
|
||||
"type": "object"
|
||||
},
|
||||
"AuditLogConfig": {
|
||||
"description": "Provides the configuration for logging a type of permissions.\nExample:\n\n {\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:jose@example.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n }\n ]\n }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting\njose@example.com from DATA_READ logging.",
|
||||
"description": "Provides the configuration for logging a type of permissions.\nExample:\n\n {\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:jose@example.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\"\n }\n ]\n }\n\nThis enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting\njose@example.com from DATA_READ logging.",
|
||||
"id": "AuditLogConfig",
|
||||
"properties": {
|
||||
"exemptedMembers": {
|
||||
@@ -1181,7 +1181,7 @@
|
||||
"properties": {
|
||||
"condition": {
|
||||
"$ref": "Expr",
|
||||
"description": "The condition that is associated with this binding.\nNOTE: An unsatisfied condition will not allow user access via current\nbinding. Different bindings, including their conditions, are examined\nindependently."
|
||||
"description": "The condition that is associated with this binding.\n\nIf the condition evaluates to `true`, then this binding applies to the\ncurrent request.\n\nIf the condition evaluates to `false`, then this binding does not apply to\nthe current request. However, a different role binding might grant the same\nrole to one or more of the members in this binding.\n\nTo learn which resources support conditions in their IAM policies, see the\n[IAM\ndocumentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
|
||||
},
|
||||
"members": {
|
||||
"description": "Specifies the identities requesting access for a Cloud Platform resource.\n`members` can have the following values:\n\n* `allUsers`: A special identifier that represents anyone who is\n on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special identifier that represents anyone\n who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a specific Google\n account. For example, `alice@example.com` .\n\n\n* `serviceAccount:{emailid}`: An email address that represents a service\n account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{emailid}`: An email address that represents a Google group.\n For example, `admins@example.com`.\n\n* `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique\n identifier) representing a user that has been recently deleted. For\n example, `alice@example.com?uid=123456789012345678901`. If the user is\n recovered, this value reverts to `user:{emailid}` and the recovered user\n retains the role in the binding.\n\n* `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus\n unique identifier) representing a service account that has been recently\n deleted. For example,\n `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.\n If the service account is undeleted, this value reverts to\n `serviceAccount:{emailid}` and the undeleted service account retains the\n role in the binding.\n\n* `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique\n identifier) representing a Google group that has been recently\n deleted. For example, `admins@example.com?uid=123456789012345678901`. If\n the group is recovered, this value reverts to `group:{emailid}` and the\n recovered group retains the role in the binding.\n\n\n* `domain:{domain}`: The G Suite domain (primary) that represents all the\n users of that domain. For example, `google.com` or `example.com`.\n\n",
|
||||
@@ -1227,7 +1227,7 @@
|
||||
"type": "object"
|
||||
},
|
||||
"Finding": {
|
||||
"description": "Security Command Center finding.\n\nA finding is a record of assessment data like security, risk, health, or\nprivacy, that is ingested into Security Command Center for presentation,\nnotification, analysis, policy testing, and enforcement. For example, a\ncross-site scripting (XSS) vulnerability in an App Engine application is a\nfinding.\n\nWhen adding a new field hidden behind a visibility label, ensure it is also\nhidden from Notifications:\nhttp://google3/java/com/google/cloud/security/riskdashboard/notification/actions/streaming/FindingTranslator.java?l=26",
|
||||
"description": "Security Command Center finding.\n\nA finding is a record of assessment data like security, risk, health, or\nprivacy, that is ingested into Security Command Center for presentation,\nnotification, analysis, policy testing, and enforcement. For example, a\ncross-site scripting (XSS) vulnerability in an App Engine application is a\nfinding.",
|
||||
"id": "Finding",
|
||||
"properties": {
|
||||
"category": {
|
||||
@@ -1294,7 +1294,7 @@
|
||||
"properties": {
|
||||
"options": {
|
||||
"$ref": "GetPolicyOptions",
|
||||
"description": "OPTIONAL: A `GetPolicyOptions` object for specifying options to\n`GetIamPolicy`. This field is only used by Cloud IAM."
|
||||
"description": "OPTIONAL: A `GetPolicyOptions` object for specifying options to\n`GetIamPolicy`."
