Google Cloud Security Command Center V1 Client - Class SecurityCenterClient (1.15.1)

Reference documentation and code samples for the Google Cloud Security Command Center V1 Client class SecurityCenterClient.

Service Description: V1 APIs for Security Center service.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:

$securityCenterClient = new SecurityCenterClient();
try {
    $parent = 'parent';
    $operationResponse = $securityCenterClient->bulkMuteFindings($parent);
    $operationResponse->pollUntilComplete();
    if ($operationResponse->operationSucceeded()) {
        $result = $operationResponse->getResult();
    // doSomethingWith($result)
    } else {
        $error = $operationResponse->getError();
        // handleError($error)
    }
    // Alternatively:
    // start the operation, keep the operation name, and resume later
    $operationResponse = $securityCenterClient->bulkMuteFindings($parent);
    $operationName = $operationResponse->getName();
    // ... do other work
    $newOperationResponse = $securityCenterClient->resumeOperation($operationName, 'bulkMuteFindings');
    while (!$newOperationResponse->isDone()) {
        // ... do other work
        $newOperationResponse->reload();
    }
    if ($newOperationResponse->operationSucceeded()) {
        $result = $newOperationResponse->getResult();
    // doSomethingWith($result)
    } else {
        $error = $newOperationResponse->getError();
        // handleError($error)
    }
} finally {
    $securityCenterClient->close();
}

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parseName method to extract the individual identifiers contained within formatted names that are returned by the API.

Methods

bigQueryExportName

Formats a string containing the fully-qualified path to represent a big_query_export resource.

Parameters
NameDescription
organization string
export string
Returns
TypeDescription
stringThe formatted big_query_export resource.

dlpJobName

Formats a string containing the fully-qualified path to represent a dlp_job resource.

Parameters
NameDescription
project string
dlpJob string
Returns
TypeDescription
stringThe formatted dlp_job resource.

effectiveSecurityHealthAnalyticsCustomModuleName

Formats a string containing the fully-qualified path to represent a effective_security_health_analytics_custom_module resource.

Parameters
NameDescription
organization string
effectiveCustomModule string
Returns
TypeDescription
stringThe formatted effective_security_health_analytics_custom_module resource.

externalSystemName

Formats a string containing the fully-qualified path to represent a external_system resource.

Parameters
NameDescription
organization string
source string
finding string
externalsystem string
Returns
TypeDescription
stringThe formatted external_system resource.

findingName

Formats a string containing the fully-qualified path to represent a finding resource.

Parameters
NameDescription
organization string
source string
finding string
Returns
TypeDescription
stringThe formatted finding resource.

folderName

Formats a string containing the fully-qualified path to represent a folder resource.

Parameter
NameDescription
folder string
Returns
TypeDescription
stringThe formatted folder resource.

folderAssetSecurityMarksName

Formats a string containing the fully-qualified path to represent a folder_asset_securityMarks resource.

Parameters
NameDescription
folder string
asset string
Returns
TypeDescription
stringThe formatted folder_asset_securityMarks resource.

folderCustomModuleName

Formats a string containing the fully-qualified path to represent a folder_custom_module resource.

Parameters
NameDescription
folder string
customModule string
Returns
TypeDescription
stringThe formatted folder_custom_module resource.

folderEffectiveCustomModuleName

Formats a string containing the fully-qualified path to represent a folder_effective_custom_module resource.

Parameters
NameDescription
folder string
effectiveCustomModule string
Returns
TypeDescription
stringThe formatted folder_effective_custom_module resource.

folderExportName

Formats a string containing the fully-qualified path to represent a folder_export resource.

Parameters
NameDescription
folder string
export string
Returns
TypeDescription
stringThe formatted folder_export resource.

folderMuteConfigName

Formats a string containing the fully-qualified path to represent a folder_mute_config resource.

Parameters
NameDescription
folder string
muteConfig string
Returns
TypeDescription
stringThe formatted folder_mute_config resource.

folderNotificationConfigName

Formats a string containing the fully-qualified path to represent a folder_notification_config resource.

Parameters
NameDescription
folder string
notificationConfig string
Returns
TypeDescription
stringThe formatted folder_notification_config resource.

folderSecurityHealthAnalyticsSettingsName

Formats a string containing the fully-qualified path to represent a folder_securityHealthAnalyticsSettings resource.

Parameter
NameDescription
folder string
Returns
TypeDescription
stringThe formatted folder_securityHealthAnalyticsSettings resource.

folderSourceName

Formats a string containing the fully-qualified path to represent a folder_source resource.

Parameters
NameDescription
folder string
source string
Returns
TypeDescription
stringThe formatted folder_source resource.

folderSourceFindingName

Formats a string containing the fully-qualified path to represent a folder_source_finding resource.

Parameters
NameDescription
folder string
source string
finding string
Returns
TypeDescription
stringThe formatted folder_source_finding resource.

folderSourceFindingExternalsystemName

Formats a string containing the fully-qualified path to represent a folder_source_finding_externalsystem resource.

Parameters
NameDescription
folder string
source string
finding string
externalsystem string
Returns
TypeDescription
stringThe formatted folder_source_finding_externalsystem resource.

folderSourceFindingSecurityMarksName

Formats a string containing the fully-qualified path to represent a folder_source_finding_securityMarks resource.

Parameters
NameDescription
folder string
source string
finding string
Returns
TypeDescription
stringThe formatted folder_source_finding_securityMarks resource.

muteConfigName

Formats a string containing the fully-qualified path to represent a mute_config resource.

Parameters
NameDescription
organization string
muteConfig string
Returns
TypeDescription
stringThe formatted mute_config resource.

notificationConfigName

Formats a string containing the fully-qualified path to represent a notification_config resource.

Parameters
NameDescription
organization string
notificationConfig string
Returns
TypeDescription
stringThe formatted notification_config resource.

organizationName

Formats a string containing the fully-qualified path to represent a organization resource.

Parameter
NameDescription
organization string
Returns
TypeDescription
stringThe formatted organization resource.

organizationAssetSecurityMarksName

Formats a string containing the fully-qualified path to represent a organization_asset_securityMarks resource.

Parameters
NameDescription
organization string
asset string
Returns
TypeDescription
stringThe formatted organization_asset_securityMarks resource.

organizationCustomModuleName

Formats a string containing the fully-qualified path to represent a organization_custom_module resource.

Parameters
NameDescription
organization string
customModule string
Returns
TypeDescription
stringThe formatted organization_custom_module resource.

organizationEffectiveCustomModuleName

Formats a string containing the fully-qualified path to represent a organization_effective_custom_module resource.

Parameters
NameDescription
organization string
effectiveCustomModule string
Returns
TypeDescription
stringThe formatted organization_effective_custom_module resource.

organizationExportName

Formats a string containing the fully-qualified path to represent a organization_export resource.

Parameters
NameDescription
organization string
export string
Returns
TypeDescription
stringThe formatted organization_export resource.

organizationMuteConfigName

Formats a string containing the fully-qualified path to represent a organization_mute_config resource.

Parameters
NameDescription
organization string
muteConfig string
Returns
TypeDescription
stringThe formatted organization_mute_config resource.

organizationNotificationConfigName

Formats a string containing the fully-qualified path to represent a organization_notification_config resource.

Parameters
NameDescription
organization string
notificationConfig string
Returns
TypeDescription
stringThe formatted organization_notification_config resource.

organizationSecurityHealthAnalyticsSettingsName

Formats a string containing the fully-qualified path to represent a organization_securityHealthAnalyticsSettings resource.

Parameter
NameDescription
organization string
Returns
TypeDescription
stringThe formatted organization_securityHealthAnalyticsSettings resource.

organizationSettingsName

Formats a string containing the fully-qualified path to represent a organization_settings resource.

Parameter
NameDescription
organization string
Returns
TypeDescription
stringThe formatted organization_settings resource.

organizationSourceName

Formats a string containing the fully-qualified path to represent a organization_source resource.

Parameters
NameDescription
organization string
source string
Returns
TypeDescription
stringThe formatted organization_source resource.

organizationSourceFindingName

Formats a string containing the fully-qualified path to represent a organization_source_finding resource.

Parameters
NameDescription
organization string
source string
finding string
Returns
TypeDescription
stringThe formatted organization_source_finding resource.

organizationSourceFindingExternalsystemName

Formats a string containing the fully-qualified path to represent a organization_source_finding_externalsystem resource.

Parameters
NameDescription
organization string
source string
finding string
externalsystem string
Returns
TypeDescription
stringThe formatted organization_source_finding_externalsystem resource.

organizationSourceFindingSecurityMarksName

Formats a string containing the fully-qualified path to represent a organization_source_finding_securityMarks resource.

Parameters
NameDescription
organization string
source string
finding string
Returns
TypeDescription
stringThe formatted organization_source_finding_securityMarks resource.

projectName

Formats a string containing the fully-qualified path to represent a project resource.

Parameter
NameDescription
project string
Returns
TypeDescription
stringThe formatted project resource.

projectAssetSecurityMarksName

Formats a string containing the fully-qualified path to represent a project_asset_securityMarks resource.

