如何通过云功能将GCP的安全中心资产导出到云存储? [英] How to export GCP's Security Center Assets to a Cloud Storage via cloud Function?

问题描述

我有一个云函数调用SCC的list_assets并将分页的输出转换为List(以获取所有结果).但是，由于我在组织树中拥有很多资产，因此获取和云功能超时(最大超时540秒)需要花费大量时间.

I have a cloud function calling SCC's list_assets and converting the paginated output to a List (to fetch all the results). However, since I have quite a lot of assets in the organization tree, it is taking a lot of time to fetch and cloud function times out (540 seconds max timeout).

asset_iterator = security_client.list_assets(org_name)
asset_fetch_all=list(asset_iterator)

我尝试通过WebUI导出，并且工作正常(大约花了5分钟).是否可以使用API​​将资产从SCC直接导出到Cloud Storage存储桶?

I tried to export via WebUI and it works fine (took about 5 minutes). Is there a way to export the assets from SCC directly to a Cloud Storage bucket using the API?

推荐答案

尝试如下操作:我们用它来将发现上传到存储桶中.确保为SP提供功能正在运行的正确权限，以供存储桶使用.

Try something like this: We use it to upload finding into a bucket. Make sure to give the SP the function is running the right permissions to the bucket.

def test_list_medium_findings(source_name):
    # [START list_findings_at_a_time]
    from google.cloud import securitycenter
    from google.cloud import storage


    # Create a new client.
    client = securitycenter.SecurityCenterClient()


    #Set query paramaters
    organization_id = "11112222333344444"
    org_name = "organizations/{org_id}".format(org_id=organization_id)
    all_sources = "{org_name}/sources/-".format(org_name=org_name)

   
   #Query Security Command Center
    finding_result_iterator = client.list_findings(all_sources,filter_=YourFilter)

    

    #Set output file settings
    bucket="YourBucketName"
    storage_client = storage.Client()
    bucket = storage_client.get_bucket(bucket)
    output_file_name = "YourFileName"
    my_file = bucket.blob(output_file_name)


    with open('/tmp/data.txt', 'w') as file:
        for i, finding_result in enumerate(finding_result_iterator):
            file.write(
               "{}: name: {} resource: {}".format(
                  i, finding_result.finding.name, finding_result.finding.resource_name
            )
        )


    #Upload to bucket
    my_file.upload_from_filename("/tmp/data.txt")

这篇关于如何通过云功能将GCP的安全中心资产导出到云存储?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！