Method: organizations.securityAssessmentResults.batchCompute

Compute RAV2 security scores for a set of resources.

HTTP request

POST https://apigee.googleapis.com/v1/{name=organizations/*/securityAssessmentResults}:batchCompute

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
name

string

Required. Name of the organization for which the score needs to be computed in the following format: organizations/{org}/securityAssessmentResults

Request body

The request body contains data with the following structure:

JSON representation 
{
  "profile": string,
  "scope": string,
  "pageSize": integer,
  "pageToken": string,

  // Union field resources can be only one of the following:
  "includeAllResources": {
    object (IncludeAll)
  },
  "include": {
    object (ResourceArray)
  }
  // End of list of possible types for union field resources.
}
Fields
profile

string

Required. Name of the profile that is used for computation.
scope

string

Required. Scope of the resources for the computation. For Apigee, the environment is the scope of the resources.
pageSize

integer

Optional. The maximum number of results to return. The service may return fewer than this value. If unspecified, at most 50 results will be returned.
pageToken

string

Optional. A page token, received from a previous securityAssessmentResults.batchCompute call. Provide this to retrieve the subsequent page.
Union field resources. REQUIRED resources can be only one of the following:
includeAllResources

object (IncludeAll)

Include all resources under the scope.
include

object (ResourceArray)

Include only these resources.

Response body

Response for securityAssessmentResults.batchCompute.

If successful, the response body contains data with the following structure:

JSON representation 
{
  "securityAssessmentResults": [
    {
      object (SecurityAssessmentResult)
    }
  ],
  "assessmentTime": string,
  "nextPageToken": string
}
Fields
securityAssessmentResults[]

object (SecurityAssessmentResult)

Default sort order is by resource name in alphabetic order.
assessmentTime

string (Timestamp format)

The time of the assessment api call.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".
nextPageToken

string

A token that can be sent as pageToken to retrieve the next page. If this field is blank, there are no subsequent pages.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

IncludeAll

This type has no fields.

Message for includeAllResources option.

ResourceArray

Message for the array of resources. For Apigee, the proxies are resources.

JSON representation 
{
  "resources": [
    {
      object (Resource)
    }
  ]
}
Fields
resources[]

object (Resource)

Required. The array of resources. For Apigee, the proxies are resources.

Resource

Resource for which we are computing security assessment.

JSON representation 
{
  "type": enum (ResourceType),
  "name": string
}
Fields
type

enum (ResourceType)

Required. Type of this resource.
name

string

Required. Name of this resource.

ResourceType

Type of the resource

Enums
RESOURCE_TYPE_UNSPECIFIED ResourceType not specified.
API_PROXY Resource is an Apigee Proxy.

SecurityAssessmentResult

The security assessment result for one resource.

JSON representation 
{
  "resource": {
    object (Resource)
  },
  "createTime": string,

  // Union field result can be only one of the following:
  "scoringResult": {
    object (ScoringResult)
  },
  "error": {
    object (Status)
  }
  // End of list of possible types for union field result.
}
Fields
resource

object (Resource)

The assessed resource.
createTime

string (Timestamp format)

The time of the assessment of this resource. This could lag behind assessmentTime due to caching within the backend.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

Union field result.

result can be only one of the following:
scoringResult

object (ScoringResult)

The result of the assessment.
error

object (Status)

The error status if scoring fails.

Resource

Resource for which we are computing security assessment.

JSON representation 
{
  "type": enum (ResourceType),
  "name": string,
  "resourceRevisionId": string
}
Fields
type

enum (ResourceType)

Required. Type of this resource.
name

string

Required. Name of this resource.
resourceRevisionId

string

The revision id for the resource. In case of Apigee, this is proxy revision id.

ResourceType

Type of the resource

Enums
RESOURCE_TYPE_UNSPECIFIED ResourceType not specified.
API_PROXY Resource is an Apigee Proxy.

ScoringResult

The result of the assessment.

JSON representation 
{
  "score": integer,
  "severity": enum (Severity),
  "failedAssessmentPerWeight": {
    string: integer,
    ...
  },
  "assessmentRecommendations": {
    string: {
      object (AssessmentRecommendation)
    },
    ...
  },
  "dataUpdateTime": string
}
Fields
score

integer

The security score of the assessment.
severity

enum (Severity)
failedAssessmentPerWeight

map (key: string, value: integer)

The number of failed assessments grouped by its weight. Keys are one of the following: "MAJOR", "MODERATE", "MINOR".

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
assessmentRecommendations

map (key: string, value: object (AssessmentRecommendation))

The recommendations of the assessment. The key is the "name" of the assessment (not displayName), and the value are the recommendations.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
dataUpdateTime

string (Timestamp format)

The time when resource data was last fetched for this resource. This time may be different than when the resource was actually updated due to lag in data collection.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

Severity

The severity definition.

Enums
SEVERITY_UNSPECIFIED Severity is not defined.
LOW Severity is low.
MEDIUM Severity is medium.
HIGH Severity is high.
MINIMAL Severity is minimal

AssessmentRecommendation

The message format of a recommendation from the assessment.

JSON representation 
{
  "displayName": string,
  "weight": enum (Weight),
  "scoreImpact": integer,
  "verdict": enum (Verdict),
  "recommendations": [
    {
      object (Recommendation)
    }
  ]
}
Fields
displayName

string

The display name of the assessment.
weight

enum (Weight)

The weight of the assessment which was set in the profile.
scoreImpact

integer

Score impact indicates the impact on the overall score if the assessment were to pass.
verdict

enum (Verdict)

Verdict indicates the assessment result.
recommendations[]

object (Recommendation)

The recommended steps of the assessment.

Weight

The assessment weight of a assessment within the profile.

Enums
WEIGHT_UNSPECIFIED The weight is unspecified.
MINOR The weight is minor.
MODERATE The weight is moderate.
MAJOR The weight is major.

Verdict

Verdict indicates the assessment result.

Enums
VERDICT_UNSPECIFIED The verdict is unspecified.
PASS The assessment has passed.
FAIL The assessment has failed.

Recommendation

The format of the assessment recommendation.

JSON representation 
{
  "description": string,
  "link": {
    object (Link)
  }
}
Fields
description

string

The description of the recommendation.