As of January 1, 2020 this library no longer supports Python 2 on the latest released version. Library versions released prior to that date will continue to be available. For more information please visit Python 2 support on Google Cloud.

Types for Security Command Center API Client

class google.cloud.securitycenter_v1.types.Any
type_url

Field google.protobuf.Any.type_url

value

Field google.protobuf.Any.value

class google.cloud.securitycenter_v1.types.Asset

Security Command Center representation of a Google Cloud resource. The Asset is a Security Command Center resource that captures information about a single Google Cloud resource. All modifications to an Asset are only within the context of Security Command Center and don’t affect the referenced Google Cloud resource.

name

The relative resource name of this asset. See: https://cloud.g oogle.com/apis/design/resource_names#relative_resource_name Example: “organizations/{organization_id}/assets/{asset_id}”.

security_center_properties

Security Command Center managed properties. These properties are managed by Security Command Center and cannot be modified by the user.

resource_properties

Resource managed properties. These properties are managed and defined by the Google Cloud resource and cannot be modified by the user.

security_marks

User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the asset.

create_time

The time at which the asset was created in Security Command Center.

update_time

The time at which the asset was last updated, added, or deleted in Security Command Center.

iam_policy

Cloud IAM Policy information associated with the Google Cloud resource described by the Security Command Center asset. This information is managed and defined by the Google Cloud resource and cannot be modified by the user.

class IamPolicy

Cloud IAM Policy information associated with the Google Cloud resource described by the Security Command Center asset. This information is managed and defined by the Google Cloud resource and cannot be modified by the user.

policy_blob

The JSON representation of the Policy associated with the asset. See https://cloud.google.com/iam/reference/rest/v1/Policy for format details.

policy_blob

Field google.cloud.securitycenter.v1.Asset.IamPolicy.policy_blob

class ResourcePropertiesEntry
key

Field google.cloud.securitycenter.v1.Asset.ResourcePropertiesEntry.key

value

Field google.cloud.securitycenter.v1.Asset.ResourcePropertiesEntry.value

class SecurityCenterProperties

Security Command Center managed properties. These properties are managed by Security Command Center and cannot be modified by the user.

resource_name

The full resource name of the Google Cloud resource this asset represents. This field is immutable after create time. See: ht tps://cloud.google.com/apis/design/resource_names#full_resourc e_name

resource_type

The type of the Google Cloud resource. Examples include: APPLICATION, PROJECT, and ORGANIZATION. This is a case insensitive field defined by Security Command Center and/or the producer of the resource and is immutable after create time.

resource_parent

The full resource name of the immediate parent of the resource. See: https://cloud.google.com/apis/design/resource_n ames#full_resource_name

resource_project

The full resource name of the project the resource belongs to. See: https://cloud.google.com/apis/design/resource_names#full_ resource_name

resource_owners

Owners of the Google Cloud resource.

resource_display_name

The user defined display name for this resource.

resource_parent_display_name

The user defined display name for the parent of this resource.

resource_project_display_name

The user defined display name for the project of this resource.

resource_display_name

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_display_name

resource_name

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_name

resource_owners

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_owners

resource_parent

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_parent

resource_parent_display_name

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_parent_display_name

resource_project

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_project

resource_project_display_name

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_project_display_name

resource_type

Field google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_type

create_time

Field google.cloud.securitycenter.v1.Asset.create_time

iam_policy

Field google.cloud.securitycenter.v1.Asset.iam_policy

name

Field google.cloud.securitycenter.v1.Asset.name

resource_properties

Field google.cloud.securitycenter.v1.Asset.resource_properties

security_center_properties

Field google.cloud.securitycenter.v1.Asset.security_center_properties

security_marks

Field google.cloud.securitycenter.v1.Asset.security_marks

update_time

Field google.cloud.securitycenter.v1.Asset.update_time

class google.cloud.securitycenter_v1.types.AuditConfigDelta

One delta entry for AuditConfig. Each individual change (only one exempted_member in each entry) to a AuditConfig will be a separate entry.

action

The action that was performed on an audit configuration in a policy. Required

service

Specifies a service that was configured for Cloud Audit Logging. For example, storage.googleapis.com, cloudsql.googleapis.com. allServices is a special value that covers all services. Required

exempted_member

A single identity that is exempted from “data access” audit logging for the service specified above. Follows the same format of Binding.members.

log_type

Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always enabled, and cannot be configured. Required

action

Field google.iam.v1.AuditConfigDelta.action

exempted_member

Field google.iam.v1.AuditConfigDelta.exempted_member

log_type

Field google.iam.v1.AuditConfigDelta.log_type

service

Field google.iam.v1.AuditConfigDelta.service

class google.cloud.securitycenter_v1.types.Binding

Associates members with a role.

role

Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner.

members

Specifies the identities requesting access for a Cloud Platform resource. members can have the following values: - allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. - allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. - user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com . - serviceAccount:{emailid}: An email address that represents a service account. For example, my-other- app@appspot.gserviceaccount.com. - group:{emailid}: An email address that represents a Google group. For example, admins@example.com. - domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com.

condition

The condition that is associated with this binding. NOTE: An unsatisfied condition will not allow user access via current binding. Different bindings, including their conditions, are examined independently.

condition

Field google.iam.v1.Binding.condition

members

Field google.iam.v1.Binding.members

role

Field google.iam.v1.Binding.role

class google.cloud.securitycenter_v1.types.BindingDelta

One delta entry for Binding. Each individual change (only one member in each entry) to a binding will be a separate entry.

