REST Resource: folders.locations.securityCenterServices

Resource: SecurityCenterService

Represents a particular Security Command Center service. This includes settings information such as top-level enablement in addition to individual module settings. Service settings can be configured at the organization, folder, or project level. Service settings at the organization or folder level are inherited by those in descendant folders and projects.

JSON representation
{
  "name": string,
  "intendedEnablementState": enum (EnablementState),
  "effectiveEnablementState": enum (EnablementState),
  "modules": {
    string: {
      object (ModuleSettings)
    },
    ...
  },
  "updateTime": string,
  "serviceConfig": {
    object
  }
}
Fields
name

string

Identifier. The name of the service, in one of the following formats:

  • organizations/{organization}/locations/{location}/securityCenterServices/{service}
  • folders/{folder}/locations/{location}/securityCenterServices/{service}
  • projects/{project}/locations/{location}/securityCenterServices/{service}

The following values are valid for {service}:

  • container-threat-detection
  • event-threat-detection
  • security-health-analytics
  • vm-threat-detection
  • web-security-scanner
intendedEnablementState

enum (EnablementState)

Optional. The intended enablement state for the service at its level of the resource hierarchy. A DISABLED state will override all module enablement states to DISABLED.

effectiveEnablementState

enum (EnablementState)

Output only. The effective enablement state for the service at its level of the resource hierarchy. If the intended state is set to INHERITED, the effective state will be inherited from the enablement state of an ancestor. This state may differ from the intended enablement state due to billing eligibility or onboarding status.

modules

map (key: string, value: object (ModuleSettings))

Optional. The module configurations, including the enablement state for the service's modules. The absence of a module in the map implies that its configuration is inherited from its parents.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

updateTime

string (Timestamp format)

Output only. The time the service was last updated. This could be due to an explicit user update or due to a side effect of another system change, such as billing subscription expiry.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

serviceConfig

object (Struct format)

Optional. Additional service-specific configuration. Not all services will utilize this field.

EnablementState

Represents the possible enablement states for a service or module.

Enums
ENABLEMENT_STATE_UNSPECIFIED Default value. This value is unused.
INHERITED State is inherited from the parent resource. Valid as an intended enablement state, but not as an effective enablement state.
ENABLED State is enabled.
DISABLED State is disabled.
INGEST_ONLY Security Command Center is configured to ingest findings from this service, but not to enable this service. This state indicates that Security Command Center is misconfigured. You can't set this state yourself.

ModuleSettings

The settings for individual modules.

JSON representation
{
  "intendedEnablementState": enum (EnablementState),
  "effectiveEnablementState": enum (EnablementState)
}
Fields
intendedEnablementState

enum (EnablementState)

Optional. The intended enablement state for the module at its level of the resource hierarchy.

effectiveEnablementState

enum (EnablementState)

Output only. The effective enablement state for the module at its level of the resource hierarchy. If the intended state is set to INHERITED, the effective state will be inherited from the enablement state of an ancestor. This state may differ from the intended enablement state due to billing eligibility or onboarding status.

Methods

get

Gets service settings for the specified Security Command Center service.

list

Returns a list of all Security Command Center services for the given parent.

patch

Updates a Security Command Center service using the given update mask.