SecurityCenterClient - Documentation

Constructor

new SecurityCenterClient(optionsopt)

Construct an instance of SecurityCenterClient.

Parameters:

Name Type Attributes Description

options

object

The configuration object. The options accepted by the constructor are described in detail in this document. The common options are:

Properties

Name Type Attributes Description

credentials

object

Credentials object.

Properties

Name	Type	Attributes	Description
`client_email`	string	<optional>
`private_key`	string	<optional>

email

string

Account email address. Required when using a .pem or .p12 keyFilename.

keyFilename

string

Full path to the a .json, .pem, or .p12 key downloaded from the Google Developers Console. If you provide a path to a JSON file, the projectId option below is not necessary. NOTE: .pem and .p12 require you to specify options.email as well.

port

number

The port on which to connect to the remote host.

projectId

string

The project ID from the Google Developer's Console, e.g. 'grape-spaceship-123'. We will also check the environment variable GCLOUD_PROJECT for your project ID. If your app is running in an environment which supports Application Default Credentials, your project ID will be detected automatically.

apiEndpoint

string

The domain name of the API remote host.

clientConfig

gax.ClientConfig

Client configuration override. Follows the structure of gapicConfig.

fallback

boolean

Use HTTP fallback mode. In fallback mode, a special browser-compatible transport implementation is used instead of gRPC transport. In browser context (if the window object is defined) the fallback mode is enabled automatically; set options.fallback to false if you need to override this behavior.

Members

apiEndpoint

The DNS address for this API service - same as servicePath(), exists for compatibility reasons.

port

The port for this API service.

scopes

The scopes needed to make gRPC calls for every method defined in this service.

servicePath

The DNS address for this API service.

Methods

assetPath(organization, asset) → {string}

Return a fully-qualified asset resource name string.

Parameters:

Name	Type	Description
`organization`	string
`asset`	string

Returns:

Type	Description
string	Resource name string.

(async) checkRunAssetDiscoveryProgress(name) → {Promise}

Check the status of the long running operation returned by runAssetDiscovery().

Parameters:

Name	Type	Description
`name`	String	The operation name that will be passed.

Returns:

Type	Description
Promise	The promise which resolves to an object. The decoded operation object has result and metadata field to get information from. Please see the documentation for more details and examples.

Example

const decodedOperation = await checkRunAssetDiscoveryProgress(name);
console.log(decodedOperation.result);
console.log(decodedOperation.done);
console.log(decodedOperation.metadata);

close() → {Promise}

Terminate the gRPC channel and close the client.

The client will no longer be usable and all future behavior is undefined.

Returns:

Type	Description
Promise	A promise that resolves when the client is closed.

createFinding(request, optionsopt) → {Promise}

Creates a finding. The corresponding source must exist for finding creation to succeed.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Resource name of the new finding's parent. Its format should be "organizations/[organization_id]/sources/[source_id]".
`findingId`	string	Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.
`finding`	google.cloud.securitycenter.v1beta1.Finding	Required. The Finding being created. The name and security_marks will be ignored as they are both output only fields on this resource.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Finding. Please see the documentation for more details and examples.

Example

const [response] = await client.createFinding(request);

createSource(request, optionsopt) → {Promise}

Creates a source.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Resource name of the new source's parent. Its format should be "organizations/[organization_id]".
`source`	google.cloud.securitycenter.v1beta1.Source	Required. The Source being created, only the display_name and description will be used. All other fields will be ignored.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Source. Please see the documentation for more details and examples.

Example

const [response] = await client.createSource(request);

findingPath(organization, source, finding) → {string}

Return a fully-qualified finding resource name string.

Parameters:

Name	Type	Description
`organization`	string
`source`	string
`finding`	string

Returns:

Type	Description
string	Resource name string.

getIamPolicy(request, optionsopt) → {Promise}

Gets the access control policy on the specified Source.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`resource`	string	REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
`options`	google.iam.v1.GetPolicyOptions	OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`. This field is only used by Cloud IAM.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Policy. Please see the documentation for more details and examples.