action

The action that was performed on a Binding. Required

role

Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner. Required

member

A single identity requesting access for a Cloud Platform resource. Follows the same format of Binding.members. Required

condition

Unimplemented. The condition that is associated with this binding. This field is logged only for Cloud Audit Logging.

action

Field google.iam.v1.BindingDelta.action

condition

Field google.iam.v1.BindingDelta.condition

member

Field google.iam.v1.BindingDelta.member

role

Field google.iam.v1.BindingDelta.role

class google.cloud.securitycenter_v1.types.CancelOperationRequest
name

Field google.longrunning.CancelOperationRequest.name

class google.cloud.securitycenter_v1.types.CreateFindingRequest

Request message for creating a finding.

parent

Required. Resource name of the new finding’s parent. Its format should be “organizations/[organization_id]/sources/[source_id]”.

finding_id

Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

finding

Required. The Finding being created. The name and security_marks will be ignored as they are both output only fields on this resource.

finding

Field google.cloud.securitycenter.v1.CreateFindingRequest.finding

finding_id

Field google.cloud.securitycenter.v1.CreateFindingRequest.finding_id

parent

Field google.cloud.securitycenter.v1.CreateFindingRequest.parent

class google.cloud.securitycenter_v1.types.CreateNotificationConfigRequest

Request message for creating a notification config.

parent

Required. Resource name of the new notification config’s parent. Its format is “organizations/[organization_id]”.

config_id

Required. Unique identifier provided by the client within the parent scope. It must be between 1 and 128 characters, and contains alphanumeric characters, underscores or hyphens only.

notification_config

Required. The notification config being created. The name and the service account will be ignored as they are both output only fields on this resource.

config_id

Field google.cloud.securitycenter.v1.CreateNotificationConfigRequest.config_id

notification_config

Field google.cloud.securitycenter.v1.CreateNotificationConfigRequest.notification_config

parent

Field google.cloud.securitycenter.v1.CreateNotificationConfigRequest.parent

class google.cloud.securitycenter_v1.types.CreateSourceRequest

Request message for creating a source.

parent

Required. Resource name of the new source’s parent. Its format should be “organizations/[organization_id]”.

source

Required. The Source being created, only the display_name and description will be used. All other fields will be ignored.

parent

Field google.cloud.securitycenter.v1.CreateSourceRequest.parent

source

Field google.cloud.securitycenter.v1.CreateSourceRequest.source

class google.cloud.securitycenter_v1.types.DeleteNotificationConfigRequest

Request message for deleting a notification config.

name

Required. Name of the notification config to delete. Its format is “organizations/[organization_id]/notificationConfigs /[config_id]”.

name

Field google.cloud.securitycenter.v1.DeleteNotificationConfigRequest.name

class google.cloud.securitycenter_v1.types.DeleteOperationRequest
name

Field google.longrunning.DeleteOperationRequest.name

class google.cloud.securitycenter_v1.types.Duration
nanos

Field google.protobuf.Duration.nanos

seconds

Field google.protobuf.Duration.seconds

class google.cloud.securitycenter_v1.types.Empty
class google.cloud.securitycenter_v1.types.Expr
description

Field google.type.Expr.description

expression

Field google.type.Expr.expression

location

Field google.type.Expr.location

title

Field google.type.Expr.title

class google.cloud.securitycenter_v1.types.FieldMask
paths

Field google.protobuf.FieldMask.paths

class google.cloud.securitycenter_v1.types.Finding

Security Command Center finding. A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

name

The relative resource name of this finding. See: https://cloud .google.com/apis/design/resource_names#relative_resource_name Example: “organizations/{organization_id}/sources/{source_id}/ findings/{finding_id}”

parent

The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#r elative_resource_name This field is immutable after creation time. For example: “organizations/{organization_id}/sources/{source_id}”

resource_name

For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https:/ /cloud.google.com/apis/design/resource_names#full_resource_nam e When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

state

The state of the finding.

category

The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: “XSS_FLASH_INJECTION”

external_uri

The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

source_properties

Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

security_marks

Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.

event_time

The time at which the event took place. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector.

create_time

The time at which the finding was created in Security Command Center.

class SourcePropertiesEntry
key

Field google.cloud.securitycenter.v1.Finding.SourcePropertiesEntry.key

value

Field google.cloud.securitycenter.v1.Finding.SourcePropertiesEntry.value

category

Field google.cloud.securitycenter.v1.Finding.category

create_time

Field google.cloud.securitycenter.v1.Finding.create_time

event_time

Field google.cloud.securitycenter.v1.Finding.event_time

external_uri

Field google.cloud.securitycenter.v1.Finding.external_uri

name

Field google.cloud.securitycenter.v1.Finding.name

parent

Field google.cloud.securitycenter.v1.Finding.parent

resource_name

Field google.cloud.securitycenter.v1.Finding.resource_name

security_marks

Field google.cloud.securitycenter.v1.Finding.security_marks

source_properties

Field google.cloud.securitycenter.v1.Finding.source_properties

state

Field google.cloud.securitycenter.v1.Finding.state

class google.cloud.securitycenter_v1.types.GetIamPolicyRequest

Request message for GetIamPolicy method.

resource

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

options

OPTIONAL: A GetPolicyOptions object for specifying options to GetIamPolicy. This field is only used by Cloud IAM.

options

Field google.iam.v1.GetIamPolicyRequest.options

resource

Field google.iam.v1.GetIamPolicyRequest.resource

class google.cloud.securitycenter_v1.types.GetNotificationConfigRequest

Request message for getting a notification config.

