Cloud Security Command Center API

Cloud Security Command Center API provides access to temporal views of assets and findings within an organization.

Service: securitycenter.googleapis.com

We recommend that you call this service using Google-provided client libraries. If your application needs to call this service using your own libraries, you should use the following information when making the API requests.

Discovery document

A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:

Service endpoint

A service endpoint is a base URL that specifies the network address of an API service. One service may have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:

  • https://securitycenter.googleapis.com

REST Resource: v1beta1.organizations

Methods
getOrganizationSettings GET /v1beta1/{name=organizations/*/organizationSettings}
Gets the settings for an organization.
updateOrganizationSettings PATCH /v1beta1/{organizationSettings.name=organizations/*/organizationSettings}
Updates an organization's settings.

REST Resource: v1beta1.organizations.assets

Methods
group POST /v1beta1/{parent=organizations/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1beta1/{parent=organizations/*}/assets
Lists an organization's assets.
runDiscovery POST /v1beta1/{parent=organizations/*}/assets:runDiscovery
Runs asset discovery.
updateSecurityMarks PATCH /v1beta1/{securityMarks.name=organizations/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1beta1.organizations.operations

Methods
cancel POST /v1beta1/{name=organizations/*/operations/*}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1beta1/{name=organizations/*/operations/*}
Deletes a long-running operation.
get GET /v1beta1/{name=organizations/*/operations/*}
Gets the latest state of a long-running operation.
list GET /v1beta1/{name=organizations/*/operations}
Lists operations that match the specified filter in the request.

REST Resource: v1beta1.organizations.sources

Methods
create POST /v1beta1/{parent=organizations/*}/sources
Creates a source.
get GET /v1beta1/{name=organizations/*/sources/*}
Gets a source.
getIamPolicy POST /v1beta1/{resource=organizations/*/sources/*}:getIamPolicy
Gets the access control policy on the specified Source.
list GET /v1beta1/{parent=organizations/*}/sources
Lists all sources belonging to an organization.
patch PATCH /v1beta1/{source.name=organizations/*/sources/*}
Updates a source.
setIamPolicy POST /v1beta1/{resource=organizations/*/sources/*}:setIamPolicy
Sets the access control policy on the specified Source.
testIamPermissions POST /v1beta1/{resource=organizations/*/sources/*}:testIamPermissions
Returns the permissions that a caller has on the specified source.

REST Resource: v1beta1.organizations.sources.findings

Methods
create POST /v1beta1/{parent=organizations/*/sources/*}/findings
Creates a finding.
group POST /v1beta1/{parent=organizations/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1beta1/{parent=organizations/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1beta1/{finding.name=organizations/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1beta1/{name=organizations/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1beta1/{securityMarks.name=organizations/*/sources/*/findings/*/securityMarks}
Updates security marks.

Service: securitycenter.googleapis.com

We recommend that you call this service using Google-provided client libraries. If your application needs to call this service using your own libraries, you should use the following information when making the API requests.

Discovery document

A Discovery Document is a machine-readable specification for describing and consuming REST APIs. It is used to build client libraries, IDE plugins, and other tools that interact with Google APIs. One service may provide multiple discovery documents. This service provides the following discovery documents:

Service endpoint

A service endpoint is a base URL that specifies the network address of an API service. One service may have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:

  • https://securitycenter.googleapis.com

REST Resource: v1.organizations

Methods
getOrganizationSettings GET /v1/{name=organizations/*/organizationSettings}
Gets the settings for an organization.
updateOrganizationSettings PATCH /v1/{organizationSettings.name=organizations/*/organizationSettings}
Updates an organization's settings.

REST Resource: v1.organizations.assets

Methods
group POST /v1/{parent=organizations/*}/assets:group
Filters an organization's assets and groups them by their specified properties.
list GET /v1/{parent=organizations/*}/assets
Lists an organization's assets.
runDiscovery POST /v1/{parent=organizations/*}/assets:runDiscovery
Runs asset discovery.
updateSecurityMarks PATCH /v1/{securityMarks.name=organizations/*/assets/*/securityMarks}
Updates security marks.

REST Resource: v1.organizations.operations

Methods
cancel POST /v1/{name=organizations/*/operations/*}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1/{name=organizations/*/operations/*}
Deletes a long-running operation.
get GET /v1/{name=organizations/*/operations/*}
Gets the latest state of a long-running operation.
list GET /v1/{name=organizations/*/operations}
Lists operations that match the specified filter in the request.

REST Resource: v1.organizations.sources

Methods
create POST /v1/{parent=organizations/*}/sources
Creates a source.
get GET /v1/{name=organizations/*/sources/*}
Gets a source.
getIamPolicy POST /v1/{resource=organizations/*/sources/*}:getIamPolicy
Gets the access control policy on the specified Source.
list GET /v1/{parent=organizations/*}/sources
Lists all sources belonging to an organization.
patch PATCH /v1/{source.name=organizations/*/sources/*}
Updates a source.
setIamPolicy POST /v1/{resource=organizations/*/sources/*}:setIamPolicy
Sets the access control policy on the specified Source.
testIamPermissions POST /v1/{resource=organizations/*/sources/*}:testIamPermissions
Returns the permissions that a caller has on the specified source.

REST Resource: v1.organizations.sources.findings

Methods
create POST /v1/{parent=organizations/*/sources/*}/findings
Creates a finding.
group POST /v1/{parent=organizations/*/sources/*}/findings:group
Filters an organization or source's findings and groups them by their specified properties.
list GET /v1/{parent=organizations/*/sources/*}/findings
Lists an organization or source's findings.
patch PATCH /v1/{finding.name=organizations/*/sources/*/findings/*}
Creates or updates a finding.
setState POST /v1/{name=organizations/*/sources/*/findings/*}:setState
Updates the state of a finding.
updateSecurityMarks PATCH /v1/{securityMarks.name=organizations/*/sources/*/findings/*/securityMarks}
Updates security marks.
Was this page helpful? Let us know how we did:

Send feedback about...

Cloud Security Command Center
Need help? Visit our support page.