posture_deployments
Creates, updates, deletes, gets or lists a posture_deployments resource.
Overview
| Name | posture_deployments |
| Type | Resource |
| Id | google.securityposture.posture_deployments |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Required. Identifier. The name of the posture deployment, in the format organizations/{organization}/locations/global/postureDeployments/{deployment_id}. |
annotations | object | Optional. The user-specified annotations for the posture deployment. For details about the values you can use in an annotation, see AIP-148: Standard fields. |
categories | array | Output only. The categories that the posture deployment belongs to, as determined by the Security Posture API. |
createTime | string (google-datetime) | Output only. The time at which the posture deployment was created. |
description | string | Optional. A description of the posture deployment. |
desiredPostureId | string | Output only. The posture ID that was specified for the deployment. Present only if the posture deployment is in a failed state. |
desiredPostureRevisionId | string | Output only. The revision ID of the posture that was specified for the deployment. Present only if the deployment is in a failed state. |
etag | string | Optional. An opaque identifier for the current version of the posture deployment. To prevent concurrent updates from overwriting each other, always provide the etag when you update a posture deployment. You can also provide the etag when you delete a posture deployment, to help ensure that you're deleting the intended posture deployment. |
failureMessage | string | Output only. A description of why the posture deployment failed. Present only if the deployment is in a failed state. |
postureId | string | Required. The posture used in the deployment, in the format organizations/{organization}/locations/global/postures/{posture_id}. |
postureRevisionId | string | Required. The revision ID of the posture used in the deployment. |
reconciling | boolean | Output only. Whether the posture deployment is in the process of being updated. |
state | string | Output only. The state of the posture deployment. |
targetResource | string | Required. The organization, folder, or project where the posture is deployed. Uses one of the following formats: * organizations/{organization_number} * folders/{folder_number} * projects/{project_number} |
updateTime | string (google-datetime) | Output only. The time at which the posture deployment was last updated. |
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Required. Identifier. The name of the posture deployment, in the format organizations/{organization}/locations/global/postureDeployments/{deployment_id}. |
annotations | object | Optional. The user-specified annotations for the posture deployment. For details about the values you can use in an annotation, see AIP-148: Standard fields. |
categories | array | Output only. The categories that the posture deployment belongs to, as determined by the Security Posture API. |
createTime | string (google-datetime) | Output only. The time at which the posture deployment was created. |
description | string | Optional. A description of the posture deployment. |
desiredPostureId | string | Output only. The posture ID that was specified for the deployment. Present only if the posture deployment is in a failed state. |
desiredPostureRevisionId | string | Output only. The revision ID of the posture that was specified for the deployment. Present only if the deployment is in a failed state. |
etag | string | Optional. An opaque identifier for the current version of the posture deployment. To prevent concurrent updates from overwriting each other, always provide the etag when you update a posture deployment. You can also provide the etag when you delete a posture deployment, to help ensure that you're deleting the intended posture deployment. |
failureMessage | string | Output only. A description of why the posture deployment failed. Present only if the deployment is in a failed state. |
postureId | string | Required. The posture used in the deployment, in the format organizations/{organization}/locations/global/postures/{posture_id}. |
postureRevisionId | string | Required. The revision ID of the posture used in the deployment. |
reconciling | boolean | Output only. Whether the posture deployment is in the process of being updated. |
state | string | Output only. The state of the posture deployment. |
targetResource | string | Required. The organization, folder, or project where the posture is deployed. Uses one of the following formats: * organizations/{organization_number} * folders/{folder_number} * projects/{project_number} |
updateTime | string (google-datetime) | Output only. The time at which the posture deployment was last updated. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | organizationsId, locationsId, postureDeploymentsId | Gets details for a PostureDeployment. | |
list | select | organizationsId, locationsId | pageSize, pageToken, filter | Lists every PostureDeployment in a project and location. |
create | insert | organizationsId, locationsId | postureDeploymentId | Creates a new PostureDeployment in a given project and location. |
patch | update | organizationsId, locationsId, postureDeploymentsId | updateMask | Updates an existing PostureDeployment. To prevent concurrent updates from overwriting each other, always follow the read-modify-write pattern when you update a posture deployment: 1. Call GetPostureDeployment to get the current version of the deployment. 2. Update the fields in the deployment as needed. 3. Call UpdatePostureDeployment to update the deployment. Ensure that your request includes the etag value from the GetPostureDeployment response. Important: If you omit the etag when you call UpdatePostureDeployment, then the updated deployment unconditionally overwrites the existing deployment. |
delete | delete | organizationsId, locationsId, postureDeploymentsId | etag | Deletes a PostureDeployment. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
locationsId | string | |
organizationsId | string | |
postureDeploymentsId | string | |
etag | string | |
filter | string | |
pageSize | integer (int32) | |
pageToken | string | |
postureDeploymentId | string | |
updateMask | string (google-fieldmask) |
SELECT examples
- get
- list
Gets details for a PostureDeployment.
