The configuration object.
The options accepted by the constructor are described in detail
in this document.
The common options are:
Properties
Name
Type
Attributes
Description
credentials
object
<optional>
Credentials object.
Properties
Name
Type
Attributes
Description
client_email
string
<optional>
private_key
string
<optional>
email
string
<optional>
Account email address. Required when
using a .pem or .p12 keyFilename.
keyFilename
string
<optional>
Full path to the a .json, .pem, or
.p12 key downloaded from the Google Developers Console. If you provide
a path to a JSON file, the projectId option below is not necessary.
NOTE: .pem and .p12 require you to specify options.email as well.
port
number
<optional>
The port on which to connect to
the remote host.
projectId
string
<optional>
The project ID from the Google
Developer's Console, e.g. 'grape-spaceship-123'. We will also check
the environment variable GCLOUD_PROJECT for your project ID. If your
app is running in an environment which supports
Application Default Credentials,
your project ID will be detected automatically.
apiEndpoint
string
<optional>
The domain name of the
API remote host.
clientConfig
gax.ClientConfig
<optional>
Client configuration override.
Follows the structure of gapicConfig.
fallback
boolean
<optional>
Use HTTP fallback mode.
In fallback mode, a special browser-compatible transport implementation is used
instead of gRPC transport. In browser context (if the window object is defined)
the fallback mode is enabled automatically; set options.fallback to false
if you need to override this behavior.
Members
apiEndpoint
The DNS address for this API service - same as servicePath(),
exists for compatibility reasons.
port
The port for this API service.
scopes
The scopes needed to make gRPC calls for every method defined
in this service.
servicePath
The DNS address for this API service.
Methods
assetPath(organization, asset) → {string}
Return a fully-qualified asset resource name string.
Check the status of the long running operation returned by runAssetDiscovery().
Parameters:
Name
Type
Description
name
String
The operation name that will be passed.
Returns:
Type
Description
Promise
The promise which resolves to an object.
The decoded operation object has result and metadata field to get information from.
Please see the
documentation
for more details and examples.
The client will no longer be usable and all future behavior is undefined.
Returns:
Type
Description
Promise
A promise that resolves when the client is closed.
createFinding(request, optionsopt) → {Promise}
Creates a finding. The corresponding source must exist for finding creation
to succeed.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the new finding's parent. Its format should be
"organizations/[organization_id]/sources/[source_id]".
findingId
string
Required. Unique identifier provided by the client within the parent scope.
It must be alphanumeric and less than or equal to 32 characters and
greater than 0 characters in length.
The promise which resolves to an array.
The first element of the array is an object representing Finding.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Source.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Policy.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing OrganizationSettings.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Source.
Please see the
documentation
for more details and examples.
Filters an organization's assets and groups them by their specified
properties.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to groupBy. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, resource_properties.size = 100 is a valid filter string.
groupBy
string
Required. Expression that defines what assets fields to use for grouping. The string
value should follow SQL syntax: comma separated list of fields. For
example:
"security_center_properties.resource_project,security_center_properties.project".
The following fields are supported when compare_duration is not set:
security_center_properties.resource_project
security_center_properties.resource_type
security_center_properties.resource_parent
The following fields are supported when compare_duration is set:
When compare_duration is set, the Asset's "state" property is updated to
indicate whether the asset was added, removed, or remained present during
the compare_duration period of time that precedes the read_time. This is
the time between (read_time - compare_duration) and read_time.
The state value is derived based on the presence of the asset at the two
points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state" values when compare_duration is specified:
"ADDED": indicates that the asset was not present before
compare_duration, but present at reference_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at reference_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and reference_time.
This field is ignored if state is not a field in group_by.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
pageToken
string
The value returned by the last GroupAssetsResponse; indicates
that this is a continuation of a prior GroupAssets call, and that the
system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of GroupResult.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using groupAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
groupAssetsAsync(request, optionsopt) → {Object}
Equivalent to groupAssets, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to groupBy. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, resource_properties.size = 100 is a valid filter string.
groupBy
string
Required. Expression that defines what assets fields to use for grouping. The string
value should follow SQL syntax: comma separated list of fields. For
example:
"security_center_properties.resource_project,security_center_properties.project".
The following fields are supported when compare_duration is not set:
security_center_properties.resource_project
security_center_properties.resource_type
security_center_properties.resource_parent
The following fields are supported when compare_duration is set:
When compare_duration is set, the Asset's "state" property is updated to
indicate whether the asset was added, removed, or remained present during
the compare_duration period of time that precedes the read_time. This is
the time between (read_time - compare_duration) and read_time.
The state value is derived based on the presence of the asset at the two
points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state" values when compare_duration is specified:
"ADDED": indicates that the asset was not present before
compare_duration, but present at reference_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at reference_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and reference_time.
