The configuration object.
The options accepted by the constructor are described in detail
in this document.
The common options are:
Properties
Name
Type
Attributes
Description
credentials
object
<optional>
Credentials object.
Properties
Name
Type
Attributes
Description
client_email
string
<optional>
private_key
string
<optional>
email
string
<optional>
Account email address. Required when
using a .pem or .p12 keyFilename.
keyFilename
string
<optional>
Full path to the a .json, .pem, or
.p12 key downloaded from the Google Developers Console. If you provide
a path to a JSON file, the projectId option below is not necessary.
NOTE: .pem and .p12 require you to specify options.email as well.
port
number
<optional>
The port on which to connect to
the remote host.
projectId
string
<optional>
The project ID from the Google
Developer's Console, e.g. 'grape-spaceship-123'. We will also check
the environment variable GCLOUD_PROJECT for your project ID. If your
app is running in an environment which supports
Application Default Credentials,
your project ID will be detected automatically.
apiEndpoint
string
<optional>
The domain name of the
API remote host.
clientConfig
gax.ClientConfig
<optional>
Client configuration override.
Follows the structure of gapicConfig.
fallback
boolean
<optional>
Use HTTP fallback mode.
In fallback mode, a special browser-compatible transport implementation is used
instead of gRPC transport. In browser context (if the window object is defined)
the fallback mode is enabled automatically; set options.fallback to false
if you need to override this behavior.
Members
apiEndpoint
The DNS address for this API service - same as servicePath(),
exists for compatibility reasons.
port
The port for this API service.
scopes
The scopes needed to make gRPC calls for every method defined
in this service.
servicePath
The DNS address for this API service.
Methods
assetPath(organization, asset) → {string}
Return a fully-qualified asset resource name string.
Check the status of the long running operation returned by runAssetDiscovery().
Parameters:
Name
Type
Description
name
String
The operation name that will be passed.
Returns:
Type
Description
Promise
The promise which resolves to an object.
The decoded operation object has result and metadata field to get information from.
Please see the
documentation
for more details and examples.
The client will no longer be usable and all future behavior is undefined.
Returns:
Type
Description
Promise
A promise that resolves when the client is closed.
createFinding(request, optionsopt) → {Promise}
Creates a finding. The corresponding source must exist for finding creation
to succeed.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the new finding's parent. Its format should be
"organizations/[organization_id]/sources/[source_id]".
findingId
string
Required. Unique identifier provided by the client within the parent scope.
It must be alphanumeric and less than or equal to 32 characters and
greater than 0 characters in length.
The promise which resolves to an array.
The first element of the array is an object representing Finding.
Please see the
documentation
for more details and examples.
Required. Resource name of the new notification config's parent. Its format is
"organizations/[organization_id]".
configId
string
Required.
Unique identifier provided by the client within the parent scope.
It must be between 1 and 128 characters, and contains alphanumeric
characters, underscores or hyphens only.
Required. The notification config being created. The name and the service account
will be ignored as they are both output only fields on this resource.
The promise which resolves to an array.
The first element of the array is an object representing NotificationConfig.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Source.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Empty.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Policy.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing NotificationConfig.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing OrganizationSettings.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Source.
Please see the
documentation
for more details and examples.
Filters an organization's assets and groups them by their specified
properties.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to groupBy. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
update_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
update_time = "2019-06-10T16:07:18-07:00"update_time = 1560208038000
create_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
create_time = "2019-06-10T16:07:18-07:00"create_time = 1560208038000
For example, resource_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: resource_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -resource_properties.my_property : ""
groupBy
string
Required. Expression that defines what assets fields to use for grouping. The string
value should follow SQL syntax: comma separated list of fields. For
example:
"security_center_properties.resource_project,security_center_properties.project".
The following fields are supported when compare_duration is not set:
When compare_duration is set, the GroupResult's "state_change" property is
updated to indicate whether the asset was added, removed, or remained
present during the compare_duration period of time that precedes the
read_time. This is the time between (read_time - compare_duration) and
read_time.
The state change value is derived based on the presence of the asset at the
two points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state_change" values when compare_duration is specified:
"ADDED": indicates that the asset was not present at the start of
compare_duration, but present at reference_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at reference_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and reference_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all assets present at
read_time.