name

Required. Name of the notification config to get. Its format is “organizations/[organization_id]/notificationConfigs/[confi g_id]”.

name

Field google.cloud.securitycenter.v1.GetNotificationConfigRequest.name

class google.cloud.securitycenter_v1.types.GetOperationRequest
name

Field google.longrunning.GetOperationRequest.name

class google.cloud.securitycenter_v1.types.GetOrganizationSettingsRequest

Request message for getting organization settings.

name

Required. Name of the organization to get organization settings for. Its format is “organizations/[organization_id]/organizationSettings”.

name

Field google.cloud.securitycenter.v1.GetOrganizationSettingsRequest.name

class google.cloud.securitycenter_v1.types.GetPolicyOptions

Encapsulates settings provided to GetIamPolicy.

requested_policy_version

Optional. The policy format version to be returned. Acceptable values are 0 and 1. If the value is 0, or the field is omitted, policy format version 1 will be returned.

requested_policy_version

Field google.iam.v1.GetPolicyOptions.requested_policy_version

class google.cloud.securitycenter_v1.types.GetSourceRequest

Request message for getting a source.

name

Required. Relative resource name of the source. Its format is “organizations/[organization_id]/source/[source_id]”.

name

Field google.cloud.securitycenter.v1.GetSourceRequest.name

class google.cloud.securitycenter_v1.types.GroupAssetsRequest

Request message for grouping by assets.

parent

Required. Name of the organization to groupBy. Its format is “organizations/[organization_id]”.

filter

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: - name - security_center_properties.resource_name - resource_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: - name: = - update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: update_time = "2019-06-10T16:07:18-07:00" update_time = 1560208038000 - create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: create_time = "2019-06-10T16:07:18-07:00" create_time = 1560208038000 - iam_policy.policy_blob: =, : - resource_properties: =, :, >, <, >=, <= - security_marks.marks: =, : - security_center_properties.resource_name: =, : - security_center_properties.resource_display_name: =, : - security_center_properties.resource_type: =, : - security_center_properties.resource_parent: =, : - security_center_properties.resource_parent_display_name: =, : - security_center_properties.resource_project: =, : - security_center_properties.resource_project_display_name: =, : - security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: resource_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -resource_properties.my_property : ""

group_by

Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: “security_center_proper ties.resource_project,security_center_properties.project”. The following fields are supported when compare_duration is not set: - security_center_properties.resource_project - security_center_properties.resource_project_display_name - security_center_properties.resource_type - security_center_properties.resource_parent - security_center_properties.resource_parent_display_name The following fields are supported when compare_duration is set: - security_center_properties.resource_type - security_center_properties.resource_project_display_name - security_center_properties.resource_parent_display_name

compare_duration

When compare_duration is set, the GroupResult’s “state_change” property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don’t affect the result. For example, the results aren’t affected if the asset is removed and re- created again. Possible “state_change” values when compare_duration is specified: - “ADDED”: indicates that the asset was not present at the start of compare_duration, but present at reference_time. - “REMOVED”: indicates that the asset was present at the start of compare_duration, but not present at reference_time. - “ACTIVE”: indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. If compare_duration is not specified, then the only possible state_change is “UNUSED”, which will be the state_change set for all assets present at read_time. If this field is set then state_change must be a specified field in group_by.

read_time

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API’s version of NOW.

page_token

The value returned by the last GroupAssetsResponse; indicates that this is a continuation of a prior GroupAssets call, and that the system should return the next page of data.

page_size

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

compare_duration

Field google.cloud.securitycenter.v1.GroupAssetsRequest.compare_duration

filter

Field google.cloud.securitycenter.v1.GroupAssetsRequest.filter

group_by

Field google.cloud.securitycenter.v1.GroupAssetsRequest.group_by

page_size

Field google.cloud.securitycenter.v1.GroupAssetsRequest.page_size

page_token

Field google.cloud.securitycenter.v1.GroupAssetsRequest.page_token

parent

Field google.cloud.securitycenter.v1.GroupAssetsRequest.parent

read_time

Field google.cloud.securitycenter.v1.GroupAssetsRequest.read_time

class google.cloud.securitycenter_v1.types.GroupAssetsResponse

Response message for grouping by assets.

group_by_results

Group results. There exists an element for each existing unique combination of property/values. The element contains a count for the number of times those specific property/values appear.

read_time

Time used for executing the groupBy request.

next_page_token

Token to retrieve the next page of results, or empty if there are no more results.

total_size

The total number of results matching the query.

group_by_results

Field google.cloud.securitycenter.v1.GroupAssetsResponse.group_by_results

next_page_token

Field google.cloud.securitycenter.v1.GroupAssetsResponse.next_page_token

read_time

Field google.cloud.securitycenter.v1.GroupAssetsResponse.read_time

total_size

Field google.cloud.securitycenter.v1.GroupAssetsResponse.total_size

class google.cloud.securitycenter_v1.types.GroupFindingsRequest

Request message for grouping by findings.

parent

Required. Name of the source to groupBy. Its format is “organizations/[organization_id]/sources/[source_id]”. To groupBy across all sources provide a source_id of -. For example: organizations/{organization_id}/sources/-

filter

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: - name - source_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: - name: = - parent: =, : - resource_name: =, : - state: =, : - category: =, : - external_uri: =, : - event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000 - security_marks.marks: =, : - source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: source_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -source_properties.my_property : ""

group_by

Required. Expression that defines what assets fields to use for grouping (including state_change). The string value should follow SQL syntax: comma separated list of fields. For example: “parent,resource_name”. The following fields are supported: - resource_name - category - state - parent The following fields are supported when compare_duration is set: - state_change

read_time

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API’s version of NOW.

