google-apis-securitycenter_v1beta1 0.34.0 → 0.37.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 42d69499c49ce6481d40df94891b34b4764e38315a61c6dd89c47be0235cd17b
4
- data.tar.gz: 32c90620935197cca7d2f0bdb486406795763f4b6894e493b60cf9bc52b52970
3
+ metadata.gz: 724d246547f6e11a9bfcb229ca28c577402c7e870edfd0b3eb82e286fc0c328e
4
+ data.tar.gz: 5e964edc8961349f0f2f4696eae29ce28171ec0df29dacb4710d3d5104f39cbd
5
5
  SHA512:
6
- metadata.gz: a871196992792208d60d82a4a6072aaa8b640ffe45e1be49a76a140777836d8af4e1965ee7f5e14238d5fc06bd09db49b769ac6346b76c3604c814f68b046a10
7
- data.tar.gz: cb24c95857ee9f8a19fd5ca8b00744860f02379e91ff6e28e3a22d05f9766ebebdd476c0f6f0e44254ca161a3f56bca049a38545ff71348d992fb0c166ff437f
6
+ metadata.gz: 4b2a83ad1f89d2d67c8d2009ca1fb18776af3b48095d062072b248f548cc78073142522f9b83f43feed33dd5002d5d3eed94064a7bdcb12fcb8343b22f2e2511
7
+ data.tar.gz: 5d9fbfc29cb958a44d0b345ac86856e1d3b0dafb29970d8f3a9fe1e5a9c605c6279bbf41fea06924e2815e18091aa5ff9a74de45de0bdb5c8acb9577b33385d1
data/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # Release history for google-apis-securitycenter_v1beta1
2
2
 
3
+ ### v0.37.0 (2022-08-25)
4
+
5
+ * Regenerated from discovery document revision 20220824
6
+
7
+ ### v0.36.0 (2022-08-10)
8
+
9
+ * Regenerated from discovery document revision 20220809
10
+
11
+ ### v0.35.0 (2022-08-02)
12
+
13
+ * Regenerated from discovery document revision 20220728
14
+
3
15
  ### v0.34.0 (2022-07-26)
4
16
 
5
17
  * Regenerated from discovery document revision 20220720
@@ -41,11 +41,44 @@ module Google
41
41
  # @return [String]
42
42
  attr_accessor :method_name
43
43
 
44
- # Associated email, such as "foo@google.com".
44
+ # Associated email, such as "foo@google.com". The email address of the
45
+ # authenticated user (or service account on behalf of third party principal)
46
+ # making the request. For third party identity callers, the `principal_subject`
47
+ # field is populated instead of this field. For privacy reasons, the principal
48
+ # email address is sometimes redacted. For more information, see [Caller
49
+ # identities in audit logs](https://cloud.google.com/logging/docs/audit#user-id).
45
50
  # Corresponds to the JSON property `principalEmail`
46
51
  # @return [String]
47
52
  attr_accessor :principal_email
48
53
 
