Module types (0.5.0)

API documentation for securitycenter_v1.types module.

Classes

Any

API documentation for securitycenter_v1.types.Any class.

Asset

Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud Platform (GCP) resource.

The Asset is a Cloud SCC resource that captures information about a single GCP resource. All modifications to an Asset are only within the context of Cloud SCC and don't affect the referenced GCP resource.

Cloud SCC managed properties. These properties are managed by Cloud SCC and cannot be modified by the user.

User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the asset.

The time at which the asset was last updated, added, or deleted in Cloud SCC.

AuditConfig

API documentation for securitycenter_v1.types.AuditConfig class.

AuditConfigDelta

API documentation for securitycenter_v1.types.AuditConfigDelta class.

AuditLogConfig

API documentation for securitycenter_v1.types.AuditLogConfig class.

Binding

API documentation for securitycenter_v1.types.Binding class.

BindingDelta

API documentation for securitycenter_v1.types.BindingDelta class.

CancelOperationRequest

API documentation for securitycenter_v1.types.CancelOperationRequest class.

CreateFindingRequest

Request message for creating a finding.

Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length.

CreateNotificationConfigRequest

Request message for creating a notification config.

Required. Unique identifier provided by the client within the parent scope. It must be between 1 and 128 characters, and contains alphanumeric characters, underscores or hyphens only.

CreateSourceRequest

Request message for creating a source.

Required. The Source being created, only the display_name and description will be used. All other fields will be ignored.

DeleteNotificationConfigRequest

Request message for deleting a notification config.

DeleteOperationRequest

API documentation for securitycenter_v1.types.DeleteOperationRequest class.

Duration

API documentation for securitycenter_v1.types.Duration class.

Empty

API documentation for securitycenter_v1.types.Empty class.

Expr

API documentation for securitycenter_v1.types.Expr class.

FieldMask

API documentation for securitycenter_v1.types.FieldMask class.

Finding

Cloud Security Command Center (Cloud SCC) finding.

A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Cloud SCC for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names# relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

The state of the finding.

The URI that, if available, points to a web page outside of Cloud SCC where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.

The time at which the finding was created in Cloud SCC.

GetIamPolicyRequest

API documentation for securitycenter_v1.types.GetIamPolicyRequest class.

GetNotificationConfigRequest

Request message for getting a notification config.

GetOperationRequest

API documentation for securitycenter_v1.types.GetOperationRequest class.

GetOrganizationSettingsRequest

Request message for getting organization settings.

GetPolicyOptions

API documentation for securitycenter_v1.types.GetPolicyOptions class.

GetSourceRequest

Request message for getting a source.

GroupAssetsRequest

Request message for grouping by assets.

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: - name - security_center_properties.resource_name - resource_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: - name: =

  • update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "update_time = "2019-06-10T16:07:18-07:00"" "update_time = 1560208038000" - create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "create_time = "2019-06-10T16:07:18-07:00"" "create_time = 1560208038000" - iam_policy.policy_blob: =, : - resource_properties: =, :, >, <, >=, <= - security_marks.marks: =, : - security_center_properties.resource_name: =, : - security_center_properties.resource_display_name: =, : - security_center_properties.resource_type: =, : - security_center_properties.resource_parent: =, : - security_center_properties.resource_parent_display_name: =, : - security_center_properties.resource_project: =, : - security_center_properties.resource_project_display_name: =, : - security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string.

    When compare_duration is set, the GroupResult's "state_change" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: - "ADDED": indicates that the asset was not present at the start of compare_duration, but present at reference_time. - "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time. - "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time. If this field is set then state_change must be a specified field in group_by.

    The value returned by the last GroupAssetsResponse; indicates that this is a continuation of a prior GroupAssets call, and that the system should return the next page of data.

GroupAssetsResponse

Response message for grouping by assets.

Time used for executing the groupBy request.

The total number of results matching the query.

GroupFindingsRequest

Request message for grouping by findings.

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: - name - source_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: - name: = - parent: =, : - resource_name: =, : - state: =, : - category: =, : - external_uri: =, : - event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "event_time = "2019-06-10T16:07:18-07:00"" "event_time = 1560208038000" - security_marks.marks: =, : - source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string.

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.

GroupFindingsResponse

Response message for group by findings.

Time used for executing the groupBy request.

The total number of results matching the query.

GroupResult

Result containing the properties and count of a groupBy request.

Total count of resources for the given properties.

ListAssetsRequest

Request message for listing assets.

Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: - name - security_center_properties.resource_name - resource_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following are the allowed field and operator combinations: - name: = - update_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "update_time = "2019-06-10T16:07:18-07:00"" "update_time = 1560208038000" - create_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "create_time = "2019-06-10T16:07:18-07:00"" "create_time = 1560208038000" - iam_policy.policy_blob: =, : - resource_properties: =, :, >, <, >=, <= - security_marks.marks: =, : - security_center_properties.resource_name: =, : - security_center_properties.resource_display_name: =, : - security_center_properties.resource_type: =, : - security_center_properties.resource_parent: =, : - security_center_properties.resource_parent_display_name: =, : - security_center_properties.resource_project: =, : - security_center_properties.resource_project_display_name: =, : - security_center_properties.resource_owners: =, : For example, resource_properties.size = 100 is a valid filter string.

Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

ListAssetsResponse

Response message for listing assets.

Time used for executing the list request.

The total number of assets matching the query.

ListFindingsRequest

Request message for listing findings.

Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include: - name - source_properties.a_property - security_marks.marks.marka The supported operators are: - = for all value types. - >, <, >=, <= for integer values. - :, meaning substring matching, for strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals true and false without quotes. The following field and operator combinations are supported: name: = parent: =, : resource_name: =, : state: =, : category: =, : external_uri: =, : event_time: =, >, <, >=, <= Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "event_time = "2019-06-10T16:07:18-07:00"" "event_time = 1560208038000" security_marks.marks: =, : source_properties: =, :, >, <, >=, <= For example, source_properties.size = 100 is a valid filter string.

Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.

Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields.

The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

ListFindingsResponse

Response message for listing findings.

Time used for executing the list request.

The total number of findings matching the query.

ListNotificationConfigsRequest

Request message for listing notification configs.

The value returned by the last ListNotificationConfigsResponse; indicates that this is a continuation of a prior ListNotificationConfigs call, and that the system should return the next page of data.

ListNotificationConfigsResponse

Response message for listing notification configs.

Token to retrieve the next page of results, or empty if there are no more results.

ListOperationsRequest

API documentation for securitycenter_v1.types.ListOperationsRequest class.

ListOperationsResponse

API documentation for securitycenter_v1.types.ListOperationsResponse class.

ListSourcesRequest

Request message for listing sources.

The value returned by the last ListSourcesResponse; indicates that this is a continuation of a prior ListSources call, and that the system should return the next page of data.

ListSourcesResponse

Response message for listing sources.

Token to retrieve the next page of results, or empty if there are no more results.

ListValue

API documentation for securitycenter_v1.types.ListValue class.

NotificationConfig

Cloud Security Command Center (Cloud SCC) notification configs.

A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.

The description of the notification config (max of 1024 characters).

Output only. The service account that needs "pubsub.topics.publish" permission to publish to the PubSub topic.

The config for triggering streaming-based notifications.

NotificationMessage

Cloud SCC's Notification

Notification Event.

Operation

API documentation for securitycenter_v1.types.Operation class.

OperationInfo

API documentation for securitycenter_v1.types.OperationInfo class.

OrganizationSettings

User specified settings that are attached to the Cloud Security Command Center (Cloud SCC) organization.

A flag that indicates if Asset Discovery should be enabled. If the flag is set to true, then discovery of assets will occur. If it is set to `false, all historical assets will remain, but discovery of future assets will not occur.

Policy

API documentation for securitycenter_v1.types.Policy class.

PolicyDelta

API documentation for securitycenter_v1.types.PolicyDelta class.

RunAssetDiscoveryRequest

Request message for running asset discovery for an organization.

RunAssetDiscoveryResponse

Response of asset discovery run

The duration between asset discovery run start and end

SecurityMarks

User specified security marks that are attached to the parent Cloud Security Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud SCC organization -- they can be modified and viewed by all users who have proper permissions on the organization.

Mutable user specified security marks belonging to the parent resource. Constraints are as follows: - Keys and values are treated as case insensitive - Keys must be between 1 - 256 characters (inclusive) - Keys must be letters, numbers, underscores, or dashes - Values have leading and trailing whitespace trimmed, remaining characters must be between 1

  • 4096 characters (inclusive)

SetFindingStateRequest

Request message for updating a finding's state.

Required. The desired State of the finding.

SetIamPolicyRequest

API documentation for securitycenter_v1.types.SetIamPolicyRequest class.

Source

Cloud Security Command Center's (Cloud SCC) finding source. A finding source is an entity or a mechanism that can produce a finding. A source is like a container of findings that come from the same scanner, logger, monitor, and other tools.

The source's display name. A source's display name must be unique amongst its siblings, for example, two sources with the same parent can't share the same display name. The display name must have a length between 1 and 64 characters (inclusive).

Status

API documentation for securitycenter_v1.types.Status class.

Struct

API documentation for securitycenter_v1.types.Struct class.

TestIamPermissionsRequest

API documentation for securitycenter_v1.types.TestIamPermissionsRequest class.

TestIamPermissionsResponse

API documentation for securitycenter_v1.types.TestIamPermissionsResponse class.

Timestamp

API documentation for securitycenter_v1.types.Timestamp class.

UpdateFindingRequest

Request message for updating or creating a finding.

The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using "source_properties." in the field mask.

UpdateNotificationConfigRequest

Request message for updating a notification config.

The FieldMask to use when updating the notification config. If empty all mutable fields will be updated.

UpdateOrganizationSettingsRequest

Request message for updating an organization's settings.

The FieldMask to use when updating the settings resource. If empty all mutable fields will be updated.

UpdateSecurityMarksRequest

Request message for updating a SecurityMarks resource.

The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.".

UpdateSourceRequest

Request message for updating a source.

The FieldMask to use when updating the source resource. If empty all mutable fields will be updated.

Value

API documentation for securitycenter_v1.types.Value class.

WaitOperationRequest

API documentation for securitycenter_v1.types.WaitOperationRequest class.