google-apis-securitycenter_v1 0.61.0 → 0.62.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -295,6 +295,222 @@ module Google
295
295
  end
296
296
  end
297
297
 
298
+ # An attack exposure contains the results of an attack path simulation run.
299
+ class AttackExposure
300
+ include Google::Apis::Core::Hashable
301
+
302
+ # The resource name of the attack path simulation result that contains the
303
+ # details regarding this attack exposure score. Example: organizations/123/
304
+ # attackExposureResults/456
305
+ # Corresponds to the JSON property `attackExposureResult`
306
+ # @return [String]
307
+ attr_accessor :attack_exposure_result
308
+
309
+ # The number of high value resources that are exposed as a result of this
310
+ # finding.
311
+ # Corresponds to the JSON property `exposedHighValueResourcesCount`
312
+ # @return [Fixnum]
313
+ attr_accessor :exposed_high_value_resources_count
314
+
315
+ # The number of high value resources that are exposed as a result of this
316
+ # finding.
317
+ # Corresponds to the JSON property `exposedLowValueResourcesCount`
318
+ # @return [Fixnum]
319
+ attr_accessor :exposed_low_value_resources_count
320
+
321
+ # The number of medium value resources that are exposed as a result of this
322
+ # finding.
323
+ # Corresponds to the JSON property `exposedMediumValueResourcesCount`
324
+ # @return [Fixnum]
325
+ attr_accessor :exposed_medium_value_resources_count
326
+
327
+ # The most recent time the attack exposure was updated on this finding.
328
+ # Corresponds to the JSON property `latestCalculationTime`
329
+ # @return [String]
330
+ attr_accessor :latest_calculation_time
331
+
332
+ # A number between 0 (inclusive) and infinity that represents how important this
333
+ # finding is to remediate. The higher the score, the more important it is to
334
+ # remediate.
335
+ # Corresponds to the JSON property `score`
336
+ # @return [Float]
337
+ attr_accessor :score
338
+
339
+ # What state this AttackExposure is in. This captures whether or not an attack
340
+ # exposure has been calculated or not.
341
+ # Corresponds to the JSON property `state`
342
+ # @return [String]
343
+ attr_accessor :state
344
+
345
+ def initialize(**args)
346
+ update!(**args)
347
+ end
348
+
349
+ # Update properties of this object
350
+ def update!(**args)
351
+ @attack_exposure_result = args[:attack_exposure_result] if args.key?(:attack_exposure_result)
352
+ @exposed_high_value_resources_count = args[:exposed_high_value_resources_count] if args.key?(:exposed_high_value_resources_count)
353
+ @exposed_low_value_resources_count = args[:exposed_low_value_resources_count] if args.key?(:exposed_low_value_resources_count)
354
+ @exposed_medium_value_resources_count = args[:exposed_medium_value_resources_count] if args.key?(:exposed_medium_value_resources_count)
355
+ @latest_calculation_time = args[:latest_calculation_time] if args.key?(:latest_calculation_time)
356
+ @score = args[:score] if args.key?(:score)
357
+ @state = args[:state] if args.key?(:state)
358
+ end
359
+ end
360
+
361
+ # A path that an attacker could take to reach an exposed resource.
362
+ class AttackPath
363
+ include Google::Apis::Core::Hashable
364
+
365
+ # A list of the edges between nodes in this attack path.
366
+ # Corresponds to the JSON property `edges`
367
+ # @return [Array<Google::Apis::SecuritycenterV1::AttackPathEdge>]
368
+ attr_accessor :edges
369
+
370
+ # The attack path name, for example, `organizations/12/simulation/34/
371
+ # valuedResources/56/attackPaths/78`
372
+ # Corresponds to the JSON property `name`
373
+ # @return [String]
374
+ attr_accessor :name
375
+
376
+ # A list of nodes that exist in this attack path.
377
+ # Corresponds to the JSON property `pathNodes`
378
+ # @return [Array<Google::Apis::SecuritycenterV1::AttackPathNode>]
379
+ attr_accessor :path_nodes
380
+
381
+ def initialize(**args)
382
+ update!(**args)
383
+ end
384
+
385
+ # Update properties of this object
386
+ def update!(**args)
387
+ @edges = args[:edges] if args.key?(:edges)
388
+ @name = args[:name] if args.key?(:name)
389
+ @path_nodes = args[:path_nodes] if args.key?(:path_nodes)
390
+ end
391
+ end
392
+
393
+ # Represents a connection between a source node and a destination node in this
394
+ # attack path.
395
+ class AttackPathEdge
396
+ include Google::Apis::Core::Hashable
397
+
398
+ # The attack node uuid of the destination node.
399
+ # Corresponds to the JSON property `destination`
400
+ # @return [String]
401
+ attr_accessor :destination
402
+
403
+ # The attack node uuid of the source node.
404
+ # Corresponds to the JSON property `source`
405
+ # @return [String]
406
+ attr_accessor :source
407
+
408
+ def initialize(**args)
409
+ update!(**args)
410
+ end
411
+
412
+ # Update properties of this object
413
+ def update!(**args)
414
+ @destination = args[:destination] if args.key?(:destination)
415
+ @source = args[:source] if args.key?(:source)
416
+ end
417
+ end
418
+
419
+ # Represents one point that an attacker passes through in this attack path.
420
+ class AttackPathNode
421
+ include Google::Apis::Core::Hashable
422
+
423
+ # The findings associated with this node in the attack path.
424
+ # Corresponds to the JSON property `associatedFindings`
425
+ # @return [Array<Google::Apis::SecuritycenterV1::PathNodeAssociatedFinding>]
426
+ attr_accessor :associated_findings
427
+
428
+ # A list of attack step nodes that exist in this attack path node.
429
+ # Corresponds to the JSON property `attackSteps`
430
+ # @return [Array<Google::Apis::SecuritycenterV1::AttackStepNode>]
431
+ attr_accessor :attack_steps
432
+
433
+ # Human-readable name of this resource.
434
+ # Corresponds to the JSON property `displayName`
435
+ # @return [String]
436
+ attr_accessor :display_name
437
+
438
+ # The name of the resource at this point in the attack path. The format of the
439
+ # name follows the Cloud Asset Inventory [resource name format]("https://cloud.
440
+ # google.com/asset-inventory/docs/resource-name-format")
441
+ # Corresponds to the JSON property `resource`
442
+ # @return [String]
443
+ attr_accessor :resource
444
+
445
+ # The [supported resource type](http://cloud/asset-inventory/docs/supported-
446
+ # asset-types")
447
+ # Corresponds to the JSON property `resourceType`
448
+ # @return [String]
449
+ attr_accessor :resource_type
450
+
451
+ # Unique id of the attack path node.
452
+ # Corresponds to the JSON property `uuid`
453
+ # @return [String]
454
+ attr_accessor :uuid
455
+
456
+ def initialize(**args)
457
+ update!(**args)
458
+ end
459
+
460
+ # Update properties of this object
461
+ def update!(**args)
462
+ @associated_findings = args[:associated_findings] if args.key?(:associated_findings)
463
+ @attack_steps = args[:attack_steps] if args.key?(:attack_steps)
464
+ @display_name = args[:display_name] if args.key?(:display_name)
465
+ @resource = args[:resource] if args.key?(:resource)
466
+ @resource_type = args[:resource_type] if args.key?(:resource_type)
467
+ @uuid = args[:uuid] if args.key?(:uuid)
468
+ end
469
+ end
470
+
471
+ # Detailed steps the attack can take between path nodes.
472
+ class AttackStepNode
473
+ include Google::Apis::Core::Hashable
474
+
475
+ # Attack step description
476
+ # Corresponds to the JSON property `description`
477
+ # @return [String]
478
+ attr_accessor :description
479
+
480
+ # User friendly name of the attack step
481
+ # Corresponds to the JSON property `displayName`
482
+ # @return [String]
483
+ attr_accessor :display_name
484
+
485
+ # Attack step labels for metadata
486
+ # Corresponds to the JSON property `labels`
487
+ # @return [Hash<String,String>]
488
+ attr_accessor :labels
489
+
490
+ # Attack step type. Can be either AND, OR or DEFENSE
491
+ # Corresponds to the JSON property `type`
492
+ # @return [String]
493
+ attr_accessor :type
494
+
495
+ # Unique ID for one Node
496
+ # Corresponds to the JSON property `uuid`
497
+ # @return [String]
498
+ attr_accessor :uuid
499
+
500
+ def initialize(**args)
501
+ update!(**args)
502
+ end
503
+
504
+ # Update properties of this object
505
+ def update!(**args)
506
+ @description = args[:description] if args.key?(:description)
507
+ @display_name = args[:display_name] if args.key?(:display_name)
508
+ @labels = args[:labels] if args.key?(:labels)
509
+ @type = args[:type] if args.key?(:type)
510
+ @uuid = args[:uuid] if args.key?(:uuid)
511
+ end
512
+ end
513
+
298
514
  # Specifies the audit configuration for a service. The configuration determines
299
515
  # which permission types are logged, and what identities, if any, are exempted
300
516
  # from logging. An AuditConfig must have one or more AuditLogConfigs. If there
@@ -366,6 +582,44 @@ module Google
366
582
  end
367
583
  end
368
584
 
