1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="securitycenter_v1.html">Cloud Security Command Center API</a> . <a href="securitycenter_v1.organizations.html">organizations</a> . <a href="securitycenter_v1.organizations.sources.html">sources</a> . <a href="securitycenter_v1.organizations.sources.findings.html">findings</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#create">create(parent, body, x__xgafv=None, findingId=None)</a></code></p> 79<p class="firstline">Creates a finding. The corresponding source must exist for finding creation</p> 80<p class="toc_element"> 81 <code><a href="#group">group(parent, body, x__xgafv=None)</a></code></p> 82<p class="firstline">Filters an organization or source's findings and groups them by their</p> 83<p class="toc_element"> 84 <code><a href="#group_next">group_next(previous_request, previous_response)</a></code></p> 85<p class="firstline">Retrieves the next page of results.</p> 86<p class="toc_element"> 87 <code><a href="#list">list(parent, orderBy=None, pageSize=None, x__xgafv=None, compareDuration=None, pageToken=None, fieldMask=None, readTime=None, filter=None)</a></code></p> 88<p class="firstline">Lists an organization or source's findings.</p> 89<p class="toc_element"> 90 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> 91<p class="firstline">Retrieves the next page of results.</p> 92<p class="toc_element"> 93 <code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p> 94<p class="firstline">Creates or updates a finding. The corresponding source must exist for a</p> 95<p class="toc_element"> 96 <code><a href="#setState">setState(name, body, x__xgafv=None)</a></code></p> 97<p class="firstline">Updates the state of a finding.</p> 98<p class="toc_element"> 99 <code><a href="#updateSecurityMarks">updateSecurityMarks(name, body, startTime=None, updateMask=None, x__xgafv=None)</a></code></p> 100<p class="firstline">Updates security marks.</p> 101<h3>Method Details</h3> 102<div class="method"> 103 <code class="details" id="create">create(parent, body, x__xgafv=None, findingId=None)</code> 104 <pre>Creates a finding. The corresponding source must exist for finding creation 105to succeed. 106 107Args: 108 parent: string, Resource name of the new finding's parent. Its format should be 109"organizations/[organization_id]/sources/[source_id]". (required) 110 body: object, The request body. (required) 111 The object takes the form of: 112 113{ # Cloud Security Command Center (Cloud SCC) finding. 114 # 115 # A finding is a record of assessment data (security, risk, health or privacy) 116 # ingested into Cloud SCC for presentation, notification, analysis, 117 # policy testing, and enforcement. For example, an XSS vulnerability in an 118 # App Engine application is a finding. 119 "category": "A String", # The additional taxonomy group within findings from a given source. 120 # This field is immutable after creation time. 121 # Example: "XSS_FLASH_INJECTION" 122 "eventTime": "A String", # The time at which the event took place. For example, if the finding 123 # represents an open firewall it would capture the time the detector believes 124 # the firewall became open. The accuracy is determined by the detector. 125 "sourceProperties": { # Source specific properties. These properties are managed by the source 126 # that writes the finding. The key names in the source_properties map must be 127 # between 1 and 255 characters, and must start with a letter and contain 128 # alphanumeric characters or underscores only. 129 "a_key": "", 130 }, 131 "name": "A String", # The relative resource name of this finding. See: 132 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 133 # Example: 134 # "organizations/123/sources/456/findings/789" 135 "parent": "A String", # The relative resource name of the source the finding belongs to. See: 136 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 137 # This field is immutable after creation time. 138 # For example: 139 # "organizations/123/sources/456" 140 "state": "A String", # The state of the finding. 141 "resourceName": "A String", # The full resource name of the Google Cloud Platform (GCP) resource this 142 # finding is for. See: 143 # https://cloud.google.com/apis/design/resource_names#full_resource_name 144 # This field is immutable after creation time. 145 "securityMarks": { # User specified security marks that are attached to the parent Cloud Security # Output only. User specified security marks. These marks are entirely 146 # managed by the user and come from the SecurityMarks resource that belongs 147 # to the finding. 148 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 149 # SCC organization -- they can be modified and viewed by all users who have 150 # proper permissions on the organization. 151 "name": "A String", # The relative resource name of the SecurityMarks. See: 152 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 153 # Examples: 154 # "organizations/123/assets/456/securityMarks" 155 # "organizations/123/sources/456/findings/789/securityMarks". 