API documentation for securitycenter_v1.types
module.
Classes
Any
API documentation for securitycenter_v1.types.Any
class.
Asset
Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud Platform (GCP) resource.
The Asset is a Cloud SCC resource that captures information about a single GCP resource. All modifications to an Asset are only within the context of Cloud SCC and don't affect the referenced GCP resource.
Cloud SCC managed properties. These properties are managed by Cloud SCC and cannot be modified by the user.
User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the asset.
The time at which the asset was last updated, added, or deleted in Cloud SCC.
AuditConfig
API documentation for securitycenter_v1.types.AuditConfig
class.
AuditConfigDelta
API documentation for securitycenter_v1.types.AuditConfigDelta
class.
AuditLogConfig
API documentation for securitycenter_v1.types.AuditLogConfig
class.
Binding
API documentation for securitycenter_v1.types.Binding
class.
BindingDelta
API documentation for securitycenter_v1.types.BindingDelta
class.
CancelOperationRequest
API documentation for securitycenter_v1.types.CancelOperationRequest
class.
CreateFindingRequest
Request message for creating a finding.
Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.
CreateSourceRequest
Request message for creating a source.
The Source being created, only the display_name and description will be used. All other fields will be ignored.
DeleteOperationRequest
API documentation for securitycenter_v1.types.DeleteOperationRequest
class.
Duration
API documentation for securitycenter_v1.types.Duration
class.
Expr
API documentation for securitycenter_v1.types.Expr
class.
FieldMask
API documentation for securitycenter_v1.types.FieldMask
class.
Finding
Cloud Security Command Center (Cloud SCC) finding.
A finding is a record of assessment data (security, risk, health or privacy) ingested into Cloud SCC for presentation, notification, analysis, policy testing, and enforcement. For example, an XSS vulnerability in an App Engine application is a finding.
The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names# relative_resource_name This field is immutable after creation time. For example: "organizations/123/sources/456"
The state of the finding.
The URI that, if available, points to a web page outside of Cloud SCC where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.
The time at which the finding was created in Cloud SCC.
GetIamPolicyRequest
API documentation for securitycenter_v1.types.GetIamPolicyRequest
class.
GetOperationRequest
API documentation for securitycenter_v1.types.GetOperationRequest
class.
GetOrganizationSettingsRequest
Request message for getting organization settings.
GetPolicyOptions
API documentation for securitycenter_v1.types.GetPolicyOptions
class.
GetSourceRequest
Request message for getting a source.
GroupAssetsRequest
Request message for grouping by assets.
Expression that defines the filter to apply across assets. The
expression is a list of zero or more restrictions combined via
logical operators AND
and OR
. Parentheses are
supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and
may have a -
character in front of them to indicate
negation. The fields map to those defined in the Asset
resource. Examples include: - name -
security_center_properties.resource_name -
resource_properties.a_property -
security_marks.marks.marka The supported operators are: -
=
for all value types. - >
, <
, >=
, <=
for
integer values. - :
, meaning substring matching, for
strings. The supported value types are: - string literals
in quotes. - integer literals without quotes. - boolean
literals true
and false
without quotes. The following
field and operator combinations are supported: name | '='
update_time | '=', '>', '<', '>=', '<=' Usage: This should
be milliseconds since epoch or an RFC3339 string. Examples:
"update_time = "2019-06-10T16:07:18-07:00"" "update_time =
1560208038000" create_time | '=', '>', '<', '>=', '<='
Usage: This should be milliseconds since epoch or an RFC3339
string. Examples: "create_time = "2019-06-10T16:07:18-07:00""
"create_time = 1560208038000" iam_policy.policy_blob |
'=', ':' resource_properties | '=', ':', '>', '<', '>=',
'<=' security_marks | '=', ':'
security_center_properties.resource_name | '=', ':'
security_center_properties.resource_type | '=', ':'
security_center_properties.resource_parent | '=', ':'
security_center_properties.resource_project | '=', ':'
security_center_properties.resource_owners | '=', ':' For
example, resource_properties.size = 100
is a valid filter
string.
When compare_duration is set, the GroupResult's
"state_change" property is updated to indicate whether the
asset was added, removed, or remained present during the
compare_duration period of time that precedes the read_time.
This is the time between (read_time - compare_duration) and
read_time. The state change value is derived based on the
presence of the asset at the two points in time. Intermediate
state changes between the two times don't affect the result.