compare_duration

When compare_duration is set, the GroupResult’s “state_change” attribute is updated to indicate whether the finding had its state changed, the finding’s state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don’t affect the result. For example, the results aren’t affected if the finding is made inactive and then active again. Possible “state_change” values when compare_duration is specified: - “CHANGED”: indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time. - “UNCHANGED”: indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time. - “ADDED”: indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time. - “REMOVED”: indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time. If compare_duration is not specified, then the only possible state_change is “UNUSED”, which will be the state_change set for all findings present at read_time. If this field is set then state_change must be a specified field in group_by.

page_token

The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.

page_size

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

compare_duration

Field google.cloud.securitycenter.v1.GroupFindingsRequest.compare_duration

filter

Field google.cloud.securitycenter.v1.GroupFindingsRequest.filter

group_by

Field google.cloud.securitycenter.v1.GroupFindingsRequest.group_by

page_size

Field google.cloud.securitycenter.v1.GroupFindingsRequest.page_size

page_token

Field google.cloud.securitycenter.v1.GroupFindingsRequest.page_token

parent

Field google.cloud.securitycenter.v1.GroupFindingsRequest.parent

read_time

Field google.cloud.securitycenter.v1.GroupFindingsRequest.read_time

class google.cloud.securitycenter_v1.types.GroupFindingsResponse

Response message for group by findings.

group_by_results

Group results. There exists an element for each existing unique combination of property/values. The element contains a count for the number of times those specific property/values appear.

read_time

Time used for executing the groupBy request.

next_page_token

Token to retrieve the next page of results, or empty if there are no more results.

total_size

The total number of results matching the query.

group_by_results

Field google.cloud.securitycenter.v1.GroupFindingsResponse.group_by_results

next_page_token

Field google.cloud.securitycenter.v1.GroupFindingsResponse.next_page_token

read_time

Field google.cloud.securitycenter.v1.GroupFindingsResponse.read_time

total_size

Field google.cloud.securitycenter.v1.GroupFindingsResponse.total_size

class google.cloud.securitycenter_v1.types.GroupResult

Result containing the properties and count of a groupBy request.

properties

Properties matching the groupBy fields in the request.

count

Total count of resources for the given properties.

class PropertiesEntry
key

Field google.cloud.securitycenter.v1.GroupResult.PropertiesEntry.key

value

Field google.cloud.securitycenter.v1.GroupResult.PropertiesEntry.value

count

Field google.cloud.securitycenter.v1.GroupResult.count

properties

Field google.cloud.securitycenter.v1.GroupResult.properties

class google.cloud.securitycenter_v1.types.ListAssetsRequest

Request message for listing assets.

parent

Required. Name of the organization assets should belong to. Its format is “organizations/[organization_id]”.

filter

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: - name - security_center_properties.resource_name - resource_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following are the allowed field and operator combinations: - name: = - update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: update_time = "2019-06-10T16:07:18-07:00" update_time = 1560208038000 - create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: create_time = "2019-06-10T16:07:18-07:00" create_time = 1560208038000 - iam_policy.policy_blob: =, : - resource_properties: =, :, >, <, >=, <= - security_marks.marks: =, : - security_center_properties.resource_name: =, : - security_center_properties.resource_display_name: =, : - security_center_properties.resource_type: =, : - security_center_properties.resource_parent: =, : - security_center_properties.resource_parent_display_name: =, : - security_center_properties.resource_project: =, : - security_center_properties.resource_project_display_name: =, : - security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: resource_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -resource_properties.my_property : ""

order_by

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: “name,resource_properties.a_property”. The default sorting order is ascending. To specify descending order for a field, a suffix ” desc” should be appended to the field name. For example: “name desc,resource_properties.a_property”. Redundant space characters in the syntax are insignificant. “name desc,resource_properties.a_property” and ” name desc , resource_properties.a_property ” are equivalent. The following fields are supported: name update_time resource_properties security_marks.marks security_center_properties.resource_name security_center_properties.resource_display_name security_center_properties.resource_parent security_center_properties.resource_parent_display_name security_center_properties.resource_project security_center_properties.resource_project_display_name security_center_properties.resource_type

read_time

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API’s version of NOW.

compare_duration

When compare_duration is set, the ListAssetsResult’s “state_change” attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don’t affect the result. For example, the results aren’t affected if the asset is removed and re-created again. Possible “state_change” values when compare_duration is specified: - “ADDED”: indicates that the asset was not present at the start of compare_duration, but present at read_time. - “REMOVED”: indicates that the asset was present at the start of compare_duration, but not present at read_time. - “ACTIVE”: indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state_change is “UNUSED”, which will be the state_change set for all assets present at read_time.

field_mask

Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

page_token

The value returned by the last ListAssetsResponse; indicates that this is a continuation of a prior ListAssets call, and that the system should return the next page of data.

page_size

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

compare_duration

Field google.cloud.securitycenter.v1.ListAssetsRequest.compare_duration

field_mask

Field google.cloud.securitycenter.v1.ListAssetsRequest.field_mask

filter

Field google.cloud.securitycenter.v1.ListAssetsRequest.filter

order_by

Field google.cloud.securitycenter.v1.ListAssetsRequest.order_by

page_size

Field google.cloud.securitycenter.v1.ListAssetsRequest.page_size

page_token

Field google.cloud.securitycenter.v1.ListAssetsRequest.page_token

parent

Field google.cloud.securitycenter.v1.ListAssetsRequest.parent

read_time

Field google.cloud.securitycenter.v1.ListAssetsRequest.read_time

class google.cloud.securitycenter_v1.types.ListAssetsResponse

Response message for listing assets.

