Method: searchAllResources

Searches all Cloud resources within the specified scope, such as a project, folder, or organization. The caller must be granted the cloudasset.assets.searchAllResources permission on the desired scope, otherwise the request will be rejected.

HTTP request

GET https://cloudasset.googleapis.com/v1/{scope=*/*}:searchAllResources

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
scope

string

Required. A scope can be a project, a folder, or an organization. The search is limited to the resources within the scope. The caller must be granted the cloudasset.assets.searchAllResources permission on the desired scope.

The allowed values are:

  • projects/{PROJECT_ID} (e.g., "projects/foo-bar")
  • projects/{PROJECT_NUMBER} (e.g., "projects/12345678")
  • folders/{FOLDER_NUMBER} (e.g., "folders/1234567")
  • organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")

Authorization requires the following IAM permission on the specified resource scope:

  • cloudasset.assets.searchAllResources

Query parameters

Parameters
query

string

Optional. The query statement. See how to construct a query for more information. If not specified or empty, it will search all the resources within the specified scope.

Examples:

  • name:Important to find Cloud resources whose name contains "Important" as a word.
  • name=Important to find the Cloud resource whose name is exactly "Important".
  • displayName:Impor* to find Cloud resources whose display name contains "Impor" as a prefix of any word in the field.
  • location:us-west* to find Cloud resources whose location contains both "us" and "west" as prefixes.
  • labels:prod to find Cloud resources whose labels contain "prod" as a key or value.
  • labels.env:prod to find Cloud resources that have a label "env" and its value is "prod".
  • labels.env:* to find Cloud resources that have a label "env".
  • kmsKey:key to find Cloud resources encrypted with a customer-managed encryption key whose name contains the word "key".
  • state:ACTIVE to find Cloud resources whose state contains "ACTIVE" as a word.
  • createTime<1609459200 to find Cloud resources that were created before "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00 UTC" in seconds.
  • updateTime>1609459200 to find Cloud resources that were updated after "2021-01-01 00:00:00 UTC". 1609459200 is the epoch timestamp of "2021-01-01 00:00:00 UTC" in seconds.
  • Important to find Cloud resources that contain "Important" as a word in any of the searchable fields.
  • Impor* to find Cloud resources that contain "Impor" as a prefix of any word in any of the searchable fields.
  • Important location:(us-west1 OR global) to find Cloud resources that contain "Important" as a word in any of the searchable fields and are also located in the "us-west1" region or the "global" location.
assetTypes[]

string

Optional. A list of asset types that this request searches for. If empty, it will search all the searchable asset types.

Regular expressions are also supported. For example:

  • "compute.googleapis.com.*" snapshots resources whose asset type starts with "compute.googleapis.com".
  • ".*Instance" snapshots resources whose asset type ends with "Instance".
  • ".*Instance.*" snapshots resources whose asset type contains "Instance".

See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned.

pageSize

integer

Optional. The page size for search result pagination. Page size is capped at 500 even if a larger value is given. If set to zero, server will pick an appropriate default. Returned results may be fewer than requested. When this happens, there could be more results as long as nextPageToken is returned.

pageToken

string

Optional. If present, then retrieve the next batch of results from the preceding call to this method. pageToken must be the value of nextPageToken from the previous response. The values of all other method parameters, must be identical to those in the previous call.

orderBy

string

Optional. A comma separated list of fields specifying the sorting order of the results. The default order is ascending. Add " DESC" after the field name to indicate descending order. Redundant space characters are ignored. Example: "location DESC, name". Only string fields in the response are sortable, including name, displayName, description, location. All the other fields such as repeated fields (e.g., networkTags), map fields (e.g., labels) and struct fields (e.g., additionalAttributes) are not supported.

Request body

The request body must be empty.

Response body

If successful, the response body contains data with the following structure:

Search all resources response.

JSON representation
{
  "results": [
    {
      object (ResourceSearchResult)
    }
  ],
  "nextPageToken": string
}
Fields
results[]

object (ResourceSearchResult)

A list of Resources that match the search query. It contains the resource standard metadata information.

nextPageToken

string

If there are more results than those appearing in this response, then nextPageToken is included. To get the next set of results, call this method again using the value of nextPageToken as pageToken.

Authorization Scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

ResourceSearchResult

A result of Resource Search, containing information of a cloud resource.

JSON representation
{
  "name": string,
  "assetType": string,
  "project": string,
  "folders": [
    string
  ],
  "organization": string,
  "displayName": string,
  "description": string,
  "location": string,
  "labels": {
    string: string,
    ...
  },
  "networkTags": [
    string
  ],
  "kmsKey": string,
  "createTime": string,
  "updateTime": string,
  "state": string,
  "additionalAttributes": {
    object
  },
  "parentFullResourceName": string,
  "parentAssetType": string
}
Fields
name

string

The full resource name of this resource. Example: //compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1. See Cloud Asset Inventory Resource Name Format for more information.