If this field is set then state_change must be a specified field in
group_by.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
pageToken
string
The value returned by the last GroupAssetsResponse; indicates
that this is a continuation of a prior GroupAssets call, and that the
system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of GroupResult.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using groupAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
groupAssetsAsync(request, optionsopt) → {Object}
Equivalent to groupAssets, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to groupBy. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
update_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
update_time = "2019-06-10T16:07:18-07:00"update_time = 1560208038000
create_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
create_time = "2019-06-10T16:07:18-07:00"create_time = 1560208038000
For example, resource_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: resource_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -resource_properties.my_property : ""
groupBy
string
Required. Expression that defines what assets fields to use for grouping. The string
value should follow SQL syntax: comma separated list of fields. For
example:
"security_center_properties.resource_project,security_center_properties.project".
The following fields are supported when compare_duration is not set:
When compare_duration is set, the GroupResult's "state_change" property is
updated to indicate whether the asset was added, removed, or remained
present during the compare_duration period of time that precedes the
read_time. This is the time between (read_time - compare_duration) and
read_time.
The state change value is derived based on the presence of the asset at the
two points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state_change" values when compare_duration is specified:
"ADDED": indicates that the asset was not present at the start of
compare_duration, but present at reference_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at reference_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and reference_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all assets present at
read_time.
If this field is set then state_change must be a specified field in
group_by.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
pageToken
string
The value returned by the last GroupAssetsResponse; indicates
that this is a continuation of a prior GroupAssets call, and that the
system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
GroupResult. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.groupAssetsAsync(request);
for await (const response of iterable) {
// process response
}
groupAssetsStream(request, optionsopt) → {Stream}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to groupBy. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
update_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
update_time = "2019-06-10T16:07:18-07:00"update_time = 1560208038000
create_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
create_time = "2019-06-10T16:07:18-07:00"create_time = 1560208038000
For example, resource_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: resource_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -resource_properties.my_property : ""
groupBy
string
Required. Expression that defines what assets fields to use for grouping. The string
value should follow SQL syntax: comma separated list of fields. For
example:
"security_center_properties.resource_project,security_center_properties.project".
The following fields are supported when compare_duration is not set:
When compare_duration is set, the GroupResult's "state_change" property is
updated to indicate whether the asset was added, removed, or remained
present during the compare_duration period of time that precedes the
read_time. This is the time between (read_time - compare_duration) and
read_time.
The state change value is derived based on the presence of the asset at the
two points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state_change" values when compare_duration is specified:
"ADDED": indicates that the asset was not present at the start of
compare_duration, but present at reference_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at reference_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and reference_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all assets present at
read_time.
If this field is set then state_change must be a specified field in
group_by.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
pageToken
string
The value returned by the last GroupAssetsResponse; indicates
that this is a continuation of a prior GroupAssets call, and that the
system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing GroupResult on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using groupAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
groupFindings(request, optionsopt) → {Promise}
Filters an organization or source's findings and groups them by their
specified properties.
To group across all sources provide a - as the source id.
Example: /v1/organizations/{organization_id}/sources/-/findings
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]". To groupBy across
all sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
parent: =, :
resource_name: =, :
state: =, :
category: =, :
external_uri: =, :
event_time: =, >, <, >=, <=
severity: =, :
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
event_time = "2019-06-10T16:07:18-07:00"event_time = 1560208038000
security_marks.marks: =, :
source_properties: =, :, >, <, >=, <=
For example, source_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -source_properties.my_property : ""
groupBy
string
Required. Expression that defines what assets fields to use for grouping (including
state_change). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
resource_name
category
state
parent
severity
The following fields are supported when compare_duration is set:
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
When compare_duration is set, the GroupResult's "state_change" attribute is
updated to indicate whether the finding had its state changed, the
finding's state remained unchanged, or if the finding was added during the
compare_duration period of time that precedes the read_time. This is the
time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the
finding at the two points in time. Intermediate state changes between the
two times don't affect the result. For example, the results aren't affected
if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
"CHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration, but changed its
state at read_time.
"UNCHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration and did not change
state at read_time.
"ADDED": indicates that the finding did not match the given filter or
was not present at the start of compare_duration, but was
present at read_time.
"REMOVED": indicates that the finding was present and matched the
filter at the start of compare_duration, but did not match
the filter at read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all findings present
at read_time.