Example

const [response] = await client.getIamPolicy(request);

getOrganizationSettings(request, optionsopt) → {Promise}

Gets the settings for an organization.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`name`	string	Required. Name of the organization to get organization settings for. Its format is "organizations/[organization_id]/organizationSettings".

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing OrganizationSettings. Please see the documentation for more details and examples.

Example

const [response] = await client.getOrganizationSettings(request);

getProjectId() → {Promise}

Return the project ID used by this class.

Returns:

Type	Description
Promise	A promise that resolves to string containing the project ID.

getSource(request, optionsopt) → {Promise}

Gets a source.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`name`	string	Required. Relative resource name of the source. Its format is "organizations/[organization_id]/source/[source_id]".

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Source. Please see the documentation for more details and examples.

Example

const [response] = await client.getSource(request);

groupAssets(request, optionsopt) → {Promise}

Filters an organization's assets and groups them by their specified properties.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Name of the organization to groupBy. Its format is "organizations/[organization_id]".
`filter`	string	Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: name security_center_properties.resource_name resource_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `resource_properties.size = 100` is a valid filter string.
`groupBy`	string	Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project". The following fields are supported when compare_duration is not set: security_center_properties.resource_project security_center_properties.resource_type security_center_properties.resource_parent The following fields are supported when compare_duration is set: security_center_properties.resource_type
`compareDuration`	google.protobuf.Duration	When compare_duration is set, the Asset's "state" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state" values when compare_duration is specified: "ADDED": indicates that the asset was not present before compare_duration, but present at reference_time. "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time. "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. This field is ignored if `state` is not a field in `group_by`.
`readTime`	google.protobuf.Timestamp	Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`pageToken`	string	The value returned by the last `GroupAssetsResponse`; indicates that this is a continuation of a prior `GroupAssets` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type Description

Type	Description
Promise	The promise which resolves to an array. The first element of the array is Array of GroupResult. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using `groupAssetsAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

Promise

The promise which resolves to an array. The first element of the array is Array of GroupResult. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using groupAssetsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

groupAssetsAsync(request, optionsopt) → {Object}

Equivalent to groupAssets, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Name of the organization to groupBy. Its format is "organizations/[organization_id]".
`filter`	string	Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: name security_center_properties.resource_name resource_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `resource_properties.size = 100` is a valid filter string.
`groupBy`	string	Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project". The following fields are supported when compare_duration is not set: security_center_properties.resource_project security_center_properties.resource_type security_center_properties.resource_parent The following fields are supported when compare_duration is set: security_center_properties.resource_type
`compareDuration`	google.protobuf.Duration	When compare_duration is set, the Asset's "state" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state" values when compare_duration is specified: "ADDED": indicates that the asset was not present before compare_duration, but present at reference_time. "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time. "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. This field is ignored if `state` is not a field in `group_by`.
`readTime`	google.protobuf.Timestamp	Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`pageToken`	string	The value returned by the last `GroupAssetsResponse`; indicates that this is a continuation of a prior `GroupAssets` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Object	An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing GroupResult. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.

Example

const iterable = client.groupAssetsAsync(request);
for await (const response of iterable) {
  // process response
}

groupAssetsStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Name of the organization to groupBy. Its format is "organizations/[organization_id]".
`filter`	string	Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: name security_center_properties.resource_name resource_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `resource_properties.size = 100` is a valid filter string.
`groupBy`	string	Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project". The following fields are supported when compare_duration is not set: security_center_properties.resource_project security_center_properties.resource_type security_center_properties.resource_parent The following fields are supported when compare_duration is set: security_center_properties.resource_type
`compareDuration`	google.protobuf.Duration	When compare_duration is set, the Asset's "state" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state" values when compare_duration is specified: "ADDED": indicates that the asset was not present before compare_duration, but present at reference_time. "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time. "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. This field is ignored if `state` is not a field in `group_by`.
`readTime`	google.protobuf.Timestamp	Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`pageToken`	string	The value returned by the last `GroupAssetsResponse`; indicates that this is a continuation of a prior `GroupAssets` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Stream	An object stream which emits an object representing GroupResult on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using `groupAssetsAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

groupFindings(request, optionsopt) → {Promise}

Filters an organization or source's findings and groups them by their specified properties.