|
||||
}
|
||||
},
|
||||
"type": "object"
|
||||
@@ -1304,7 +1304,7 @@
|
||||
"id": "GetPolicyOptions",
|
||||
"properties": {
|
||||
"requestedPolicyVersion": {
|
||||
"description": "Optional. The policy format version to be returned.\n\nValid values are 0, 1, and 3. Requests specifying an invalid value will be\nrejected.\n\nRequests for policies with any conditional bindings must specify version 3.\nPolicies without any conditional bindings may specify any valid value or\nleave the field unset.",
|
||||
"description": "Optional. The policy format version to be returned.\n\nValid values are 0, 1, and 3. Requests specifying an invalid value will be\nrejected.\n\nRequests for policies with any conditional bindings must specify version 3.\nPolicies without any conditional bindings may specify any valid value or\nleave the field unset.\n\nTo learn which resources support conditions in their IAM policies, see the\n[IAM\ndocumentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
|
||||
"format": "int32",
|
||||
"type": "integer"
|
||||
}
|
||||
@@ -1322,6 +1322,37 @@
|
||||
"notificationConfigName": {
|
||||
"description": "Name of the notification config that generated current notification.",
|
||||
"type": "string"
|
||||
},
|
||||
"resource": {
|
||||
"$ref": "GoogleCloudSecuritycenterV1Resource",
|
||||
"description": "The Cloud resource tied to this notification's Finding."
|
||||
}
|
||||
},
|
||||
"type": "object"
|
||||
},
|
||||
"GoogleCloudSecuritycenterV1Resource": {
|
||||
"description": "\nInformation related to the Google Cloud resource.",
|
||||
"id": "GoogleCloudSecuritycenterV1Resource",
|
||||
"properties": {
|
||||
"name": {
|
||||
"description": "The full resource name of the resource. See:\nhttps://cloud.google.com/apis/design/resource_names#full_resource_name",
|
||||
"type": "string"
|
||||
},
|
||||
"parent": {
|
||||
"description": "The full resource name of resource's parent.",
|
||||
"type": "string"
|
||||
},
|
||||
"parentDisplayName": {
|
||||
"description": "\nThe human readable name of resource's parent.",
|
||||
"type": "string"
|
||||
},
|
||||
"project": {
|
||||
"description": "The full resource name of project that the resource belongs to.",
|
||||
"type": "string"
|
||||
},
|
||||
"projectDisplayName": {
|
||||
"description": "\nThe human readable name of project that the resource belongs to.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"type": "object"
|
||||
@@ -1507,6 +1538,10 @@
|
||||
"description": "Name of the notification config that generated current notification.",
|
||||
"type": "string"
|
||||
},
|
||||
"resource": {
|
||||
"$ref": "GoogleCloudSecuritycenterV1p1beta1Resource",
|
||||
"description": "The Cloud resource tied to the notification."
|
||||
},
|
||||
"temporalAsset": {
|
||||
"$ref": "GoogleCloudSecuritycenterV1p1beta1TemporalAsset",
|
||||
"description": "If it's an asset based notification config, this field will be\npopulated."