SELECT
name,
annotations,
categories,
createTime,
description,
desiredPostureId,
desiredPostureRevisionId,
etag,
failureMessage,
postureId,
postureRevisionId,
reconciling,
state,
targetResource,
updateTime
FROM google.securityposture.posture_deployments
WHERE organizationsId = '{{ organizationsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND postureDeploymentsId = '{{ postureDeploymentsId }}' -- required;
Lists every PostureDeployment in a project and location.
SELECT
name,
annotations,
categories,
createTime,
description,
desiredPostureId,
desiredPostureRevisionId,
etag,
failureMessage,
postureId,
postureRevisionId,
reconciling,
state,
targetResource,
updateTime
FROM google.securityposture.posture_deployments
WHERE organizationsId = '{{ organizationsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}';
INSERT examples
- create
- Manifest
Creates a new PostureDeployment in a given project and location.
INSERT INTO google.securityposture.posture_deployments (
data__name,
data__targetResource,
data__postureId,
data__postureRevisionId,
data__description,
data__etag,
data__annotations,
organizationsId,
locationsId,
postureDeploymentId
)
SELECT
'{{ name }}',
'{{ targetResource }}',
'{{ postureId }}',
'{{ postureRevisionId }}',
'{{ description }}',
'{{ etag }}',
'{{ annotations }}',
'{{ organizationsId }}',
'{{ locationsId }}',
'{{ postureDeploymentId }}'
RETURNING
name,
done,
error,
metadata,
response
;
# Description fields are for documentation purposes
- name: posture_deployments
props:
- name: organizationsId
value: string
description: Required parameter for the posture_deployments resource.
- name: locationsId
value: string
description: Required parameter for the posture_deployments resource.
- name: name
value: string
description: >
Required. Identifier. The name of the posture deployment, in the format `organizations/{organization}/locations/global/postureDeployments/{deployment_id}`.
- name: targetResource
value: string
description: >
Required. The organization, folder, or project where the posture is deployed. Uses one of the following formats: * `organizations/{organization_number}` * `folders/{folder_number}` * `projects/{project_number}`
- name: postureId
value: string
description: >
Required. The posture used in the deployment, in the format `organizations/{organization}/locations/global/postures/{posture_id}`.
- name: postureRevisionId
value: string
description: >
Required. The revision ID of the posture used in the deployment.
- name: description
value: string
description: >
Optional. A description of the posture deployment.
- name: etag
value: string
description: >
Optional. An opaque identifier for the current version of the posture deployment. To prevent concurrent updates from overwriting each other, always provide the `etag` when you update a posture deployment. You can also provide the `etag` when you delete a posture deployment, to help ensure that you're deleting the intended posture deployment.
- name: annotations
value: object
description: >
Optional. The user-specified annotations for the posture deployment. For details about the values you can use in an annotation, see [AIP-148: Standard fields](https://google.aip.dev/148#annotations).
- name: postureDeploymentId
value: string
UPDATE examples
- patch
Updates an existing PostureDeployment. To prevent concurrent updates from overwriting each other, always follow the read-modify-write pattern when you update a posture deployment: 1. Call GetPostureDeployment to get the current version of the deployment. 2. Update the fields in the deployment as needed. 3. Call UpdatePostureDeployment to update the deployment. Ensure that your request includes the etag value from the GetPostureDeployment response. Important: If you omit the etag when you call UpdatePostureDeployment, then the updated deployment unconditionally overwrites the existing deployment.
UPDATE google.securityposture.posture_deployments
SET
data__name = '{{ name }}',
data__targetResource = '{{ targetResource }}',
data__postureId = '{{ postureId }}',
data__postureRevisionId = '{{ postureRevisionId }}',
data__description = '{{ description }}',
data__etag = '{{ etag }}',
data__annotations = '{{ annotations }}'
WHERE
organizationsId = '{{ organizationsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND postureDeploymentsId = '{{ postureDeploymentsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;
DELETE examples
- delete
Deletes a PostureDeployment.
DELETE FROM google.securityposture.posture_deployments
WHERE organizationsId = '{{ organizationsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND postureDeploymentsId = '{{ postureDeploymentsId }}' --required
AND etag = '{{ etag }}';