ListAssetsResponse

Response message for listing assets.

JSON representation
{
  "listAssetsResults": [
    {
      object (ListAssetsResult)
    }
  ],
  "readTime": string,
  "nextPageToken": string,
  "totalSize": integer
}
Fields
listAssetsResults[]

object (ListAssetsResult)

Assets matching the list request.

readTime

string (Timestamp format)

Time used for executing the list request.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

nextPageToken

string

Token to retrieve the next page of results, or empty if there are no more results.

totalSize

integer

The total number of assets matching the query.

ListAssetsResult

Result containing the Asset and its State.

JSON representation
{
  "asset": {
    object (Asset)
  },
  "stateChange": enum (StateChange)
}
Fields
asset

object (Asset)

Asset matching the search request.

stateChange

enum (StateChange)

State change of the asset between the points in time.

Asset

Security Command Center representation of a Google Cloud resource.

The Asset is a Security Command Center resource that captures information about a single Google Cloud resource. All modifications to an Asset are only within the context of Security Command Center and don't affect the referenced Google Cloud resource.

JSON representation
{
  "name": string,
  "securityCenterProperties": {
    object (SecurityCenterProperties)
  },
  "resourceProperties": {
    string: value,
    ...
  },
  "securityMarks": {
    object (SecurityMarks)
  },
  "createTime": string,
  "updateTime": string,
  "iamPolicy": {
    object (IamPolicy)
  },
  "canonicalName": string
}
Fields
name

string

The relative resource name of this asset. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/assets/{asset_id}".

securityCenterProperties

object (SecurityCenterProperties)

Security Command Center managed properties. These properties are managed by Security Command Center and cannot be modified by the user.

resourceProperties

map (key: string, value: value (Value format))

Resource managed properties. These properties are managed and defined by the Google Cloud resource and cannot be modified by the user.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

securityMarks

object (SecurityMarks)

User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the asset.

createTime

string (Timestamp format)

The time at which the asset was created in Security Command Center.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

updateTime

string (Timestamp format)

The time at which the asset was last updated or added in Cloud SCC.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

iamPolicy

object (IamPolicy)

Cloud IAM Policy information associated with the Google Cloud resource described by the Security Command Center asset. This information is managed and defined by the Google Cloud resource and cannot be modified by the user.

canonicalName

string

The canonical name of the resource. It's either "organizations/{organization_id}/assets/{asset_id}", "folders/{folder_id}/assets/{asset_id}" or "projects/{project_number}/assets/{asset_id}", depending on the closest CRM ancestor of the resource.

SecurityCenterProperties

Security Command Center managed properties. These properties are managed by Security Command Center and cannot be modified by the user.

JSON representation
{
  "resourceName": string,
  "resourceType": string,
  "resourceParent": string,
  "resourceProject": string,
  "resourceOwners": [
    string
  ],
  "resourceDisplayName": string,
  "resourceParentDisplayName": string,
  "resourceProjectDisplayName": string,
  "folders": [
    {
      object (Folder)
    }
  ]
}
Fields
resourceName

string

The full resource name of the Google Cloud resource this asset represents. This field is immutable after create time. See: https://cloud.google.com/apis/design/resource_names#full_resource_name

resourceType

string

The type of the Google Cloud resource. Examples include: APPLICATION, PROJECT, and ORGANIZATION. This is a case insensitive field defined by Security Command Center and/or the producer of the resource and is immutable after create time.

resourceParent

string

The full resource name of the immediate parent of the resource. See: https://cloud.google.com/apis/design/resource_names#full_resource_name

resourceProject

string

The full resource name of the project the resource belongs to. See: https://cloud.google.com/apis/design/resource_names#full_resource_name

resourceOwners[]

string

Owners of the Google Cloud resource.

resourceDisplayName

string

The user defined display name for this resource.

resourceParentDisplayName

string

The user defined display name for the parent of this resource.

resourceProjectDisplayName

string

The user defined display name for the project of this resource.

folders[]

object (Folder)

Contains a Folder message for each folder in the assets ancestry. The first folder is the deepest nested folder, and the last folder is the folder directly under the Organization.

IamPolicy

Cloud IAM Policy information associated with the Google Cloud resource described by the Security Command Center asset. This information is managed and defined by the Google Cloud resource and cannot be modified by the user.

JSON representation
{
  "policyBlob": string
}
Fields
policyBlob

string

The JSON representation of the Policy associated with the asset. See https://cloud.google.com/iam/docs/reference/rest/v1/Policy for format details.

StateChange

The change in state of the asset.

When querying across two points in time this describes the change between the two points: ADDED, REMOVED, or ACTIVE. If there was no compareDuration supplied in the request the state change will be: UNUSED

Enums
UNUSED State change is unused, this is the canonical default for this enum.
ADDED Asset was added between the points in time.
REMOVED Asset was removed between the points in time.
ACTIVE Asset was present at both point(s) in time.