google-apis-securitycenter_v1beta1 0.79.0 → 0.81.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/lib/google/apis/securitycenter_v1beta1/classes.rb +1380 -220
- data/lib/google/apis/securitycenter_v1beta1/gem_version.rb +3 -3
- data/lib/google/apis/securitycenter_v1beta1/representations.rb +517 -0
- data/lib/google/apis/securitycenter_v1beta1/service.rb +2 -2
- metadata +4 -4
|
@@ -650,6 +650,11 @@ module Google
|
|
|
650
650
|
# @return [Google::Apis::SecuritycenterV1beta1::AzureSubscription]
|
|
651
651
|
attr_accessor :subscription
|
|
652
652
|
|
|
653
|
+
# Represents a Microsoft Entra tenant.
|
|
654
|
+
# Corresponds to the JSON property `tenant`
|
|
655
|
+
# @return [Google::Apis::SecuritycenterV1beta1::AzureTenant]
|
|
656
|
+
attr_accessor :tenant
|
|
657
|
+
|
|
653
658
|
def initialize(**args)
|
|
654
659
|
update!(**args)
|
|
655
660
|
end
|
|
@@ -659,6 +664,7 @@ module Google
|
|
|
659
664
|
@management_groups = args[:management_groups] if args.key?(:management_groups)
|
|
660
665
|
@resource_group = args[:resource_group] if args.key?(:resource_group)
|
|
661
666
|
@subscription = args[:subscription] if args.key?(:subscription)
|
|
667
|
+
@tenant = args[:tenant] if args.key?(:tenant)
|
|
662
668
|
end
|
|
663
669
|
end
|
|
664
670
|
|
|
@@ -666,6 +672,11 @@ module Google
|
|
|
666
672
|
class AzureResourceGroup
|
|
667
673
|
include Google::Apis::Core::Hashable
|
|
668
674
|
|
|
675
|
+
# The ID of the Azure resource group.
|
|
676
|
+
# Corresponds to the JSON property `id`
|
|
677
|
+
# @return [String]
|
|
678
|
+
attr_accessor :id
|
|
679
|
+
|
|
669
680
|
# The name of the Azure resource group. This is not a UUID.
|
|
670
681
|
# Corresponds to the JSON property `name`
|
|
671
682
|
# @return [String]
|
|
@@ -677,6 +688,7 @@ module Google
|
|
|
677
688
|
|
|
678
689
|
# Update properties of this object
|
|
679
690
|
def update!(**args)
|
|
691
|
+
@id = args[:id] if args.key?(:id)
|
|
680
692
|
@name = args[:name] if args.key?(:name)
|
|
681
693
|
end
|
|
682
694
|
end
|
|
@@ -707,6 +719,32 @@ module Google
|
|
|
707
719
|
end
|
|
708
720
|
end
|
|
709
721
|
|
|
722
|
+
# Represents a Microsoft Entra tenant.
|
|
723
|
+
class AzureTenant
|
|
724
|
+
include Google::Apis::Core::Hashable
|
|
725
|
+
|
|
726
|
+
# The display name of the Azure tenant.
|
|
727
|
+
# Corresponds to the JSON property `displayName`
|
|
728
|
+
# @return [String]
|
|
729
|
+
attr_accessor :display_name
|
|
730
|
+
|
|
731
|
+
# The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
|
|
732
|
+
# 1aaa11a".
|
|
733
|
+
# Corresponds to the JSON property `id`
|
|
734
|
+
# @return [String]
|
|
735
|
+
attr_accessor :id
|
|
736
|
+
|
|
737
|
+
def initialize(**args)
|
|
738
|
+
update!(**args)
|
|
739
|
+
end
|
|
740
|
+
|
|
741
|
+
# Update properties of this object
|
|
742
|
+
def update!(**args)
|
|
743
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
744
|
+
@id = args[:id] if args.key?(:id)
