Security Command Center API

Stay organized with collections Save and categorize content based on your preferences.

Security Command Center API provides access to temporal views of assets and findings within an organization.

Service: securitycenter.googleapis.com

To call this service, we recommend that you use the Google-provided client libraries. If your application needs to use your own libraries to call this service, use the following information when you make the API requests.

Discovery document

A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:

Service endpoint

A service endpoint is a base URL that specifies the network address of an API service. One service might have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:

  • https://securitycenter.googleapis.com

REST Resource: v1p1beta1.folders.assets

Methods
group POST /v1p1beta1/{parent=folders/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1p1beta1/{parent=folders/*}/assets
Lists an organization's assets.
updateSecurityMarks PATCH /v1p1beta1/{securityMarks.name=folders/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1p1beta1.folders.sources

Methods
list GET /v1p1beta1/{parent=folders/*}/sources
Lists all sources belonging to an organization.

REST Resource: v1p1beta1.folders.sources.findings

Methods
group POST /v1p1beta1/{parent=folders/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1p1beta1/{parent=folders/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1p1beta1/{finding.name=folders/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1p1beta1/{name=folders/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1p1beta1/{securityMarks.name=folders/*/sources/*/findings/*/securityMarks}
Updates security marks.

REST Resource: v1p1beta1.organizations

Methods
getOrganizationSettings GET /v1p1beta1/{name=organizations/*/organizationSettings}
Gets the settings for an organization.
updateOrganizationSettings PATCH /v1p1beta1/{organizationSettings.name=organizations/*/organizationSettings}
Updates an organization's settings.

REST Resource: v1p1beta1.organizations.assets

Methods
group POST /v1p1beta1/{parent=organizations/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1p1beta1/{parent=organizations/*}/assets
Lists an organization's assets.
runDiscovery POST /v1p1beta1/{parent=organizations/*}/assets:runDiscovery
Runs asset discovery.
updateSecurityMarks PATCH /v1p1beta1/{securityMarks.name=organizations/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1p1beta1.organizations.notificationConfigs

Methods
create POST /v1p1beta1/{parent=organizations/*}/notificationConfigs
Creates a notification config.
delete DELETE /v1p1beta1/{name=organizations/*/notificationConfigs/*}
Deletes a notification config.
get GET /v1p1beta1/{name=organizations/*/notificationConfigs/*}
Gets a notification config.
list GET /v1p1beta1/{parent=organizations/*}/notificationConfigs
Lists notification configs.
patch PATCH /v1p1beta1/{notificationConfig.name=organizations/*/notificationConfigs/*}
Updates a notification config.

REST Resource: v1p1beta1.organizations.operations

Methods
cancel POST /v1p1beta1/{name=organizations/*/operations/*}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1p1beta1/{name=organizations/*/operations/*}
Deletes a long-running operation.
get GET /v1p1beta1/{name=organizations/*/operations/*}
Gets the latest state of a long-running operation.
list GET /v1p1beta1/{name=organizations/*/operations}
Lists operations that match the specified filter in the request.

REST Resource: v1p1beta1.organizations.sources

Methods
create POST /v1p1beta1/{parent=organizations/*}/sources
Creates a source.
get GET /v1p1beta1/{name=organizations/*/sources/*}
Gets a source.
getIamPolicy POST /v1p1beta1/{resource=organizations/*/sources/*}:getIamPolicy
Gets the access control policy on the specified Source.
list GET /v1p1beta1/{parent=organizations/*}/sources
Lists all sources belonging to an organization.
patch PATCH /v1p1beta1/{source.name=organizations/*/sources/*}
Updates a source.
setIamPolicy POST /v1p1beta1/{resource=organizations/*/sources/*}:setIamPolicy
Sets the access control policy on the specified Source.
testIamPermissions POST /v1p1beta1/{resource=organizations/*/sources/*}:testIamPermissions
Returns the permissions that a caller has on the specified source.

REST Resource: v1p1beta1.organizations.sources.findings

Methods
create POST /v1p1beta1/{parent=organizations/*/sources/*}/findings
Creates a finding.
group POST /v1p1beta1/{parent=organizations/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1p1beta1/{parent=organizations/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1p1beta1/{finding.name=organizations/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1p1beta1/{name=organizations/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1p1beta1/{securityMarks.name=organizations/*/sources/*/findings/*/securityMarks}
Updates security marks.

