81 lines
3.9 KiB
YAML
81 lines
3.9 KiB
YAML
- release_tracks: [ALPHA, BETA, GA]
|
|
deprecate:
|
|
is_removed: false
|
|
warning: |
|
|
Security Command Center Asset APIs are deprecated and will be removed on or after
|
|
June 26, 2024. Use Cloud Asset Inventory instead [(gcloud asset)](https://cloud.google.com/sdk/gcloud/reference/asset).
|
|
For more information, [see the deprecation notice at Assets Page](https://cloud.google.com/security-command-center/docs/how-to-use-security-command-center#assets_page).
|
|
|
|
help_text:
|
|
brief: Filter an organization's assets and groups them by their specified properties.
|
|
description: Filter an organization's assets and groups them by their specified properties.
|
|
examples: |
|
|
Group assets under organization 123456 by their type (e.g. project, disk, compute instance, service etc):
|
|
|
|
$ {command} 123456 --group-by="security_center_properties.resource_type"
|
|
|
|
Group assets under project example-project by their type (e.g. project, disk, compute instance, service etc):
|
|
|
|
$ {command} projects/example-project --group-by="security_center_properties.resource_type"
|
|
|
|
Group assets under folder 456 by their type (e.g. project, disk, compute instance, service etc):
|
|
|
|
$ {command} folders/456 --group-by="security_center_properties.resource_type"
|
|
|
|
Group compute instances (assets) under organization 123456 by their respective projects:
|
|
|
|
$ {command} 123456 --filter="security_center_properties.resource_type=\"google.compute.Instance\"" --group-by="security_center_properties.resource_project"
|
|
|
|
Group assets that were updated on or after 2019-01-01T01:00:00 GMT by their types.
|
|
|
|
$ {command} 123456 --filter="update_time >= 1546304400000" --group-by="security_center_properties.resource_type"
|
|
|
|
Group assets into following 3 state_changes (ADDED/DELETED/ACTIVE) based on the activity during past 24 hours:
|
|
|
|
$ {command} 123456 --compare-duration=86400s --group-by="state_change"
|
|
|
|
request:
|
|
collection: securitycenter.organizations.assets
|
|
api_version: v1
|
|
method: group
|
|
modify_request_hooks:
|
|
- googlecloudsdk.command_lib.scc.assets.request_hooks:GroupAssetsReqHook
|
|
|
|
arguments:
|
|
additional_arguments_hook: googlecloudsdk.command_lib.scc.hooks:AppendParentArg
|
|
|
|
params:
|
|
- _REF_: googlecloudsdk.command_lib.scc.flags:read_time
|
|
api_field: groupAssetsRequest.readTime
|
|
- _REF_: googlecloudsdk.command_lib.scc.assets.flags:compare_duration
|
|
api_field: groupAssetsRequest.compareDuration
|
|
- arg_name: group-by
|
|
api_field: groupAssetsRequest.groupBy
|
|
help_text: |
|
|
Expression that defines what asset fields to use for grouping (including 'state').
|
|
String value should follow SQL syntax: comma separated list of fields.
|
|
For example: "parent,resource_name". The following fields are supported:
|
|
* security_center_properties.resource_project
|
|
* security_center_properties.resource_type
|
|
* security_center_properties.resource_parent
|
|
* state_change
|
|
- arg_name: filter
|
|
api_field: groupAssetsRequest.filter
|
|
help_text: |
|
|
Expression is a list of one or more restrictions combined via logical operators
|
|
'AND' and 'OR'. Parentheses are not supported, and 'OR' has higher precedence than
|
|
'AND'. For example, 'update_time > 100 AND
|
|
security_center_properties.resource_type=\"google.cloud.resourcemanager.Organization\"'
|
|
is a valid filter string.
|
|
- arg_name: page-size
|
|
api_field: groupAssetsRequest.pageSize
|
|
help_text: |
|
|
The maximum number of results to return in a single response. Default is
|
|
10, minimum is 1, maximum is 1000.
|
|
- arg_name: page-token
|
|
api_field: groupAssetsRequest.pageToken
|
|
help_text: |
|
|
Value returned by the last 'GroupAssetsResponse'; indicates
|
|
that this is a continuation of a prior 'GroupAssets' call, and that the
|
|
system should return the next page of data.
|