Skip to main content

violations

Overview

Name	`violations`
Type	Resource
Id	`google.assuredworkloads.violations`

Fields

Name	Datatype	Description
`name`	`string`	Output only. Immutable. Name of the Violation. Format: organizations/{organization}/locations/{location}/workloads/{workload_id}/violations/{violations_id}
`description`	`string`	Output only. Description for the Violation. e.g. OrgPolicy gcp.resourceLocations has non compliant value.
`acknowledged`	`boolean`	A boolean that indicates if the violation is acknowledged
`acknowledgementTime`	`string`	Optional. Timestamp when this violation was acknowledged first. Check exception_contexts to find the last time the violation was acknowledged when there are more than one violations. This field will be absent when acknowledged field is marked as false.
`auditLogLink`	`string`	Output only. Immutable. Audit Log Link for violated resource Format: https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{timeRange}{folder};
`beginTime`	`string`	Output only. Time of the event which triggered the Violation.
`category`	`string`	Output only. Category under which this violation is mapped. e.g. Location, Service Usage, Access, Encryption, etc.
`exceptionAuditLogLink`	`string`	Output only. Immutable. Audit Log link to find business justification provided for violation exception. Format: https://console.cloud.google.com/logs/query;query={logName}{protoPayload.resourceName}{protoPayload.methodName}{timeRange}{organization};
`exceptionContexts`	`array`	Output only. List of all the exception detail added for the violation.
`nonCompliantOrgPolicy`	`string`	Output only. Immutable. Name of the OrgPolicy which was modified with non-compliant change and resulted this violation. Format: projects/{project_number}/policies/{constraint_name} folders/{folder_id}/policies/{constraint_name} organizations/{organization_id}/policies/{constraint_name}
`orgPolicyConstraint`	`string`	Output only. Immutable. The org-policy-constraint that was incorrectly changed, which resulted in this violation.
`remediation`	`object`	Represents remediation guidance to resolve compliance violation for AssuredWorkload
`resolveTime`	`string`	Output only. Time of the event which fixed the Violation. If the violation is ACTIVE this will be empty.
`state`	`string`	Output only. State of the violation
`updateTime`	`string`	Output only. The last time when the Violation record was updated.

Methods

Name	Accessible by	Required Params	Description
`get`	`SELECT`	`locationsId, organizationsId, violationsId, workloadsId`	Retrieves Assured Workload Violation based on ID.
`list`	`SELECT`	`locationsId, organizationsId, workloadsId`	Lists the Violations in the AssuredWorkload Environment. Callers may also choose to read across multiple Workloads as per AIP-159 by using '-' (the hyphen or dash character) as a wildcard character instead of workload-id in the parent. Format `organizations/{org_id}/locations/{location}/workloads/-`
`_list`	`EXEC`	`locationsId, organizationsId, workloadsId`	Lists the Violations in the AssuredWorkload Environment. Callers may also choose to read across multiple Workloads as per AIP-159 by using '-' (the hyphen or dash character) as a wildcard character instead of workload-id in the parent. Format `organizations/{org_id}/locations/{location}/workloads/-`
`acknowledge`	`EXEC`	`locationsId, organizationsId, violationsId, workloadsId`	Acknowledges an existing violation. By acknowledging a violation, users acknowledge the existence of a compliance violation in their workload and decide to ignore it due to a valid business justification. Acknowledgement is a permanent operation and it cannot be reverted.

Overview
Fields
Methods