Google Cloud Security Command Center · Schema
Google Cloud Security Command Center Finding
Schema for a Security Command Center finding, representing a security issue or threat detected in a cloud resource.
Cloud SecurityComplianceRisk ManagementSecurityThreat DetectionVulnerability Management
Properties
| Name | Type | Description |
|---|---|---|
| name | string | The relative resource name of the finding |
| parent | string | The relative resource name of the source the finding belongs to |
| state | string | The state of the finding |
| category | string | The additional taxonomy group within findings from a given source |
| resourceName | string | The full resource name of the Google Cloud resource this finding is for |
| severity | string | The severity of the finding |
| externalUri | string | URI that points to a web page with additional information about the finding |
| sourceProperties | object | Source-specific properties that are set by the source that writes the finding |
| eventTime | string | The time the finding was first detected |
| createTime | string | The time at which the finding was created in Security Command Center |
| securityMarks | object | User-specified security marks applied to the finding |
| vulnerability | object | Represents vulnerability-specific fields like CVE and CVSS scores |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://cloud.google.com/schemas/securitycenter/finding.json",
"title": "Google Cloud Security Command Center Finding",
"description": "Schema for a Security Command Center finding, representing a security issue or threat detected in a cloud resource.",
"type": "object",
"required": ["category", "resourceName", "state"],
"properties": {
"name": {
"type": "string",
"description": "The relative resource name of the finding"
},
"parent": {
"type": "string",
"description": "The relative resource name of the source the finding belongs to"
},
"state": {
"type": "string",
"description": "The state of the finding",
"enum": ["ACTIVE", "INACTIVE"]
},
"category": {
"type": "string",
"description": "The additional taxonomy group within findings from a given source"
},
"resourceName": {
"type": "string",
"description": "The full resource name of the Google Cloud resource this finding is for"
},
"severity": {
"type": "string",
"description": "The severity of the finding",
"enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW"]
},
"externalUri": {
"type": "string",
"format": "uri",
"description": "URI that points to a web page with additional information about the finding"
},
"sourceProperties": {
"type": "object",
"description": "Source-specific properties that are set by the source that writes the finding",
"additionalProperties": true
},
"eventTime": {
"type": "string",
"format": "date-time",
"description": "The time the finding was first detected"
},
"createTime": {
"type": "string",
"format": "date-time",
"description": "The time at which the finding was created in Security Command Center"
},
"securityMarks": {
"$ref": "#/$defs/SecurityMarks",
"description": "User-specified security marks applied to the finding"
},
"vulnerability": {
"$ref": "#/$defs/Vulnerability",
"description": "Represents vulnerability-specific fields like CVE and CVSS scores"
}
},
"$defs": {
"SecurityMarks": {
"type": "object",
"description": "User-specified security marks attached to the finding",
"properties": {
"name": {
"type": "string",
"description": "The relative resource name of the SecurityMarks"
},
"marks": {
"type": "object",
"description": "Mutable user-specified security marks",
"additionalProperties": {
"type": "string"
}
}
}
},
"Vulnerability": {
"type": "object",
"description": "Vulnerability information for the finding",
"properties": {
"cve": {
"type": "object",
"description": "CVE information",
"properties": {
"id": {
"type": "string",
"description": "The unique CVE identifier"
},
"cvssv3": {
"type": "object",
"properties": {
"baseScore": {
"type": "number",
"description": "The base score for CVSS v3"
},
"attackVector": {
"type": "string",
"enum": ["NETWORK", "ADJACENT", "LOCAL", "PHYSICAL"]
}
}
}
}
}
}
}
}
}