1<?php
2/*
3 * Copyright 2014 Google Inc.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
6 * use this file except in compliance with the License. You may obtain a copy of
7 * the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14 * License for the specific language governing permissions and limitations under
15 * the License.
16 */
17
18namespace Google\Service\SecurityCommandCenter\Resource;
19
20use Google\Service\SecurityCommandCenter\GroupAssetsRequest;
21use Google\Service\SecurityCommandCenter\GroupAssetsResponse;
22use Google\Service\SecurityCommandCenter\ListAssetsResponse;
23use Google\Service\SecurityCommandCenter\Operation;
24use Google\Service\SecurityCommandCenter\RunAssetDiscoveryRequest;
25use Google\Service\SecurityCommandCenter\SecurityMarks;
26
27/**
28 * The "assets" collection of methods.
29 * Typical usage is:
30 *  <code>
31 *   $securitycenterService = new Google\Service\SecurityCommandCenter(...);
32 *   $assets = $securitycenterService->assets;
33 *  </code>
34 */
35class OrganizationsAssets extends \Google\Service\Resource
36{
37  /**
38   * Filters an organization's assets and groups them by their specified
39   * properties. (assets.group)
40   *
41   * @param string $parent Required. Name of the organization to groupBy. Its
42   * format is "organizations/[organization_id], folders/[folder_id], or
43   * projects/[project_id]".
44   * @param GroupAssetsRequest $postBody
45   * @param array $optParams Optional parameters.
46   * @return GroupAssetsResponse
47   */
48  public function group($parent, GroupAssetsRequest $postBody, $optParams = [])
49  {
50    $params = ['parent' => $parent, 'postBody' => $postBody];
51    $params = array_merge($params, $optParams);
52    return $this->call('group', [$params], GroupAssetsResponse::class);
53  }
54  /**
55   * Lists an organization's assets. (assets.listOrganizationsAssets)
56   *
57   * @param string $parent Required. Name of the organization assets should belong
58   * to. Its format is "organizations/[organization_id], folders/[folder_id], or
59   * projects/[project_id]".
60   * @param array $optParams Optional parameters.
61   *
62   * @opt_param string compareDuration When compare_duration is set, the
63   * ListAssetsResult's "state_change" attribute is updated to indicate whether
64   * the asset was added, removed, or remained present during the compare_duration
65   * period of time that precedes the read_time. This is the time between
66   * (read_time - compare_duration) and read_time. The state_change value is
67   * derived based on the presence of the asset at the two points in time.
68   * Intermediate state changes between the two times don't affect the result. For
69   * example, the results aren't affected if the asset is removed and re-created
70   * again. Possible "state_change" values when compare_duration is specified: *
71   * "ADDED": indicates that the asset was not present at the start of
72   * compare_duration, but present at read_time. * "REMOVED": indicates that the
73   * asset was present at the start of compare_duration, but not present at
74   * read_time. * "ACTIVE": indicates that the asset was present at both the start
75   * and the end of the time period defined by compare_duration and read_time. If
76   * compare_duration is not specified, then the only possible state_change is
77   * "UNUSED", which will be the state_change set for all assets present at
78   * read_time.
79   * @opt_param string fieldMask A field mask to specify the ListAssetsResult
80   * fields to be listed in the response. An empty field mask will list all
81   * fields.
82   * @opt_param string filter Expression that defines the filter to apply across
83   * assets. The expression is a list of zero or more restrictions combined via
84   * logical operators `AND` and `OR`. Parentheses are supported, and `OR` has
85   * higher precedence than `AND`. Restrictions have the form ` ` and may have a
86   * `-` character in front of them to indicate negation. The fields map to those
87   * defined in the Asset resource. Examples include: * name *
88   * security_center_properties.resource_name * resource_properties.a_property *
89   * security_marks.marks.marka The supported operators are: * `=` for all value
90   * types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring
91   * matching, for strings. The supported value types are: * string literals in
92   * quotes. * integer literals without quotes. * boolean literals `true` and
93   * `false` without quotes. The following are the allowed field and operator
94   * combinations: * name: `=` * update_time: `=`, `>`, `<`, `>=`, `<=` Usage:
95   * This should be milliseconds since epoch or an RFC3339 string. Examples:
96   * `update_time = "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` *
97   * create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds
98   * since epoch or an RFC3339 string. Examples: `create_time =
99   * "2019-06-10T16:07:18-07:00"` `create_time = 1560208038000` *
100   * iam_policy.policy_blob: `=`, `:` * resource_properties: `=`, `:`, `>`, `<`,
101   * `>=`, `<=` * security_marks.marks: `=`, `:` *
102   * security_center_properties.resource_name: `=`, `:` *
103   * security_center_properties.resource_display_name: `=`, `:` *
104   * security_center_properties.resource_type: `=`, `:` *
