feat(asset): add bigquery_destination to OutputConfig; make content_type optional argument to BatchGetAssetsHistoryRequest; add uri_prefix to GcsDestination; add ORG_POLICY and ACCESS_POLICY content type enums (#9555)

Author: yoshi-automation

asset/google/cloud/asset_v1/gapic/asset_service_client.py

@@ -254,7 +254,7 @@ def export_assets(
             asset_types (list[str]): A list of asset types of which to take a snapshot for. For example:
                 "compute.googleapis.com/Disk". If specified, only matching assets will
                 be returned. See `Introduction to Cloud Asset
-                Inventory <https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview>`__
+                Inventory <https://cloud.google.com/asset-inventory/docs/overview>`__
                 for all supported asset types.
             content_type (~google.cloud.asset_v1.types.ContentType): Asset content type. If not specified, no content but the asset name will be
                 returned.
@@ -357,7 +357,7 @@ def batch_get_assets_history(
             parent (str): Required. The relative name of the root asset. It can only be an
                 organization number (such as "organizations/123"), a project ID (such as
                 "projects/my-project-id")", or a project number (such as "projects/12345").
-            content_type (~google.cloud.asset_v1.types.ContentType): Required. The content type.
+            content_type (~google.cloud.asset_v1.types.ContentType): Optional. The content type.
             read_time_window (Union[dict, ~google.cloud.asset_v1.types.TimeWindow]): Optional. The time window for the asset history. Both start\_time and
                 end\_time are optional and if set, it must be after 2018-10-02 UTC. If
                 end\_time is not set, it is default to current timestamp. If start\_time
@@ -372,7 +372,7 @@ def batch_get_assets_history(
                 See `Resource
                 Names <https://cloud.google.com/apis/design/resource_names#full_resource_name>`__
                 and `Resource Name
-                Format <https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/resource-name-format>`__
+                Format <https://cloud.google.com/asset-inventory/docs/resource-name-format>`__
                 for more info.
 
                 The request becomes a no-op if the asset name list is empty, and the max

asset/google/cloud/asset_v1/gapic/enums.py

@@ -27,11 +27,15 @@ class ContentType(enum.IntEnum):
       CONTENT_TYPE_UNSPECIFIED (int): Unspecified content type.
       RESOURCE (int): Resource metadata.
       IAM_POLICY (int): The actual IAM policy set on a resource.
+      ORG_POLICY (int): The Cloud Organization Policy set on an asset.
+      ACCESS_POLICY (int): The Cloud Access context mananger Policy set on an asset.
     """
 
     CONTENT_TYPE_UNSPECIFIED = 0
     RESOURCE = 1
     IAM_POLICY = 2
+    ORG_POLICY = 4
+    ACCESS_POLICY = 5
 
 
 class NullValue(enum.IntEnum):

asset/google/cloud/asset_v1/proto/asset_service.proto

@@ -18,8 +18,13 @@ syntax = "proto3";
 package google.cloud.asset.v1;
 
 import "google/api/annotations.proto";
+import "google/api/client.proto";
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
 import "google/cloud/asset/v1/assets.proto";
 import "google/longrunning/operations.proto";
+import "google/protobuf/empty.proto";
+import "google/protobuf/field_mask.proto";
 import "google/protobuf/timestamp.proto";
 
 option csharp_namespace = "Google.Cloud.Asset.V1";
@@ -29,9 +34,11 @@ option java_outer_classname = "AssetServiceProto";
 option java_package = "com.google.cloud.asset.v1";
 option php_namespace = "Google\\Cloud\\Asset\\V1";
 
-
 // Asset service definition.
 service AssetService {
+  option (google.api.default_host) = "cloudasset.googleapis.com";
+  option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
+
   // Exports assets with time and resource types to a given Cloud Storage
   // location. The output format is newline-delimited JSON.
   // This API implements the [google.longrunning.Operation][google.longrunning.Operation] API allowing you
@@ -41,6 +48,10 @@ service AssetService {
       post: "/v1/{parent=*/*}:exportAssets"
       body: "*"
     };
+    option (google.longrunning.operation_info) = {
+      response_type: "google.cloud.asset.v1.ExportAssetsResponse"
+      metadata_type: "google.cloud.asset.v1.ExportAssetsRequest"
+    };
   }
 
   // Batch gets the update history of assets that overlap a time window.
@@ -63,7 +74,12 @@ message ExportAssetsRequest {
   // organization number (such as "organizations/123"), a project ID (such as
   // "projects/my-project-id"), or a project number (such as "projects/12345"),
   // or a folder number (such as "folders/123").
-  string parent = 1;
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      child_type: "cloudasset.googleapis.com/Asset"
+    }
+  ];
 
   // Timestamp to take an asset snapshot. This can only be set to a timestamp
   // between 2018-10-02 UTC (inclusive) and the current time. If not specified,
@@ -73,9 +89,9 @@ message ExportAssetsRequest {
   google.protobuf.Timestamp read_time = 2;
 