This field is ignored if state is not a field in group_by.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
pageToken
string
The value returned by the last GroupAssetsResponse; indicates
that this is a continuation of a prior GroupAssets call, and that the
system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
GroupResult. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.groupAssetsAsync(request);
for await (const response of iterable) {
// process response
}
groupAssetsStream(request, optionsopt) → {Stream}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to groupBy. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, resource_properties.size = 100 is a valid filter string.
groupBy
string
Required. Expression that defines what assets fields to use for grouping. The string
value should follow SQL syntax: comma separated list of fields. For
example:
"security_center_properties.resource_project,security_center_properties.project".
The following fields are supported when compare_duration is not set:
security_center_properties.resource_project
security_center_properties.resource_type
security_center_properties.resource_parent
The following fields are supported when compare_duration is set:
When compare_duration is set, the Asset's "state" property is updated to
indicate whether the asset was added, removed, or remained present during
the compare_duration period of time that precedes the read_time. This is
the time between (read_time - compare_duration) and read_time.
The state value is derived based on the presence of the asset at the two
points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state" values when compare_duration is specified:
"ADDED": indicates that the asset was not present before
compare_duration, but present at reference_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at reference_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and reference_time.
This field is ignored if state is not a field in group_by.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
pageToken
string
The value returned by the last GroupAssetsResponse; indicates
that this is a continuation of a prior GroupAssets call, and that the
system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing GroupResult on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using groupAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
groupFindings(request, optionsopt) → {Promise}
Filters an organization or source's findings and groups them by their
specified properties.
To group across all sources provide a - as the source id.
Example: /v1beta1/organizations/{organization_id}/sources/-/findings
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]". To groupBy across
all sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, source_properties.size = 100 is a valid filter string.
groupBy
string
Required. Expression that defines what assets fields to use for grouping (including
state). The string value should follow SQL syntax: comma separated list
of fields. For example:
"parent,resource_name".
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
pageToken
string
The value returned by the last GroupFindingsResponse; indicates
that this is a continuation of a prior GroupFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of GroupResult.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using groupFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
Equivalent to groupFindings, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]". To groupBy across
all sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, source_properties.size = 100 is a valid filter string.
groupBy
string
Required. Expression that defines what assets fields to use for grouping (including
state). The string value should follow SQL syntax: comma separated list
of fields. For example:
"parent,resource_name".
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
pageToken
string
The value returned by the last GroupFindingsResponse; indicates
that this is a continuation of a prior GroupFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
GroupResult. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.groupFindingsAsync(request);
for await (const response of iterable) {
// process response
}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]". To groupBy across
all sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, source_properties.size = 100 is a valid filter string.
groupBy
string
Required. Expression that defines what assets fields to use for grouping (including
state). The string value should follow SQL syntax: comma separated list
of fields. For example:
"parent,resource_name".
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
pageToken
string
The value returned by the last GroupFindingsResponse; indicates
that this is a continuation of a prior GroupFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing GroupResult on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using groupFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
initialize() → {Promise}
Initialize the client.
Performs asynchronous operations (such as authentication) and prepares the client.
This function will be called automatically when any class method is called for the
first time, but if you need to initialize it before calling an actual method,
feel free to call initialize() directly.
You can await on this method if you want to make sure the client is initialized.
Returns:
Type
Description
Promise
A promise that resolves to an authenticated service stub.
listAssets(request, optionsopt) → {Promise}
Lists an organization's assets.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
parent
string
Required. Name of the organization assets should belong to. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, resource_properties.size = 100 is a valid filter string.
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,resource_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,resource_properties.a_property" and "
name desc , resource_properties.a_property " are equivalent.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
When compare_duration is set, the ListAssetResult's "state" attribute is
updated to indicate whether the asset was added, removed, or remained
present during the compare_duration period of time that precedes the
read_time. This is the time between (read_time -
compare_duration) and read_time.
The state value is derived based on the presence of the asset at the two
points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state" values when compare_duration is specified:
"ADDED": indicates that the asset was not present before
compare_duration, but present at read_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at read_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and read_time.
If compare_duration is not specified, then the only possible state is
"UNUSED", which indicates that the asset is present at read_time.
Optional. A field mask to specify the ListAssetsResult fields to be listed in the
response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListAssetsResponse; indicates
that this is a continuation of a prior ListAssets call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of ListAssetsResult.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using listAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listAssetsAsync(request, optionsopt) → {Object}
Equivalent to listAssets, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
parent
string
Required. Name of the organization assets should belong to. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, resource_properties.size = 100 is a valid filter string.
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,resource_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,resource_properties.a_property" and "
name desc , resource_properties.a_property " are equivalent.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
When compare_duration is set, the ListAssetResult's "state" attribute is
updated to indicate whether the asset was added, removed, or remained
present during the compare_duration period of time that precedes the
read_time. This is the time between (read_time -
compare_duration) and read_time.