|
|
745
|
+
end
|
|
746
|
+
end
|
|
747
|
+
|
|
710
748
|
# Information related to Google Cloud Backup and DR Service findings.
|
|
711
749
|
class BackupDisasterRecovery
|
|
712
750
|
include Google::Apis::Core::Hashable
|
|
@@ -1315,11 +1353,21 @@ module Google
|
|
|
1315
1353
|
# @return [Google::Apis::SecuritycenterV1beta1::Cvssv3]
|
|
1316
1354
|
attr_accessor :cvssv3
|
|
1317
1355
|
|
|
1356
|
+
# Date the first publicly available exploit or PoC was released.
|
|
1357
|
+
# Corresponds to the JSON property `exploitReleaseDate`
|
|
1358
|
+
# @return [String]
|
|
1359
|
+
attr_accessor :exploit_release_date
|
|
1360
|
+
|
|
1318
1361
|
# The exploitation activity of the vulnerability in the wild.
|
|
1319
1362
|
# Corresponds to the JSON property `exploitationActivity`
|
|
1320
1363
|
# @return [String]
|
|
1321
1364
|
attr_accessor :exploitation_activity
|
|
1322
1365
|
|
|
1366
|
+
# Date of the earliest known exploitation.
|
|
1367
|
+
# Corresponds to the JSON property `firstExploitationDate`
|
|
1368
|
+
# @return [String]
|
|
1369
|
+
attr_accessor :first_exploitation_date
|
|
1370
|
+
|
|
1323
1371
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
|
1324
1372
|
# Corresponds to the JSON property `id`
|
|
1325
1373
|
# @return [String]
|
|
@@ -1361,7 +1409,9 @@ module Google
|
|
|
1361
1409
|
# Update properties of this object
|
|
1362
1410
|
def update!(**args)
|
|
1363
1411
|
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
|
1412
|
+
@exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
|
|
1364
1413
|
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
|
1414
|
+
@first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
|
|
1365
1415
|
@id = args[:id] if args.key?(:id)
|
|
1366
1416
|
@impact = args[:impact] if args.key?(:impact)
|
|
1367
1417
|
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
|
@@ -1448,6 +1498,144 @@ module Google
|
|
|
1448
1498
|
end
|
|
1449
1499
|
end
|
|
1450
1500
|
|
|
1501
|
+
# Details about a data access attempt made by a principal not authorized under
|
|
1502
|
+
# applicable data security policy.
|
|
1503
|
+
class DataAccessEvent
|
|
1504
|
+
include Google::Apis::Core::Hashable
|
|
1505
|
+
|
|
1506
|
+
# Unique identifier for data access event.
|
|
1507
|
+
# Corresponds to the JSON property `eventId`
|
|
1508
|
+
# @return [String]
|
|
1509
|
+
attr_accessor :event_id
|
|
1510
|
+
|
|
1511
|
+
# Timestamp of data access event.
|
|
1512
|
+
# Corresponds to the JSON property `eventTime`
|
|
1513
|
+
# @return [String]
|
|
1514
|
+
attr_accessor :event_time
|
|
1515
|
+
|
|
1516
|
+
# The operation performed by the principal to access the data.
|
|
1517
|
+
# Corresponds to the JSON property `operation`
|
|
1518
|
+
# @return [String]
|
|
1519
|
+
attr_accessor :operation
|
|
1520
|
+
|
|
1521
|
+
# The email address of the principal that accessed the data. The principal could
|
|
1522
|
+
# be a user account, service account, Google group, or other.
|
|
1523
|
+
# Corresponds to the JSON property `principalEmail`
|
|
1524
|
+
# @return [String]
|
|
1525
|
+
attr_accessor :principal_email
|
|
1526
|
+
|
|
1527
|
+
def initialize(**args)
|
|
1528
|
+
update!(**args)
|
|
1529
|
+
end
|
|
1530
|
+
|
|
1531
|
+
# Update properties of this object
|
|
1532
|
+
def update!(**args)
