- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- GovernedContainer
- Try it!
Analyzes organization policies governed containers (projects, folders or organization) under a scope.
HTTP request
GET https://cloudasset.googleapis.com/v1/{scope=*/*}:analyzeOrgPolicyGovernedContainers
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
scope |
Required. The organization to scope the request. Only organization policies within the scope will be analyzed. The output containers will also be limited to the ones governed by those in-scope organization policies.
Authorization requires one or more of the following IAM permissions on the specified resource
|
Query parameters
Parameters | |
---|---|
constraint |
Required. The name of the constraint to analyze governed containers for. The analysis only contains organization policies for the provided constraint. |
filter |
The expression to filter When filtering by a specific field, the only supported operator is |
pageToken |
The pagination token to retrieve the next page. |
pageSize |
The maximum number of items to return per page. If unspecified, |
Request body
The request body must be empty.
Response body
The response message for AssetService.AnalyzeOrgPolicyGovernedContainers
.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "governedContainers": [ { object ( |
Fields | |
---|---|
governedContainers[] |
The list of the analyzed governed containers. |
constraint |
The definition of the constraint in the request. |
nextPageToken |
The page token to fetch the next page for |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
GovernedContainer
The organization/folder/project resource governed by organization policies of AnalyzeOrgPolicyGovernedContainersRequest.constraint
.
JSON representation |
---|
{ "fullResourceName": string, "parent": string, "consolidatedPolicy": { object ( |
Fields | |
---|---|
fullResourceName |
The full resource name of an organization/folder/project resource. |
parent |
The full resource name of the parent of |
consolidatedPolicy |
The consolidated organization policy for the analyzed resource. The consolidated organization policy is computed by merging and evaluating |
policyBundle[] |
The ordered list of all organization policies from the [AnalyzeOrgPoliciesResponse.OrgPolicyResult.consolidated_policy.attached_resource][]. to the scope specified in the request. If the constraint is defined with default policy, it will also appear in the list. |
project |
The project that this resource belongs to, in the format of projects/{PROJECT_NUMBER}. This field is available when the resource belongs to a project. |
folders[] |
The folder(s) that this resource belongs to, in the format of folders/{FOLDER_NUMBER}. This field is available when the resource belongs (directly or cascadingly) to one or more folders. |
organization |
The organization that this resource belongs to, in the format of organizations/{ORGANIZATION_NUMBER}. This field is available when the resource belongs (directly or cascadingly) to an organization. |
effectiveTags[] |
The effective tags on this resource. |