Parameters
NameDescription
project string
asset string
Returns
TypeDescription
stringThe formatted project_asset_securityMarks resource.

projectCustomModuleName

Formats a string containing the fully-qualified path to represent a project_custom_module resource.

Parameters
NameDescription
project string
customModule string
Returns
TypeDescription
stringThe formatted project_custom_module resource.

projectDlpJobName

Formats a string containing the fully-qualified path to represent a project_dlp_job resource.

Parameters
NameDescription
project string
dlpJob string
Returns
TypeDescription
stringThe formatted project_dlp_job resource.

projectEffectiveCustomModuleName

Formats a string containing the fully-qualified path to represent a project_effective_custom_module resource.

Parameters
NameDescription
project string
effectiveCustomModule string
Returns
TypeDescription
stringThe formatted project_effective_custom_module resource.

projectExportName

Formats a string containing the fully-qualified path to represent a project_export resource.

Parameters
NameDescription
project string
export string
Returns
TypeDescription
stringThe formatted project_export resource.

projectLocationDlpJobName

Formats a string containing the fully-qualified path to represent a project_location_dlp_job resource.

Parameters
NameDescription
project string
location string
dlpJob string
Returns
TypeDescription
stringThe formatted project_location_dlp_job resource.

projectLocationTableProfileName

Formats a string containing the fully-qualified path to represent a project_location_table_profile resource.

Parameters
NameDescription
project string
location string
tableProfile string
Returns
TypeDescription
stringThe formatted project_location_table_profile resource.

projectMuteConfigName

Formats a string containing the fully-qualified path to represent a project_mute_config resource.

Parameters
NameDescription
project string
muteConfig string
Returns
TypeDescription
stringThe formatted project_mute_config resource.

projectNotificationConfigName

Formats a string containing the fully-qualified path to represent a project_notification_config resource.

Parameters
NameDescription
project string
notificationConfig string
Returns
TypeDescription
stringThe formatted project_notification_config resource.

projectSecurityHealthAnalyticsSettingsName

Formats a string containing the fully-qualified path to represent a project_securityHealthAnalyticsSettings resource.

Parameter
NameDescription
project string
Returns
TypeDescription
stringThe formatted project_securityHealthAnalyticsSettings resource.

projectSourceName

Formats a string containing the fully-qualified path to represent a project_source resource.

Parameters
NameDescription
project string
source string
Returns
TypeDescription
stringThe formatted project_source resource.

projectSourceFindingName

Formats a string containing the fully-qualified path to represent a project_source_finding resource.

Parameters
NameDescription
project string
source string
finding string
Returns
TypeDescription
stringThe formatted project_source_finding resource.

projectSourceFindingExternalsystemName

Formats a string containing the fully-qualified path to represent a project_source_finding_externalsystem resource.

Parameters
NameDescription
project string
source string
finding string
externalsystem string
Returns
TypeDescription
stringThe formatted project_source_finding_externalsystem resource.

projectSourceFindingSecurityMarksName

Formats a string containing the fully-qualified path to represent a project_source_finding_securityMarks resource.

Parameters
NameDescription
project string
source string
finding string
Returns
TypeDescription
stringThe formatted project_source_finding_securityMarks resource.

projectTableProfileName

Formats a string containing the fully-qualified path to represent a project_table_profile resource.

Parameters
NameDescription
project string
tableProfile string
Returns
TypeDescription
stringThe formatted project_table_profile resource.

securityHealthAnalyticsCustomModuleName

Formats a string containing the fully-qualified path to represent a security_health_analytics_custom_module resource.

Parameters
NameDescription
organization string
customModule string
Returns
TypeDescription
stringThe formatted security_health_analytics_custom_module resource.

securityHealthAnalyticsSettingsName

Formats a string containing the fully-qualified path to represent a security_health_analytics_settings resource.

Parameter
NameDescription
organization string
Returns
TypeDescription
stringThe formatted security_health_analytics_settings resource.

securityMarksName

Formats a string containing the fully-qualified path to represent a security_marks resource.

Parameters
NameDescription
organization string
asset string
Returns
TypeDescription
stringThe formatted security_marks resource.

sourceName

Formats a string containing the fully-qualified path to represent a source resource.

Parameters
NameDescription
organization string
source string
Returns
TypeDescription
stringThe formatted source resource.

tableDataProfileName

Formats a string containing the fully-qualified path to represent a table_data_profile resource.

Parameters
NameDescription
project string
tableProfile string
Returns
TypeDescription
stringThe formatted table_data_profile resource.

topicName

Formats a string containing the fully-qualified path to represent a topic resource.

Parameters
NameDescription
project string
topic string
Returns
TypeDescription
stringThe formatted topic resource.

parseName

Parses a formatted name string and returns an associative array of the components in the name.

The following name formats are supported: Template: Pattern

  • bigQueryExport: organizations/{organization}/bigQueryExports/{export}
  • dlpJob: projects/{project}/dlpJobs/{dlp_job}
  • effectiveSecurityHealthAnalyticsCustomModule: organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{effective_custom_module}
  • externalSystem: organizations/{organization}/sources/{source}/findings/{finding}/externalSystems/{externalsystem}
  • finding: organizations/{organization}/sources/{source}/findings/{finding}
  • folder: folders/{folder}
  • folderAssetSecurityMarks: folders/{folder}/assets/{asset}/securityMarks
  • folderCustomModule: folders/{folder}/securityHealthAnalyticsSettings/customModules/{custom_module}
  • folderEffectiveCustomModule: folders/{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/{effective_custom_module}
  • folderExport: folders/{folder}/bigQueryExports/{export}
  • folderMuteConfig: folders/{folder}/muteConfigs/{mute_config}
  • folderNotificationConfig: folders/{folder}/notificationConfigs/{notification_config}
  • folderSecurityHealthAnalyticsSettings: folders/{folder}/securityHealthAnalyticsSettings
  • folderSource: folders/{folder}/sources/{source}
  • folderSourceFinding: folders/{folder}/sources/{source}/findings/{finding}
  • folderSourceFindingExternalsystem: folders/{folder}/sources/{source}/findings/{finding}/externalSystems/{externalsystem}
  • folderSourceFindingSecurityMarks: folders/{folder}/sources/{source}/findings/{finding}/securityMarks
  • muteConfig: organizations/{organization}/muteConfigs/{mute_config}
  • notificationConfig: organizations/{organization}/notificationConfigs/{notification_config}
  • organization: organizations/{organization}
  • organizationAssetSecurityMarks: organizations/{organization}/assets/{asset}/securityMarks
  • organizationCustomModule: organizations/{organization}/securityHealthAnalyticsSettings/customModules/{custom_module}
  • organizationEffectiveCustomModule: organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{effective_custom_module}
  • organizationExport: organizations/{organization}/bigQueryExports/{export}
  • organizationMuteConfig: organizations/{organization}/muteConfigs/{mute_config}
  • organizationNotificationConfig: organizations/{organization}/notificationConfigs/{notification_config}
  • organizationSecurityHealthAnalyticsSettings: organizations/{organization}/securityHealthAnalyticsSettings
  • organizationSettings: organizations/{organization}/organizationSettings
  • organizationSource: organizations/{organization}/sources/{source}
  • organizationSourceFinding: organizations/{organization}/sources/{source}/findings/{finding}
  • organizationSourceFindingExternalsystem: organizations/{organization}/sources/{source}/findings/{finding}/externalSystems/{externalsystem}
  • organizationSourceFindingSecurityMarks: organizations/{organization}/sources/{source}/findings/{finding}/securityMarks
  • project: projects/{project}
  • projectAssetSecurityMarks: projects/{project}/assets/{asset}/securityMarks
  • projectCustomModule: projects/{project}/securityHealthAnalyticsSettings/customModules/{custom_module}
  • projectDlpJob: projects/{project}/dlpJobs/{dlp_job}
  • projectEffectiveCustomModule: projects/{project}/securityHealthAnalyticsSettings/effectiveCustomModules/{effective_custom_module}
  • projectExport: projects/{project}/bigQueryExports/{export}
  • projectLocationDlpJob: projects/{project}/locations/{location}/dlpJobs/{dlp_job}
  • projectLocationTableProfile: projects/{project}/locations/{location}/tableProfiles/{table_profile}
  • projectMuteConfig: projects/{project}/muteConfigs/{mute_config}
  • projectNotificationConfig: projects/{project}/notificationConfigs/{notification_config}
  • projectSecurityHealthAnalyticsSettings: projects/{project}/securityHealthAnalyticsSettings
  • projectSource: projects/{project}/sources/{source}
  • projectSourceFinding: projects/{project}/sources/{source}/findings/{finding}
  • projectSourceFindingExternalsystem: projects/{project}/sources/{source}/findings/{finding}/externalSystems/{externalsystem}
  • projectSourceFindingSecurityMarks: projects/{project}/sources/{source}/findings/{finding}/securityMarks
  • projectTableProfile: projects/{project}/tableProfiles/{table_profile}
  • securityHealthAnalyticsCustomModule: organizations/{organization}/securityHealthAnalyticsSettings/customModules/{custom_module}
  • securityHealthAnalyticsSettings: organizations/{organization}/securityHealthAnalyticsSettings
  • securityMarks: organizations/{organization}/assets/{asset}/securityMarks
  • source: organizations/{organization}/sources/{source}
  • tableDataProfile: projects/{project}/tableProfiles/{table_profile}
  • topic: projects/{project}/topics/{topic}

The optional $template argument can be supplied to specify a particular pattern, and must match one of the templates listed above. If no $template argument is provided, or if the $template argument does not match one of the templates listed, then parseName will check each of the supported templates, and return the first match.

Parameters
NameDescription
formattedName string

The formatted name string

template string

Optional name of template to match

Returns
TypeDescription
arrayAn associative array from name component IDs to component values.

getOperationsClient

Return an OperationsClient object with the same endpoint as $this.

Returns
TypeDescription
Google\ApiCore\LongRunning\OperationsClient

resumeOperation

Resume an existing long running operation that was previously started by a long running API method. If $methodName is not provided, or does not match a long running API method, then the operation can still be resumed, but the OperationResponse object will not deserialize the final response.

Parameters
NameDescription
operationName string

The name of the long running operation

methodName string

The name of the method used to start the operation

Returns
TypeDescription
Google\ApiCore\OperationResponse

__construct

Constructor.

Parameters
NameDescription
options array

Optional. Options for configuring the service API wrapper.

↳ apiEndpoint string

The address of the API remote host. May optionally include the port, formatted as "

↳ credentials string|array|FetchAuthTokenInterface|CredentialsWrapper

The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored.

↳ credentialsConfig array

Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() .

↳ disableRetries bool

Determines whether or not retries defined by the client configuration should be disabled. Defaults to false.

↳ clientConfig string|array

Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder.

↳ transport string|TransportInterface

The transport used for executing network requests. May be either the string rest or grpc. Defaults to grpc if gRPC support is detected on the system. Advanced usage: Additionally, it is possible to pass in an already instantiated Google\ApiCore\Transport\TransportInterface object. Note that when this object is provided, any settings in $transportConfig, and any $apiEndpoint setting, will be ignored.

↳ transportConfig array

Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'grpc' => [...], 'rest' => [...], ]; See the Google\ApiCore\Transport\GrpcTransport::build() and Google\ApiCore\Transport\RestTransport::build() methods for the supported options.

↳ clientCertSource callable

A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS.

bulkMuteFindings

Kicks off an LRO to bulk mute findings for a parent based on a filter. The parent can be either an organization, folder or project. The findings matched by the filter will be muted after the LRO is done.

Parameters
NameDescription
parent string

Required. The parent, at which bulk action needs to be applied. Its format is "organizations/[organization_id]", "folders/[folder_id]", "projects/[project_id]".

optionalArgs array

Optional.

↳ filter string

Expression that identifies findings that should be updated. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the corresponding resource. The supported operators are: * = for all value types. * >, <, >=, <= for integer values. * :, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals true and false without quotes.

↳ muteAnnotation string

This can be a mute configuration name or any identifier for mute/unmute of findings based on the filter.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\OperationResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\SecurityCenter\V1\BulkMuteFindingsResponse;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Rpc\Status;

/**
 * @param string $parent The parent, at which bulk action needs to be applied. Its format
 *                       is "organizations/[organization_id]", "folders/[folder_id]",
 *                       "projects/[project_id]".
 */
function bulk_mute_findings_sample(string $parent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityCenterClient->bulkMuteFindings($parent);
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            /** @var BulkMuteFindingsResponse $result */
            $result = $response->getResult();
            printf('Operation successful with response data: %s' . PHP_EOL, $result->serializeToJsonString());
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $parent = '[PARENT]';

    bulk_mute_findings_sample($parent);
}

createBigQueryExport

Creates a BigQuery export.

Parameters
NameDescription
parent string

Required. The name of the parent resource of the new BigQuery export. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]".

bigQueryExport Google\Cloud\SecurityCenter\V1\BigQueryExport

Required. The BigQuery export being created.

bigQueryExportId string

Required. Unique identifier provided by the client within the parent scope. It must consist of lower case letters, numbers, and hyphen, with the first character a letter, the last a letter or a number, and a 63 character maximum.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\BigQueryExport
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\BigQueryExport;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent  The name of the parent resource of the new BigQuery export. Its
 *                                 format is "organizations/[organization_id]", "folders/[folder_id]", or
 *                                 "projects/[project_id]". Please see
 *                                 {@see SecurityCenterClient::projectName()} for help formatting this field.
 * @param string $bigQueryExportId Unique identifier provided by the client within the parent scope.
 *                                 It must consist of lower case letters, numbers, and hyphen, with the first
 *                                 character a letter, the last a letter or a number, and a 63 character
 *                                 maximum.
 */
function create_big_query_export_sample(string $formattedParent, string $bigQueryExportId): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $bigQueryExport = new BigQueryExport();

    // Call the API and handle any network failures.
    try {
        /** @var BigQueryExport $response */
        $response = $securityCenterClient->createBigQueryExport(
            $formattedParent,
            $bigQueryExport,
            $bigQueryExportId
        );
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');
    $bigQueryExportId = '[BIG_QUERY_EXPORT_ID]';

    create_big_query_export_sample($formattedParent, $bigQueryExportId);
}

createFinding

Creates a finding. The corresponding source must exist for finding creation to succeed.

Parameters
NameDescription
parent string

Required. Resource name of the new finding's parent. Its format should be "organizations/[organization_id]/sources/[source_id]".

findingId string

Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

finding Google\Cloud\SecurityCenter\V1\Finding

Required. The Finding being created. The name and security_marks will be ignored as they are both output only fields on this resource.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\Finding
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\Finding;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent Resource name of the new finding's parent. Its format should be
 *                                "organizations/[organization_id]/sources/[source_id]". Please see
 *                                {@see SecurityCenterClient::sourceName()} for help formatting this field.
 * @param string $findingId       Unique identifier provided by the client within the parent scope.
 *                                It must be alphanumeric and less than or equal to 32 characters and
 *                                greater than 0 characters in length.
 */
function create_finding_sample(string $formattedParent, string $findingId): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $finding = new Finding();

    // Call the API and handle any network failures.
    try {
        /** @var Finding $response */
        $response = $securityCenterClient->createFinding($formattedParent, $findingId, $finding);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::sourceName('[ORGANIZATION]', '[SOURCE]');
    $findingId = '[FINDING_ID]';

    create_finding_sample($formattedParent, $findingId);
}

createMuteConfig

Creates a mute config.

Parameters
NameDescription
parent string

Required. Resource name of the new mute configs's parent. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]".

muteConfig Google\Cloud\SecurityCenter\V1\MuteConfig

Required. The mute config being created.

muteConfigId string

Required. Unique identifier provided by the client within the parent scope. It must consist of lower case letters, numbers, and hyphen, with the first character a letter, the last a letter or a number, and a 63 character maximum.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\MuteConfig
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\MuteConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent  Resource name of the new mute configs's parent. Its format is
 *                                 "organizations/[organization_id]", "folders/[folder_id]", or
 *                                 "projects/[project_id]". Please see
 *                                 {@see SecurityCenterClient::projectName()} for help formatting this field.
 * @param string $muteConfigFilter An expression that defines the filter to apply across
 *                                 create/update events of findings. While creating a filter string, be
 *                                 mindful of the scope in which the mute configuration is being created.
 *                                 E.g., If a filter contains project = X but is created under the project = Y
 *                                 scope, it might not match any findings.
 *
 *                                 The following field and operator combinations are supported:
 *
 *                                 * severity: `=`, `:`
 *                                 * category: `=`, `:`
 *                                 * resource.name: `=`, `:`
 *                                 * resource.project_name: `=`, `:`
 *                                 * resource.project_display_name: `=`, `:`
 *                                 * resource.folders.resource_folder: `=`, `:`
 *                                 * resource.parent_name: `=`, `:`
 *                                 * resource.parent_display_name: `=`, `:`
 *                                 * resource.type: `=`, `:`
 *                                 * finding_class: `=`, `:`
 *                                 * indicator.ip_addresses: `=`, `:`
 *                                 * indicator.domains: `=`, `:`
 * @param string $muteConfigId     Unique identifier provided by the client within the parent scope.
 *                                 It must consist of lower case letters, numbers, and hyphen, with the first
 *                                 character a letter, the last a letter or a number, and a 63 character
 *                                 maximum.
 */
function create_mute_config_sample(
    string $formattedParent,
    string $muteConfigFilter,
    string $muteConfigId
): void {
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $muteConfig = (new MuteConfig())
        ->setFilter($muteConfigFilter);

    // Call the API and handle any network failures.
    try {
        /** @var MuteConfig $response */
        $response = $securityCenterClient->createMuteConfig($formattedParent, $muteConfig, $muteConfigId);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');
    $muteConfigFilter = '[FILTER]';
    $muteConfigId = '[MUTE_CONFIG_ID]';

    create_mute_config_sample($formattedParent, $muteConfigFilter, $muteConfigId);
}

createNotificationConfig

Creates a notification config.

