Class: Google::Apis::SecuritycenterV1::SecurityCommandCenterService

Inherits:
Core::BaseService
  • Object
show all
Defined in:
generated/google/apis/securitycenter_v1/service.rb

Overview

Cloud Security Command Center API

Cloud Security Command Center API provides access to temporal views of assets and findings within an organization.

Examples:

require 'google/apis/securitycenter_v1'

Securitycenter = Google::Apis::SecuritycenterV1 # Alias the module
service = Securitycenter::SecurityCommandCenterService.new

See Also:

Instance Attribute Summary collapse

Attributes inherited from Core::BaseService

#authorization, #base_path, #batch_path, #client, #client_options, #request_options, #root_url, #upload_path

Instance Method Summary collapse

Methods inherited from Core::BaseService

#batch, #batch_upload, #fetch_all, #http

Methods included from Core::Logging

#logger

Constructor Details

#initializeSecurityCommandCenterService

Returns a new instance of SecurityCommandCenterService



46
47
48
49
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 46

def initialize
  super('https://securitycenter.googleapis.com/', '')
  @batch_path = 'batch'
end

Instance Attribute Details

#keyString

Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.

Returns:

  • (String)

    API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.



39
40
41
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 39

def key
  @key
end

#quota_userString

Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

Returns:

  • (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.



44
45
46
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 44

def quota_user
  @quota_user
end

Instance Method Details

#cancel_organization_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Empty

Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to Code.CANCELLED.

Parameters:

  • name (String)

    The name of the operation resource to be cancelled.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



398
399
400
401
402
403
404
405
406
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 398

def cancel_organization_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:cancel', options)
  command.response_representation = Google::Apis::SecuritycenterV1::Empty::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_organization_source(parent, source_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Source

Creates a source.

Parameters:

  • parent (String)

    Resource name of the new source's parent. Its format should be "organizations/[organization_id]".

  • source_object (Google::Apis::SecuritycenterV1::Source) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



542
543
544
545
546
547
548
549
550
551
552
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 542

def create_organization_source(parent, source_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/sources', options)
  command.request_representation = Google::Apis::SecuritycenterV1::Source::Representation
  command.request_object = source_object
  command.response_representation = Google::Apis::SecuritycenterV1::Source::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Source
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#create_organization_source_finding(parent, finding_object = nil, finding_id: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Finding

Creates a finding. The corresponding source must exist for finding creation to succeed.

Parameters:

  • parent (String)

    Resource name of the new finding's parent. Its format should be "organizations/[organization_id]/sources/[source_id]".

  • finding_object (Google::Apis::SecuritycenterV1::Finding) (defaults to: nil)
  • finding_id (String)

    Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



794
795
796
797
798
799
800
801
802
803
804
805
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 794

def create_organization_source_finding(parent, finding_object = nil, finding_id: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/findings', options)
  command.request_representation = Google::Apis::SecuritycenterV1::Finding::Representation
  command.request_object = finding_object
  command.response_representation = Google::Apis::SecuritycenterV1::Finding::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Finding
  command.params['parent'] = parent unless parent.nil?
  command.query['findingId'] = finding_id unless finding_id.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#delete_organization_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Empty

Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED.

Parameters:

  • name (String)

    The name of the operation resource to be deleted.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



431
432
433
434
435
436
437
438
439
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 431

def delete_organization_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:delete, 'v1/{+name}', options)
  command.response_representation = Google::Apis::SecuritycenterV1::Empty::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Empty
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_organization_operation(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Operation

Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.

Parameters:

  • name (String)

    The name of the operation resource.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



463
464
465
466
467
468
469
470
471
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 463

def get_organization_operation(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::SecuritycenterV1::Operation::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Operation
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_organization_organization_settings(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::OrganizationSettings

Gets the settings for an organization.

Parameters:

  • name (String)

    Name of the organization to get organization settings for. Its format is "organizations/[organization_id]/organizationSettings".