REST Resource: v1p1beta1.projects.assets

Methods
group POST /v1p1beta1/{parent=projects/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1p1beta1/{parent=projects/*}/assets
Lists an organization's assets.
updateSecurityMarks PATCH /v1p1beta1/{securityMarks.name=projects/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1p1beta1.projects.sources

Methods
list GET /v1p1beta1/{parent=projects/*}/sources
Lists all sources belonging to an organization.

REST Resource: v1p1beta1.projects.sources.findings

Methods
group POST /v1p1beta1/{parent=projects/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1p1beta1/{parent=projects/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1p1beta1/{finding.name=projects/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1p1beta1/{name=projects/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1p1beta1/{securityMarks.name=projects/*/sources/*/findings/*/securityMarks}
Updates security marks.

REST Resource: v1beta1.organizations

Methods
getOrganizationSettings GET /v1beta1/{name=organizations/*/organizationSettings}
Gets the settings for an organization.
updateOrganizationSettings PATCH /v1beta1/{organizationSettings.name=organizations/*/organizationSettings}
Updates an organization's settings.

REST Resource: v1beta1.organizations.assets

Methods
group POST /v1beta1/{parent=organizations/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1beta1/{parent=organizations/*}/assets
Lists an organization's assets.
runDiscovery POST /v1beta1/{parent=organizations/*}/assets:runDiscovery
Runs asset discovery.
updateSecurityMarks PATCH /v1beta1/{securityMarks.name=organizations/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1beta1.organizations.operations

Methods
cancel POST /v1beta1/{name=organizations/*/operations/*}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1beta1/{name=organizations/*/operations/*}
Deletes a long-running operation.
get GET /v1beta1/{name=organizations/*/operations/*}
Gets the latest state of a long-running operation.
list GET /v1beta1/{name=organizations/*/operations}
Lists operations that match the specified filter in the request.

REST Resource: v1beta1.organizations.sources

Methods
create POST /v1beta1/{parent=organizations/*}/sources
Creates a source.
get GET /v1beta1/{name=organizations/*/sources/*}
Gets a source.
getIamPolicy POST /v1beta1/{resource=organizations/*/sources/*}:getIamPolicy
Gets the access control policy on the specified Source.
list GET /v1beta1/{parent=organizations/*}/sources
Lists all sources belonging to an organization.
patch PATCH /v1beta1/{source.name=organizations/*/sources/*}
Updates a source.
setIamPolicy POST /v1beta1/{resource=organizations/*/sources/*}:setIamPolicy
Sets the access control policy on the specified Source.
testIamPermissions POST /v1beta1/{resource=organizations/*/sources/*}:testIamPermissions
Returns the permissions that a caller has on the specified source.

REST Resource: v1beta1.organizations.sources.findings

Methods
create POST /v1beta1/{parent=organizations/*/sources/*}/findings
Creates a finding.
group POST /v1beta1/{parent=organizations/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1beta1/{parent=organizations/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1beta1/{finding.name=organizations/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1beta1/{name=organizations/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1beta1/{securityMarks.name=organizations/*/sources/*/findings/*/securityMarks}
Updates security marks.

REST Resource: v1.folders.assets

Methods
group POST /v1/{parent=folders/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1/{parent=folders/*}/assets
Lists an organization's assets.
updateSecurityMarks PATCH /v1/{securityMarks.name=folders/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1.folders.bigQueryExports

Methods
create POST /v1/{parent=folders/*}/bigQueryExports
Creates a BigQuery export.
delete DELETE /v1/{name=folders/*/bigQueryExports/*}
Deletes an existing BigQuery export.
get GET /v1/{name=folders/*/bigQueryExports/*}
Gets a BigQuery export.
list GET /v1/{parent=folders/*}/bigQueryExports
Lists BigQuery exports.
patch PATCH /v1/{bigQueryExport.name=folders/*/bigQueryExports/*}
Updates a BigQuery export.

REST Resource: v1.folders.findings

Methods
bulkMute POST /v1/{parent=folders/*}/findings:bulkMute
Kicks off an LRO to bulk mute findings for a parent based on a filter.

REST Resource: v1.folders.muteConfigs

Methods
create POST /v1/{parent=folders/*}/muteConfigs
Creates a mute config.
delete DELETE /v1/{name=folders/*/muteConfigs/*}
Deletes an existing mute config.
get GET /v1/{name=folders/*/muteConfigs/*}
Gets a mute config.
list GET /v1/{parent=folders/*}/muteConfigs
Lists mute configs.
patch PATCH /v1/{muteConfig.name=folders/*/muteConfigs/*}
Updates a mute config.

