ListFindingsResponse

Response message for listing findings.

JSON representation
{ "listFindingsResults" : [ { object ( `ListFindingsResult` ) } ] , "readTime" : string , "nextPageToken" : string , "totalSize" : integer }

Fields
`listFindingsResults[]`	`object ( ListFindingsResult )` Findings matching the list request.
`readTime`	`string ( Timestamp format)` Time used for executing the list request. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"` , `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"` .
`nextPageToken`	`string` Token to retrieve the next page of results, or empty if there are no more results.
`totalSize`	`integer` The total number of findings matching the query.

ListFindingsResult

Result containing the Finding and its StateChange.

JSON representation
{ "finding" : { object ( `Finding` ) } , "stateChange" : enum ( `StateChange` ) , "resource" : { object ( `Resource` ) } }

Fields

Fields
`finding`	`object ( Finding )` Finding matching the search request.
`stateChange`	`enum ( StateChange )` State change of the finding between the points in time.
`resource`	`object ( Resource )` Output only. Resource that is associated with this finding.

finding

object ( Finding )

Finding matching the search request.

stateChange

enum ( StateChange )

State change of the finding between the points in time.

resource

object ( Resource )

Output only. Resource that is associated with this finding.

StateChange

The change in state of the finding.

When querying across two points in time this describes the change in the finding between the two points: CHANGED, UNCHANGED, ADDED, or REMOVED. Findings can not be deleted, so REMOVED implies that the finding at timestamp does not match the filter specified, but it did at timestamp - compareDuration. If there was no compareDuration supplied in the request the state change will be: UNUSED

Enums
`UNUSED`	State change is unused, this is the canonical default for this enum.
`CHANGED`	The finding has changed state in some way between the points in time and existed at both points.
`UNCHANGED`	The finding has not changed state between the points in time and existed at both points.
`ADDED`	The finding was created between the points in time.
`REMOVED`	The finding at timestamp does not match the filter specified, but it did at timestamp - compareDuration.

Resource

Information related to the Google Cloud resource that is associated with this finding.

JSON representation

JSON representation
{ "name" : string , "displayName" : string , "type" : string , "projectName" : string , "projectDisplayName" : string , "parentName" : string , "parentDisplayName" : string , "folders" : [ { object ( `Folder` ) } ] , "cloudProvider" : enum ( `CloudProvider` ) , "organization" : string , "service" : string , "location" : string , "resourcePath" : { object ( `ResourcePath` ) } , "resourcePathString" : string , // Union field `cloud_provider_metadata` can be only one of the following: "awsMetadata" : { object ( `AwsMetadata` ) } , "azureMetadata" : { object ( `AzureMetadata` ) } // End of list of possible types for union field `cloud_provider_metadata` . }

 { 
 "name" 
 : 
 string 
 , 
 "displayName" 
 : 
 string 
 , 
 "type" 
 : 
 string 
 , 
 "projectName" 
 : 
 string 
 , 
 "projectDisplayName" 
 : 
 string 
 , 
 "parentName" 
 : 
 string 
 , 
 "parentDisplayName" 
 : 
 string 
 , 
 "folders" 
 : 
 [ 
 { 
 object (  Folder 
 
) 
 } 
 ] 
 , 
 "cloudProvider" 
 : 
 enum (  CloudProvider 
 
) 
 , 
 "organization" 
 : 
 string 
 , 
 "service" 
 : 
 string 
 , 
 "location" 
 : 
 string 
 , 
 "resourcePath" 
 : 
 { 
 object (  ResourcePath 
 
) 
 } 
 , 
 "resourcePathString" 
 : 
 string 
 , 
 // Union field cloud_provider_metadata 
can be only one of the following: 
 "awsMetadata" 
 : 
 { 
 object (  AwsMetadata 
 
) 
 } 
 , 
 "azureMetadata" 
 : 
 { 
 object (  AzureMetadata 
 
) 
 } 
 // End of list of possible types for union field cloud_provider_metadata 
. 
 }

Fields

name

string

The full resource name of the resource. See: https://cloud.google.com/apis/design/resource_names#full_resource_name

displayName

string

The human readable name of the resource.

type

string

The full resource type of the resource.

projectName

string

The full resource name of project that the resource belongs to.