54
+ # A string representing the principal_subject associated with the identity. As
55
+ # compared to `principal_email`, supports principals that aren't associated with
56
+ # email addresses, such as third party principals. For most identities, the
57
+ # format will be `principal://iam.googleapis.com/`identity pool name`/subject/`
58
+ # subject)` except for some GKE identities (GKE_WORKLOAD, FREEFORM,
59
+ # GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:`
60
+ # identity pool name`[`subject`]`
61
+ # Corresponds to the JSON property `principalSubject`
62
+ # @return [String]
63
+ attr_accessor :principal_subject
64
+
65
+ # Identity delegation history of an authenticated service account that makes the
66
+ # request. It contains information on the real authorities that try to access
67
+ # GCP resources by delegating on a service account. When multiple authorities
68
+ # are present, they are guaranteed to be sorted based on the original ordering
69
+ # of the identity delegation events.
70
+ # Corresponds to the JSON property `serviceAccountDelegationInfo`
71
+ # @return [Array<Google::Apis::SecuritycenterV1beta1::ServiceAccountDelegationInfo>]
72
+ attr_accessor :service_account_delegation_info
73
+
74
+ # The name of the service account key used to create or exchange credentials for
75
+ # authenticating the service account making the request. This is a scheme-less
76
+ # URI full resource name. For example: "//iam.googleapis.com/projects/`
77
+ # PROJECT_ID`/serviceAccounts/`ACCOUNT`/keys/`key`"
78
+ # Corresponds to the JSON property `serviceAccountKeyName`
79
+ # @return [String]
80
+ attr_accessor :service_account_key_name
81
+
49
82
  # This is the API service that the service account made a call to, e.g. "iam.
50
83
  # googleapis.com"
51
84
  # Corresponds to the JSON property `serviceName`
@@ -68,6 +101,9 @@ module Google
68
101
  @caller_ip_geo = args[:caller_ip_geo] if args.key?(:caller_ip_geo)
69
102
  @method_name = args[:method_name] if args.key?(:method_name)
70
103
  @principal_email = args[:principal_email] if args.key?(:principal_email)
104
+ @principal_subject = args[:principal_subject] if args.key?(:principal_subject)
105
+ @service_account_delegation_info = args[:service_account_delegation_info] if args.key?(:service_account_delegation_info)
106
+ @service_account_key_name = args[:service_account_key_name] if args.key?(:service_account_key_name)
71
107
  @service_name = args[:service_name] if args.key?(:service_name)
72
108
  @user_agent_family = args[:user_agent_family] if args.key?(:user_agent_family)
73
109
  end
@@ -318,25 +354,28 @@ module Google
318
354
  # anyone who is authenticated with a Google account or a service account. * `
319
355
  # user:`emailid``: An email address that represents a specific Google account.
320
356
  # For example, `alice@example.com` . * `serviceAccount:`emailid``: An email
321
- # address that represents a service account. For example, `my-other-app@appspot.
322
- # gserviceaccount.com`. * `group:`emailid``: An email address that represents a
323
- # Google group. For example, `admins@example.com`. * `deleted:user:`emailid`?uid=
324
- # `uniqueid``: An email address (plus unique identifier) representing a user
325
- # that has been recently deleted. For example, `alice@example.com?uid=
326
- # 123456789012345678901`. If the user is recovered, this value reverts to `user:`
327
- # emailid`` and the recovered user retains the role in the binding. * `deleted:
328
- # serviceAccount:`emailid`?uid=`uniqueid``: An email address (plus unique
329
- # identifier) representing a service account that has been recently deleted. For
330
- # example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
331
- # If the service account is undeleted, this value reverts to `serviceAccount:`
332
- # emailid`` and the undeleted service account retains the role in the binding. *
333
- # `deleted:group:`emailid`?uid=`uniqueid``: An email address (plus unique
334
- # identifier) representing a Google group that has been recently deleted. For
335
- # example, `admins@example.com?uid=123456789012345678901`. If the group is
336
- # recovered, this value reverts to `group:`emailid`` and the recovered group
337
- # retains the role in the binding. * `domain:`domain``: The G Suite domain (
338
- # primary) that represents all the users of that domain. For example, `google.
339
- # com` or `example.com`.
357
+ # address that represents a Google service account. For example, `my-other-app@
358
+ # appspot.gserviceaccount.com`. * `serviceAccount:`projectid`.svc.id.goog[`
359
+ # namespace`/`kubernetes-sa`]`: An identifier for a [Kubernetes service account](
360
+ # https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-
361
+ # accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`
362
+ # . * `group:`emailid``: An email address that represents a Google group. For
363
+ # example, `admins@example.com`. * `deleted:user:`emailid`?uid=`uniqueid``: An
364
+ # email address (plus unique identifier) representing a user that has been
365
+ # recently deleted. For example, `alice@example.com?uid=123456789012345678901`.
366
+ # If the user is recovered, this value reverts to `user:`emailid`` and the
367
+ # recovered user retains the role in the binding. * `deleted:serviceAccount:`
368
+ # emailid`?uid=`uniqueid``: An email address (plus unique identifier)
369
+ # representing a service account that has been recently deleted. For example, `
370
+ # my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the
371
+ # service account is undeleted, this value reverts to `serviceAccount:`emailid``
372
+ # and the undeleted service account retains the role in the binding. * `deleted:
373
+ # group:`emailid`?uid=`uniqueid``: An email address (plus unique identifier)
374
+ # representing a Google group that has been recently deleted. For example, `
375
+ # admins@example.com?uid=123456789012345678901`. If the group is recovered, this
376
+ # value reverts to `group:`emailid`` and the recovered group retains the role in
377
+ # the binding. * `domain:`domain``: The G Suite domain (primary) that represents
378
+ # all the users of that domain. For example, `google.com` or `example.com`.
340
379
  # Corresponds to the JSON property `members`
341
380
  # @return [Array<String>]
342
381
  attr_accessor :members
@@ -643,6 +682,57 @@ module Google
643
682
  end
644
683
  end
645
684
 
