Constructor

SecurityCenterClient

new SecurityCenterClient(options)

Construct an instance of SecurityCenterClient.

Parameter

options

Optional

object

The configuration object. See the subsequent parameters for more details.

Values in options have the following properties:

Parameter

credentials

Optional

object

Credentials object.

credentials.client_email

Optional

string

credentials.private_key

Optional

string

email

Optional

string

Account email address. Required when using a .pem or .p12 keyFilename.

keyFilename

Optional

string

Full path to the a .json, .pem, or .p12 key downloaded from the Google Developers Console. If you provide a path to a JSON file, the projectId option below is not necessary. NOTE: .pem and .p12 require you to specify options.email as well.

port

Optional

number

The port on which to connect to the remote host.

projectId

Optional

string

The project ID from the Google Developer's Console, e.g. 'grape-spaceship-123'. We will also check the environment variable GCLOUD_PROJECT for your project ID. If your app is running in an environment which supports Application Default Credentials, your project ID will be detected automatically.

promise

Optional

function()

Custom promise module to use instead of native Promises.

servicePath

Optional

string

The domain name of the API remote host.

Properties

port

static

The port for this API service.

scopes

static

The scopes needed to make gRPC calls for every method defined in this service.

servicePath

static

The DNS address for this API service.

Methods

assetSecurityMarksPath

assetSecurityMarksPath(organization, asset) returns String

Return a fully-qualified asset_security_marks resource name string.

Parameter

organization

String

asset

String

Returns

String 

createFinding

createFinding(request, options, callback) returns Promise

Creates a finding. The corresponding source must exist for finding creation to succeed.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Resource name of the new finding's parent. Its format should be "organizations/[organization_id]/sources/[source_id]".

findingId

string

Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

finding

Object

The Finding being created. The name and security_marks will be ignored as they are both output only fields on this resource.

This object should have the same structure as Finding

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Finding.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Finding. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const findingId = '';
const finding = {};
const request = {
  parent: formattedParent,
  findingId: findingId,
  finding: finding,
};
client.createFinding(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

createSource

createSource(request, options, callback) returns Promise

Creates a source.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Resource name of the new source's parent. Its format should be "organizations/[organization_id]".

source

Object

The Source being created, only the display_name and description will be used. All other fields will be ignored.

This object should have the same structure as Source

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Source.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Source. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
const source = {};
const request = {
  parent: formattedParent,
  source: source,
};
client.createSource(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

findingPath

findingPath(organization, source, finding) returns String

Return a fully-qualified finding resource name string.

Parameter

organization

String

source

String

finding

String

Returns

String 

getIamPolicy

getIamPolicy(request, options, callback) returns Promise

Gets the access control policy on the specified Source.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

resource

string

REQUIRED: The resource for which the policy is being requested. resource is usually specified as a path. For example, a Project resource is specified as projects/{project}.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Policy.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Policy. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedResource = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
client.getIamPolicy({resource: formattedResource})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

getOrganizationSettings

getOrganizationSettings(request, options, callback) returns Promise

Gets the settings for an organization.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

name

string

Name of the organization to get organization settings for. Its format is "organizations/[organization_id]/organizationSettings".

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing OrganizationSettings.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing OrganizationSettings. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedName = client.organizationSettingsPath('[ORGANIZATION]');
client.getOrganizationSettings({name: formattedName})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

getProjectId

getProjectId(callback)

Return the project ID used by this class.

Parameter

callback

function(Error, string)

the callback to be called with the current project Id.

getSource

getSource(request, options, callback) returns Promise

Gets a source.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

name

string

Relative resource name of the source. Its format is "organizations/[organization_id]/source/[source_id]".

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Source.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Source. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedName = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
client.getSource({name: formattedName})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

groupAssets

groupAssets(request, options, callback) returns Promise

Filters an organization's assets and groups them by their specified properties.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the organization to groupBy. Its format is "organizations/[organization_id]".

groupBy

string

Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project".

