REST Resource: folders.locations.securityCenterServices

Resource: SecurityCenterService

Represents a particular Security Command Center service. This includes settings information such as top-level enablement in addition to individual module settings. Service settings can be configured at the organization, folder, or project level. Service settings at the organization or folder level are inherited by those in child folders and projects.

JSON representation 
{
  "name": string,
  "intendedEnablementState": enum (EnablementState),
  "effectiveEnablementState": enum (EnablementState),
  "modules": {
    string: {
      object (ModuleSettings)
    },
    ...
  },
  "updateTime": string,
  "serviceConfig": {
    object
  }
}
Fields
name

string

Identifier. The name of the service.

Its format is:

  • organizations/{organization}/locations/{location}/securityCenterServices/{service}
  • folders/{folder}/locations/{location}/securityCenterServices/{service}
  • projects/{project}/locations/{location}/securityCenterServices/{service}

The possible values for id {service} are:

  • container-threat-detection
  • event-threat-detection
  • security-health-analytics
  • vm-threat-detection
  • web-security-scanner
intendedEnablementState

enum (EnablementState)

Optional. The intended state of enablement for the service at its level of the resource hierarchy. A DISABLED state will override all module enablement_states to DISABLED.
effectiveEnablementState

enum (EnablementState)

Output only. The effective enablement state for the service at its level of the resource hierarchy. If the intended state is set to INHERITED, the effective state will be inherited from the enablement state of an ancestor. This state may differ from the intended enablement state due to billing eligibility or onboarding status.
modules

map (key: string, value: object (ModuleSettings))

Optional. The configurations including the state of enablement for the service's different modules. The absence of a module in the map implies its configuration is inherited from its parents.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
updateTime

string (Timestamp format)

Output only. The time the service was last updated. This could be due to an explicit user update or due to a side effect of another system change such as billing subscription expiry.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
serviceConfig

object (Struct format)

Optional. Additional service specific configuration. Not all services will utilize this field.

EnablementState

Represents the possible intended states of enablement for a service or module.

Enums
ENABLEMENT_STATE_UNSPECIFIED Default value. This value is unused.
INHERITED State is inherited from the parent resource. Not a valid effective enablement state.
ENABLED State is enabled.
DISABLED State is disabled.

ModuleSettings

The settings for individual modules.

JSON representation 
{
  "intendedEnablementState": enum (EnablementState),
  "effectiveEnablementState": enum (EnablementState)
}
Fields
intendedEnablementState

enum (EnablementState)

Optional. The intended state of enablement for the module at its level of the resource hierarchy.
effectiveEnablementState

enum (EnablementState)

Output only. The effective enablement state for the module at its level of the resource hierarchy. If the intended state is set to INHERITED, the effective state will be inherited from the enablement state of an ancestor. This state may differ from the intended enablement state due to billing eligibility or onboarding status.

Methods

get

 Gets service settings for the specified Security Command Center service.

list

 Returns a list of all Security Command Center services for the given parent.

patch

 Updates a Security Command Center service using the given update mask.