securitycenter/v1 library
Security Command Center API - v1
Security Command Center API provides access to temporal views of assets and findings within an organization.
For more information, see cloud.google.com/security-command-center
Create an instance of SecurityCommandCenterApi to access these resources:
- FoldersResource
- FoldersSecurityHealthAnalyticsSettingsEffectiveCustomModulesResource
- OrganizationsResource
- OrganizationsEventThreatDetectionSettingsEffectiveCustomModulesResource
OrganizationsSecurityHealthAnalyticsSettingsEffectiveCustomModulesResource
- OrganizationsSimulationsResource
- OrganizationsSimulationsAttackExposureResultsValuedResourcesResource
- ProjectsResource
- ProjectsSecurityHealthAnalyticsSettingsEffectiveCustomModulesResource
Classes
- Access
- Represents an access event.
- AccessReview
-
Conveys information about a Kubernetes access review (such as one returned
by a [
kubectl auth can-i
](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) command) that was involved in a finding. - Application
- Represents an application associated with a finding.
- Asset
- Security Command Center representation of a Google Cloud resource.
- AssetDiscoveryConfig
- The configuration used for Asset Discovery runs.
- AttackExposure
- An attack exposure contains the results of an attack path simulation run.
- AttackPath
- A path that an attacker could take to reach an exposed resource.
- AttackPathEdge
- Represents a connection between a source node and a destination node in this attack path.
- AttackPathNode
- Represents one point that an attacker passes through in this attack path.
- AttackStepNode
- Detailed steps the attack can take between path nodes.
- AuditConfig
- Specifies the audit configuration for a service.
- BackupDisasterRecovery
- Information related to Google Cloud Backup and DR Service findings.
- BatchCreateResourceValueConfigsRequest
- Request message to create multiple resource value configs
- BatchCreateResourceValueConfigsResponse
- Response message for BatchCreateResourceValueConfigs
- Binding
-
Associates
members
, or principals, with arole
. - BulkMuteFindingsRequest
- Request message for bulk findings update.
- CloudDlpDataProfile
- The data profile associated with the finding.
- CloudDlpInspection
- Details about the Cloud Data Loss Prevention (Cloud DLP) inspection job that produced the finding.
- CloudLoggingEntry
- Metadata taken from a Cloud Logging LogEntry
- Compliance
- Contains compliance information about a security standard indicating unmet recommendations.
- Connection
- Contains information about the IP connection associated with the finding.
- Contact
- The email address of a contact.
- ContactDetails
- Details about specific contacts
- Container
- Container associated with the finding.
- CreateResourceValueConfigRequest
- Request message to create single resource value config
- CustomModuleValidationError
- An error encountered while validating the uploaded configuration of an Event Threat Detection Custom Module.
- CustomModuleValidationErrors
- A list of zero or more errors encountered while validating the uploaded configuration of an Event Threat Detection Custom Module.
- Cve
- CVE stands for Common Vulnerabilities and Exposures.
- Cvssv3
- Common Vulnerability Scoring System version 3.
- Database
- Represents database access information, such as queries.
- Detection
- Memory hash detection contributing to the binary family match.
- DiskPath
- Path of the file in terms of underlying disk/partition identifiers.
- EffectiveEventThreatDetectionCustomModule
- An EffectiveEventThreatDetectionCustomModule is the representation of an Event Threat Detection custom module at a specified level of the resource hierarchy: organization, folder, or project.
- EnvironmentVariable
- A name-value pair representing an environment variable used in an operating system process.
- EventThreatDetectionCustomModule
- Represents an instance of an Event Threat Detection custom module, including its full module name, display name, enablement state, and last updated time.
- ExfilResource
- Resource where data was exfiltrated from or exfiltrated to.
- Exfiltration
- Exfiltration represents a data exfiltration attempt from one or more sources to one or more targets.
- File
- File information about the related binary/library used by an executable, or the script used by a script interpreter
- Finding
- Security Command Center finding.
- Folder
- Message that contains the resource name and display name of a folder resource.
- FoldersAssetsResource
- FoldersBigQueryExportsResource
- FoldersEventThreatDetectionSettingsCustomModulesResource
- FoldersEventThreatDetectionSettingsEffectiveCustomModulesResource
- FoldersEventThreatDetectionSettingsResource
- FoldersFindingsResource
- FoldersLocationsMuteConfigsResource
- FoldersLocationsResource
- FoldersMuteConfigsResource
- FoldersNotificationConfigsResource
- FoldersResource
- FoldersSecurityHealthAnalyticsSettingsCustomModulesResource
- FoldersSecurityHealthAnalyticsSettingsEffectiveCustomModulesResource
- FoldersSecurityHealthAnalyticsSettingsResource
- FoldersSourcesFindingsExternalSystemsResource
- FoldersSourcesFindingsResource
- FoldersSourcesResource
- Geolocation
- Represents a geographical location for a given access.
- GetIamPolicyRequest
-
Request message for
GetIamPolicy
method. - GoogleCloudSecuritycenterV1BigQueryExport
- Configures how to deliver Findings to BigQuery Instance.