156 "marks": { # Mutable user specified security marks belonging to the parent resource. 157 # Constraints are as follows: 158 # - Keys and values are treated as case insensitive 159 # - Keys must be between 1 - 256 characters (inclusive) 160 # - Keys must be letters, numbers, underscores, or dashes 161 # - Values have leading and trailing whitespace trimmed, remaining 162 # characters must be between 1 - 4096 characters (inclusive) 163 "a_key": "A String", 164 }, 165 }, 166 "createTime": "A String", # The time at which the finding was created in Cloud SCC. 167 "externalUri": "A String", # The URI that, if available, points to a web page outside of Cloud SCC 168 # where additional information about the finding can be found. This field is 169 # guaranteed to be either empty or a well formed URL. 170 } 171 172 x__xgafv: string, V1 error format. 173 Allowed values 174 1 - v1 error format 175 2 - v2 error format 176 findingId: string, Unique identifier provided by the client within the parent scope. 177It must be alphanumeric and less than or equal to 32 characters and 178greater than 0 characters in length. 179 180Returns: 181 An object of the form: 182 183 { # Cloud Security Command Center (Cloud SCC) finding. 184 # 185 # A finding is a record of assessment data (security, risk, health or privacy) 186 # ingested into Cloud SCC for presentation, notification, analysis, 187 # policy testing, and enforcement. For example, an XSS vulnerability in an 188 # App Engine application is a finding. 189 "category": "A String", # The additional taxonomy group within findings from a given source. 190 # This field is immutable after creation time. 191 # Example: "XSS_FLASH_INJECTION" 192 "eventTime": "A String", # The time at which the event took place. For example, if the finding 193 # represents an open firewall it would capture the time the detector believes 194 # the firewall became open. The accuracy is determined by the detector. 195 "sourceProperties": { # Source specific properties. These properties are managed by the source 196 # that writes the finding. The key names in the source_properties map must be 197 # between 1 and 255 characters, and must start with a letter and contain 198 # alphanumeric characters or underscores only. 199 "a_key": "", 200 }, 201 "name": "A String", # The relative resource name of this finding. See: 202 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 203 # Example: 204 # "organizations/123/sources/456/findings/789" 205 "parent": "A String", # The relative resource name of the source the finding belongs to. See: 206 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 207 # This field is immutable after creation time. 208 # For example: 209 # "organizations/123/sources/456" 210 "state": "A String", # The state of the finding. 211 "resourceName": "A String", # The full resource name of the Google Cloud Platform (GCP) resource this 212 # finding is for. See: 213 # https://cloud.google.com/apis/design/resource_names#full_resource_name 214 # This field is immutable after creation time. 215 "securityMarks": { # User specified security marks that are attached to the parent Cloud Security # Output only. User specified security marks. These marks are entirely 216 # managed by the user and come from the SecurityMarks resource that belongs 217 # to the finding. 218 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 219 # SCC organization -- they can be modified and viewed by all users who have 220 # proper permissions on the organization. 221 "name": "A String", # The relative resource name of the SecurityMarks. See: 222 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 223 # Examples: 224 # "organizations/123/assets/456/securityMarks" 225 # "organizations/123/sources/456/findings/789/securityMarks". 226 "marks": { # Mutable user specified security marks belonging to the parent resource. 227 # Constraints are as follows: 228 # - Keys and values are treated as case insensitive 229 # - Keys must be between 1 - 256 characters (inclusive) 230 # - Keys must be letters, numbers, underscores, or dashes 231 # - Values have leading and trailing whitespace trimmed, remaining 232 # characters must be between 1 - 4096 characters (inclusive) 233 "a_key": "A String", 234 }, 235 }, 236 "createTime": "A String", # The time at which the finding was created in Cloud SCC. 237 "externalUri": "A String", # The URI that, if available, points to a web page outside of Cloud SCC 238 # where additional information about the finding can be found. This field is 239 # guaranteed to be either empty or a well formed URL. 240 }</pre> 241</div> 242 243<div class="method"> 244 <code class="details" id="group">group(parent, body, x__xgafv=None)</code> 245 <pre>Filters an organization or source's findings and groups them by their 246specified properties. 247 248To group across all sources provide a `-` as the source id. 249Example: /v1/organizations/123/sources/-/findings 250 251Args: 252 parent: string, Name of the source to groupBy. Its format is 253"organizations/[organization_id]/sources/[source_id]". To groupBy across 254all sources provide a source_id of `-`. For example: 255organizations/123/sources/- (required) 256 body: object, The request body. (required) 257 The object takes the form of: 258 259{ # Request message for grouping by findings. 