in tools/asset-inventory/asset_inventory/api_schema.py [0:0]
def _add_asset_export_fields(cls,
schema,
include_resource=True,
include_iam_policy=True):
"""Add the fields that the asset export adds to each resource.
Args:
schema: list of `google.cloud.bigquery.SchemaField` like dict
objects .
include_resource: to include resource schema.
include_iam_policy: to include iam policy schema.
Returns:
list of `google.cloud.bigquery.SchemaField` like dict objects.
"""
asset_schema = [{
'name': 'name',
'field_type': 'STRING',
'description': 'URL of the asset.',
'mode': 'REQUIRED'
}, {
'name': 'asset_type',
'field_type': 'STRING',
'description': 'Asset name.',
'mode': 'REQUIRED'
}, {
'name': 'timestamp',
'field_type': 'TIMESTAMP',
'description': 'Load time.',
'mode': 'NULLABLE'
}, {
'name': 'ancestors',
'field_type': 'STRING',
'mode': 'REPEATED',
'description': 'The ancestry path of an asset in Google Cloud.'
},
{
'name': 'update_time',
'field_type': 'STRING',
'mode': 'NULLABLE',
'description': 'The last update timestamp of an asset.'
}]
if include_resource:
resource_schema = list(schema)
_, last_modified = bigquery_schema.get_field_by_name(
resource_schema,
'lastModifiedTime')
if not last_modified:
# if we lack a lastModified time in the schema, add it, some
# resources include it without being in the schema.
resource_schema.append({
'name': 'lastModifiedTime',
'field_type': 'STRING',
'mode': 'NULLABLE',
'description': 'Last time resource was changed.'
})
asset_schema.append({
'name': 'resource',
'field_type': 'RECORD',
'description': 'Resource properties.',
'mode': 'NULLABLE',
'fields': [{
'name': 'version',
'field_type': 'STRING',
'description': 'Api version of resource.',
'mode': 'REQUIRED'
}, {
'name': 'discovery_document_uri',
'field_type': 'STRING',
'description': 'Discovery document uri.',
'mode': 'REQUIRED'
}, {
'name': 'parent',
'field_type': 'STRING',
'description': 'Parent resource.',
'mode': 'NULLABLE'
}, {
'name': 'discovery_name',
'field_type': 'STRING',
'description': 'Name in discovery document.',
'mode': 'REQUIRED'
}, {
'name': 'data',
'field_type': 'RECORD',
'description': 'Resource properties.',
'mode': 'NULLABLE',
'fields': resource_schema
},
{
'name': 'location',
'field_type': 'STRING',
'description': 'The location of the resource in Google Cloud, such as its zone and region. '
'For more information, see https://cloud.google.com/about/locations/.',
'mode': 'NULLABLE'
},
{
'name': 'json_data',
'field_type': 'JSON',
'description': 'Original JSON of the resource.',
'mode': 'NULLABLE'
}]
})
if include_iam_policy:
asset_schema.append({
'name': 'iam_policy',
'field_type': 'RECORD',
'description': 'IAM Policy',
'mode': 'NULLABLE',
'fields': [{
'name': 'etag',
'field_type': 'STRING',
'description': 'Etag.',
'mode': 'NULLABLE'
}, {
'name': 'audit_configs',
'field_type': 'RECORD',
'description': 'Logging of each type of permission.',
'mode': 'REPEATED',
'fields': [{
'name': 'service',
'field_type': 'STRING',
'description':
'Service that will be enabled for audit logging.',
'mode': 'NULLABLE'
}, {
'name': 'audit_log_configs',
'field_type': 'RECORD',
'description': 'Logging of each type of permission.',
'mode': 'REPEATED',
'fields': [{
'name': 'log_type',
'field_type': 'NUMERIC',
'mode': 'NULLABLE',
'description':
('1: Admin reads. Example: CloudIAM getIamPolicy'
'2: Data writes. Example: CloudSQL Users create'
'3: Data reads. Example: CloudSQL Users list')
}]
}]
}, {
'name': 'bindings',
'field_type': 'RECORD',
'mode': 'REPEATED',
'description': 'Bindings',
'fields': [{
'name': 'role',
'field_type': 'STRING',
'mode': 'NULLABLE',
'description': 'Assigned role.'
}, {
'name': 'members',
'field_type': 'STRING',
'mode': 'REPEATED',
'description': 'Principles assigned the role.'
}]
}]
})
return asset_schema