list_assets_results

Assets matching the list request.

read_time

Time used for executing the list request.

next_page_token

Token to retrieve the next page of results, or empty if there are no more results.

total_size

The total number of assets matching the query.

class ListAssetsResult

Result containing the Asset and its State.

asset

Asset matching the search request.

state_change

State change of the asset between the points in time.

asset

Field google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult.asset

state_change

Field google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult.state_change

list_assets_results

Field google.cloud.securitycenter.v1.ListAssetsResponse.list_assets_results

next_page_token

Field google.cloud.securitycenter.v1.ListAssetsResponse.next_page_token

read_time

Field google.cloud.securitycenter.v1.ListAssetsResponse.read_time

total_size

Field google.cloud.securitycenter.v1.ListAssetsResponse.total_size

class google.cloud.securitycenter_v1.types.ListFindingsRequest

Request message for listing findings.

parent

Required. Name of the source the findings belong to. Its format is “organizations/[organization_id]/sources/[source_id]”. To list across all sources provide a source_id of -. For example: organizations/{organization_id}/sources/-

filter

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: - name - source_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: name: = parent: =, : resource_name: =, : state: =, : category: =, : external_uri: =, : event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000 security_marks.marks: =, : source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: source_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -source_properties.my_property : ""

order_by

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: “name,resource_properties.a_property”. The default sorting order is ascending. To specify descending order for a field, a suffix ” desc” should be appended to the field name. For example: “name desc,source_properties.a_property”. Redundant space characters in the syntax are insignificant. “name desc,source_properties.a_property” and ” name desc , source_properties.a_property ” are equivalent. The following fields are supported: name parent state category resource_name event_time source_properties security_marks.marks

read_time

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API’s version of NOW.

compare_duration

When compare_duration is set, the ListFindingsResult’s “state_change” attribute is updated to indicate whether the finding had its state changed, the finding’s state remained unchanged, or if the finding was added in any state during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don’t affect the result. For example, the results aren’t affected if the finding is made inactive and then active again. Possible “state_change” values when compare_duration is specified: - “CHANGED”: indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time. - “UNCHANGED”: indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time. - “ADDED”: indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time. - “REMOVED”: indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time. If compare_duration is not specified, then the only possible state_change is “UNUSED”, which will be the state_change set for all findings present at read_time.

field_mask

Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

page_token

The value returned by the last ListFindingsResponse; indicates that this is a continuation of a prior ListFindings call, and that the system should return the next page of data.

page_size

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

compare_duration

Field google.cloud.securitycenter.v1.ListFindingsRequest.compare_duration

field_mask

Field google.cloud.securitycenter.v1.ListFindingsRequest.field_mask

filter

Field google.cloud.securitycenter.v1.ListFindingsRequest.filter

order_by

Field google.cloud.securitycenter.v1.ListFindingsRequest.order_by

page_size

Field google.cloud.securitycenter.v1.ListFindingsRequest.page_size

page_token

Field google.cloud.securitycenter.v1.ListFindingsRequest.page_token

parent

Field google.cloud.securitycenter.v1.ListFindingsRequest.parent

read_time

Field google.cloud.securitycenter.v1.ListFindingsRequest.read_time

class google.cloud.securitycenter_v1.types.ListFindingsResponse

Response message for listing findings.

list_findings_results

Findings matching the list request.

read_time

Time used for executing the list request.

next_page_token

Token to retrieve the next page of results, or empty if there are no more results.

total_size

The total number of findings matching the query.

class ListFindingsResult

Result containing the Finding and its StateChange.

finding

Finding matching the search request.

state_change

State change of the finding between the points in time.

resource

Output only. Resource that is associated with this finding.

class Resource

Information related to the Google Cloud resource that is associated with this finding.

name

The full resource name of the resource. See: https://cloud.goo gle.com/apis/design/resource_names#full_resource_name

project_name

The full resource name of project that the resource belongs to.

project_display_name

The human readable name of project that the resource belongs to.

parent_name

The full resource name of resource’s parent.

parent_display_name

The human readable name of resource’s parent.

name

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.name

parent_display_name

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.parent_display_name

parent_name

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.parent_name

project_display_name

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.project_display_name

project_name

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.project_name

finding

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.finding

resource

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.resource

state_change

Field google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.state_change

list_findings_results

Field google.cloud.securitycenter.v1.ListFindingsResponse.list_findings_results

next_page_token

Field google.cloud.securitycenter.v1.ListFindingsResponse.next_page_token

read_time

Field google.cloud.securitycenter.v1.ListFindingsResponse.read_time

total_size

Field google.cloud.securitycenter.v1.ListFindingsResponse.total_size

class google.cloud.securitycenter_v1.types.ListNotificationConfigsRequest

Request message for listing notification configs.

parent

Required. Name of the organization to list notification configs. Its format is “organizations/[organization_id]”.

page_token

The value returned by the last ListNotificationConfigsResponse; indicates that this is a continuation of a prior ListNotificationConfigs call, and that the system should return the next page of data.