260 "pageSize": 42, # The maximum number of results to return in a single response. Default is 261 # 10, minimum is 1, maximum is 1000. 262 "compareDuration": "A String", # When compare_duration is set, the GroupResult's "state_change" attribute is 263 # updated to indicate whether the finding had its state changed, the 264 # finding's state remained unchanged, or if the finding was added during the 265 # compare_duration period of time that precedes the read_time. This is the 266 # time between (read_time - compare_duration) and read_time. 267 # 268 # The state_change value is derived based on the presence and state of the 269 # finding at the two points in time. Intermediate state changes between the 270 # two times don't affect the result. For example, the results aren't affected 271 # if the finding is made inactive and then active again. 272 # 273 # Possible "state_change" values when compare_duration is specified: 274 # 275 # * "CHANGED": indicates that the finding was present at the start of 276 # compare_duration, but changed its state at read_time. 277 # * "UNCHANGED": indicates that the finding was present at the start of 278 # compare_duration and did not change state at read_time. 279 # * "ADDED": indicates that the finding was not present at the start 280 # of compare_duration, but was present at read_time. 281 # 282 # If compare_duration is not specified, then the only possible state_change 283 # is "UNUSED", which will be the state_change set for all findings present 284 # at read_time. 285 # 286 # If this field is set then `state_change` must be a specified field in 287 # `group_by`. 288 "filter": "A String", # Expression that defines the filter to apply across findings. 289 # The expression is a list of one or more restrictions combined via logical 290 # operators `AND` and `OR`. 291 # Parentheses are supported, and `OR` has higher precedence than `AND`. 292 # 293 # Restrictions have the form `<field> <operator> <value>` and may have a `-` 294 # character in front of them to indicate negation. Examples include: 295 # 296 # * name 297 # * source_properties.a_property 298 # * security_marks.marks.marka 299 # 300 # The supported operators are: 301 # 302 # * `=` for all value types. 303 # * `>`, `<`, `>=`, `<=` for integer values. 304 # * `:`, meaning substring matching, for strings. 305 # 306 # The supported value types are: 307 # 308 # * string literals in quotes. 309 # * integer literals without quotes. 310 # * boolean literals `true` and `false` without quotes. 311 # 312 # The following field and operator combinations are supported: 313 # 314 # * name: `=` 315 # * parent: `=`, `:` 316 # * resource_name: `=`, `:` 317 # * state: `=`, `:` 318 # * category: `=`, `:` 319 # * external_uri: `=`, `:` 320 # * event_time: `>`, `<`, `>=`, `<=` 321 # * security_marks: `=`, `:` 322 # * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` 323 # 324 # For example, `source_properties.size = 100` is a valid filter string. 325 "pageToken": "A String", # The value returned by the last `GroupFindingsResponse`; indicates 326 # that this is a continuation of a prior `GroupFindings` call, and 327 # that the system should return the next page of data. 328 "groupBy": "A String", # Expression that defines what assets fields to use for grouping (including 329 # `state_change`). The string value should follow SQL syntax: comma separated 330 # list of fields. For example: "parent,resource_name". 331 # 332 # The following fields are supported: 333 # 334 # * resource_name 335 # * category 336 # * state 337 # * parent 338 # 339 # The following fields are supported when compare_duration is set: 340 # 341 # * state_change 342 "readTime": "A String", # Time used as a reference point when filtering findings. The filter is 343 # limited to findings existing at the supplied time and their values are 344 # those at that specific time. Absence of this field will default to the 345 # API's version of NOW. 346 } 347 348 x__xgafv: string, V1 error format. 349 Allowed values 350 1 - v1 error format 351 2 - v2 error format 352 353Returns: 354 An object of the form: 355 356 { # Response message for group by findings. 357 "totalSize": 42, # The total number of results matching the query. 358 "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more 359 # results. 360 "groupByResults": [ # Group results. There exists an element for each existing unique 361 # combination of property/values. The element contains a count for the number 362 # of times those specific property/values appear. 363 { # Result containing the properties and count of a groupBy request. 364 "count": "A String", # Total count of resources for the given properties. 365 "properties": { # Properties matching the groupBy fields in the request. 366 "a_key": "", 367 }, 368 }, 369 ], 370 "readTime": "A String", # Time used for executing the groupBy request. 