class Google::Cloud::SecurityCenter::V1::SecurityCenter::Client
Client
for the SecurityCenter
service.
V1
APIs for Security Center service.
Attributes
Get the associated client for long-running operations.
@return [::Google::Cloud::SecurityCenter::V1::SecurityCenter::Operations]
@private
Public Class Methods
Configure the SecurityCenter
Client
class.
See {::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client::Configuration} for a description of the configuration fields.
@example
# Modify the configuration for all SecurityCenter clients ::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client.configure do |config| config.timeout = 10.0 end
@yield [config] Configure the Client
client. @yieldparam config [Client::Configuration]
@return [Client::Configuration]
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 56 def self.configure @configure ||= begin namespace = ["Google", "Cloud", "SecurityCenter", "V1"] parent_config = while namespace.any? parent_name = namespace.join "::" parent_const = const_get parent_name break parent_const.configure if parent_const.respond_to? :configure namespace.pop end default_config = Client::Configuration.new parent_config default_config.rpcs.create_source.timeout = 60.0 default_config.rpcs.create_finding.timeout = 60.0 default_config.rpcs.create_notification_config.timeout = 60.0 default_config.rpcs.delete_notification_config.timeout = 60.0 default_config.rpcs.get_iam_policy.timeout = 60.0 default_config.rpcs.get_iam_policy.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.get_notification_config.timeout = 60.0 default_config.rpcs.get_notification_config.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.get_organization_settings.timeout = 60.0 default_config.rpcs.get_organization_settings.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.get_source.timeout = 60.0 default_config.rpcs.get_source.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.group_assets.timeout = 480.0 default_config.rpcs.group_assets.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.group_findings.timeout = 480.0 default_config.rpcs.group_findings.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.list_assets.timeout = 480.0 default_config.rpcs.list_assets.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.list_findings.timeout = 480.0 default_config.rpcs.list_findings.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.list_notification_configs.timeout = 60.0 default_config.rpcs.list_notification_configs.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.list_sources.timeout = 60.0 default_config.rpcs.list_sources.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.run_asset_discovery.timeout = 60.0 default_config.rpcs.set_finding_state.timeout = 60.0 default_config.rpcs.set_iam_policy.timeout = 60.0 default_config.rpcs.test_iam_permissions.timeout = 60.0 default_config.rpcs.test_iam_permissions.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14] } default_config.rpcs.update_finding.timeout = 60.0 default_config.rpcs.update_notification_config.timeout = 60.0 default_config.rpcs.update_organization_settings.timeout = 60.0 default_config.rpcs.update_source.timeout = 60.0 default_config.rpcs.update_security_marks.timeout = 480.0 default_config end yield @configure if block_given? @configure end
Create a new SecurityCenter
client object.
@example
# Create a client using the default configuration client = ::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client.new # Create a client using a custom configuration client = ::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client.new do |config| config.timeout = 10.0 end
@yield [config] Configure the SecurityCenter
client. @yieldparam config [Client::Configuration]
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 188 def initialize # These require statements are intentionally placed here to initialize # the gRPC module only when it's required. # See https://github.com/googleapis/toolkit/issues/446 require "gapic/grpc" require "google/cloud/securitycenter/v1/securitycenter_service_services_pb" # Create the configuration object @config = Configuration.new Client.configure # Yield the configuration if needed yield @config if block_given? # Create credentials credentials = @config.credentials # Use self-signed JWT if the endpoint is unchanged from default, # but only if the default endpoint does not have a region prefix. enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint && !@config.endpoint.split(".").first.include?("-") credentials ||= Credentials.default scope: @config.scope, enable_self_signed_jwt: enable_self_signed_jwt if credentials.is_a?(::String) || credentials.is_a?(::Hash) credentials = Credentials.new credentials, scope: @config.scope end @quota_project_id = @config.quota_project @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id @operations_client = Operations.new do |config| config.credentials = credentials config.endpoint = @config.endpoint end @security_center_stub = ::Gapic::ServiceStub.new( ::Google::Cloud::SecurityCenter::V1::SecurityCenter::Stub, credentials: credentials, endpoint: @config.endpoint, channel_args: @config.channel_args, interceptors: @config.interceptors ) end
Public Instance Methods
Configure the SecurityCenter
Client
instance.
The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on {Client.configure}.
See {::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client::Configuration} for a description of the configuration fields.