If this field is set then state_change must be a specified field in
group_by.
pageToken
string
The value returned by the last GroupFindingsResponse; indicates
that this is a continuation of a prior GroupFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of GroupResult.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using groupFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
Equivalent to groupFindings, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]". To groupBy across
all sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
parent: =, :
resource_name: =, :
state: =, :
category: =, :
external_uri: =, :
event_time: =, >, <, >=, <=
severity: =, :
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
event_time = "2019-06-10T16:07:18-07:00"event_time = 1560208038000
security_marks.marks: =, :
source_properties: =, :, >, <, >=, <=
For example, source_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -source_properties.my_property : ""
groupBy
string
Required. Expression that defines what assets fields to use for grouping (including
state_change). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
resource_name
category
state
parent
severity
The following fields are supported when compare_duration is set:
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
When compare_duration is set, the GroupResult's "state_change" attribute is
updated to indicate whether the finding had its state changed, the
finding's state remained unchanged, or if the finding was added during the
compare_duration period of time that precedes the read_time. This is the
time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the
finding at the two points in time. Intermediate state changes between the
two times don't affect the result. For example, the results aren't affected
if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
"CHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration, but changed its
state at read_time.
"UNCHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration and did not change
state at read_time.
"ADDED": indicates that the finding did not match the given filter or
was not present at the start of compare_duration, but was
present at read_time.
"REMOVED": indicates that the finding was present and matched the
filter at the start of compare_duration, but did not match
the filter at read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all findings present
at read_time.
If this field is set then state_change must be a specified field in
group_by.
pageToken
string
The value returned by the last GroupFindingsResponse; indicates
that this is a continuation of a prior GroupFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
GroupResult. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.groupFindingsAsync(request);
for await (const response of iterable) {
// process response
}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]". To groupBy across
all sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
parent: =, :
resource_name: =, :
state: =, :
category: =, :
external_uri: =, :
event_time: =, >, <, >=, <=
severity: =, :
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
event_time = "2019-06-10T16:07:18-07:00"event_time = 1560208038000
security_marks.marks: =, :
source_properties: =, :, >, <, >=, <=
For example, source_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -source_properties.my_property : ""
groupBy
string
Required. Expression that defines what assets fields to use for grouping (including
state_change). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
resource_name
category
state
parent
severity
The following fields are supported when compare_duration is set:
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
When compare_duration is set, the GroupResult's "state_change" attribute is
updated to indicate whether the finding had its state changed, the
finding's state remained unchanged, or if the finding was added during the
compare_duration period of time that precedes the read_time. This is the
time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the
finding at the two points in time. Intermediate state changes between the
two times don't affect the result. For example, the results aren't affected
if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
"CHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration, but changed its
state at read_time.
"UNCHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration and did not change
state at read_time.
"ADDED": indicates that the finding did not match the given filter or
was not present at the start of compare_duration, but was
present at read_time.
"REMOVED": indicates that the finding was present and matched the
filter at the start of compare_duration, but did not match
the filter at read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all findings present
at read_time.
If this field is set then state_change must be a specified field in
group_by.
pageToken
string
The value returned by the last GroupFindingsResponse; indicates
that this is a continuation of a prior GroupFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing GroupResult on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using groupFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
initialize() → {Promise}
Initialize the client.
Performs asynchronous operations (such as authentication) and prepares the client.
This function will be called automatically when any class method is called for the
first time, but if you need to initialize it before calling an actual method,
feel free to call initialize() directly.
You can await on this method if you want to make sure the client is initialized.
Returns:
Type
Description
Promise
A promise that resolves to an authenticated service stub.
listAssets(request, optionsopt) → {Promise}
Lists an organization's assets.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization assets should belong to. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following are the allowed field and operator combinations:
name: =
update_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
update_time = "2019-06-10T16:07:18-07:00"update_time = 1560208038000
create_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
create_time = "2019-06-10T16:07:18-07:00"create_time = 1560208038000
For example, resource_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: resource_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -resource_properties.my_property : ""
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,resource_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,resource_properties.a_property" and "
name desc , resource_properties.a_property " are equivalent.
The following fields are supported:
name
update_time
resource_properties
security_marks.marks
security_center_properties.resource_name
security_center_properties.resource_display_name
security_center_properties.resource_parent
security_center_properties.resource_parent_display_name
security_center_properties.resource_project
security_center_properties.resource_project_display_name
security_center_properties.resource_type
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
When compare_duration is set, the ListAssetsResult's "state_change"
attribute is updated to indicate whether the asset was added, removed, or
remained present during the compare_duration period of time that precedes
the read_time. This is the time between (read_time - compare_duration) and
read_time.
The state_change value is derived based on the presence of the asset at the
two points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state_change" values when compare_duration is specified:
"ADDED": indicates that the asset was not present at the start of
compare_duration, but present at read_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at read_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all assets present at
read_time.