585
+ # Request message to create multiple resource value configs
586
+ class BatchCreateResourceValueConfigsRequest
587
+ include Google::Apis::Core::Hashable
588
+
589
+ # Required. The resource value configs to be created.
590
+ # Corresponds to the JSON property `requests`
591
+ # @return [Array<Google::Apis::SecuritycenterV1::CreateResourceValueConfigRequest>]
592
+ attr_accessor :requests
593
+
594
+ def initialize(**args)
595
+ update!(**args)
596
+ end
597
+
598
+ # Update properties of this object
599
+ def update!(**args)
600
+ @requests = args[:requests] if args.key?(:requests)
601
+ end
602
+ end
603
+
604
+ # Response message for BatchCreateResourceValueConfigs
605
+ class BatchCreateResourceValueConfigsResponse
606
+ include Google::Apis::Core::Hashable
607
+
608
+ # The resource value configs created
609
+ # Corresponds to the JSON property `resourceValueConfigs`
610
+ # @return [Array<Google::Apis::SecuritycenterV1::GoogleCloudSecuritycenterV1ResourceValueConfig>]
611
+ attr_accessor :resource_value_configs
612
+
613
+ def initialize(**args)
614
+ update!(**args)
615
+ end
616
+
617
+ # Update properties of this object
618
+ def update!(**args)
619
+ @resource_value_configs = args[:resource_value_configs] if args.key?(:resource_value_configs)
620
+ end
621
+ end
622
+
369
623
  # Associates `members`, or principals, with a `role`.
370
624
  class Binding
371
625
  include Google::Apis::Core::Hashable
@@ -706,6 +960,91 @@ module Google
706
960
  end
707
961
  end
708
962
 