371 }</pre> 372</div> 373 374<div class="method"> 375 <code class="details" id="group_next">group_next(previous_request, previous_response)</code> 376 <pre>Retrieves the next page of results. 377 378Args: 379 previous_request: The request for the previous page. (required) 380 previous_response: The response from the request for the previous page. (required) 381 382Returns: 383 A request object that you can call 'execute()' on to request the next 384 page. Returns None if there are no more items in the collection. 385 </pre> 386</div> 387 388<div class="method"> 389 <code class="details" id="list">list(parent, orderBy=None, pageSize=None, x__xgafv=None, compareDuration=None, pageToken=None, fieldMask=None, readTime=None, filter=None)</code> 390 <pre>Lists an organization or source's findings. 391 392To list across all sources provide a `-` as the source id. 393Example: /v1/organizations/123/sources/-/findings 394 395Args: 396 parent: string, Name of the source the findings belong to. Its format is 397"organizations/[organization_id]/sources/[source_id]". To list across all 398sources provide a source_id of `-`. For example: 399organizations/123/sources/- (required) 400 orderBy: string, Expression that defines what fields and order to use for sorting. The 401string value should follow SQL syntax: comma separated list of fields. For 402example: "name,resource_properties.a_property". The default sorting order 403is ascending. To specify descending order for a field, a suffix " desc" 404should be appended to the field name. For example: "name 405desc,source_properties.a_property". Redundant space characters in the 406syntax are insignificant. "name desc,source_properties.a_property" and " 407name desc , source_properties.a_property " are equivalent. 408 409The following fields are supported: 410name 411parent 412state 413category 414resource_name 415event_time 416source_properties 417security_marks 418 pageSize: integer, The maximum number of results to return in a single response. Default is 41910, minimum is 1, maximum is 1000. 420 x__xgafv: string, V1 error format. 421 Allowed values 422 1 - v1 error format 423 2 - v2 error format 424 compareDuration: string, When compare_duration is set, the ListFindingsResult's "state_change" 425attribute is updated to indicate whether the finding had its state changed, 426the finding's state remained unchanged, or if the finding was added in any 427state during the compare_duration period of time that precedes the 428read_time. This is the time between (read_time - compare_duration) and 429read_time. 430 431The state_change value is derived based on the presence and state of the 432finding at the two points in time. Intermediate state changes between the 433two times don't affect the result. For example, the results aren't affected 434if the finding is made inactive and then active again. 435 436Possible "state_change" values when compare_duration is specified: 437 438* "CHANGED": indicates that the finding was present at the start of 439 compare_duration, but changed its state at read_time. 440* "UNCHANGED": indicates that the finding was present at the start of 441 compare_duration and did not change state at read_time. 442* "ADDED": indicates that the finding was not present at the start 443 of compare_duration, but was present at read_time. 444 445If compare_duration is not specified, then the only possible state_change 446is "UNUSED", which will be the state_change set for all findings present at 447read_time. 448 pageToken: string, The value returned by the last `ListFindingsResponse`; indicates 449that this is a continuation of a prior `ListFindings` call, and 450that the system should return the next page of data. 451 fieldMask: string, Optional. 452 453A field mask to specify the Finding fields to be listed in the response. 454An empty field mask will list all fields. 455 readTime: string, Time used as a reference point when filtering findings. The filter is 456limited to findings existing at the supplied time and their values are 457those at that specific time. Absence of this field will default to the 458API's version of NOW. 459 filter: string, Expression that defines the filter to apply across findings. 460The expression is a list of one or more restrictions combined via logical 461operators `AND` and `OR`. 462Parentheses are supported, and `OR` has higher precedence than `AND`. 463 464Restrictions have the form `<field> <operator> <value>` and may have a `-` 465character in front of them to indicate negation. Examples include: 466 467 * name 468 * source_properties.a_property 469 * security_marks.marks.marka 470 471The supported operators are: 472 473* `=` for all value types. 474* `>`, `<`, `>=`, `<=` for integer values. 475* `:`, meaning substring matching, for strings. 476 477The supported value types are: 478 479* string literals in quotes. 480* integer literals without quotes. 481* boolean literals `true` and `false` without quotes. 482 483The following field and operator combinations are supported: 484 485name: `=` 486parent: `=`, `:` 487resource_name: `=`, `:` 488state: `=`, `:` 489category: `=`, `:` 490external_uri: `=`, `:` 491event_time: `>`, `<`, `>=`, `<=` 492security_marks: `=`, `:` 493source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` 494 495For example, `source_properties.size = 100` is a valid filter string. 496 497Returns: 498 An object of the form: 499 500 { # Response message for listing findings. 501 "totalSize": 42, # The total number of findings matching the query. 502 "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more 503 # results. 504 "listFindingsResults": [ # Findings matching the list request. 505 { # Result containing the Finding and its StateChange. 506 "finding": { # Cloud Security Command Center (Cloud SCC) finding. # Finding matching the search request. 507 # 508 # A finding is a record of assessment data (security, risk, health or privacy) 509 # ingested into Cloud SCC for presentation, notification, analysis, 510 # policy testing, and enforcement. For example, an XSS vulnerability in an 511 # App Engine application is a finding. 512 "category": "A String", # The additional taxonomy group within findings from a given source. 513 # This field is immutable after creation time. 514 # Example: "XSS_FLASH_INJECTION" 515 "eventTime": "A String", # The time at which the event took place. For example, if the finding 516 # represents an open firewall it would capture the time the detector believes 517 # the firewall became open. The accuracy is determined by the detector. 518 "sourceProperties": { # Source specific properties. These properties are managed by the source 519 # that writes the finding. The key names in the source_properties map must be 520 # between 1 and 255 characters, and must start with a letter and contain 521 # alphanumeric characters or underscores only. 522 "a_key": "", 523 }, 524 "name": "A String", # The relative resource name of this finding. See: 525 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 526 # Example: 527 # "organizations/123/sources/456/findings/789" 528 "parent": "A String", # The relative resource name of the source the finding belongs to. See: 529 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 530 # This field is immutable after creation time. 531 # For example: 532 # "organizations/123/sources/456" 533 "state": "A String", # The state of the finding. 534 "resourceName": "A String", # The full resource name of the Google Cloud Platform (GCP) resource this 535 # finding is for. See: 536 # https://cloud.google.com/apis/design/resource_names#full_resource_name 537 # This field is immutable after creation time. 538 "securityMarks": { # User specified security marks that are attached to the parent Cloud Security # Output only. User specified security marks. These marks are entirely 539 # managed by the user and come from the SecurityMarks resource that belongs 540 # to the finding. 541 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 542 # SCC organization -- they can be modified and viewed by all users who have 543 # proper permissions on the organization. 544 "name": "A String", # The relative resource name of the SecurityMarks. See: 545 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 546 # Examples: 547 # "organizations/123/assets/456/securityMarks" 548 # "organizations/123/sources/456/findings/789/securityMarks". 549 "marks": { # Mutable user specified security marks belonging to the parent resource. 550 # Constraints are as follows: 551 # - Keys and values are treated as case insensitive 552 # - Keys must be between 1 - 256 characters (inclusive) 553 # - Keys must be letters, numbers, underscores, or dashes 554 # - Values have leading and trailing whitespace trimmed, remaining 555 # characters must be between 1 - 4096 characters (inclusive) 556 "a_key": "A String", 557 }, 558 }, 559 "createTime": "A String", # The time at which the finding was created in Cloud SCC. 560 "externalUri": "A String", # The URI that, if available, points to a web page outside of Cloud SCC 561 # where additional information about the finding can be found. This field is 562 # guaranteed to be either empty or a well formed URL. 563 }, 564 "stateChange": "A String", # State change of the finding between the points in time. 565 }, 566 ], 567 "readTime": "A String", # Time used for executing the list request. 568 }</pre> 569</div> 570 571<div class="method"> 572 <code class="details" id="list_next">list_next(previous_request, previous_response)</code> 573 <pre>Retrieves the next page of results. 574 575Args: 576 previous_request: The request for the previous page. (required) 577 previous_response: The response from the request for the previous page. (required) 578 579Returns: 580 A request object that you can call 'execute()' on to request the next 581 page. Returns None if there are no more items in the collection. 582 </pre> 583</div> 584 585<div class="method"> 586 <code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code> 587 <pre>Creates or updates a finding. The corresponding source must exist for a 588finding creation to succeed. 