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



72
73
74
75
76
77
78
79
80
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 72

def get_organization_organization_settings(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::SecuritycenterV1::OrganizationSettings::Representation
  command.response_class = Google::Apis::SecuritycenterV1::OrganizationSettings
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_organization_source(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Source

Gets a source.

Parameters:

  • name (String)

    Relative resource name of the source. Its format is "organizations/[organization_id]/source/[source_id]".

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



575
576
577
578
579
580
581
582
583
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 575

def get_organization_source(name, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::SecuritycenterV1::Source::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Source
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#get_source_iam_policy(resource, get_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Policy

Gets the access control policy on the specified Source.

Parameters:

  • resource (String)

    REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

  • get_iam_policy_request_object (Google::Apis::SecuritycenterV1::GetIamPolicyRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



607
608
609
610
611
612
613
614
615
616
617
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 607

def get_source_iam_policy(resource, get_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:getIamPolicy', options)
  command.request_representation = Google::Apis::SecuritycenterV1::GetIamPolicyRequest::Representation
  command.request_object = get_iam_policy_request_object
  command.response_representation = Google::Apis::SecuritycenterV1::Policy::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#group_assets(parent, group_assets_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::GroupAssetsResponse

Filters an organization's assets and groups them by their specified properties.

Parameters:

  • parent (String)

    Name of the organization to groupBy. Its format is "organizations/[organization_id]".

  • group_assets_request_object (Google::Apis::SecuritycenterV1::GroupAssetsRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



145
146
147
148
149
150
151
152
153
154
155
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 145

def group_assets(parent, group_assets_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/assets:group', options)
  command.request_representation = Google::Apis::SecuritycenterV1::GroupAssetsRequest::Representation
  command.request_object = group_assets_request_object
  command.response_representation = Google::Apis::SecuritycenterV1::GroupAssetsResponse::Representation
  command.response_class = Google::Apis::SecuritycenterV1::GroupAssetsResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#group_findings(parent, group_findings_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::GroupFindingsResponse

Filters an organization or source's findings and groups them by their specified properties. To group across all sources provide a - as the source id. Example: /v1/organizations/123/sources/-/findings

Parameters:

  • parent (String)

    Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of -. For example: organizations/123/sources/-

  • group_findings_request_object (Google::Apis::SecuritycenterV1::GroupFindingsRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



834
835
836
837
838
839
840
841
842
843
844
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 834

def group_findings(parent, group_findings_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/findings:group', options)
  command.request_representation = Google::Apis::SecuritycenterV1::GroupFindingsRequest::Representation
  command.request_object = group_findings_request_object
  command.response_representation = Google::Apis::SecuritycenterV1::GroupFindingsResponse::Representation
  command.response_class = Google::Apis::SecuritycenterV1::GroupFindingsResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_organization_assets(parent, compare_duration: nil, field_mask: nil, filter: nil, order_by: nil, page_size: nil, page_token: nil, read_time: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::ListAssetsResponse

Lists an organization's assets.

Parameters:

  • parent (String)

    Name of the organization assets should belong to. Its format is "organizations/[organization_id]".

  • compare_duration (String)

    When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified:

    • "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time.
    • "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time.
    • "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.
  • field_mask (String)

    Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

  • filter (String)

    Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

    • name
    • security_center_properties.resource_name
    • resource_properties.a_property
    • security_marks.marks.marka The supported operators are:
    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings. The supported value types are:
    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes. The following are the allowed field and operator combinations:
    • name: =
    • update_time: >, <, >=, <=
    • iam_policy.policy_blob: =, :
    • resource_properties: =, :, >, <, >=, <=
    • security_marks: =, :
    • security_center_properties.resource_name: =, :
    • security_center_properties.resource_type: =, :
    • security_center_properties.resource_parent: =, :
    • security_center_properties.resource_project: =, :
    • security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string.
  • order_by (String)

    Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent. The following fields are supported: name update_time resource_properties security_marks security_center_properties.resource_name security_center_properties.resource_parent security_center_properties.resource_project security_center_properties.resource_type

  • page_size (Fixnum)

    The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

  • page_token (String)

    The value returned by the last ListAssetsResponse; indicates that this is a continuation of a prior ListAssets call, and that the system should return the next page of data.

