SecurityCenterClient

SecurityCenterClient

V1 APIs for Security Center service.

Constructor

new SecurityCenterClient(optionsopt)

Construct an instance of SecurityCenterClient.

Parameters:
Name Type Attributes Description
options object <optional>

The configuration object. See the subsequent parameters for more details.

Properties
Name Type Attributes Description
credentials object <optional>

Credentials object.

Properties
Name Type Attributes Description
client_email string <optional>
private_key string <optional>
email string <optional>

Account email address. Required when using a .pem or .p12 keyFilename.
keyFilename string <optional>

Full path to the a .json, .pem, or .p12 key downloaded from the Google Developers Console. If you provide a path to a JSON file, the projectId option below is not necessary. NOTE: .pem and .p12 require you to specify options.email as well.
port number <optional>

The port on which to connect to the remote host.
projectId string <optional>

The project ID from the Google Developer's Console, e.g. 'grape-spaceship-123'. We will also check the environment variable GCLOUD_PROJECT for your project ID. If your app is running in an environment which supports Application Default Credentials, your project ID will be detected automatically.
promise function <optional>

Custom promise module to use instead of native Promises.
apiEndpoint string <optional>

The domain name of the API remote host.
Source:

Members

(static) apiEndpoint

The DNS address for this API service - same as servicePath(), exists for compatibility reasons.

Source:

(static) port

The port for this API service.

Source:

(static) scopes

The scopes needed to make gRPC calls for every method defined in this service.

Source:

(static) servicePath

The DNS address for this API service.

Source:

Methods

assetPath(organization, asset) → {String}

Return a fully-qualified asset resource name string.

Parameters:
Name Type Description
organization String
asset String
Source:

assetSecurityMarksPath(organization, asset) → {String}

Return a fully-qualified asset_security_marks resource name string.

Parameters:
Name Type Description
organization String
asset String
Source:

createFinding(request, optionsopt, callbackopt) → {Promise}

Creates a finding. The corresponding source must exist for finding creation to succeed.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
parent string

Resource name of the new finding's parent. Its format should be "organizations/[organization_id]/sources/[source_id]".
findingId string

Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.
finding Object

The Finding being created. The name and security_marks will be ignored as they are both output only fields on this resource.

This object should have the same structure as Finding
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Finding.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const findingId = '';
const finding = {};
const request = {
  parent: formattedParent,
  findingId: findingId,
  finding: finding,
};
client.createFinding(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

createSource(request, optionsopt, callbackopt) → {Promise}

Creates a source.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
parent string

Resource name of the new source's parent. Its format should be "organizations/[organization_id]".
source Object

The Source being created, only the display_name and description will be used. All other fields will be ignored.

This object should have the same structure as Source
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Source.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
const source = {};
const request = {
  parent: formattedParent,
  source: source,
};
client.createSource(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

findingPath(organization, source, finding) → {String}

Return a fully-qualified finding resource name string.

Parameters:
Name Type Description
organization String
source String
finding String
Source:

findingSecurityMarksPath(organization, source, finding) → {String}

Return a fully-qualified finding_security_marks resource name string.

Parameters:
Name Type Description
organization String
source String
finding String
Source:

getIamPolicy(request, optionsopt, callbackopt) → {Promise}

Gets the access control policy on the specified Source.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
resource string

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
options Object <optional>

OPTIONAL: A GetPolicyOptions object for specifying options to GetIamPolicy. This field is only used by Cloud IAM.

This object should have the same structure as GetPolicyOptions
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Policy.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedResource = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
client.getIamPolicy({resource: formattedResource})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

getOrganizationSettings(request, optionsopt, callbackopt) → {Promise}

Gets the settings for an organization.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Name of the organization to get organization settings for. Its format is "organizations/[organization_id]/organizationSettings".
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing OrganizationSettings.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedName = client.organizationSettingsPath('[ORGANIZATION]');
client.getOrganizationSettings({name: formattedName})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

getProjectId(callback)

Return the project ID used by this class.

Parameters:
Name Type Description
callback function

the callback to be called with the current project Id.
Source:

getSource(request, optionsopt, callbackopt) → {Promise}

Gets a source.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Relative resource name of the source. Its format is "organizations/[organization_id]/source/[source_id]".
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Source.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedName = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
client.getSource({name: formattedName})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

groupAssets(request, optionsopt, callbackopt) → {Promise}

Filters an organization's assets and groups them by their specified properties.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the organization to groupBy. Its format is "organizations/[organization_id]".
groupBy string

Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project".