For example, the results aren't affected if the asset is
removed and re-created again. Possible "state_change" values
when compare_duration is specified: - "ADDED": indicates
that the asset was not present at the start of
compare_duration, but present at reference_time. -
"REMOVED": indicates that the asset was present at the start
of compare_duration, but not present at reference_time. -
"ACTIVE": indicates that the asset was present at both the
start and the end of the time period defined by
compare_duration and reference_time. If
compare_duration is not specified, then the only possible
state_change is "UNUSED", which will be the state_change set
for all assets present at read_time. If this field is set
then state_change
must be a specified field in
group_by
.
The value returned by the last GroupAssetsResponse
;
indicates that this is a continuation of a prior
GroupAssets
call, and that the system should return the
next page of data.
GroupAssetsResponse
Response message for grouping by assets.
Time used for executing the groupBy request.
The total number of results matching the query.
GroupFindingsRequest
Request message for grouping by findings.
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined
via logical operators AND
and OR
. Parentheses are
supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and
may have a -
character in front of them to indicate
negation. Examples include: - name -
source_properties.a_property - security_marks.marks.marka
The supported operators are: - =
for all value types. -
>
, <
, >=
, <=
for integer values. - :
,
meaning substring matching, for strings. The supported value
types are: - string literals in quotes. - integer literals
without quotes. - boolean literals true
and false
without quotes. The following field and operator combinations
are supported: name | =
parent | '=', ':' resource_name
| '=', ':' state | '=', ':' category | '=', ':'
external_uri | '=', ':' event_time | =
, >
, <
,
>=
, <=
Usage: This should be milliseconds since epoch
or an RFC3339 string. Examples: "event_time =
"2019-06-10T16:07:18-07:00"" "event_time = 1560208038000"
security_marks | '=', ':' source_properties | '=', ':',
>
, <
, >=
, <=
For example,
source_properties.size = 100
is a valid filter string.
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
The value returned by the last GroupFindingsResponse
;
indicates that this is a continuation of a prior
GroupFindings
call, and that the system should return the
next page of data.
GroupFindingsResponse
Response message for group by findings.
Time used for executing the groupBy request.
The total number of results matching the query.
GroupResult
Result containing the properties and count of a groupBy request.
Total count of resources for the given properties.
ListAssetsRequest
Request message for listing assets.
Expression that defines the filter to apply across assets. The
expression is a list of zero or more restrictions combined via
logical operators AND
and OR
. Parentheses are
supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and
may have a -
character in front of them to indicate
negation. The fields map to those defined in the Asset
resource. Examples include: - name -
security_center_properties.resource_name -
resource_properties.a_property -
security_marks.marks.marka The supported operators are: -
=
for all value types. - >
, <
, >=
, <=
for
integer values. - :
, meaning substring matching, for
strings. The supported value types are: - string literals
in quotes. - integer literals without quotes. - boolean
literals true
and false
without quotes. The following
are the allowed field and operator combinations: name | =
update_time | =
, >
, <
, >=
, <=
Usage:
This should be milliseconds since epoch or an RFC3339 string.
Examples: "update_time = "2019-06-10T16:07:18-07:00""
"update_time = 1560208038000" create_time | =
, >
,
<
, >=
, <=
Usage: This should be milliseconds
since epoch or an RFC3339 string. Examples: "create_time =
"2019-06-10T16:07:18-07:00"" "create_time = 1560208038000"
iam_policy.policy_blob | '=', ':' resource_properties |
'=', ':', >
, <
, >=
, <=
security_marks | '=',
':' security_center_properties.resource_name | '=', ':'
security_center_properties.resource_type | '=', ':'
security_center_properties.resource_parent | '=', ':'
security_center_properties.resource_project | '=', ':'
security_center_properties.resource_owners | '=', ':' For
example, resource_properties.size = 100
is a valid filter
string.
Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.
The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
ListAssetsResponse
Response message for listing assets.
Time used for executing the list request.
The total number of assets matching the query.
ListFindingsRequest
Request message for listing findings.