The following fields are supported when compare_duration is not set:

  • security_center_properties.resource_project
  • security_center_properties.resource_type
  • security_center_properties.resource_parent

    The following fields are supported when compare_duration is set:

  • security_center_properties.resource_type

filter

Optional

string

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

  • = for all value types.

  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

    The supported value types are:

  • string literals in quotes.

  • integer literals without quotes.
  • boolean literals true and false without quotes.

    For example, resource_properties.size = 100 is a valid filter string.

compareDuration

Optional

Object

When compare_duration is set, the Asset's "state" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present before
           compare_duration, but present at reference_time.
  • "REMOVED": indicates that the asset was present at the start of
           compare_duration, but not present at reference_time.
  • "ACTIVE": indicates that the asset was present at both the

           start and the end of the time period defined by
           compare_duration and reference_time.

    This field is ignored if state is not a field in group_by.

    This object should have the same structure as Duration

readTime

Optional

Object

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Array, nullable Object, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is Array of GroupResult.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing GroupAssetsResponse.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is Array of GroupResult.

    When autoPaginate: false is specified through options, the array has three elements. The first element is Array of GroupResult in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing GroupAssetsResponse.

    The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.organizationPath('[ORGANIZATION]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};

client.groupAssets(request)
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.organizationPath('[ORGANIZATION]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.groupAssets(nextRequest, options).then(callback);
  }
}
client.groupAssets(request, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

groupAssetsStream

groupAssetsStream(request, options) returns Stream

Equivalent to groupAssets, but returns a NodeJS Stream object.

This fetches the paged responses for groupAssets continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the organization to groupBy. Its format is "organizations/[organization_id]".

groupBy

string

Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project".

The following fields are supported when compare_duration is not set:

  • security_center_properties.resource_project
  • security_center_properties.resource_type
  • security_center_properties.resource_parent

    The following fields are supported when compare_duration is set:

  • security_center_properties.resource_type

filter

Optional

string

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

  • = for all value types.

  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

    The supported value types are:

  • string literals in quotes.

  • integer literals without quotes.
  • boolean literals true and false without quotes.

    For example, resource_properties.size = 100 is a valid filter string.

compareDuration

Optional

Object

When compare_duration is set, the Asset's "state" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present before
           compare_duration, but present at reference_time.
  • "REMOVED": indicates that the asset was present at the start of
           compare_duration, but not present at reference_time.
  • "ACTIVE": indicates that the asset was present at both the

           start and the end of the time period defined by
           compare_duration and reference_time.

    This field is ignored if state is not a field in group_by.

    This object should have the same structure as Duration

readTime

Optional

Object

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

See also
https://nodejs.org/api/stream.html
Returns

Stream 

An object stream which emits an object representing GroupResult on 'data' event.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};
client.groupAssetsStream(request)
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

groupFindings

groupFindings(request, options, callback) returns Promise

Filters an organization or source's findings and groups them by their specified properties.

To group across all sources provide a - as the source id. Example: /v1beta1/organizations/123/sources/-/findings

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of -. For example: organizations/123/sources/-

groupBy

string

Expression that defines what assets fields to use for grouping (including state). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

The following fields are supported:

  • resource_name
  • category
  • state
  • parent

filter

Optional

string

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings.

    The supported value types are:

    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes.

    For example, source_properties.size = 100 is a valid filter string.

readTime

Optional

Object

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Array, nullable Object, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is Array of GroupResult.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing GroupFindingsResponse.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is Array of GroupResult.

    When autoPaginate: false is specified through options, the array has three elements. The first element is Array of GroupResult in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing GroupFindingsResponse.

    The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};

client.groupFindings(request)
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.groupFindings(nextRequest, options).then(callback);
  }
}
client.groupFindings(request, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

groupFindingsStream

groupFindingsStream(request, options) returns Stream

Equivalent to groupFindings, but returns a NodeJS Stream object.

This fetches the paged responses for groupFindings continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]". To groupBy across all sources provide a source_id of -. For example: organizations/123/sources/-

groupBy

string

Expression that defines what assets fields to use for grouping (including state). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

The following fields are supported:

  • resource_name
  • category
  • state
  • parent

filter

Optional

string

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings.

