GetAssessmentQuerySpecNodes returns the entity details for nodes in the query without generating a result count. This option uses pagination and can be faster for complex queries where the total number of search results is not needed.
The request must include the full query spec object and the source_node_id of the query result to retrieve destination nodes for. Additionally, providing a snapshot_id will return destination nodes based on a Time Machine snapshot.
When specifying a page_size in the query string, responses will include the next_page_token and indicate has_more if additional results are available. Note that a page can be empty even when more results exist.
Sample request:
The following example searches for AWS IAM users with permissions to modify S3 bucket ACLs:
relates_to_expA RelatesToExpression E evaluates as "true if source has a path to E; otherwise false".
for E = {
specs: [A, B, ...],
child_expressions: [X, Y, ...],
operator,
not,
},
"source has a path to E" is defined as:
- if operator = AND (default): "source has a path to ALL of (A,B, ..., X, Y, ...), i.e. A AND B AND ... AND X AND Y AND ..."
- if operator = OR: "source has a path to ANY of (A,B, ..., X, Y, ...), i.e. A OR B OR ... OR X OR Y OR ..."
- if not = true, boolean invert the result above
AssessmentQueryResultValueType determines which of the fields (values or path_values) will be populated
in the resulting AssessmentQueryNodesResponse message.
UNDEFINED is a valid selection and is intended for backward compatibility.
When UNDEFINED is selected, the actual result value type will be determined by the backend (BE).
UNDEFINED: Valid selection and intended for backward compatibility, result type determined by BE
SOURCE_NODES_WITH_COUNTS: Returns populated values field containing source nodes and their destination counts
SOURCE_AND_DESTINATION_NODES: Returns path_values with source and destination nodes, excluding path summary.
PATHS: Returns path_values along with path summary.
