Method: organizations.assets.updateSecurityMarks

Updates security marks.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



The relative resource name of the SecurityMarks. See: Examples: "organizations/123/assets/456/securityMarks" "organizations/123/sources/456/findings/789/securityMarks".

Query parameters


string (FieldMask format)

The FieldMask to use when updating the security marks resource.

The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.".

A comma-separated list of fully qualified names of fields. Example: "user.displayName,photo".


string (Timestamp format)

The time at which the updated SecurityMarks take effect. If not set uses current server time. Updates will be applied to the SecurityMarks that are active immediately preceding this time.

A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".

Request body

The request body contains an instance of SecurityMarks.

Response body

If successful, the response body contains an instance of SecurityMarks.

Authorization Scopes

Requires the following OAuth scope:


For more information, see the Authentication Overview.

IAM Permissions

Requires one of the following Cloud IAM permissions on the name resource, depending on the resource type:

  • securitycenter.assetsecuritymarks.update
  • securitycenter.findingsecuritymarks.update

For more information, see the Cloud IAM Documentation.

Was this page helpful? Let us know how we did:

Send feedback about...

Cloud Security Command Center
Need help? Visit our support page.