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined
via logical operators AND
and OR
. Parentheses are
supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and
may have a -
character in front of them to indicate
negation. Examples include: - name -
source_properties.a_property - security_marks.marks.marka
The supported operators are: - =
for all value types. -
>
, <
, >=
, <=
for integer values. - :
,
meaning substring matching, for strings. The supported value
types are: - string literals in quotes. - integer literals
without quotes. - boolean literals true
and false
without quotes. The following field and operator combinations
are supported: name | =
parent | '=', ':' resource_name
| '=', ':' state | '=', ':' category | '=', ':'
external_uri | '=', ':' event_time | =
, >
, <
,
>=
, <=
Usage: This should be milliseconds since epoch
or an RFC3339 string. Examples: "event_time =
"2019-06-10T16:07:18-07:00"" "event_time = 1560208038000"
security_marks | '=', ':' source_properties | '=', ':',
>
, <
, >=
, <=
For example,
source_properties.size = 100
is a valid filter string.
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.
The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
ListFindingsResponse
Response message for listing findings.
Time used for executing the list request.
The total number of findings matching the query.
ListOperationsRequest
API documentation for securitycenter_v1.types.ListOperationsRequest
class.
ListOperationsResponse
API documentation for securitycenter_v1.types.ListOperationsResponse
class.
ListSourcesRequest
Request message for listing sources.
The value returned by the last ListSourcesResponse
;
indicates that this is a continuation of a prior
ListSources
call, and that the system should return the
next page of data.
ListSourcesResponse
Response message for listing sources.
Token to retrieve the next page of results, or empty if there are no more results.
ListValue
API documentation for securitycenter_v1.types.ListValue
class.
Operation
API documentation for securitycenter_v1.types.Operation
class.
OperationInfo
API documentation for securitycenter_v1.types.OperationInfo
class.
OrganizationSettings
User specified settings that are attached to the Cloud Security Command Center (Cloud SCC) organization.
A flag that indicates if Asset Discovery should be enabled. If
the flag is set to true
, then discovery of assets will
occur. If it is set to `false, all historical assets will
remain, but discovery of future assets will not occur.
Policy
API documentation for securitycenter_v1.types.Policy
class.
PolicyDelta
API documentation for securitycenter_v1.types.PolicyDelta
class.
RunAssetDiscoveryRequest
Request message for running asset discovery for an organization.
RunAssetDiscoveryResponse
Response of asset discovery run
The duration between asset discovery run start and end
SecurityMarks
User specified security marks that are attached to the parent Cloud Security Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud SCC organization -- they can be modified and viewed by all users who have proper permissions on the organization.
Mutable user specified security marks belonging to the parent resource. Constraints are as follows: - Keys and values are treated as case insensitive - Keys must be between 1 - 256 characters (inclusive) - Keys must be letters, numbers, underscores, or dashes - Values have leading and trailing whitespace trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
SetFindingStateRequest
Request message for updating a finding's state.
The desired State of the finding.
SetIamPolicyRequest
API documentation for securitycenter_v1.types.SetIamPolicyRequest
class.
Source
Cloud Security Command Center's (Cloud SCC) finding source. A finding source is an entity or a mechanism that can produce a finding. A source is like a container of findings that come from the same scanner, logger, monitor, etc.
The source’s display name. A source’s display name must be
unique amongst its siblings, for example, two sources with the
same parent can't share the same display name. The display
name must start and end with a letter or digit, may contain
letters, digits, spaces, hyphens, and underscores, and can be
no longer than 32 characters. This is captured by the regular
expression: :raw-latex:
\p{L}:raw-latex:
\p{N}<%7B\p%7BL%7
D\p%7BN%7D_-%20%5D%7B0,30%7D%5B\p%7BL%7D\p%7BN%7D%5D>
__?.
Status
API documentation for securitycenter_v1.types.Status
class.
Struct
API documentation for securitycenter_v1.types.Struct
class.
TestIamPermissionsRequest
API documentation for securitycenter_v1.types.TestIamPermissionsRequest
class.
TestIamPermissionsResponse
API documentation for securitycenter_v1.types.TestIamPermissionsResponse
class.
Timestamp
API documentation for securitycenter_v1.types.Timestamp
class.
UpdateFindingRequest
Request message for updating or creating a finding.
The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using "source_properties." in the field mask.
UpdateOrganizationSettingsRequest
Request message for updating an organization's settings.
The FieldMask to use when updating the settings resource. If empty all mutable fields will be updated.
UpdateSecurityMarksRequest
Request message for updating a SecurityMarks resource.
The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.".
UpdateSourceRequest
Request message for updating a source.
The FieldMask to use when updating the source resource. If empty all mutable fields will be updated.
Value
API documentation for securitycenter_v1.types.Value
class.
WaitOperationRequest
API documentation for securitycenter_v1.types.WaitOperationRequest
class.