Method: organizations.locations.securityCenterServices.patch

Updates a Security Command Center service using the given update mask.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



Identifier. The name of the service.

Its format is:

  • organizations/{organization}/locations/{location}/securityCenterServices/{service}
  • folders/{folder}/locations/{location}/securityCenterServices/{service}
  • projects/{project}/locations/{location}/securityCenterServices/{service}

The possible values for id {service} are:

  • container-threat-detection
  • event-threat-detection
  • security-health-analytics
  • vm-threat-detection
  • web-security-scanner

Query parameters


string (FieldMask format)

Required. The list of fields to be updated. Possible values:

  • "intendedEnablementState"
  • "modules"

This is a comma-separated list of fully qualified names of fields. Example: "user.displayName,photo".



Optional. When set to true, only validations (including IAM checks) will done for the request (service will not be updated). An OK response indicates the request is valid while an error response indicates the request is invalid. Note that a subsequent request to actually update the service could still fail because 1. the state could have changed (e.g. IAM permission lost) or 2. A failure occurred while trying to delete the module.

Request body

The request body contains an instance of SecurityCenterService.

Response body

If successful, the response body contains an instance of SecurityCenterService.

Authorization scopes

Requires the following OAuth scope:


For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

  • securitycentermanagement.securityCenterServices.update

For more information, see the IAM documentation.