@yield [config] Configure the Client
client. @yieldparam config [Client::Configuration]
@return [Client::Configuration]
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 167 def configure yield @config if block_given? @config end
Creates a finding. The corresponding source must exist for finding creation to succeed.
@overload create_finding
(request, options = nil)
Pass arguments to `create_finding` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::CreateFindingRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::CreateFindingRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload create_finding
(parent: nil, finding_id: nil, finding: nil)
Pass arguments to `create_finding` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Resource name of the new finding's parent. Its format should be "organizations/[organization_id]/sources/[source_id]". @param finding_id [::String] Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length. @param finding [::Google::Cloud::SecurityCenter::V1::Finding, ::Hash] Required. The Finding being created. The name and security_marks will be ignored as they are both output only fields on this resource.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::Finding] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::Finding]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 348 def create_finding request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::CreateFindingRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.create_finding.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.create_finding.timeout, metadata: metadata, retry_policy: @config.rpcs.create_finding.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :create_finding, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Creates a notification config.
@overload create_notification_config
(request, options = nil)
Pass arguments to `create_notification_config` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::CreateNotificationConfigRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::CreateNotificationConfigRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload create_notification_config
(parent: nil, config_id: nil, notification_config: nil)
Pass arguments to `create_notification_config` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Resource name of the new notification config's parent. Its format is "organizations/[organization_id]". @param config_id [::String] Required. Unique identifier provided by the client within the parent scope. It must be between 1 and 128 characters, and contains alphanumeric characters, underscores or hyphens only. @param notification_config [::Google::Cloud::SecurityCenter::V1::NotificationConfig, ::Hash] Required. The notification config being created. The name and the service account will be ignored as they are both output only fields on this resource.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::NotificationConfig] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 425 def create_notification_config request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::CreateNotificationConfigRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.create_notification_config.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.create_notification_config.timeout, metadata: metadata, retry_policy: @config.rpcs.create_notification_config.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :create_notification_config, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Creates a source.
@overload create_source
(request, options = nil)
Pass arguments to `create_source` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::CreateSourceRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::CreateSourceRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload create_source
(parent: nil, source: nil)
Pass arguments to `create_source` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Resource name of the new source's parent. Its format should be "organizations/[organization_id]". @param source [::Google::Cloud::SecurityCenter::V1::Source, ::Hash] Required. The Source being created, only the display_name and description will be used. All other fields will be ignored.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::Source] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::Source]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 271 def create_source request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::CreateSourceRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.create_source.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.create_source.timeout, metadata: metadata, retry_policy: @config.rpcs.create_source.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :create_source, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Deletes a notification config.
@overload delete_notification_config
(request, options = nil)
Pass arguments to `delete_notification_config` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::DeleteNotificationConfigRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::DeleteNotificationConfigRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload delete_notification_config
(name: nil)
Pass arguments to `delete_notification_config` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]".
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Protobuf::Empty] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Protobuf::Empty]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 494 def delete_notification_config request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::DeleteNotificationConfigRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.delete_notification_config.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.delete_notification_config.timeout, metadata: metadata, retry_policy: @config.rpcs.delete_notification_config.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :delete_notification_config, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Gets the access control policy on the specified Source.
@overload get_iam_policy
(request, options = nil)
Pass arguments to `get_iam_policy` via a request object, either of type {::Google::Iam::V1::GetIamPolicyRequest} or an equivalent Hash. @param request [::Google::Iam::V1::GetIamPolicyRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_iam_policy
(resource: nil, options: nil)
Pass arguments to `get_iam_policy` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param resource [::String] REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. @param options [::Google::Iam::V1::GetPolicyOptions, ::Hash] OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`. This field is only used by Cloud IAM.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Iam::V1::Policy] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Iam::V1::Policy]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 566 def get_iam_policy request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::GetIamPolicyRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_iam_policy.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "resource" => request.resource } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_iam_policy.timeout, metadata: metadata, retry_policy: @config.rpcs.get_iam_policy.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :get_iam_policy, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Gets a notification config.
@overload get_notification_config
(request, options = nil)
Pass arguments to `get_notification_config` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::GetNotificationConfigRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::GetNotificationConfigRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_notification_config
(name: nil)
Pass arguments to `get_notification_config` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]".
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::NotificationConfig] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 635 def get_notification_config request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::GetNotificationConfigRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_notification_config.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_notification_config.timeout, metadata: metadata, retry_policy: @config.rpcs.get_notification_config.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :get_notification_config, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Gets the settings for an organization.
@overload get_organization_settings
(request, options = nil)
Pass arguments to `get_organization_settings` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_organization_settings
(name: nil)
Pass arguments to `get_organization_settings` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. Name of the organization to get organization settings for. Its format is "organizations/[organization_id]/organizationSettings".
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::OrganizationSettings] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::OrganizationSettings]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 704 def get_organization_settings request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_organization_settings.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_organization_settings.timeout, metadata: metadata, retry_policy: @config.rpcs.get_organization_settings.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :get_organization_settings, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Gets a source.
@overload get_source
(request, options = nil)
Pass arguments to `get_source` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::GetSourceRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::GetSourceRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_source
(name: nil)
Pass arguments to `get_source` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. Relative resource name of the source. Its format is "organizations/[organization_id]/source/[source_id]".
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::Source] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::Source]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 773 def get_source request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::GetSourceRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_source.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_source.timeout, metadata: metadata, retry_policy: @config.rpcs.get_source.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :get_source, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Filters an organization's assets and groups them by their specified properties.
@overload group_assets
(request, options = nil)
Pass arguments to `group_assets` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::GroupAssetsRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::GroupAssetsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload group_assets
(parent: nil, filter: nil, group_by: nil, compare_duration: nil, read_time: nil, page_token: nil, page_size: nil)
Pass arguments to `group_assets` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Name of the organization to groupBy. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". @param filter [::String] Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: * name * security_center_properties.resource_name * resource_properties.a_property * security_marks.marks.marka The supported operators are: * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes. The following field and operator combinations are supported: * name: `=` * update_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `update_time = "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` * create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `create_time = "2019-06-10T16:07:18-07:00"` `create_time = 1560208038000` * iam_policy.policy_blob: `=`, `:` * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` * security_marks.marks: `=`, `:` * security_center_properties.resource_name: `=`, `:` * security_center_properties.resource_display_name: `=`, `:` * security_center_properties.resource_type: `=`, `:` * security_center_properties.resource_parent: `=`, `:` * security_center_properties.resource_parent_display_name: `=`, `:` * security_center_properties.resource_project: `=`, `:` * security_center_properties.resource_project_display_name: `=`, `:` * security_center_properties.resource_owners: `=`, `:` For example, `resource_properties.size = 100` is a valid filter string. Use a partial match on the empty string to filter based on a property existing: `resource_properties.my_property : ""` Use a negated partial match on the empty string to filter based on a property not existing: `-resource_properties.my_property : ""` @param group_by [::String] Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security_center_properties.resource_project,security_center_properties.project". The following fields are supported when compare_duration is not set: * security_center_properties.resource_project * security_center_properties.resource_project_display_name * security_center_properties.resource_type * security_center_properties.resource_parent * security_center_properties.resource_parent_display_name The following fields are supported when compare_duration is set: * security_center_properties.resource_type * security_center_properties.resource_project_display_name * security_center_properties.resource_parent_display_name @param compare_duration [::Google::Protobuf::Duration, ::Hash] When compare_duration is set, the GroupResult's "state_change" property is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: * "ADDED": indicates that the asset was not present at the start of compare_duration, but present at reference_time. * "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at reference_time. * "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and reference_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time. If this field is set then `state_change` must be a specified field in `group_by`. @param read_time [::Google::Protobuf::Timestamp, ::Hash] Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW. @param page_token [::String] The value returned by the last `GroupAssetsResponse`; indicates that this is a continuation of a prior `GroupAssets` call, and that the system should return the next page of data. @param page_size [::Integer] The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::GroupResult>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::GroupResult>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 966 def group_assets request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::GroupAssetsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.group_assets.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.group_assets.timeout, metadata: metadata, retry_policy: @config.rpcs.group_assets.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :group_assets, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @security_center_stub, :group_assets, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Filters an organization or source's findings and groups them by their specified properties.
To group across all sources provide a `-` as the source id. Example: /v1/organizations/\{organization_id}/sources/-/findings, /v1/folders/\{folder_id}/sources/-/findings, /v1/projects/\{project_id}/sources/-/findings
@overload group_findings
(request, options = nil)
Pass arguments to `group_findings` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::GroupFindingsRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::GroupFindingsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload group_findings
(parent: nil, filter: nil, group_by: nil, read_time: nil, compare_duration: nil, page_token: nil, page_size: nil)
Pass arguments to `group_findings` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Name of the source to groupBy. Its format is "organizations/[organization_id]/sources/[source_id]", folders/[folder_id]/sources/[source_id], or projects/[project_id]/sources/[source_id]. To groupBy across all sources provide a source_id of `-`. For example: organizations/\\{organization_id}/sources/-, folders/\\{folder_id}/sources/-, or projects/\\{project_id}/sources/- @param filter [::String] Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: * name * source_properties.a_property * security_marks.marks.marka The supported operators are: * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes. The following field and operator combinations are supported: * name: `=` * parent: `=`, `:` * resource_name: `=`, `:` * state: `=`, `:` * category: `=`, `:` * external_uri: `=`, `:` * event_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `event_time = "2019-06-10T16:07:18-07:00"` `event_time = 1560208038000` * severity: `=`, `:` * workflow_state: `=`, `:` * security_marks.marks: `=`, `:` * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` For example, `source_properties.size = 100` is a valid filter string. Use a partial match on the empty string to filter based on a property existing: `source_properties.my_property : ""` Use a negated partial match on the empty string to filter based on a property not existing: `-source_properties.my_property : ""` * resource: * resource.name: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.type: `=`, `:` @param group_by [::String] Required. Expression that defines what assets fields to use for grouping (including `state_change`). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name". The following fields are supported: * resource_name * category * state * parent * severity The following fields are supported when compare_duration is set: * state_change @param read_time [::Google::Protobuf::Timestamp, ::Hash] Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW. @param compare_duration [::Google::Protobuf::Duration, ::Hash] When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again. Possible "state_change" values when compare_duration is specified: * "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time. * "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time. * "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time. * "REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time. If this field is set then `state_change` must be a specified field in `group_by`. @param page_token [::String] The value returned by the last `GroupFindingsResponse`; indicates that this is a continuation of a prior `GroupFindings` call, and that the system should return the next page of data. @param page_size [::Integer] The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::GroupResult>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::GroupResult>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1168 def group_findings request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::GroupFindingsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.group_findings.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.group_findings.timeout, metadata: metadata, retry_policy: @config.rpcs.group_findings.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :group_findings, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @security_center_stub, :group_findings, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists an organization's assets.
@overload list_assets
(request, options = nil)
Pass arguments to `list_assets` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::ListAssetsRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::ListAssetsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_assets
(parent: nil, filter: nil, order_by: nil, read_time: nil, compare_duration: nil, field_mask: nil, page_token: nil, page_size: nil)
Pass arguments to `list_assets` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Name of the organization assets should belong to. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". @param filter [::String] Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: * name * security_center_properties.resource_name * resource_properties.a_property * security_marks.marks.marka The supported operators are: * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes. The following are the allowed field and operator combinations: * name: `=` * update_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `update_time = "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` * create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `create_time = "2019-06-10T16:07:18-07:00"` `create_time = 1560208038000` * iam_policy.policy_blob: `=`, `:` * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` * security_marks.marks: `=`, `:` * security_center_properties.resource_name: `=`, `:` * security_center_properties.resource_display_name: `=`, `:` * security_center_properties.resource_type: `=`, `:` * security_center_properties.resource_parent: `=`, `:` * security_center_properties.resource_parent_display_name: `=`, `:` * security_center_properties.resource_project: `=`, `:` * security_center_properties.resource_project_display_name: `=`, `:` * security_center_properties.resource_owners: `=`, `:` For example, `resource_properties.size = 100` is a valid filter string. Use a partial match on the empty string to filter based on a property existing: `resource_properties.my_property : ""` Use a negated partial match on the empty string to filter based on a property not existing: `-resource_properties.my_property : ""` @param order_by [::String] Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,resource_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,resource_properties.a_property" and " name desc , resource_properties.a_property " are equivalent. The following fields are supported: name update_time resource_properties security_marks.marks security_center_properties.resource_name security_center_properties.resource_display_name security_center_properties.resource_parent security_center_properties.resource_parent_display_name security_center_properties.resource_project security_center_properties.resource_project_display_name security_center_properties.resource_type @param read_time [::Google::Protobuf::Timestamp, ::Hash] Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW. @param compare_duration [::Google::Protobuf::Duration, ::Hash] When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: * "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time. * "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. * "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time. @param field_mask [::Google::Protobuf::FieldMask, ::Hash] A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields. @param page_token [::String] The value returned by the last `ListAssetsResponse`; indicates that this is a continuation of a prior `ListAssets` call, and that the system should return the next page of data. @param page_size [::Integer] The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1365 def list_assets request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::ListAssetsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_assets.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_assets.timeout, metadata: metadata, retry_policy: @config.rpcs.list_assets.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :list_assets, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_assets, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists an organization or source's findings.
To list across all sources provide a `-` as the source id. Example: /v1/organizations/\{organization_id}/sources/-/findings
@overload list_findings
(request, options = nil)
Pass arguments to `list_findings` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::ListFindingsRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::ListFindingsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_findings
(parent: nil, filter: nil, order_by: nil, read_time: nil, compare_duration: nil, field_mask: nil, page_token: nil, page_size: nil)
Pass arguments to `list_findings` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Name of the source the findings belong to. Its format is "organizations/[organization_id]/sources/[source_id], folders/[folder_id]/sources/[source_id], or projects/[project_id]/sources/[source_id]". To list across all sources provide a source_id of `-`. For example: organizations/\\{organization_id}/sources/-, folders/\\{folder_id}/sources/- or projects/\\{projects_id}/sources/- @param filter [::String] Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form `<field> <operator> <value>` and may have a `-` character in front of them to indicate negation. Examples include: * name * source_properties.a_property * security_marks.marks.marka The supported operators are: * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes. The following field and operator combinations are supported: * name: `=` * parent: `=`, `:` * resource_name: `=`, `:` * state: `=`, `:` * category: `=`, `:` * external_uri: `=`, `:` * event_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `event_time = "2019-06-10T16:07:18-07:00"` `event_time = 1560208038000` * severity: `=`, `:` * workflow_state: `=`, `:` * security_marks.marks: `=`, `:` * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` For example, `source_properties.size = 100` is a valid filter string. Use a partial match on the empty string to filter based on a property existing: `source_properties.my_property : ""` Use a negated partial match on the empty string to filter based on a property not existing: `-source_properties.my_property : ""` * resource: * resource.name: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.type: `=`, `:` * resource.folders.resource_folder: `=`, `:` @param order_by [::String] Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma separated list of fields. For example: "name,resource_properties.a_property". The default sorting order is ascending. To specify descending order for a field, a suffix " desc" should be appended to the field name. For example: "name desc,source_properties.a_property". Redundant space characters in the syntax are insignificant. "name desc,source_properties.a_property" and " name desc , source_properties.a_property " are equivalent. The following fields are supported: name parent state category resource_name event_time source_properties security_marks.marks @param read_time [::Google::Protobuf::Timestamp, ::Hash] Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW. @param compare_duration [::Google::Protobuf::Duration, ::Hash] When compare_duration is set, the ListFindingsResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added in any state during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again. Possible "state_change" values when compare_duration is specified: * "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time. * "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time. * "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time. * "REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time. @param field_mask [::Google::Protobuf::FieldMask, ::Hash] A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields. @param page_token [::String] The value returned by the last `ListFindingsResponse`; indicates that this is a continuation of a prior `ListFindings` call, and that the system should return the next page of data. @param page_size [::Integer] The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1569 def list_findings request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::ListFindingsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_findings.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_findings.timeout, metadata: metadata, retry_policy: @config.rpcs.list_findings.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :list_findings, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_findings, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists notification configs.
@overload list_notification_configs
(request, options = nil)
Pass arguments to `list_notification_configs` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::ListNotificationConfigsRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::ListNotificationConfigsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_notification_configs
(parent: nil, page_token: nil, page_size: nil)
Pass arguments to `list_notification_configs` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Name of the organization to list notification configs. Its format is "organizations/[organization_id]". @param page_token [::String] The value returned by the last `ListNotificationConfigsResponse`; indicates that this is a continuation of a prior `ListNotificationConfigs` call, and that the system should return the next page of data. @param page_size [::Integer] The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::NotificationConfig>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::NotificationConfig>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1646 def list_notification_configs request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::ListNotificationConfigsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_notification_configs.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_notification_configs.timeout, metadata: metadata, retry_policy: @config.rpcs.list_notification_configs.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :list_notification_configs, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_notification_configs, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists all sources belonging to an organization.
@overload list_sources
(request, options = nil)
Pass arguments to `list_sources` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::ListSourcesRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::ListSourcesRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_sources
(parent: nil, page_token: nil, page_size: nil)
Pass arguments to `list_sources` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Resource name of the parent of sources to list. Its format should be "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". @param page_token [::String] The value returned by the last `ListSourcesResponse`; indicates that this is a continuation of a prior `ListSources` call, and that the system should return the next page of data. @param page_size [::Integer] The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::Source>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::SecurityCenter::V1::Source>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1724 def list_sources request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::ListSourcesRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_sources.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_sources.timeout, metadata: metadata, retry_policy: @config.rpcs.list_sources.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :list_sources, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @security_center_stub, :list_sources, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Runs asset discovery. The discovery is tracked with a long-running operation.
This API can only be called with limited frequency for an organization. If it is called too frequently the caller will receive a TOO_MANY_REQUESTS error.
@overload run_asset_discovery
(request, options = nil)
Pass arguments to `run_asset_discovery` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload run_asset_discovery
(parent: nil)
Pass arguments to `run_asset_discovery` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. Name of the organization to run asset discovery for. Its format is "organizations/[organization_id]".
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::Operation] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::Operation]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1799 def run_asset_discovery request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.run_asset_discovery.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.run_asset_discovery.timeout, metadata: metadata, retry_policy: @config.rpcs.run_asset_discovery.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :run_asset_discovery, request, options: options do |response, operation| response = ::Gapic::Operation.new response, @operations_client, options: options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Updates the state of a finding.
@overload set_finding_state
(request, options = nil)
Pass arguments to `set_finding_state` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::SetFindingStateRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::SetFindingStateRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload set_finding_state
(name: nil, state: nil, start_time: nil)
Pass arguments to `set_finding_state` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/\\{organization_id}/sources/\\{source_id}/finding/\\{finding_id}". @param state [::Google::Cloud::SecurityCenter::V1::Finding::State] Required. The desired State of the finding. @param start_time [::Google::Protobuf::Timestamp, ::Hash] Required. The time at which the updated state takes effect.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::Finding] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::Finding]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1875 def set_finding_state request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::SetFindingStateRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.set_finding_state.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.set_finding_state.timeout, metadata: metadata, retry_policy: @config.rpcs.set_finding_state.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :set_finding_state, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Sets the access control policy on the specified Source.
@overload set_iam_policy
(request, options = nil)
Pass arguments to `set_iam_policy` via a request object, either of type {::Google::Iam::V1::SetIamPolicyRequest} or an equivalent Hash. @param request [::Google::Iam::V1::SetIamPolicyRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload set_iam_policy
(resource: nil, policy: nil)
Pass arguments to `set_iam_policy` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param resource [::String] REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. @param policy [::Google::Iam::V1::Policy, ::Hash] REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Iam::V1::Policy] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Iam::V1::Policy]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 1949 def set_iam_policy request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::SetIamPolicyRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.set_iam_policy.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "resource" => request.resource } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.set_iam_policy.timeout, metadata: metadata, retry_policy: @config.rpcs.set_iam_policy.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :set_iam_policy, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Returns the permissions that a caller has on the specified source.
@overload test_iam_permissions
(request, options = nil)
Pass arguments to `test_iam_permissions` via a request object, either of type {::Google::Iam::V1::TestIamPermissionsRequest} or an equivalent Hash. @param request [::Google::Iam::V1::TestIamPermissionsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload test_iam_permissions
(resource: nil, permissions: nil)
Pass arguments to `test_iam_permissions` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param resource [::String] REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. @param permissions [::Array<::String>] The set of permissions to check for the `resource`. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Iam::V1::TestIamPermissionsResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Iam::V1::TestIamPermissionsResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 2023 def test_iam_permissions request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::V1::TestIamPermissionsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.test_iam_permissions.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "resource" => request.resource } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.test_iam_permissions.timeout, metadata: metadata, retry_policy: @config.rpcs.test_iam_permissions.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :test_iam_permissions, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.
