Skip to main content

Google Cloud Securitycenter API client library

Project description

stable pypi versions

Google Cloud Security Command Center: makes it easier for you to prevent, detect, and respond to threats. Identify security misconfigurations in virtual machines, networks, applications, and storage buckets from a centralized dashboard. Take action on them before they can potentially result in business damage or loss. Built-in capabilities can quickly surface suspicious activity in your Stackdriver security logs or indicate compromised virtual machines. Respond to threats by following actionable recommendations or exporting logs to your SIEM for further investigation.

Quick Start

In order to use this library, you first need to go through the following steps:

  1. Select or create a Cloud Platform project.

  2. Enable billing for your project.

  3. Enable the Google Cloud Security Command Center.

  4. Set up Authentication.

Installation

Install this library in a virtual environment using venv. venv is a tool that creates isolated Python environments. These isolated environments can have separate versions of Python packages, which allows you to isolate one project’s dependencies from the dependencies of other projects.

With venv, it’s possible to install this library without needing system install permissions, and without clashing with the installed system dependencies.

Code samples and snippets

Code samples and snippets live in the samples/ folder.

Supported Python Versions

Our client libraries are compatible with all current active and maintenance versions of Python.

Python >= 3.7

Unsupported Python Versions

Python <= 3.6

If you are using an end-of-life version of Python, we recommend that you update as soon as possible to an actively supported version.

Mac/Linux

python3 -m venv <your-env>
source <your-env>/bin/activate
pip install google-cloud-securitycenter

Windows

py -m venv <your-env>
.\<your-env>\Scripts\activate
pip install google-cloud-securitycenter

Next Steps

Logging

This library uses the standard Python logging functionality to log some RPC events that could be of interest for debugging and monitoring purposes. Note the following:

  1. Logs may contain sensitive information. Take care to restrict access to the logs if they are saved, whether it be on local storage or on Google Cloud Logging.

  2. Google may refine the occurrence, level, and content of various log messages in this library without flagging such changes as breaking. Do not depend on immutability of the logging events.

  3. By default, the logging events from this library are not handled. You must explicitly configure log handling using one of the mechanisms below.

Simple, environment-based configuration

To enable logging for this library without any changes in your code, set the GOOGLE_SDK_PYTHON_LOGGING_SCOPE environment variable to a valid Google logging scope. This configures handling of logging events (at level logging.DEBUG or higher) from this library in a default manner, emitting the logged messages in a structured format. It does not currently allow customizing the logging levels captured nor the handlers, formatters, etc. used for any logging event.

A logging scope is a period-separated namespace that begins with google, identifying the Python module or package to log.

  • Valid logging scopes: google, google.cloud.asset.v1, google.api, google.auth, etc.

  • Invalid logging scopes: foo, 123, etc.

NOTE: If the logging scope is invalid, the library does not set up any logging handlers.

Environment-Based Examples

  • Enabling the default handler for all Google-based loggers

export GOOGLE_SDK_PYTHON_LOGGING_SCOPE=google
  • Enabling the default handler for a specific Google module (for a client library called library_v1):

export GOOGLE_SDK_PYTHON_LOGGING_SCOPE=google.cloud.library_v1

Advanced, code-based configuration

You can also configure a valid logging scope using Python’s standard logging mechanism.

Code-Based Examples

  • Configuring a handler for all Google-based loggers

import logging

from google.cloud import library_v1

base_logger = logging.getLogger("google")
base_logger.addHandler(logging.StreamHandler())
base_logger.setLevel(logging.DEBUG)
  • Configuring a handler for a specific Google module (for a client library called library_v1):

import logging

from google.cloud import library_v1

base_logger = logging.getLogger("google.cloud.library_v1")
base_logger.addHandler(logging.StreamHandler())
base_logger.setLevel(logging.DEBUG)

Logging details

  1. Regardless of which of the mechanisms above you use to configure logging for this library, by default logging events are not propagated up to the root logger from the google-level logger. If you need the events to be propagated to the root logger, you must explicitly set logging.getLogger("google").propagate = True in your code.

  2. You can mix the different logging configurations above for different Google modules. For example, you may want use a code-based logging configuration for one library, but decide you need to also set up environment-based logging configuration for another library.

    1. If you attempt to use both code-based and environment-based configuration for the same module, the environment-based configuration will be ineffectual if the code -based configuration gets applied first.

  3. The Google-specific logging configurations (default handlers for environment-based configuration; not propagating logging events to the root logger) get executed the first time any client library is instantiated in your application, and only if the affected loggers have not been previously configured. (This is the reason for 2.i. above.)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

google_cloud_securitycenter-1.39.0.tar.gz (758.1 kB view details)

Uploaded Source

Built Distribution

google_cloud_securitycenter-1.39.0-py3-none-any.whl (669.0 kB view details)

Uploaded Python 3

File details

Details for the file google_cloud_securitycenter-1.39.0.tar.gz.

File metadata

File hashes

Hashes for google_cloud_securitycenter-1.39.0.tar.gz
Algorithm Hash digest
SHA256 177c846bb0d3a6956bd97f6e7d654e43f9247b2b4629999e398ebad60525ccff
MD5 6a05276cca85867bb72f29f2aea1b561
BLAKE2b-256 c5043ce12f9fe0c79a06fbdf7a3cc38c82db3352e803e5607e5f5f17a4a9bdf4

See more details on using hashes here.

File details

Details for the file google_cloud_securitycenter-1.39.0-py3-none-any.whl.

File metadata

File hashes

Hashes for google_cloud_securitycenter-1.39.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e995aa980b945ad095c4dabf726b5dcde5ed230c68fbf7857176dfa3b9f3a222
MD5 5612cf607c13b9e15812195072c9931f
BLAKE2b-256 e28c530de6eff37bfd59784daa03e67c2898ff64e7526202aa9cb4f2343cb28a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page