REST Resource: organizations.locations.reports

Resource: Report

Details of a report.

JSON representation
{
  "name": string,
  "createTime": string,
  "updateTime": string,

  // Union field type can be only one of the following:
  "iacValidationReport": {
    object (IaCValidationReport)
  }
  // End of list of possible types for union field type.
}
Fields
name

string

Required. The name of the report, in the format organizations/{organization}/locations/global/reports/{report_id}.

createTime

string (Timestamp format)

Output only. The time at which the report was created.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

updateTime

string (Timestamp format)

Output only. The time at which the report was last updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

Union field type. The type of report. type can be only one of the following:
iacValidationReport

object (IaCValidationReport)

Output only. An infrastructure-as-code (IaC) validation report.

IaCValidationReport

Details of an infrastructure-as-code (IaC) validation report.

JSON representation
{
  "violations": [
    {
      object (Violation)
    }
  ],
  "note": string
}
Fields
violations[]

object (Violation)

A list of every Violation found in the IaC configuration.

note

string

Additional information about the report.

Violation

Details of a violation.

JSON representation
{
  "assetId": string,
  "policyId": string,
  "violatedPosture": {
    object (PostureDetails)
  },
  "severity": enum (Severity),
  "nextSteps": string,
  "violatedAsset": {
    object (AssetDetails)
  },
  "violatedPolicy": {
    object (PolicyDetails)
  }
}
Fields
assetId

string

The full resource name of the asset that caused the violation.

For details about the format of the full resource name for each asset type, see Resource name format.

policyId

string

The policy that was violated.

violatedPosture

object (PostureDetails)

Details for the posture that was violated.

This field is present only if the violated policy belongs to a deployed posture.

severity

enum (Severity)

The severity of the violation.

nextSteps

string

A description of the steps that you can take to fix the violation.

violatedAsset

object (AssetDetails)

Details of the Cloud Asset Inventory asset that caused the violation.

violatedPolicy

object (PolicyDetails)

Details of the policy that was violated.

PostureDetails

Details of a posture deployment.

JSON representation
{
  "postureDeployment": string,
  "postureDeploymentTargetResource": string,
  "posture": string,
  "postureRevisionId": string,
  "policySet": string
}
Fields
postureDeployment

string

The name of the posture deployment, in the format organizations/{organization}/locations/global/postureDeployments/{deployment_id}.

postureDeploymentTargetResource

string

The organization, folder, or project where the posture is deployed. Uses one of the following formats:

  • organizations/{organization_number}
  • folders/{folder_number}
  • projects/{project_number}
posture

string

The posture used in the deployment, in the format organizations/{organization}/locations/global/postures/{postureId}.

postureRevisionId

string

The revision ID of the posture used in the deployment.

policySet

string

The identifier for the PolicySet that the relevant policy belongs to.

Severity

The severity of a violation.

Enums
SEVERITY_UNSPECIFIED Default value. This value is unused.
CRITICAL Critical severity.
HIGH High severity.
MEDIUM Medium severity.
LOW Low severity.

AssetDetails

Details of a Cloud Asset Inventory asset that caused a violation.

JSON representation
{
  "asset": string,
  "assetType": string
}
Fields
asset

string

Information about the Cloud Asset Inventory asset that violated a policy.

The format of this information can change at any time without prior notice. Your application must not depend on this information in any way.

assetType

string

The type of Cloud Asset Inventory asset. For a list of asset types, see Supported asset types.

PolicyDetails

Details of a policy that was violated.

JSON representation
{
  "constraint": string,
  "constraintType": enum (ConstraintType),
  "complianceStandards": [
    string
  ],
  "description": string
}
Fields
constraint

string

Information about the constraint that was violated.

The format of this information can change at any time without prior notice. Your application must not depend on this information in any way.

constraintType

enum (ConstraintType)

The type of constraint that was violated.

complianceStandards[]

string

The compliance standards that the policy maps to. For example, CIS-2.0 1.15.

description

string

A description of the policy.

ConstraintType

A type of constraint that can be violated.

Enums
CONSTRAINT_TYPE_UNSPECIFIED Default value. This value is unused.
SECURITY_HEALTH_ANALYTICS_CUSTOM_MODULE A custom module for Security Health Analytics.
ORG_POLICY_CUSTOM A custom organization policy constraint.
SECURITY_HEALTH_ANALYTICS_MODULE A built-in detector for Security Health Analytics.
ORG_POLICY A predefined organization policy constraint.

Methods

createIaCValidationReport

Validates a specified infrastructure-as-code (IaC) configuration, and creates a Report with the validation results.

get

Gets details for a Report.

list

Lists every Report in a given organization and location.