  • read_time (String)

    Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 266

def list_organization_assets(parent, compare_duration: nil, field_mask: nil, filter: nil, order_by: nil, page_size: nil, page_token: nil, read_time: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/assets', options)
  command.response_representation = Google::Apis::SecuritycenterV1::ListAssetsResponse::Representation
  command.response_class = Google::Apis::SecuritycenterV1::ListAssetsResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['compareDuration'] = compare_duration unless compare_duration.nil?
  command.query['fieldMask'] = field_mask unless field_mask.nil?
  command.query['filter'] = filter unless filter.nil?
  command.query['orderBy'] = order_by unless order_by.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['readTime'] = read_time unless read_time.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_organization_operations(name, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::ListOperationsResponse

Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns UNIMPLEMENTED. NOTE: the name binding allows API services to override the binding to use different resource name schemes, such as users/*/operations. To override the binding, API services can add a binding such as "/v1/name=users/*/operations" to their service configuration. For backwards compatibility, the default name includes the operations collection id, however overriding users must ensure the name binding is the parent resource, without the operations collection id.

Parameters:

  • name (String)

    The name of the operation's parent resource.

  • filter (String)

    The standard list filter.

  • page_size (Fixnum)

    The standard list page size.

  • page_token (String)

    The standard list page token.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



507
508
509
510
511
512
513
514
515
516
517
518
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 507

def list_organization_operations(name, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+name}', options)
  command.response_representation = Google::Apis::SecuritycenterV1::ListOperationsResponse::Representation
  command.response_class = Google::Apis::SecuritycenterV1::ListOperationsResponse
  command.params['name'] = name unless name.nil?
  command.query['filter'] = filter unless filter.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_organization_source_findings(parent, compare_duration: nil, field_mask: nil, filter: nil, order_by: nil, page_size: nil, page_token: nil, read_time: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::ListFindingsResponse

Lists an organization or source's findings. To list across all sources provide a - as the source id. Example: /v1/organizations/123/sources/-/findings

Parameters:

  • parent (String)

    Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of -. For example: organizations/123/sources/-

  • compare_duration (String)

    When compare_duration is set, the ListFindingsResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added in any state during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again. Possible "state_change" values when compare_duration is specified:

    • "CHANGED": indicates that the finding was present at the start of compare_duration, but changed its state at read_time.
    • "UNCHANGED": indicates that the finding was present at the start of compare_duration and did not change state at read_time.
    • "ADDED": indicates that the finding was not present at the start of compare_duration, but was present at read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
  • field_mask (String)

    Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

  • filter (String)

    Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

    • name
    • source_properties.a_property
    • security_marks.marks.marka The supported operators are:
    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings. The supported value types are:
    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes. The following field and operator combinations are supported: name: = parent: =, : resource_name: =, : state: =, : category: =, : external_uri: =, : event_time: >, <, >=, <= security_marks: =, : source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string.
  • order_by (String)

    Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent. The following fields are supported: name parent state category resource_name event_time source_properties security_marks

  • page_size (Fixnum)

    The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

  • page_token (String)

    The value returned by the last ListFindingsResponse; indicates that this is a continuation of a prior ListFindings call, and that the system should return the next page of data.

  • read_time (String)

    Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 955

def list_organization_source_findings(parent, compare_duration: nil, field_mask: nil, filter: nil, order_by: nil, page_size: nil, page_token: nil, read_time: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/findings', options)
  command.response_representation = Google::Apis::SecuritycenterV1::ListFindingsResponse::Representation
  command.response_class = Google::Apis::SecuritycenterV1::ListFindingsResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['compareDuration'] = compare_duration unless compare_duration.nil?
  command.query['fieldMask'] = field_mask unless field_mask.nil?
  command.query['filter'] = filter unless filter.nil?
  command.query['orderBy'] = order_by unless order_by.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['readTime'] = read_time unless read_time.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#list_organization_sources(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::ListSourcesResponse

Lists all sources belonging to an organization.

