>

Using the Assets display

This page walks you through accessing the Cloud Security Command Center (Cloud SCC) Assets display to review your organization's Google Cloud Platform (GCP) resources.

Before you begin

To access the Cloud SCC assets display, you must have a Cloud Identity and Access Management (Cloud IAM) role that includes the permissions of the Security Center Assets Viewer role.

For more information about Cloud SCC Cloud IAM roles, see Access control.

Accessing the assets display

To access the assets display:

  1. Go to the Security Command Center page in the GCP Console.
    Go to the Security Command Center
  2. Select the organization you want to review.
  3. On the Security Command Center dashboard that appears, click the Assets tab.

The Cloud SCC assets detailed list view is displayed.

Viewing Assets

The assets display enables you to view assets for the entire organization or you can view assets only within a specific project, asset type, or change type. For a detailed view of attributes, resource properties, and findings on a specific asset, click the asset name under the resource_properties.name column.

Viewing by project

By default, assets are displayed in the organization and project hierarchy. To view assets associated with a specific resource, under View by Project, select the organization or project you want to review.

Viewing by asset type

To view your assets grouped by resource type, under the Assets tab, click Asset type. Assets are displayed in categories like application, bucket, project, and service. The following asset types are currently supported:

  • Resource Manager
    • Organization
    • Folder
    • Project
  • App Engine
    • Application
    • Service
    • Version
  • Compute Engine
    • Address
    • Autoscaler
    • BackendBucket
    • BackendService
    • BillingAccount
    • Disk
    • Firewalls
    • GlobalAddress
    • HealthCheck
    • HttpHealthCheck
    • HttpsHealthCheck
    • Image
    • Instance
    • InstanceGroup
    • InstanceTemplate
    • License
    • Network
    • Route
    • Snapshot
    • SslCertificate
    • Subnetwork
    • TargetHttpProxy
    • TargetHttpsProxy
    • TargetSslProxy
    • TargetTcpProxy
    • TargetPool
    • TargetVpnGateway
    • UrlMap
    • VpnTunnel
  • Cloud DNS
    • ManagedZone
    • Policy
  • Cloud IAM
    • ServiceAccount
  • Cloud Pub/Sub
    • Topic
  • Cloud Spanner
    • Database
    • Instance
  • Cloud Storage
    • Bucket
  • Google Kubernetes Engine
    • Cluster
  • Container Registry
    • Image

To view individual resources for a specific asset type, under View by Asset type, select the asset type you want to review. All assets in that category are displayed in the middle panel. To view details of a specific asset, click the asset.

Viewing by asset changed

To view new and deleted assets, under the Assets tab, click Asset changed. All assets are displayed, including subgroups for new and deleted assets. You can select a time range for which results are displayed by clicking the drop-down list at the top of the assets list.

Viewing by Cloud IAM policy

Cloud SCC displays Cloud Identity and Access Management (Cloud IAM) policies for assets on the Assets tab under the iamPolicy column. To view Cloud IAM policy details for a specific asset, click Show/Hide next to the asset. Cloud IAM policies are also displayed on the asset details panel when you click the asset name under the resource_properties.name column.

Configuring the assets display

By default, the assets display includes the following columns:

  • Asset name: resource_properties.name
  • Asset type: resourceType
  • Asset owner: resourceOwners
  • Any marks added to the asset: marks
  • The Cloud Identity and Access Management (Cloud IAM) policies on the asset: iamPolicy

In a given session, you can hide any column except for property.name, and you can select more asset detail columns to display:

  1. To select the asset columns you want to display, click Columns. view_column
  2. In the menu that appears, select the columns you want to display.
  3. To hide a column, click the column name to clear it.

To control the screen space for the Assets display, you can change the following options:

  • Hide the GCP Console Security side panel by clicking the left arrow.
  • Resize the asset display columns by dragging the dividing line left or right.
  • Hide the Select an asset side panel by clicking Hide Info Panel.

To change the date and time of the results that the assets display includes, click the date and time drop-down, then select the date and time you want.

Sorting the assets display

To sort the assets display, click the column heading for the value by which you want to sort. Columns are sorted by numeric and then alphabetical order.

What's next

Was this page helpful? Let us know how we did:

Send feedback about...

Cloud Security Command Center
Need help? Visit our support page.