gcloud scc assets list-marks - list an assets's security marks
gcloud scc assets list-marks (ASSET : --organization=ORGANIZATION) [--page-token=PAGE_TOKEN] [--read-time=READ_TIME] [--filter=EXPRESSION] [--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [GCLOUD_WIDE_FLAG ...]
List an assets's security marks.
List all security marks for asset (8910) under organization (123456):
$ gcloud scc assets list-marks 8910 --organization=123456
List all security marks for asset (8910) under project (example-project):
$ gcloud scc assets list-marks \ projects/example-project/assets/8910 --organization=123456
List all security marks for asset (8910) under folder (456):
$ gcloud scc assets list-marks folders/456/assets/8910 \ --organization=123456
- Asset resource - The asset to be used for the SCC (Security Command Center)
command. The arguments in this group can be used to specify the attributes of this resource.
This must be specified.
- ASSET
ID of the asset or fully qualified identifier for the asset. To set the asset attribute:
provide the argument asset on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
- --organization=ORGANIZATION
(Optional) If the full resource name isn't provided e.g. organizations/123, then provide the organization id which is the suffix of the organization. Example: organizations/123, the id is 123.
To set the organization attribute:
provide the argument asset on the command line with a fully specified name;
provide the argument --organization on the command line;
Set the organization property in configuration using gcloud config set scc/organization if it is not specified in command line..
- --page-token=PAGE_TOKEN
Response objects will return a non-null value for page-token to indicate that there is at least one additional page of data. User can either directly request that page by specifying the page-token explicitly or let gcloud fetch one-page-at-a-time.
- --read-time=READ_TIME
Time used as a reference point when filtering. Absence of this field will default to the API's version of NOW. For example --read-time "2019-02-28T07:00:00Z"
- --filter=EXPRESSION
Apply a Boolean filter EXPRESSION to each resource item to be listed. If the expression evaluates True, then that item is listed. For more details and examples of filter expressions, run $ gcloud topic filters. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
- --limit=LIMIT
Maximum number of resources to list. The default is unlimited. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
- --page-size=PAGE_SIZE
Some services group resource list output into pages. This flag specifies the maximum number of resources per page. The default is determined by the service if it supports paging, otherwise it is unlimited (no paging). Paging may be applied before or after --filter and --limit depending on the service.
- --sort-by=[FIELD,...]
Comma-separated list of resource field key names to sort by. The default order is ascending. Prefix a field with ``~'' for descending order on that field. This flag interacts with other flags that are applied in this order: --flatten, --sort-by, --filter, --limit.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
This command uses the securitycenter/v1 API. The full documentation for this API can be found at: https://cloud.google.com/security-command-center
These variants are also available:
$ gcloud alpha scc assets list-marks
$ gcloud beta scc assets list-marks