963
+ # Request message to create single resource value config
964
+ class CreateResourceValueConfigRequest
965
+ include Google::Apis::Core::Hashable
966
+
967
+ # Required. Resource name of the new ResourceValueConfig's parent.
968
+ # Corresponds to the JSON property `parent`
969
+ # @return [String]
970
+ attr_accessor :parent
971
+
972
+ # A resource value config is a mapping configuration of user's tag values to
973
+ # resource values. Used by the attack path simulation.
974
+ # Corresponds to the JSON property `resourceValueConfig`
975
+ # @return [Google::Apis::SecuritycenterV1::GoogleCloudSecuritycenterV1ResourceValueConfig]
976
+ attr_accessor :resource_value_config
977
+
978
+ def initialize(**args)
979
+ update!(**args)
980
+ end
981
+
982
+ # Update properties of this object
983
+ def update!(**args)
984
+ @parent = args[:parent] if args.key?(:parent)
985
+ @resource_value_config = args[:resource_value_config] if args.key?(:resource_value_config)
986
+ end
987
+ end
988
+
989
+ # An error encountered while validating the uploaded configuration of an Event
990
+ # Threat Detection Custom Module.
991
+ class CustomModuleValidationError
992
+ include Google::Apis::Core::Hashable
993
+
994
+ # A description of the error, suitable for human consumption. Required.
995
+ # Corresponds to the JSON property `description`
996
+ # @return [String]
997
+ attr_accessor :description
998
+
999
+ # A position in the uploaded text version of a module.
1000
+ # Corresponds to the JSON property `end`
1001
+ # @return [Google::Apis::SecuritycenterV1::Position]
1002
+ attr_accessor :end
1003
+
1004
+ # The path, in RFC 8901 JSON Pointer format, to the field that failed validation.
1005
+ # This may be left empty if no specific field is affected.
1006
+ # Corresponds to the JSON property `fieldPath`
1007
+ # @return [String]
1008
+ attr_accessor :field_path
1009
+
1010
+ # A position in the uploaded text version of a module.
1011
+ # Corresponds to the JSON property `start`
1012
+ # @return [Google::Apis::SecuritycenterV1::Position]
1013
+ attr_accessor :start
1014
+
1015
+ def initialize(**args)
1016
+ update!(**args)
1017
+ end
1018
+
1019
+ # Update properties of this object
1020
+ def update!(**args)
1021
+ @description = args[:description] if args.key?(:description)
1022
+ @end = args[:end] if args.key?(:end)
1023
+ @field_path = args[:field_path] if args.key?(:field_path)
1024
+ @start = args[:start] if args.key?(:start)
1025
+ end
1026
+ end
1027
+
1028
+ # A list of zero or more errors encountered while validating the uploaded
1029
+ # configuration of an Event Threat Detection Custom Module.
1030
+ class CustomModuleValidationErrors
1031
+ include Google::Apis::Core::Hashable
1032
+
1033
+ #
1034
+ # Corresponds to the JSON property `errors`
1035
+ # @return [Array<Google::Apis::SecuritycenterV1::CustomModuleValidationError>]
1036
+ attr_accessor :errors
1037
+
1038
+ def initialize(**args)
1039
+ update!(**args)
1040
+ end
1041
+
1042
+ # Update properties of this object
1043
+ def update!(**args)
1044
+ @errors = args[:errors] if args.key?(:errors)
1045
+ end
1046
+ end
1047
+
709
1048
  # CVE stands for Common Vulnerabilities and Exposures. More information: https://
710
1049
  # cve.mitre.org
711
1050
  class Cve
@@ -953,6 +1292,75 @@ module Google
953
1292
  end
954
1293
  end
955
1294
 
