google-cloud-security_center-v1 0.6.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 977b27bf8d5cdc9635deb71175f475ef0d208c7fce2f09af5ae2e29bf7f886bf
-  data.tar.gz: d6357cf31f5d996ef12c3285525bd0b48a4964d994a60964c09a48a2bf47bead
+  metadata.gz: d6cf0e3ef3cc8a50ab83356e628e5bdd41587b6f3b8f411716491013dcff25ab
+  data.tar.gz: feab623d462bf650c55eb957ff01dcf5b85c07cbb7539e1f688e2f9409f85e1a
 SHA512:
-  metadata.gz: c0de14bba5173b913d6a8b934798e79fb0cfe194b6a5029069ce0bed95c9f8432cbdb66694afafff5e4319157eb80491eae99c1aa50971cc218f7abc68b94f81
-  data.tar.gz: fc37bd01855c361fc73aa9e4c411fe51f46191c1e466bb415ff20cb4797cbcf5eca4761d5baf12f7a73b2bc4193716a84bfd9141ac2e5feede1064971e664ab2
+  metadata.gz: 3bbcbddb45342e566e0452fcc46dbccc8088eb1e9000d08928c21361ac5b655a564cbdff812286d2b651156f49a574ed6f77116c1da80f46aa665d4ddebd5865
+  data.tar.gz: 74b50f37bed033ce7c7dbc0c01e83541855f3ddfcdfde0c202e50c0214a357153896dda8bfbd142cd04c76f821ea66b9b6d72c90033486f3cc49b72e7bbc6d8b

data/AUTHENTICATION.md

@@ -66,11 +66,11 @@ The environment variables that google-cloud-security_center-v1
 checks for credentials are configured on the service Credentials class (such as
 {::Google::Cloud::SecurityCenter::V1::SecurityCenter::Credentials}):
 
-1. `SECURITY_CENTER_CREDENTIALS` - Path to JSON file, or JSON contents
-2. `SECURITY_CENTER_KEYFILE` - Path to JSON file, or JSON contents
-3. `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
-4. `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
-5. `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
+* `SECURITY_CENTER_CREDENTIALS` - Path to JSON file, or JSON contents
+* `SECURITY_CENTER_KEYFILE` - Path to JSON file, or JSON contents
+* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
+* `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
+* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
 
 ```ruby
 require "google/cloud/security_center/v1"
@@ -82,8 +82,8 @@ client = ::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client.new
 
 ### Configuration
 
-The **Credentials JSON** can be configured instead of placing them in
-environment variables. Either on an individual client initialization:
+The path to the **Credentials JSON** file can be configured instead of storing
+it in an environment variable. Either on an individual client initialization:
 
 ```ruby
 require "google/cloud/security_center/v1"
@@ -93,7 +93,7 @@ client = ::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client.new do |con
 end
 ```
 
-Or configured globally for all clients:
+Or globally for all clients:
 
 ```ruby
 require "google/cloud/security_center/v1"

data/README.md

@@ -33,7 +33,7 @@ In order to use this library, you first need to go through the following steps:
 require "google/cloud/security_center/v1"
 
 client = ::Google::Cloud::SecurityCenter::V1::SecurityCenter::Client.new
-request = my_create_request
+request = ::Google::Cloud::SecurityCenter::V1::CreateSourceRequest.new # (request fields as keyword arguments...)