Parameters
NameDescription
parent string

Required. Resource name of the new notification config's parent. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]".

configId string

Required. Unique identifier provided by the client within the parent scope. It must be between 1 and 128 characters and contain alphanumeric characters, underscores, or hyphens only.

notificationConfig Google\Cloud\SecurityCenter\V1\NotificationConfig

Required. The notification config being created. The name and the service account will be ignored as they are both output only fields on this resource.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\NotificationConfig
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\NotificationConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent Resource name of the new notification config's parent. Its format
 *                                is "organizations/[organization_id]", "folders/[folder_id]", or
 *                                "projects/[project_id]". Please see
 *                                {@see SecurityCenterClient::projectName()} for help formatting this field.
 * @param string $configId        Required.
 *                                Unique identifier provided by the client within the parent scope.
 *                                It must be between 1 and 128 characters and contain alphanumeric
 *                                characters, underscores, or hyphens only.
 */
function create_notification_config_sample(string $formattedParent, string $configId): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $notificationConfig = new NotificationConfig();

    // Call the API and handle any network failures.
    try {
        /** @var NotificationConfig $response */
        $response = $securityCenterClient->createNotificationConfig(
            $formattedParent,
            $configId,
            $notificationConfig
        );
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');
    $configId = '[CONFIG_ID]';

    create_notification_config_sample($formattedParent, $configId);
}

createSecurityHealthAnalyticsCustomModule

Creates a resident SecurityHealthAnalyticsCustomModule at the scope of the given CRM parent, and also creates inherited SecurityHealthAnalyticsCustomModules for all CRM descendants of the given parent. These modules are enabled by default.

Parameters
NameDescription
parent string

Required. Resource name of the new custom module's parent. Its format is "organizations/{organization}/securityHealthAnalyticsSettings", "folders/{folder}/securityHealthAnalyticsSettings", or "projects/{project}/securityHealthAnalyticsSettings"

securityHealthAnalyticsCustomModule Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule

Required. SecurityHealthAnalytics custom module to create. The provided name is ignored and reset with provided parent information and server-generated ID.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule;

/**
 * @param string $formattedParent Resource name of the new custom module's parent. Its format is
 *                                "organizations/{organization}/securityHealthAnalyticsSettings",
 *                                "folders/{folder}/securityHealthAnalyticsSettings", or
 *                                "projects/{project}/securityHealthAnalyticsSettings"
 *                                Please see {@see SecurityCenterClient::securityHealthAnalyticsSettingsName()} for help formatting this field.
 */
function create_security_health_analytics_custom_module_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $securityHealthAnalyticsCustomModule = new SecurityHealthAnalyticsCustomModule();

    // Call the API and handle any network failures.
    try {
        /** @var SecurityHealthAnalyticsCustomModule $response */
        $response = $securityCenterClient->createSecurityHealthAnalyticsCustomModule(
            $formattedParent,
            $securityHealthAnalyticsCustomModule
        );
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::securityHealthAnalyticsSettingsName('[ORGANIZATION]');

    create_security_health_analytics_custom_module_sample($formattedParent);
}

createSource

Creates a source.

Parameters
NameDescription
parent string

Required. Resource name of the new source's parent. Its format should be "organizations/[organization_id]".

source Google\Cloud\SecurityCenter\V1\Source

Required. The Source being created, only the display_name and description will be used. All other fields will be ignored.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\Source
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\Source;

/**
 * @param string $formattedParent Resource name of the new source's parent. Its format should be
 *                                "organizations/[organization_id]". Please see
 *                                {@see SecurityCenterClient::organizationName()} for help formatting this field.
 */
function create_source_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $source = new Source();

    // Call the API and handle any network failures.
    try {
        /** @var Source $response */
        $response = $securityCenterClient->createSource($formattedParent, $source);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::organizationName('[ORGANIZATION]');

    create_source_sample($formattedParent);
}

deleteBigQueryExport

Deletes an existing BigQuery export.

Parameters
NameDescription
name string

Required. The name of the BigQuery export to delete. Its format is organizations/{organization}/bigQueryExports/{export_id}, folders/{folder}/bigQueryExports/{export_id}, or projects/{project}/bigQueryExports/{export_id}

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName The name of the BigQuery export to delete. Its format is
 *                              organizations/{organization}/bigQueryExports/{export_id},
 *                              folders/{folder}/bigQueryExports/{export_id}, or
 *                              projects/{project}/bigQueryExports/{export_id}
 *                              Please see {@see SecurityCenterClient::bigQueryExportName()} for help formatting this field.
 */
function delete_big_query_export_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        $securityCenterClient->deleteBigQueryExport($formattedName);
        printf('Call completed successfully.' . PHP_EOL);
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::bigQueryExportName('[ORGANIZATION]', '[EXPORT]');

    delete_big_query_export_sample($formattedName);
}

deleteMuteConfig

Deletes an existing mute config.

Parameters
NameDescription
name string

Required. Name of the mute config to delete. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id}

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the mute config to delete. Its format is
 *                              organizations/{organization}/muteConfigs/{config_id},
 *                              folders/{folder}/muteConfigs/{config_id}, or
 *                              projects/{project}/muteConfigs/{config_id}
 *                              Please see {@see SecurityCenterClient::muteConfigName()} for help formatting this field.
 */
function delete_mute_config_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        $securityCenterClient->deleteMuteConfig($formattedName);
        printf('Call completed successfully.' . PHP_EOL);
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::muteConfigName('[ORGANIZATION]', '[MUTE_CONFIG]');

    delete_mute_config_sample($formattedName);
}

deleteNotificationConfig

Deletes a notification config.

Parameters
NameDescription
name string

Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]".

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the notification config to delete. Its format is
 *                              "organizations/[organization_id]/notificationConfigs/[config_id]",
 *                              "folders/[folder_id]/notificationConfigs/[config_id]",
 *                              or "projects/[project_id]/notificationConfigs/[config_id]". Please see
 *                              {@see SecurityCenterClient::notificationConfigName()} for help formatting this field.
 */
function delete_notification_config_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        $securityCenterClient->deleteNotificationConfig($formattedName);
        printf('Call completed successfully.' . PHP_EOL);
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::notificationConfigName(
        '[ORGANIZATION]',
        '[NOTIFICATION_CONFIG]'
    );

    delete_notification_config_sample($formattedName);
}

deleteSecurityHealthAnalyticsCustomModule

Deletes the specified SecurityHealthAnalyticsCustomModule and all of its descendants in the CRM hierarchy. This method is only supported for resident custom modules.

Parameters
NameDescription
name string

Required. Name of the custom module to delete. Its format is "organizations/{organization}/securityHealthAnalyticsSettings/customModules/{customModule}", "folders/{folder}/securityHealthAnalyticsSettings/customModules/{customModule}", or "projects/{project}/securityHealthAnalyticsSettings/customModules/{customModule}"

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the custom module to delete. Its format is
 *                              "organizations/{organization}/securityHealthAnalyticsSettings/customModules/{customModule}",
 *                              "folders/{folder}/securityHealthAnalyticsSettings/customModules/{customModule}",
 *                              or
 *                              "projects/{project}/securityHealthAnalyticsSettings/customModules/{customModule}"
 *                              Please see {@see SecurityCenterClient::securityHealthAnalyticsCustomModuleName()} for help formatting this field.
 */
function delete_security_health_analytics_custom_module_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        $securityCenterClient->deleteSecurityHealthAnalyticsCustomModule($formattedName);
        printf('Call completed successfully.' . PHP_EOL);
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::securityHealthAnalyticsCustomModuleName(
        '[ORGANIZATION]',
        '[CUSTOM_MODULE]'
    );

    delete_security_health_analytics_custom_module_sample($formattedName);
}

getBigQueryExport

Gets a BigQuery export.

Parameters
NameDescription
name string

Required. Name of the BigQuery export to retrieve. Its format is organizations/{organization}/bigQueryExports/{export_id}, folders/{folder}/bigQueryExports/{export_id}, or projects/{project}/bigQueryExports/{export_id}

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\BigQueryExport
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\BigQueryExport;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the BigQuery export to retrieve. Its format is
 *                              organizations/{organization}/bigQueryExports/{export_id},
 *                              folders/{folder}/bigQueryExports/{export_id}, or
 *                              projects/{project}/bigQueryExports/{export_id}
 *                              Please see {@see SecurityCenterClient::bigQueryExportName()} for help formatting this field.
 */
function get_big_query_export_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var BigQueryExport $response */
        $response = $securityCenterClient->getBigQueryExport($formattedName);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::bigQueryExportName('[ORGANIZATION]', '[EXPORT]');

    get_big_query_export_sample($formattedName);
}

getEffectiveSecurityHealthAnalyticsCustomModule

Retrieves an EffectiveSecurityHealthAnalyticsCustomModule.

