Cloud Asset and GCP API hybrid client fassade.
CaiApiClientImpl(config, engine, tmpfile)[source]¶Bases: google.cloud.forseti.services.inventory.base.gcp.ApiClientImpl
The gcp api client Implementation
_abc_cache = <_weakrefset.WeakSet object>¶_abc_negative_cache = <_weakrefset.WeakSet object>¶_abc_negative_cache_version = 214¶_abc_registry = <_weakrefset.WeakSet object>¶_iter_compute_resources(asset_type, project_number)[source]¶Iterate Compute resources from Cloud Asset data.
| Parameters: |
|
|---|---|
| Returns: | A generator of resources from Cloud Asset data. |
| Return type: | generator |
fetch_bigquery_dataset_policy(project_id, project_number, dataset_id)[source]¶Dataset policy Iterator for a dataset from Cloud Asset data.
| Parameters: |
|
|---|---|
| Returns: | Dataset Policy. |
| Return type: | dict |
fetch_bigquery_iam_policy(project_id, project_number, dataset_id)[source]¶Gets IAM policy of a bigquery dataset from Cloud Asset data.
| Parameters: |
|
|---|---|
| Returns: | Dataset IAM Policy. |
| Return type: | dict |
fetch_billing_account_iam_policy(account_id)[source]¶Gets IAM policy of a Billing Account from Cloud Asset data.
| Parameters: | account_id (str) – id of the billing account to get policy. |
|---|---|
| Returns: | Billing Account IAM policy. |
| Return type: | dict |
fetch_crm_folder(folder_id)[source]¶Fetch Folder data from Cloud Asset data.
| Parameters: | folder_id (str) – id of the folder to query. |
|---|---|
| Returns: | Folder resource. |
| Return type: | dict |
fetch_crm_folder_iam_policy(folder_id)[source]¶Folder IAM policy in a folder from Cloud Asset data.
| Parameters: | folder_id (str) – id of the folder to get policy. |
|---|---|
| Returns: | Folder IAM policy. |
| Return type: | dict |
fetch_crm_organization(org_id)[source]¶Fetch Organization data from Cloud Asset data.
| Parameters: | org_id (str) – id of the organization to get. |
|---|---|
| Returns: | Organization resource. |
| Return type: | dict |
fetch_crm_organization_iam_policy(org_id)[source]¶Organization IAM policy from Cloud Asset data.
| Parameters: | org_id (str) – id of the organization to get policy. |
|---|---|
| Returns: | Organization IAM policy. |
| Return type: | dict |
fetch_crm_project(project_number)[source]¶Fetch Project data from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Returns: | Project resource. |
| Return type: | dict |
fetch_crm_project_iam_policy(project_number)[source]¶Project IAM policy from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Returns: | Project IAM Policy. |
| Return type: | dict |
fetch_dataproc_cluster_iam_policy(cluster)[source]¶Fetch Dataproc Cluster IAM Policy from Cloud Asset data.
| Parameters: | cluster (str) – The Dataproc cluster to query, must be in the format projects/{PROJECT_ID}/regions/{REGION}/clusters/{CLUSTER_NAME} |
|---|---|
| Returns: | Cluster IAM policy. |
| Return type: | dict |
fetch_gae_app(project_id)[source]¶Fetch the AppEngine App from Cloud Asset data.
| Parameters: | project_id (str) – id of the project to query |
|---|---|
| Returns: | AppEngine App resource. |
| Return type: | dict |
fetch_iam_serviceaccount_iam_policy(name, unique_id)[source]¶Service Account IAM policy from Cloud Asset data.
| Parameters: |
|
|---|---|
| Returns: | Service Account IAM policy. |
| Return type: | dict |
fetch_kms_cryptokey_iam_policy(cryptokey)[source]¶Fetch KMS Cryptokey IAM Policy from Cloud Asset data.
