// Copyright 2018 Google LLC.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

syntax = "proto3";

package google.cloud.asset.v1beta1;

import "google/api/annotations.proto";
import "google/cloud/asset/v1beta1/assets.proto";
import "google/longrunning/operations.proto";
import "google/protobuf/timestamp.proto";

option csharp_namespace = "Google.Cloud.Asset.V1Beta1";
option go_package = "google.golang.org/genproto/googleapis/cloud/asset/v1beta1;asset";
option java_multiple_files = true;
option java_outer_classname = "AssetServiceProto";
option java_package = "com.google.cloud.asset.v1beta1";
option php_namespace = "Google\\Cloud\\Asset\\V1beta1";


// Asset service definition.
service AssetService {
  // Exports assets with time and resource types to a given Cloud Storage
  // location. The output format is newline-delimited JSON.
  // This API implements the [google.longrunning.Operation][google.longrunning.Operation] API allowing you
  // to keep track of the export.
  rpc ExportAssets(ExportAssetsRequest) returns (google.longrunning.Operation) {
    option (google.api.http) = {
      post: "/v1beta1/{parent=projects/*}:exportAssets"
      body: "*"
      additional_bindings {
        post: "/v1beta1/{parent=folders/*}:exportAssets"
        body: "*"
      }
      additional_bindings {
        post: "/v1beta1/{parent=organizations/*}:exportAssets"
        body: "*"
      }
    };
  }

  // Batch gets the update history of assets that overlap a time window.
  // For RESOURCE content, this API outputs history with asset in both
  // non-delete or deleted status.
  // For IAM_POLICY content, this API outputs history when the asset and its
  // attached IAM POLICY both exist. This can create gaps in the output history.
  rpc BatchGetAssetsHistory(BatchGetAssetsHistoryRequest) returns (BatchGetAssetsHistoryResponse) {
    option (google.api.http) = {
      get: "/v1beta1/{parent=projects/*}:batchGetAssetsHistory"
      additional_bindings {
        get: "/v1beta1/{parent=organizations/*}:batchGetAssetsHistory"
      }
    };
  }
}

// Export asset request.
message ExportAssetsRequest {
  // Required. The relative name of the root asset. This can only be an
  // organization number (such as "organizations/123"), a project ID (such as
  // "projects/my-project-id"), a project number (such as "projects/12345"), or
  // a folder number (such as "folders/123").
  string parent = 1;

  // Timestamp to take an asset snapshot. This can only be set to a timestamp
  // between 2018-10-02 UTC (inclusive) and the current time. If not specified,
  // the current time will be used. Due to delays in resource data collection
  // and indexing, there is a volatile window during which running the same
  // query may get different results.
  google.protobuf.Timestamp read_time = 2;

  // A list of asset types of which to take a snapshot for. For example:
  // "google.compute.Disk". If specified, only matching assets will be returned.
  // See [Introduction to Cloud Asset
  // Inventory](https://cloud.google.com/resource-manager/docs/cloud-asset-inventory/overview)
  // for all supported asset types.
  repeated string asset_types = 3;

  // Asset content type. If not specified, no content but the asset name will be
  // returned.
  ContentType content_type = 4;

  // Required. Output configuration indicating where the results will be output
  // to. All results will be in newline delimited JSON format.
  OutputConfig output_config = 5;
}

// The export asset response. This message is returned by the
// [google.longrunning.Operations.GetOperation][google.longrunning.Operations.GetOperation] method in the returned
// [google.longrunning.Operation.response][google.longrunning.Operation.response] field.
message ExportAssetsResponse {
  // Time the snapshot was taken.
  google.protobuf.Timestamp read_time = 1;

  // Output configuration indicating where the results were output to.
  // All results are in JSON format.
  OutputConfig output_config = 2;
}

// Batch get assets history request.
message BatchGetAssetsHistoryRequest {
  // Required. The relative name of the root asset. It can only be an
  // organization number (such as "organizations/123"), a project ID (such as
  // "projects/my-project-id")", or a project number (such as "projects/12345").
  string parent = 1;

  // A list of the full names of the assets. For example:
  // `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1`.
  // See [Resource Names](https://cloud.google.com/apis/design/resource_names#full_resource_name)
  // for more info.
  //
  // The request becomes a no-op if the asset name list is empty, and the max
  // size of the asset name list is 100 in one request.
  repeated string asset_names = 2;

  // Required. The content type.
  ContentType content_type = 3;

  // Optional. The time window for the asset history. Both start_time and
  // end_time are optional and if set, it must be after 2018-10-02 UTC. If
  // end_time is not set, it is default to current timestamp. If start_time is
  // not set, the snapshot of the assets at end_time will be returned. The
  // returned results contain all temporal assets whose time window overlap with
  // read_time_window.
  TimeWindow read_time_window = 4;
}

// Batch get assets history response.
message BatchGetAssetsHistoryResponse {
  // A list of assets with valid time windows.
  repeated TemporalAsset assets = 1;
}

// Output configuration for export assets destination.
message OutputConfig {
  // Asset export destination.
  oneof destination {
    // Destination on Cloud Storage.
    GcsDestination gcs_destination = 1;
  }
}

// A Cloud Storage location.
message GcsDestination {
  // Required.
  oneof object_uri {
    // The uri of the Cloud Storage object. It's the same uri that is used by
    // gsutil. For example: "gs://bucket_name/object_name". See [Viewing and
    // Editing Object
    // Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata)
    // for more information.
    string uri = 1;
  }
}

// Asset content type.
enum ContentType {
  // Unspecified content type.
  CONTENT_TYPE_UNSPECIFIED = 0;

  // Resource metadata.
  RESOURCE = 1;

  // The actual IAM policy set on a resource.
  IAM_POLICY = 2;
}