page_size

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

page_size

Field google.cloud.securitycenter.v1.ListNotificationConfigsRequest.page_size

page_token

Field google.cloud.securitycenter.v1.ListNotificationConfigsRequest.page_token

parent

Field google.cloud.securitycenter.v1.ListNotificationConfigsRequest.parent

class google.cloud.securitycenter_v1.types.ListNotificationConfigsResponse

Response message for listing notification configs.

notification_configs

Notification configs belonging to the requested parent.

next_page_token

Token to retrieve the next page of results, or empty if there are no more results.

next_page_token

Field google.cloud.securitycenter.v1.ListNotificationConfigsResponse.next_page_token

notification_configs

Field google.cloud.securitycenter.v1.ListNotificationConfigsResponse.notification_configs

class google.cloud.securitycenter_v1.types.ListOperationsRequest
filter

Field google.longrunning.ListOperationsRequest.filter

name

Field google.longrunning.ListOperationsRequest.name

page_size

Field google.longrunning.ListOperationsRequest.page_size

page_token

Field google.longrunning.ListOperationsRequest.page_token

class google.cloud.securitycenter_v1.types.ListOperationsResponse
next_page_token

Field google.longrunning.ListOperationsResponse.next_page_token

operations

Field google.longrunning.ListOperationsResponse.operations

class google.cloud.securitycenter_v1.types.ListSourcesRequest

Request message for listing sources.

parent

Required. Resource name of the parent of sources to list. Its format should be “organizations/[organization_id]”.

page_token

The value returned by the last ListSourcesResponse; indicates that this is a continuation of a prior ListSources call, and that the system should return the next page of data.

page_size

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

page_size

Field google.cloud.securitycenter.v1.ListSourcesRequest.page_size

page_token

Field google.cloud.securitycenter.v1.ListSourcesRequest.page_token

parent

Field google.cloud.securitycenter.v1.ListSourcesRequest.parent

class google.cloud.securitycenter_v1.types.ListSourcesResponse

Response message for listing sources.

sources

Sources belonging to the requested parent.

next_page_token

Token to retrieve the next page of results, or empty if there are no more results.

next_page_token

Field google.cloud.securitycenter.v1.ListSourcesResponse.next_page_token

sources

Field google.cloud.securitycenter.v1.ListSourcesResponse.sources

class google.cloud.securitycenter_v1.types.ListValue
values

Field google.protobuf.ListValue.values

class google.cloud.securitycenter_v1.types.NotificationConfig

Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.

name

The relative resource name of this notification config. See: h ttps://cloud.google.com/apis/design/resource_names#relative_re source_name Example: “organizations/{organization_id}/notifica tionConfigs/notify_public_bucket”.

description

The description of the notification config (max of 1024 characters).

pubsub_topic

The PubSub topic to send notifications to. Its format is “projects/[project_id]/topics/[topic]”.

service_account

Output only. The service account that needs “pubsub.topics.publish” permission to publish to the PubSub topic.

notify_config

The config for triggering notifications.

streaming_config

The config for triggering streaming-based notifications.

class StreamingConfig

The config for streaming-based notifications, which send each event as soon as it is detected.

filter

Expression that defines the filter to apply across create/update events of assets or findings as specified by the event type. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the corresponding resource. The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes.

filter

Field google.cloud.securitycenter.v1.NotificationConfig.StreamingConfig.filter

description

Field google.cloud.securitycenter.v1.NotificationConfig.description

name

Field google.cloud.securitycenter.v1.NotificationConfig.name

pubsub_topic

Field google.cloud.securitycenter.v1.NotificationConfig.pubsub_topic

service_account

Field google.cloud.securitycenter.v1.NotificationConfig.service_account

streaming_config

Field google.cloud.securitycenter.v1.NotificationConfig.streaming_config

class google.cloud.securitycenter_v1.types.NotificationMessage

Cloud SCC’s Notification

notification_config_name

Name of the notification config that generated current notification.

event

Notification Event.

finding

If it’s a Finding based notification config, this field will be populated.

resource

The Cloud resource tied to this notification’s Finding.

finding

Field google.cloud.securitycenter.v1.NotificationMessage.finding

notification_config_name

Field google.cloud.securitycenter.v1.NotificationMessage.notification_config_name

resource

Field google.cloud.securitycenter.v1.NotificationMessage.resource

class google.cloud.securitycenter_v1.types.Operation
done

Field google.longrunning.Operation.done

error

Field google.longrunning.Operation.error

metadata

Field google.longrunning.Operation.metadata

name

Field google.longrunning.Operation.name

response

Field google.longrunning.Operation.response

class google.cloud.securitycenter_v1.types.OperationInfo
metadata_type

Field google.longrunning.OperationInfo.metadata_type

response_type

Field google.longrunning.OperationInfo.response_type

class google.cloud.securitycenter_v1.types.OrganizationSettings

User specified settings that are attached to the Security Command Center organization.

name

The relative resource name of the settings. See: https://cloud .google.com/apis/design/resource_names#relative_resource_name Example: “organizations/{organization_id}/organizationSettings”.

enable_asset_discovery

A flag that indicates if Asset Discovery should be enabled. If the flag is set to true, then discovery of assets will occur. If it is set to `false, all historical assets will remain, but discovery of future assets will not occur.

asset_discovery_config

The configuration used for Asset Discovery runs.

class AssetDiscoveryConfig

The configuration used for Asset Discovery runs.

project_ids

The project ids to use for filtering asset discovery.

inclusion_mode

The mode to use for filtering asset discovery.

inclusion_mode

Field google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.inclusion_mode

project_ids

Field google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.project_ids

asset_discovery_config

Field google.cloud.securitycenter.v1.OrganizationSettings.asset_discovery_config

enable_asset_discovery

Field google.cloud.securitycenter.v1.OrganizationSettings.enable_asset_discovery

name

Field google.cloud.securitycenter.v1.OrganizationSettings.name

class google.cloud.securitycenter_v1.types.Policy

Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources.