To group across all sources provide a - as the source id. Example: /v1beta1/organizations/{organization_id}/sources/-/findings

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of `-`. For example: organizations/{organization_id}/sources/-
`filter`	string	Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: name source_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `source_properties.size = 100` is a valid filter string.
`groupBy`	string	Required. Expression that defines what assets fields to use for grouping (including `state`). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name". The following fields are supported: resource_name category state parent
`readTime`	google.protobuf.Timestamp	Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`pageToken`	string	The value returned by the last `GroupFindingsResponse`; indicates that this is a continuation of a prior `GroupFindings` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type Description

Type	Description
Promise	The promise which resolves to an array. The first element of the array is Array of GroupResult. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using `groupFindingsAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

Promise

The promise which resolves to an array. The first element of the array is Array of GroupResult. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using groupFindingsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

groupFindingsAsync(request, optionsopt) → {Object}

Equivalent to groupFindings, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of `-`. For example: organizations/{organization_id}/sources/-
`filter`	string	Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: name source_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `source_properties.size = 100` is a valid filter string.
`groupBy`	string	Required. Expression that defines what assets fields to use for grouping (including `state`). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name". The following fields are supported: resource_name category state parent
`readTime`	google.protobuf.Timestamp	Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`pageToken`	string	The value returned by the last `GroupFindingsResponse`; indicates that this is a continuation of a prior `GroupFindings` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Object	An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing GroupResult. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.

Example

const iterable = client.groupFindingsAsync(request);
for await (const response of iterable) {
  // process response
}

groupFindingsStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of `-`. For example: organizations/{organization_id}/sources/-
`filter`	string	Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: name source_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `source_properties.size = 100` is a valid filter string.
`groupBy`	string	Required. Expression that defines what assets fields to use for grouping (including `state`). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name". The following fields are supported: resource_name category state parent
`readTime`	google.protobuf.Timestamp	Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`pageToken`	string	The value returned by the last `GroupFindingsResponse`; indicates that this is a continuation of a prior `GroupFindings` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Stream	An object stream which emits an object representing GroupResult on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using `groupFindingsAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

initialize() → {Promise}

Initialize the client. Performs asynchronous operations (such as authentication) and prepares the client. This function will be called automatically when any class method is called for the first time, but if you need to initialize it before calling an actual method, feel free to call initialize() directly.

You can await on this method if you want to make sure the client is initialized.

Returns:

Type	Description
Promise	A promise that resolves to an authenticated service stub.

listAssets(request, optionsopt) → {Promise}

Lists an organization's assets.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Attributes	Description
`parent`	string		Required. Name of the organization assets should belong to. Its format is "organizations/[organization_id]".
`filter`	string		Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: name security_center_properties.resource_name resource_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `resource_properties.size = 100` is a valid filter string.
`orderBy`	string		Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent.
`readTime`	google.protobuf.Timestamp		Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`compareDuration`	google.protobuf.Duration		When compare_duration is set, the ListAssetResult's "state" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state" values when compare_duration is specified: "ADDED": indicates that the asset was not present before compare_duration, but present at read_time. "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state is "UNUSED", which indicates that the asset is present at read_time.
`fieldMask`	google.protobuf.FieldMask	<optional>	Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.
`pageToken`	string		The value returned by the last `ListAssetsResponse`; indicates that this is a continuation of a prior `ListAssets` call, and that the system should return the next page of data.
`pageSize`	number		The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type Description