    The supported value types are:

    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes.

    For example, source_properties.size = 100 is a valid filter string.

readTime

Optional

Object

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

See also
https://nodejs.org/api/stream.html
Returns

Stream 

An object stream which emits an object representing GroupResult on 'data' event.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const groupBy = '';
const request = {
  parent: formattedParent,
  groupBy: groupBy,
};
client.groupFindingsStream(request)
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

listAssets

listAssets(request, options, callback) returns Promise

Lists an organization's assets.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the organization assets should belong to. Its format is "organizations/[organization_id]".

filter

Optional

string

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

  • = for all value types.

  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

    The supported value types are:

  • string literals in quotes.

  • integer literals without quotes.
  • boolean literals true and false without quotes.

    For example, resource_properties.size = 100 is a valid filter string.

orderBy

Optional

string

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent.

readTime

Optional

Object

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

compareDuration

Optional

Object

When compare_duration is set, the ListAssetResult's "state" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present before
           compare_duration, but present at read_time.
  • "REMOVED": indicates that the asset was present at the start of
           compare_duration, but not present at read_time.
  • "ACTIVE": indicates that the asset was present at both the

           start and the end of the time period defined by
           compare_duration and read_time.

    If compare_duration is not specified, then the only possible state is "UNUSED", which indicates that the asset is present at read_time.

    This object should have the same structure as Duration

fieldMask

Optional

Object

Optional.

A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Array, nullable Object, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is Array of ListAssetsResult.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListAssetsResponse.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is Array of ListAssetsResult.

    When autoPaginate: false is specified through options, the array has three elements. The first element is Array of ListAssetsResult in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing ListAssetsResponse.

    The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.organizationPath('[ORGANIZATION]');

client.listAssets({parent: formattedParent})
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.organizationPath('[ORGANIZATION]');


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.listAssets(nextRequest, options).then(callback);
  }
}
client.listAssets({parent: formattedParent}, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

listAssetsStream

listAssetsStream(request, options) returns Stream

Equivalent to listAssets, but returns a NodeJS Stream object.

This fetches the paged responses for listAssets continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the organization assets should belong to. Its format is "organizations/[organization_id]".

filter

Optional

string

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include:

  • name
  • security_center_properties.resource_name
  • resource_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

  • = for all value types.

  • >, <, >=, <= for integer values.
  • :, meaning substring matching, for strings.

    The supported value types are:

  • string literals in quotes.

  • integer literals without quotes.
  • boolean literals true and false without quotes.

    For example, resource_properties.size = 100 is a valid filter string.

orderBy

Optional

string

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent.

readTime

Optional

Object

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

compareDuration

Optional

Object

When compare_duration is set, the ListAssetResult's "state" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.

The state value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again.

Possible "state" values when compare_duration is specified:

  • "ADDED": indicates that the asset was not present before
           compare_duration, but present at read_time.
  • "REMOVED": indicates that the asset was present at the start of
           compare_duration, but not present at read_time.
  • "ACTIVE": indicates that the asset was present at both the

           start and the end of the time period defined by
           compare_duration and read_time.

    If compare_duration is not specified, then the only possible state is "UNUSED", which indicates that the asset is present at read_time.

    This object should have the same structure as Duration

fieldMask

Optional

Object

Optional.

A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

See also
https://nodejs.org/api/stream.html
Returns

Stream 

An object stream which emits an object representing ListAssetsResult on 'data' event.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
client.listAssetsStream({parent: formattedParent})
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

listFindings

listFindings(request, options, callback) returns Promise

Lists an organization or source's findings.

To list across all sources provide a - as the source id. Example: /v1beta1/organizations/123/sources/-/findings

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of -. For example: organizations/123/sources/-

filter

Optional

string

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings.

    The supported value types are:

    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes.

    For example, source_properties.size = 100 is a valid filter string.

orderBy

Optional

string

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent.

readTime

Optional

Object

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

fieldMask

Optional

Object

Optional.

A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Array, nullable Object, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is Array of Finding.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListFindingsResponse.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is Array of Finding.

