# Copyright 2019 Google LLC. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - release_tracks: [ALPHA, BETA, GA] deprecate: is_removed: false warning: | Security Command Center Asset APIs are deprecated and will be removed on or after June 26, 2024. Use Cloud Asset Inventory instead [(gcloud asset)](https://cloud.google.com/sdk/gcloud/reference/asset). For more information, [see the deprecation notice at Assets Page](https://cloud.google.com/security-command-center/docs/how-to-use-security-command-center#assets_page). help_text: brief: List Cloud Security Command Center assets. description: List Cloud Security Command Center assets. examples: | List all assets under organization (123456) $ {command} 123456 List all assets under project (example-project) $ {command} projects/example-project List all assets under folder (456) $ {command} folders/456 List all assets under organization (123456) that were present as of 2019-01-01T01:00:00 GMT time. $ {command} 123456 --read-time="2019-01-01T01:00:00Z" Only list category and resource_name for all assets under organization (123456): $ {command} 123456 --field-mask="category,resource_name" List all compute instances under organization (123456): $ {command} 123456 --filter="security_center_properties.resource_type=\"google.compute.Instance\"" List all firewall rules that have open HTTP Ports: $ {command} 123456 --filter="security_center_properties.resource_type = \"google.compute.Firewall\" AND resource_properties.name =\"default-allow-http\"" List all assets that belong to either projects: 5678 OR 78910 (project's numeric identifier). $ {command} 123456 --filter="security_center_properties.resource_parent = \"//cloudresourcemanager.googleapis.com/projects/5678\" OR security_center_properties.resource_parent = "\78910\"" List all projects that are owned by a user:someone@domain.com. Notice the usage of : which enforces partial matching. $ {command} 123456 --filter="security_center_properties.resource_type = \"google.cloud.resourcemanager.Project\" AND security_center_properties.resource_owners : \"user:someone@domain.com\"" List assets and add a state_change property that indicates if the asset was added, removed, or remained present during the past 24 hours period: $ {command} 123456 --compare-duration=86400s request: collection: securitycenter.organizations.assets api_version: v1 modify_request_hooks: - googlecloudsdk.command_lib.scc.assets.request_hooks:ListAssetsReqHook arguments: additional_arguments_hook: googlecloudsdk.command_lib.scc.hooks:AppendParentArg params: - !REF googlecloudsdk.command_lib.scc.flags:read_time - !REF googlecloudsdk.command_lib.scc.assets.flags:compare_duration - arg_name: field-mask api_field: fieldMask help_text: | Field mask to specify the Asset fields to be listed in the response. An empty field mask will list all fields. Example field mask: "asset.security_center_properties.resource_type,asset.security_center_properties.resource_parent" - arg_name: order-by api_field: orderBy help_text: | Expression that defines what fields and order to use for sorting. Example order by: "resource_properties.sort_prop ASC" - arg_name: page-token api_field: pageToken help_text: | The value returned by the last 'ListAssetsResponse'; indicates that this is a continuation of a prior 'ListAssets' call, and that the system should return the next page of data.