Method: organizations.securityProfiles.environments.computeEnvironmentScores

environments.computeEnvironmentScores calculates scores for requested time range for the specified security profile and environment.

HTTP request

POST https://apigee.googleapis.com/v1/{profileEnvironment=organizations/*/securityProfiles/*/environments/*}:computeEnvironmentScores

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
profileEnvironment

string

Required. Name of organization and environment and profile id for which score needs to be computed. Format: organizations/{org}/securityProfiles/{profile}/environments/{env}

Request body

The request body contains data with the following structure:

JSON representation
{
  "timeRange": {
    object (Interval)
  },
  "filters": [
    {
      object (Filter)
    }
  ],
  "pageSize": integer,
  "pageToken": string
}
Fields
timeRange

object (Interval)

Required. Time range for score calculation. At most 14 days of scores will be returned, and both the start and end dates must be within the last 90 days.

filters[]

object (Filter)

Optional. Filters are used to filter scored components. Return all the components if no filter is mentioned. Example: [{ "scorePath": "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" }, { "scorePath": "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/target", }] This will return components with path: "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source" OR "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/target"

pageSize

integer

Optional. The maximum number of subcomponents to be returned in a single page. The service may return fewer than this value. If unspecified, at most 100 subcomponents will be returned in a single page.

pageToken

string

Optional. A token that can be sent as pageToken to retrieve the next page. If this field is omitted, there are no subsequent pages.

Response body

Response for environments.computeEnvironmentScores.

If successful, the response body contains data with the following structure:

JSON representation
{
  "scores": [
    {
      object (Score)
    }
  ],
  "nextPageToken": string
}
Fields
scores[]

object (Score)

List of scores. One score per day.

nextPageToken

string

A page token, received from a previous ComputeScore call. Provide this to retrieve the subsequent page.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

Filter

Filter scores by component path. Used custom filter instead of AIP-160 as the use cases are highly constrained and predictable.

JSON representation
{
  "scorePath": string
}
Fields
scorePath

string

Optional. Return scores for this component. Example: "/org@myorg/envgroup@myenvgroup/env@myenv/proxies/proxy@myproxy/source"

Score

Represents Security Score.

JSON representation
{
  "timeRange": {
    object (Interval)
  },
  "component": {
    object (Component)
  },
  "subcomponents": [
    {
      object (Component)
    }
  ]
}
Fields
timeRange

object (Interval)

Start and end time for the score.

component

object (Component)

Component containing score, recommendations and actions.

subcomponents[]

object (Component)

List of all the drilldown score components.

Component

Component is an individual security element that is scored.

JSON representation
{
  "score": integer,
  "scorePath": string,
  "recommendations": [
    {
      object (Recommendation)
    }
  ],
  "dataCaptureTime": string,
  "calculateTime": string,
  "drilldownPaths": [
    string
  ]
}
Fields
score

integer

Score for the component.

scorePath

string

Path of the component. Example: /org@myorg/envgroup@myenvgroup/proxies/proxy@myproxy

recommendations[]

object (Recommendation)

List of recommendations to improve API security.

dataCaptureTime

string (Timestamp format)

Time in the requested time period when data was last captured to compute the score.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

calculateTime

string (Timestamp format)

Time when score was calculated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

drilldownPaths[]

string

List of paths for next components.

Recommendation

Recommendation based on security concerns and score.

JSON representation
{
  "title": string,
  "description": string,
  "impact": integer,
  "actions": [
    {
      object (Action)
    }
  ]
}
Fields
title

string

Title represents recommendation title.

description

string

Description of the recommendation.

impact

integer

Potential impact of this recommendation on the overall score. This denotes how important this recommendation is to improve the score.

actions[]

object (Action)

Actions for the recommendation to improve the security score.

Action

Action to improve security score.

JSON representation
{
  "description": string,
  "actionContext": {
    object (ActionContext)
  }
}
Fields
description

string

Description of the action.

actionContext

object (ActionContext)

Action context for the action.

ActionContext

Action context are all the relevant details for the action.

JSON representation
{

  // Union field context can be only one of the following:
  "documentationLink": string
  // End of list of possible types for union field context.
}
Fields
Union field context. Context has a set of relevant details for the action. context can be only one of the following: