- gcloud alpha scc findings update - update a Cloud Security Command Center finding
(ALPHA)Update a Cloud Security Command Center finding.
- POSITIONAL ARGUMENTS
Finding resource - The finding you want to update. The arguments in this group
can be used to specify the attributes of this resource. This must be specified.
- ID of the finding or fully qualified identifier for the finding. This positional must be specified if any of the other arguments in this group are specified.
- (Optional) If the full resource name isn't provided e.g. organizations/123, then provide the organization id which is the suffix of the organization. Example: organizations/123, the id is 123.
- (Optional) If the full resource name isn't provided e.g. organizations/123/sources/456, then provide the source id which is the suffix of the source. Example: organizations/123/sources/456, the id is 456.
- Finding resource - The finding you want to update. The arguments in this group can be used to specify the attributes of this resource. This must be specified.
- Time at which the event took place. For example, if the finding represents an open firewall it would capture the time the open firewall was detected. If event-time is not provided, it will default to UTC version of NOW. For example 2019-02-28T07:00:00Z
- URI that, if available, points to a web page outside of Cloud SCC (Security Command Center) where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
- Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only. For example "key1=val1,key2=val2"
State is one of: [ACTIVE, INACTIVE].
STATEmust be one of:
- Optional: If left unspecified (default), an update-mask is automatically created using the flags specified in the command and only those values are updated. For example: --external-uri='<some-uri>' --event-time='<some-time>' would automatically generate --update-mask 'external_uri,event_time'. Note that as a result, only external-uri and event-time are updated for the given finding and everything else remains untouched. If you want to delete attributes/properties (that are not being changed in the update command) use an empty update-mask (''). That will delete all the mutable properties/attributes that aren't specified as flags in the update command. In the above example it would delete source-properties. State can be toggled from ACTIVE to INACTIVE and vice-versa but it cannot be deleted.
- GCLOUD WIDE FLAGS
These flags are available to all commands: --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account,
--log-http, --project, --quiet, --trace-token, --user-output-enabled,
$ gcloud helpfor details.
- API REFERENCE
This command uses the
securitycenter/v1API. The full documentation for this API can be found at: https://console.cloud.google.com/apis/api/securitycenter.googleapis.com/overview
Update my-finding's state from ACTIVE to INACTIVE:
$ gcloud alpha scc findings update my-finding \ --organization=123456 --source=5678 --state INACTIVE
Override all source properties on my-finding:
$ gcloud alpha scc findings update my-finding \ --organization=123456 --source=5678 \ --source-properties "propKey1=propVal1,propKey2=propVal2"
Selectively update a specific source property on my-finding:
$ gcloud alpha scc findings update my-finding \ --organization=123456 --source=5678 \ --source-properties "propKey1=propVal1,propKey2=propVal2" \ --update-mask "source_properties.propKey1"
- This command is currently in ALPHA and may change without notice. If this command fails with API permission errors despite specifying the right project, you may be trying to access an API with an invitation-only early access whitelist.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2020-02-04.