A Policy consists of a list of bindings. A binding binds a list of members to a role, where the members can be user accounts, Google groups, Google domains, and service accounts. A role is a named list of permissions defined by IAM.

JSON Example

{
  "bindings": [
    {
      "role": "roles/owner",
      "members": [
        "user:mike@example.com",
        "group:admins@example.com",
        "domain:google.com",
        "serviceAccount:my-other-app@appspot.gserviceaccount.com"
      ]
    },
    {
      "role": "roles/viewer",
      "members": ["user:sean@example.com"]
    }
  ]
}

YAML Example

bindings:
- members:
  - user:mike@example.com
  - group:admins@example.com
  - domain:google.com
  - serviceAccount:my-other-app@appspot.gserviceaccount.com
  role: roles/owner
- members:
  - user:sean@example.com
  role: roles/viewer

For a description of IAM and its features, see the IAM developer’s guide.

version

Deprecated.

bindings

Associates a list of members to a role. bindings with no members will result in an error.

etag

etag is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the etag in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An etag is returned in the response to getIamPolicy, and systems are expected to put that etag in the request to setIamPolicy to ensure that their change will be applied to the same version of the policy. If no etag is provided in the call to setIamPolicy, then the existing policy is overwritten blindly.

bindings

Field google.iam.v1.Policy.bindings

etag

Field google.iam.v1.Policy.etag

version

Field google.iam.v1.Policy.version

class google.cloud.securitycenter_v1.types.PolicyDelta

The difference delta between two policies.

binding_deltas

The delta for Bindings between two policies.

audit_config_deltas

The delta for AuditConfigs between two policies.

audit_config_deltas

Field google.iam.v1.PolicyDelta.audit_config_deltas

binding_deltas

Field google.iam.v1.PolicyDelta.binding_deltas

class google.cloud.securitycenter_v1.types.Resource

Information related to the Google Cloud resource.

name

The full resource name of the resource. See: https://cloud.goo gle.com/apis/design/resource_names#full_resource_name

project

The full resource name of project that the resource belongs to.

project_display_name

The human readable name of project that the resource belongs to.

parent

The full resource name of resource’s parent.

parent_display_name

The human readable name of resource’s parent.

name

Field google.cloud.securitycenter.v1.Resource.name

parent

Field google.cloud.securitycenter.v1.Resource.parent

parent_display_name

Field google.cloud.securitycenter.v1.Resource.parent_display_name

project

Field google.cloud.securitycenter.v1.Resource.project

project_display_name

Field google.cloud.securitycenter.v1.Resource.project_display_name

class google.cloud.securitycenter_v1.types.RunAssetDiscoveryRequest

Request message for running asset discovery for an organization.

parent

Required. Name of the organization to run asset discovery for. Its format is “organizations/[organization_id]”.

parent

Field google.cloud.securitycenter.v1.RunAssetDiscoveryRequest.parent

class google.cloud.securitycenter_v1.types.RunAssetDiscoveryResponse

Response of asset discovery run

state

The state of an asset discovery run.

duration

The duration between asset discovery run start and end

duration

Field google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.duration

state

Field google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.state

class google.cloud.securitycenter_v1.types.RunAssetDiscoveryResponse

Response of asset discovery run

state

The state of an asset discovery run.

duration

The duration between asset discovery run start and end

duration

Field google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.duration

state

Field google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.state

class google.cloud.securitycenter_v1.types.SecurityMarks

User specified security marks that are attached to the parent Security Command Center resource. Security marks are scoped within a Security Command Center organization – they can be modified and viewed by all users who have proper permissions on the organization.

name

The relative resource name of the SecurityMarks. See: https:// cloud.google.com/apis/design/resource_names#relative_resource_ name Examples: organizations/{organization_id}/assets/{asset_id}/securityMarks organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks.

marks

Mutable user specified security marks belonging to the parent resource. Constraints are as follows: - Keys and values are treated as case insensitive - Keys must be between 1 - 256 characters (inclusive) - Keys must be letters, numbers, underscores, or dashes - Values have leading and trailing whitespace trimmed, remaining characters must be between 1 - 4096 characters (inclusive)

class MarksEntry
key

Field google.cloud.securitycenter.v1.SecurityMarks.MarksEntry.key

value

Field google.cloud.securitycenter.v1.SecurityMarks.MarksEntry.value

marks

Field google.cloud.securitycenter.v1.SecurityMarks.marks

name

Field google.cloud.securitycenter.v1.SecurityMarks.name

class google.cloud.securitycenter_v1.types.SetFindingStateRequest

Request message for updating a finding’s state.

name

Required. The relative resource name of the finding. See: http s://cloud.google.com/apis/design/resource_names#relative_resou rce_name Example: “organizations/{organization_id}/sources/{so urce_id}/finding/{finding_id}”.

state

Required. The desired State of the finding.

start_time

Required. The time at which the updated state takes effect.

name

Field google.cloud.securitycenter.v1.SetFindingStateRequest.name

start_time

Field google.cloud.securitycenter.v1.SetFindingStateRequest.start_time

state

Field google.cloud.securitycenter.v1.SetFindingStateRequest.state

class google.cloud.securitycenter_v1.types.SetIamPolicyRequest

Request message for SetIamPolicy method.