|
|
1533
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
1534
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
1535
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
1536
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
1537
|
+
end
|
|
1538
|
+
end
|
|
1539
|
+
|
|
1540
|
+
# Details about a data flow event, in which either the data is moved to or is
|
|
1541
|
+
# accessed from a non-compliant geo-location, as defined in the applicable data
|
|
1542
|
+
# security policy.
|
|
1543
|
+
class DataFlowEvent
|
|
1544
|
+
include Google::Apis::Core::Hashable
|
|
1545
|
+
|
|
1546
|
+
# Unique identifier for data flow event.
|
|
1547
|
+
# Corresponds to the JSON property `eventId`
|
|
1548
|
+
# @return [String]
|
|
1549
|
+
attr_accessor :event_id
|
|
1550
|
+
|
|
1551
|
+
# Timestamp of data flow event.
|
|
1552
|
+
# Corresponds to the JSON property `eventTime`
|
|
1553
|
+
# @return [String]
|
|
1554
|
+
attr_accessor :event_time
|
|
1555
|
+
|
|
1556
|
+
# The operation performed by the principal for the data flow event.
|
|
1557
|
+
# Corresponds to the JSON property `operation`
|
|
1558
|
+
# @return [String]
|
|
1559
|
+
attr_accessor :operation
|
|
1560
|
+
|
|
1561
|
+
# The email address of the principal that initiated the data flow event. The
|
|
1562
|
+
# principal could be a user account, service account, Google group, or other.
|
|
1563
|
+
# Corresponds to the JSON property `principalEmail`
|
|
1564
|
+
# @return [String]
|
|
1565
|
+
attr_accessor :principal_email
|
|
1566
|
+
|
|
1567
|
+
# Non-compliant location of the principal or the data destination.
|
|
1568
|
+
# Corresponds to the JSON property `violatedLocation`
|
|
1569
|
+
# @return [String]
|
|
1570
|
+
attr_accessor :violated_location
|
|
1571
|
+
|
|
1572
|
+
def initialize(**args)
|
|
1573
|
+
update!(**args)
|
|
1574
|
+
end
|
|
1575
|
+
|
|
1576
|
+
# Update properties of this object
|
|
1577
|
+
def update!(**args)
|
|
1578
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
1579
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
1580
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
1581
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
1582
|
+
@violated_location = args[:violated_location] if args.key?(:violated_location)
|
|
1583
|
+
end
|
|
1584
|
+
end
|
|
1585
|
+
|
|
1586
|
+
# Details about data retention deletion violations, in which the data is non-
|
|
1587
|
+
# compliant based on their retention or deletion time, as defined in the
|
|
1588
|
+
# applicable data security policy. The Data Retention Deletion (DRD) control is
|
|
1589
|
+
# a control of the DSPM (Data Security Posture Management) suite that enables
|
|
1590
|
+
# organizations to manage data retention and deletion policies in compliance
|
|
1591
|
+
# with regulations, such as GDPR and CRPA. DRD supports two primary policy types:
|
|
1592
|
+
# maximum storage length (max TTL) and minimum storage length (min TTL). Both
|
|
1593
|
+
# are aimed at helping organizations meet regulatory and data management
|
|
1594
|
+
# commitments.
|
|
1595
|
+
class DataRetentionDeletionEvent
|
|
1596
|
+
include Google::Apis::Core::Hashable
|
|
1597
|
+
|
|
1598
|
+
# Number of objects that violated the policy for this resource. If the number is
|
|
1599
|
+
# less than 1,000, then the value of this field is the exact number. If the
|
|
1600
|
+
# number of objects that violated the policy is greater than or equal to 1,000,
|
|
1601
|
+
# then the value of this field is 1000.
|
|
1602
|
+
# Corresponds to the JSON property `dataObjectCount`
|
|
1603
|
+
# @return [Fixnum]
|
|
1604
|
+
attr_accessor :data_object_count
|
|
1605
|
+
|
|
1606
|
+
# Timestamp indicating when the event was detected.
|
|
1607
|
+
# Corresponds to the JSON property `eventDetectionTime`
|
|
1608
|
+
# @return [String]
|
|
1609
|
+
attr_accessor :event_detection_time
|
|
1610
|
+
|
|
1611
|
+
# Type of the DRD event.
|
|
1612
|
+
# Corresponds to the JSON property `eventType`
|
|
1613
|
+
# @return [String]
|
|
1614
|
+
attr_accessor :event_type
|
|
1615
|
+
|
|
1616
|
+
# Maximum duration of retention allowed from the DRD control. This comes from
|
|
1617
|
+
# the DRD control where users set a max TTL for their data. For example, suppose
|
|
1618
|
+
# that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an
|
|
1619
|
+
# object in that bucket is 100 days old. In this case, a
|
|
1620
|
+
# DataRetentionDeletionEvent will be generated for that Cloud Storage bucket,
|
|
1621
|
+
# and the max_retention_allowed is 90 days.
|
|
1622
|
+
# Corresponds to the JSON property `maxRetentionAllowed`
|
|
1623
|
+
# @return [String]
|
|
1624
|
+
attr_accessor :max_retention_allowed
|
|
1625
|
+
|
|
1626
|
+
def initialize(**args)
|
|
1627
|
+
update!(**args)
|
|
1628
|
+
end
|
|
1629
|
+
|
|
1630
|
+
# Update properties of this object
|
|
1631
|
+
def update!(**args)
|
|
1632
|
+
@data_object_count = args[:data_object_count] if args.key?(:data_object_count)
|
|
1633
|
+
@event_detection_time = args[:event_detection_time] if args.key?(:event_detection_time)
|
|
1634
|
+
@event_type = args[:event_type] if args.key?(:event_type)
|
|
1635
|
+
@max_retention_allowed = args[:max_retention_allowed] if args.key?(:max_retention_allowed)
|
|
1636
|
+
end
|
|
1637
|
+
end
|
|
1638
|
+
|
|
1451
1639
|
# Represents database access information, such as queries. A database may be a
|
|
1452
1640
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
1453
1641
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -1536,6 +1724,26 @@ module Google