1295
+ # Represents an instance of an Event Threat Detection custom module, including
1296
+ # its full module name, display name, enablement state, and last updated time.
1297
+ # You can create a custom module at the organization level only.
1298
+ class EventThreatDetectionCustomModule
1299
+ include Google::Apis::Core::Hashable
1300
+
1301
+ # Config for the module. For the resident module, its config value is defined at
1302
+ # this level. For the inherited module, its config value is inherited from the
1303
+ # ancestor module.
1304
+ # Corresponds to the JSON property `config`
1305
+ # @return [Hash<String,Object>]
1306
+ attr_accessor :config
1307
+
1308
+ # The description for the module.
1309
+ # Corresponds to the JSON property `description`
1310
+ # @return [String]
1311
+ attr_accessor :description
1312
+
1313
+ # The human readable name to be displayed for the module.
1314
+ # Corresponds to the JSON property `displayName`
1315
+ # @return [String]
1316
+ attr_accessor :display_name
1317
+
1318
+ # The state of enablement for the module at the given level of the hierarchy.
1319
+ # Corresponds to the JSON property `enablementState`
1320
+ # @return [String]
1321
+ attr_accessor :enablement_state
1322
+
1323
+ # Output only. The editor the module was last updated by.
1324
+ # Corresponds to the JSON property `lastEditor`
1325
+ # @return [String]
1326
+ attr_accessor :last_editor
1327
+
1328
+ # Immutable. The resource name of the Event Threat Detection custom module. Its
1329
+ # format is: * "organizations/`organization`/eventThreatDetectionSettings/
1330
+ # customModules/`module`". * "folders/`folder`/eventThreatDetectionSettings/
1331
+ # customModules/`module`". * "projects/`project`/eventThreatDetectionSettings/
1332
+ # customModules/`module`".
1333
+ # Corresponds to the JSON property `name`
1334
+ # @return [String]
1335
+ attr_accessor :name
1336
+
1337
+ # Type for the module. e.g. CONFIGURABLE_BAD_IP.
1338
+ # Corresponds to the JSON property `type`
1339
+ # @return [String]
1340
+ attr_accessor :type
1341
+
1342
+ # Output only. The time the module was last updated.
1343
+ # Corresponds to the JSON property `updateTime`
1344
+ # @return [String]
1345
+ attr_accessor :update_time
1346
+
1347
+ def initialize(**args)
1348
+ update!(**args)
1349
+ end
1350
+
1351
+ # Update properties of this object
1352
+ def update!(**args)
1353
+ @config = args[:config] if args.key?(:config)
1354
+ @description = args[:description] if args.key?(:description)
1355
+ @display_name = args[:display_name] if args.key?(:display_name)
1356
+ @enablement_state = args[:enablement_state] if args.key?(:enablement_state)
1357
+ @last_editor = args[:last_editor] if args.key?(:last_editor)
1358
+ @name = args[:name] if args.key?(:name)
1359
+ @type = args[:type] if args.key?(:type)
1360
+ @update_time = args[:update_time] if args.key?(:update_time)
1361
+ end
1362
+ end
1363
+
956
1364
  # Resource where data was exfiltrated from or exfiltrated to.
957
1365
  class ExfilResource
958
1366
  include Google::Apis::Core::Hashable
@@ -1133,6 +1541,11 @@ module Google
1133
1541
  # @return [Google::Apis::SecuritycenterV1::Access]
1134
1542
  attr_accessor :access
1135
1543
 
1544
+ # An attack exposure contains the results of an attack path simulation run.
1545
+ # Corresponds to the JSON property `attackExposure`
1546
+ # @return [Google::Apis::SecuritycenterV1::AttackExposure]
1547
+ attr_accessor :attack_exposure
1548
+
1136
1549
  # The canonical name of the finding. It's either "organizations/`organization_id`
1137
1550
  # /sources/`source_id`/findings/`finding_id`", "folders/`folder_id`/sources/`
1138
1551
  # source_id`/findings/`finding_id`" or "projects/`project_number`/sources/`
@@ -1386,6 +1799,7 @@ module Google
1386
1799
  # Update properties of this object
1387
1800
  def update!(**args)
1388
1801
  @access = args[:access] if args.key?(:access)
1802
+ @attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
1389
1803
  @canonical_name = args[:canonical_name] if args.key?(:canonical_name)
1390
1804
  @category = args[:category] if args.key?(:category)
1391
1805
  @cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
@@ -2047,27 +2461,97 @@ module Google
2047
2461
  update!(**args)
2048
2462
  end
2049
2463
 