 response = client.create_source request
 ```
 

data/lib/google/cloud/security_center/v1/security_center/client.rb

@@ -75,82 +75,52 @@ module Google
 
                 default_config.rpcs.get_iam_policy.timeout = 60.0
                 default_config.rpcs.get_iam_policy.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.get_notification_config.timeout = 60.0
                 default_config.rpcs.get_notification_config.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.get_organization_settings.timeout = 60.0
                 default_config.rpcs.get_organization_settings.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.get_source.timeout = 60.0
                 default_config.rpcs.get_source.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.group_assets.timeout = 480.0
                 default_config.rpcs.group_assets.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.group_findings.timeout = 480.0
                 default_config.rpcs.group_findings.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.list_assets.timeout = 480.0
                 default_config.rpcs.list_assets.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.list_findings.timeout = 480.0
                 default_config.rpcs.list_findings.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.list_notification_configs.timeout = 60.0
                 default_config.rpcs.list_notification_configs.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.list_sources.timeout = 60.0
                 default_config.rpcs.list_sources.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.run_asset_discovery.timeout = 60.0
@@ -161,10 +131,7 @@ module Google
 
                 default_config.rpcs.test_iam_permissions.timeout = 60.0
                 default_config.rpcs.test_iam_permissions.retry_policy = {
-                  initial_delay: 0.1,
-              max_delay: 60.0,
-              multiplier: 1.3,
-              retry_codes: [4, 14]
+                  initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [4, 14]
                 }
 
                 default_config.rpcs.update_finding.timeout = 60.0
@@ -245,7 +212,7 @@ module Google
                                        !@config.endpoint.split(".").first.include?("-")
               credentials ||= Credentials.default scope: @config.scope,
                                                   enable_self_signed_jwt: enable_self_signed_jwt
-              if credentials.is_a?(String) || credentials.is_a?(Hash)
+              if credentials.is_a?(::String) || credentials.is_a?(::Hash)
                 credentials = Credentials.new credentials, scope: @config.scope
               end
               @quota_project_id = @config.quota_project
@@ -853,7 +820,8 @@ module Google
             #
             #   @param parent [::String]
             #     Required. Name of the organization to groupBy. Its format is
-            #     "organizations/[organization_id]".
+            #     "organizations/[organization_id], folders/[folder_id], or
+            #     projects/[project_id]".
             #   @param filter [::String]
             #     Expression that defines the filter to apply across assets.
             #     The expression is a list of zero or more restrictions combined via logical
@@ -1028,7 +996,9 @@ module Google
             # specified properties.
             #
             # To group across all sources provide a `-` as the source id.
-            # Example: /v1/organizations/\\{organization_id}/sources/-/findings
+            # Example: /v1/organizations/\\{organization_id}/sources/-/findings,
+            # /v1/folders/\\{folder_id}/sources/-/findings,
+            # /v1/projects/\\{project_id}/sources/-/findings
             #
             # @overload group_findings(request, options = nil)
             #   Pass arguments to `group_findings` via a request object, either of type
@@ -1047,9 +1017,12 @@ module Google
             #
             #   @param parent [::String]
             #     Required. Name of the source to groupBy. Its format is
-            #     "organizations/[organization_id]/sources/[source_id]". To groupBy across
-            #     all sources provide a source_id of `-`. For example:
-            #     organizations/\\{organization_id}/sources/-
+            #     "organizations/[organization_id]/sources/[source_id]",
+            #     folders/[folder_id]/sources/[source_id], or
+            #     projects/[project_id]/sources/[source_id]. To groupBy across all sources
+            #     provide a source_id of `-`. For example:
+            #     organizations/\\{organization_id}/sources/-, folders/\\{folder_id}/sources/-,
+            #     or projects/\\{project_id}/sources/-
             #   @param filter [::String]
             #     Expression that defines the filter to apply across findings.
             #     The expression is a list of one or more restrictions combined via logical
@@ -1084,23 +1057,32 @@ module Google
             #     * category: `=`, `:`
             #     * external_uri: `=`, `:`
             #     * event_time: `=`, `>`, `<`, `>=`, `<=`
-            #     * severity: `=`, `:`
             #
             #       Usage: This should be milliseconds since epoch or an RFC3339 string.
             #       Examples:
             #         `event_time = "2019-06-10T16:07:18-07:00"`
             #         `event_time = 1560208038000`
             #
+            #     * severity: `=`, `:`
+            #     * workflow_state: `=`, `:`
             #     * security_marks.marks: `=`, `:`
             #     * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
             #
-            #     For example, `source_properties.size = 100` is a valid filter string.
+            #       For example, `source_properties.size = 100` is a valid filter string.