projectDisplayName

string

The project ID that the resource belongs to.

parentName

string

The full resource name of resource's parent.

parentDisplayName

string

The human readable name of resource's parent.

folders[]

object ( Folder )

Contains a Folder message for each folder in the assets ancestry. The first folder is the deepest nested folder, and the last folder is the folder directly under the Organization.

cloudProvider

enum ( CloudProvider )

Indicates which cloud provider the finding is from.

organization

string

Indicates which organization / tenant the finding is for.

service

string

The service or resource provider associated with the resource.

location

string

The region or location of the service (if applicable).

resourcePath

object ( ResourcePath )

Provides the path to the resource within the resource hierarchy.

resourcePathString

string

A string representation of the resource path. For Google Cloud, it has the format of org/{organizationId}/folder/{folder_id}/folder/{folder_id}/project/{projectId} where there can be any number of folders. For AWS, it has the format of org/{organizationId}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{accountId} where there can be any number of organizational units. For Azure, it has the format of mg/{management_group_id}/mg/{management_group_id}/subscription/{subscriptionId}/rg/{resource_group_name} where there can be any number of management groups.

Union field cloud_provider_metadata . The metadata associated with the cloud provider. cloud_provider_metadata can be only one of the following:

awsMetadata

object ( AwsMetadata )

The AWS metadata associated with the finding.

azureMetadata

object ( AzureMetadata )

The Azure metadata associated with the finding.

AwsMetadata

AWS metadata associated with the resource, only applicable if the finding's cloud provider is Amazon Web Services.

JSON representation
{ "organization" : { object ( `AwsOrganization` ) } , "organizationalUnits" : [ { object ( `AwsOrganizationalUnit` ) } ] , "account" : { object ( `AwsAccount` ) } }

Fields

organization

object ( AwsOrganization )

The AWS organization associated with the resource.

organizationalUnits[]

object ( AwsOrganizationalUnit )

A list of AWS organizational units associated with the resource, ordered from lowest level (closest to the account) to highest level.

account

object ( AwsAccount )

The AWS account associated with the resource.

AwsOrganization

An organization is a collection of accounts that are centrally managed together using consolidated billing, organized hierarchically with organizational units (OUs), and controlled with policies.

JSON representation
{ "id" : string }

Fields
`id`	`string` The unique identifier (ID) for the organization. The regex pattern for an organization ID string requires "o-" followed by from 10 to 32 lowercase letters or digits.

AwsOrganizationalUnit

An Organizational Unit (OU) is a container of AWS accounts within a root of an organization. Policies that are attached to an OU apply to all accounts contained in that OU and in any child OUs.

JSON representation
{ "id" : string , "name" : string }

Fields

Fields
`id`	`string` The unique identifier (ID) associated with this OU. The regex pattern for an organizational unit ID string requires "ou-" followed by from 4 to 32 lowercase letters or digits (the ID of the root that contains the OU). This string is followed by a second "-" dash and from 8 to 32 additional lowercase letters or digits. For example, "ou-ab12-cd34ef56".
`name`	`string` The friendly name of the OU.

id

string

The unique identifier (ID) associated with this OU. The regex pattern for an organizational unit ID string requires "ou-" followed by from 4 to 32 lowercase letters or digits (the ID of the root that contains the OU). This string is followed by a second "-" dash and from 8 to 32 additional lowercase letters or digits. For example, "ou-ab12-cd34ef56".

name

string

The friendly name of the OU.

AwsAccount

An AWS account that is a member of an organization.

JSON representation
{ "id" : string , "name" : string }

Fields

Fields
`id`	`string` The unique identifier (ID) of the account, containing exactly 12 digits.
`name`	`string` The friendly name of this account.

id

string

The unique identifier (ID) of the account, containing exactly 12 digits.

name

string

The friendly name of this account.

AzureMetadata

Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.