Type	Description
Promise	The promise which resolves to an array. The first element of the array is Array of ListAssetsResult. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using `listAssetsAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

Promise

The promise which resolves to an array. The first element of the array is Array of ListAssetsResult. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using listAssetsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listAssetsAsync(request, optionsopt) → {Object}

Equivalent to listAssets, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Attributes	Description
`parent`	string		Required. Name of the organization assets should belong to. Its format is "organizations/[organization_id]".
`filter`	string		Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: name security_center_properties.resource_name resource_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `resource_properties.size = 100` is a valid filter string.
`orderBy`	string		Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent.
`readTime`	google.protobuf.Timestamp		Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`compareDuration`	google.protobuf.Duration		When compare_duration is set, the ListAssetResult's "state" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state" values when compare_duration is specified: "ADDED": indicates that the asset was not present before compare_duration, but present at read_time. "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state is "UNUSED", which indicates that the asset is present at read_time.
`fieldMask`	google.protobuf.FieldMask	<optional>	Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.
`pageToken`	string		The value returned by the last `ListAssetsResponse`; indicates that this is a continuation of a prior `ListAssets` call, and that the system should return the next page of data.
`pageSize`	number		The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Object	An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing ListAssetsResult. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.

Example

const iterable = client.listAssetsAsync(request);
for await (const response of iterable) {
  // process response
}

listAssetsStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Attributes	Description
`parent`	string		Required. Name of the organization assets should belong to. Its format is "organizations/[organization_id]".
`filter`	string		Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: name security_center_properties.resource_name resource_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `resource_properties.size = 100` is a valid filter string.
`orderBy`	string		Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent.
`readTime`	google.protobuf.Timestamp		Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`compareDuration`	google.protobuf.Duration		When compare_duration is set, the ListAssetResult's "state" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state" values when compare_duration is specified: "ADDED": indicates that the asset was not present before compare_duration, but present at read_time. "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state is "UNUSED", which indicates that the asset is present at read_time.
`fieldMask`	google.protobuf.FieldMask	<optional>	Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.
`pageToken`	string		The value returned by the last `ListAssetsResponse`; indicates that this is a continuation of a prior `ListAssets` call, and that the system should return the next page of data.
`pageSize`	number		The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Stream	An object stream which emits an object representing ListAssetsResult on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using `listAssetsAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listFindings(request, optionsopt) → {Promise}

Lists an organization or source's findings.

To list across all sources provide a - as the source id. Example: /v1beta1/organizations/{organization_id}/sources/-/findings

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Attributes	Description
`parent`	string		Required. Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of `-`. For example: organizations/{organization_id}/sources/-
`filter`	string		Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: name source_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `source_properties.size = 100` is a valid filter string.
`orderBy`	string		Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent.
`readTime`	google.protobuf.Timestamp		Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`fieldMask`	google.protobuf.FieldMask	<optional>	Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.
`pageToken`	string		The value returned by the last `ListFindingsResponse`; indicates that this is a continuation of a prior `ListFindings` call, and that the system should return the next page of data.
`pageSize`	number		The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type Description

Promise

The promise which resolves to an array. The first element of the array is Array of Finding. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using listFindingsAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listFindingsAsync(request, optionsopt) → {Object}

Equivalent to listFindings, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Attributes	Description
`parent`	string		Required. Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of `-`. For example: organizations/{organization_id}/sources/-
`filter`	string		Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: name source_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `source_properties.size = 100` is a valid filter string.
`orderBy`	string		Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent.
`readTime`	google.protobuf.Timestamp		Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`fieldMask`	google.protobuf.FieldMask	<optional>	Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.
`pageToken`	string		The value returned by the last `ListFindingsResponse`; indicates that this is a continuation of a prior `ListFindings` call, and that the system should return the next page of data.
`pageSize`	number		The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Object	An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing Finding. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.