105   * security_center_properties.resource_parent: `=`, `:` *
106   * security_center_properties.resource_parent_display_name: `=`, `:` *
107   * security_center_properties.resource_project: `=`, `:` *
108   * security_center_properties.resource_project_display_name: `=`, `:` *
109   * security_center_properties.resource_owners: `=`, `:` For example,
110   * `resource_properties.size = 100` is a valid filter string. Use a partial
111   * match on the empty string to filter based on a property existing:
112   * `resource_properties.my_property : ""` Use a negated partial match on the
113   * empty string to filter based on a property not existing:
114   * `-resource_properties.my_property : ""`
115   * @opt_param string orderBy Expression that defines what fields and order to
116   * use for sorting. The string value should follow SQL syntax: comma separated
117   * list of fields. For example: "name,resource_properties.a_property". The
118   * default sorting order is ascending. To specify descending order for a field,
119   * a suffix " desc" should be appended to the field name. For example: "name
120   * desc,resource_properties.a_property". Redundant space characters in the
121   * syntax are insignificant. "name desc,resource_properties.a_property" and "
122   * name desc , resource_properties.a_property " are equivalent. The following
123   * fields are supported: name update_time resource_properties
124   * security_marks.marks security_center_properties.resource_name
125   * security_center_properties.resource_display_name
126   * security_center_properties.resource_parent
127   * security_center_properties.resource_parent_display_name
128   * security_center_properties.resource_project
129   * security_center_properties.resource_project_display_name
130   * security_center_properties.resource_type
131   * @opt_param int pageSize The maximum number of results to return in a single
132   * response. Default is 10, minimum is 1, maximum is 1000.
133   * @opt_param string pageToken The value returned by the last
134   * `ListAssetsResponse`; indicates that this is a continuation of a prior
135   * `ListAssets` call, and that the system should return the next page of data.
136   * @opt_param string readTime Time used as a reference point when filtering
137   * assets. The filter is limited to assets existing at the supplied time and
138   * their values are those at that specific time. Absence of this field will
139   * default to the API's version of NOW.
140   * @return ListAssetsResponse
141   */
142  public function listOrganizationsAssets($parent, $optParams = [])
143  {
144    $params = ['parent' => $parent];
145    $params = array_merge($params, $optParams);
146    return $this->call('list', [$params], ListAssetsResponse::class);
147  }
148  /**
149   * Runs asset discovery. The discovery is tracked with a long-running operation.
150   * This API can only be called with limited frequency for an organization. If it
151   * is called too frequently the caller will receive a TOO_MANY_REQUESTS error.
152   * (assets.runDiscovery)
153   *
154   * @param string $parent Required. Name of the organization to run asset
155   * discovery for. Its format is "organizations/[organization_id]".
156   * @param RunAssetDiscoveryRequest $postBody
157   * @param array $optParams Optional parameters.
158   * @return Operation
159   */
160  public function runDiscovery($parent, RunAssetDiscoveryRequest $postBody, $optParams = [])
161  {
162    $params = ['parent' => $parent, 'postBody' => $postBody];
163    $params = array_merge($params, $optParams);
164    return $this->call('runDiscovery', [$params], Operation::class);
165  }
166  /**
167   * Updates security marks. (assets.updateSecurityMarks)
168   *
169   * @param string $name The relative resource name of the SecurityMarks. See:
170   * https://cloud.google.com/apis/design/resource_names#relative_resource_name
171   * Examples: "organizations/{organization_id}/assets/{asset_id}/securityMarks" "
172   * organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/sec
173   * urityMarks".
174   * @param SecurityMarks $postBody
175   * @param array $optParams Optional parameters.
176   *
177   * @opt_param string startTime The time at which the updated SecurityMarks take
178   * effect. If not set uses current server time. Updates will be applied to the
179   * SecurityMarks that are active immediately preceding this time. Must be
180   * earlier or equal to the server time.
181   * @opt_param string updateMask The FieldMask to use when updating the security
182   * marks resource. The field mask must not contain duplicate fields. If empty or
183   * set to "marks", all marks will be replaced. Individual marks can be updated
184   * using "marks.".
185   * @return SecurityMarks
186   */
187  public function updateSecurityMarks($name, SecurityMarks $postBody, $optParams = [])
188  {
189    $params = ['name' => $name, 'postBody' => $postBody];
190    $params = array_merge($params, $optParams);
191    return $this->call('updateSecurityMarks', [$params], SecurityMarks::class);
192  }
193}
194
195// Adding a class alias for backwards compatibility with the previous class name.
196class_alias(OrganizationsAssets::class, 'Google_Service_SecurityCommandCenter_Resource_OrganizationsAssets');
197