NAME

gcloud scc findings update-marks - update Cloud Security Command Center finding's security marks

SYNOPSIS

gcloud scc findings update-marks (FINDING : --organization=ORGANIZATION --source=SOURCE) [--security-marks=[SECURITY_MARKS,...]] [--start-time=START_TIME] [--update-mask=UPDATE_MASK] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

Update Cloud Security Command Center finding's security marks.

EXAMPLES

Selectively update security mark (Key1) with value (v1) on my-finding. Note that other security marks on my-finding are untouched:

$ gcloud scc findings update-marks my-finding \ --organization=123456 --source=5678 --security-marks="key1=v1" \ --update-mask="marks.markKey1"

Update all security marks on my-finding, under project example-project and source 5678:

$ gcloud scc findings update-marks \ projects/example-project/sources/5678/findings/my-finding \ --security-marks="key1=v1,key2=v2"

Update all security marks on my-finding, under folder 456 and source 5678:

$ gcloud scc findings update-marks \ folders/456/sources/5678/findings/my-finding \ --security-marks="key1=v1,key2=v2"

Update all security marks on my-finding, under organization 123456 and source 5678:

$ gcloud scc findings update-marks my-finding \ --organization=123456 --source=5678 \ --security-marks="key1=v1,key2=v2"

Delete all security marks on my-finding:

$ gcloud scc findings update-marks my-finding \ --organization=123456 --source=5678 --security-marks=""

POSITIONAL ARGUMENTS

Finding resource - The finding to be used for the SCC (Security Command Center)

command. The arguments in this group can be used to specify the attributes of this resource.

This must be specified.

FINDING

ID of the finding or fully qualified identifier for the finding. To set the finding attribute:

  • provide the argument finding on the command line.

This positional argument must be specified if any of the other arguments in this group are specified.

--organization=ORGANIZATION

(Optional) If the full resource name isn't provided e.g. organizations/123, then provide the organization id which is the suffix of the organization. Example: organizations/123, the id is 123.

To set the organization attribute:

  • provide the argument finding on the command line with a fully specified name;

  • provide the argument --organization on the command line;

  • Set the organization property in configuration using gcloud config set scc/organization if it is not specified in command line..

--source=SOURCE

(Optional) If the full resource name isn't provided e.g. organizations/123/sources/456, then provide the source id which is the suffix of the source. Example: organizations/123/sources/456, the id is 456.

To set the source attribute:

  • provide the argument finding on the command line with a fully specified name;

  • provide the argument --source on the command line.

FLAGS

--security-marks=[SECURITY_MARKS,...]

SecurityMarks resource to be passed as the request body. It's a key=value pair separated by comma (,). For example: --security-marks="key1=val1,key2=val2".

--start-time=START_TIME

Time at which the updated SecurityMarks take effect. For example: 2019-02-28T07:00:00Z

--update-mask=UPDATE_MASK

Use update-mask if you want to selectively update marks represented by --security-marks flag. For example: --update-mask="marks.key1,marks.key2". If you want to override all the marks for the given finding either skip the update-mask flag or provide an empty value (--update-mask '') for it.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

API REFERENCE

This command uses the securitycenter/v1 API. The full documentation for this API can be found at: https://cloud.google.com/security-command-center

NOTES

These variants are also available:

$ gcloud alpha scc findings update-marks

$ gcloud beta scc findings update-marks