A field mask to specify the ListAssetsResult fields to be listed in the
response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListAssetsResponse; indicates
that this is a continuation of a prior ListAssets call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of ListAssetsResult.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using listAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listAssetsAsync(request, optionsopt) → {Object}
Equivalent to listAssets, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization assets should belong to. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following are the allowed field and operator combinations:
name: =
update_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
update_time = "2019-06-10T16:07:18-07:00"update_time = 1560208038000
create_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
create_time = "2019-06-10T16:07:18-07:00"create_time = 1560208038000
For example, resource_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: resource_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -resource_properties.my_property : ""
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,resource_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,resource_properties.a_property" and "
name desc , resource_properties.a_property " are equivalent.
The following fields are supported:
name
update_time
resource_properties
security_marks.marks
security_center_properties.resource_name
security_center_properties.resource_display_name
security_center_properties.resource_parent
security_center_properties.resource_parent_display_name
security_center_properties.resource_project
security_center_properties.resource_project_display_name
security_center_properties.resource_type
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
When compare_duration is set, the ListAssetsResult's "state_change"
attribute is updated to indicate whether the asset was added, removed, or
remained present during the compare_duration period of time that precedes
the read_time. This is the time between (read_time - compare_duration) and
read_time.
The state_change value is derived based on the presence of the asset at the
two points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state_change" values when compare_duration is specified:
"ADDED": indicates that the asset was not present at the start of
compare_duration, but present at read_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at read_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all assets present at
read_time.
A field mask to specify the ListAssetsResult fields to be listed in the
response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListAssetsResponse; indicates
that this is a continuation of a prior ListAssets call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
ListAssetsResult. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.listAssetsAsync(request);
for await (const response of iterable) {
// process response
}
listAssetsStream(request, optionsopt) → {Stream}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization assets should belong to. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following are the allowed field and operator combinations:
name: =
update_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
update_time = "2019-06-10T16:07:18-07:00"update_time = 1560208038000
create_time: =, >, <, >=, <=
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
create_time = "2019-06-10T16:07:18-07:00"create_time = 1560208038000
For example, resource_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: resource_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -resource_properties.my_property : ""
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,resource_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,resource_properties.a_property" and "
name desc , resource_properties.a_property " are equivalent.
The following fields are supported:
name
update_time
resource_properties
security_marks.marks
security_center_properties.resource_name
security_center_properties.resource_display_name
security_center_properties.resource_parent
security_center_properties.resource_parent_display_name
security_center_properties.resource_project
security_center_properties.resource_project_display_name
security_center_properties.resource_type
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
When compare_duration is set, the ListAssetsResult's "state_change"
attribute is updated to indicate whether the asset was added, removed, or
remained present during the compare_duration period of time that precedes
the read_time. This is the time between (read_time - compare_duration) and
read_time.
The state_change value is derived based on the presence of the asset at the
two points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state_change" values when compare_duration is specified:
"ADDED": indicates that the asset was not present at the start of
compare_duration, but present at read_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at read_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all assets present at
read_time.
A field mask to specify the ListAssetsResult fields to be listed in the
response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListAssetsResponse; indicates
that this is a continuation of a prior ListAssets call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing ListAssetsResult on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using listAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listFindings(request, optionsopt) → {Promise}
Lists an organization or source's findings.
To list across all sources provide a - as the source id.
Example: /v1/organizations/{organization_id}/sources/-/findings
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source the findings belong to. Its format is
"organizations/[organization_id]/sources/[source_id]". To list across all
sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
parent: =, :
resource_name: =, :
state: =, :
category: =, :
external_uri: =, :
event_time: =, >, <, >=, <=
severity: =, :
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
event_time = "2019-06-10T16:07:18-07:00"event_time = 1560208038000
For example, source_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -source_properties.my_property : ""
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,source_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,source_properties.a_property" and "
name desc , source_properties.a_property " are equivalent.
The following fields are supported:
name
parent
state
category
resource_name
event_time
source_properties
security_marks.marks
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
When compare_duration is set, the ListFindingsResult's "state_change"
attribute is updated to indicate whether the finding had its state changed,
the finding's state remained unchanged, or if the finding was added in any
state during the compare_duration period of time that precedes the
read_time. This is the time between (read_time - compare_duration) and
read_time.