| Parameters: | cryptokey (str) – The KMS cryptokey to query, must be in the format projects/{PROJECT_ID}/locations/{LOCATION}/keyRings/{RING_NAME}/ cryptoKeys/{CRYPTOKEY_NAME} |
|---|---|
| Returns: | KMS Cryptokey IAM policy |
| Return type: | dict |
fetch_kms_keyring_iam_policy(keyring)[source]¶Fetch KMS Keyring IAM Policy from Cloud Asset data.
| Parameters: | keyring (str) – The KMS keyring to query, must be in the format projects/{PROJECT_ID}/locations/{LOCATION}/keyRings/{RING_NAME} |
|---|---|
| Returns: | KMS Keyring IAM policy |
| Return type: | dict |
fetch_pubsub_subscription_iam_policy(name)[source]¶PubSub Subscription IAM policy from Cloud Asset data.
| Parameters: | name (str) – The pubsub topic to query, must be in the format projects/{PROJECT_ID}/subscriptions/{SUBSCRIPTION_NAME} |
|---|---|
| Returns: | PubSub Topic IAM policy |
| Return type: | dict |
fetch_pubsub_topic_iam_policy(name)[source]¶PubSub Topic IAM policy from Cloud Asset data.
| Parameters: | name (str) – The pubsub topic to query, must be in the format projects/{PROJECT_ID}/topics/{TOPIC_NAME} |
|---|---|
| Returns: | PubSub Topic IAM policy |
| Return type: | dict |
fetch_storage_bucket_acls(bucket_id, project_id, project_number)[source]¶Bucket Access Controls from GCP API.
| Parameters: |
|
|---|---|
| Returns: | Bucket Access Controls. |
| Return type: | list |
fetch_storage_bucket_iam_policy(bucket_id)[source]¶Bucket IAM policy Iterator from Cloud Asset data.
| Parameters: | bucket_id (str) – id of the bucket to query |
|---|---|
| Returns: | Bucket IAM policy |
| Return type: | dict |
iter_bigquery_datasets(project_number)[source]¶Iterate Datasets from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of datasets. |
iter_bigquery_tables(dataset_reference)[source]¶Iterate Tables from Cloud Asset data.
| Parameters: | dataset_reference (dict) – dataset to reference. |
|---|---|
| Yields: | dict – Generator of tables. |
iter_bigtable_clusters(project_id, instance_id)[source]¶Iterate Bigtable Clusters from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of Bigtable Clusters. |
iter_bigtable_instances(project_number)[source]¶Iterate Bigtable Instances from Cloud Asset data.
| Parameters: | project_number (str) – The project number. |
|---|---|
| Yields: | dict – Generator of Bigtable Instances. |
iter_bigtable_tables(project_id, instance_id)[source]¶Iterate Bigtable Table from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of Bigtable Tables. |
iter_billing_accounts()[source]¶Iterate Billing Accounts in an organization from Cloud Asset data.