To search against the name:

  • use a field query. Example: name:instance1
  • use a free text query. Example: instance1
assetType

string

The type of this resource. Example: compute.googleapis.com/Disk.

To search against the assetType:

  • specify the assetType field in your search request.
project

string

The project that this resource belongs to, in the form of projects/{PROJECT_NUMBER}. This field is available when the resource belongs to a project.

To search against project:

  • use a field query. Example: project:12345
  • use a free text query. Example: 12345
  • specify the scope field as this project in your search request.
folders[]

string

The folder(s) that this resource belongs to, in the form of folders/{FOLDER_NUMBER}. This field is available when the resource belongs to one or more folders.

To search against folders:

  • use a field query. Example: folders:(123 OR 456)
  • use a free text query. Example: 123
  • specify the scope field as this folder in your search request.
organization

string

The organization that this resource belongs to, in the form of organizations/{ORGANIZATION_NUMBER}. This field is available when the resource belongs to an organization.

To search against organization:

  • use a field query. Example: organization:123
  • use a free text query. Example: 123
  • specify the scope field as this organization in your search request.
displayName

string

The display name of this resource. This field is available only when the resource's proto contains it.

To search against the displayName:

  • use a field query. Example: displayName:"My Instance"
  • use a free text query. Example: "My Instance"
description

string

One or more paragraphs of text description of this resource. Maximum length could be up to 1M bytes. This field is available only when the resource's proto contains it.

To search against the description:

  • use a field query. Example: description:"important instance"
  • use a free text query. Example: "important instance"
location

string

Location can be global, regional like us-east1, or zonal like us-west1-b. This field is available only when the resource's proto contains it.

To search against the location:

  • use a field query. Example: location:us-west*
  • use a free text query. Example: us-west*
labels

map (key: string, value: string)

Labels associated with this resource. See Labelling and grouping GCP resources for more information. This field is available only when the resource's proto contains it.

To search against the labels:

  • use a field query:
    • query on any label's key or value. Example: labels:prod
    • query by a given label. Example: labels.env:prod
    • query by a given label's existence. Example: labels.env:*
  • use a free text query. Example: prod

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

networkTags[]

string

Network tags associated with this resource. Like labels, network tags are a type of annotations used to group GCP resources. See Labelling GCP resources for more information. This field is available only when the resource's proto contains it.

To search against the networkTags:

  • use a field query. Example: networkTags:internal
  • use a free text query. Example: internal
kmsKey

string

The Cloud KMS CryptoKey name or CryptoKeyVersion name. This field is available only when the resource's proto contains it.

To search against the kmsKey:

  • use a field query. Example: kmsKey:key
  • use a free text query. Example: key
createTime

string (Timestamp format)

The create timestamp of this resource, at which the resource was created. The granularity is in seconds. Timestamp.nanos will always be 0. This field is available only when the resource's proto contains it.

To search against createTime:

  • use a field query (value in seconds). Example: createTime >= 1594294238

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

updateTime

string (Timestamp format)

The last update timestamp of this resource, at which the resource was last modified or deleted. The granularity is in seconds. Timestamp.nanos will always be 0. This field is available only when the resource's proto contains it.

To search against updateTime:

  • use a field query (value in seconds). Example: updateTime < 1594294238

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

state

string

The state of this resource. Different resources types have different state definitions that are mapped from various fields of different resource types. This field is available only when the resource's proto contains it.

Example: If the resource is an instance provided by Compute Engine, its state will include PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. See status definition in API Reference. If the resource is a project provided by Cloud Resource Manager, its state will include LIFECYCLE_STATE_UNSPECIFIED, ACTIVE, DELETE_REQUESTED and DELETE_IN_PROGRESS. See lifecycleState definition in API Reference.

To search against the state:

  • use a field query. Example: state:RUNNING
  • use a free text query. Example: RUNNING
additionalAttributes

object (Struct format)

The additional searchable attributes of this resource. The attributes may vary from one resource type to another. Examples: projectId for Project, dnsName for DNS ManagedZone. This field contains a subset of the resource metadata fields that are returned by the List or Get APIs provided by the corresponding GCP service (e.g., Compute Engine). see API references and supported searchable attributes to see which fields are included.

You can search values of these fields through free text search. However, you should not consume the field programically as the field names and values may change as the GCP service updates to a new incompatible API version.

To search against the additionalAttributes:

  • use a free text query to match the attributes values. Example: to search additionalAttributes = { dnsName: "foobar" }, you can issue a query foobar.
parentFullResourceName

string

The full resource name of this resource's parent, if it has one. To search against the parentFullResourceName:

  • use a field query. Example: parentFullResourceName:"project-name"
  • use a free text query. Example: project-name
parentAssetType

string

The type of this resource's immediate parent, if there is one.

To search against the parentAssetType:

  • use a field query. Example: parentAssetType:"cloudresourcemanager.googleapis.com/Project"
  • use a free text query. Example: cloudresourcemanager.googleapis.com/Project