resource

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

policy

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

policy

Field google.iam.v1.SetIamPolicyRequest.policy

resource

Field google.iam.v1.SetIamPolicyRequest.resource

class google.cloud.securitycenter_v1.types.Source

Security Command Center finding source. A finding source is an entity or a mechanism that can produce a finding. A source is like a container of findings that come from the same scanner, logger, monitor, and other tools.

name

The relative resource name of this source. See: https://cloud. google.com/apis/design/resource_names#relative_resource_name Example: “organizations/{organization_id}/sources/{source_id}”

display_name

The source’s display name. A source’s display name must be unique amongst its siblings, for example, two sources with the same parent can’t share the same display name. The display name must have a length between 1 and 64 characters (inclusive).

description

The description of the source (max of 1024 characters). Example: “Web Security Scanner is a web security scanner for common vulnerabilities in App Engine applications. It can automatically scan and detect four common vulnerabilities, including cross-site-scripting (XSS), Flash injection, mixed content (HTTP in HTTPS), and outdated or insecure libraries.”

description

Field google.cloud.securitycenter.v1.Source.description

display_name

Field google.cloud.securitycenter.v1.Source.display_name

name

Field google.cloud.securitycenter.v1.Source.name

class google.cloud.securitycenter_v1.types.Status
code

Field google.rpc.Status.code

details

Field google.rpc.Status.details

message

Field google.rpc.Status.message

class google.cloud.securitycenter_v1.types.Struct
class FieldsEntry
key

Field google.protobuf.Struct.FieldsEntry.key

value

Field google.protobuf.Struct.FieldsEntry.value

fields

Field google.protobuf.Struct.fields

class google.cloud.securitycenter_v1.types.TestIamPermissionsRequest

Request message for TestIamPermissions method.

resource

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

permissions

The set of permissions to check for the resource. Permissions with wildcards (such as ‘*’ or ’storage.*’) are not allowed. For more information see IAM Overview.

permissions

Field google.iam.v1.TestIamPermissionsRequest.permissions

resource

Field google.iam.v1.TestIamPermissionsRequest.resource

class google.cloud.securitycenter_v1.types.TestIamPermissionsResponse

Response message for TestIamPermissions method.

permissions

A subset of TestPermissionsRequest.permissions that the caller is allowed.

permissions

Field google.iam.v1.TestIamPermissionsResponse.permissions

class google.cloud.securitycenter_v1.types.Timestamp
nanos

Field google.protobuf.Timestamp.nanos

seconds

Field google.protobuf.Timestamp.seconds

class google.cloud.securitycenter_v1.types.UpdateFindingRequest

Request message for updating or creating a finding.

finding

Required. The finding resource to update or create if it does not already exist. parent, security_marks, and update_time will be ignored. In the case of creation, the finding id portion of the name must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

update_mask

The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using “source_properties.” in the field mask.

finding

Field google.cloud.securitycenter.v1.UpdateFindingRequest.finding

update_mask

Field google.cloud.securitycenter.v1.UpdateFindingRequest.update_mask

class google.cloud.securitycenter_v1.types.UpdateNotificationConfigRequest

Request message for updating a notification config.

notification_config

Required. The notification config to update.

update_mask

The FieldMask to use when updating the notification config. If empty all mutable fields will be updated.

notification_config

Field google.cloud.securitycenter.v1.UpdateNotificationConfigRequest.notification_config

update_mask

Field google.cloud.securitycenter.v1.UpdateNotificationConfigRequest.update_mask

class google.cloud.securitycenter_v1.types.UpdateOrganizationSettingsRequest

Request message for updating an organization’s settings.

organization_settings

Required. The organization settings resource to update.

update_mask

The FieldMask to use when updating the settings resource. If empty all mutable fields will be updated.

organization_settings

Field google.cloud.securitycenter.v1.UpdateOrganizationSettingsRequest.organization_settings

update_mask

Field google.cloud.securitycenter.v1.UpdateOrganizationSettingsRequest.update_mask

class google.cloud.securitycenter_v1.types.UpdateSecurityMarksRequest

Request message for updating a SecurityMarks resource.

security_marks

Required. The security marks resource to update.

update_mask

The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to “marks”, all marks will be replaced. Individual marks can be updated using “marks.”.

start_time

The time at which the updated SecurityMarks take effect. If not set uses current server time. Updates will be applied to the SecurityMarks that are active immediately preceding this time.

security_marks

Field google.cloud.securitycenter.v1.UpdateSecurityMarksRequest.security_marks

start_time

Field google.cloud.securitycenter.v1.UpdateSecurityMarksRequest.start_time

update_mask

Field google.cloud.securitycenter.v1.UpdateSecurityMarksRequest.update_mask

class google.cloud.securitycenter_v1.types.UpdateSourceRequest

Request message for updating a source.

source

Required. The source resource to update.

update_mask

The FieldMask to use when updating the source resource. If empty all mutable fields will be updated.

source

Field google.cloud.securitycenter.v1.UpdateSourceRequest.source

update_mask

Field google.cloud.securitycenter.v1.UpdateSourceRequest.update_mask

class google.cloud.securitycenter_v1.types.Value
bool_value

Field google.protobuf.Value.bool_value

list_value

Field google.protobuf.Value.list_value

null_value

Field google.protobuf.Value.null_value

number_value

Field google.protobuf.Value.number_value

string_value

Field google.protobuf.Value.string_value

struct_value

Field google.protobuf.Value.struct_value