Parameters
NameDescription
name string

Required. Name of the effective custom module to get. Its format is "organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}", "folders/{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}", or "projects/{project}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}"

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\EffectiveSecurityHealthAnalyticsCustomModule
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\EffectiveSecurityHealthAnalyticsCustomModule;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the effective custom module to get. Its format is
 *                              "organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}",
 *                              "folders/{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}",
 *                              or
 *                              "projects/{project}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}"
 *                              Please see {@see SecurityCenterClient::effectiveSecurityHealthAnalyticsCustomModuleName()} for help formatting this field.
 */
function get_effective_security_health_analytics_custom_module_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var EffectiveSecurityHealthAnalyticsCustomModule $response */
        $response = $securityCenterClient->getEffectiveSecurityHealthAnalyticsCustomModule($formattedName);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::effectiveSecurityHealthAnalyticsCustomModuleName(
        '[ORGANIZATION]',
        '[EFFECTIVE_CUSTOM_MODULE]'
    );

    get_effective_security_health_analytics_custom_module_sample($formattedName);
}

getIamPolicy

Gets the access control policy on the specified Source.

Parameters
NameDescription
resource string

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

optionalArgs array

Optional.

↳ options GetPolicyOptions

OPTIONAL: A GetPolicyOptions object for specifying options to GetIamPolicy.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\Iam\V1\Policy
Example
use Google\ApiCore\ApiException;
use Google\Cloud\Iam\V1\Policy;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $resource REQUIRED: The resource for which the policy is being requested.
 *                         See the operation documentation for the appropriate value for this field.
 */
function get_iam_policy_sample(string $resource): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var Policy $response */
        $response = $securityCenterClient->getIamPolicy($resource);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $resource = '[RESOURCE]';

    get_iam_policy_sample($resource);
}

getMuteConfig

Gets a mute config.

Parameters
NameDescription
name string

Required. Name of the mute config to retrieve. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id}

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\MuteConfig
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\MuteConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the mute config to retrieve. Its format is
 *                              organizations/{organization}/muteConfigs/{config_id},
 *                              folders/{folder}/muteConfigs/{config_id}, or
 *                              projects/{project}/muteConfigs/{config_id}
 *                              Please see {@see SecurityCenterClient::muteConfigName()} for help formatting this field.
 */
function get_mute_config_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var MuteConfig $response */
        $response = $securityCenterClient->getMuteConfig($formattedName);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::muteConfigName('[ORGANIZATION]', '[MUTE_CONFIG]');

    get_mute_config_sample($formattedName);
}

getNotificationConfig

Gets a notification config.

Parameters
NameDescription
name string

Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]".

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\NotificationConfig
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\NotificationConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the notification config to get. Its format is
 *                              "organizations/[organization_id]/notificationConfigs/[config_id]",
 *                              "folders/[folder_id]/notificationConfigs/[config_id]",
 *                              or "projects/[project_id]/notificationConfigs/[config_id]". Please see
 *                              {@see SecurityCenterClient::notificationConfigName()} for help formatting this field.
 */
function get_notification_config_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var NotificationConfig $response */
        $response = $securityCenterClient->getNotificationConfig($formattedName);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::notificationConfigName(
        '[ORGANIZATION]',
        '[NOTIFICATION_CONFIG]'
    );

    get_notification_config_sample($formattedName);
}

getOrganizationSettings

Gets the settings for an organization.

Parameters
NameDescription
name string

Required. Name of the organization to get organization settings for. Its format is "organizations/[organization_id]/organizationSettings".

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\OrganizationSettings
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\OrganizationSettings;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName Name of the organization to get organization settings for. Its
 *                              format is "organizations/[organization_id]/organizationSettings". Please see
 *                              {@see SecurityCenterClient::organizationSettingsName()} for help formatting this field.
 */
function get_organization_settings_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var OrganizationSettings $response */
        $response = $securityCenterClient->getOrganizationSettings($formattedName);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::organizationSettingsName('[ORGANIZATION]');

    get_organization_settings_sample($formattedName);
}

getSecurityHealthAnalyticsCustomModule

Retrieves a SecurityHealthAnalyticsCustomModule.

Parameters
NameDescription
name string

Required. Name of the custom module to get. Its format is "organizations/{organization}/securityHealthAnalyticsSettings/customModules/{customModule}", "folders/{folder}/securityHealthAnalyticsSettings/customModules/{customModule}", or "projects/{project}/securityHealthAnalyticsSettings/customModules/{customModule}"

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule;

/**
 * @param string $formattedName Name of the custom module to get. Its format is
 *                              "organizations/{organization}/securityHealthAnalyticsSettings/customModules/{customModule}",
 *                              "folders/{folder}/securityHealthAnalyticsSettings/customModules/{customModule}",
 *                              or
 *                              "projects/{project}/securityHealthAnalyticsSettings/customModules/{customModule}"
 *                              Please see {@see SecurityCenterClient::securityHealthAnalyticsCustomModuleName()} for help formatting this field.
 */
function get_security_health_analytics_custom_module_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var SecurityHealthAnalyticsCustomModule $response */
        $response = $securityCenterClient->getSecurityHealthAnalyticsCustomModule($formattedName);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::securityHealthAnalyticsCustomModuleName(
        '[ORGANIZATION]',
        '[CUSTOM_MODULE]'
    );

    get_security_health_analytics_custom_module_sample($formattedName);
}

getSource

Gets a source.

Parameters
NameDescription
name string

Required. Relative resource name of the source. Its format is "organizations/[organization_id]/source/[source_id]".

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\Source
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\Source;

/**
 * @param string $formattedName Relative resource name of the source. Its format is
 *                              "organizations/[organization_id]/source/[source_id]". Please see
 *                              {@see SecurityCenterClient::sourceName()} for help formatting this field.
 */
function get_source_sample(string $formattedName): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var Source $response */
        $response = $securityCenterClient->getSource($formattedName);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::sourceName('[ORGANIZATION]', '[SOURCE]');

    get_source_sample($formattedName);
}

groupAssets

Filters an organization's assets and groups them by their specified properties.

Parameters
NameDescription
parent string

Required. The name of the parent to group the assets by. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]".

groupBy string

Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project".

The following fields are supported when compare_duration is not set:

  • security_center_properties.resource_project
  • security_center_properties.resource_project_display_name
  • security_center_properties.resource_type
  • security_center_properties.resource_parent
  • security_center_properties.resource_parent_display_name

The following fields are supported when compare_duration is set:

  • security_center_properties.resource_type
  • security_center_properties.resource_project_display_name
  • security_center_properties.resource_parent_display_name
optionalArgs array

Optional.

↳ filter string

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: * name * security_center_properties.resource_name * resource_properties.a_property * security_marks.marks.marka The supported operators are: * = for all value types. * >, <, >=, <= for integer values. * :, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals true and false without quotes. The following field and operator combinations are supported: * name: = * update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: update_time = "2019-06-10T16:07:18-07:00" update_time = 1560208038000 * create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: create_time = "2019-06-10T16:07:18-07:00" create_time = 1560208038000 * iam_policy.policy_blob: =, : * resource_properties: =, :, >, <, >=, <= * security_marks.marks: =, : * security_center_properties.resource_name: =, : * security_center_properties.resource_display_name: =, : * security_center_properties.resource_type: =, : * security_center_properties.resource_parent: =, : * security_center_properties.resource_parent_display_name: =, : * security_center_properties.resource_project: =, : * security_center_properties.resource_project_display_name: =, : * security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: resource_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -resource_properties.my_property : ""

↳ compareDuration Duration

When compare_duration is set, the GroupResult's "state_change" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: * "ADDED": indicates that the asset was not present at the start of compare_duration, but present at reference_time. * "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time. * "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time. If this field is set then state_change must be a specified field in group_by.

↳ readTime Timestamp

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\GroupResult;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent The name of the parent to group the assets by. Its format is
 *                                "organizations/[organization_id]", "folders/[folder_id]", or
 *                                "projects/[project_id]". Please see
 *                                {@see SecurityCenterClient::projectName()} for help formatting this field.
 * @param string $groupBy         Expression that defines what assets fields to use for grouping.
 *                                The string value should follow SQL syntax: comma separated list of fields.
 *                                For example:
 *                                "security_center_properties.resource_project,security_center_properties.project".
 *
 *                                The following fields are supported when compare_duration is not set:
 *
 *                                * security_center_properties.resource_project
 *                                * security_center_properties.resource_project_display_name
 *                                * security_center_properties.resource_type
 *                                * security_center_properties.resource_parent
 *                                * security_center_properties.resource_parent_display_name
 *
 *                                The following fields are supported when compare_duration is set:
 *
 *                                * security_center_properties.resource_type
 *                                * security_center_properties.resource_project_display_name
 *                                * security_center_properties.resource_parent_display_name
 */
function group_assets_sample(string $formattedParent, string $groupBy): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->groupAssets($formattedParent, $groupBy);

        /** @var GroupResult $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');
    $groupBy = '[GROUP_BY]';

    group_assets_sample($formattedParent, $groupBy);
}

groupFindings

Filters an organization or source's findings and groups them by their specified properties.

To group across all sources provide a - as the source id. Example: /v1/organizations/{organization_id}/sources/-/findings, /v1/folders/{folder_id}/sources/-/findings, /v1/projects/{project_id}/sources/-/findings

Parameters
NameDescription
parent string

Required. Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]", folders/[folder_id]/sources/[source_id], or projects/[project_id]/sources/[source_id]. To groupBy across all sources provide a source_id of -. For example: organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-, or projects/{project_id}/sources/-

groupBy string

Required. Expression that defines what assets fields to use for grouping (including state_change). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

The following fields are supported:

  • resource_name
  • category
  • state
  • parent
  • severity

The following fields are supported when compare_duration is set:

  • state_change
optionalArgs array

Optional.