| Yields: | dict – Generator of billing accounts. |
|---|
iter_cloudsql_instances(project_id, project_number)[source]¶Iterate Cloud sql instances from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of cloudsql instances. |
iter_compute_address(project_number)[source]¶Iterate Addresses from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of address resources. |
iter_compute_autoscalers(project_number)[source]¶Iterate Autoscalers from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of autoscaler resources. |
iter_compute_backendbuckets(project_number)[source]¶Iterate Backend buckets from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of backend bucket resources. |
iter_compute_backendservices(project_number)[source]¶Iterate Backend services from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of backend service. |
iter_compute_disks(project_number)[source]¶Iterate Compute Engine disks from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of Compute Disk. |
iter_compute_firewalls(project_number)[source]¶Iterate Compute Engine Firewalls from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of Compute Engine Firewall. |
iter_compute_forwardingrules(project_number)[source]¶Iterate Forwarding Rules from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of forwarding rule resources. |
iter_compute_healthchecks(project_number)[source]¶Iterate Health checks from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of health check resources. |
iter_compute_httphealthchecks(project_number)[source]¶Iterate HTTP Health checks from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of HTTP health check resources. |
iter_compute_httpshealthchecks(project_number)[source]¶Iterate HTTPS Health checks from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of HTTPS health check resources. |
iter_compute_ig_managers(project_number)[source]¶Iterate Instance Group Manager from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of instance group manager resources. |
iter_compute_images(project_number)[source]¶Iterate Images from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of image resources. |
iter_compute_instancegroups(project_number)[source]¶Iterate Compute Engine groups from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of Compute Instance group. |
iter_compute_instances(project_number)[source]¶Iterate compute engine instance from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of Compute Engine Instance resources. |
iter_compute_instancetemplates(project_number)[source]¶Iterate Instance Templates from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of instance template resources. |
iter_compute_interconnect_attachments(project_number)[source]¶Iterate Interconnect Attachments from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of instance interconnect attachment resources. |
iter_compute_interconnects(project_number)[source]¶Iterate Interconnects from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of instance interconnect resources. |
iter_compute_licenses(project_number)[source]¶Iterate Licenses from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of license resources. |
iter_compute_networks(project_number)[source]¶Iterate Networks from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of network resources. |
iter_compute_project(project_number)[source]¶Iterate Project from Cloud Asset data.
Will only ever return up to 1 result. Ensures compatibility with other resource iterators.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of compute project resources. |
iter_compute_routers(project_number)[source]¶Iterate Compute Engine routers from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of Compute Routers. |
iter_compute_securitypolicies(project_number)[source]¶Iterate Security Policies from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of instance Security Policies. |
iter_compute_snapshots(project_number)[source]¶Iterate Compute Engine snapshots from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of Compute Snapshots. |
iter_compute_sslcertificates(project_number)[source]¶Iterate SSL certificates from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of ssl certificate resources. |
iter_compute_subnetworks(project_number)[source]¶Iterate Subnetworks from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of subnetwork resources. |
iter_compute_targethttpproxies(project_number)[source]¶Iterate Target HTTP proxies from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of target http proxy resources. |
iter_compute_targethttpsproxies(project_number)[source]¶Iterate Target HTTPS proxies from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of target https proxy resources. |
iter_compute_targetinstances(project_number)[source]¶Iterate Target Instances from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of target instance resources. |
iter_compute_targetpools(project_number)[source]¶Iterate Target Pools from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of target pool resources. |
iter_compute_targetsslproxies(project_number)[source]¶Iterate Target SSL proxies from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of target ssl proxy resources. |
iter_compute_targettcpproxies(project_number)[source]¶Iterate Target TCP proxies from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of target tcp proxy resources. |
iter_compute_targetvpngateways(project_number)[source]¶Iterate Target VPN Gateways from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of target tcp proxy resources. |
iter_compute_urlmaps(project_number)[source]¶Iterate URL maps from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of url map resources. |
iter_compute_vpntunnels(project_number)[source]¶Iterate VPN tunnels from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of vpn tunnel resources. |
iter_container_clusters(project_number)[source]¶Iterate Kubernetes Engine Cluster from Cloud Asset data.
| Parameters: | project_number (str) – number of the project to query. |
|---|---|
| Yields: | dict – Generator of Kubernetes Engine Cluster resources. |
iter_crm_folders(parent_id)[source]¶Iterate Folders from Cloud Asset data.
| Parameters: | parent_id (str) – id of the parent of the folder |
|---|---|
| Yields: | dict – Generator of folders |
iter_crm_projects(parent_type, parent_id)[source]¶Iterate Projects from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of Project resources |
iter_dataproc_clusters(project_id, region=None)[source]¶Iterate Dataproc clusters from GCP API.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of Cluster resources. |
iter_dns_managedzones(project_number)[source]¶Iterate CloudDNS Managed Zones from Cloud Asset data.
| Parameters: | project_number (str) – number of the parent project. |
|---|---|
| Yields: | dict – Generator of ManagedZone resources |
iter_dns_policies(project_number)[source]¶Iterate CloudDNS Policies from Cloud Asset data.