The following fields are supported when compare_duration is not set:

  • security_center_properties.resource_project
  • security_center_properties.resource_type
  • security_center_properties.resource_parent

The following fields are supported when compare_duration is set:

  • security_center_properties.resource_type
filter string <optional>

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following field and operator combinations are supported: name | '=' update_time | '=', '>', '<', '>=', '<='

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "update_time = \"2019-06-10T16:07:18-07:00\""
  "update_time = 1560208038000"

create_time | '=', '>', '<', '>=', '<='

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "create_time = \"2019-06-10T16:07:18-07:00\""
  "create_time = 1560208038000"

iam_policy.policy_blob | '=', ':' resource_properties | '=', ':', '>', '<', '>=', '<=' security_marks | '=', ':' security_center_properties.resource_name | '=', ':' security_center_properties.resource_type | '=', ':' security_center_properties.resource_parent | '=', ':' security_center_properties.resource_project | '=', ':' security_center_properties.resource_owners | '=', ':'

For example, resource_properties.size = 100 is a valid filter string.
compareDuration Object <optional>

When compare_duration is set, the GroupResult's "state_change" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state_change" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present at the start of compare_duration, but present at reference_time.
  • "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time.
  • "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.

If this field is set then state_change must be a specified field in group_by.

This object should have the same structure as Duration
readTime Object <optional>

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is Array of GroupResult.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing GroupAssetsResponse.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.organizationPath('[ORGANIZATION]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};

client.groupAssets(request)
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.organizationPath('[ORGANIZATION]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.groupAssets(nextRequest, options).then(callback);
  }
}
client.groupAssets(request, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

groupAssetsStream(request, optionsopt) → {Stream}

Equivalent to groupAssets, but returns a NodeJS Stream object.

This fetches the paged responses for groupAssets continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the organization to groupBy. Its format is "organizations/[organization_id]".
groupBy string

Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project".

The following fields are supported when compare_duration is not set:

  • security_center_properties.resource_project
  • security_center_properties.resource_type
  • security_center_properties.resource_parent

The following fields are supported when compare_duration is set:

  • security_center_properties.resource_type
filter string <optional>

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following field and operator combinations are supported: name | '=' update_time | '=', '>', '<', '>=', '<='

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "update_time = \"2019-06-10T16:07:18-07:00\""
  "update_time = 1560208038000"

create_time | '=', '>', '<', '>=', '<='

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "create_time = \"2019-06-10T16:07:18-07:00\""
  "create_time = 1560208038000"

iam_policy.policy_blob | '=', ':' resource_properties | '=', ':', '>', '<', '>=', '<=' security_marks | '=', ':' security_center_properties.resource_name | '=', ':' security_center_properties.resource_type | '=', ':' security_center_properties.resource_parent | '=', ':' security_center_properties.resource_project | '=', ':' security_center_properties.resource_owners | '=', ':'

For example, resource_properties.size = 100 is a valid filter string.
compareDuration Object <optional>

When compare_duration is set, the GroupResult's "state_change" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state_change" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present at the start of compare_duration, but present at reference_time.
  • "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time.
  • "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.

If this field is set then state_change must be a specified field in group_by.

This object should have the same structure as Duration
readTime Object <optional>

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
Source:
See:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};
client.groupAssetsStream(request)
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

groupFindings(request, optionsopt, callbackopt) → {Promise}

Filters an organization or source's findings and groups them by their specified properties.

To group across all sources provide a - as the source id. Example: /v1/organizations/123/sources/-/findings

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of -. For example: organizations/123/sources/-
groupBy string

Expression that defines what assets fields to use for grouping (including state_change). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

The following fields are supported:

  • resource_name
  • category
  • state
  • parent

The following fields are supported when compare_duration is set:

  • state_change
filter string <optional>

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following field and operator combinations are supported: name | = parent | '=', ':' resource_name | '=', ':' state | '=', ':' category | '=', ':' external_uri | '=', ':' event_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "event_time = \"2019-06-10T16:07:18-07:00\""
  "event_time = 1560208038000"

security_marks | '=', ':' source_properties | '=', ':', >, <, >=, <=

For example, source_properties.size = 100 is a valid filter string.
readTime Object <optional>

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
compareDuration Object <optional>

When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.

Possible "state_change" values when compare_duration is specified:

  • "CHANGED": indicates that the finding was present at the start of compare_duration, but changed its state at read_time.
  • "UNCHANGED": indicates that the finding was present at the start of compare_duration and did not change state at read_time.
  • "ADDED": indicates that the finding was not present at the start of compare_duration, but was present at read_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.