The state value is derived based on the presence of the asset at the two
points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state" values when compare_duration is specified:
"ADDED": indicates that the asset was not present before
compare_duration, but present at read_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at read_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and read_time.
If compare_duration is not specified, then the only possible state is
"UNUSED", which indicates that the asset is present at read_time.
Optional. A field mask to specify the ListAssetsResult fields to be listed in the
response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListAssetsResponse; indicates
that this is a continuation of a prior ListAssets call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
ListAssetsResult. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.listAssetsAsync(request);
for await (const response of iterable) {
// process response
}
listAssetsStream(request, optionsopt) → {Stream}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
parent
string
Required. Name of the organization assets should belong to. Its format is
"organizations/[organization_id]".
filter
string
Expression that defines the filter to apply across assets.
The expression is a list of zero or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. The fields map to those
defined in the Asset resource. Examples include:
name
security_center_properties.resource_name
resource_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, resource_properties.size = 100 is a valid filter string.
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,resource_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,resource_properties.a_property" and "
name desc , resource_properties.a_property " are equivalent.
Time used as a reference point when filtering assets. The filter is limited
to assets existing at the supplied time and their values are those at that
specific time. Absence of this field will default to the API's version of
NOW.
When compare_duration is set, the ListAssetResult's "state" attribute is
updated to indicate whether the asset was added, removed, or remained
present during the compare_duration period of time that precedes the
read_time. This is the time between (read_time -
compare_duration) and read_time.
The state value is derived based on the presence of the asset at the two
points in time. Intermediate state changes between the two times don't
affect the result. For example, the results aren't affected if the asset is
removed and re-created again.
Possible "state" values when compare_duration is specified:
"ADDED": indicates that the asset was not present before
compare_duration, but present at read_time.
"REMOVED": indicates that the asset was present at the start of
compare_duration, but not present at read_time.
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and read_time.
If compare_duration is not specified, then the only possible state is
"UNUSED", which indicates that the asset is present at read_time.
Optional. A field mask to specify the ListAssetsResult fields to be listed in the
response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListAssetsResponse; indicates
that this is a continuation of a prior ListAssets call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing ListAssetsResult on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using listAssetsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listFindings(request, optionsopt) → {Promise}
Lists an organization or source's findings.
To list across all sources provide a - as the source id.
Example: /v1beta1/organizations/{organization_id}/sources/-/findings
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
parent
string
Required. Name of the source the findings belong to. Its format is
"organizations/[organization_id]/sources/[source_id]". To list across all
sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, source_properties.size = 100 is a valid filter string.
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,source_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,source_properties.a_property" and "
name desc , source_properties.a_property " are equivalent.
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
Optional. A field mask to specify the Finding fields to be listed in the response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListFindingsResponse; indicates
that this is a continuation of a prior ListFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of Finding.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using listFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listFindingsAsync(request, optionsopt) → {Object}
Equivalent to listFindings, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
parent
string
Required. Name of the source the findings belong to. Its format is
"organizations/[organization_id]/sources/[source_id]". To list across all
sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, source_properties.size = 100 is a valid filter string.
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,source_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,source_properties.a_property" and "
name desc , source_properties.a_property " are equivalent.
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
Optional. A field mask to specify the Finding fields to be listed in the response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListFindingsResponse; indicates
that this is a continuation of a prior ListFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
Finding. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.listFindingsAsync(request);
for await (const response of iterable) {
// process response
}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Attributes
Description
parent
string
Required. Name of the source the findings belong to. Its format is
"organizations/[organization_id]/sources/[source_id]". To list across all
sources provide a source_id of -. For example:
organizations/{organization_id}/sources/-
filter
string
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND and OR.
Parentheses are not supported, and OR has higher precedence than AND.
Restrictions have the form <field> <operator> <value> and may have a -
character in front of them to indicate negation. Examples include:
name
source_properties.a_property
security_marks.marks.marka
The supported operators are:
= for all value types.
>, <, >=, <= for integer values.
:, meaning substring matching, for strings.
The supported value types are:
string literals in quotes.
integer literals without quotes.
boolean literals true and false without quotes.
For example, source_properties.size = 100 is a valid filter string.
orderBy
string
Expression that defines what fields and order to use for sorting. The
string value should follow SQL syntax: comma separated list of fields. For
example: "name,resource_properties.a_property". The default sorting order
is ascending. To specify descending order for a field, a suffix " desc"
should be appended to the field name. For example: "name
desc,source_properties.a_property". Redundant space characters in the
syntax are insignificant. "name desc,source_properties.a_property" and "
name desc , source_properties.a_property " are equivalent.