             #
-            #     Use a partial match on the empty string to filter based on a property
-            #     existing: `source_properties.my_property : ""`
+            #       Use a partial match on the empty string to filter based on a property
+            #       existing: `source_properties.my_property : ""`
             #
-            #     Use a negated partial match on the empty string to filter based on a
-            #     property not existing: `-source_properties.my_property : ""`
+            #       Use a negated partial match on the empty string to filter based on a
+            #       property not existing: `-source_properties.my_property : ""`
+            #
+            #     * resource:
+            #       * resource.name: `=`, `:`
+            #       * resource.parent_name: `=`, `:`
+            #       * resource.parent_display_name: `=`, `:`
+            #       * resource.project_name: `=`, `:`
+            #       * resource.project_display_name: `=`, `:`
+            #       * resource.type: `=`, `:`
             #   @param group_by [::String]
             #     Required. Expression that defines what assets fields to use for grouping (including
             #     `state_change`). The string value should follow SQL syntax: comma separated
@@ -1229,7 +1211,8 @@ module Google
             #
             #   @param parent [::String]
             #     Required. Name of the organization assets should belong to. Its format is
-            #     "organizations/[organization_id]".
+            #     "organizations/[organization_id], folders/[folder_id], or
+            #     projects/[project_id]".
             #   @param filter [::String]
             #     Expression that defines the filter to apply across assets.
             #     The expression is a list of zero or more restrictions combined via logical
@@ -1426,9 +1409,12 @@ module Google
             #
             #   @param parent [::String]
             #     Required. Name of the source the findings belong to. Its format is
-            #     "organizations/[organization_id]/sources/[source_id]". To list across all
-            #     sources provide a source_id of `-`. For example:
-            #     organizations/\\{organization_id}/sources/-
+            #     "organizations/[organization_id]/sources/[source_id],
+            #     folders/[folder_id]/sources/[source_id], or
+            #     projects/[project_id]/sources/[source_id]". To list across all sources
+            #     provide a source_id of `-`. For example:
+            #     organizations/\\{organization_id}/sources/-, folders/\\{folder_id}/sources/- or
+            #     projects/\\{projects_id}/sources/-
             #   @param filter [::String]
             #     Expression that defines the filter to apply across findings.
             #     The expression is a list of one or more restrictions combined via logical
@@ -1463,23 +1449,33 @@ module Google
             #     * category: `=`, `:`
             #     * external_uri: `=`, `:`
             #     * event_time: `=`, `>`, `<`, `>=`, `<=`
-            #     * severity: `=`, `:`
             #
             #       Usage: This should be milliseconds since epoch or an RFC3339 string.
             #       Examples:
             #         `event_time = "2019-06-10T16:07:18-07:00"`
             #         `event_time = 1560208038000`
             #
-            #     security_marks.marks: `=`, `:`
-            #     source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
+            #     * severity: `=`, `:`
+            #     * workflow_state: `=`, `:`
+            #     * security_marks.marks: `=`, `:`
+            #     * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
             #
-            #     For example, `source_properties.size = 100` is a valid filter string.
+            #       For example, `source_properties.size = 100` is a valid filter string.
             #
-            #     Use a partial match on the empty string to filter based on a property
-            #     existing: `source_properties.my_property : ""`
+            #       Use a partial match on the empty string to filter based on a property
+            #       existing: `source_properties.my_property : ""`
             #
-            #     Use a negated partial match on the empty string to filter based on a
-            #     property not existing: `-source_properties.my_property : ""`
+            #       Use a negated partial match on the empty string to filter based on a
+            #       property not existing: `-source_properties.my_property : ""`
+            #
+            #     * resource:
+            #       * resource.name: `=`, `:`
+            #       * resource.parent_name: `=`, `:`
+            #       * resource.parent_display_name: `=`, `:`
+            #       * resource.project_name: `=`, `:`
+            #       * resource.project_display_name: `=`, `:`
+            #       * resource.type: `=`, `:`
+            #       * resource.folders.resource_folder: `=`, `:`
             #   @param order_by [::String]
             #     Expression that defines what fields and order to use for sorting. The
             #     string value should follow SQL syntax: comma separated list of fields. For
@@ -1686,8 +1682,9 @@ module Google
             #   the default parameter values, pass an empty Hash as a request object (see above).
             #
             #   @param parent [::String]
-            #     Required. Resource name of the parent of sources to list. Its format should
-            #     be "organizations/[organization_id]".
+            #     Required. Resource name of the parent of sources to list. Its format should be
+            #     "organizations/[organization_id], folders/[folder_id], or
+            #     projects/[project_id]".
