Group assets with filter

Demonstrates how to filter and group assets by type

Code sample

Java

To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.

static ImmutableList<GroupResult> groupAssetsWithFilter(OrganizationName organizationName) {
  try (SecurityCenterClient client = SecurityCenterClient.create()) {
    // Start setting up a request to filter all assets by type and group them by project in an
    // organization.
    // You can also use a project or folder as a parent resource and filter assets in them
    // respectively.
    GroupAssetsRequest.Builder request =
        GroupAssetsRequest.newBuilder()
            .setFilter(
                "security_center_properties.resource_type=\"google.cloud.resourcemanager.Project\"")
            .setGroupBy("security_center_properties.resource_project")
            .setParent(organizationName.toString());

    // Call the API.
    GroupAssetsPagedResponse response = client.groupAssets(request.build());

    // This creates one list for all assets.  If your organization has a large number of assets
    // this can cause out of memory issues.  You can process them batches by returning
    // the Iterable returned response.iterateAll() directly.
    ImmutableList<GroupResult> results = ImmutableList.copyOf(response.iterateAll());
    System.out.println("All assets:");
    System.out.println(results);
    return results;
  } catch (IOException e) {
    throw new RuntimeException("Couldn't create client.", e);
  }
}

Python

To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.

from google.cloud import securitycenter

client = securitycenter.SecurityCenterClient()

# 'organization_id' is the numeric ID of the organization.
# organization_id = "1234567777"
org_name = f"organizations/{organization_id}"

group_by_type = "security_center_properties.resource_type"
only_projects = (
    "security_center_properties.resource_type="
    + '"google.cloud.resourcemanager.Project"'
)
# You can also use a project/ folder as a parent resource and filter assets in them
# respectively.
result_iterator = client.group_assets(
    request={"parent": org_name, "group_by": group_by_type, "filter": only_projects}
)
for i, result in enumerate(result_iterator):
    print((i + 1), result)

What's next

To search and filter code samples for other Google Cloud products, see the Google Cloud sample browser.