   // A list of asset types of which to take a snapshot for. For example:
-  // "compute.googleapis.com/Disk". If specified, only matching assets will be returned.
-  // See [Introduction to Cloud Asset
-  // Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview)
+  // "compute.googleapis.com/Disk". If specified, only matching assets will be
+  // returned. See [Introduction to Cloud Asset
+  // Inventory](https://cloud.google.com/asset-inventory/docs/overview)
   // for all supported asset types.
   repeated string asset_types = 3;
 
@@ -85,7 +101,7 @@ message ExportAssetsRequest {
 
   // Required. Output configuration indicating where the results will be output
   // to. All results will be in newline delimited JSON format.
-  OutputConfig output_config = 5;
+  OutputConfig output_config = 5 [(google.api.field_behavior) = REQUIRED];
 }
 
 // The export asset response. This message is returned by the
@@ -105,29 +121,35 @@ message BatchGetAssetsHistoryRequest {
   // Required. The relative name of the root asset. It can only be an
   // organization number (such as "organizations/123"), a project ID (such as
   // "projects/my-project-id")", or a project number (such as "projects/12345").
-  string parent = 1;
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      child_type: "cloudasset.googleapis.com/Asset"
+    }
+  ];
 
   // A list of the full names of the assets. For example:
   // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`.
   // See [Resource
   // Names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
-  // and [Resource Name Format](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/resource-name-format)
+  // and [Resource Name
+  // Format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
   // for more info.
   //
   // The request becomes a no-op if the asset name list is empty, and the max
   // size of the asset name list is 100 in one request.
   repeated string asset_names = 2;
 
-  // Required. The content type.
-  ContentType content_type = 3;
+  // Optional. The content type.
+  ContentType content_type = 3 [(google.api.field_behavior) = OPTIONAL];
 
   // Optional. The time window for the asset history. Both start_time and
   // end_time are optional and if set, it must be after 2018-10-02 UTC. If
   // end_time is not set, it is default to current timestamp. If start_time is
   // not set, the snapshot of the assets at end_time will be returned. The
   // returned results contain all temporal assets whose time window overlap with
   // read_time_window.
-  TimeWindow read_time_window = 4;
+  TimeWindow read_time_window = 4 [(google.api.field_behavior) = OPTIONAL];
 }
 
 // Batch get assets history response.
@@ -142,6 +164,12 @@ message OutputConfig {
   oneof destination {
     // Destination on Cloud Storage.
     GcsDestination gcs_destination = 1;
+
+    // Destination on BigQuery. The output table stores the fields in asset
+    // proto as columns in BigQuery. The resource/iam_policy field is converted
+    // to a record with each field to a column, except metadata to a single JSON
+    // string.
+    BigQueryDestination bigquery_destination = 2;
   }
 }
 
@@ -155,9 +183,40 @@ message GcsDestination {
     // Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
     // for more information.
     string uri = 1;
+
+    // The uri prefix of all generated Cloud Storage objects. For example:
+    // "gs://bucket_name/object_name_prefix". Each object uri is in format:
+    // "gs://bucket_name/object_name_prefix/<asset type>/<shard number> and only
+    // contains assets for that type. <shard number> starts from 0. For example:
+    // "gs://bucket_name/object_name_prefix/compute.googleapis.com/Disk/0" is
+    // the first shard of output objects containing all
+    // compute.googleapis.com/Disk assets. An INVALID_ARGUMENT error will be
+    // returned if file with the same name "gs://bucket_name/object_name_prefix"
+    // already exists.
+    string uri_prefix = 2;
   }
 }
 
+// A BigQuery destination.
+message BigQueryDestination {
+  // Required. The BigQuery dataset in format
+  // "projects/projectId/datasets/datasetId", to which the snapshot result
+  // should be exported. If this dataset does not exist, the export call returns
+  // an error.
+  string dataset = 1 [(google.api.field_behavior) = REQUIRED];
+
+  // Required. The BigQuery table to which the snapshot result should be
+  // written. If this table does not exist, a new table with the given name
+  // will be created.
+  string table = 2 [(google.api.field_behavior) = REQUIRED];
+
+  // If the destination table already exists and this flag is `TRUE`, the
+  // table will be overwritten by the contents of assets snapshot. If the flag
+  // is not set and the destination table already exists, the export call
+  // returns an error.
+  bool force = 3;
+}
+
 // Asset content type.
 enum ContentType {
   // Unspecified content type.
@@ -168,4 +227,10 @@ enum ContentType {
 
   // The actual IAM policy set on a resource.
   IAM_POLICY = 2;
+
+  // The Cloud Organization Policy set on an asset.
+  ORG_POLICY = 4;
+
+  // The Cloud Access context mananger Policy set on an asset.
+  ACCESS_POLICY = 5;
 }