Time used as a reference point when filtering findings. The filter is
limited to findings existing at the supplied time and their values are
those at that specific time. Absence of this field will default to the
API's version of NOW.
Optional. A field mask to specify the Finding fields to be listed in the response.
An empty field mask will list all fields.
pageToken
string
The value returned by the last ListFindingsResponse; indicates
that this is a continuation of a prior ListFindings call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing Finding on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using listFindingsAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listSources(request, optionsopt) → {Promise}
Lists all sources belonging to an organization.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the parent of sources to list. Its format should be
"organizations/[organization_id]".
pageToken
string
The value returned by the last ListSourcesResponse; indicates
that this is a continuation of a prior ListSources call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
The promise which resolves to an array.
The first element of the array is Array of Source.
The client library will perform auto-pagination by default: it will call the API as many
times as needed and will merge results from all the pages into this array.
Note that it can affect your quota.
We recommend using listSourcesAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
listSourcesAsync(request, optionsopt) → {Object}
Equivalent to listSources, but returns an iterable object.
for-await-of syntax is used with the iterable to get response elements on-demand.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the parent of sources to list. Its format should be
"organizations/[organization_id]".
pageToken
string
The value returned by the last ListSourcesResponse; indicates
that this is a continuation of a prior ListSources call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An iterable Object that allows async iteration.
When you iterate the returned iterable, each element will be an object representing
Source. The API will be called under the hood as needed, once per the page,
so you can stop the iteration when you don't need more results.
Please see the
documentation
for more details and examples.
Example
const iterable = client.listSourcesAsync(request);
for await (const response of iterable) {
// process response
}
listSourcesStream(request, optionsopt) → {Stream}
Equivalent to method.name.toCamelCase(), but returns a NodeJS Stream object.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Resource name of the parent of sources to list. Its format should be
"organizations/[organization_id]".
pageToken
string
The value returned by the last ListSourcesResponse; indicates
that this is a continuation of a prior ListSources call, and
that the system should return the next page of data.
pageSize
number
The maximum number of results to return in a single response. Default is
10, minimum is 1, maximum is 1000.
An object stream which emits an object representing Source on 'data' event.
The client library will perform auto-pagination by default: it will call the API as many
times as needed. Note that it can affect your quota.
We recommend using listSourcesAsync()
method described below for async iteration which you can stop as needed.
Please see the
documentation
for more details and examples.
matchAssetFromAssetName(assetName) → {string}
Parse the asset from Asset resource.
Parameters:
Name
Type
Description
assetName
string
A fully-qualified path representing Asset resource.
Runs asset discovery. The discovery is tracked with a long-running
operation.
This API can only be called with limited frequency for an organization. If
it is called too frequently the caller will receive a TOO_MANY_REQUESTS
error.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
parent
string
Required. Name of the organization to run asset discovery for. Its format is
"organizations/[organization_id]".
The promise which resolves to an array.
The first element of the array is an object representing
a long running operation. Its promise() method returns a promise
you can await for.
Please see the
documentation
for more details and examples.
Required. The relative resource name of the finding. See:
https://cloud.google.com/apis/design/resource_names#relative_resource_name
Example:
"organizations/{organization_id}/sources/{source_id}/finding/{finding_id}".
The promise which resolves to an array.
The first element of the array is an object representing Finding.
Please see the
documentation
for more details and examples.
REQUIRED: The complete policy to be applied to the resource. The size of
the policy is limited to a few 10s of KB. An empty policy is a
valid policy but certain Cloud Platform services (such as Projects)
might reject them.
The promise which resolves to an array.
The first element of the array is an object representing Policy.
Please see the
documentation
for more details and examples.
Returns the permissions that a caller has on the specified source.
Parameters:
Name
Type
Attributes
Description
request
Object
The request object that will be sent.
Properties
Name
Type
Description
resource
string
REQUIRED: The resource for which the policy detail is being requested.
See the operation documentation for the appropriate value for this field.
permissions
Array.<string>
The set of permissions to check for the resource. Permissions with
wildcards (such as '' or 'storage.') are not allowed. For more
information see
IAM Overview.
The promise which resolves to an array.
The first element of the array is an object representing TestIamPermissionsResponse.
Please see the
documentation
for more details and examples.
Required. The finding resource to update or create if it does not already exist.
parent, security_marks, and update_time will be ignored.
In the case of creation, the finding id portion of the name must
alphanumeric and less than or equal to 32 characters and greater than 0
characters in length.
The promise which resolves to an array.
The first element of the array is an object representing Finding.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing OrganizationSettings.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing SecurityMarks.
Please see the
documentation
for more details and examples.
The promise which resolves to an array.
The first element of the array is an object representing Source.
Please see the
documentation
for more details and examples.