IaCValidationReport

Details of an infrastructure-as-code (IaC) validation report.

JSON representation 
{
  "violations": [
    {
      object (Violation)
    }
  ],
  "note": string
}
Fields
violations[]

object (Violation)

A list of every Violation found in the IaC configuration.
note

string

Additional information about the report.

Violation

Details of a violation.

JSON representation 
{
  "assetId": string,
  "policyId": string,
  "violatedPosture": {
    object (PostureDetails)
  },
  "severity": enum (Severity),
  "nextSteps": string,
  "violatedAsset": {
    object (AssetDetails)
  },
  "violatedPolicy": {
    object (PolicyDetails)
  }
}
Fields
assetId

string

The full resource name of the asset that caused the violation.

For details about the format of the full resource name for each asset type, see Resource name format.
policyId

string

The policy that was violated.
violatedPosture

object (PostureDetails)

Details for the posture that was violated.

This field is present only if the violated policy belongs to a deployed posture.
severity

enum (Severity)

The severity of the violation.
nextSteps

string

A description of the steps that you can take to fix the violation.
violatedAsset

object (AssetDetails)

Details of the Cloud Asset Inventory asset that caused the violation.
violatedPolicy

object (PolicyDetails)

Details of the policy that was violated.

PostureDetails

Details of a posture deployment.

JSON representation 
{
  "postureDeployment": string,
  "postureDeploymentTargetResource": string,
  "posture": string,
  "postureRevisionId": string,
  "policySet": string
}
Fields
postureDeployment

string

The name of the posture deployment, in the format organizations/{organization}/locations/global/postureDeployments/{deployment_id}.
postureDeploymentTargetResource

string

The organization, folder, or project where the posture is deployed. Uses one of the following formats:

  • organizations/{organization_number}
  • folders/{folder_number}
  • projects/{project_number}
posture

string

The posture used in the deployment, in the format organizations/{organization}/locations/global/postures/{postureId}.
postureRevisionId

string

The revision ID of the posture used in the deployment.
policySet

string

The identifier for the PolicySet that the relevant policy belongs to.

AssetDetails

Details of a Cloud Asset Inventory asset that caused a violation.

JSON representation 
{
  "asset": string,
  "assetType": string
}
Fields
asset

string

Information about the Cloud Asset Inventory asset that violated a policy.

The format of this information can change at any time without prior notice. Your application must not depend on this information in any way.
assetType

string

The type of Cloud Asset Inventory asset. For a list of asset types, see Supported asset types.

PolicyDetails

Details of a policy that was violated.

JSON representation 
{
  "constraint": string,
  "constraintType": enum (ConstraintType),
  "complianceStandards": [
    string
  ],
  "description": string
}
Fields
constraint

string

Information about the constraint that was violated.

The format of this information can change at any time without prior notice. Your application must not depend on this information in any way.
constraintType

enum (ConstraintType)

The type of constraint that was violated.
complianceStandards[]

string

The compliance standards that the policy maps to. For example, CIS-2.0 1.15.
description

string

A description of the policy.