Response of ListViolations endpoint.
JSON representation |
---|
{
"violations": [
{
object ( |
Fields | |
---|---|
violations[] |
List of Violations under a Workload. |
nextPageToken |
The next page token. Returns empty if reached the last page. |
Violation
Workload monitoring Violation.
JSON representation |
---|
{ "name": string, "description": string, "beginTime": string, "updateTime": string, "resolveTime": string, "category": string, "state": enum ( |
Fields | |
---|---|
name |
Output only. Immutable. Name of the Violation. Format: organizations/{organization}/locations/{location}/workloads/{workload_id}/violations/{violations_id} |
description |
Output only. Description for the Violation. e.g. OrgPolicy gcp.resourceLocations has non compliant value. |
beginTime |
Output only. Time of the event which triggered the Violation. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
updateTime |
Output only. The last time when the Violation record was updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
resolveTime |
Output only. Time of the event which fixed the Violation. If the violation is ACTIVE this will be empty. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
category |
Output only. Category under which this violation is mapped. e.g. Location, Service Usage, Access, Encryption, etc. |
state |
Output only. State of the violation |
orgPolicyConstraint |
Output only. Immutable. The org-policy-constraint that was incorrectly changed, which resulted in this violation. |
auditLogLink |
Output only. Immutable. Audit Log Link for violated resource Format: https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{timeRange}{folder} |
nonCompliantOrgPolicy |
Output only. Immutable. Name of the OrgPolicy which was modified with non-compliant change and resulted this violation. Format: projects/{project_number}/policies/{constraint_name} folders/{folderId}/policies/{constraint_name} organizations/{organization_id}/policies/{constraint_name} |
remediation |
Output only. Compliance violation remediation |
acknowledged |
Output only. A boolean that indicates if the violation is acknowledged |
exceptionAuditLogLink |
Output only. Immutable. Audit Log link to find business justification provided for violation exception. Format: https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{protoPayload.methodName}{timeRange}{organization} |
exceptionContexts[] |
Output only. List of all the exception detail added for the violation. |
acknowledgementTime |
Optional. Timestamp when this violation was acknowledged last. This will be absent when acknowledged field is marked as false. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
Remediation
Represents remediation guidance to resolve compliance violation for AssuredWorkload
JSON representation |
---|
{ "instructions": { object ( |
Fields | |
---|---|
instructions |
Required. Remediation instructions to resolve violations |
compliantValues[] |
Values that can resolve the violation For example: for list org policy violations, this will either be the list of allowed or denied values |
remediationType |
Output only. Reemediation type based on the type of org policy values violated |
Instructions
Instructions to remediate violation
JSON representation |
---|
{ "gcloudInstructions": { object ( |
Fields | |
---|---|
gcloudInstructions |
Remediation instructions to resolve violation via gcloud cli |
consoleInstructions |
Remediation instructions to resolve violation via cloud console |
Gcloud
Remediation instructions to resolve violation via gcloud cli
JSON representation |
---|
{ "gcloudCommands": [ string ], "steps": [ string ], "additionalLinks": [ string ] } |
Fields | |
---|---|
gcloudCommands[] |
Gcloud command to resolve violation |
steps[] |
Steps to resolve violation via gcloud cli |
additionalLinks[] |
Additional urls for more information about steps |
Console
Remediation instructions to resolve violation via cloud console
JSON representation |
---|
{ "consoleUris": [ string ], "steps": [ string ], "additionalLinks": [ string ] } |
Fields | |
---|---|
consoleUris[] |
Link to console page where violations can be resolved |
steps[] |
Steps to resolve violation via cloud console |
additionalLinks[] |
Additional urls for more information about steps |
ExceptionContext
Violation exception detail. Next Id: 6
JSON representation |
---|
{ "comment": string, "acknowledgementTime": string, "userName": string } |
Fields | |
---|---|
comment |
Business justification provided towards the acknowledgement of the violation. |
acknowledgementTime |
Timestamp when the violation was acknowledged. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
userName |
Name of the user (or service account) who acknowledged the violation. |