CloudAsset.V1.AnalyzeIamPolicy doesn't return analysisResult object with permissions query selector

[Shaman9]

https://github.com/googleapis/google-api-java-client-services/blob/a08060cbcdae8b1c19474223cf3b63d4f4289247/clients/google-api-services-cloudasset/v1/2.0.0/com/google/api/services/cloudasset/v1/CloudAsset.java#L2776

Hi, I'm using CloudAsset.V1.AnalyzeIamPolicy for finding list of permissions for a specific service account on a specific project.

When I'm using setAnalysisQueryAccessSelectorPermissions(List.of("bigquery.datasets.get")) for CloudAsset.V1.AnalyzeIamPolicy request I'm receiving response without analysisResult object. Without setAnalysisQueryAccessSelectorPermissions(List.of("bigquery.datasets.get")) it works fine, but I need to set permissions as a filter before I execute request. See attached screenshots

Meanwhile https://cloud.google.com/asset-inventory/docs/reference/rest/v1/TopLevel/analyzeIamPolicy has webform to test the method. And it's working in both cases (with and without permissions selector) with the same parameters. See attached json

I'm using Java 17 Library and its version: <groupId>com.google.apis</groupId> <artifactId>google-api-services-cloudasset</artifactId> v1-rev20231103-2.0.0

all required permissions are granted: cloudasset.assets.analyzeIamPolicy, cloudasset.assets.searchAllResources cloudasset.assets.searchAllIamPolicies

and a target resource totally has the searched permission

[mpeddada1]

Hi @Shaman9, is this something that you experienced in version 1.31.0 as well? Additionally, could you also please share a reproducer that we can try out?

[Shaman9]

Hi @mpeddada1, yes I've tried but was the same issue. GetPermissions.txt

[meltsufin]

Would you be able to capture the HTTP request that is being sent through the client?