685
+ # Represents database access information, such as queries. A database may be a
686
+ # sub-resource of an instance (as in the case of CloudSQL instances or Cloud
687
+ # Spanner instances), or the database instance itself. Some database resources
688
+ # may not have the full resource name populated because these resource types are
689
+ # not yet supported by Cloud Asset Inventory (e.g. CloudSQL databases). In these
690
+ # cases only the display name will be provided.
691
+ class Database
692
+ include Google::Apis::Core::Hashable
693
+
694
+ # The human readable name of the database the user connected to.
695
+ # Corresponds to the JSON property `displayName`
696
+ # @return [String]
697
+ attr_accessor :display_name
698
+
699
+ # The target usernames/roles/groups of a SQL privilege grant (not an IAM policy
700
+ # change).
701
+ # Corresponds to the JSON property `grantees`
702
+ # @return [Array<String>]
703
+ attr_accessor :grantees
704
+
705
+ # The full resource name of the database the user connected to, if it is
706
+ # supported by CAI. (https://google.aip.dev/122#full-resource-names)
707
+ # Corresponds to the JSON property `name`
708
+ # @return [String]
709
+ attr_accessor :name
710
+
711
+ # The SQL statement associated with the relevant access.
712
+ # Corresponds to the JSON property `query`
713
+ # @return [String]
714
+ attr_accessor :query
715
+
716
+ # The username used to connect to the DB. This may not necessarily be an IAM
717
+ # principal, and has no required format.
718
+ # Corresponds to the JSON property `userName`
719
+ # @return [String]
720
+ attr_accessor :user_name
721
+
722
+ def initialize(**args)
723
+ update!(**args)
724
+ end
725
+
726
+ # Update properties of this object
727
+ def update!(**args)
728
+ @display_name = args[:display_name] if args.key?(:display_name)
729
+ @grantees = args[:grantees] if args.key?(:grantees)
730
+ @name = args[:name] if args.key?(:name)
731
+ @query = args[:query] if args.key?(:query)
732
+ @user_name = args[:user_name] if args.key?(:user_name)
733
+ end
734
+ end
735
+
646
736
  # Memory hash detection contributing to the binary family match.
647
737
  class Detection
648
738
  include Google::Apis::Core::Hashable
@@ -920,7 +1010,7 @@ module Google
920
1010
  # contacts that pertain. Please refer to: https://cloud.google.com/resource-
921
1011
  # manager/docs/managing-notification-contacts#notification-categories ` "
922
1012
  # security": ` "contacts": [ ` "email": "person1@company.com" `, ` "email": "
923
- # person2@company.com" ` ] `
1013
+ # person2@company.com" ` ] ` `
924
1014
  # Corresponds to the JSON property `contacts`
925
1015
  # @return [Hash<String,Google::Apis::SecuritycenterV1beta1::ContactDetails>]
926
1016
  attr_accessor :contacts
@@ -936,6 +1026,16 @@ module Google
936
1026
  # @return [String]
937
1027
  attr_accessor :create_time
938
1028
 
