List assets with state change
Stay organized with collections
Save and categorize content based on your preferences.
Demonstrates how to list assets with state changes
Explore further
For detailed documentation that includes this code sample, see the following:
Code sample
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],[],[],[],null,["# List assets with state change\n\nDemonstrates how to list assets with state changes\n\nExplore further\n---------------\n\n\nFor detailed documentation that includes this code sample, see the following:\n\n- [Listing assets using the Security Command Center API](/security-command-center/docs/how-to-api-list-assets)\n\nCode sample\n-----------\n\n### Go\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n import (\n \t\"context\"\n \t\"fmt\"\n \t\"io\"\n \t\"time\"\n\n \tsecuritycenter \"cloud.google.com/go/securitycenter/apiv1\"\n \t\"cloud.google.com/go/securitycenter/apiv1/securitycenterpb\"\n \t\"github.com/golang/protobuf/ptypes\"\n \t\"google.golang.org/api/iterator\"\n )\n\n // listAllProjectAssetsAndStateChange lists all current GCP project assets in\n // orgID and prints the projects and there change from a day ago out to w.\n // orgID is the numeric // organization ID of interest.\n func listAllProjectAssetsAndStateChanges(w io.Writer, orgID string) error {\n \t// orgID := \"12321311\"\n \t// Instantiate a context and a security service client to make API calls.\n \tctx := context.Background()\n \tclient, err := securitycenter.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_NewClient(ctx)\n \tif err != nil {\n \t\treturn fmt.Errorf(\"securitycenter.NewClient: %w\", err)\n \t}\n \tdefer client.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_Close() // Closing the client safely cleans up background resources.\n\n \treq := &securitycenterpb.ListAssetsRequest{\n \t\t// Parent must be in one of the following formats:\n \t\t//\t\t\"organizations/{orgId}\"\n \t\t//\t\t\"projects/{projectId}\"\n \t\t//\t\t\"folders/{folderId}\"\n \t\tParent: fmt.Sprintf(\"organizations/%s\", orgID),\n \t\tFilter: `security_center_properties.resource_type=\"google.cloud.resourcemanager.Project\"`,\n \t\tCompareDuration: ptypes.DurationProto(24 * time.Hour),\n \t}\n\n \tassetsFound := 0\n \tit := client.ListAssets(ctx, req)\n \tfor {\n \t\tresult, err := it.Next()\n \t\tif err == iterator.Done {\n \t\t\tbreak\n \t\t}\n \t\tif err != nil {\n \t\t\treturn fmt.Errorf(\"ListAssets: %w\", err)\n \t\t}\n \t\tasset := result.Asset\n \t\tproperties := asset.SecurityCenterProperties\n \t\tfmt.Fprintf(w, \"Asset Name: %s,\", asset.Name)\n \t\tfmt.Fprintf(w, \"Resource Name %s,\", properties.ResourceName)\n \t\tfmt.Fprintf(w, \"Resource Type %s\", properties.ResourceType)\n \t\tfmt.Fprintf(w, \"State Change %s\\n\", result.StateChange)\n \t\tassetsFound++\n \t}\n \treturn nil\n }\n\n### Java\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n static ImmutableList\u003cListAssetsResult\u003e listAssetAndStatusChanges(\n OrganizationName organizationName, Duration timeSpan, Instant asOf) {\n try (SecurityCenterClient client = SecurityCenterClient.create()) {\n\n // Start setting up a request to search for all assets in an organization, project, or folder.\n //\n // Parent must be in one of the following formats:\n // OrganizationName organizationName = OrganizationName.of(\"organization-id\");\n // ProjectName projectName = ProjectName.of(\"project-id\");\n // FolderName folderName = FolderName.of(\"folder-id\");\n ListAssetsRequest.Builder request =\n ListAssetsRequest.newBuilder()\n .setParent(organizationName.toString())\n .setFilter(\n \"security_center_properties.resource_type=\\\"google.cloud.resourcemanager.Project\\\"\");\n request\n .getCompareDurationBuilder()\n .setSeconds(timeSpan.getSeconds())\n .setNanos(timeSpan.getNano());\n\n // Set read time to either the instant passed in or now.\n asOf = MoreObjects.firstNonNull(asOf, Instant.now());\n request.getReadTimeBuilder().setSeconds(asOf.getEpochSecond()).setNanos(asOf.getNano());\n\n // Call the API.\n ListAssetsPagedResponse response = client.listAssets(request.build());\n\n // This creates one list for all assets. If your organization has a large number of assets\n // this can cause out of memory issues. You can process them incrementally by returning\n // the Iterable returned response.iterateAll() directly.\n ImmutableList\u003cListAssetsResult\u003e results = ImmutableList.copyOf(response.iterateAll());\n System.out.println(\"Projects:\");\n System.out.println(results);\n return results;\n } catch (IOException e) {\n throw new RuntimeException(\"Couldn't create client.\", e);\n }\n }\n\n### Node.js\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n // Imports the Google Cloud client library.\n const {SecurityCenterClient} = require('https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html');\n\n // Creates a new client.\n const client = new https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html();\n // organizationId is the numeric ID of the organization.\n /*\n * TODO(developer): Uncomment the following lines\n */\n // parent: must be in one of the following formats:\n // `organizations/${organization_id}`\n // `projects/${project_id}`\n // `folders/${folder_id}`\n const parent = `organizations/${organizationId}`;\n // Call the API with automatic pagination.\n async function listAssetsAndChanges() {\n const [response] = await client.listAssets({\n parent: parent,\n compareDuration: {seconds: 30 * /*Second in Day=*/ 86400, nanos: 0},\n filter:\n 'security_center_properties.resource_type=\"google.cloud.resourcemanager.Project\"',\n });\n let count = 0;\n Array.from(response).forEach(result =\u003e\n console.log(\n `${++count} ${result.asset.name} ${\n result.asset.securityCenterProperties.resourceName\n } ${result.stateChange}`\n )\n );\n }\n\n listAssetsAndChanges();\n\n### Python\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n from datetime import timedelta\n\n from google.cloud import securitycenter\n\n client = securitycenter.SecurityCenterClient()\n\n # 'parent' must be in one of the following formats:\n # \"organizations/{organization_id}\"\n # \"projects/{project_id}\"\n # \"folders/{folder_id}\"\n parent = f\"organizations/{organization_id}\"\n project_filter = (\n \"security_center_properties.resource_type=\"\n + '\"google.cloud.resourcemanager.Project\"'\n )\n\n # List assets and their state change the last 30 days\n compare_delta = timedelta(days=30)\n\n # Call the API and print results.\n asset_iterator = client.https://cloud.google.com/python/docs/reference/securitycenter/latest/google.cloud.securitycenter_v1.services.security_center.SecurityCenterClient.html#google_cloud_securitycenter_v1_services_security_center_SecurityCenterClient_list_assets(\n request={\n \"parent\": parent,\n \"filter\": project_filter,\n \"compare_duration\": compare_delta,\n }\n )\n for i, asset in enumerate(asset_iterator):\n print(i, asset)\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=securitycenter)."]]