REST Resource: v1.folders.notificationConfigs

Methods
create POST /v1/{parent=folders/*}/notificationConfigs
Creates a notification config.
delete DELETE /v1/{name=folders/*/notificationConfigs/*}
Deletes a notification config.
get GET /v1/{name=folders/*/notificationConfigs/*}
Gets a notification config.
list GET /v1/{parent=folders/*}/notificationConfigs
Lists notification configs.
patch PATCH /v1/{notificationConfig.name=folders/*/notificationConfigs/*}
Updates a notification config.

REST Resource: v1.folders.sources

Methods
list GET /v1/{parent=folders/*}/sources
Lists all sources belonging to an organization.

REST Resource: v1.folders.sources.findings

Methods
group POST /v1/{parent=folders/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1/{parent=folders/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1/{finding.name=folders/*/sources/*/findings/*}
Creates or updates a finding.
setMute POST /v1/{name=folders/*/sources/*/findings/*}:setMute
Updates the mute state of a finding.
setState POST /v1/{name=folders/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1/{securityMarks.name=folders/*/sources/*/findings/*/securityMarks}
Updates security marks.

REST Resource: v1.folders.sources.findings.externalSystems

Methods
patch PATCH /v1/{externalSystem.name=folders/*/sources/*/findings/*/externalSystems/*}
Updates external system.

REST Resource: v1.organizations

Methods
getOrganizationSettings GET /v1/{name=organizations/*/organizationSettings}
Gets the settings for an organization.
updateOrganizationSettings PATCH /v1/{organizationSettings.name=organizations/*/organizationSettings}
Updates an organization's settings.

REST Resource: v1.organizations.assets

Methods
group POST /v1/{parent=organizations/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1/{parent=organizations/*}/assets
Lists an organization's assets.
runDiscovery POST /v1/{parent=organizations/*}/assets:runDiscovery
Runs asset discovery.
updateSecurityMarks PATCH /v1/{securityMarks.name=organizations/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1.organizations.bigQueryExports

Methods
create POST /v1/{parent=organizations/*}/bigQueryExports
Creates a BigQuery export.
delete DELETE /v1/{name=organizations/*/bigQueryExports/*}
Deletes an existing BigQuery export.
get GET /v1/{name=organizations/*/bigQueryExports/*}
Gets a BigQuery export.
list GET /v1/{parent=organizations/*}/bigQueryExports
Lists BigQuery exports.
patch PATCH /v1/{bigQueryExport.name=organizations/*/bigQueryExports/*}
Updates a BigQuery export.

REST Resource: v1.organizations.findings

Methods
bulkMute POST /v1/{parent=organizations/*}/findings:bulkMute
Kicks off an LRO to bulk mute findings for a parent based on a filter.

REST Resource: v1.organizations.muteConfigs

Methods
create POST /v1/{parent=organizations/*}/muteConfigs
Creates a mute config.
delete DELETE /v1/{name=organizations/*/muteConfigs/*}
Deletes an existing mute config.
get GET /v1/{name=organizations/*/muteConfigs/*}
Gets a mute config.
list GET /v1/{parent=organizations/*}/muteConfigs
Lists mute configs.
patch PATCH /v1/{muteConfig.name=organizations/*/muteConfigs/*}
Updates a mute config.

REST Resource: v1.organizations.notificationConfigs

Methods
create POST /v1/{parent=organizations/*}/notificationConfigs
Creates a notification config.
delete DELETE /v1/{name=organizations/*/notificationConfigs/*}
Deletes a notification config.
get GET /v1/{name=organizations/*/notificationConfigs/*}
Gets a notification config.
list GET /v1/{parent=organizations/*}/notificationConfigs
Lists notification configs.
patch PATCH /v1/{notificationConfig.name=organizations/*/notificationConfigs/*}
Updates a notification config.

REST Resource: v1.organizations.operations

Methods
cancel POST /v1/{name=organizations/*/operations/*}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1/{name=organizations/*/operations/*}
Deletes a long-running operation.
get GET /v1/{name=organizations/*/operations/*}
Gets the latest state of a long-running operation.
list GET /v1/{name=organizations/*/operations}
Lists operations that match the specified filter in the request.