    When autoPaginate: false is specified through options, the array has three elements. The first element is Array of Finding in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing ListFindingsResponse.

    The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');

client.listFindings({parent: formattedParent})
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.listFindings(nextRequest, options).then(callback);
  }
}
client.listFindings({parent: formattedParent}, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

listFindingsStream

listFindingsStream(request, options) returns Stream

Equivalent to listFindings, but returns a NodeJS Stream object.

This fetches the paged responses for listFindings continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id]". To list across all sources provide a source_id of -. For example: organizations/123/sources/-

filter

Optional

string

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are not supported, and OR has higher precedence than AND.

Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

  • name
  • source_properties.a_property
  • security_marks.marks.marka

    The supported operators are:

    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings.

    The supported value types are:

    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes.

    For example, source_properties.size = 100 is a valid filter string.

orderBy

Optional

string

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent.

readTime

Optional

Object

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

This object should have the same structure as Timestamp

fieldMask

Optional

Object

Optional.

A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

This object should have the same structure as FieldMask

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

See also
https://nodejs.org/api/stream.html
Returns

Stream 

An object stream which emits an object representing Finding on 'data' event.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
client.listFindingsStream({parent: formattedParent})
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

listSources

listSources(request, options, callback) returns Promise

Lists all sources belonging to an organization.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Array, nullable Object, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is Array of Source.

When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListSourcesResponse.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is Array of Source.

    When autoPaginate: false is specified through options, the array has three elements. The first element is Array of Source in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing ListSourcesResponse.

    The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

// Iterate over all elements.
const formattedParent = client.organizationPath('[ORGANIZATION]');

client.listSources({parent: formattedParent})
  .then(responses => {
    const resources = responses[0];
    for (const resource of resources) {
      // doThingsWith(resource)
    }
  })
  .catch(err => {
    console.error(err);
  });

// Or obtain the paged response.
const formattedParent = client.organizationPath('[ORGANIZATION]');


const options = {autoPaginate: false};
const callback = responses => {
  // The actual resources in a response.
  const resources = responses[0];
  // The next request if the response shows that there are more responses.
  const nextRequest = responses[1];
  // The actual response object, if necessary.
  // const rawResponse = responses[2];
  for (const resource of resources) {
    // doThingsWith(resource);
  }
  if (nextRequest) {
    // Fetch the next page.
    return client.listSources(nextRequest, options).then(callback);
  }
}
client.listSources({parent: formattedParent}, options)
  .then(callback)
  .catch(err => {
    console.error(err);
  });

listSourcesStream

listSourcesStream(request, options) returns Stream

Equivalent to listSources, but returns a NodeJS Stream object.

This fetches the paged responses for listSources continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]".

pageSize

Optional

number

The maximum number of resources contained in the underlying API response. If page streaming is performed per-resource, this parameter does not affect the return value. If page streaming is performed per-page, this determines the maximum number of resources in a page.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

See also
https://nodejs.org/api/stream.html
Returns

Stream 

An object stream which emits an object representing Source on 'data' event.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');
client.listSourcesStream({parent: formattedParent})
  .on('data', element => {
    // doThingsWith(element)
  }).on('error', err => {
    console.log(err);
  });

matchAssetFromAssetSecurityMarksName

matchAssetFromAssetSecurityMarksName(assetSecurityMarksName) returns String

Parse the assetSecurityMarksName from a asset_security_marks resource.

Parameter

assetSecurityMarksName

String

A fully-qualified path representing a asset_security_marks resources.

Returns

String 

  • A string representing the asset.

matchFindingFromFindingName

matchFindingFromFindingName(findingName) returns String

Parse the findingName from a finding resource.

Parameter

findingName

String

A fully-qualified path representing a finding resources.

Returns

String 

  • A string representing the finding.

matchOrganizationFromAssetSecurityMarksName

matchOrganizationFromAssetSecurityMarksName(assetSecurityMarksName) returns String

Parse the assetSecurityMarksName from a asset_security_marks resource.

Parameter

assetSecurityMarksName

String

A fully-qualified path representing a asset_security_marks resources.