↳ filter string

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: * name * source_properties.a_property * security_marks.marks.marka The supported operators are: * = for all value types. * >, <, >=, <= for integer values. * :, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals true and false without quotes. The following field and operator combinations are supported: * name: = * parent: =, : * resource_name: =, : * state: =, : * category: =, : * external_uri: =, : * event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000 * severity: =, : * workflow_state: =, : * security_marks.marks: =, : * source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: source_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -source_properties.my_property : "" * resource: * resource.name: =, : * resource.parent_name: =, : * resource.parent_display_name: =, : * resource.project_name: =, : * resource.project_display_name: =, : * resource.type: =, :

↳ readTime Timestamp

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

↳ compareDuration Duration

When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again. Possible "state_change" values when compare_duration is specified: * "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time. * "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time. * "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time. * "REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time. If this field is set then state_change must be a specified field in group_by.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\GroupResult;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent Name of the source to groupBy. Its format is
 *                                "organizations/[organization_id]/sources/[source_id]",
 *                                folders/[folder_id]/sources/[source_id], or
 *                                projects/[project_id]/sources/[source_id]. To groupBy across all sources
 *                                provide a source_id of `-`. For example:
 *                                organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-,
 *                                or projects/{project_id}/sources/-
 *                                Please see {@see SecurityCenterClient::sourceName()} for help formatting this field.
 * @param string $groupBy         Expression that defines what assets fields to use for grouping
 *                                (including `state_change`). The string value should follow SQL syntax:
 *                                comma separated list of fields. For example: "parent,resource_name".
 *
 *                                The following fields are supported:
 *
 *                                * resource_name
 *                                * category
 *                                * state
 *                                * parent
 *                                * severity
 *
 *                                The following fields are supported when compare_duration is set:
 *
 *                                * state_change
 */
function group_findings_sample(string $formattedParent, string $groupBy): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->groupFindings($formattedParent, $groupBy);

        /** @var GroupResult $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::sourceName('[ORGANIZATION]', '[SOURCE]');
    $groupBy = '[GROUP_BY]';

    group_findings_sample($formattedParent, $groupBy);
}

listAssets

Lists an organization's assets.

Parameters
NameDescription
parent string

Required. The name of the parent resource that contains the assets. The value that you can specify on parent depends on the method in which you specify parent. You can specify one of the following values: "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]".

optionalArgs array

Optional.

↳ filter string

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: * name * security_center_properties.resource_name * resource_properties.a_property * security_marks.marks.marka The supported operators are: * = for all value types. * >, <, >=, <= for integer values. * :, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals true and false without quotes. The following are the allowed field and operator combinations: * name: = * update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: update_time = "2019-06-10T16:07:18-07:00" update_time = 1560208038000 * create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: create_time = "2019-06-10T16:07:18-07:00" create_time = 1560208038000 * iam_policy.policy_blob: =, : * resource_properties: =, :, >, <, >=, <= * security_marks.marks: =, : * security_center_properties.resource_name: =, : * security_center_properties.resource_display_name: =, : * security_center_properties.resource_type: =, : * security_center_properties.resource_parent: =, : * security_center_properties.resource_parent_display_name: =, : * security_center_properties.resource_project: =, : * security_center_properties.resource_project_display_name: =, : * security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: resource_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -resource_properties.my_property : ""

↳ orderBy string

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent. The following fields are supported: name update_time resource_properties security_marks.marks security_center_properties.resource_name security_center_properties.resource_display_name security_center_properties.resource_parent security_center_properties.resource_parent_display_name security_center_properties.resource_project security_center_properties.resource_project_display_name security_center_properties.resource_type

↳ readTime Timestamp

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

↳ compareDuration Duration

When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: * "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time. * "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. * "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.

↳ fieldMask FieldMask

A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\ListAssetsResponse\ListAssetsResult;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent The name of the parent resource that contains the assets. The
 *                                value that you can specify on parent depends on the method in which you
 *                                specify parent. You can specify one of the following values:
 *                                "organizations/[organization_id]", "folders/[folder_id]", or
 *                                "projects/[project_id]". Please see
 *                                {@see SecurityCenterClient::projectName()} for help formatting this field.
 */
function list_assets_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listAssets($formattedParent);

        /** @var ListAssetsResult $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');

    list_assets_sample($formattedParent);
}

listBigQueryExports

Lists BigQuery exports. Note that when requesting BigQuery exports at a given level all exports under that level are also returned e.g. if requesting BigQuery exports under a folder, then all BigQuery exports immediately under the folder plus the ones created under the projects within the folder are returned.

Parameters
NameDescription
parent string

Required. The parent, which owns the collection of BigQuery exports. Its format is "organizations/[organization_id]", "folders/[folder_id]", "projects/[project_id]".

optionalArgs array

Optional.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\BigQueryExport;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent The parent, which owns the collection of BigQuery exports. Its
 *                                format is "organizations/[organization_id]", "folders/[folder_id]",
 *                                "projects/[project_id]". Please see
 *                                {@see SecurityCenterClient::projectName()} for help formatting this field.
 */
function list_big_query_exports_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listBigQueryExports($formattedParent);

        /** @var BigQueryExport $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');

    list_big_query_exports_sample($formattedParent);
}

listDescendantSecurityHealthAnalyticsCustomModules

Returns a list of all resident SecurityHealthAnalyticsCustomModules under the given CRM parent and all of the parent’s CRM descendants.

Parameters
NameDescription
parent string

Required. Name of parent to list descendant custom modules. Its format is "organizations/{organization}/securityHealthAnalyticsSettings", "folders/{folder}/securityHealthAnalyticsSettings", or "projects/{project}/securityHealthAnalyticsSettings"

optionalArgs array

Optional.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule;

/**
 * @param string $formattedParent Name of parent to list descendant custom modules. Its format is
 *                                "organizations/{organization}/securityHealthAnalyticsSettings",
 *                                "folders/{folder}/securityHealthAnalyticsSettings", or
 *                                "projects/{project}/securityHealthAnalyticsSettings"
 *                                Please see {@see SecurityCenterClient::securityHealthAnalyticsSettingsName()} for help formatting this field.
 */
function list_descendant_security_health_analytics_custom_modules_sample(
    string $formattedParent
): void {
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listDescendantSecurityHealthAnalyticsCustomModules(
            $formattedParent
        );

        /** @var SecurityHealthAnalyticsCustomModule $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::securityHealthAnalyticsSettingsName('[ORGANIZATION]');

    list_descendant_security_health_analytics_custom_modules_sample($formattedParent);
}

listEffectiveSecurityHealthAnalyticsCustomModules

Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for the given parent. This includes resident modules defined at the scope of the parent, and inherited modules, inherited from CRM ancestors.

Parameters
NameDescription
parent string

Required. Name of parent to list effective custom modules. Its format is "organizations/{organization}/securityHealthAnalyticsSettings", "folders/{folder}/securityHealthAnalyticsSettings", or "projects/{project}/securityHealthAnalyticsSettings"

optionalArgs array

Optional.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\EffectiveSecurityHealthAnalyticsCustomModule;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent Name of parent to list effective custom modules. Its format is
 *                                "organizations/{organization}/securityHealthAnalyticsSettings",
 *                                "folders/{folder}/securityHealthAnalyticsSettings", or
 *                                "projects/{project}/securityHealthAnalyticsSettings"
 *                                Please see {@see SecurityCenterClient::securityHealthAnalyticsSettingsName()} for help formatting this field.
 */
function list_effective_security_health_analytics_custom_modules_sample(
    string $formattedParent
): void {
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listEffectiveSecurityHealthAnalyticsCustomModules(
            $formattedParent
        );

        /** @var EffectiveSecurityHealthAnalyticsCustomModule $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::securityHealthAnalyticsSettingsName('[ORGANIZATION]');

    list_effective_security_health_analytics_custom_modules_sample($formattedParent);
}

listFindings

Lists an organization or source's findings.

To list across all sources provide a - as the source id. Example: /v1/organizations/{organization_id}/sources/-/findings

Parameters
NameDescription
parent string

Required. Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id], folders/[folder_id]/sources/[source_id], or projects/[project_id]/sources/[source_id]". To list across all sources provide a source_id of -. For example: organizations/{organization_id}/sources/-, folders/{folder_id}/sources/- or projects/{projects_id}/sources/-

optionalArgs array

Optional.

↳ filter string

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: * name * source_properties.a_property * security_marks.marks.marka The supported operators are: * = for all value types. * >, <, >=, <= for integer values. * :, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals true and false without quotes. The following field and operator combinations are supported: * name: = * parent: =, : * resource_name: =, : * state: =, : * category: =, : * external_uri: =, : * event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000 * severity: =, : * workflow_state: =, : * security_marks.marks: =, : * source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string. Use a partial match on the empty string to filter based on a property existing: source_properties.my_property : "" Use a negated partial match on the empty string to filter based on a property not existing: -source_properties.my_property : "" * resource: * resource.name: =, : * resource.parent_name: =, : * resource.parent_display_name: =, : * resource.project_name: =, : * resource.project_display_name: =, : * resource.type: =, : * resource.folders.resource_folder: =, : * resource.display_name: =, :

↳ orderBy string

Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent. The following fields are supported: name parent state category resource_name event_time source_properties security_marks.marks

↳ readTime Timestamp

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

↳ compareDuration Duration

When compare_duration is set, the ListFindingsResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added in any state during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again. Possible "state_change" values when compare_duration is specified: * "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time. * "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time. * "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time. * "REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.