1029
+ # Represents database access information, such as queries. A database may be a
1030
+ # sub-resource of an instance (as in the case of CloudSQL instances or Cloud
1031
+ # Spanner instances), or the database instance itself. Some database resources
1032
+ # may not have the full resource name populated because these resource types are
1033
+ # not yet supported by Cloud Asset Inventory (e.g. CloudSQL databases). In these
1034
+ # cases only the display name will be provided.
1035
+ # Corresponds to the JSON property `database`
1036
+ # @return [Google::Apis::SecuritycenterV1beta1::Database]
1037
+ attr_accessor :database
1038
+
939
1039
  # Contains more detail about the finding.
940
1040
  # Corresponds to the JSON property `description`
941
1041
  # @return [String]
@@ -1100,6 +1200,7 @@ module Google
1100
1200
  @contacts = args[:contacts] if args.key?(:contacts)
1101
1201
  @containers = args[:containers] if args.key?(:containers)
1102
1202
  @create_time = args[:create_time] if args.key?(:create_time)
1203
+ @database = args[:database] if args.key?(:database)
1103
1204
  @description = args[:description] if args.key?(:description)
1104
1205
  @event_time = args[:event_time] if args.key?(:event_time)
1105
1206
  @exfiltration = args[:exfiltration] if args.key?(:exfiltration)
@@ -2350,7 +2451,7 @@ module Google
2350
2451
  # @return [Array<Google::Apis::SecuritycenterV1beta1::ProcessSignature>]
2351
2452
  attr_accessor :signatures
2352
2453
 
2353
- # The list of URIs associated to the Findings
2454
+ # The list of URIs associated to the Findings.
2354
2455
  # Corresponds to the JSON property `uris`
2355
2456
  # @return [Array<String>]
2356
2457
  attr_accessor :uris
@@ -3224,6 +3325,37 @@ module Google
3224
3325
  end
3225
3326
  end
3226
3327
 
3328
+ # Identity delegation history of an authenticated service account.
3329
+ class ServiceAccountDelegationInfo
3330
+ include Google::Apis::Core::Hashable
3331
+
3332
+ # The email address of a Google account. .
3333
+ # Corresponds to the JSON property `principalEmail`
3334
+ # @return [String]
3335
+ attr_accessor :principal_email
3336
+
3337
+ # A string representing the principal_subject associated with the identity. As
3338
+ # compared to `principal_email`, supports principals that aren't associated with
3339
+ # email addresses, such as third party principals. For most identities, the
3340
+ # format will be `principal://iam.googleapis.com/`identity pool name`/subject/`
3341
+ # subject)` except for some GKE identities (GKE_WORKLOAD, FREEFORM,
3342
+ # GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:`
3343
+ # identity pool name`[`subject`]`
3344
+ # Corresponds to the JSON property `principalSubject`
3345
+ # @return [String]
3346
+ attr_accessor :principal_subject
3347
+
3348
+ def initialize(**args)
3349
+ update!(**args)
3350
+ end
3351
+
3352
+ # Update properties of this object
3353
+ def update!(**args)
3354
+ @principal_email = args[:principal_email] if args.key?(:principal_email)
3355
+ @principal_subject = args[:principal_subject] if args.key?(:principal_subject)
3356
+ end
3357
+ end
3358
+
3227
3359
  # Request message for updating a finding's state.
3228
3360
  class SetFindingStateRequest
3229
3361
  include Google::Apis::Core::Hashable
@@ -16,13 +16,13 @@ module Google
16
16
  module Apis
17
17
  module SecuritycenterV1beta1
18
18
  # Version of the google-apis-securitycenter_v1beta1 gem
19
- GEM_VERSION = "0.34.0"
19
+ GEM_VERSION = "0.37.0"
20
20
 
21
21
  # Version of the code generator used to generate this client
22
22
  GENERATOR_VERSION = "0.9.0"
23
23
 
24
24
  # Revision of the discovery document this client was generated from
25
- REVISION = "20220720"
25
+ REVISION = "20220824"
26
26
  end
27
27
  end
28
28
  end
@@ -112,6 +112,12 @@ module Google
112
112
  include Google::Apis::Core::JsonObjectSupport
113
113
  end
114
114
 