If this field is set then state_change must be a specified field in group_by.

This object should have the same structure as Duration
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is Array of GroupResult.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing GroupFindingsResponse.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};

client.groupFindings(request)
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.groupFindings(nextRequest, options).then(callback);
  }
}
client.groupFindings(request, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

groupFindingsStream(request, optionsopt) → {Stream}

Equivalent to groupFindings, but returns a NodeJS Stream object.

This fetches the paged responses for groupFindings continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of -. For example: organizations/123/sources/-
groupBy string

Expression that defines what assets fields to use for grouping (including state_change). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

The following fields are supported:

  • resource_name
  • category
  • state
  • parent

The following fields are supported when compare_duration is set:

  • state_change
filter string <optional>

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following field and operator combinations are supported: name | = parent | '=', ':' resource_name | '=', ':' state | '=', ':' category | '=', ':' external_uri | '=', ':' event_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "event_time = \"2019-06-10T16:07:18-07:00\""
  "event_time = 1560208038000"

security_marks | '=', ':' source_properties | '=', ':', >, <, >=, <=

For example, source_properties.size = 100 is a valid filter string.
readTime Object <optional>

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
compareDuration Object <optional>

When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.

Possible "state_change" values when compare_duration is specified:

  • "CHANGED": indicates that the finding was present at the start of compare_duration, but changed its state at read_time.
  • "UNCHANGED": indicates that the finding was present at the start of compare_duration and did not change state at read_time.
  • "ADDED": indicates that the finding was not present at the start of compare_duration, but was present at read_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.

If this field is set then state_change must be a specified field in group_by.

This object should have the same structure as Duration
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
Source:
See:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};
client.groupFindingsStream(request)
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

listAssets(request, optionsopt, callbackopt) → {Promise}

Lists an organization's assets.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the organization assets should belong to. Its format is "organizations/[organization_id]".
filter string <optional>

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following are the allowed field and operator combinations: name | = update_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "update_time = \"2019-06-10T16:07:18-07:00\""
  "update_time = 1560208038000"

create_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "create_time = \"2019-06-10T16:07:18-07:00\""
  "create_time = 1560208038000"

iam_policy.policy_blob | '=', ':' resource_properties | '=', ':', >, <, >=, <= security_marks | '=', ':' security_center_properties.resource_name | '=', ':' security_center_properties.resource_type | '=', ':' security_center_properties.resource_parent | '=', ':' security_center_properties.resource_project | '=', ':' security_center_properties.resource_owners | '=', ':'

For example, resource_properties.size = 100 is a valid filter string.
orderBy string <optional>

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent.

The following fields are supported: name update_time resource_properties security_marks security_center_properties.resource_name security_center_properties.resource_parent security_center_properties.resource_project security_center_properties.resource_type
readTime Object <optional>

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
compareDuration Object <optional>

When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state_change" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time.
  • "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time.
  • "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.

This object should have the same structure as Duration
fieldMask Object <optional>

Optional.

A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is Array of ListAssetsResult.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListAssetsResponse.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.organizationPath('[ORGANIZATION]');

client.listAssets({parent: formattedParent})
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.organizationPath('[ORGANIZATION]');


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.listAssets(nextRequest, options).then(callback);
  }
}
client.listAssets({parent: formattedParent}, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

listAssetsStream(request, optionsopt) → {Stream}

Equivalent to listAssets, but returns a NodeJS Stream object.

This fetches the paged responses for listAssets continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the organization assets should belong to. Its format is "organizations/[organization_id]".
filter string <optional>

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following are the allowed field and operator combinations: name | = update_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "update_time = \"2019-06-10T16:07:18-07:00\""
  "update_time = 1560208038000"

create_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "create_time = \"2019-06-10T16:07:18-07:00\""
  "create_time = 1560208038000"

iam_policy.policy_blob | '=', ':' resource_properties | '=', ':', >, <, >=, <= security_marks | '=', ':' security_center_properties.resource_name | '=', ':' security_center_properties.resource_type | '=', ':' security_center_properties.resource_parent | '=', ':' security_center_properties.resource_project | '=', ':' security_center_properties.resource_owners | '=', ':'

For example, resource_properties.size = 100 is a valid filter string.
orderBy string <optional>

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent.

