ListFindingsResponse

Response message for listing findings.

JSON representation 
{
  "listFindingsResults": [
    {
      object (ListFindingsResult)
    }
  ],
  "nextPageToken": string,
  "totalSize": integer
}
Fields
listFindingsResults[]

object (ListFindingsResult)

Findings matching the list request.
nextPageToken

string

Token to retrieve the next page of results, or empty if there are no more results.
totalSize

integer

The total number of findings matching the query.

ListFindingsResult

Result containing the Finding.

JSON representation 
{
  "finding": {
    object (Finding)
  },
  "resource": {
    object (Resource)
  }
}
Fields
finding

object (Finding)

Finding matching the search request.
resource

object (Resource)

Output only. Resource that is associated with this finding.

Resource

Information related to the Google Cloud resource that is associated with this finding.

JSON representation 
{
  "name": string,
  "displayName": string,
  "type": string,
  "cloudProvider": enum (CloudProvider),
  "service": string,
  "location": string,
  "resourcePath": {
    object (ResourcePath)
  },
  "resourcePathString": string,

  // Union field cloud_provider_metadata can be only one of the following:
  "gcpMetadata": {
    object (GcpMetadata)
  },
  "awsMetadata": {
    object (AwsMetadata)
  },
  "azureMetadata": {
    object (AzureMetadata)
  }
  // End of list of possible types for union field cloud_provider_metadata.
}
Fields
name

string

The full resource name of the resource. See: https://cloud.google.com/apis/design/resource_names#full_resource_name
displayName

string

The human readable name of the resource.
type

string

The full resource type of the resource.
cloudProvider

enum (CloudProvider)

Indicates which cloud provider the finding is from.
service

string

The service or resource provider associated with the resource.
location

string

The region or location of the service (if applicable).
resourcePath

object (ResourcePath)

Provides the path to the resource within the resource hierarchy.
resourcePathString

string

A string representation of the resource path. For Google Cloud, it has the format of organizations/{organizationId}/folders/{folder_id}/folders/{folder_id}/projects/{projectId} where there can be any number of folders. For AWS, it has the format of org/{organizationId}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{accountId} where there can be any number of organizational units. For Azure, it has the format of mg/{management_group_id}/mg/{management_group_id}/subscription/{subscriptionId}/rg/{resource_group_name} where there can be any number of management groups.
Union field cloud_provider_metadata. The metadata associated with the cloud provider. cloud_provider_metadata can be only one of the following:
gcpMetadata

object (GcpMetadata)

The Google Cloud metadata associated with the finding.
awsMetadata

object (AwsMetadata)

The AWS metadata associated with the finding.
azureMetadata

object (AzureMetadata)

The Azure metadata associated with the finding.

GcpMetadata

Google Cloud metadata associated with the resource. Only applicable if the finding's cloud provider is Google Cloud.

JSON representation 
{
  "project": string,
  "projectDisplayName": string,
  "parent": string,
  "parentDisplayName": string,
  "folders": [
    {
      object (Folder)
    }
  ],
  "organization": string
}
Fields
project

string

The full resource name of project that the resource belongs to.
projectDisplayName

string

The project ID that the resource belongs to.
parent

string

The full resource name of resource's parent.
parentDisplayName

string

The human readable name of resource's parent.
folders[]

object (Folder)

Output only. Contains a Folder message for each folder in the assets ancestry. The first folder is the deepest nested folder, and the last folder is the folder directly under the Organization.
organization

string

The name of the organization that the resource belongs to.

Folder

Message that contains the resource name and display name of a folder resource.

JSON representation 
{
  "resourceFolder": string,
  "resourceFolderDisplayName": string
}
Fields
resourceFolder

string

Full resource name of this folder. See: https://cloud.google.com/apis/design/resource_names#full_resource_name
resourceFolderDisplayName

string

The user defined display name for this folder.

AwsMetadata

AWS metadata associated with the resource, only applicable if the finding's cloud provider is Amazon Web Services.

JSON representation 
{
  "organization": {
    object (AwsOrganization)
  },
  "organizationalUnits": [
    {
      object (AwsOrganizationalUnit)
    }
  ],
  "account": {
    object (AwsAccount)
  }
}
Fields
organization

object (AwsOrganization)

The AWS organization associated with the resource.
organizationalUnits[]

object (AwsOrganizationalUnit)

A list of AWS organizational units associated with the resource, ordered from lowest level (closest to the account) to highest level.
account

object (AwsAccount)

The AWS account associated with the resource.