Returns

String 

  • A string representing the organization.

matchOrganizationFromFindingName

matchOrganizationFromFindingName(findingName) returns String

Parse the findingName from a finding resource.

Parameter

findingName

String

A fully-qualified path representing a finding resources.

Returns

String 

  • A string representing the organization.

matchOrganizationFromOrganizationName

matchOrganizationFromOrganizationName(organizationName) returns String

Parse the organizationName from a organization resource.

Parameter

organizationName

String

A fully-qualified path representing a organization resources.

Returns

String 

  • A string representing the organization.

matchOrganizationFromOrganizationSettingsName

matchOrganizationFromOrganizationSettingsName(organizationSettingsName) returns String

Parse the organizationSettingsName from a organization_settings resource.

Parameter

organizationSettingsName

String

A fully-qualified path representing a organization_settings resources.

Returns

String 

  • A string representing the organization.

matchOrganizationFromSourceName

matchOrganizationFromSourceName(sourceName) returns String

Parse the sourceName from a source resource.

Parameter

sourceName

String

A fully-qualified path representing a source resources.

Returns

String 

  • A string representing the organization.

matchSourceFromFindingName

matchSourceFromFindingName(findingName) returns String

Parse the findingName from a finding resource.

Parameter

findingName

String

A fully-qualified path representing a finding resources.

Returns

String 

  • A string representing the source.

matchSourceFromSourceName

matchSourceFromSourceName(sourceName) returns String

Parse the sourceName from a source resource.

Parameter

sourceName

String

A fully-qualified path representing a source resources.

Returns

String 

  • A string representing the source.

organizationPath

organizationPath(organization) returns String

Return a fully-qualified organization resource name string.

Parameter

organization

String

Returns

String 

organizationSettingsPath

organizationSettingsPath(organization) returns String

Return a fully-qualified organization_settings resource name string.

Parameter

organization

String

Returns

String 

runAssetDiscovery

runAssetDiscovery(request, options, callback) returns Promise

Runs asset discovery. The discovery is tracked with a long-running operation.

This API can only be called with limited frequency for an organization. If it is called too frequently the caller will receive a TOO_MANY_REQUESTS error.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

parent

string

Name of the organization to run asset discovery for. Its format is "organizations/[organization_id]".

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is a gax.Operation object.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is a gax.Operation object. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedParent = client.organizationPath('[ORGANIZATION]');

// Handle the operation using the promise pattern.
client.runAssetDiscovery({parent: formattedParent})
  .then(responses => {
    const [operation, initialApiResponse] = responses;

    // Operation#promise starts polling for the completion of the LRO.
    return operation.promise();
  })
  .then(responses => {
    const result = responses[0];
    const metadata = responses[1];
    const finalApiResponse = responses[2];
  })
  .catch(err => {
    console.error(err);
  });

const formattedParent = client.organizationPath('[ORGANIZATION]');

// Handle the operation using the event emitter pattern.
client.runAssetDiscovery({parent: formattedParent})
  .then(responses => {
    const [operation, initialApiResponse] = responses;

    // Adding a listener for the "complete" event starts polling for the
    // completion of the operation.
    operation.on('complete', (result, metadata, finalApiResponse) => {
      // doSomethingWith(result);
    });

    // Adding a listener for the "progress" event causes the callback to be
    // called on any change in metadata when the operation is polled.
    operation.on('progress', (metadata, apiResponse) => {
      // doSomethingWith(metadata)
    });

    // Adding a listener for the "error" event handles any errors found during polling.
    operation.on('error', err => {
      // throw(err);
    });
  })
  .catch(err => {
    console.error(err);
  });

const formattedParent = client.organizationPath('[ORGANIZATION]');

// Handle the operation using the await pattern.
const [operation] = await client.runAssetDiscovery({parent: formattedParent});

const [response] = await operation.promise();

setFindingState

setFindingState(request, options, callback) returns Promise

Updates the state of a finding.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

name

string

The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/123/sources/456/finding/789".

state

number

The desired State of the finding.

The number should be among the values of State

startTime

Object

The time at which the updated state takes effect.