2050
- # Update properties of this object
2051
- def update!(**args)
2052
- @display_name = args[:display_name] if args.key?(:display_name)
2053
- @folders = args[:folders] if args.key?(:folders)
2054
- @name = args[:name] if args.key?(:name)
2055
- @parent = args[:parent] if args.key?(:parent)
2056
- @parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
2057
- @project = args[:project] if args.key?(:project)
2058
- @project_display_name = args[:project_display_name] if args.key?(:project_display_name)
2059
- @type = args[:type] if args.key?(:type)
2060
- end
2061
- end
2464
+ # Update properties of this object
2465
+ def update!(**args)
2466
+ @display_name = args[:display_name] if args.key?(:display_name)
2467
+ @folders = args[:folders] if args.key?(:folders)
2468
+ @name = args[:name] if args.key?(:name)
2469
+ @parent = args[:parent] if args.key?(:parent)
2470
+ @parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
2471
+ @project = args[:project] if args.key?(:project)
2472
+ @project_display_name = args[:project_display_name] if args.key?(:project_display_name)
2473
+ @type = args[:type] if args.key?(:type)
2474
+ end
2475
+ end
2476
+
2477
+ # Resource for selecting resource type.
2478
+ class GoogleCloudSecuritycenterV1ResourceSelector
2479
+ include Google::Apis::Core::Hashable
2480
+
2481
+ # The resource types to run the detector on.
2482
+ # Corresponds to the JSON property `resourceTypes`
2483
+ # @return [Array<String>]
2484
+ attr_accessor :resource_types
2485
+
2486
+ def initialize(**args)
2487
+ update!(**args)
2488
+ end
2489
+
2490
+ # Update properties of this object
2491
+ def update!(**args)
2492
+ @resource_types = args[:resource_types] if args.key?(:resource_types)
2493
+ end
2494
+ end
2495
+
2496
+ # A resource value config is a mapping configuration of user's tag values to
2497
+ # resource values. Used by the attack path simulation.
2498
+ class GoogleCloudSecuritycenterV1ResourceValueConfig
2499
+ include Google::Apis::Core::Hashable
2500
+
2501
+ # Output only. Timestamp this resource value config was created.
2502
+ # Corresponds to the JSON property `createTime`
2503
+ # @return [String]
2504
+ attr_accessor :create_time
2505
+
2506
+ # Description of the resource value config.
2507
+ # Corresponds to the JSON property `description`
2508
+ # @return [String]
2509
+ attr_accessor :description
2510
+
2511
+ # Name for the resource value config
2512
+ # Corresponds to the JSON property `name`
2513
+ # @return [String]
2514
+ attr_accessor :name
2515
+
2516
+ # List of resource labels to search for, evaluated with AND. E.g. "
2517
+ # resource_labels_selector": `"key": "value", "env": "prod"` will match
2518
+ # resources with labels "key": "value" AND "env": "prod" https://cloud.google.
2519
+ # com/resource-manager/docs/creating-managing-labels
2520
+ # Corresponds to the JSON property `resourceLabelsSelector`
2521
+ # @return [Hash<String,String>]
2522
+ attr_accessor :resource_labels_selector
2523
+
2524
+ # Apply resource_value only to resources that match resource_type. resource_type
2525
+ # will be checked with "AND" of other resources. E.g. "storage.googleapis.com/
2526
+ # Bucket" with resource_value "HIGH" will apply "HIGH" value only to "storage.
2527
+ # googleapis.com/Bucket" resources.
2528
+ # Corresponds to the JSON property `resourceType`
2529
+ # @return [String]
2530
+ attr_accessor :resource_type
2531
+
2532
+ # Required. Resource value level this expression represents
2533
+ # Corresponds to the JSON property `resourceValue`
2534
+ # @return [String]
2535
+ attr_accessor :resource_value
2062
2536
 
2063
- # Resource for selecting resource type.
2064
- class GoogleCloudSecuritycenterV1ResourceSelector
2065
- include Google::Apis::Core::Hashable
2537
+ # Project or folder to scope this config to. For example, "project/456" would
2538
+ # apply this config only to resources in "project/456" scope will be checked
2539
+ # with "AND" of other resources.
2540
+ # Corresponds to the JSON property `scope`
2541
+ # @return [String]
2542
+ attr_accessor :scope
2066
2543
 
2067
- # The resource types to run the detector on.
2068
- # Corresponds to the JSON property `resourceTypes`
2544
+ # Required. Tag values combined with AND to check against. Values in the form "
2545
+ # tagValues/123" E.g. [ "tagValues/123", "tagValues/456", "tagValues/789" ]
2546
+ # https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
2547
+ # Corresponds to the JSON property `tagValues`
2069
2548
  # @return [Array<String>]
2070
- attr_accessor :resource_types
2549
+ attr_accessor :tag_values
2550
+
2551
+ # Output only. Timestamp this resource value config was last updated.
2552
+ # Corresponds to the JSON property `updateTime`
2553
+ # @return [String]
2554
+ attr_accessor :update_time
2071
2555
 
2072
2556
  def initialize(**args)
2073
2557
  update!(**args)
@@ -2075,7 +2559,15 @@ module Google
2075
2559
 
2076
2560
  # Update properties of this object
2077
2561
  def update!(**args)
2078
- @resource_types = args[:resource_types] if args.key?(:resource_types)
2562
+ @create_time = args[:create_time] if args.key?(:create_time)
2563
+ @description = args[:description] if args.key?(:description)
2564
+ @name = args[:name] if args.key?(:name)
2565
+ @resource_labels_selector = args[:resource_labels_selector] if args.key?(:resource_labels_selector)
2566
+ @resource_type = args[:resource_type] if args.key?(:resource_type)
2567
+ @resource_value = args[:resource_value] if args.key?(:resource_value)
2568
+ @scope = args[:scope] if args.key?(:scope)
2569
+ @tag_values = args[:tag_values] if args.key?(:tag_values)
2570
+ @update_time = args[:update_time] if args.key?(:update_time)
2079
2571
  end
2080
2572
  end
2081
2573
 