@overload update_finding
(request, options = nil)
Pass arguments to `update_finding` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::UpdateFindingRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::UpdateFindingRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_finding
(finding: nil, update_mask: nil)
Pass arguments to `update_finding` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param finding [::Google::Cloud::SecurityCenter::V1::Finding, ::Hash] Required. The finding resource to update or create if it does not already exist. parent, security_marks, and update_time will be ignored. In the case of creation, the finding id portion of the name must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length. @param update_mask [::Google::Protobuf::FieldMask, ::Hash] The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When updating a finding, an empty mask is treated as updating all mutable fields and replacing source_properties. Individual source_properties can be added/updated by using "source_properties.<property key>" in the field mask.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::Finding] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::Finding]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 2105 def update_finding request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::UpdateFindingRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_finding.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "finding.name" => request.finding.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_finding.timeout, metadata: metadata, retry_policy: @config.rpcs.update_finding.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :update_finding, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter
@overload update_notification_config
(request, options = nil)
Pass arguments to `update_notification_config` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_notification_config
(notification_config: nil, update_mask: nil)
Pass arguments to `update_notification_config` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param notification_config [::Google::Cloud::SecurityCenter::V1::NotificationConfig, ::Hash] Required. The notification config to update. @param update_mask [::Google::Protobuf::FieldMask, ::Hash] The FieldMask to use when updating the notification config. If empty all mutable fields will be updated.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::NotificationConfig] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 2178 def update_notification_config request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_notification_config.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "notification_config.name" => request.notification_config.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_notification_config.timeout, metadata: metadata, retry_policy: @config.rpcs.update_notification_config.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :update_notification_config, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Updates an organization's settings.
@overload update_organization_settings
(request, options = nil)
Pass arguments to `update_organization_settings` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_organization_settings
(organization_settings: nil, update_mask: nil)
Pass arguments to `update_organization_settings` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param organization_settings [::Google::Cloud::SecurityCenter::V1::OrganizationSettings, ::Hash] Required. The organization settings resource to update. @param update_mask [::Google::Protobuf::FieldMask, ::Hash] The FieldMask to use when updating the settings resource. If empty all mutable fields will be updated.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::OrganizationSettings] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::OrganizationSettings]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 2250 def update_organization_settings request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_organization_settings.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "organization_settings.name" => request.organization_settings.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_organization_settings.timeout, metadata: metadata, retry_policy: @config.rpcs.update_organization_settings.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :update_organization_settings, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Updates security marks.
@overload update_security_marks
(request, options = nil)
Pass arguments to `update_security_marks` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_security_marks
(security_marks: nil, update_mask: nil, start_time: nil)
Pass arguments to `update_security_marks` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param security_marks [::Google::Cloud::SecurityCenter::V1::SecurityMarks, ::Hash] Required. The security marks resource to update. @param update_mask [::Google::Protobuf::FieldMask, ::Hash] The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. If empty or set to "marks", all marks will be replaced. Individual marks can be updated using "marks.<mark_key>". @param start_time [::Google::Protobuf::Timestamp, ::Hash] The time at which the updated SecurityMarks take effect. If not set uses current server time. Updates will be applied to the SecurityMarks that are active immediately preceding this time.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::SecurityMarks] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::SecurityMarks]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 2400 def update_security_marks request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_security_marks.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "security_marks.name" => request.security_marks.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_security_marks.timeout, metadata: metadata, retry_policy: @config.rpcs.update_security_marks.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :update_security_marks, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Updates a source.
@overload update_source
(request, options = nil)
Pass arguments to `update_source` via a request object, either of type {::Google::Cloud::SecurityCenter::V1::UpdateSourceRequest} or an equivalent Hash. @param request [::Google::Cloud::SecurityCenter::V1::UpdateSourceRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_source
(source: nil, update_mask: nil)
Pass arguments to `update_source` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param source [::Google::Cloud::SecurityCenter::V1::Source, ::Hash] Required. The source resource to update. @param update_mask [::Google::Protobuf::FieldMask, ::Hash] The FieldMask to use when updating the source resource. If empty all mutable fields will be updated.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::SecurityCenter::V1::Source] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::SecurityCenter::V1::Source]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/security_center/v1/security_center/client.rb, line 2322 def update_source request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::SecurityCenter::V1::UpdateSourceRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_source.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::SecurityCenter::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "source.name" => request.source.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_source.timeout, metadata: metadata, retry_policy: @config.rpcs.update_source.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @security_center_stub.call_rpc :update_source, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end