589 590Args: 591 name: string, The relative resource name of this finding. See: 592https://cloud.google.com/apis/design/resource_names#relative_resource_name 593Example: 594"organizations/123/sources/456/findings/789" (required) 595 body: object, The request body. (required) 596 The object takes the form of: 597 598{ # Cloud Security Command Center (Cloud SCC) finding. 599 # 600 # A finding is a record of assessment data (security, risk, health or privacy) 601 # ingested into Cloud SCC for presentation, notification, analysis, 602 # policy testing, and enforcement. For example, an XSS vulnerability in an 603 # App Engine application is a finding. 604 "category": "A String", # The additional taxonomy group within findings from a given source. 605 # This field is immutable after creation time. 606 # Example: "XSS_FLASH_INJECTION" 607 "eventTime": "A String", # The time at which the event took place. For example, if the finding 608 # represents an open firewall it would capture the time the detector believes 609 # the firewall became open. The accuracy is determined by the detector. 610 "sourceProperties": { # Source specific properties. These properties are managed by the source 611 # that writes the finding. The key names in the source_properties map must be 612 # between 1 and 255 characters, and must start with a letter and contain 613 # alphanumeric characters or underscores only. 614 "a_key": "", 615 }, 616 "name": "A String", # The relative resource name of this finding. See: 617 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 618 # Example: 619 # "organizations/123/sources/456/findings/789" 620 "parent": "A String", # The relative resource name of the source the finding belongs to. See: 621 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 622 # This field is immutable after creation time. 623 # For example: 624 # "organizations/123/sources/456" 625 "state": "A String", # The state of the finding. 626 "resourceName": "A String", # The full resource name of the Google Cloud Platform (GCP) resource this 627 # finding is for. See: 628 # https://cloud.google.com/apis/design/resource_names#full_resource_name 629 # This field is immutable after creation time. 630 "securityMarks": { # User specified security marks that are attached to the parent Cloud Security # Output only. User specified security marks. These marks are entirely 631 # managed by the user and come from the SecurityMarks resource that belongs 632 # to the finding. 633 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 634 # SCC organization -- they can be modified and viewed by all users who have 635 # proper permissions on the organization. 636 "name": "A String", # The relative resource name of the SecurityMarks. See: 637 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 638 # Examples: 639 # "organizations/123/assets/456/securityMarks" 640 # "organizations/123/sources/456/findings/789/securityMarks". 641 "marks": { # Mutable user specified security marks belonging to the parent resource. 642 # Constraints are as follows: 643 # - Keys and values are treated as case insensitive 644 # - Keys must be between 1 - 256 characters (inclusive) 645 # - Keys must be letters, numbers, underscores, or dashes 646 # - Values have leading and trailing whitespace trimmed, remaining 647 # characters must be between 1 - 4096 characters (inclusive) 648 "a_key": "A String", 649 }, 650 }, 651 "createTime": "A String", # The time at which the finding was created in Cloud SCC. 652 "externalUri": "A String", # The URI that, if available, points to a web page outside of Cloud SCC 653 # where additional information about the finding can be found. This field is 654 # guaranteed to be either empty or a well formed URL. 655 } 656 657 updateMask: string, The FieldMask to use when updating the finding resource. This field should 658not be specified when creating a finding. 659 660When updating a finding, an empty mask is treated as updating all mutable 661fields and replacing source_properties. Individual source_properties can 662be added/updated by using "source_properties.<property key>" in the field 663mask. 664 x__xgafv: string, V1 error format. 665 Allowed values 666 1 - v1 error format 667 2 - v2 error format 668 669Returns: 670 An object of the form: 671 672 { # Cloud Security Command Center (Cloud SCC) finding. 673 # 674 # A finding is a record of assessment data (security, risk, health or privacy) 675 # ingested into Cloud SCC for presentation, notification, analysis, 676 # policy testing, and enforcement. For example, an XSS vulnerability in an 677 # App Engine application is a finding. 678 "category": "A String", # The additional taxonomy group within findings from a given source. 679 # This field is immutable after creation time. 680 # Example: "XSS_FLASH_INJECTION" 681 "eventTime": "A String", # The time at which the event took place. For example, if the finding 682 # represents an open firewall it would capture the time the detector believes 683 # the firewall became open. The accuracy is determined by the detector. 