The state_change value is derived based on the presence and state of the
finding at the two points in time. Intermediate state changes between the
two times don't affect the result. For example, the results aren't affected
if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
"CHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration, but changed its
state at read_time.
"UNCHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration and did not change
state at read_time.
"ADDED": indicates that the finding did not match the given filter or
was not present at the start of compare_duration, but was
present at read_time.
"REMOVED": indicates that the finding was present and matched the
filter at the start of compare_duration, but did not match
the filter at read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all findings present at
read_time.
A field mask to specify the Finding fields to be listed in the response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListFindingsResponse; indicates
that this is a continuation of a prior ListFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of ListFindingsResult.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using listFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listFindingsAsync(request, optionsopt) → {Object}
Equivalent to listFindings, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source the findings belong to. Its format is
"organizations/[organization_id]/sources/[source_id]". To list across all
sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
parent: =, :
resource_name: =, :
state: =, :
category: =, :
external_uri: =, :
event_time: =, >, <, >=, <=
severity: =, :
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
event_time = "2019-06-10T16:07:18-07:00"event_time = 1560208038000
For example, source_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -source_properties.my_property : ""
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,source_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,source_properties.a_property" and "
name desc , source_properties.a_property " are equivalent.
The following fields are supported:
name
parent
state
category
resource_name
event_time
source_properties
security_marks.marks
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
When compare_duration is set, the ListFindingsResult's "state_change"
attribute is updated to indicate whether the finding had its state changed,
the finding's state remained unchanged, or if the finding was added in any
state during the compare_duration period of time that precedes the
read_time. This is the time between (read_time - compare_duration) and
read_time.
The state_change value is derived based on the presence and state of the
finding at the two points in time. Intermediate state changes between the
two times don't affect the result. For example, the results aren't affected
if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
"CHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration, but changed its
state at read_time.
"UNCHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration and did not change
state at read_time.
"ADDED": indicates that the finding did not match the given filter or
was not present at the start of compare_duration, but was
present at read_time.
"REMOVED": indicates that the finding was present and matched the
filter at the start of compare_duration, but did not match
the filter at read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all findings present at
read_time.
A field mask to specify the Finding fields to be listed in the response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListFindingsResponse; indicates
that this is a continuation of a prior ListFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
ListFindingsResult. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.listFindingsAsync(request);
for await (const response of iterable) {
// process response
}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source the findings belong to. Its format is
"organizations/[organization_id]/sources/[source_id]". To list across all
sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
The following field and operator combinations are supported:
name: =
parent: =, :
resource_name: =, :
state: =, :
category: =, :
external_uri: =, :
event_time: =, >, <, >=, <=
severity: =, :
Usage: This should be milliseconds since epoch or an RFC3339 string.
Examples:
event_time = "2019-06-10T16:07:18-07:00"event_time = 1560208038000
For example, source_properties.size = 100 is a valid filter string.
Use a partial match on the empty string to filter based on a property
existing: source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a
property not existing: -source_properties.my_property : ""
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,source_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,source_properties.a_property" and "
name desc , source_properties.a_property " are equivalent.
The following fields are supported:
name
parent
state
category
resource_name
event_time
source_properties
security_marks.marks
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
When compare_duration is set, the ListFindingsResult's "state_change"
attribute is updated to indicate whether the finding had its state changed,
the finding's state remained unchanged, or if the finding was added in any
state during the compare_duration period of time that precedes the
read_time. This is the time between (read_time - compare_duration) and
read_time.
The state_change value is derived based on the presence and state of the
finding at the two points in time. Intermediate state changes between the
two times don't affect the result. For example, the results aren't affected
if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
"CHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration, but changed its
state at read_time.
"UNCHANGED": indicates that the finding was present and matched the given
filter at the start of compare_duration and did not change
state at read_time.
"ADDED": indicates that the finding did not match the given filter or
was not present at the start of compare_duration, but was
present at read_time.
"REMOVED": indicates that the finding was present and matched the
filter at the start of compare_duration, but did not match
the filter at read_time.
If compare_duration is not specified, then the only possible state_change
is "UNUSED", which will be the state_change set for all findings present at
read_time.
A field mask to specify the Finding fields to be listed in the response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListFindingsResponse; indicates
that this is a continuation of a prior ListFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing ListFindingsResult on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using listFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
Required. Name of the organization to list notification configs.
Its format is "organizations/[organization_id]".
pageToken
string
The value returned by the last ListNotificationConfigsResponse; indicates
that this is a continuation of a prior ListNotificationConfigs call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of NotificationConfig.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using listNotificationConfigsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
Equivalent to listNotificationConfigs, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to list notification configs.