@@ -3154,6 +3646,33 @@ module Google
3154
3646
  end
3155
3647
  end
3156
3648
 
3649
+ # Response message for listing the attack paths for a given simulation or valued
3650
+ # resource.
3651
+ class ListAttackPathsResponse
3652
+ include Google::Apis::Core::Hashable
3653
+
3654
+ # The attack paths that the attack path simulation identified.
3655
+ # Corresponds to the JSON property `attackPaths`
3656
+ # @return [Array<Google::Apis::SecuritycenterV1::AttackPath>]
3657
+ attr_accessor :attack_paths
3658
+
3659
+ # Token to retrieve the next page of results, or empty if there are no more
3660
+ # results.
3661
+ # Corresponds to the JSON property `nextPageToken`
3662
+ # @return [String]
3663
+ attr_accessor :next_page_token
3664
+
3665
+ def initialize(**args)
3666
+ update!(**args)
3667
+ end
3668
+
3669
+ # Update properties of this object
3670
+ def update!(**args)
3671
+ @attack_paths = args[:attack_paths] if args.key?(:attack_paths)
3672
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
3673
+ end
3674
+ end
3675
+
3157
3676
  # Response message for listing BigQuery exports.
3158
3677
  class ListBigQueryExportsResponse
3159
3678
  include Google::Apis::Core::Hashable
@@ -3233,6 +3752,32 @@ module Google
3233
3752
  end
3234
3753
  end
3235
3754
 
3755
+ # Response for listing Event Threat Detection custom modules.
3756
+ class ListEventThreatDetectionCustomModulesResponse
3757
+ include Google::Apis::Core::Hashable
3758
+
3759
+ # Custom modules belonging to the requested parent.
3760
+ # Corresponds to the JSON property `eventThreatDetectionCustomModules`
3761
+ # @return [Array<Google::Apis::SecuritycenterV1::EventThreatDetectionCustomModule>]
3762
+ attr_accessor :event_threat_detection_custom_modules
3763
+
3764
+ # A token, which can be sent as `page_token` to retrieve the next page. If this
3765
+ # field is omitted, there are no subsequent pages.
3766
+ # Corresponds to the JSON property `nextPageToken`
3767
+ # @return [String]
3768
+ attr_accessor :next_page_token
3769
+
3770
+ def initialize(**args)
3771
+ update!(**args)
3772
+ end
3773
+
3774
+ # Update properties of this object
3775
+ def update!(**args)
3776
+ @event_threat_detection_custom_modules = args[:event_threat_detection_custom_modules] if args.key?(:event_threat_detection_custom_modules)
3777
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
3778
+ end
3779
+ end
3780
+
3236
3781
  # Response message for listing findings.
3237
3782
  class ListFindingsResponse
3238
3783
  include Google::Apis::Core::Hashable
@@ -3384,6 +3929,32 @@ module Google
3384
3929
  end
3385
3930
  end
3386
3931
 
3932
+ # Response message to list resource value configs
3933
+ class ListResourceValueConfigsResponse
3934
+ include Google::Apis::Core::Hashable
3935
+
3936
+ # A token, which can be sent as `page_token` to retrieve the next page. If this
3937
+ # field is empty, there are no subsequent pages.
3938
+ # Corresponds to the JSON property `nextPageToken`
3939
+ # @return [String]
3940
+ attr_accessor :next_page_token
3941
+
3942
+ # The resource value configs from the specified parent.
3943
+ # Corresponds to the JSON property `resourceValueConfigs`
3944
+ # @return [Array<Google::Apis::SecuritycenterV1::GoogleCloudSecuritycenterV1ResourceValueConfig>]
3945
+ attr_accessor :resource_value_configs
3946
+
3947
+ def initialize(**args)
3948
+ update!(**args)
3949
+ end
3950
+
3951
+ # Update properties of this object
3952
+ def update!(**args)
3953
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
3954
+ @resource_value_configs = args[:resource_value_configs] if args.key?(:resource_value_configs)
3955
+ end
3956
+ end
3957
+
3387
3958
  # Response message for listing Security Health Analytics custom modules.
3388
3959
  class ListSecurityHealthAnalyticsCustomModulesResponse
3389
3960
  include Google::Apis::Core::Hashable
@@ -3435,6 +4006,38 @@ module Google
3435
4006
  end
3436
4007
  end
3437
4008
 
4009
+ # Response message for listing the valued resources for a given simulation.
4010
+ class ListValuedResourcesResponse
4011
+ include Google::Apis::Core::Hashable
4012
+
4013
+ # Token to retrieve the next page of results, or empty if there are no more
4014
+ # results.
4015
+ # Corresponds to the JSON property `nextPageToken`
4016
+ # @return [String]
4017
+ attr_accessor :next_page_token
4018
+
4019
+ # The estimated total number of results matching the query.
4020
+ # Corresponds to the JSON property `totalSize`
4021
+ # @return [Fixnum]
4022
+ attr_accessor :total_size
4023
+
4024
+ # The valued resources that the attack path simulation identified.
4025
+ # Corresponds to the JSON property `valuedResources`
4026
+ # @return [Array<Google::Apis::SecuritycenterV1::ValuedResource>]
4027
+ attr_accessor :valued_resources
4028
+
4029
+ def initialize(**args)
4030
+ update!(**args)
4031
+ end
4032
+
4033
+ # Update properties of this object
4034
+ def update!(**args)
4035
+ @next_page_token = args[:next_page_token] if args.key?(:next_page_token)
4036
+ @total_size = args[:total_size] if args.key?(:total_size)
4037
+ @valued_resources = args[:valued_resources] if args.key?(:valued_resources)
4038
+ end
4039
+ end
4040
+
3438
4041
  # A signature corresponding to memory page hashes.
3439
4042
  class MemoryHashSignature
3440
4043
  include Google::Apis::Core::Hashable
@@ -3706,6 +4309,38 @@ module Google
3706
4309
  end
3707
4310
  end
3708
4311
 