684 "sourceProperties": { # Source specific properties. These properties are managed by the source 685 # that writes the finding. The key names in the source_properties map must be 686 # between 1 and 255 characters, and must start with a letter and contain 687 # alphanumeric characters or underscores only. 688 "a_key": "", 689 }, 690 "name": "A String", # The relative resource name of this finding. See: 691 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 692 # Example: 693 # "organizations/123/sources/456/findings/789" 694 "parent": "A String", # The relative resource name of the source the finding belongs to. See: 695 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 696 # This field is immutable after creation time. 697 # For example: 698 # "organizations/123/sources/456" 699 "state": "A String", # The state of the finding. 700 "resourceName": "A String", # The full resource name of the Google Cloud Platform (GCP) resource this 701 # finding is for. See: 702 # https://cloud.google.com/apis/design/resource_names#full_resource_name 703 # This field is immutable after creation time. 704 "securityMarks": { # User specified security marks that are attached to the parent Cloud Security # Output only. User specified security marks. These marks are entirely 705 # managed by the user and come from the SecurityMarks resource that belongs 706 # to the finding. 707 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 708 # SCC organization -- they can be modified and viewed by all users who have 709 # proper permissions on the organization. 710 "name": "A String", # The relative resource name of the SecurityMarks. See: 711 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 712 # Examples: 713 # "organizations/123/assets/456/securityMarks" 714 # "organizations/123/sources/456/findings/789/securityMarks". 715 "marks": { # Mutable user specified security marks belonging to the parent resource. 716 # Constraints are as follows: 717 # - Keys and values are treated as case insensitive 718 # - Keys must be between 1 - 256 characters (inclusive) 719 # - Keys must be letters, numbers, underscores, or dashes 720 # - Values have leading and trailing whitespace trimmed, remaining 721 # characters must be between 1 - 4096 characters (inclusive) 722 "a_key": "A String", 723 }, 724 }, 725 "createTime": "A String", # The time at which the finding was created in Cloud SCC. 726 "externalUri": "A String", # The URI that, if available, points to a web page outside of Cloud SCC 727 # where additional information about the finding can be found. This field is 728 # guaranteed to be either empty or a well formed URL. 729 }</pre> 730</div> 731 732<div class="method"> 733 <code class="details" id="setState">setState(name, body, x__xgafv=None)</code> 734 <pre>Updates the state of a finding. 735 736Args: 737 name: string, The relative resource name of the finding. See: 738https://cloud.google.com/apis/design/resource_names#relative_resource_name 739Example: 740"organizations/123/sources/456/finding/789". (required) 741 body: object, The request body. (required) 742 The object takes the form of: 743 744{ # Request message for updating a finding's state. 745 "state": "A String", # The desired State of the finding. 746 "startTime": "A String", # The time at which the updated state takes effect. 747 } 748 749 x__xgafv: string, V1 error format. 750 Allowed values 751 1 - v1 error format 752 2 - v2 error format 753 754Returns: 755 An object of the form: 756 757 { # Cloud Security Command Center (Cloud SCC) finding. 758 # 759 # A finding is a record of assessment data (security, risk, health or privacy) 760 # ingested into Cloud SCC for presentation, notification, analysis, 761 # policy testing, and enforcement. For example, an XSS vulnerability in an 762 # App Engine application is a finding. 763 "category": "A String", # The additional taxonomy group within findings from a given source. 764 # This field is immutable after creation time. 765 # Example: "XSS_FLASH_INJECTION" 766 "eventTime": "A String", # The time at which the event took place. For example, if the finding 767 # represents an open firewall it would capture the time the detector believes 768 # the firewall became open. The accuracy is determined by the detector. 769 "sourceProperties": { # Source specific properties. These properties are managed by the source 770 # that writes the finding. The key names in the source_properties map must be 771 # between 1 and 255 characters, and must start with a letter and contain 772 # alphanumeric characters or underscores only. 773 "a_key": "", 774 }, 775 "name": "A String", # The relative resource name of this finding. See: 776 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 777 # Example: 778 # "organizations/123/sources/456/findings/789" 779 "parent": "A String", # The relative resource name of the source the finding belongs to. See: 780 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 781 # This field is immutable after creation time. 782 # For example: 783 # "organizations/123/sources/456" 784 "state": "A String", # The state of the finding. 