2022-11-16
▼ ▲ cloudasset.analyzeOrgPolicyGovernedContainers
Flat Path: v1/{v1Id}/{v1Id1}:analyzeOrgPolicyGovernedContainers
HTTP Method: GET
Parameters:
constraint
Type: string
Location: query
Description: Required. The name of the constraint to analyze governed containers for. The analysis only contains organization policies for the provided constraint.
filter
Type: string
Description: The expression to filter the governed containers in result. The only supported field is `parent`, and the only supported operator is `=`. Example: parent="//cloudresourcemanager.googleapis.com/folders/001" will return all containers under "folders/001".
Location: query
scope
Description: Required. The organization to scope the request. Only organization policies within the scope will be analyzed. The output containers will also be limited to the ones governed by those in-scope organization policies. * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
Required: Yes
Type: string
Location: path
Pattern: ^[^/]+/[^/]+$
pageToken
Type: string
Description: The pagination token to retrieve the next page.
Location: query
pageSize
Location: query
Description: The maximum number of items to return per page. If unspecified, AnalyzeOrgPolicyGovernedContainersResponse.governed_containers will contain 100 items with a maximum of 200.
Type: integer
Format: int32
Parameter Order: scope
Scopes: https://www.googleapis.com/auth/cloud-platform
Path: v1/{+scope}:analyzeOrgPolicyGovernedContainers
Description: Analyzes organization policies governed containers (projects, folders or organization) under a scope.
▼ ▲ cloudasset.queryAssets
Parameters:
parent
Required: Yes
Description: Required. The relative name of the root asset. This can only be an organization number (such as "organizations/123"), a project ID (such as "projects/my-project-id"), or a project number (such as "projects/12345"), or a folder number (such as "folders/123"). Only assets belonging to the `parent` will be returned.
Type: string
Location: path
Pattern: ^[^/]+/[^/]+$
Flat Path: v1/{v1Id}/{v1Id1}:queryAssets
Scopes: https://www.googleapis.com/auth/cloud-platform
Description: Issue a job that queries assets using a SQL statement compatible with [BigQuery Standard SQL](http://cloud/bigquery/docs/reference/standard-sql/enabling-standard-sql). If the query execution finishes within timeout and there's no pagination, the full query results will be returned in the `QueryAssetsResponse`. Otherwise, full query results can be obtained by issuing extra requests with the `job_reference` from the a previous `QueryAssets` call. Note, the query result has approximately 10 GB limitation enforced by BigQuery https://cloud.google.com/bigquery/docs/best-practices-performance-output, queries return larger results will result in errors.
Path: v1/{+parent}:queryAssets
Parameter Order: parent
HTTP Method: POST
▼ ▲ cloudasset.analyzeOrgPolicies
Flat Path: v1/{v1Id}/{v1Id1}:analyzeOrgPolicies
Parameters:
pageSize
Description: The maximum number of items to return per page. If unspecified, AnalyzeOrgPoliciesResponse.org_policy_results will contain 20 items with a maximum of 200.
Location: query
Type: integer
Format: int32
filter
Location: query
Type: string
Description: The expression to filter AnalyzeOrgPoliciesResponse.org_policy_results. The only supported field is `consolidated_policy.attached_resource`, and the only supported operator is `=`. Example: consolidated_policy.attached_resource="//cloudresourcemanager.googleapis.com/folders/001" will return the org policy results of"folders/001".
pageToken
Type: string
Description: The pagination token to retrieve the next page.
Location: query
scope
Type: string
Pattern: ^[^/]+/[^/]+$
Description: Required. The organization to scope the request. Only organization policies within the scope will be analyzed. * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
Required: Yes
Location: path
constraint
Description: Required. The name of the constraint to analyze organization policies for. The response only contains analyzed organization policies for the provided constraint.
Type: string
Location: query
Path: v1/{+scope}:analyzeOrgPolicies
Description: Analyzes organization policies under a scope.
Scopes: https://www.googleapis.com/auth/cloud-platform
Parameter Order: scope
HTTP Method: GET
▼ ▲ cloudasset.analyzeOrgPolicyGovernedAssets
Parameters:
scope
Required: Yes
Type: string
Description: Required. The organization to scope the request. Only organization policies within the scope will be analyzed. The output assets will also be limited to the ones governed by those in-scope organization policies. * organizations/{ORGANIZATION_NUMBER} (e.g., "organizations/123456")
Pattern: ^[^/]+/[^/]+$
Location: path
filter
Description: The expression to filter the governed assets in result. The only supported fields for governed resources are `governed_resource.project` and `governed_resource.folders`. The only supported fields for governed iam policies are `governed_iam_policy.project` and `governed_iam_policy.folders`. The only supported operator is `=`. Example 1: governed_resource.project="projects/12345678" filter will return all governed resources under projects/12345678 including the project ifself, if applicable. Example 2: governed_iam_policy.folders="folders/12345678" filter will return all governed iam policies under folders/12345678, if applicable.
Location: query
Type: string
constraint
Location: query
Description: Required. The name of the constraint to analyze governed assets for. The analysis only contains analyzed organization policies for the provided constraint.
Type: string
pageSize
Type: integer
Description: The maximum number of items to return per page. If unspecified, AnalyzeOrgPolicyGovernedAssetsResponse.governed_assets will contain 100 items with a maximum of 200.
Location: query
Format: int32
pageToken
Type: string
Location: query
Description: The pagination token to retrieve the next page.
Scopes: https://www.googleapis.com/auth/cloud-platform
Parameter Order: scope
Description: Analyzes organization policies governed assets (GCP resources or policies) under a scope. This RPC supports custom constraints and the following 10 canned constraints: * storage.uniformBucketLevelAccess * iam.disableServiceAccountKeyCreation * iam.allowedPolicyMemberDomains * compute.vmExternalIpAccess * appengine.enforceServiceAccountActAsCheck * gcp.resourceLocations * compute.trustedImageProjects * compute.skipDefaultNetworkCreation * compute.requireOsLogin * compute.disableNestedVirtualization This RPC only returns either: * resources of types supported by [searchable asset types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#searchable_asset_types), or * IAM policies.
Path: v1/{+scope}:analyzeOrgPolicyGovernedAssets
Flat Path: v1/{v1Id}/{v1Id1}:analyzeOrgPolicyGovernedAssets
HTTP Method: GET