             #   @param page_token [::String]
             #     The value returned by the last `ListSourcesResponse`; indicates
             #     that this is a continuation of a prior `ListSources` call, and

data/lib/google/cloud/security_center/v1/security_center/operations.rb

@@ -82,7 +82,7 @@ module Google
               # Create credentials
               credentials = @config.credentials
               credentials ||= Credentials.default scope: @config.scope
-              if credentials.is_a?(String) || credentials.is_a?(Hash)
+              if credentials.is_a?(::String) || credentials.is_a?(::Hash)
                 credentials = Credentials.new credentials, scope: @config.scope
               end
               @quota_project_id = @config.quota_project
@@ -396,9 +396,9 @@ module Google
             end
 
             ##
-            # Waits for the specified long-running operation until it is done or reaches
-            # at most a specified timeout, returning the latest state.  If the operation
-            # is already done, the latest state is immediately returned.  If the timeout
+            # Waits until the specified long-running operation is done or reaches at most
+            # a specified timeout, returning the latest state.  If the operation is
+            # already done, the latest state is immediately returned.  If the timeout
             # specified is greater than the default HTTP/RPC timeout, the HTTP/RPC
             # timeout is used.  If the server does not support this method, it returns
             # `google.rpc.Code.UNIMPLEMENTED`.

data/lib/google/cloud/security_center/v1/security_center/paths.rb

@@ -27,20 +27,73 @@ module Google
             ##
             # Create a fully-qualified Finding resource string.
             #
-            # The resource will be in the following format:
+            # @overload finding_path(organization:, source:, finding:)
+            #   The resource will be in the following format:
             #
-            # `organizations/{organization}/sources/{source}/findings/{finding}`
+            #   `organizations/{organization}/sources/{source}/findings/{finding}`
             #
-            # @param organization [String]
-            # @param source [String]
-            # @param finding [String]
+            #   @param organization [String]
+            #   @param source [String]
+            #   @param finding [String]
+            #
+            # @overload finding_path(folder:, source:, finding:)
+            #   The resource will be in the following format:
+            #
+            #   `folders/{folder}/sources/{source}/findings/{finding}`
+            #
+            #   @param folder [String]
+            #   @param source [String]
+            #   @param finding [String]
+            #
+            # @overload finding_path(project:, source:, finding:)
+            #   The resource will be in the following format:
+            #
+            #   `projects/{project}/sources/{source}/findings/{finding}`
+            #
+            #   @param project [String]
+            #   @param source [String]
+            #   @param finding [String]
             #
             # @return [::String]
-            def finding_path organization:, source:, finding:
-              raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
-              raise ::ArgumentError, "source cannot contain /" if source.to_s.include? "/"
+            def finding_path **args
+              resources = {
+                "finding:organization:source" => (proc do |organization:, source:, finding:|
+                  raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
+                  raise ::ArgumentError, "source cannot contain /" if source.to_s.include? "/"
+
+                  "organizations/#{organization}/sources/#{source}/findings/#{finding}"
+                end),
+                "finding:folder:source" => (proc do |folder:, source:, finding:|
+                  raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
+                  raise ::ArgumentError, "source cannot contain /" if source.to_s.include? "/"
+
+                  "folders/#{folder}/sources/#{source}/findings/#{finding}"
+                end),
+                "finding:project:source" => (proc do |project:, source:, finding:|
+                  raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+                  raise ::ArgumentError, "source cannot contain /" if source.to_s.include? "/"
 
-              "organizations/#{organization}/sources/#{source}/findings/#{finding}"
+                  "projects/#{project}/sources/#{source}/findings/#{finding}"
+                end)
+              }
+
+              resource = resources[args.keys.sort.join(":")]
+              raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
+              resource.call(**args)
+            end
+
+            ##
+            # Create a fully-qualified Folder resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `folders/{folder}`
+            #
+            # @param folder [String]
+            #
+            # @return [::String]
+            def folder_path folder:
+              "folders/#{folder}"
             end
 
             ##
@@ -88,6 +141,20 @@ module Google
               "organizations/#{organization}/organizationSettings"
             end
 
+            ##
+            # Create a fully-qualified Project resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}`
+            #
+            # @param project [String]
+            #
+            # @return [::String]
+            def project_path project:
+              "projects/#{project}"