4312
+ # A finding that is associated with this node in the attack path.
4313
+ class PathNodeAssociatedFinding
4314
+ include Google::Apis::Core::Hashable
4315
+
4316
+ # Canonical name of the associated findings. Example: organizations/123/sources/
4317
+ # 456/findings/789
4318
+ # Corresponds to the JSON property `canonicalFinding`
4319
+ # @return [String]
4320
+ attr_accessor :canonical_finding
4321
+
4322
+ # The additional taxonomy group within findings from a given source.
4323
+ # Corresponds to the JSON property `findingCategory`
4324
+ # @return [String]
4325
+ attr_accessor :finding_category
4326
+
4327
+ # Full resource name of the finding.
4328
+ # Corresponds to the JSON property `name`
4329
+ # @return [String]
4330
+ attr_accessor :name
4331
+
4332
+ def initialize(**args)
4333
+ update!(**args)
4334
+ end
4335
+
4336
+ # Update properties of this object
4337
+ def update!(**args)
4338
+ @canonical_finding = args[:canonical_finding] if args.key?(:canonical_finding)
4339
+ @finding_category = args[:finding_category] if args.key?(:finding_category)
4340
+ @name = args[:name] if args.key?(:name)
4341
+ end
4342
+ end
4343
+
3709
4344
  # A Kubernetes Pod.
3710
4345
  class Pod
3711
4346
  include Google::Apis::Core::Hashable
@@ -3838,6 +4473,31 @@ module Google
3838
4473
  end
3839
4474
  end
3840
4475
 
4476
+ # A position in the uploaded text version of a module.
4477
+ class Position
4478
+ include Google::Apis::Core::Hashable
4479
+
4480
+ #
4481
+ # Corresponds to the JSON property `columnNumber`
4482
+ # @return [Fixnum]
4483
+ attr_accessor :column_number
4484
+
4485
+ #
4486
+ # Corresponds to the JSON property `lineNumber`
4487
+ # @return [Fixnum]
4488
+ attr_accessor :line_number
4489
+
4490
+ def initialize(**args)
4491
+ update!(**args)
4492
+ end
4493
+
4494
+ # Update properties of this object
4495
+ def update!(**args)
4496
+ @column_number = args[:column_number] if args.key?(:column_number)
4497
+ @line_number = args[:line_number] if args.key?(:line_number)
4498
+ end
4499
+ end
4500
+
3841
4501
  # Represents an operating system process.
3842
4502
  class Process
3843
4503
  include Google::Apis::Core::Hashable
@@ -4032,6 +4692,25 @@ module Google
4032
4692
  end
4033
4693
  end
4034
4694
 
4695
+ # Metadata about a ResourceValueConfig. For example, id and name.
4696
+ class ResourceValueConfigMetadata
4697
+ include Google::Apis::Core::Hashable
4698
+
4699
+ # Resource value config name
4700
+ # Corresponds to the JSON property `name`
4701
+ # @return [String]
4702
+ attr_accessor :name
4703
+
4704
+ def initialize(**args)
4705
+ update!(**args)
4706
+ end
4707
+
4708
+ # Update properties of this object
4709
+ def update!(**args)
4710
+ @name = args[:name] if args.key?(:name)
4711
+ end
4712
+ end
4713
+
4035
4714
  # Kubernetes Role or ClusterRole.
4036
4715
  class Role
4037
4716
  include Google::Apis::Core::Hashable
@@ -4327,6 +5006,38 @@ module Google
4327
5006
  end
4328
5007
  end
4329
5008
 
5009
+ # Attack path simulation
5010
+ class Simulation
5011
+ include Google::Apis::Core::Hashable
5012
+
5013
+ # Output only. Time simulation was created
5014
+ # Corresponds to the JSON property `createTime`
5015
+ # @return [String]
5016
+ attr_accessor :create_time
5017
+
5018
+ # Full resource name of the Simulation: organizations/123/simulations/456
5019
+ # Corresponds to the JSON property `name`
5020
+ # @return [String]
5021
+ attr_accessor :name
5022
+
5023
+ # Resource value configurations' metadata used in this simulation. Maximum of
5024
+ # 100.
5025
+ # Corresponds to the JSON property `resourceValueConfigsMetadata`
5026
+ # @return [Array<Google::Apis::SecuritycenterV1::ResourceValueConfigMetadata>]
5027
+ attr_accessor :resource_value_configs_metadata
5028
+
5029
+ def initialize(**args)
5030
+ update!(**args)
5031
+ end
5032
+
5033
+ # Update properties of this object
5034
+ def update!(**args)
5035
+ @create_time = args[:create_time] if args.key?(:create_time)
5036
+ @name = args[:name] if args.key?(:name)
5037
+ @resource_value_configs_metadata = args[:resource_value_configs_metadata] if args.key?(:resource_value_configs_metadata)
5038
+ end
5039
+ end
5040
+
4330
5041
  # Security Command Center finding source. A finding source is an entity or a
4331
5042
  # mechanism that can produce a finding. A source is like a container of findings
4332
5043
  # that come from the same scanner, logger, monitor, and other tools.
@@ -4517,6 +5228,112 @@ module Google
4517
5228
  end
4518
5229
  end
4519
5230
 