↳ fieldMask FieldMask

A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\ListFindingsResponse\ListFindingsResult;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent Name of the source the findings belong to. Its format is
 *                                "organizations/[organization_id]/sources/[source_id],
 *                                folders/[folder_id]/sources/[source_id], or
 *                                projects/[project_id]/sources/[source_id]". To list across all sources
 *                                provide a source_id of `-`. For example:
 *                                organizations/{organization_id}/sources/-, folders/{folder_id}/sources/- or
 *                                projects/{projects_id}/sources/-
 *                                Please see {@see SecurityCenterClient::sourceName()} for help formatting this field.
 */
function list_findings_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listFindings($formattedParent);

        /** @var ListFindingsResult $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::sourceName('[ORGANIZATION]', '[SOURCE]');

    list_findings_sample($formattedParent);
}

listMuteConfigs

Lists mute configs.

Parameters
NameDescription
parent string

Required. The parent, which owns the collection of mute configs. Its format is "organizations/[organization_id]", "folders/[folder_id]", "projects/[project_id]".

optionalArgs array

Optional.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\MuteConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent The parent, which owns the collection of mute configs. Its format
 *                                is "organizations/[organization_id]", "folders/[folder_id]",
 *                                "projects/[project_id]". Please see
 *                                {@see SecurityCenterClient::projectName()} for help formatting this field.
 */
function list_mute_configs_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listMuteConfigs($formattedParent);

        /** @var MuteConfig $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');

    list_mute_configs_sample($formattedParent);
}

listNotificationConfigs

Lists notification configs.

Parameters
NameDescription
parent string

Required. The name of the parent in which to list the notification configurations. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]".

optionalArgs array

Optional.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\NotificationConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedParent The name of the parent in which to list the notification
 *                                configurations. Its format is "organizations/[organization_id]",
 *                                "folders/[folder_id]", or "projects/[project_id]". Please see
 *                                {@see SecurityCenterClient::projectName()} for help formatting this field.
 */
function list_notification_configs_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listNotificationConfigs($formattedParent);

        /** @var NotificationConfig $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');

    list_notification_configs_sample($formattedParent);
}

listSecurityHealthAnalyticsCustomModules

Returns a list of all SecurityHealthAnalyticsCustomModules for the given parent. This includes resident modules defined at the scope of the parent, and inherited modules, inherited from CRM ancestors.

Parameters
NameDescription
parent string

Required. Name of parent to list custom modules. Its format is "organizations/{organization}/securityHealthAnalyticsSettings", "folders/{folder}/securityHealthAnalyticsSettings", or "projects/{project}/securityHealthAnalyticsSettings"

optionalArgs array

Optional.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule;

/**
 * @param string $formattedParent Name of parent to list custom modules. Its format is
 *                                "organizations/{organization}/securityHealthAnalyticsSettings",
 *                                "folders/{folder}/securityHealthAnalyticsSettings", or
 *                                "projects/{project}/securityHealthAnalyticsSettings"
 *                                Please see {@see SecurityCenterClient::securityHealthAnalyticsSettingsName()} for help formatting this field.
 */
function list_security_health_analytics_custom_modules_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listSecurityHealthAnalyticsCustomModules($formattedParent);

        /** @var SecurityHealthAnalyticsCustomModule $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::securityHealthAnalyticsSettingsName('[ORGANIZATION]');

    list_security_health_analytics_custom_modules_sample($formattedParent);
}

listSources

Lists all sources belonging to an organization.

Parameters
NameDescription
parent string

Required. Resource name of the parent of sources to list. Its format should be "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]".

optionalArgs array

Optional.

↳ pageToken string

A page token is used to specify a page of values to be returned. If no page token is specified (the default), the first page of values will be returned. Any page token used here must have been generated by a previous call to the API.

↳ pageSize int

The maximum number of resources contained in the underlying API response. The API may return fewer values in a page, even if there are additional values to be retrieved.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\Source;

/**
 * @param string $formattedParent Resource name of the parent of sources to list. Its format should
 *                                be "organizations/[organization_id]", "folders/[folder_id]", or
 *                                "projects/[project_id]". Please see
 *                                {@see SecurityCenterClient::projectName()} for help formatting this field.
 */
function list_sources_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $securityCenterClient->listSources($formattedParent);

        /** @var Source $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::projectName('[PROJECT]');

    list_sources_sample($formattedParent);
}

runAssetDiscovery

Runs asset discovery. The discovery is tracked with a long-running operation.

This API can only be called with limited frequency for an organization. If it is called too frequently the caller will receive a TOO_MANY_REQUESTS error.

Parameters
NameDescription
parent string

Required. Name of the organization to run asset discovery for. Its format is "organizations/[organization_id]".

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\OperationResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\OperationResponse;
use Google\Cloud\SecurityCenter\V1\RunAssetDiscoveryResponse;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Rpc\Status;

/**
 * @param string $formattedParent Name of the organization to run asset discovery for. Its format
 *                                is "organizations/[organization_id]". Please see
 *                                {@see SecurityCenterClient::organizationName()} for help formatting this field.
 */
function run_asset_discovery_sample(string $formattedParent): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var OperationResponse $response */
        $response = $securityCenterClient->runAssetDiscovery($formattedParent);
        $response->pollUntilComplete();

        if ($response->operationSucceeded()) {
            /** @var RunAssetDiscoveryResponse $result */
            $result = $response->getResult();
            printf('Operation successful with response data: %s' . PHP_EOL, $result->serializeToJsonString());
        } else {
            /** @var Status $error */
            $error = $response->getError();
            printf('Operation failed with error data: %s' . PHP_EOL, $error->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = SecurityCenterClient::organizationName('[ORGANIZATION]');

    run_asset_discovery_sample($formattedParent);
}

setFindingState

Updates the state of a finding.

Parameters
NameDescription
name string

Required. The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

state int

Required. The desired State of the finding. For allowed values, use constants defined on {@see \Google\Cloud\SecurityCenter\V1\Finding\State}

startTime Google\Protobuf\Timestamp

Required. The time at which the updated state takes effect.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\Finding
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\Finding;
use Google\Cloud\SecurityCenter\V1\Finding\State;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Protobuf\Timestamp;

/**
 * @param string $formattedName The [relative resource
 *                              name](https://cloud.google.com/apis/design/resource_names#relative_resource_name)
 *                              of the finding. Example:
 *                              "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}",
 *                              "folders/{folder_id}/sources/{source_id}/findings/{finding_id}",
 *                              "projects/{project_id}/sources/{source_id}/findings/{finding_id}". Please see
 *                              {@see SecurityCenterClient::findingName()} for help formatting this field.
 * @param int    $state         The desired State of the finding.
 */
function set_finding_state_sample(string $formattedName, int $state): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $startTime = new Timestamp();

    // Call the API and handle any network failures.
    try {
        /** @var Finding $response */
        $response = $securityCenterClient->setFindingState($formattedName, $state, $startTime);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::findingName('[ORGANIZATION]', '[SOURCE]', '[FINDING]');
    $state = State::STATE_UNSPECIFIED;

    set_finding_state_sample($formattedName, $state);
}

setIamPolicy

Sets the access control policy on the specified Source.

Parameters
NameDescription
resource string

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

policy Google\Cloud\Iam\V1\Policy

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

optionalArgs array

Optional.

↳ updateMask FieldMask

OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: paths: "bindings, etag"

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\Iam\V1\Policy
Example
use Google\ApiCore\ApiException;
use Google\Cloud\Iam\V1\Policy;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $resource REQUIRED: The resource for which the policy is being specified.
 *                         See the operation documentation for the appropriate value for this field.
 */
function set_iam_policy_sample(string $resource): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $policy = new Policy();

    // Call the API and handle any network failures.
    try {
        /** @var Policy $response */
        $response = $securityCenterClient->setIamPolicy($resource, $policy);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $resource = '[RESOURCE]';

    set_iam_policy_sample($resource);
}

setMute

Updates the mute state of a finding.

Parameters
NameDescription
name string

Required. The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

mute int

Required. The desired state of the Mute. For allowed values, use constants defined on {@see \Google\Cloud\SecurityCenter\V1\Finding\Mute}

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\Finding
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\Finding;
use Google\Cloud\SecurityCenter\V1\Finding\Mute;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $formattedName The [relative resource
 *                              name](https://cloud.google.com/apis/design/resource_names#relative_resource_name)
 *                              of the finding. Example:
 *                              "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}",
 *                              "folders/{folder_id}/sources/{source_id}/findings/{finding_id}",
 *                              "projects/{project_id}/sources/{source_id}/findings/{finding_id}". Please see
 *                              {@see SecurityCenterClient::findingName()} for help formatting this field.
 * @param int    $mute          The desired state of the Mute.
 */
function set_mute_sample(string $formattedName, int $mute): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Call the API and handle any network failures.
    try {
        /** @var Finding $response */
        $response = $securityCenterClient->setMute($formattedName, $mute);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedName = SecurityCenterClient::findingName('[ORGANIZATION]', '[SOURCE]', '[FINDING]');
    $mute = Mute::MUTE_UNSPECIFIED;

    set_mute_sample($formattedName, $mute);
}

testIamPermissions

Returns the permissions that a caller has on the specified source.