+            end
+
             ##
             # Create a fully-qualified SecurityMarks resource string.
             #
@@ -108,6 +175,40 @@ module Google
             #   @param source [String]
             #   @param finding [String]
             #
+            # @overload security_marks_path(folder:, asset:)
+            #   The resource will be in the following format:
+            #
+            #   `folders/{folder}/assets/{asset}/securityMarks`
+            #
+            #   @param folder [String]
+            #   @param asset [String]
+            #
+            # @overload security_marks_path(project:, asset:)
+            #   The resource will be in the following format:
+            #
+            #   `projects/{project}/assets/{asset}/securityMarks`
+            #
+            #   @param project [String]
+            #   @param asset [String]
+            #
+            # @overload security_marks_path(folder:, source:, finding:)
+            #   The resource will be in the following format:
+            #
+            #   `folders/{folder}/sources/{source}/findings/{finding}/securityMarks`
+            #
+            #   @param folder [String]
+            #   @param source [String]
+            #   @param finding [String]
+            #
+            # @overload security_marks_path(project:, source:, finding:)
+            #   The resource will be in the following format:
+            #
+            #   `projects/{project}/sources/{source}/findings/{finding}/securityMarks`
+            #
+            #   @param project [String]
+            #   @param source [String]
+            #   @param finding [String]
+            #
             # @return [::String]
             def security_marks_path **args
               resources = {
@@ -121,6 +222,28 @@ module Google
                   raise ::ArgumentError, "source cannot contain /" if source.to_s.include? "/"
 
                   "organizations/#{organization}/sources/#{source}/findings/#{finding}/securityMarks"
+                end),
+                "asset:folder" => (proc do |folder:, asset:|
+                  raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
+
+                  "folders/#{folder}/assets/#{asset}/securityMarks"
+                end),
+                "asset:project" => (proc do |project:, asset:|
+                  raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+
+                  "projects/#{project}/assets/#{asset}/securityMarks"
+                end),
+                "finding:folder:source" => (proc do |folder:, source:, finding:|
+                  raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
+                  raise ::ArgumentError, "source cannot contain /" if source.to_s.include? "/"
+
+                  "folders/#{folder}/sources/#{source}/findings/#{finding}/securityMarks"
+                end),
+                "finding:project:source" => (proc do |project:, source:, finding:|
+                  raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+                  raise ::ArgumentError, "source cannot contain /" if source.to_s.include? "/"
+
+                  "projects/#{project}/sources/#{source}/findings/#{finding}/securityMarks"
                 end)
               }
 
@@ -132,18 +255,53 @@ module Google
             ##
             # Create a fully-qualified Source resource string.
             #
-            # The resource will be in the following format:
+            # @overload source_path(organization:, source:)
+            #   The resource will be in the following format:
             #
-            # `organizations/{organization}/sources/{source}`
+            #   `organizations/{organization}/sources/{source}`
             #
-            # @param organization [String]
-            # @param source [String]
+            #   @param organization [String]
+            #   @param source [String]
+            #
+            # @overload source_path(folder:, source:)
+            #   The resource will be in the following format:
+            #
+            #   `folders/{folder}/sources/{source}`
+            #
+            #   @param folder [String]
+            #   @param source [String]
+            #
+            # @overload source_path(project:, source:)
+            #   The resource will be in the following format:
+            #
+            #   `projects/{project}/sources/{source}`
+            #
+            #   @param project [String]
+            #   @param source [String]
             #
             # @return [::String]
-            def source_path organization:, source:
-              raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
+            def source_path **args
+              resources = {
+                "organization:source" => (proc do |organization:, source:|
+                  raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
+
+                  "organizations/#{organization}/sources/#{source}"
+                end),
+                "folder:source" => (proc do |folder:, source:|
+                  raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
+
+                  "folders/#{folder}/sources/#{source}"
+                end),
+                "project:source" => (proc do |project:, source:|
+                  raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+
+                  "projects/#{project}/sources/#{source}"
+                end)
+              }
 
-              "organizations/#{organization}/sources/#{source}"
+              resource = resources[args.keys.sort.join(":")]
+              raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
+              resource.call(**args)
             end
 
             ##