| Parameters: | project_number (str) – number of the parent project of the policy. |
|---|---|
| Yields: | dict – Generator of ManagedZone resources |
iter_gae_services(project_id)[source]¶Iterate gae services from Cloud Asset data.
| Parameters: | project_id (str) – id of the project to query |
|---|---|
| Yields: | dict – Generator of AppEngine Service resources. |
iter_gae_versions(project_id, service_id)[source]¶Iterate gae versions from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of AppEngine Version resources. |
iter_iam_organization_roles(org_id)[source]¶Iterate Organization roles from Cloud Asset data.
| Parameters: | org_id (str) – id of the organization to get. |
|---|---|
| Yields: | dict – Generator of organization role. |
iter_iam_project_roles(project_id, project_number)[source]¶Iterate Project roles in a project from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of project roles. |
iter_iam_serviceaccounts(project_id, project_number)[source]¶Iterate Service Accounts in a project from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of service account. |
iter_kms_cryptokeys(parent)[source]¶Iterate KMS Cryptokeys in a keyring from Cloud Asset data.
| Parameters: | parent (str) – The KMS keyring to query, must be in the format projects/{PROJECT_ID}/locations/{LOCATION}/keyRings/{RING_NAME} |
|---|---|
| Yields: | dict – Generator of KMS Cryptokey resources |
iter_kms_cryptokeyversions(parent)[source]¶Iterate KMS Cryptokey Versions from Cloud Asset data.
| Parameters: | parent (str) – The KMS keyring to query, must be in the format projects/{PROJECT_ID}/locations/{LOCATION}/keyRings/{RING_NAME}/ cryptoKeys/{CRYPTOKEY_NAME} |
|---|---|
| Yields: | dict – Generator of KMS Cryptokeyversion resources |
iter_kms_keyrings(project_id, location=None)[source]¶Iterate KMS Keyrings in a project from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of KMS Keyring resources |
iter_kubernetes_clusterrolebindings(project_id, zone, cluster)[source]¶Iterate k8s cluster role bindings in a cluster from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of cluster role bindings. |
iter_kubernetes_clusterroles(project_id, zone, cluster)[source]¶Iterate k8s cluster roles in a cluster from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of cluster roles. |
iter_kubernetes_namespaces(project_id, zone, cluster)[source]¶Iterate k8s namespaces in a cluster from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of namespaces. |
iter_kubernetes_nodes(project_id, zone, cluster)[source]¶Iterate k8s nodes in a cluster from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of nodes. |
iter_kubernetes_pods(project_id, zone, cluster, namespace)[source]¶Iterate k8s pods in a namespace from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of pods. |
iter_kubernetes_rolebindings(project_id, zone, cluster, namespace)[source]¶Iterate k8s role bindings in a namespace from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of role bindings. |
iter_kubernetes_roles(project_id, zone, cluster, namespace)[source]¶Iterate k8s roles in a namespace from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of roles. |
iter_pubsub_subscriptions(project_id, project_number)[source]¶Iterate PubSub subscriptions from GCP API.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of Pubsub Subscription resources |
iter_pubsub_topics(project_id, project_number)[source]¶Iterate PubSub topics from Cloud Asset data.
| Parameters: |
|
|---|---|
| Yields: | dict – Generator of Pubsub Topic resources |
iter_spanner_databases(parent)[source]¶Iterate Spanner Databases from Cloud Asset data.
| Parameters: | parent (str) – parent spanner instance to query. |
|---|---|
| Yields: | dict – Generator of Spanner Database resources |
_fixup_resource_keys(resource, key_map, only_fixup_lists=False)[source]¶Correct different attribute names between CAI and json representation. :param resource: The resource dictionary to scan for keys in the
key_map.
| Parameters: |
|
|---|---|
| Returns: | A resource dict with all bad keys replaced with good keys. |
| Return type: | dict |