Parameters
NameDescription
resource string

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

permissions string[]

The set of permissions to check for the resource. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see IAM Overview.

optionalArgs array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\Iam\V1\TestIamPermissionsResponse
Example
use Google\ApiCore\ApiException;
use Google\Cloud\Iam\V1\TestIamPermissionsResponse;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $resource           REQUIRED: The resource for which the policy detail is being requested.
 *                                   See the operation documentation for the appropriate value for this field.
 * @param string $permissionsElement The set of permissions to check for the `resource`. Permissions with
 *                                   wildcards (such as '*' or 'storage.*') are not allowed. For more
 *                                   information see
 *                                   [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
 */
function test_iam_permissions_sample(string $resource, string $permissionsElement): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $permissions = [$permissionsElement,];

    // Call the API and handle any network failures.
    try {
        /** @var TestIamPermissionsResponse $response */
        $response = $securityCenterClient->testIamPermissions($resource, $permissions);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $resource = '[RESOURCE]';
    $permissionsElement = '[PERMISSIONS]';

    test_iam_permissions_sample($resource, $permissionsElement);
}

updateBigQueryExport

Updates a BigQuery export.

Parameters
NameDescription
bigQueryExport Google\Cloud\SecurityCenter\V1\BigQueryExport

Required. The BigQuery export being updated.

optionalArgs array

Optional.

↳ updateMask FieldMask

The list of fields to be updated. If empty all mutable fields will be updated.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\BigQueryExport
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\BigQueryExport;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_big_query_export_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $bigQueryExport = new BigQueryExport();

    // Call the API and handle any network failures.
    try {
        /** @var BigQueryExport $response */
        $response = $securityCenterClient->updateBigQueryExport($bigQueryExport);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

updateExternalSystem

Updates external system. This is for a given finding.

Parameters
NameDescription
externalSystem Google\Cloud\SecurityCenter\V1\ExternalSystem

Required. The external system resource to update.

optionalArgs array

Optional.

↳ updateMask FieldMask

The FieldMask to use when updating the external system resource. If empty all mutable fields will be updated.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\ExternalSystem
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\ExternalSystem;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_external_system_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $externalSystem = new ExternalSystem();

    // Call the API and handle any network failures.
    try {
        /** @var ExternalSystem $response */
        $response = $securityCenterClient->updateExternalSystem($externalSystem);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

updateFinding

Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.

Parameters
NameDescription
finding Google\Cloud\SecurityCenter\V1\Finding

Required. The finding resource to update or create if it does not already exist. parent, security_marks, and update_time will be ignored.

In the case of creation, the finding id portion of the name must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

optionalArgs array

Optional.

↳ updateMask FieldMask

The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using "source_properties.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\Finding
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\Finding;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_finding_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $finding = new Finding();

    // Call the API and handle any network failures.
    try {
        /** @var Finding $response */
        $response = $securityCenterClient->updateFinding($finding);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

updateMuteConfig

Updates a mute config.

Parameters
NameDescription
muteConfig Google\Cloud\SecurityCenter\V1\MuteConfig

Required. The mute config being updated.

optionalArgs array

Optional.

↳ updateMask FieldMask

The list of fields to be updated. If empty all mutable fields will be updated.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\MuteConfig
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\MuteConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * @param string $muteConfigFilter An expression that defines the filter to apply across
 *                                 create/update events of findings. While creating a filter string, be
 *                                 mindful of the scope in which the mute configuration is being created.
 *                                 E.g., If a filter contains project = X but is created under the project = Y
 *                                 scope, it might not match any findings.
 *
 *                                 The following field and operator combinations are supported:
 *
 *                                 * severity: `=`, `:`
 *                                 * category: `=`, `:`
 *                                 * resource.name: `=`, `:`
 *                                 * resource.project_name: `=`, `:`
 *                                 * resource.project_display_name: `=`, `:`
 *                                 * resource.folders.resource_folder: `=`, `:`
 *                                 * resource.parent_name: `=`, `:`
 *                                 * resource.parent_display_name: `=`, `:`
 *                                 * resource.type: `=`, `:`
 *                                 * finding_class: `=`, `:`
 *                                 * indicator.ip_addresses: `=`, `:`
 *                                 * indicator.domains: `=`, `:`
 */
function update_mute_config_sample(string $muteConfigFilter): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $muteConfig = (new MuteConfig())
        ->setFilter($muteConfigFilter);

    // Call the API and handle any network failures.
    try {
        /** @var MuteConfig $response */
        $response = $securityCenterClient->updateMuteConfig($muteConfig);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $muteConfigFilter = '[FILTER]';

    update_mute_config_sample($muteConfigFilter);
}

updateNotificationConfig

Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter

Parameters
NameDescription
notificationConfig Google\Cloud\SecurityCenter\V1\NotificationConfig

Required. The notification config to update.

optionalArgs array

Optional.

↳ updateMask FieldMask

The FieldMask to use when updating the notification config. If empty all mutable fields will be updated.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\NotificationConfig
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\NotificationConfig;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_notification_config_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $notificationConfig = new NotificationConfig();

    // Call the API and handle any network failures.
    try {
        /** @var NotificationConfig $response */
        $response = $securityCenterClient->updateNotificationConfig($notificationConfig);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

updateOrganizationSettings

Updates an organization's settings.

Parameters
NameDescription
organizationSettings Google\Cloud\SecurityCenter\V1\OrganizationSettings

Required. The organization settings resource to update.

optionalArgs array

Optional.

↳ updateMask FieldMask

The FieldMask to use when updating the settings resource. If empty all mutable fields will be updated.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\OrganizationSettings
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\OrganizationSettings;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_organization_settings_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $organizationSettings = new OrganizationSettings();

    // Call the API and handle any network failures.
    try {
        /** @var OrganizationSettings $response */
        $response = $securityCenterClient->updateOrganizationSettings($organizationSettings);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

updateSecurityHealthAnalyticsCustomModule

Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of "inherited"). Updating the display name and custom config of a module is supported on resident modules only.

Parameters
NameDescription
securityHealthAnalyticsCustomModule Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule

Required. The SecurityHealthAnalytics custom module to update.

optionalArgs array

Optional.

↳ updateMask FieldMask

The list of fields to update.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\SecurityHealthAnalyticsCustomModule;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_security_health_analytics_custom_module_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $securityHealthAnalyticsCustomModule = new SecurityHealthAnalyticsCustomModule();

    // Call the API and handle any network failures.
    try {
        /** @var SecurityHealthAnalyticsCustomModule $response */
        $response = $securityCenterClient->updateSecurityHealthAnalyticsCustomModule(
            $securityHealthAnalyticsCustomModule
        );
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

updateSecurityMarks

Updates security marks.

Parameters
NameDescription
securityMarks Google\Cloud\SecurityCenter\V1\SecurityMarks

Required. The security marks resource to update.

optionalArgs array

Optional.

↳ updateMask FieldMask

The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.<mark_key>".

↳ startTime Timestamp

The time at which the updated SecurityMarks take effect. If not set uses current server time. Updates will be applied to the SecurityMarks that are active immediately preceding this time. Must be earlier or equal to the server time.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\SecurityMarks
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\SecurityMarks;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_security_marks_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $securityMarks = new SecurityMarks();

    // Call the API and handle any network failures.
    try {
        /** @var SecurityMarks $response */
        $response = $securityCenterClient->updateSecurityMarks($securityMarks);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

updateSource

Updates a source.

Parameters
NameDescription
source Google\Cloud\SecurityCenter\V1\Source

Required. The source resource to update.

optionalArgs array

Optional.

↳ updateMask FieldMask

The FieldMask to use when updating the source resource. If empty all mutable fields will be updated.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\SecurityCenter\V1\Source
Example
use Google\ApiCore\ApiException;
use Google\Cloud\SecurityCenter\V1\SecurityCenterClient;
use Google\Cloud\SecurityCenter\V1\Source;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function update_source_sample(): void
{
    // Create a client.
    $securityCenterClient = new SecurityCenterClient();

    // Prepare any non-scalar elements to be passed along with the request.
    $source = new Source();

    // Call the API and handle any network failures.
    try {
        /** @var Source $response */
        $response = $securityCenterClient->updateSource($source);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

Constants

SERVICE_NAME

Value: 'google.cloud.securitycenter.v1.SecurityCenter'

The name of the service.

SERVICE_ADDRESS

Value: 'securitycenter.googleapis.com'

The default address of the service.

DEFAULT_SERVICE_PORT

Value: 443

The default port of the service.

CODEGEN_NAME

Value: 'gapic'

The name of the code generator, to be included in the agent header.