This object should have the same structure as Timestamp

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Finding.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Finding. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedName = client.findingPath('[ORGANIZATION]', '[SOURCE]', '[FINDING]');
const state = 'STATE_UNSPECIFIED';
const startTime = {};
const request = {
  name: formattedName,
  state: state,
  startTime: startTime,
};
client.setFindingState(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

setIamPolicy

setIamPolicy(request, options, callback) returns Promise

Sets the access control policy on the specified Source.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

resource

string

REQUIRED: The resource for which the policy is being specified. resource is usually specified as a path. For example, a Project resource is specified as projects/{project}.

policy

Object

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

This object should have the same structure as Policy

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Policy.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Policy. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedResource = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const policy = {};
const request = {
  resource: formattedResource,
  policy: policy,
};
client.setIamPolicy(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

sourcePath

sourcePath(organization, source) returns String

Return a fully-qualified source resource name string.

Parameter

organization

String

source

String

Returns

String 

testIamPermissions

testIamPermissions(request, options, callback) returns Promise

Returns the permissions that a caller has on the specified source.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

resource

string

REQUIRED: The resource for which the policy detail is being requested. resource is usually specified as a path. For example, a Project resource is specified as projects/{project}.

permissions

Array of string

The set of permissions to check for the resource. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing TestIamPermissionsResponse.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing TestIamPermissionsResponse. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const formattedResource = client.sourcePath('[ORGANIZATION]', '[SOURCE]');
const permissions = [];
const request = {
  resource: formattedResource,
  permissions: permissions,
};
client.testIamPermissions(request)
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateFinding

updateFinding(request, options, callback) returns Promise

Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

finding

Object

The finding resource to update or create if it does not already exist. parent, security_marks, and update_time will be ignored.

In the case of creation, the finding id portion of the name must alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

This object should have the same structure as Finding

updateMask

Optional

Object

The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding.

This object should have the same structure as FieldMask

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Finding.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Finding. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const finding = {};
client.updateFinding({finding: finding})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateOrganizationSettings

updateOrganizationSettings(request, options, callback) returns Promise

Updates an organization's settings.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

organizationSettings

Object

The organization settings resource to update.

This object should have the same structure as OrganizationSettings

updateMask

Optional

Object

The FieldMask to use when updating the settings resource.

This object should have the same structure as FieldMask

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing OrganizationSettings.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing OrganizationSettings. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const organizationSettings = {};
client.updateOrganizationSettings({organizationSettings: organizationSettings})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateSecurityMarks

updateSecurityMarks(request, options, callback) returns Promise

Updates security marks.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

securityMarks

Object

The security marks resource to update.

This object should have the same structure as SecurityMarks

updateMask

Optional

Object

The FieldMask to use when updating the security marks resource.

This object should have the same structure as FieldMask

startTime

Optional

Object

The time at which the updated SecurityMarks take effect.

This object should have the same structure as Timestamp

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing SecurityMarks.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing SecurityMarks. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const securityMarks = {};
client.updateSecurityMarks({securityMarks: securityMarks})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });

updateSource

updateSource(request, options, callback) returns Promise

Updates a source.

Parameter

request

Object

The request object that will be sent.

Values in request have the following properties:

Parameter

source

Object

The source resource to update.

This object should have the same structure as Source

updateMask

Optional

Object

The FieldMask to use when updating the source resource.

This object should have the same structure as FieldMask

options

Optional

Object

Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details.

callback

Optional

function(nullable Error, nullable Object)

The function which will be called with the result of the API call.

The second parameter to the callback is an object representing Source.

Returns

Promise 

  • The promise which resolves to an array. The first element of the array is an object representing Source. The promise has a method named "cancel" which cancels the ongoing API call.

Example

const securityCenter = require('@google-cloud/security-center');

const client = new securityCenter.v1beta1.SecurityCenterClient({
  // optional auth parameters.
});

const source = {};
client.updateSource({source: source})
  .then(responses => {
    const response = responses[0];
    // doThingsWith(response)
  })
  .catch(err => {
    console.error(err);
  });