Example

const iterable = client.listFindingsAsync(request);
for await (const response of iterable) {
  // process response
}

listFindingsStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Attributes	Description
`parent`	string		Required. Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of `-`. For example: organizations/{organization_id}/sources/-
`filter`	string		Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are not supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: name source_properties.a_property security_marks.marks.marka The supported operators are: `=` for all value types. `>`, `<`, `>=`, `<=` for integer values. `:`, meaning substring matching, for strings. The supported value types are: string literals in quotes. integer literals without quotes. boolean literals `true` and `false` without quotes. For example, `source_properties.size = 100` is a valid filter string.
`orderBy`	string		Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent.
`readTime`	google.protobuf.Timestamp		Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
`fieldMask`	google.protobuf.FieldMask	<optional>	Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.
`pageToken`	string		The value returned by the last `ListFindingsResponse`; indicates that this is a continuation of a prior `ListFindings` call, and that the system should return the next page of data.
`pageSize`	number		The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Stream	An object stream which emits an object representing Finding on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using `listFindingsAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listSources(request, optionsopt) → {Promise}

Lists all sources belonging to an organization.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".
`pageToken`	string	The value returned by the last `ListSourcesResponse`; indicates that this is a continuation of a prior `ListSources` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type Description

Promise

The promise which resolves to an array. The first element of the array is Array of Source. The client library will perform auto-pagination by default: it will call the API as many times as needed and will merge results from all the pages into this array. Note that it can affect your quota. We recommend using listSourcesAsync() method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

listSourcesAsync(request, optionsopt) → {Object}

Equivalent to listSources, but returns an iterable object.

for-await-of syntax is used with the iterable to get response elements on-demand.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".
`pageToken`	string	The value returned by the last `ListSourcesResponse`; indicates that this is a continuation of a prior `ListSources` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Object	An iterable Object that allows async iteration. When you iterate the returned iterable, each element will be an object representing Source. The API will be called under the hood as needed, once per the page, so you can stop the iteration when you don't need more results. Please see the documentation for more details and examples.

Example

const iterable = client.listSourcesAsync(request);
for await (const response of iterable) {
  // process response
}

listSourcesStream(request, optionsopt) → {Stream}

Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".
`pageToken`	string	The value returned by the last `ListSourcesResponse`; indicates that this is a continuation of a prior `ListSources` call, and that the system should return the next page of data.
`pageSize`	number	The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Stream	An object stream which emits an object representing Source on 'data' event. The client library will perform auto-pagination by default: it will call the API as many times as needed. Note that it can affect your quota. We recommend using `listSourcesAsync()` method described below for async iteration which you can stop as needed. Please see the documentation for more details and examples.

matchAssetFromAssetName(assetName) → {string}

Parse the asset from Asset resource.

Parameters:

Name	Type	Description
`assetName`	string	A fully-qualified path representing Asset resource.

Returns:

Type	Description
string	A string representing the asset.

matchAssetFromOrganizationAssetSecurityMarksName(organizationAssetSecurityMarksName) → {string}

Parse the asset from OrganizationAssetSecurityMarks resource.

Parameters:

Name	Type	Description
`organizationAssetSecurityMarksName`	string	A fully-qualified path representing organization_asset_securityMarks resource.

Returns:

Type	Description
string	A string representing the asset.

matchFindingFromFindingName(findingName) → {string}

Parse the finding from Finding resource.

Parameters:

Name	Type	Description
`findingName`	string	A fully-qualified path representing Finding resource.

Returns:

Type	Description
string	A string representing the finding.

matchFindingFromOrganizationSourceFindingSecurityMarksName(organizationSourceFindingSecurityMarksName) → {string}

Parse the finding from OrganizationSourceFindingSecurityMarks resource.

Parameters:

Name	Type	Description
`organizationSourceFindingSecurityMarksName`	string	A fully-qualified path representing organization_source_finding_securityMarks resource.