The following fields are supported: name update_time resource_properties security_marks security_center_properties.resource_name security_center_properties.resource_parent security_center_properties.resource_project security_center_properties.resource_type
readTime Object <optional>

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
compareDuration Object <optional>

When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state_change" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time.
  • "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time.
  • "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.

This object should have the same structure as Duration
fieldMask Object <optional>

Optional.

A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
Source:
See:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
client.listAssetsStream({parent: formattedParent})
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

listFindings(request, optionsopt, callbackopt) → {Promise}

Lists an organization or source's findings.

To list across all sources provide a - as the source id. Example: /v1/organizations/123/sources/-/findings

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of -. For example: organizations/123/sources/-
filter string <optional>

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following field and operator combinations are supported: name | = parent | '=', ':' resource_name | '=', ':' state | '=', ':' category | '=', ':' external_uri | '=', ':' event_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "event_time = \"2019-06-10T16:07:18-07:00\""
  "event_time = 1560208038000"

security_marks | '=', ':' source_properties | '=', ':', >, <, >=, <=

For example, source_properties.size = 100 is a valid filter string.
orderBy string <optional>

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent.

The following fields are supported: name parent state category resource_name event_time source_properties security_marks
readTime Object <optional>

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
compareDuration Object <optional>

When compare_duration is set, the ListFindingsResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added in any state during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.

Possible "state_change" values when compare_duration is specified:

  • "CHANGED": indicates that the finding was present at the start of compare_duration, but changed its state at read_time.
  • "UNCHANGED": indicates that the finding was present at the start of compare_duration and did not change state at read_time.
  • "ADDED": indicates that the finding was not present at the start of compare_duration, but was present at read_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.

This object should have the same structure as Duration
fieldMask Object <optional>

Optional.

A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is Array of ListFindingsResult.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListFindingsResponse.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');

client.listFindings({parent: formattedParent})
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.listFindings(nextRequest, options).then(callback);
  }
}
client.listFindings({parent: formattedParent}, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

listFindingsStream(request, optionsopt) → {Stream}

Equivalent to listFindings, but returns a NodeJS Stream object.

This fetches the paged responses for listFindings continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of -. For example: organizations/123/sources/-
filter string <optional>

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

The supported operators are:

  • = for all value types.
  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

The supported value types are:

  • string literals in quotes.
  • integer literals without quotes.
  • boolean literals true and false without quotes.

The following field and operator combinations are supported: name | = parent | '=', ':' resource_name | '=', ':' state | '=', ':' category | '=', ':' external_uri | '=', ':' event_time | =, >, <, >=, <=

Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
  "event_time = \"2019-06-10T16:07:18-07:00\""
  "event_time = 1560208038000"

security_marks | '=', ':' source_properties | '=', ':', >, <, >=, <=

For example, source_properties.size = 100 is a valid filter string.
orderBy string <optional>

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent.

The following fields are supported: name parent state category resource_name event_time source_properties security_marks
readTime Object <optional>

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp
compareDuration Object <optional>

When compare_duration is set, the ListFindingsResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added in any state during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.

Possible "state_change" values when compare_duration is specified:

  • "CHANGED": indicates that the finding was present at the start of compare_duration, but changed its state at read_time.
  • "UNCHANGED": indicates that the finding was present at the start of compare_duration and did not change state at read_time.
  • "ADDED": indicates that the finding was not present at the start of compare_duration, but was present at read_time.

If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.

This object should have the same structure as Duration
fieldMask Object <optional>

Optional.

A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
Source:
See:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
client.listFindingsStream({parent: formattedParent})
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

listSources(request, optionsopt, callbackopt) → {Promise}

Lists all sources belonging to an organization.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is Array of Source.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListSourcesResponse.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.organizationPath('[ORGANIZATION]');

client.listSources({parent: formattedParent})
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.organizationPath('[ORGANIZATION]');


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.listSources(nextRequest, options).then(callback);
  }
}
client.listSources({parent: formattedParent}, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

listSourcesStream(request, optionsopt) → {Stream}

Equivalent to listSources, but returns a NodeJS Stream object.

This fetches the paged responses for listSources continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".
pageSize number <optional>

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
Source:
See:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
client.listSourcesStream({parent: formattedParent})
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

matchAssetFromAssetName(assetName) → {String}

Parse the assetName from a asset resource.

Parameters:
Name Type Description
assetName String

A fully-qualified path representing a asset resources.
Source:

matchAssetFromAssetSecurityMarksName(assetSecurityMarksName) → {String}

Parse the assetSecurityMarksName from a asset_security_marks resource.