- GoogleCloudSecuritycenterV1Binding
- Represents a Kubernetes RoleBinding or ClusterRoleBinding.
- GoogleCloudSecuritycenterV1CustomConfig
- Defines the properties in a custom module configuration for Security Health Analytics.
- GoogleCloudSecuritycenterV1CustomOutputSpec
- A set of optional name-value pairs that define custom source properties to return with each finding that is generated by the custom module.
- GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule
- An EffectiveSecurityHealthAnalyticsCustomModule is the representation of a Security Health Analytics custom module at a specified level of the resource hierarchy: organization, folder, or project.
- GoogleCloudSecuritycenterV1ExternalSystem
- Representation of third party SIEM/SOAR fields within SCC.
- GoogleCloudSecuritycenterV1MuteConfig
- A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
- GoogleCloudSecuritycenterV1Property
- An individual name-value pair that defines a custom source property.
- GoogleCloudSecuritycenterV1ResourceSelector
- Resource for selecting resource type.
- GoogleCloudSecuritycenterV1ResourceValueConfig
- A resource value config (RVC) is a mapping configuration of user's resources to resource values.
- GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule
- Represents an instance of a Security Health Analytics custom module, including its full module name, display name, enablement state, and last updated time.
- GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping
- Resource value mapping for Sensitive Data Protection findings.
- GroupAssetsRequest
- Request message for grouping by assets.
- GroupAssetsResponse
- Response message for grouping by assets.
- GroupFindingsRequest
- Request message for grouping by findings.
- GroupFindingsResponse
- Response message for group by findings.
- GroupResult
- Result containing the properties and count of a groupBy request.
- IamBinding
- Represents a particular IAM binding, which captures a member's role addition, removal, or state.
- IamPolicy
- Cloud IAM Policy information associated with the Google Cloud resource described by the Security Command Center asset.
- Indicator
- Represents what's commonly known as an indicator of compromise (IoC) in computer forensics.
- KernelRootkit
- Kernel mode rootkit signatures.
- Kubernetes
- Kubernetes-related attributes.
- Label
- Represents a generic name-value label.
- ListAssetsResponse
- Response message for listing assets.
- ListAssetsResult
- Result containing the Asset and its State.
- ListAttackPathsResponse
- Response message for listing the attack paths for a given simulation or valued resource.
- ListBigQueryExportsResponse
- Response message for listing BigQuery exports.
- ListDescendantEventThreatDetectionCustomModulesResponse
- Response for listing current and descendant resident Event Threat Detection custom modules.
- ListDescendantSecurityHealthAnalyticsCustomModulesResponse
- Response message for listing descendant Security Health Analytics custom modules.
- ListEffectiveEventThreatDetectionCustomModulesResponse
- Response for listing EffectiveEventThreatDetectionCustomModules.
- ListEffectiveSecurityHealthAnalyticsCustomModulesResponse
- Response message for listing effective Security Health Analytics custom modules.
- ListEventThreatDetectionCustomModulesResponse
- Response for listing Event Threat Detection custom modules.
- ListFindingsResponse
- Response message for listing findings.
- ListFindingsResult
- Result containing the Finding and its StateChange.
- ListMuteConfigsResponse
- Response message for listing mute configs.
- ListNotificationConfigsResponse
- Response message for listing notification configs.
- ListOperationsResponse
- The response message for Operations.ListOperations.
- ListResourceValueConfigsResponse
- Response message to list resource value configs
- ListSecurityHealthAnalyticsCustomModulesResponse
- Response message for listing Security Health Analytics custom modules.
- ListSourcesResponse
- Response message for listing sources.
- ListValuedResourcesResponse
- Response message for listing the valued resources for a given simulation.
- LoadBalancer
- Contains information related to the load balancer associated with the finding.
- LogEntry
- An individual entry in a log.
- MemoryHashSignature
- A signature corresponding to memory page hashes.
- MitreAttack
- MITRE ATT&CK tactics and techniques related to this finding.
- Node
- Kubernetes nodes associated with the finding.
- NodePool
- Provides GKE node pool information.
- NotificationConfig
- Cloud Security Command Center (Cloud SCC) notification configs.
- Object
- Kubernetes object related to the finding, uniquely identified by GKNN.
- Operation
- This resource represents a long-running operation that is the result of a network API call.
- OrganizationsAssetsResource
- OrganizationsBigQueryExportsResource
- OrganizationSettings
- User specified settings that are attached to the Security Command Center organization.