115
+ class Database
116
+ class Representation < Google::Apis::Core::JsonRepresentation; end
117
+
118
+ include Google::Apis::Core::JsonObjectSupport
119
+ end
120
+
115
121
  class Detection
116
122
  class Representation < Google::Apis::Core::JsonRepresentation; end
117
123
 
@@ -460,6 +466,12 @@ module Google
460
466
  include Google::Apis::Core::JsonObjectSupport
461
467
  end
462
468
 
469
+ class ServiceAccountDelegationInfo
470
+ class Representation < Google::Apis::Core::JsonRepresentation; end
471
+
472
+ include Google::Apis::Core::JsonObjectSupport
473
+ end
474
+
463
475
  class SetFindingStateRequest
464
476
  class Representation < Google::Apis::Core::JsonRepresentation; end
465
477
 
@@ -522,6 +534,10 @@ module Google
522
534
 
523
535
  property :method_name, as: 'methodName'
524
536
  property :principal_email, as: 'principalEmail'
537
+ property :principal_subject, as: 'principalSubject'
538
+ collection :service_account_delegation_info, as: 'serviceAccountDelegationInfo', class: Google::Apis::SecuritycenterV1beta1::ServiceAccountDelegationInfo, decorator: Google::Apis::SecuritycenterV1beta1::ServiceAccountDelegationInfo::Representation
539
+
540
+ property :service_account_key_name, as: 'serviceAccountKeyName'
525
541
  property :service_name, as: 'serviceName'
526
542
  property :user_agent_family, as: 'userAgentFamily'
527
543
  end
@@ -668,6 +684,17 @@ module Google
668
684
  end
669
685
  end
670
686
 
687
+ class Database
688
+ # @private
689
+ class Representation < Google::Apis::Core::JsonRepresentation
690
+ property :display_name, as: 'displayName'
691
+ collection :grantees, as: 'grantees'
692
+ property :name, as: 'name'
693
+ property :query, as: 'query'
694
+ property :user_name, as: 'userName'
695
+ end
696
+ end
697
+
671
698
  class Detection
672
699
  # @private
673
700
  class Representation < Google::Apis::Core::JsonRepresentation
@@ -746,6 +773,8 @@ module Google
746
773
  collection :containers, as: 'containers', class: Google::Apis::SecuritycenterV1beta1::Container, decorator: Google::Apis::SecuritycenterV1beta1::Container::Representation
747
774
 
748
775
  property :create_time, as: 'createTime'
776
+ property :database, as: 'database', class: Google::Apis::SecuritycenterV1beta1::Database, decorator: Google::Apis::SecuritycenterV1beta1::Database::Representation
777
+
749
778
  property :description, as: 'description'
750
779
  property :event_time, as: 'eventTime'
751
780
  property :exfiltration, as: 'exfiltration', class: Google::Apis::SecuritycenterV1beta1::Exfiltration, decorator: Google::Apis::SecuritycenterV1beta1::Exfiltration::Representation
@@ -1303,6 +1332,14 @@ module Google
1303
1332
  end
1304
1333
  end
1305
1334
 
1335
+ class ServiceAccountDelegationInfo
1336
+ # @private
1337
+ class Representation < Google::Apis::Core::JsonRepresentation
1338
+ property :principal_email, as: 'principalEmail'
1339
+ property :principal_subject, as: 'principalSubject'
1340
+ end
1341
+ end
1342
+
1306
1343
  class SetFindingStateRequest
1307
1344
  # @private
1308
1345
  class Representation < Google::Apis::Core::JsonRepresentation
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-apis-securitycenter_v1beta1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.34.0
4
+ version: 0.37.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-01 00:00:00.000000000 Z
11
+ date: 2022-08-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
58
58
  metadata:
59
59
  bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
60
60
  changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-securitycenter_v1beta1/CHANGELOG.md
61
- documentation_uri: https://googleapis.dev/ruby/google-apis-securitycenter_v1beta1/v0.34.0
61
+ documentation_uri: https://googleapis.dev/ruby/google-apis-securitycenter_v1beta1/v0.37.0
62
62
  source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-securitycenter_v1beta1
63
63
  post_install_message:
64
64
  rdoc_options: []