|
||||
@@ -1514,6 +1549,33 @@
|
||||
},
|
||||
"type": "object"
|
||||
},
|
||||
"GoogleCloudSecuritycenterV1p1beta1Resource": {
|
||||
"description": "\nInformation related to the Google Cloud resource.",
|
||||
"id": "GoogleCloudSecuritycenterV1p1beta1Resource",
|
||||
"properties": {
|
||||
"name": {
|
||||
"description": "The full resource name of the resource. See:\nhttps://cloud.google.com/apis/design/resource_names#full_resource_name",
|
||||
"type": "string"
|
||||
},
|
||||
"parent": {
|
||||
"description": "The full resource name of resource's parent.",
|
||||
"type": "string"
|
||||
},
|
||||
"parentDisplayName": {
|
||||
"description": "\nThe human readable name of resource's parent.",
|
||||
"type": "string"
|
||||
},
|
||||
"project": {
|
||||
"description": "The full resource name of project that the resource belongs to.",
|
||||
"type": "string"
|
||||
},
|
||||
"projectDisplayName": {
|
||||
"description": "\nThe human readable name of project that the resource belongs to.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"type": "object"
|
||||
},
|
||||
"GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse": {
|
||||
"description": "Response of asset discovery run",
|
||||
"id": "GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse",
|
||||
@@ -1639,7 +1701,7 @@
|
||||
"type": "string"
|
||||
},
|
||||
"filter": {
|
||||
"description": "Expression that defines the filter to apply across assets.\nThe expression is a list of zero or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. The fields map to those\ndefined in the Asset resource. Examples include:\n\n* name\n* security_center_properties.resource_name\n* resource_properties.a_property\n* security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following field and operator combinations are supported:\n\n* name: `=`\n* update_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n \"update_time = \\\"2019-06-10T16:07:18-07:00\\\"\"\n \"update_time = 1560208038000\"\n\n* create_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n \"create_time = \\\"2019-06-10T16:07:18-07:00\\\"\"\n \"create_time = 1560208038000\"\n\n* iam_policy.policy_blob: `=`, `:`\n* resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n* security_marks.marks: `=`, `:`\n* security_center_properties.resource_name: `=`, `:`\n* security_center_properties.resource_display_name: `=`, `:`\n* security_center_properties.resource_type: `=`, `:`\n* security_center_properties.resource_parent: `=`, `:`\n* security_center_properties.resource_parent_display_name: `=`, `:`\n* security_center_properties.resource_project: `=`, `:`\n* security_center_properties.resource_project_display_name: `=`, `:`\n* security_center_properties.resource_owners: `=`, `:`\n\nFor example, `resource_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: \"resource_properties.my_property : \\\"\\\"\"\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: \"-resource_properties.my_property : \\\"\\\"\"",
|
||||
"description": "Expression that defines the filter to apply across assets.\nThe expression is a list of zero or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. The fields map to those\ndefined in the Asset resource. Examples include:\n\n* name\n* security_center_properties.resource_name\n* resource_properties.a_property\n* security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following field and operator combinations are supported:\n\n* name: `=`\n* update_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n `update_time = \"2019-06-10T16:07:18-07:00\"`\n `update_time = 1560208038000`\n\n* create_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n `create_time = \"2019-06-10T16:07:18-07:00\"`\n `create_time = 1560208038000`\n\n* iam_policy.policy_blob: `=`, `:`\n* resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n* security_marks.marks: `=`, `:`\n* security_center_properties.resource_name: `=`, `:`\n* security_center_properties.resource_display_name: `=`, `:`\n* security_center_properties.resource_type: `=`, `:`\n* security_center_properties.resource_parent: `=`, `:`\n* security_center_properties.resource_parent_display_name: `=`, `:`\n* security_center_properties.resource_project: `=`, `:`\n* security_center_properties.resource_project_display_name: `=`, `:`\n* security_center_properties.resource_owners: `=`, `:`\n\nFor example, `resource_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: `resource_properties.my_property : \"\"`\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: `-resource_properties.my_property : \"\"`",
|
||||
"type": "string"
|
||||
},
|
||||
"groupBy": {
|
||||
@@ -1701,7 +1763,7 @@
|
||||
"type": "string"
|
||||
},
|
||||
"filter": {
|
||||
