Group assets with filter

Demonstrates how to filter and group assets by type

Code sample

Java

To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.

static ImmutableList<GroupResult> groupAssetsWithFilter(OrganizationName organizationName) {
  try (SecurityCenterClient client = SecurityCenterClient.create()) {
    // Start setting up a request for to filter all assets by type and group them by project in an
    // organization.
    // OrganizationName organizationName = OrganizationName.of("123234324");
    GroupAssetsRequest.Builder request =
        GroupAssetsRequest.newBuilder()
            .setFilter(
                "security_center_properties.resource_type=\"google.cloud.resourcemanager.Project\"")
            .setGroupBy("security_center_properties.resource_project")
            .setParent(organizationName.toString());

    // Call the API.
    GroupAssetsPagedResponse response = client.groupAssets(request.build());

    // This creates one list for all assets.  If your organization has a large number of assets
    // this can cause out of memory issues.  You can process them batches by returning
    // the Iterable returned response.iterateAll() directly.
    ImmutableList<GroupResult> results = ImmutableList.copyOf(response.iterateAll());
    System.out.println("All assets:");
    System.out.println(results);
    return results;
  } catch (IOException e) {
    throw new RuntimeException("Couldn't create client.", e);
  }
}

Python

To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.

from google.cloud import securitycenter

client = securitycenter.SecurityCenterClient()

# organization_id is the numeric ID of the organization.
# organization_id = "1234567777"
org_name = f"organizations/{organization_id}"

group_by_type = "security_center_properties.resource_type"
only_projects = (
    "security_center_properties.resource_type="
    + '"google.cloud.resourcemanager.Project"'
)
result_iterator = client.group_assets(
    request={"parent": org_name, "group_by": group_by_type, "filter": only_projects}
)
for i, result in enumerate(result_iterator):
    print((i + 1), result)

What's next

To search and filter code samples for other Google Cloud products, see the Google Cloud sample browser.