Parameters:
Name Type Description
assetSecurityMarksName String

A fully-qualified path representing a asset_security_marks resources.
Source:

matchFindingFromFindingName(findingName) → {String}

Parse the findingName from a finding resource.

Parameters:
Name Type Description
findingName String

A fully-qualified path representing a finding resources.
Source:

matchFindingFromFindingSecurityMarksName(findingSecurityMarksName) → {String}

Parse the findingSecurityMarksName from a finding_security_marks resource.

Parameters:
Name Type Description
findingSecurityMarksName String

A fully-qualified path representing a finding_security_marks resources.
Source:

matchOrganizationFromAssetName(assetName) → {String}

Parse the assetName from a asset resource.

Parameters:
Name Type Description
assetName String

A fully-qualified path representing a asset resources.
Source:

matchOrganizationFromAssetSecurityMarksName(assetSecurityMarksName) → {String}

Parse the assetSecurityMarksName from a asset_security_marks resource.

Parameters:
Name Type Description
assetSecurityMarksName String

A fully-qualified path representing a asset_security_marks resources.
Source:

matchOrganizationFromFindingName(findingName) → {String}

Parse the findingName from a finding resource.

Parameters:
Name Type Description
findingName String

A fully-qualified path representing a finding resources.
Source:

matchOrganizationFromFindingSecurityMarksName(findingSecurityMarksName) → {String}

Parse the findingSecurityMarksName from a finding_security_marks resource.

Parameters:
Name Type Description
findingSecurityMarksName String

A fully-qualified path representing a finding_security_marks resources.
Source:

matchOrganizationFromOrganizationName(organizationName) → {String}

Parse the organizationName from a organization resource.

Parameters:
Name Type Description
organizationName String

A fully-qualified path representing a organization resources.
Source:

matchOrganizationFromOrganizationSettingsName(organizationSettingsName) → {String}

Parse the organizationSettingsName from a organization_settings resource.

Parameters:
Name Type Description
organizationSettingsName String

A fully-qualified path representing a organization_settings resources.
Source:

matchOrganizationFromOrganizationSourcesName(organizationSourcesName) → {String}

Parse the organizationSourcesName from a organization_sources resource.

Parameters:
Name Type Description
organizationSourcesName String

A fully-qualified path representing a organization_sources resources.
Source:

matchOrganizationFromSourceName(sourceName) → {String}

Parse the sourceName from a source resource.

Parameters:
Name Type Description
sourceName String

A fully-qualified path representing a source resources.
Source:

matchSourceFromFindingName(findingName) → {String}

Parse the findingName from a finding resource.

Parameters:
Name Type Description
findingName String

A fully-qualified path representing a finding resources.
Source:

matchSourceFromFindingSecurityMarksName(findingSecurityMarksName) → {String}

Parse the findingSecurityMarksName from a finding_security_marks resource.

Parameters:
Name Type Description
findingSecurityMarksName String

A fully-qualified path representing a finding_security_marks resources.
Source:

matchSourceFromSourceName(sourceName) → {String}

Parse the sourceName from a source resource.

Parameters:
Name Type Description
sourceName String

A fully-qualified path representing a source resources.
Source:

organizationPath(organization) → {String}

Return a fully-qualified organization resource name string.

Parameters:
Name Type Description
organization String
Source:

organizationSettingsPath(organization) → {String}

Return a fully-qualified organization_settings resource name string.

Parameters:
Name Type Description
organization String
Source:

organizationSourcesPath(organization) → {String}

Return a fully-qualified organization_sources resource name string.

Parameters:
Name Type Description
organization String
Source:

runAssetDiscovery(request, optionsopt, callbackopt) → {Promise}

Runs asset discovery. The discovery is tracked with a long-running operation.

This API can only be called with limited frequency for an organization. If it is called too frequently the caller will receive a TOO_MANY_REQUESTS error.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
parent string

Name of the organization to run asset discovery for. Its format is "organizations/[organization_id]".
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is a gax.Operation object.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');

// Handle the operation using the promise pattern.
client.runAssetDiscovery({parent: formattedParent})
  .then(responses => {
    const [operation, initialApiResponse] = responses;

    // Operation#promise starts polling for the completion of the LRO.
    return operation.promise();
  })
  .then(responses => {
    const result = responses[0];
    const metadata = responses[1];
    const finalApiResponse = responses[2];
  })
  .catch(err => {
    console.error(err);
  });

const formattedParent = client.organizationPath('[ORGANIZATION]');