"description": "Expression that defines the filter to apply across findings.\nThe expression is a list of one or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. Examples include:\n\n * name\n * source_properties.a_property\n * security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following field and operator combinations are supported:\n\n* name: `=`\n* parent: `=`, `:`\n* resource_name: `=`, `:`\n* state: `=`, `:`\n* category: `=`, `:`\n* external_uri: `=`, `:`\n* event_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n \"event_time = \\\"2019-06-10T16:07:18-07:00\\\"\"\n \"event_time = 1560208038000\"\n\n* security_marks.marks: `=`, `:`\n* source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n\nFor example, `source_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: \"source_properties.my_property : \\\"\\\"\"\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: \"-source_properties.my_property : \\\"\\\"\"",
|
||||
"description": "Expression that defines the filter to apply across findings.\nThe expression is a list of one or more restrictions combined via logical\noperators `AND` and `OR`.\nParentheses are supported, and `OR` has higher precedence than `AND`.\n\nRestrictions have the form `<field> <operator> <value>` and may have a `-`\ncharacter in front of them to indicate negation. Examples include:\n\n * name\n * source_properties.a_property\n * security_marks.marks.marka\n\nThe supported operators are:\n\n* `=` for all value types.\n* `>`, `<`, `>=`, `<=` for integer values.\n* `:`, meaning substring matching, for strings.\n\nThe supported value types are:\n\n* string literals in quotes.\n* integer literals without quotes.\n* boolean literals `true` and `false` without quotes.\n\nThe following field and operator combinations are supported:\n\n* name: `=`\n* parent: `=`, `:`\n* resource_name: `=`, `:`\n* state: `=`, `:`\n* category: `=`, `:`\n* external_uri: `=`, `:`\n* event_time: `=`, `>`, `<`, `>=`, `<=`\n\n Usage: This should be milliseconds since epoch or an RFC3339 string.\n Examples:\n `event_time = \"2019-06-10T16:07:18-07:00\"`\n `event_time = 1560208038000`\n\n* security_marks.marks: `=`, `:`\n* source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`\n\nFor example, `source_properties.size = 100` is a valid filter string.\n\nUse a partial match on the empty string to filter based on a property\nexisting: `source_properties.my_property : \"\"`\n\nUse a negated partial match on the empty string to filter based on a\nproperty not existing: `-source_properties.my_property : \"\"`",
|
||||
"type": "string"
|
||||
},
|
||||
"groupBy": {
|
||||
@@ -2035,7 +2097,7 @@
|
||||
"type": "object"
|
||||
},
|
||||
"Policy": {
|
||||
"description": "An Identity and Access Management (IAM) policy, which specifies access\ncontrols for Google Cloud resources.\n\n\nA `Policy` is a collection of `bindings`. A `binding` binds one or more\n`members` to a single `role`. Members can be user accounts, service accounts,\nGoogle groups, and domains (such as G Suite). A `role` is a named list of\npermissions; each `role` can be an IAM predefined role or a user-created\ncustom role.\n\nOptionally, a `binding` can specify a `condition`, which is a logical\nexpression that allows access to a resource only if the expression evaluates\nto `true`. A condition can add constraints based on attributes of the\nrequest, the resource, or both.\n\n**JSON example:**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/resourcemanager.organizationAdmin\",\n \"members\": [\n \"user:mike@example.com\",\n \"group:admins@example.com\",\n \"domain:google.com\",\n \"serviceAccount:my-project-id@appspot.gserviceaccount.com\"\n ]\n },\n {\n \"role\": \"roles/resourcemanager.organizationViewer\",\n \"members\": [\"user:eve@example.com\"],\n \"condition\": {\n \"title\": \"expirable access\",\n \"description\": \"Does not grant access after Sep 2020\",\n \"expression\": \"request.time < timestamp('2020-10-01T00:00:00.000Z')\",\n }\n }\n ],\n \"etag\": \"BwWWja0YfJA=\",\n \"version\": 3\n }\n\n**YAML example:**\n\n bindings:\n - members:\n - user:mike@example.com\n - group:admins@example.com\n - domain:google.com\n - serviceAccount:my-project-id@appspot.gserviceaccount.com\n role: roles/resourcemanager.organizationAdmin\n - members:\n - user:eve@example.com\n role: roles/resourcemanager.organizationViewer\n condition:\n title: expirable access\n description: Does not grant access after Sep 2020\n expression: request.time < timestamp('2020-10-01T00:00:00.000Z')\n - etag: BwWWja0YfJA=\n - version: 3\n\nFor a description of IAM and its features, see the\n[IAM documentation](https://cloud.google.com/iam/docs/).",
|
||||
