violations
Creates, updates, deletes, gets or lists a violations resource.
Overview
| Name | violations |
| Type | Resource |
| Id | google.cloudcontrolspartner.violations |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. Format: organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/violations/{violation} |
beginTime | string (google-datetime) | Output only. Time of the event which triggered the Violation. |
category | string | Output only. Category under which this violation is mapped. e.g. Location, Service Usage, Access, Encryption, etc. |
description | string | Output only. Description for the Violation. e.g. OrgPolicy gcp.resourceLocations has non compliant value. |
folderId | string (int64) | The folder_id of the violation |
nonCompliantOrgPolicy | string | Output only. Immutable. Name of the OrgPolicy which was modified with non-compliant change and resulted this violation. Format: projects/{project_number}/policies/{constraint_name} folders/{folder_id}/policies/{constraint_name} organizations/{organization_id}/policies/{constraint_name} |
remediation | object | Output only. Compliance violation remediation (id: Remediation) |
resolveTime | string (google-datetime) | Output only. Time of the event which fixed the Violation. If the violation is ACTIVE this will be empty. |
state | string | Output only. State of the violation |
updateTime | string (google-datetime) | Output only. The last time when the Violation record was updated. |
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. Format: organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}/violations/{violation} |
beginTime | string (google-datetime) | Output only. Time of the event which triggered the Violation. |
category | string | Output only. Category under which this violation is mapped. e.g. Location, Service Usage, Access, Encryption, etc. |
description | string | Output only. Description for the Violation. e.g. OrgPolicy gcp.resourceLocations has non compliant value. |
folderId | string (int64) | The folder_id of the violation |
nonCompliantOrgPolicy | string | Output only. Immutable. Name of the OrgPolicy which was modified with non-compliant change and resulted this violation. Format: projects/{project_number}/policies/{constraint_name} folders/{folder_id}/policies/{constraint_name} organizations/{organization_id}/policies/{constraint_name} |
remediation | object | Output only. Compliance violation remediation (id: Remediation) |
resolveTime | string (google-datetime) | Output only. Time of the event which fixed the Violation. If the violation is ACTIVE this will be empty. |
state | string | Output only. State of the violation |
updateTime | string (google-datetime) | Output only. The last time when the Violation record was updated. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | organizationsId, locationsId, customersId, workloadsId, violationsId | Gets details of a single Violation. | |
list | select | organizationsId, locationsId, customersId, workloadsId | pageSize, pageToken, filter, orderBy, interval.startTime, interval.endTime | Lists Violations for a workload Callers may also choose to read across multiple Customers or for a single customer as per AIP-159 by using '-' (the hyphen or dash character) as a wildcard character instead of {customer} & {workload}. Format: organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload} |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
customersId | string | |
locationsId | string | |
organizationsId | string | |
violationsId | string | |
workloadsId | string | |
filter | string | |
interval.endTime | string (google-datetime) | |
interval.startTime | string (google-datetime) | |
orderBy | string | |
pageSize | integer (int32) | |
pageToken | string |
SELECT examples
- get
- list
Gets details of a single Violation.
SELECT
name,
beginTime,
category,
description,
folderId,
nonCompliantOrgPolicy,
remediation,
resolveTime,
state,
updateTime
FROM google.cloudcontrolspartner.violations
WHERE organizationsId = '{{ organizationsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND customersId = '{{ customersId }}' -- required
AND workloadsId = '{{ workloadsId }}' -- required
AND violationsId = '{{ violationsId }}' -- required;
Lists Violations for a workload Callers may also choose to read across multiple Customers or for a single customer as per AIP-159 by using '-' (the hyphen or dash character) as a wildcard character instead of {customer} & {workload}. Format: organizations/{organization}/locations/{location}/customers/{customer}/workloads/{workload}
SELECT
name,
beginTime,
category,
description,
folderId,
nonCompliantOrgPolicy,
remediation,
resolveTime,
state,
updateTime
FROM google.cloudcontrolspartner.violations
WHERE organizationsId = '{{ organizationsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND customersId = '{{ customersId }}' -- required
AND workloadsId = '{{ workloadsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}'
AND orderBy = '{{ orderBy }}'
AND interval.startTime = '{{ interval.startTime }}'
AND interval.endTime = '{{ interval.endTime }}';