- OrganizationsEventThreatDetectionSettingsCustomModulesResource
- OrganizationsEventThreatDetectionSettingsEffectiveCustomModulesResource
- OrganizationsEventThreatDetectionSettingsResource
- OrganizationsFindingsResource
- OrganizationsLocationsMuteConfigsResource
- OrganizationsLocationsResource
- OrganizationsMuteConfigsResource
- OrganizationsNotificationConfigsResource
- OrganizationsOperationsResource
- OrganizationsResource
- OrganizationsResourceValueConfigsResource
- OrganizationsSecurityHealthAnalyticsSettingsCustomModulesResource
- OrganizationsSecurityHealthAnalyticsSettingsEffectiveCustomModulesResource
- OrganizationsSecurityHealthAnalyticsSettingsResource
- OrganizationsSimulationsAttackExposureResultsAttackPathsResource
- OrganizationsSimulationsAttackExposureResultsResource
- OrganizationsSimulationsAttackExposureResultsValuedResourcesResource
- OrganizationsSimulationsAttackPathsResource
- OrganizationsSimulationsResource
- OrganizationsSimulationsValuedResourcesAttackPathsResource
- OrganizationsSimulationsValuedResourcesResource
- OrganizationsSourcesFindingsExternalSystemsResource
- OrganizationsSourcesFindingsResource
- OrganizationsSourcesResource
- OrgPolicy
- Contains information about the org policies associated with the finding.
- Package
- Package is a generic definition of a package.
- PathNodeAssociatedFinding
- A finding that is associated with this node in the attack path.
- Pod
- A Kubernetes Pod.
- Policy
- An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
- PolicyDriftDetails
- The policy field that violates the deployed posture and its expected and detected values.
- Position
- A position in the uploaded text version of a module.
- Process
- Represents an operating system process.
- ProcessSignature
- Indicates what signature matched this process.
- ProjectsAssetsResource
- ProjectsBigQueryExportsResource
- ProjectsEventThreatDetectionSettingsCustomModulesResource
- ProjectsEventThreatDetectionSettingsEffectiveCustomModulesResource
- ProjectsEventThreatDetectionSettingsResource
- ProjectsFindingsResource
- ProjectsLocationsMuteConfigsResource
- ProjectsLocationsResource
- ProjectsMuteConfigsResource
- ProjectsNotificationConfigsResource
- ProjectsResource
- ProjectsSecurityHealthAnalyticsSettingsCustomModulesResource
- ProjectsSecurityHealthAnalyticsSettingsEffectiveCustomModulesResource
- ProjectsSecurityHealthAnalyticsSettingsResource
- ProjectsSourcesFindingsExternalSystemsResource
- ProjectsSourcesFindingsResource
- ProjectsSourcesResource
- Reference
- Additional Links
- Resource
- Information related to the Google Cloud resource that is associated with this finding.
- ResourceValueConfigMetadata
- Metadata about a ResourceValueConfig.
- Role
- Kubernetes Role or ClusterRole.
- SecurityBulletin
- SecurityBulletin are notifications of vulnerabilities of Google products.
- SecurityCenterProperties
- Security Command Center managed properties.
- SecurityCommandCenterApi
- Security Command Center API provides access to temporal views of assets and findings within an organization.
- SecurityMarks
- User specified security marks that are attached to the parent Security Command Center resource.
- SecurityPosture
- Represents a posture that is deployed on Google Cloud by the Security Command Center Posture Management service.
- ServiceAccountDelegationInfo
- Identity delegation history of an authenticated service account.
- SetFindingStateRequest
- Request message for updating a finding's state.
- SetIamPolicyRequest
-
Request message for
SetIamPolicy
method. - SetMuteRequest
- Request message for updating a finding's mute status.
- SimulatedResource
- Manually constructed resource name.
- SimulatedResult
- Possible test result.
- SimulateSecurityHealthAnalyticsCustomModuleRequest
- Request message to simulate a CustomConfig against a given test resource.
- SimulateSecurityHealthAnalyticsCustomModuleResponse
-
Response message for simulating a
SecurityHealthAnalyticsCustomModule
against a given resource. - Simulation
- Attack path simulation
- Source
- Security Command Center finding source.
- StreamingConfig
- The config for streaming-based notifications, which send each event as soon as it is detected.
- Subject
- Represents a Kubernetes subject.
- TicketInfo
- Information about the ticket, if any, that is being used to track the resolution of the issue that is identified by this finding.
- ValidateEventThreatDetectionCustomModuleRequest
- Request to validate an Event Threat Detection custom module.
- ValidateEventThreatDetectionCustomModuleResponse
- Response to validating an Event Threat Detection custom module.
- ValuedResource
- A resource that is determined to have value to a user's system
- Vulnerability
- Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
- YaraRuleSignature
- A signature corresponding to a YARA rule.
Typedefs
- AuditLogConfig = $AuditLogConfig
- Provides the configuration for logging a type of permissions.
- Empty = $Empty
- A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.
- Expr = $Expr
- Represents a textual expression in the Common Expression Language (CEL) syntax.
- GetPolicyOptions = $GetPolicyOptions
- Encapsulates settings provided to GetIamPolicy.
- RunAssetDiscoveryRequest = $Empty
- Request message for running asset discovery for an organization.
- Status = $Status
-
The
Status
type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. - TestIamPermissionsRequest = $TestIamPermissionsRequest00
-
Request message for
TestIamPermissions
method. - TestIamPermissionsResponse = $PermissionsResponse
-
Response message for
TestIamPermissions
method.
Exceptions / Errors
- ApiRequestError
- Represents a general error reported by the API endpoint.
- DetailedApiRequestError
- Represents a specific error reported by the API endpoint.