785 "resourceName": "A String", # The full resource name of the Google Cloud Platform (GCP) resource this 786 # finding is for. See: 787 # https://cloud.google.com/apis/design/resource_names#full_resource_name 788 # This field is immutable after creation time. 789 "securityMarks": { # User specified security marks that are attached to the parent Cloud Security # Output only. User specified security marks. These marks are entirely 790 # managed by the user and come from the SecurityMarks resource that belongs 791 # to the finding. 792 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 793 # SCC organization -- they can be modified and viewed by all users who have 794 # proper permissions on the organization. 795 "name": "A String", # The relative resource name of the SecurityMarks. See: 796 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 797 # Examples: 798 # "organizations/123/assets/456/securityMarks" 799 # "organizations/123/sources/456/findings/789/securityMarks". 800 "marks": { # Mutable user specified security marks belonging to the parent resource. 801 # Constraints are as follows: 802 # - Keys and values are treated as case insensitive 803 # - Keys must be between 1 - 256 characters (inclusive) 804 # - Keys must be letters, numbers, underscores, or dashes 805 # - Values have leading and trailing whitespace trimmed, remaining 806 # characters must be between 1 - 4096 characters (inclusive) 807 "a_key": "A String", 808 }, 809 }, 810 "createTime": "A String", # The time at which the finding was created in Cloud SCC. 811 "externalUri": "A String", # The URI that, if available, points to a web page outside of Cloud SCC 812 # where additional information about the finding can be found. This field is 813 # guaranteed to be either empty or a well formed URL. 814 }</pre> 815</div> 816 817<div class="method"> 818 <code class="details" id="updateSecurityMarks">updateSecurityMarks(name, body, startTime=None, updateMask=None, x__xgafv=None)</code> 819 <pre>Updates security marks. 820 821Args: 822 name: string, The relative resource name of the SecurityMarks. See: 823https://cloud.google.com/apis/design/resource_names#relative_resource_name 824Examples: 825"organizations/123/assets/456/securityMarks" 826"organizations/123/sources/456/findings/789/securityMarks". (required) 827 body: object, The request body. (required) 828 The object takes the form of: 829 830{ # User specified security marks that are attached to the parent Cloud Security 831 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 832 # SCC organization -- they can be modified and viewed by all users who have 833 # proper permissions on the organization. 834 "name": "A String", # The relative resource name of the SecurityMarks. See: 835 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 836 # Examples: 837 # "organizations/123/assets/456/securityMarks" 838 # "organizations/123/sources/456/findings/789/securityMarks". 839 "marks": { # Mutable user specified security marks belonging to the parent resource. 840 # Constraints are as follows: 841 # - Keys and values are treated as case insensitive 842 # - Keys must be between 1 - 256 characters (inclusive) 843 # - Keys must be letters, numbers, underscores, or dashes 844 # - Values have leading and trailing whitespace trimmed, remaining 845 # characters must be between 1 - 4096 characters (inclusive) 846 "a_key": "A String", 847 }, 848} 849 850 startTime: string, The time at which the updated SecurityMarks take effect. 851If not set uses current server time. Updates will be applied to the 852SecurityMarks that are active immediately preceding this time. 853 updateMask: string, The FieldMask to use when updating the security marks resource. 854 855The field mask must not contain duplicate fields. 856If empty or set to "marks", all marks will be replaced. Individual 857marks can be updated using "marks.<mark_key>". 858 x__xgafv: string, V1 error format. 859 Allowed values 860 1 - v1 error format 861 2 - v2 error format 862 863Returns: 864 An object of the form: 865 866 { # User specified security marks that are attached to the parent Cloud Security 867 # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud 868 # SCC organization -- they can be modified and viewed by all users who have 869 # proper permissions on the organization. 870 "name": "A String", # The relative resource name of the SecurityMarks. See: 871 # https://cloud.google.com/apis/design/resource_names#relative_resource_name 872 # Examples: 873 # "organizations/123/assets/456/securityMarks" 874 # "organizations/123/sources/456/findings/789/securityMarks". 875 "marks": { # Mutable user specified security marks belonging to the parent resource. 876 # Constraints are as follows: 877 # - Keys and values are treated as case insensitive 878 # - Keys must be between 1 - 256 characters (inclusive) 879 # - Keys must be letters, numbers, underscores, or dashes 880 # - Values have leading and trailing whitespace trimmed, remaining 881 # characters must be between 1 - 4096 characters (inclusive) 882 "a_key": "A String", 883 }, 884 }</pre> 885</div> 886 887</body></html>