Parameters:

  • parent (String)

    Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".

  • page_size (Fixnum)

    The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

  • page_token (String)

    The value returned by the last ListSourcesResponse; indicates that this is a continuation of a prior ListSources call, and that the system should return the next page of data.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



647
648
649
650
651
652
653
654
655
656
657
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 647

def list_organization_sources(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:get, 'v1/{+parent}/sources', options)
  command.response_representation = Google::Apis::SecuritycenterV1::ListSourcesResponse::Representation
  command.response_class = Google::Apis::SecuritycenterV1::ListSourcesResponse
  command.params['parent'] = parent unless parent.nil?
  command.query['pageSize'] = page_size unless page_size.nil?
  command.query['pageToken'] = page_token unless page_token.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_organization_source(name, source_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Source

Updates a source.

Parameters:

  • name (String)

    The relative resource name of this source. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/123/sources/456"

  • source_object (Google::Apis::SecuritycenterV1::Source) (defaults to: nil)
  • update_mask (String)

    The FieldMask to use when updating the source resource. If empty all mutable fields will be updated.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



686
687
688
689
690
691
692
693
694
695
696
697
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 686

def patch_organization_source(name, source_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::SecuritycenterV1::Source::Representation
  command.request_object = source_object
  command.response_representation = Google::Apis::SecuritycenterV1::Source::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Source
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#patch_organization_source_finding(name, finding_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Finding

Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.

Parameters:

  • name (String)

    The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/123/sources/456/findings/789"

  • finding_object (Google::Apis::SecuritycenterV1::Finding) (defaults to: nil)
  • update_mask (String)

    The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using "source_properties." in the field mask.

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 1004

def patch_organization_source_finding(name, finding_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::SecuritycenterV1::Finding::Representation
  command.request_object = finding_object
  command.response_representation = Google::Apis::SecuritycenterV1::Finding::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Finding
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#run_organization_asset_discovery(parent, run_asset_discovery_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Operation

Runs asset discovery. The discovery is tracked with a long-running operation. This API can only be called with limited frequency for an organization. If it is called too frequently the caller will receive a TOO_MANY_REQUESTS error.

Parameters:

  • parent (String)

    Name of the organization to run asset discovery for. Its format is "organizations/[organization_id]".

  • run_asset_discovery_request_object (Google::Apis::SecuritycenterV1::RunAssetDiscoveryRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



309
310
311
312
313
314
315
316
317
318
319
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 309

def run_organization_asset_discovery(parent, run_asset_discovery_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+parent}/assets:runDiscovery', options)
  command.request_representation = Google::Apis::SecuritycenterV1::RunAssetDiscoveryRequest::Representation
  command.request_object = run_asset_discovery_request_object
  command.response_representation = Google::Apis::SecuritycenterV1::Operation::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Operation
  command.params['parent'] = parent unless parent.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#set_organization_source_finding_state(name, set_finding_state_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Finding

Updates the state of a finding.

Parameters:

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 1041

def set_organization_source_finding_state(name, set_finding_state_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+name}:setState', options)
  command.request_representation = Google::Apis::SecuritycenterV1::SetFindingStateRequest::Representation
  command.request_object = set_finding_state_request_object
  command.response_representation = Google::Apis::SecuritycenterV1::Finding::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Finding
  command.params['name'] = name unless name.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#set_source_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::Policy

Sets the access control policy on the specified Source.

Parameters:

  • resource (String)

    REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

  • set_iam_policy_request_object (Google::Apis::SecuritycenterV1::SetIamPolicyRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



721
722
723
724
725
726
727
728
729
730
731
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 721

def set_source_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
  command.request_representation = Google::Apis::SecuritycenterV1::SetIamPolicyRequest::Representation
  command.request_object = set_iam_policy_request_object
  command.response_representation = Google::Apis::SecuritycenterV1::Policy::Representation
  command.response_class = Google::Apis::SecuritycenterV1::Policy
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#test_source_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::TestIamPermissionsResponse

Returns the permissions that a caller has on the specified source.