AwsOrganization

An organization is a collection of accounts that are centrally managed together using consolidated billing, organized hierarchically with organizational units (OUs), and controlled with policies.

JSON representation 
{
  "id": string
}
Fields
id

string

The unique identifier (ID) for the organization. The regex pattern for an organization ID string requires "o-" followed by from 10 to 32 lowercase letters or digits.

AwsOrganizationalUnit

An Organizational Unit (OU) is a container of AWS accounts within a root of an organization. Policies that are attached to an OU apply to all accounts contained in that OU and in any child OUs.

JSON representation 
{
  "id": string,
  "name": string
}
Fields
id

string

The unique identifier (ID) associated with this OU. The regex pattern for an organizational unit ID string requires "ou-" followed by from 4 to 32 lowercase letters or digits (the ID of the root that contains the OU). This string is followed by a second "-" dash and from 8 to 32 additional lowercase letters or digits. For example, "ou-ab12-cd34ef56".
name

string

The friendly name of the OU.

AwsAccount

An AWS account that is a member of an organization.

JSON representation 
{
  "id": string,
  "name": string
}
Fields
id

string

The unique identifier (ID) of the account, containing exactly 12 digits.
name

string

The friendly name of this account.

AzureMetadata

Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.

JSON representation 
{
  "managementGroups": [
    {
      object (AzureManagementGroup)
    }
  ],
  "subscription": {
    object (AzureSubscription)
  },
  "resourceGroup": {
    object (AzureResourceGroup)
  },
  "tenant": {
    object (AzureTenant)
  }
}
Fields
managementGroups[]

object (AzureManagementGroup)

A list of Azure management groups associated with the resource, ordered from lowest level (closest to the subscription) to highest level.
subscription

object (AzureSubscription)

The Azure subscription associated with the resource.
resourceGroup

object (AzureResourceGroup)

The Azure resource group associated with the resource.
tenant

object (AzureTenant)

The Azure Entra tenant associated with the resource.

AzureManagementGroup

Represents an Azure management group.

JSON representation 
{
  "id": string,
  "displayName": string
}
Fields
id

string

The UUID of the Azure management group, for example, 20000000-0001-0000-0000-000000000000.
displayName

string

The display name of the Azure management group.

AzureSubscription

Represents an Azure subscription.

JSON representation 
{
  "id": string,
  "displayName": string
}
Fields
id

string

The UUID of the Azure subscription, for example, 291bba3f-e0a5-47bc-a099-3bdcb2a50a05.
displayName

string

The display name of the Azure subscription.

AzureResourceGroup

Represents an Azure resource group.

JSON representation 
{
  "id": string,
  "name": string
}
Fields
id

string

The ID of the Azure resource group.
name

string

The name of the Azure resource group. This is not a UUID.

AzureTenant

Represents a Microsoft Entra tenant.

JSON representation 
{
  "id": string,
  "displayName": string
}
Fields
id

string

The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-1aaa11a".
displayName

string

The display name of the Azure tenant.

ResourcePath

Represents the path of resources leading up to the resource this finding is about.

JSON representation 
{
  "nodes": [
    {
      object (ResourcePathNode)
    }
  ]
}
Fields
nodes[]

object (ResourcePathNode)

The list of nodes that make the up resource path, ordered from lowest level to highest level.

ResourcePathNode

A node within the resource path. Each node represents a resource within the resource hierarchy.

JSON representation 
{
  "nodeType": enum (ResourcePathNodeType),
  "id": string,
  "displayName": string
}
Fields
nodeType

enum (ResourcePathNodeType)

The type of resource this node represents.
id

string

The ID of the resource this node represents.
displayName

string

The display name of the resource this node represents.

ResourcePathNodeType

The type of resource the node represents.

Enums
RESOURCE_PATH_NODE_TYPE_UNSPECIFIED Node type is unspecified.
GCP_ORGANIZATION The node represents a Google Cloud organization.
GCP_FOLDER The node represents a Google Cloud folder.
GCP_PROJECT The node represents a Google Cloud project.
AWS_ORGANIZATION The node represents an AWS organization.
AWS_ORGANIZATIONAL_UNIT The node represents an AWS organizational unit.
AWS_ACCOUNT The node represents an AWS account.
AZURE_MANAGEMENT_GROUP The node represents an Azure management group.
AZURE_SUBSCRIPTION The node represents an Azure subscription.
AZURE_RESOURCE_GROUP The node represents an Azure resource group.