"description": "An Identity and Access Management (IAM) policy, which specifies access\ncontrols for Google Cloud resources.\n\n\nA `Policy` is a collection of `bindings`. A `binding` binds one or more\n`members` to a single `role`. Members can be user accounts, service accounts,\nGoogle groups, and domains (such as G Suite). A `role` is a named list of\npermissions; each `role` can be an IAM predefined role or a user-created\ncustom role.\n\nFor some types of Google Cloud resources, a `binding` can also specify a\n`condition`, which is a logical expression that allows access to a resource\nonly if the expression evaluates to `true`. A condition can add constraints\nbased on attributes of the request, the resource, or both. To learn which\nresources support conditions in their IAM policies, see the\n[IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).\n\n**JSON example:**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/resourcemanager.organizationAdmin\",\n \"members\": [\n \"user:mike@example.com\",\n \"group:admins@example.com\",\n \"domain:google.com\",\n \"serviceAccount:my-project-id@appspot.gserviceaccount.com\"\n ]\n },\n {\n \"role\": \"roles/resourcemanager.organizationViewer\",\n \"members\": [\n \"user:eve@example.com\"\n ],\n \"condition\": {\n \"title\": \"expirable access\",\n \"description\": \"Does not grant access after Sep 2020\",\n \"expression\": \"request.time < timestamp('2020-10-01T00:00:00.000Z')\",\n }\n }\n ],\n \"etag\": \"BwWWja0YfJA=\",\n \"version\": 3\n }\n\n**YAML example:**\n\n bindings:\n - members:\n - user:mike@example.com\n - group:admins@example.com\n - domain:google.com\n - serviceAccount:my-project-id@appspot.gserviceaccount.com\n role: roles/resourcemanager.organizationAdmin\n - members:\n - user:eve@example.com\n role: roles/resourcemanager.organizationViewer\n condition:\n title: expirable access\n description: Does not grant access after Sep 2020\n expression: request.time < timestamp('2020-10-01T00:00:00.000Z')\n - etag: BwWWja0YfJA=\n - version: 3\n\nFor a description of IAM and its features, see the\n[IAM documentation](https://cloud.google.com/iam/docs/).",
|
||||
"id": "Policy",
|
||||
"properties": {
|
||||
"auditConfigs": {
|
||||
@@ -2058,7 +2120,7 @@
|
||||
"type": "string"
|
||||
},
|
||||
"version": {
|
||||
"description": "Specifies the format of the policy.\n\nValid values are `0`, `1`, and `3`. Requests that specify an invalid value\nare rejected.\n\nAny operation that affects conditional role bindings must specify version\n`3`. This requirement applies to the following operations:\n\n* Getting a policy that includes a conditional role binding\n* Adding a conditional role binding to a policy\n* Changing a conditional role binding in a policy\n* Removing any role binding, with or without a condition, from a policy\n that includes conditions\n\n**Important:** If you use IAM Conditions, you must include the `etag` field\nwhenever you call `setIamPolicy`. If you omit this field, then IAM allows\nyou to overwrite a version `3` policy with a version `1` policy, and all of\nthe conditions in the version `3` policy are lost.\n\nIf a policy does not include any conditions, operations on that policy may\nspecify any valid version or leave the field unset.",
|
||||
"description": "Specifies the format of the policy.\n\nValid values are `0`, `1`, and `3`. Requests that specify an invalid value\nare rejected.\n\nAny operation that affects conditional role bindings must specify version\n`3`. This requirement applies to the following operations:\n\n* Getting a policy that includes a conditional role binding\n* Adding a conditional role binding to a policy\n* Changing a conditional role binding in a policy\n* Removing any role binding, with or without a condition, from a policy\n that includes conditions\n\n**Important:** If you use IAM Conditions, you must include the `etag` field\nwhenever you call `setIamPolicy`. If you omit this field, then IAM allows\nyou to overwrite a version `3` policy with a version `1` policy, and all of\nthe conditions in the version `3` policy are lost.\n\nIf a policy does not include any conditions, operations on that policy may\nspecify any valid version or leave the field unset.\n\nTo learn which resources support conditions in their IAM policies, see the\n[IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).",
|
||||
"format": "int32",
|
||||
"type": "integer"
|
||||
}
|
||||
@@ -2193,7 +2255,7 @@
|
||||
"description": "REQUIRED: The complete policy to be applied to the `resource`. The size of\nthe policy is limited to a few 10s of KB. An empty policy is a\nvalid policy but certain Cloud Platform services (such as Projects)\nmight reject them."
|
||||
},
|
||||
"updateMask": {
|
||||
"description": "OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only\nthe fields in the mask will be modified. If no mask is provided, the\nfollowing default mask is used:\npaths: \"bindings, etag\"\nThis field is only used by Cloud IAM.",
|
||||
"description": "OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only\nthe fields in the mask will be modified. If no mask is provided, the\nfollowing default mask is used:\n\n`paths: \"bindings, etag\"`",
|
||||
"format": "google-fieldmask",
|
||||
"type": "string"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user