Returns:

Type	Description
string	A string representing the finding.

matchOrganizationFromAssetName(assetName) → {string}

Parse the organization from Asset resource.

Parameters:

Name	Type	Description
`assetName`	string	A fully-qualified path representing Asset resource.

Returns:

Type	Description
string	A string representing the organization.

matchOrganizationFromFindingName(findingName) → {string}

Parse the organization from Finding resource.

Parameters:

Name	Type	Description
`findingName`	string	A fully-qualified path representing Finding resource.

Returns:

Type	Description
string	A string representing the organization.

matchOrganizationFromOrganizationAssetSecurityMarksName(organizationAssetSecurityMarksName) → {string}

Parse the organization from OrganizationAssetSecurityMarks resource.

Parameters:

Name	Type	Description
`organizationAssetSecurityMarksName`	string	A fully-qualified path representing organization_asset_securityMarks resource.

Returns:

Type	Description
string	A string representing the organization.

matchOrganizationFromOrganizationName(organizationName) → {string}

Parse the organization from Organization resource.

Parameters:

Name	Type	Description
`organizationName`	string	A fully-qualified path representing Organization resource.

Returns:

Type	Description
string	A string representing the organization.

matchOrganizationFromOrganizationSettingsName(organizationSettingsName) → {string}

Parse the organization from OrganizationSettings resource.

Parameters:

Name	Type	Description
`organizationSettingsName`	string	A fully-qualified path representing OrganizationSettings resource.

Returns:

Type	Description
string	A string representing the organization.

matchOrganizationFromOrganizationSourceFindingSecurityMarksName(organizationSourceFindingSecurityMarksName) → {string}

Parse the organization from OrganizationSourceFindingSecurityMarks resource.

Parameters:

Name	Type	Description
`organizationSourceFindingSecurityMarksName`	string	A fully-qualified path representing organization_source_finding_securityMarks resource.

Returns:

Type	Description
string	A string representing the organization.

matchOrganizationFromSourceName(sourceName) → {string}

Parse the organization from Source resource.

Parameters:

Name	Type	Description
`sourceName`	string	A fully-qualified path representing Source resource.

Returns:

Type	Description
string	A string representing the organization.

matchSourceFromFindingName(findingName) → {string}

Parse the source from Finding resource.

Parameters:

Name	Type	Description
`findingName`	string	A fully-qualified path representing Finding resource.

Returns:

Type	Description
string	A string representing the source.

matchSourceFromOrganizationSourceFindingSecurityMarksName(organizationSourceFindingSecurityMarksName) → {string}

Parse the source from OrganizationSourceFindingSecurityMarks resource.

Parameters:

Name	Type	Description
`organizationSourceFindingSecurityMarksName`	string	A fully-qualified path representing organization_source_finding_securityMarks resource.

Returns:

Type	Description
string	A string representing the source.

matchSourceFromSourceName(sourceName) → {string}

Parse the source from Source resource.

Parameters:

Name	Type	Description
`sourceName`	string	A fully-qualified path representing Source resource.

Returns:

Type	Description
string	A string representing the source.

organizationAssetSecurityMarksPath(organization, asset) → {string}

Return a fully-qualified organizationAssetSecurityMarks resource name string.

Parameters:

Name	Type	Description
`organization`	string
`asset`	string

Returns:

Type	Description
string	Resource name string.

organizationPath(organization) → {string}

Return a fully-qualified organization resource name string.

Parameters:

Name	Type	Description
`organization`	string

Returns:

Type	Description
string	Resource name string.

organizationSettingsPath(organization) → {string}

Return a fully-qualified organizationSettings resource name string.

Parameters:

Name	Type	Description
`organization`	string

Returns:

Type	Description
string	Resource name string.

organizationSourceFindingSecurityMarksPath(organization, source, finding) → {string}

Return a fully-qualified organizationSourceFindingSecurityMarks resource name string.