Its format is "organizations/[organization_id]".
pageToken
string
The value returned by the last ListNotificationConfigsResponse; indicates
that this is a continuation of a prior ListNotificationConfigs call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
NotificationConfig. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.listNotificationConfigsAsync(request);
for await (const response of iterable) {
// process response
}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to list notification configs.
Its format is "organizations/[organization_id]".
pageToken
string
The value returned by the last ListNotificationConfigsResponse; indicates
that this is a continuation of a prior ListNotificationConfigs call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing NotificationConfig on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using listNotificationConfigsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listSources(request, optionsopt) → {Promise}
Lists all sources belonging to an organization.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the parent of sources to list. Its format should
be "organizations/[organization_id]".
pageToken
string
The value returned by the last ListSourcesResponse; indicates
that this is a continuation of a prior ListSources call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of Source.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using listSourcesAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listSourcesAsync(request, optionsopt) → {Object}
Equivalent to listSources, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the parent of sources to list. Its format should
be "organizations/[organization_id]".
pageToken
string
The value returned by the last ListSourcesResponse; indicates
that this is a continuation of a prior ListSources call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
Source. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.listSourcesAsync(request);
for await (const response of iterable) {
// process response
}
listSourcesStream(request, optionsopt) → {Stream}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the parent of sources to list. Its format should
be "organizations/[organization_id]".
pageToken
string
The value returned by the last ListSourcesResponse; indicates
that this is a continuation of a prior ListSources call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing Source on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using listSourcesAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
matchAssetFromAssetName(assetName) → {string}
Parse the asset from Asset resource.
Parameters:
Name
Type
Description
assetName
string
A fully-qualified path representing Asset resource.
Runs asset discovery. The discovery is tracked with a long-running
operation.
This API can only be called with limited frequency for an organization. If
it is called too frequently the caller will receive a TOO_MANY_REQUESTS
error.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to run asset discovery for. Its format is
"organizations/[organization_id]".
The promise which resolves to an array.
The first element of the array is an object representing
a long running operation. Its promise() method returns a promise
you can await for.
Please see the
documentation
for more details and examples.
Required. The relative resource name of the finding. See:
https://cloud.google.com/apis/design/resource_names#relative_resource_name
Example:
"organizations/{organization_id}/sources/{source_id}/finding/{finding_id}".
The promise which resolves to an array.
The first element of the array is an object representing Finding.
Please see the
documentation
for more details and examples.
REQUIRED: The complete policy to be applied to the resource. The size of
the policy is limited to a few 10s of KB. An empty policy is a
valid policy but certain Cloud Platform services (such as Projects)
might reject them.
The promise which resolves to an array.
The first element of the array is an object representing Policy.
Please see the
documentation
for more details and examples.
Returns the permissions that a caller has on the specified source.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
resource
string
REQUIRED: The resource for which the policy detail is being requested.
See the operation documentation for the appropriate value for this field.
permissions
Array.<string>
The set of permissions to check for the resource. Permissions with
wildcards (such as '' or 'storage.') are not allowed. For more
information see
IAM Overview.
The promise which resolves to an array.
The first element of the array is an object representing TestIamPermissionsResponse.
Please see the
documentation
for more details and examples.
Required. The finding resource to update or create if it does not already exist.
parent, security_marks, and update_time will be ignored.
In the case of creation, the finding id portion of the name must be
alphanumeric and less than or equal to 32 characters and greater than 0
characters in length.
The FieldMask to use when updating the finding resource. This field should
not be specified when creating a finding.
When updating a finding, an empty mask is treated as updating all mutable
fields and replacing source_properties. Individual source_properties can
be added/updated by using "source_properties." in the field
mask.
The promise which resolves to an array.
The first element of the array is an object representing Finding.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing NotificationConfig.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing OrganizationSettings.
Please see the
documentation
for more details and examples.
The FieldMask to use when updating the security marks resource.
The field mask must not contain duplicate fields.
If empty or set to "marks", all marks will be replaced. Individual
marks can be updated using "marks.<mark_key>".
The time at which the updated SecurityMarks take effect.
If not set uses current server time. Updates will be applied to the
SecurityMarks that are active immediately preceding this time.
The promise which resolves to an array.
The first element of the array is an object representing SecurityMarks.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Source.
Please see the
documentation
for more details and examples.