5231
+ # Request to validate an Event Threat Detection custom module.
5232
+ class ValidateEventThreatDetectionCustomModuleRequest
5233
+ include Google::Apis::Core::Hashable
5234
+
5235
+ # Required. The raw text of the module's contents. Used to generate error
5236
+ # messages.
5237
+ # Corresponds to the JSON property `rawText`
5238
+ # @return [String]
5239
+ attr_accessor :raw_text
5240
+
5241
+ # Required. The type of the module (e.g. CONFIGURABLE_BAD_IP).
5242
+ # Corresponds to the JSON property `type`
5243
+ # @return [String]
5244
+ attr_accessor :type
5245
+
5246
+ def initialize(**args)
5247
+ update!(**args)
5248
+ end
5249
+
5250
+ # Update properties of this object
5251
+ def update!(**args)
5252
+ @raw_text = args[:raw_text] if args.key?(:raw_text)
5253
+ @type = args[:type] if args.key?(:type)
5254
+ end
5255
+ end
5256
+
5257
+ # Response to validating an Event Threat Detection custom module.
5258
+ class ValidateEventThreatDetectionCustomModuleResponse
5259
+ include Google::Apis::Core::Hashable
5260
+
5261
+ # A list of zero or more errors encountered while validating the uploaded
5262
+ # configuration of an Event Threat Detection Custom Module.
5263
+ # Corresponds to the JSON property `errors`
5264
+ # @return [Google::Apis::SecuritycenterV1::CustomModuleValidationErrors]
5265
+ attr_accessor :errors
5266
+
5267
+ def initialize(**args)
5268
+ update!(**args)
5269
+ end
5270
+
5271
+ # Update properties of this object
5272
+ def update!(**args)
5273
+ @errors = args[:errors] if args.key?(:errors)
5274
+ end
5275
+ end
5276
+
5277
+ # A resource that is determined to have value to a user's system
5278
+ class ValuedResource
5279
+ include Google::Apis::Core::Hashable
5280
+
5281
+ # Human-readable name of the valued resource.
5282
+ # Corresponds to the JSON property `displayName`
5283
+ # @return [String]
5284
+ attr_accessor :display_name
5285
+
5286
+ # Exposed score for this valued resource. A value of 0 means no exposure was
5287
+ # detected exposure.
5288
+ # Corresponds to the JSON property `exposedScore`
5289
+ # @return [Float]
5290
+ attr_accessor :exposed_score
5291
+
5292
+ # Valued resource name, for example, e.g.: `organizations/123/simulations/456/
5293
+ # valuedResources/789`
5294
+ # Corresponds to the JSON property `name`
5295
+ # @return [String]
5296
+ attr_accessor :name
5297
+
5298
+ # The [full resource name](https://cloud.google.com/apis/design/resource_names#
5299
+ # full_resource_name) of the valued resource.
5300
+ # Corresponds to the JSON property `resource`
5301
+ # @return [String]
5302
+ attr_accessor :resource
5303
+
5304
+ # The [resource type](https://cloud.google.com/asset-inventory/docs/supported-
5305
+ # asset-types) of the valued resource.
5306
+ # Corresponds to the JSON property `resourceType`
5307
+ # @return [String]
5308
+ attr_accessor :resource_type
5309
+
5310
+ # How valuable this resource is.
5311
+ # Corresponds to the JSON property `resourceValue`
5312
+ # @return [String]
5313
+ attr_accessor :resource_value
5314
+
5315
+ # List of resource value configurations' metadata used to determine the value of
5316
+ # this resource. Maximum of 100.
5317
+ # Corresponds to the JSON property `resourceValueConfigsUsed`
5318
+ # @return [Array<Google::Apis::SecuritycenterV1::ResourceValueConfigMetadata>]
5319
+ attr_accessor :resource_value_configs_used
5320
+
5321
+ def initialize(**args)
5322
+ update!(**args)
5323
+ end
5324
+
5325
+ # Update properties of this object
5326
+ def update!(**args)
5327
+ @display_name = args[:display_name] if args.key?(:display_name)
5328
+ @exposed_score = args[:exposed_score] if args.key?(:exposed_score)
5329
+ @name = args[:name] if args.key?(:name)
5330
+ @resource = args[:resource] if args.key?(:resource)
5331
+ @resource_type = args[:resource_type] if args.key?(:resource_type)
5332
+ @resource_value = args[:resource_value] if args.key?(:resource_value)
5333
+ @resource_value_configs_used = args[:resource_value_configs_used] if args.key?(:resource_value_configs_used)
5334
+ end
5335
+ end
5336
+
4520
5337
  # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
4521
5338
  class Vulnerability
4522
5339
  include Google::Apis::Core::Hashable