// Handle the operation using the event emitter pattern.
client.runAssetDiscovery({parent: formattedParent})
  .then(responses => {
    const [operation, initialApiResponse] = responses;

    // Adding a listener for the "complete" event starts polling for the
    // completion of the operation.
    operation.on('complete', (result, metadata, finalApiResponse) => {
      // doSomethingWith(result);
    });

    // Adding a listener for the "progress" event causes the callback to be
    // called on any change in metadata when the operation is polled.
    operation.on('progress', (metadata, apiResponse) => {
      // doSomethingWith(metadata)
    });

    // Adding a listener for the "error" event handles any errors found during polling.
    operation.on('error', err => {
      // throw(err);
    });
  })
  .catch(err => {
    console.error(err);
  });

const formattedParent = client.organizationPath('[ORGANIZATION]');

// Handle the operation using the await pattern.
const [operation] = await client.runAssetDiscovery({parent: formattedParent});

const [response] = await operation.promise();

setFindingState(request, optionsopt, callbackopt) → {Promise}

Updates the state of a finding.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/123/sources/456/finding/789".
state number

The desired State of the finding.

The number should be among the values of State
startTime Object

The time at which the updated state takes effect.

This object should have the same structure as Timestamp
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Finding.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedName = client.findingPath('[ORGANIZATION]', '[SOURCE]', '[FINDING]');
const state = 'STATE_UNSPECIFIED';
const startTime = {};
const request = {
  name: formattedName,
  state: state,
  startTime: startTime,
};
client.setFindingState(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

setIamPolicy(request, optionsopt, callbackopt) → {Promise}

Sets the access control policy on the specified Source.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
resource string

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
policy Object

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

This object should have the same structure as Policy
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Policy.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedResource = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const policy = {};
const request = {
  resource: formattedResource,
  policy: policy,
};
client.setIamPolicy(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

sourcePath(organization, source) → {String}

Return a fully-qualified source resource name string.

Parameters:
Name Type Description
organization String
source String
Source:

testIamPermissions(request, optionsopt, callbackopt) → {Promise}

Returns the permissions that a caller has on the specified source.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
resource string

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
permissions Array.<string>

The set of permissions to check for the resource. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing TestIamPermissionsResponse.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedResource = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const permissions = [];
const request = {
  resource: formattedResource,
  permissions: permissions,
};
client.testIamPermissions(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateFinding(request, optionsopt, callbackopt) → {Promise}

Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
finding Object

The finding resource to update or create if it does not already exist. parent, security_marks, and update_time will be ignored.

In the case of creation, the finding id portion of the name must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

This object should have the same structure as Finding
updateMask Object <optional>

The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding.

When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using "source_properties." in the field mask.

This object should have the same structure as FieldMask
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Finding.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const finding = {};
client.updateFinding({finding: finding})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateOrganizationSettings(request, optionsopt, callbackopt) → {Promise}

Updates an organization's settings.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
organizationSettings Object

The organization settings resource to update.

This object should have the same structure as OrganizationSettings
updateMask Object <optional>

The FieldMask to use when updating the settings resource.

If empty all mutable fields will be updated.

This object should have the same structure as FieldMask
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing OrganizationSettings.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const organizationSettings = {};
client.updateOrganizationSettings({organizationSettings: organizationSettings})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateSecurityMarks(request, optionsopt, callbackopt) → {Promise}

Updates security marks.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
securityMarks Object

The security marks resource to update.

This object should have the same structure as SecurityMarks
updateMask Object <optional>

The FieldMask to use when updating the security marks resource.

The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.<mark_key>".

This object should have the same structure as FieldMask
startTime Object <optional>

The time at which the updated SecurityMarks take effect. If not set uses current server time. Updates will be applied to the SecurityMarks that are active immediately preceding this time.

This object should have the same structure as Timestamp
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing SecurityMarks.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const securityMarks = {};
client.updateSecurityMarks({securityMarks: securityMarks})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateSource(request, optionsopt, callbackopt) → {Promise}

Updates a source.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
source Object

The source resource to update.

This object should have the same structure as Source
updateMask Object <optional>

The FieldMask to use when updating the source resource.

If empty all mutable fields will be updated.

This object should have the same structure as FieldMask
options Object <optional>

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.
callback function <optional>

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Source.
Source:
Example
const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1.SecurityCenterClient({
  // optional auth parameters.
});

const source = {};
client.updateSource({source: source})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });