New creates a new Service.

NewService creates a new Service.

See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

Access: Represents an access event.

AccessReview: Conveys information about a Kubernetes access review (such as one returned by a `kubectl auth can-i` (https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) command) that was involved in a finding.

AdaptiveProtection: Information about Google Cloud Armor Adaptive Protection (https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection).

Allowed: Allowed IP rule.

Application: Represents an application associated with a finding.

Asset: Security Command Center representation of a Google Cloud resource.

AssetDiscoveryConfig: The configuration used for Asset Discovery runs.

Attack: Information about DDoS attack volume and classification.

AttackExposure: An attack exposure contains the results of an attack path simulation run.

AuditConfig: Specifies the audit configuration for a service.

AuditLogConfig: Provides the configuration for logging a type of permissions.

AwsAccount: An AWS account that is a member of an organization.

AwsMetadata: AWS metadata associated with the resource, only applicable if the finding's cloud provider is Amazon Web Services.

AwsOrganization: An organization is a collection of accounts that are centrally managed together using consolidated billing, organized hierarchically with organizational units (OUs), and controlled with policies.

AwsOrganizationalUnit: An Organizational Unit (OU) is a container of AWS accounts within a root of an organization.

AzureManagementGroup: Represents an Azure management group.

AzureMetadata: Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.

AzureResourceGroup: Represents an Azure resource group.

AzureSubscription: Represents an Azure subscription.

AzureTenant: Represents a Microsoft Entra tenant.

BackupDisasterRecovery: Information related to Google Cloud Backup and DR Service findings.

Binding: Associates `members`, or principals, with a `role`.

CancelOperationRequest: The request message for Operations.CancelOperation.

CloudArmor: Fields related to Google Cloud Armor findings.

CloudDlpDataProfile: The data profile (https://cloud.google.com/dlp/docs/data-profiles) associated with the finding.

CloudDlpInspection: Details about the Cloud Data Loss Prevention (Cloud DLP) inspection job (https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the finding.

CloudLoggingEntry: Metadata taken from a Cloud Logging LogEntry (https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry).

Compliance: Contains compliance information about a security standard indicating unmet recommendations.

ComplianceSnapshot: Result containing the properties and count of a ComplianceSnapshot request.

Connection: Contains information about the IP connection associated with the finding.

Contact: The email address of a contact.

ContactDetails: Details about specific contacts.

Container: Container associated with the finding.

Cve: CVE stands for Common Vulnerabilities and Exposures.

Cvssv3: Common Vulnerability Scoring System version 3.

DataAccessEvent: Details about a data access attempt made by a principal not authorized under applicable data security policy.

Database: Represents database access information, such as queries.

DataFlowEvent: Details about a data flow event, in which either the data is moved to or is accessed from a non-compliant geo-location, as defined in the applicable data security policy.

DataRetentionDeletionEvent: Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy.

Denied: Denied IP rule.

Detection: Memory hash detection contributing to the binary family match.

Disk: Contains information about the disk associated with the finding.

DiskPath: Path of the file in terms of underlying disk/partition identifiers.

DynamicMuteRecord: The record of a dynamic mute rule that matches the finding.

Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.

EnvironmentVariable: A name-value pair representing an environment variable used in an operating system process.

ExfilResource: Resource where data was exfiltrated from or exfiltrated to.

Exfiltration: Exfiltration represents a data exfiltration attempt from one or more sources to one or more targets.

Expr: Represents a textual expression in the Common Expression Language (CEL) syntax.

File: File information about the related binary/library used by an executable, or the script used by a script interpreter.

Finding: Security Command Center finding.

Folder: Message that contains the resource name and display name of a folder resource.

GcpMetadata: GCP metadata associated with the resource, only applicable if the finding's cloud provider is Google Cloud Platform.

Geolocation: Represents a geographical location for a given access.

GetIamPolicyRequest: Request message for `GetIamPolicy` method.

GetPolicyOptions: Encapsulates settings provided to GetIamPolicy.

GoogleCloudSecuritycenterV1beta1Finding: Security Command Center finding.

GoogleCloudSecuritycenterV1beta1RunAssetDiscoveryResponse: Response of asset discovery run.

GoogleCloudSecuritycenterV1beta1SecurityMarks: User specified security marks that are attached to the parent Security Command Center resource.

GoogleCloudSecuritycenterV1BigQueryExport: Configures how to deliver Findings to BigQuery Instance.

GoogleCloudSecuritycenterV1Binding: Represents a Kubernetes RoleBinding or ClusterRoleBinding.

GoogleCloudSecuritycenterV1BulkMuteFindingsResponse: The response to a BulkMute request.

GoogleCloudSecuritycenterV1CustomConfig: Defines the properties in a custom module configuration for Security Health Analytics.

GoogleCloudSecuritycenterV1CustomOutputSpec: A set of optional name-value pairs that define custom source properties to return with each finding that is generated by the custom module.

GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule: An EffectiveSecurityHealthAnalyticsCustomModule is the representation of a Security Health Analytics custom module at a specified level of the resource hierarchy: organization, folder, or project.

GoogleCloudSecuritycenterV1ExternalSystem: Representation of third party SIEM/SOAR fields within SCC.

GoogleCloudSecuritycenterV1MuteConfig: A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.

GoogleCloudSecuritycenterV1NotificationMessage: Cloud SCC's Notification.

GoogleCloudSecuritycenterV1p1beta1Finding: Security Command Center finding.

GoogleCloudSecuritycenterV1p1beta1Folder: Message that contains the resource name and display name of a folder resource.

GoogleCloudSecuritycenterV1p1beta1NotificationMessage: Security Command Center's Notification.

GoogleCloudSecuritycenterV1p1beta1Resource: Information related to the Google Cloud resource.

GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse: Response of asset discovery run.

GoogleCloudSecuritycenterV1p1beta1SecurityMarks: User specified security marks that are attached to the parent Security Command Center resource.

GoogleCloudSecuritycenterV1Property: An individual name-value pair that defines a custom source property.

GoogleCloudSecuritycenterV1Resource: Information related to the Google Cloud resource.

GoogleCloudSecuritycenterV1ResourceSelector: Resource for selecting resource type.

GoogleCloudSecuritycenterV1ResourceValueConfig: A resource value configuration (RVC) is a mapping configuration of user's resources to resource values.

GoogleCloudSecuritycenterV1RunAssetDiscoveryResponse: Response of asset discovery run.

GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule: Represents an instance of a Security Health Analytics custom module, including its full module name, display name, enablement state, and last updated time.

GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping: Resource value mapping for Sensitive Data Protection findings.

GoogleCloudSecuritycenterV2Access: Represents an access event.

GoogleCloudSecuritycenterV2AccessReview: Conveys information about a Kubernetes access review (such as one returned by a `kubectl auth can-i` (https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) command) that was involved in a finding.

GoogleCloudSecuritycenterV2AdaptiveProtection: Information about Google Cloud Armor Adaptive Protection (https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection).

GoogleCloudSecuritycenterV2Allowed: Allowed IP rule.

GoogleCloudSecuritycenterV2Application: Represents an application associated with a finding.

GoogleCloudSecuritycenterV2Attack: Information about DDoS attack volume and classification.

GoogleCloudSecuritycenterV2AttackExposure: An attack exposure contains the results of an attack path simulation run.

GoogleCloudSecuritycenterV2AwsAccount: An AWS account that is a member of an organization.

GoogleCloudSecuritycenterV2AwsMetadata: AWS metadata associated with the resource, only applicable if the finding's cloud provider is Amazon Web Services.

GoogleCloudSecuritycenterV2AwsOrganization: An organization is a collection of accounts that are centrally managed together using consolidated billing, organized hierarchically with organizational units (OUs), and controlled with policies.

GoogleCloudSecuritycenterV2AwsOrganizationalUnit: An Organizational Unit (OU) is a container of AWS accounts within a root of an organization.

GoogleCloudSecuritycenterV2AzureManagementGroup: Represents an Azure management group.

GoogleCloudSecuritycenterV2AzureMetadata: Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.

GoogleCloudSecuritycenterV2AzureResourceGroup: Represents an Azure resource group.

GoogleCloudSecuritycenterV2AzureSubscription: Represents an Azure subscription.

GoogleCloudSecuritycenterV2AzureTenant: Represents a Microsoft Entra tenant.

GoogleCloudSecuritycenterV2BackupDisasterRecovery: Information related to Google Cloud Backup and DR Service findings.

GoogleCloudSecuritycenterV2BigQueryExport: Configures how to deliver Findings to BigQuery Instance.

GoogleCloudSecuritycenterV2Binding: Represents a Kubernetes RoleBinding or ClusterRoleBinding.

GoogleCloudSecuritycenterV2BulkMuteFindingsResponse: The response to a BulkMute request.

GoogleCloudSecuritycenterV2CloudArmor: Fields related to Google Cloud Armor findings.

GoogleCloudSecuritycenterV2CloudDlpDataProfile: The data profile (https://cloud.google.com/dlp/docs/data-profiles) associated with the finding.

GoogleCloudSecuritycenterV2CloudDlpInspection: Details about the Cloud Data Loss Prevention (Cloud DLP) inspection job (https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the finding.

GoogleCloudSecuritycenterV2CloudLoggingEntry: Metadata taken from a Cloud Logging LogEntry (https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry).

GoogleCloudSecuritycenterV2Compliance: Contains compliance information about a security standard indicating unmet recommendations.

GoogleCloudSecuritycenterV2Connection: Contains information about the IP connection associated with the finding.

GoogleCloudSecuritycenterV2Contact: The email address of a contact.

GoogleCloudSecuritycenterV2ContactDetails: Details about specific contacts.

GoogleCloudSecuritycenterV2Container: Container associated with the finding.

GoogleCloudSecuritycenterV2Cve: CVE stands for Common Vulnerabilities and Exposures.

GoogleCloudSecuritycenterV2Cvssv3: Common Vulnerability Scoring System version 3.

GoogleCloudSecuritycenterV2DataAccessEvent: Details about a data access attempt made by a principal not authorized under applicable data security policy.

GoogleCloudSecuritycenterV2Database: Represents database access information, such as queries.

GoogleCloudSecuritycenterV2DataFlowEvent: Details about a data flow event, in which either the data is moved to or is accessed from a non-compliant geo-location, as defined in the applicable data security policy.

GoogleCloudSecuritycenterV2DataRetentionDeletionEvent: Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy.

GoogleCloudSecuritycenterV2Denied: Denied IP rule.

GoogleCloudSecuritycenterV2Detection: Memory hash detection contributing to the binary family match.

GoogleCloudSecuritycenterV2Disk: Contains information about the disk associated with the finding.

GoogleCloudSecuritycenterV2DiskPath: Path of the file in terms of underlying disk/partition identifiers.

GoogleCloudSecuritycenterV2DynamicMuteRecord: The record of a dynamic mute rule that matches the finding.

GoogleCloudSecuritycenterV2EnvironmentVariable: A name-value pair representing an environment variable used in an operating system process.

GoogleCloudSecuritycenterV2ExfilResource: Resource where data was exfiltrated from or exfiltrated to.

GoogleCloudSecuritycenterV2Exfiltration: Exfiltration represents a data exfiltration attempt from one or more sources to one or more targets.

GoogleCloudSecuritycenterV2ExternalSystem: Representation of third party SIEM/SOAR fields within SCC.

GoogleCloudSecuritycenterV2File: File information about the related binary/library used by an executable, or the script used by a script interpreter.

GoogleCloudSecuritycenterV2Finding: Security Command Center finding.

GoogleCloudSecuritycenterV2Folder: Message that contains the resource name and display name of a folder resource.

GoogleCloudSecuritycenterV2Geolocation: Represents a geographical location for a given access.

GoogleCloudSecuritycenterV2GroupMembership: Contains details about groups of which this finding is a member.

GoogleCloudSecuritycenterV2IamBinding: Represents a particular IAM binding, which captures a member's role addition, removal, or state.

GoogleCloudSecuritycenterV2Indicator: Represents what's commonly known as an _indicator of compromise_ (IoC) in computer forensics.

GoogleCloudSecuritycenterV2IpRule: IP rule information.

GoogleCloudSecuritycenterV2IpRules: IP rules associated with the finding.

GoogleCloudSecuritycenterV2Issue: Security Command Center Issue.

GoogleCloudSecuritycenterV2IssueDomain: The domains of an issue.

GoogleCloudSecuritycenterV2IssueFinding: Finding related to an issue.

GoogleCloudSecuritycenterV2IssueFindingCve: The CVE of the finding.

GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin: The security bulletin of the finding.

GoogleCloudSecuritycenterV2IssueMute: The mute information of the issue.

GoogleCloudSecuritycenterV2IssueResource: A resource associated with the an issue.

GoogleCloudSecuritycenterV2IssueResourceAwsMetadata: The AWS metadata of a resource associated with an issue.

GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount: The AWS account of the resource associated with the issue.

GoogleCloudSecuritycenterV2IssueResourceAzureMetadata: The Azure metadata of a resource associated with an issue.

GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription: The Azure subscription of the resource associated with the issue.

GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata: Google Cloud metadata of a resource associated with an issue.

GoogleCloudSecuritycenterV2IssueSecurityContext: Security context associated with an issue.

GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount: Aggregated count of a security context.

GoogleCloudSecuritycenterV2IssueSecurityContextContext: Context of a security context.

GoogleCloudSecuritycenterV2Job: Describes a job.

GoogleCloudSecuritycenterV2KernelRootkit: Kernel mode rootkit signatures.

GoogleCloudSecuritycenterV2Kubernetes: Kubernetes-related attributes.

GoogleCloudSecuritycenterV2Label: Represents a generic name-value label.

GoogleCloudSecuritycenterV2LoadBalancer: Contains information related to the load balancer associated with the finding.

GoogleCloudSecuritycenterV2LogEntry: An individual entry in a log.

GoogleCloudSecuritycenterV2MemoryHashSignature: A signature corresponding to memory page hashes.

GoogleCloudSecuritycenterV2MitreAttack: MITRE ATT&CK tactics and techniques related to this finding.

GoogleCloudSecuritycenterV2MuteConfig: A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.

GoogleCloudSecuritycenterV2MuteInfo: Mute information about the finding, including whether the finding has a static mute or any matching dynamic mute rules.

GoogleCloudSecuritycenterV2Network: Contains information about a VPC network associated with the finding.

GoogleCloudSecuritycenterV2Node: Kubernetes nodes associated with the finding.

GoogleCloudSecuritycenterV2NodePool: Provides GKE node pool information.

GoogleCloudSecuritycenterV2Notebook: Represents a Jupyter notebook IPYNB file, such as a Colab Enterprise notebook (https://cloud.google.com/colab/docs/introduction) file, that is associated with a finding.

GoogleCloudSecuritycenterV2NotificationMessage: Cloud SCC's Notification.

GoogleCloudSecuritycenterV2Object: Kubernetes object related to the finding, uniquely identified by GKNN.

GoogleCloudSecuritycenterV2OrgPolicy: Contains information about the org policies associated with the finding.

GoogleCloudSecuritycenterV2Package: Package is a generic definition of a package.

GoogleCloudSecuritycenterV2Pod: A Kubernetes Pod.

GoogleCloudSecuritycenterV2PolicyDriftDetails: The policy field that violates the deployed posture and its expected and detected values.

GoogleCloudSecuritycenterV2PortRange: A port range which is inclusive of the min and max values.

GoogleCloudSecuritycenterV2Process: Represents an operating system process.

GoogleCloudSecuritycenterV2ProcessSignature: Indicates what signature matched this process.

GoogleCloudSecuritycenterV2Reference: Additional Links.

GoogleCloudSecuritycenterV2Requests: Information about the requests relevant to the finding.

GoogleCloudSecuritycenterV2Resource: Information related to the Google Cloud resource.

GoogleCloudSecuritycenterV2ResourcePath: Represents the path of resources leading up to the resource this finding is about.

GoogleCloudSecuritycenterV2ResourcePathNode: A node within the resource path.

GoogleCloudSecuritycenterV2ResourceValueConfig: A resource value configuration (RVC) is a mapping configuration of user's resources to resource values.

GoogleCloudSecuritycenterV2Role: Kubernetes Role or ClusterRole.

GoogleCloudSecuritycenterV2SecurityBulletin: SecurityBulletin are notifications of vulnerabilities of Google products.

GoogleCloudSecuritycenterV2SecurityMarks: User specified security marks that are attached to the parent Security Command Center resource.

GoogleCloudSecuritycenterV2SecurityPolicy: Information about the Google Cloud Armor security policy (https://cloud.google.com/armor/docs/security-policy-overview) relevant to the finding.

GoogleCloudSecuritycenterV2SecurityPosture: Represents a posture that is deployed on Google Cloud by the Security Command Center Posture Management service.

GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping: Resource value mapping for Sensitive Data Protection findings If any of these mappings have a resource value that is not unspecified, the resource_value field will be ignored when reading this configuration.

GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo: Identity delegation history of an authenticated service account.

GoogleCloudSecuritycenterV2StaticMute: Information about the static mute state.

GoogleCloudSecuritycenterV2Subject: Represents a Kubernetes subject.