Parameters:

Name	Type	Description
`organization`	string
`source`	string
`finding`	string

Returns:

Type	Description
string	Resource name string.

runAssetDiscovery(request, optionsopt) → {Promise}

Runs asset discovery. The discovery is tracked with a long-running operation.

This API can only be called with limited frequency for an organization. If it is called too frequently the caller will receive a TOO_MANY_REQUESTS error.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`parent`	string	Required. Name of the organization to run asset discovery for. Its format is "organizations/[organization_id]".

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing a long running operation. Its `promise()` method returns a promise you can `await` for. Please see the documentation for more details and examples.

Example

const [operation] = await client.runAssetDiscovery(request);
const [response] = await operation.promise();

setFindingState(request, optionsopt) → {Promise}

Updates the state of a finding.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`name`	string	Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}".
`state`	google.cloud.securitycenter.v1beta1.Finding.State	Required. The desired State of the finding.
`startTime`	google.protobuf.Timestamp	Required. The time at which the updated state takes effect.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Finding. Please see the documentation for more details and examples.

Example

const [response] = await client.setFindingState(request);

setIamPolicy(request, optionsopt) → {Promise}

Sets the access control policy on the specified Source.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`resource`	string	REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
`policy`	google.iam.v1.Policy	REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Policy. Please see the documentation for more details and examples.

Example

const [response] = await client.setIamPolicy(request);

sourcePath(organization, source) → {string}

Return a fully-qualified source resource name string.

Parameters:

Name	Type	Description
`organization`	string
`source`	string

Returns:

Type	Description
string	Resource name string.

testIamPermissions(request, optionsopt) → {Promise}

Returns the permissions that a caller has on the specified source.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`resource`	string	REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
`permissions`	Array.<string>	The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing TestIamPermissionsResponse. Please see the documentation for more details and examples.

Example

const [response] = await client.testIamPermissions(request);

updateFinding(request, optionsopt) → {Promise}

Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name Type Description

finding

google.cloud.securitycenter.v1beta1.Finding

Required. The finding resource to update or create if it does not already exist. parent, security_marks, and update_time will be ignored.

In the case of creation, the finding id portion of the name must alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

updateMask

google.protobuf.FieldMask

The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Finding. Please see the documentation for more details and examples.

Example

const [response] = await client.updateFinding(request);

updateOrganizationSettings(request, optionsopt) → {Promise}

Updates an organization's settings.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`organizationSettings`	google.cloud.securitycenter.v1beta1.OrganizationSettings	Required. The organization settings resource to update.
`updateMask`	google.protobuf.FieldMask	The FieldMask to use when updating the settings resource.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing OrganizationSettings. Please see the documentation for more details and examples.

Example

const [response] = await client.updateOrganizationSettings(request);

updateSecurityMarks(request, optionsopt) → {Promise}

Updates security marks.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`securityMarks`	google.cloud.securitycenter.v1beta1.SecurityMarks	Required. The security marks resource to update.
`updateMask`	google.protobuf.FieldMask	The FieldMask to use when updating the security marks resource.
`startTime`	google.protobuf.Timestamp	The time at which the updated SecurityMarks take effect.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing SecurityMarks. Please see the documentation for more details and examples.

Example

const [response] = await client.updateSecurityMarks(request);

updateSource(request, optionsopt) → {Promise}

Updates a source.

Parameters:

Name Type Attributes Description

request

Object

The request object that will be sent.

Properties

Name	Type	Description
`source`	google.cloud.securitycenter.v1beta1.Source	Required. The source resource to update.
`updateMask`	google.protobuf.FieldMask	The FieldMask to use when updating the source resource.

options

object

Call options. See CallOptions for more details.

Returns:

Type	Description
Promise	The promise which resolves to an array. The first element of the array is an object representing Source. Please see the documentation for more details and examples.

Example

const [response] = await client.updateSource(request);