novafarma/gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/assets/list.yaml

# Copyright 2019 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- release_tracks: [ALPHA, BETA, GA]
  deprecate:
    is_removed: false
    warning: |
      Security Command Center Asset APIs are deprecated and will be removed on or after
      June 26, 2024. Use Cloud Asset Inventory instead [(gcloud asset)](https://cloud.google.com/sdk/gcloud/reference/asset).
      For more information, [see the deprecation notice at Assets Page](https://cloud.google.com/security-command-center/docs/how-to-use-security-command-center#assets_page).

  help_text:
    brief: List Cloud Security Command Center assets.
    description: List Cloud Security Command Center assets.
    examples: |
      List all assets under organization (123456)

        $ {command} 123456

      List all assets under project (example-project)

        $ {command} projects/example-project

      List all assets under folder (456)

        $ {command} folders/456

      List all assets under organization (123456) that were present as of 2019-01-01T01:00:00 GMT time.

        $ {command} 123456 --read-time="2019-01-01T01:00:00Z"

      Only list category and resource_name for all assets under organization (123456):

        $ {command} 123456 --field-mask="category,resource_name"

      List all compute instances under organization (123456):

        $ {command} 123456 --filter="security_center_properties.resource_type=\"google.compute.Instance\""

      List all firewall rules that have open HTTP Ports:

        $ {command} 123456 --filter="security_center_properties.resource_type = \"google.compute.Firewall\" AND resource_properties.name =\"default-allow-http\""

      List all assets that belong to either projects: 5678 OR 78910 (project's numeric identifier).

        $ {command} 123456 --filter="security_center_properties.resource_parent = \"//cloudresourcemanager.googleapis.com/projects/5678\" OR security_center_properties.resource_parent = "\78910\""

      List all projects that are owned by a user:someone@domain.com. Notice the usage of : which enforces partial matching.

        $ {command} 123456 --filter="security_center_properties.resource_type = \"google.cloud.resourcemanager.Project\" AND security_center_properties.resource_owners : \"user:someone@domain.com\""

      List assets and add a state_change property that indicates if the asset was added, removed, or remained present during the past 24 hours period:

        $ {command} 123456 --compare-duration=86400s

  request:
    collection: securitycenter.organizations.assets
    api_version: v1
    modify_request_hooks:
    - googlecloudsdk.command_lib.scc.assets.request_hooks:ListAssetsReqHook

  arguments:
    additional_arguments_hook: googlecloudsdk.command_lib.scc.hooks:AppendParentArg

    params:
    - !REF googlecloudsdk.command_lib.scc.flags:read_time
    - !REF googlecloudsdk.command_lib.scc.assets.flags:compare_duration

    - arg_name: field-mask
      api_field: fieldMask
      help_text: |
        Field mask to specify the Asset fields to be listed in the response. An empty field mask will list all fields.
        Example field mask: "asset.security_center_properties.resource_type,asset.security_center_properties.resource_parent"

    - arg_name: order-by
      api_field: orderBy
      help_text: |
        Expression that defines what fields and order to use for sorting.
        Example order by: "resource_properties.sort_prop ASC"

    - arg_name: page-token
      api_field: pageToken
      help_text: |
        The value returned by the last 'ListAssetsResponse'; indicates
        that this is a continuation of a prior 'ListAssets' call, and that the
        system should return the next page of data.