GoogleCloudSecuritycenterV2TicketInfo: Information about the ticket, if any, that is being used to track the resolution of the issue that is identified by this finding.

GoogleCloudSecuritycenterV2ToxicCombination: Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently.

GoogleCloudSecuritycenterV2Vulnerability: Refers to common vulnerability fields e.g.

GoogleCloudSecuritycenterV2YaraRuleSignature: A signature corresponding to a YARA rule.

GroupAssetsRequest: Request message for grouping by assets.

GroupAssetsResponse: Response message for grouping by assets.

GroupFindingsRequest: Request message for grouping by findings.

GroupFindingsResponse: Response message for group by findings.

GroupMembership: Contains details about groups of which this finding is a member.

GroupResult: Result containing the properties and count of a groupBy request.

IamBinding: Represents a particular IAM binding, which captures a member's role addition, removal, or state.

Indicator: Represents what's commonly known as an _indicator of compromise_ (IoC) in computer forensics.

IpRule: IP rule information.

IpRules: IP rules associated with the finding.

Job: Describes a job.

KernelRootkit: Kernel mode rootkit signatures.

Kubernetes: Kubernetes-related attributes.

Label: Represents a generic name-value label.

ListAssetsResponse: Response message for listing assets.

ListAssetsResult: Result containing the Asset and its State.

ListFindingsResponse: Response message for listing findings.

ListOperationsResponse: The response message for Operations.ListOperations.

ListSourcesResponse: Response message for listing sources.

LoadBalancer: Contains information related to the load balancer associated with the finding.

LogEntry: An individual entry in a log.

MemoryHashSignature: A signature corresponding to memory page hashes.

MitreAttack: MITRE ATT&CK tactics and techniques related to this finding.

MuteInfo: Mute information about the finding, including whether the finding has a static mute or any matching dynamic mute rules.

Network: Contains information about a VPC network associated with the finding.

Node: Kubernetes nodes associated with the finding.

NodePool: Provides GKE node pool information.

Notebook: Represents a Jupyter notebook IPYNB file, such as a Colab Enterprise notebook (https://cloud.google.com/colab/docs/introduction) file, that is associated with a finding.

Object: Kubernetes object related to the finding, uniquely identified by GKNN.

Operation: This resource represents a long-running operation that is the result of a network API call.

OrganizationSettings: User specified settings that are attached to the Security Command Center organization.

OrgPolicy: Contains information about the org policies associated with the finding.

Package: Package is a generic definition of a package.

Pod: A Kubernetes Pod.

Policy: An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.

PolicyDriftDetails: The policy field that violates the deployed posture and its expected and detected values.

PortRange: A port range which is inclusive of the min and max values.

Process: Represents an operating system process.

ProcessSignature: Indicates what signature matched this process.

Reference: Additional Links.

Requests: Information about the requests relevant to the finding.

ResourcePath: Represents the path of resources leading up to the resource this finding is about.

ResourcePathNode: A node within the resource path.

Role: Kubernetes Role or ClusterRole.

RunAssetDiscoveryRequest: Request message for running asset discovery for an organization.

SecurityBulletin: SecurityBulletin are notifications of vulnerabilities of Google products.

SecurityCenterProperties: Security Command Center managed properties.

SecurityMarks: User specified security marks that are attached to the parent Security Command Center resource.

SecurityPolicy: Information about the Google Cloud Armor security policy (https://cloud.google.com/armor/docs/security-policy-overview) relevant to the finding.

SecurityPosture: Represents a posture that is deployed on Google Cloud by the Security Command Center Posture Management service.

ServiceAccountDelegationInfo: Identity delegation history of an authenticated service account.

SetFindingStateRequest: Request message for updating a finding's state.

SetIamPolicyRequest: Request message for `SetIamPolicy` method.

Source: Security Command Center finding source.

StaticMute: Information about the static mute state.

Status: The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs.

Subject: Represents a Kubernetes subject.

TestIamPermissionsRequest: Request message for `TestIamPermissions` method.

TestIamPermissionsResponse: Response message for `TestIamPermissions` method.

TicketInfo: Information about the ticket, if any, that is being used to track the resolution of the issue that is identified by this finding.

ToxicCombination: Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently.

Vulnerability: Refers to common vulnerability fields e.g.

VulnerabilityCountBySeverity: Vulnerability count by severity.

VulnerabilitySnapshot: Result containing the properties and count of a VulnerabilitySnapshot request.

YaraRuleSignature: A signature corresponding to a YARA rule.