Add security marks to findings
Stay organized with collections
Save and categorize content based on your preferences.
Demonstrates adding security marks to findings
Code sample
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],[],[],[],null,["# Add security marks to findings\n\nDemonstrates adding security marks to findings\n\nCode sample\n-----------\n\n### Go\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n import (\n \t\"context\"\n \t\"fmt\"\n \t\"io\"\n\n \tsecuritycenter \"cloud.google.com/go/securitycenter/apiv1\"\n \t\"cloud.google.com/go/securitycenter/apiv1/securitycenterpb\"\n \t\"google.golang.org/genproto/protobuf/field_mask\"\n )\n\n // addSecurityMarks adds/updates security marks for the findingName and\n // returns the updated marks. Specifically, it sets \"key_a\" an \"key_b\" to\n // \"value_a\" and \"value_b\" respectively. findingName is the resource path for\n // the finding to add marks to.\n func addSecurityMarks(w io.Writer, findingName string) error {\n \t// Specify the value of 'findingName' in one of the following formats:\n \t// \t\t\"organizations/{orgId}/sources/{sourceId}/findings/{findingId}\"\n \t// \t\t\"projects/{projectId}/sources/{sourceId}/findings/{findingId}\"\n \t// \t\t\"folders/{folderId}/sources/{sourceId}/findings/{findingId}\"\n \t// Instantiate a context and a security service client to make API calls.\n \tctx := context.Background()\n \tclient, err := securitycenter.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_NewClient(ctx)\n \tif err != nil {\n \t\treturn fmt.Errorf(\"securitycenter.NewClient: %w\", err)\n \t}\n \tdefer client.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_Close() // Closing the client safely cleans up background resources.\n\n \treq := &securitycenterpb.UpdateSecurityMarksRequest{\n \t\t// If not set or empty, all marks would be cleared before\n \t\t// adding the new marks below.\n \t\tUpdateMask: &field_mask.FieldMask{\n \t\t\tPaths: []string{\"marks.key_a\", \"marks.key_b\"},\n \t\t},\n \t\tSecurityMarks: &securitycenterpb.SecurityMarks{\n \t\t\tName: fmt.Sprintf(\"%s/securityMarks\", findingName),\n \t\t\t// Note keys correspond to the last part of each path.\n \t\t\tMarks: map[string]string{\"key_a\": \"value_a\", \"key_b\": \"value_b\"},\n \t\t},\n \t}\n\n \tupdatedMarks, err := client.UpdateSecurityMarks(ctx, req)\n \tif err != nil {\n \t\treturn fmt.Errorf(\"UpdateSecurityMarks: %w\", err)\n \t}\n\n \tfmt.Fprintf(w, \"Updated marks: %s\\n\", updatedMarks.Name)\n \tfor k, v := range updatedMarks.Marks {\n \t\tfmt.Fprintf(w, \"%s = %s\\n\", k, v)\n \t}\n \treturn nil\n }\n\n### Java\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n static SecurityMarks addToFinding(FindingName findingName) {\n try (SecurityCenterClient client = SecurityCenterClient.create()) {\n // Start setting up a request to add security marks for a finding.\n ImmutableMap markMap = ImmutableMap.of(\"key_a\", \"value_a\", \"key_b\", \"value_b\");\n\n // Specify the value of 'findingName' in one of the following formats:\n // FindingName.ofOrganizationSourceFindingName(\"org-id\", \"source\", \"finding-id\");\n // FindingName.ofProjectSourceFindingName(\"project-id\", \"source\", \"finding-id\");\n // FindingName.ofFolderSourceFindingName(\"folder-id\", \"source\", \"finding-id\");\n // Add security marks and field mask for security marks.\n SecurityMarks securityMarks =\n SecurityMarks.newBuilder()\n .setName(findingName + \"/securityMarks\")\n .putAllMarks(markMap)\n .build();\n FieldMask updateMask =\n FieldMask.newBuilder().addPaths(\"marks.key_a\").addPaths(\"marks.key_b\").build();\n\n UpdateSecurityMarksRequest request =\n UpdateSecurityMarksRequest.newBuilder()\n .setSecurityMarks(securityMarks)\n .setUpdateMask(updateMask)\n .build();\n\n // Call the API.\n SecurityMarks response = client.updateSecurityMarks(request);\n\n System.out.println(\"Security Marks:\");\n System.out.println(response);\n return response;\n } catch (IOException e) {\n throw new RuntimeException(\"Couldn't create client.\", e);\n }\n }\n\n### Node.js\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n // Imports the Google Cloud client library.\n const {SecurityCenterClient} = require('https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html');\n\n // Creates a new client.\n const client = new https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html();\n\n async function addFindingSecurityMarks() {\n // findingName is the full resource path for the finding to update.\n /*\n * TODO(developer): Uncomment the following lines\n */\n // Specify the value of 'findingName' in one of the following formats:\n // `organizations/${org-id}/assets/${asset-id}/findings/${finding-id}`;\n // `projects/${project-id}/assets/${asset-id}/findings/${finding-id}`;\n // `folders/${folder-id}/assets/${asset-id}/findings/${finding-id}`;\n const [newMarks] = await client.updateSecurityMarks({\n securityMarks: {\n name: `${findingName}/securityMarks`,\n marks: {key_a: 'value_a', key_b: 'value_b'},\n },\n // Only update the marks with these keys.\n updateMask: {paths: ['marks.key_a', 'marks.key_b']},\n });\n\n console.log('New marks: %j', newMarks);\n }\n addFindingSecurityMarks();\n\n### Python\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n from google.cloud import securitycenter\n from google.protobuf import field_mask_pb2\n\n client = securitycenter.SecurityCenterClient()\n # 'finding_name' is the resource path for a finding that exists in SCC.\n # Specify the value of 'asset_name' in one of the following formats:\n # f\"organizations/{org_id}/assets/{asset_id}\"\n # f\"projects/{project_id}/assets/{asset_id}\"\n # f\"folders/{folder_id}/assets/{asset_id}\"\n # finding_name = \"organizations/1112/sources/1234/findings/findingid\"\n finding_marks_name = f\"{finding_name}/securityMarks\"\n\n # Notice the suffix after \"marks.\" in the field mask matches the keys\n # in marks.\n field_mask = field_mask_pb2.FieldMask(\n paths=[\"marks.finding_key_a\", \"marks.finding_key_b\"]\n )\n marks = {\"finding_key_a\": \"value_a\", \"finding_key_b\": \"value_b\"}\n\n updated_marks = client.https://cloud.google.com/python/docs/reference/securitycenter/latest/google.cloud.securitycenter_v1.services.security_center.SecurityCenterClient.html#google_cloud_securitycenter_v1_services_security_center_SecurityCenterClient_update_security_marks(\n request={\n \"security_marks\": {\"name\": finding_marks_name, \"marks\": marks},\n \"update_mask\": field_mask,\n }\n )\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=securitycenter)."]]
