Module types (0.4.0)

API documentation for securitycenter_v1.types module.

API documentation for securitycenter_v1.types.Any class.

Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud Platform (GCP) resource.

The Asset is a Cloud SCC resource that captures information about a single GCP resource. All modifications to an Asset are only within the context of Cloud SCC and don't affect the referenced GCP resource.

Cloud SCC managed properties. These properties are managed by Cloud SCC and cannot be modified by the user.

User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the asset.

The time at which the asset was last updated, added, or deleted in Cloud SCC.

API documentation for securitycenter_v1.types.AuditConfig class.

API documentation for securitycenter_v1.types.AuditConfigDelta class.

API documentation for securitycenter_v1.types.AuditLogConfig class.

API documentation for securitycenter_v1.types.Binding class.

API documentation for securitycenter_v1.types.BindingDelta class.

API documentation for securitycenter_v1.types.CancelOperationRequest class.

Request message for creating a finding.

Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

Request message for creating a source.

Required. The Source being created, only the display_name and description will be used. All other fields will be ignored.

API documentation for securitycenter_v1.types.DeleteOperationRequest class.

API documentation for securitycenter_v1.types.Duration class.

API documentation for securitycenter_v1.types.Expr class.

API documentation for securitycenter_v1.types.FieldMask class.

Cloud Security Command Center (Cloud SCC) finding.

A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Cloud SCC for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names# relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

The state of the finding.

The URI that, if available, points to a web page outside of Cloud SCC where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.

The time at which the finding was created in Cloud SCC.

API documentation for securitycenter_v1.types.GetIamPolicyRequest class.

API documentation for securitycenter_v1.types.GetOperationRequest class.

Request message for getting organization settings.

API documentation for securitycenter_v1.types.GetPolicyOptions class.

Request message for getting a source.

Request message for grouping by assets.

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: - name - security_center_properties.resource_name - resource_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: - name: =

• update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "update_time = "2019-06-10T16:07:18-07:00"" "update_time = 1560208038000" - create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "create_time = "2019-06-10T16:07:18-07:00"" "create_time = 1560208038000" - iam_policy.policy_blob: =, : - resource_properties: =, :, >, <, >=, <= - security_marks.marks: =, : - security_center_properties.resource_name: =, : - security_center_properties.resource_display_name: =, : - security_center_properties.resource_type: =, : - security_center_properties.resource_parent: =, : - security_center_properties.resource_parent_display_name: =, : - security_center_properties.resource_project: =, : - security_center_properties.resource_project_display_name: =, : - security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string.

  When compare_duration is set, the GroupResult's "state_change" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: - "ADDED": indicates that the asset was not present at the start of compare_duration, but present at reference_time. - "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time. - "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time. If this field is set then state_change must be a specified field in group_by.

  The value returned by the last GroupAssetsResponse; indicates that this is a continuation of a prior GroupAssets call, and that the system should return the next page of data.

Response message for grouping by assets.

Time used for executing the groupBy request.

The total number of results matching the query.

Request message for grouping by findings.

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: - name - source_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: - name: = - parent: =, : - resource_name: =, : - state: =, : - category: =, : - external_uri: =, : - event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "event_time = "2019-06-10T16:07:18-07:00"" "event_time = 1560208038000" - security_marks.marks: =, : - source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string.

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.

Response message for group by findings.

Time used for executing the groupBy request.

The total number of results matching the query.

Result containing the properties and count of a groupBy request.

Total count of resources for the given properties.

Request message for listing assets.

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: - name - security_center_properties.resource_name - resource_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following are the allowed field and operator combinations: - name: = - update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "update_time = "2019-06-10T16:07:18-07:00"" "update_time = 1560208038000" - create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "create_time = "2019-06-10T16:07:18-07:00"" "create_time = 1560208038000" - iam_policy.policy_blob: =, : - resource_properties: =, :, >, <, >=, <= - security_marks.marks: =, : - security_center_properties.resource_name: =, : - security_center_properties.resource_display_name: =, : - security_center_properties.resource_type: =, : - security_center_properties.resource_parent: =, : - security_center_properties.resource_parent_display_name: =, : - security_center_properties.resource_project: =, : - security_center_properties.resource_project_display_name: =, : - security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string.

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

Response message for listing assets.

Time used for executing the list request.

The total number of assets matching the query.

Request message for listing findings.

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: - name - source_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: name: = parent: =, : resource_name: =, : state: =, : category: =, : external_uri: =, : event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "event_time = "2019-06-10T16:07:18-07:00"" "event_time = 1560208038000" security_marks.marks: =, : source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string.

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

Response message for listing findings.

Time used for executing the list request.

The total number of findings matching the query.

API documentation for securitycenter_v1.types.ListOperationsRequest class.

API documentation for securitycenter_v1.types.ListOperationsResponse class.

Request message for listing sources.

The value returned by the last ListSourcesResponse; indicates that this is a continuation of a prior ListSources call, and that the system should return the next page of data.

Response message for listing sources.

Token to retrieve the next page of results, or empty if there are no more results.

API documentation for securitycenter_v1.types.ListValue class.

API documentation for securitycenter_v1.types.Operation class.

API documentation for securitycenter_v1.types.OperationInfo class.

User specified settings that are attached to the Cloud Security Command Center (Cloud SCC) organization.

A flag that indicates if Asset Discovery should be enabled. If the flag is set to true, then discovery of assets will occur. If it is set to `false, all historical assets will remain, but discovery of future assets will not occur.

API documentation for securitycenter_v1.types.Policy class.

API documentation for securitycenter_v1.types.PolicyDelta class.

Request message for running asset discovery for an organization.

Response of asset discovery run

The duration between asset discovery run start and end

User specified security marks that are attached to the parent Cloud Security Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud SCC organization -- they can be modified and viewed by all users who have proper permissions on the organization.

Mutable user specified security marks belonging to the parent resource. Constraints are as follows: - Keys and values are treated as case insensitive - Keys must be between 1 - 256 characters (inclusive) - Keys must be letters, numbers, underscores, or dashes - Values have leading and trailing whitespace trimmed, remaining characters must be between 1

• 4096 characters (inclusive)

Request message for updating a finding's state.

Required. The desired State of the finding.

API documentation for securitycenter_v1.types.SetIamPolicyRequest class.

Cloud Security Command Center's (Cloud SCC) finding source. A finding source is an entity or a mechanism that can produce a finding. A source is like a container of findings that come from the same scanner, logger, monitor, and other tools.

The source's display name. A source's display name must be unique amongst its siblings, for example, two sources with the same parent can't share the same display name. The display name must have a length between 1 and 64 characters (inclusive).

API documentation for securitycenter_v1.types.Status class.

API documentation for securitycenter_v1.types.Struct class.

API documentation for securitycenter_v1.types.TestIamPermissionsRequest class.

API documentation for securitycenter_v1.types.TestIamPermissionsResponse class.

API documentation for securitycenter_v1.types.Timestamp class.

Request message for updating or creating a finding.

The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using "source_properties." in the field mask.

Request message for updating an organization's settings.

The FieldMask to use when updating the settings resource. If empty all mutable fields will be updated.

Request message for updating a SecurityMarks resource.

The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.".

Request message for updating a source.

The FieldMask to use when updating the source resource. If empty all mutable fields will be updated.

API documentation for securitycenter_v1.types.Value class.

API documentation for securitycenter_v1.types.WaitOperationRequest class.