Parameters:

  • resource (String)

    REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

  • test_iam_permissions_request_object (Google::Apis::SecuritycenterV1::TestIamPermissionsRequest) (defaults to: nil)
  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



755
756
757
758
759
760
761
762
763
764
765
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 755

def test_source_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
  command.request_representation = Google::Apis::SecuritycenterV1::TestIamPermissionsRequest::Representation
  command.request_object = test_iam_permissions_request_object
  command.response_representation = Google::Apis::SecuritycenterV1::TestIamPermissionsResponse::Representation
  command.response_class = Google::Apis::SecuritycenterV1::TestIamPermissionsResponse
  command.params['resource'] = resource unless resource.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#update_organization_asset_security_marks(name, security_marks_object = nil, start_time: nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::SecurityMarks

Updates security marks.

Parameters:

  • name (String)

    The relative resource name of the SecurityMarks. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Examples: "organizations/123/assets/456/securityMarks" "organizations/123/sources/456/findings/789/securityMarks".

  • security_marks_object (Google::Apis::SecuritycenterV1::SecurityMarks) (defaults to: nil)
  • start_time (String)

    The time at which the updated SecurityMarks take effect. If not set uses current server time. Updates will be applied to the SecurityMarks that are active immediately preceding this time.

  • update_mask (String)

    The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.".

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



355
356
357
358
359
360
361
362
363
364
365
366
367
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 355

def update_organization_asset_security_marks(name, security_marks_object = nil, start_time: nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::SecuritycenterV1::SecurityMarks::Representation
  command.request_object = security_marks_object
  command.response_representation = Google::Apis::SecuritycenterV1::SecurityMarks::Representation
  command.response_class = Google::Apis::SecuritycenterV1::SecurityMarks
  command.params['name'] = name unless name.nil?
  command.query['startTime'] = start_time unless start_time.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#update_organization_organization_settings(name, organization_settings_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::OrganizationSettings

Updates an organization's settings.

Parameters:

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



109
110
111
112
113
114
115
116
117
118
119
120
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 109

def update_organization_organization_settings(name, organization_settings_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::SecuritycenterV1::OrganizationSettings::Representation
  command.request_object = organization_settings_object
  command.response_representation = Google::Apis::SecuritycenterV1::OrganizationSettings::Representation
  command.response_class = Google::Apis::SecuritycenterV1::OrganizationSettings
  command.params['name'] = name unless name.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end

#update_organization_source_finding_security_marks(name, security_marks_object = nil, start_time: nil, update_mask: nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::SecuritycenterV1::SecurityMarks

Updates security marks.

Parameters:

  • name (String)

    The relative resource name of the SecurityMarks. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Examples: "organizations/123/assets/456/securityMarks" "organizations/123/sources/456/findings/789/securityMarks".

  • security_marks_object (Google::Apis::SecuritycenterV1::SecurityMarks) (defaults to: nil)
  • start_time (String)

    The time at which the updated SecurityMarks take effect. If not set uses current server time. Updates will be applied to the SecurityMarks that are active immediately preceding this time.

  • update_mask (String)

    The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.".

  • fields (String)

    Selector specifying which fields to include in a partial response.

  • quota_user (String)

    Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

  • options (Google::Apis::RequestOptions)

    Request-specific options

Yields:

  • (result, err)

    Result & error if block supplied

Yield Parameters:

Returns:

Raises:



1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
 
# File 'generated/google/apis/securitycenter_v1/service.rb', line 1087

def update_organization_source_finding_security_marks(name, security_marks_object = nil, start_time: nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:patch, 'v1/{+name}', options)
  command.request_representation = Google::Apis::SecuritycenterV1::SecurityMarks::Representation
  command.request_object = security_marks_object
  command.response_representation = Google::Apis::SecuritycenterV1::SecurityMarks::Representation
  command.response_class = Google::Apis::SecuritycenterV1::SecurityMarks
  command.params['name'] = name unless name.nil?
  command.query['startTime'] = start_time unless start_time.nil?
  command.query['updateMask'] = update_mask unless update_mask.nil?
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end