JSON representation

JSON representation
{ "managementGroups" : [ { object ( `AzureManagementGroup` ) } ] , "subscription" : { object ( `AzureSubscription` ) } , "resourceGroup" : { object ( `AzureResourceGroup` ) } , "tenant" : { object ( `AzureTenant` ) } }

 { 
 "managementGroups" 
 : 
 [ 
 { 
 object (  AzureManagementGroup 
 
) 
 } 
 ] 
 , 
 "subscription" 
 : 
 { 
 object (  AzureSubscription 
 
) 
 } 
 , 
 "resourceGroup" 
 : 
 { 
 object (  AzureResourceGroup 
 
) 
 } 
 , 
 "tenant" 
 : 
 { 
 object (  AzureTenant 
 
) 
 } 
 }

Fields
`managementGroups[]`	`object ( AzureManagementGroup )` A list of Azure management groups associated with the resource, ordered from lowest level (closest to the subscription) to highest level.
`subscription`	`object ( AzureSubscription )` The Azure subscription associated with the resource.
`resourceGroup`	`object ( AzureResourceGroup )` The Azure resource group associated with the resource.
`tenant`	`object ( AzureTenant )` The Azure Entra tenant associated with the resource.

AzureManagementGroup

Represents an Azure management group.

JSON representation
{ "id" : string , "displayName" : string }

Fields

Fields
`id`	`string` The UUID of the Azure management group, for example, `20000000-0001-0000-0000-000000000000` .
`displayName`	`string` The display name of the Azure management group.

id

string

The UUID of the Azure management group, for example, 20000000-0001-0000-0000-000000000000 .

displayName

string

The display name of the Azure management group.

AzureSubscription

Represents an Azure subscription.

JSON representation
{ "id" : string , "displayName" : string }

Fields

Fields
`id`	`string` The UUID of the Azure subscription, for example, `291bba3f-e0a5-47bc-a099-3bdcb2a50a05` .
`displayName`	`string` The display name of the Azure subscription.

id

string

The UUID of the Azure subscription, for example, 291bba3f-e0a5-47bc-a099-3bdcb2a50a05 .

displayName

string

The display name of the Azure subscription.

AzureResourceGroup

Represents an Azure resource group.

JSON representation
{ "id" : string , "name" : string }

Fields

Fields
`id`	`string` The ID of the Azure resource group.
`name`	`string` The name of the Azure resource group. This is not a UUID.

id

string

The ID of the Azure resource group.

name

string

The name of the Azure resource group. This is not a UUID.

AzureTenant

Represents a Microsoft Entra tenant.

JSON representation
{ "id" : string , "displayName" : string }

Fields

Fields
`id`	`string` The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-1aaa11a".
`displayName`	`string` The display name of the Azure tenant.

id

string

The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-1aaa11a".

displayName

string

The display name of the Azure tenant.

ResourcePath

Represents the path of resources leading up to the resource this finding is about.

JSON representation
{ "nodes" : [ { object ( `ResourcePathNode` ) } ] }

Fields

Fields
`nodes[]`	`object ( ResourcePathNode )` The list of nodes that make the up resource path, ordered from lowest level to highest level.

nodes[]

object ( ResourcePathNode )

The list of nodes that make the up resource path, ordered from lowest level to highest level.

ResourcePathNode

A node within the resource path. Each node represents a resource within the resource hierarchy.

JSON representation
{ "nodeType" : enum ( `ResourcePathNodeType` ) , "id" : string , "displayName" : string }

Fields

Fields
`nodeType`	`enum ( ResourcePathNodeType )` The type of resource this node represents.
`id`	`string` The ID of the resource this node represents.
`displayName`	`string` The display name of the resource this node represents.

nodeType

enum ( ResourcePathNodeType )

The type of resource this node represents.

id

string

The ID of the resource this node represents.

displayName

string

The display name of the resource this node represents.

ResourcePathNodeType

The type of resource the node represents.

Enums
`RESOURCE_PATH_NODE_TYPE_UNSPECIFIED`	Node type is unspecified.
`GCP_ORGANIZATION`	The node represents a Google Cloud organization.
`GCP_FOLDER`	The node represents a Google Cloud folder.
`GCP_PROJECT`	The node represents a Google Cloud project.
`AWS_ORGANIZATION`	The node represents an AWS organization.
`AWS_ORGANIZATIONAL_UNIT`	The node represents an AWS organizational unit.
`AWS_ACCOUNT`	The node represents an AWS account.
`AZURE_MANAGEMENT_GROUP`	The node represents an Azure management group.
`AZURE_SUBSCRIPTION`	The node represents an Azure subscription.
`AZURE_RESOURCE_GROUP`	The node represents an Azure resource group.