Method: assets.list

HTTP request
Path parameters
Query parameters
Request body
Response body
- JSON representation
Authorization Scopes
ContentType
Asset
- JSON representation
Resource
- JSON representation
Try it!

Lists assets with time and resource types and returns paged results in response.

HTTP request

GET https://cloudasset.googleapis.com/v1p5beta1/{parent=*/*}/assets

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters

Parameters
`parent`	`string` Required. name of the organization or project the assets belong to. Format: "organizations/[organization-number]" (such as "organizations/123"), "projects/[project-number]" (such as "projects/my-project-id"), or "projects/[project-id]" (such as "projects/12345"). Authorization requires one or more of the following IAM permissions on the specified resource `parent`: `cloudasset.assets.listResource` `cloudasset.assets.listIamPolicy`

parent

string

Required. name of the organization or project the assets belong to. Format: "organizations/[organization-number]" (such as "organizations/123"), "projects/[project-number]" (such as "projects/my-project-id"), or "projects/[project-id]" (such as "projects/12345").

Authorization requires one or more of the following IAM permissions on the specified resource parent:

cloudasset.assets.listResource
cloudasset.assets.listIamPolicy

Query parameters

Parameters
`readTime`	`string (Timestamp format)` timestamp to take an asset snapshot. This can only be set to a timestamp between the current time and the current time minus 35 days (inclusive). If not specified, the current time will be used. Due to delays in resource data collection and indexing, there is a volatile window during which running the same query may get different results. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `"2014-10-02T15:01:23Z"` and `"2014-10-02T15:01:23.045123456Z"`.
`assetTypes`	`string` A list of asset types to take a snapshot for. For example: "compute.googleapis.com/Disk". Regular expression is also supported. For example: "compute.googleapis.com." snapshots resources whose asset type starts with "compute.googleapis.com". ".Instance" snapshots resources whose asset type ends with "Instance". ".Instance." snapshots resources whose asset type contains "Instance". See RE2 for all supported regular expression syntax. If the regular expression does not match any supported asset type, an INVALID_ARGUMENT error will be returned. If specified, only matching assets will be returned, otherwise, it will snapshot all asset types. See Introduction to Cloud Asset Inventory for all supported asset types.
`contentType`	`enum (ContentType)` Asset content type. If not specified, no content but the asset name will be returned.
`pageSize`	`integer` The maximum number of assets to be returned in a single response. Default is 100, minimum is 1, and maximum is 1000.
`pageToken`	`string` The `nextPageToken` returned from the previous `ListAssetsResponse`, or unspecified for the first `ListAssetsRequest`. It is a continuation of a prior `assets.list` call, and the API should return the next page of assets.

Request body

The request body must be empty.

Response body

If successful, the response body contains data with the following structure:

assets.list response.

JSON representation
{ "readTime": string, "assets": [ { object (`Asset`) } ], "nextPageToken": string }

Fields

Fields
`readTime`	`string (Timestamp format)` time the snapshot was taken. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `"2014-10-02T15:01:23Z"` and `"2014-10-02T15:01:23.045123456Z"`.
`assets[]`	`object (Asset)` Assets.
`nextPageToken`	`string` Token to retrieve the next page of results. It expires 72 hours after the page token for the first page is generated. Set to empty if there are no remaining results.

readTime

string (Timestamp format)

time the snapshot was taken.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

assets[]

object (Asset)

Assets.

nextPageToken

string

Token to retrieve the next page of results. It expires 72 hours after the page token for the first page is generated. Set to empty if there are no remaining results.

Authorization Scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

ContentType

Asset content type.

Enums
`CONTENT_TYPE_UNSPECIFIED`	Unspecified content type.
`RESOURCE`	Resource metadata.
`IAM_POLICY`	The actual IAM policy set on a resource.
`ORG_POLICY`	The Cloud Organization Policy set on an asset.
`ACCESS_POLICY`	The Cloud Access context mananger Policy set on an asset.

Asset

An asset in Google Cloud. An asset can be any resource in the Google Cloud resource hierarchy, a resource outside the Google Cloud resource hierarchy (such as Google Kubernetes Engine clusters and objects), or a policy (e.g. Cloud IAM policy). See Supported asset types for more information.