REST Resource: v1.organizations.sources

Methods
create POST /v1/{parent=organizations/*}/sources
Creates a source.
get GET /v1/{name=organizations/*/sources/*}
Gets a source.
getIamPolicy POST /v1/{resource=organizations/*/sources/*}:getIamPolicy
Gets the access control policy on the specified Source.
list GET /v1/{parent=organizations/*}/sources
Lists all sources belonging to an organization.
patch PATCH /v1/{source.name=organizations/*/sources/*}
Updates a source.
setIamPolicy POST /v1/{resource=organizations/*/sources/*}:setIamPolicy
Sets the access control policy on the specified Source.
testIamPermissions POST /v1/{resource=organizations/*/sources/*}:testIamPermissions
Returns the permissions that a caller has on the specified source.

REST Resource: v1.organizations.sources.findings

Methods
create POST /v1/{parent=organizations/*/sources/*}/findings
Creates a finding.
group POST /v1/{parent=organizations/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1/{parent=organizations/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1/{finding.name=organizations/*/sources/*/findings/*}
Creates or updates a finding.
setMute POST /v1/{name=organizations/*/sources/*/findings/*}:setMute
Updates the mute state of a finding.
setState POST /v1/{name=organizations/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1/{securityMarks.name=organizations/*/sources/*/findings/*/securityMarks}
Updates security marks.

REST Resource: v1.organizations.sources.findings.externalSystems

Methods
patch PATCH /v1/{externalSystem.name=organizations/*/sources/*/findings/*/externalSystems/*}
Updates external system.

REST Resource: v1.projects.assets

Methods
group POST /v1/{parent=projects/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1/{parent=projects/*}/assets
Lists an organization's assets.
updateSecurityMarks PATCH /v1/{securityMarks.name=projects/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1.projects.bigQueryExports

Methods
create POST /v1/{parent=projects/*}/bigQueryExports
Creates a BigQuery export.
delete DELETE /v1/{name=projects/*/bigQueryExports/*}
Deletes an existing BigQuery export.
get GET /v1/{name=projects/*/bigQueryExports/*}
Gets a BigQuery export.
list GET /v1/{parent=projects/*}/bigQueryExports
Lists BigQuery exports.
patch PATCH /v1/{bigQueryExport.name=projects/*/bigQueryExports/*}
Updates a BigQuery export.

REST Resource: v1.projects.findings

Methods
bulkMute POST /v1/{parent=projects/*}/findings:bulkMute
Kicks off an LRO to bulk mute findings for a parent based on a filter.

REST Resource: v1.projects.muteConfigs

Methods
create POST /v1/{parent=projects/*}/muteConfigs
Creates a mute config.
delete DELETE /v1/{name=projects/*/muteConfigs/*}
Deletes an existing mute config.
get GET /v1/{name=projects/*/muteConfigs/*}
Gets a mute config.
list GET /v1/{parent=projects/*}/muteConfigs
Lists mute configs.
patch PATCH /v1/{muteConfig.name=projects/*/muteConfigs/*}
Updates a mute config.

REST Resource: v1.projects.notificationConfigs

Methods
create POST /v1/{parent=projects/*}/notificationConfigs
Creates a notification config.
delete DELETE /v1/{name=projects/*/notificationConfigs/*}
Deletes a notification config.
get GET /v1/{name=projects/*/notificationConfigs/*}
Gets a notification config.
list GET /v1/{parent=projects/*}/notificationConfigs
Lists notification configs.
patch PATCH /v1/{notificationConfig.name=projects/*/notificationConfigs/*}
Updates a notification config.

REST Resource: v1.projects.sources

Methods
list GET /v1/{parent=projects/*}/sources
Lists all sources belonging to an organization.

REST Resource: v1.projects.sources.findings

Methods
group POST /v1/{parent=projects/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1/{parent=projects/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1/{finding.name=projects/*/sources/*/findings/*}
Creates or updates a finding.
setMute POST /v1/{name=projects/*/sources/*/findings/*}:setMute
Updates the mute state of a finding.
setState POST /v1/{name=projects/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1/{securityMarks.name=projects/*/sources/*/findings/*/securityMarks}
Updates security marks.

REST Resource: v1.projects.sources.findings.externalSystems

Methods
patch PATCH /v1/{externalSystem.name=projects/*/sources/*/findings/*/externalSystems/*}
Updates external system.