JSON representation

JSON representation
{ "name": string, "assetType": string, "resource": { object (`Resource`) }, "iamPolicy": { object (`Policy`) }, "orgPolicy": [ { object (`Policy`) } ], "ancestors": [ string ], // Union field `access_context_policy` can be only one of the following: "accessPolicy": { object (`AccessPolicy`) }, "accessLevel": { object (`AccessLevel`) }, "servicePerimeter": { object (`ServicePerimeter`) } // End of list of possible types for union field `access_context_policy`. }

{
  "name": string,
  "assetType": string,
  "resource": {
    object (Resource)
  },
  "iamPolicy": {
    object (Policy)
  },
  "orgPolicy": [
    {
      object (Policy)
    }
  ],
  "ancestors": [
    string
  ],

  // Union field access_context_policy can be only one of the following:
  "accessPolicy": {
    object (AccessPolicy)
  },
  "accessLevel": {
    object (AccessLevel)
  },
  "servicePerimeter": {
    object (ServicePerimeter)
  }
  // End of list of possible types for union field access_context_policy.
}

Fields
`name`	`string` The full name of the asset. Example: `//compute.googleapis.com/projects/my_project_123/zones/zone1/instances/instance1` See Resource names for more information.
`assetType`	`string` The type of the asset. Example: `compute.googleapis.com/Disk` See Supported asset types for more information.
`resource`	`object (Resource)` A representation of the resource.
`iamPolicy`	`object (Policy)` A representation of the Cloud IAM policy set on a Google Cloud resource. There can be a maximum of one Cloud IAM policy set on any given resource. In addition, Cloud IAM policies inherit their granted access scope from any policies set on parent resources in the resource hierarchy. Therefore, the effectively policy is the union of both the policy set on this resource and each policy set on all of the resource's ancestry resource levels in the hierarchy. See this topic for more information.
`orgPolicy[]`	`object (Policy)` A representation of an organization policy. There can be more than one organization policy with different constraints set on a given resource.
`ancestors[]`	`string` The ancestry path of an asset in Google Cloud resource hierarchy, represented as a list of relative resource names. An ancestry path starts with the closest ancestor in the hierarchy and ends at root. If the asset is a project, folder, or organization, the ancestry path starts from the asset itself. Example: `["projects/123456789", "folders/5432", "organizations/1234"]`
Union field `access_context_policy`. A representation of an access policy. `access_context_policy` can be only one of the following:
`accessPolicy`	`object (AccessPolicy)` Please also refer to the access policy user guide.
`accessLevel`	`object (AccessLevel)` Please also refer to the access level user guide.
`servicePerimeter`	`object (ServicePerimeter)` Please also refer to the service perimeter user guide.

Resource

A representation of a Google Cloud resource.

JSON representation
{ "version": string, "discoveryDocumentUri": string, "discoveryName": string, "resourceUrl": string, "parent": string, "data": { object } }

Fields
`version`	`string` The API version. Example: "v1".
`discoveryDocumentUri`	`string` The URL of the discovery document containing the resource's JSON schema. Example: `https://www.googleapis.com/discovery/v1/apis/compute/v1/rest` This value is unspecified for resources that do not have an API based on a discovery document, such as Cloud Bigtable.
`discoveryName`	`string` The JSON schema name listed in the discovery document. Example: `Project` This value is unspecified for resources that do not have an API based on a discovery document, such as Cloud Bigtable.
`resourceUrl`	`string` The REST URL for accessing the resource. An HTTP `GET` request using this URL returns the resource itself. Example: `https://cloudresourcemanager.googleapis.com/v1/projects/my-project-123` This value is unspecified for resources without a REST API.
`parent`	`string` The full name of the immediate parent of this resource. See Resource Names for more information. For Google Cloud assets, this value is the parent resource defined in the Cloud IAM policy hierarchy. Example: `//cloudresourcemanager.googleapis.com/projects/my_project_123` For third-party assets, this field may be set differently.
`data`	`object (Struct format)` The content of the resource, in which some sensitive fields are removed and may not be present.