|
|
|
1536
1724
|
end
|
|
1537
1725
|
end
|
|
1538
1726
|
|
|
1727
|
+
# Contains information about the disk associated with the finding.
|
|
1728
|
+
class Disk
|
|
1729
|
+
include Google::Apis::Core::Hashable
|
|
1730
|
+
|
|
1731
|
+
# The name of the disk, for example, "https://www.googleapis.com/compute/v1/
|
|
1732
|
+
# projects/project-id/zones/zone-id/disks/disk-id".
|
|
1733
|
+
# Corresponds to the JSON property `name`
|
|
1734
|
+
# @return [String]
|
|
1735
|
+
attr_accessor :name
|
|
1736
|
+
|
|
1737
|
+
def initialize(**args)
|
|
1738
|
+
update!(**args)
|
|
1739
|
+
end
|
|
1740
|
+
|
|
1741
|
+
# Update properties of this object
|
|
1742
|
+
def update!(**args)
|
|
1743
|
+
@name = args[:name] if args.key?(:name)
|
|
1744
|
+
end
|
|
1745
|
+
end
|
|
1746
|
+
|
|
1539
1747
|
# Path of the file in terms of underlying disk/partition identifiers.
|
|
1540
1748
|
class DiskPath
|
|
1541
1749
|
include Google::Apis::Core::Hashable
|
|
@@ -1563,6 +1771,33 @@ module Google
|
|
|
1563
1771
|
end
|
|
1564
1772
|
end
|
|
1565
1773
|
|
|
1774
|
+
# The record of a dynamic mute rule that matches the finding.
|
|
1775
|
+
class DynamicMuteRecord
|
|
1776
|
+
include Google::Apis::Core::Hashable
|
|
1777
|
+
|
|
1778
|
+
# When the dynamic mute rule first matched the finding.
|
|
1779
|
+
# Corresponds to the JSON property `matchTime`
|
|
1780
|
+
# @return [String]
|
|
1781
|
+
attr_accessor :match_time
|
|
1782
|
+
|
|
1783
|
+
# The relative resource name of the mute rule, represented by a mute config,
|
|
1784
|
+
# that created this record, for example `organizations/123/muteConfigs/
|
|
1785
|
+
# mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
|
1786
|
+
# Corresponds to the JSON property `muteConfig`
|
|
1787
|
+
# @return [String]
|
|
1788
|
+
attr_accessor :mute_config
|
|
1789
|
+
|
|
1790
|
+
def initialize(**args)
|
|
1791
|
+
update!(**args)
|
|
1792
|
+
end
|
|
1793
|
+
|
|
1794
|
+
# Update properties of this object
|
|
1795
|
+
def update!(**args)
|
|
1796
|
+
@match_time = args[:match_time] if args.key?(:match_time)
|
|
1797
|
+
@mute_config = args[:mute_config] if args.key?(:mute_config)
|
|
1798
|
+
end
|
|
1799
|
+
end
|
|
1800
|
+
|
|
1566
1801
|
# A generic empty message that you can re-use to avoid defining duplicated empty
|
|
1567
1802
|
# messages in your APIs. A typical example is to use it as the request or the
|
|
1568
1803
|
# response type of an API method. For instance: service Foo ` rpc Bar(google.
|
|
@@ -1877,6 +2112,21 @@ module Google
|
|
|
1877
2112
|
# @return [String]
|
|
1878
2113
|
attr_accessor :create_time
|
|
1879
2114
|
|
|
2115
|
+
# Data access events associated with the finding.
|
|
2116
|
+
# Corresponds to the JSON property `dataAccessEvents`
|
|
2117
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DataAccessEvent>]
|
|
2118
|
+
attr_accessor :data_access_events
|
|
2119
|
+
|
|
2120
|
+
# Data flow events associated with the finding.
|
|
2121
|
+
# Corresponds to the JSON property `dataFlowEvents`
|
|
2122
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DataFlowEvent>]
|
|
2123
|
+
attr_accessor :data_flow_events
|
|
2124
|
+
|
|
2125
|
+
# Data retention deletion events associated with the finding.
|
|
2126
|
+
# Corresponds to the JSON property `dataRetentionDeletionEvents`
|
|
2127
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DataRetentionDeletionEvent>]
|
|
2128
|
+
attr_accessor :data_retention_deletion_events
|
|
2129
|
+
|
|
1880
2130
|
# Represents database access information, such as queries. A database may be a
|
|
1881
2131
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
1882
2132
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -1893,6 +2143,11 @@ module Google
|
|
|
1893
2143
|
# @return [String]
|
|
1894
2144
|
attr_accessor :description
|
|
1895
2145
|
|
|
2146
|
+
# Contains information about the disk associated with the finding.
|
|
2147
|
+
# Corresponds to the JSON property `disk`
|
|
2148
|
+
# @return [Google::Apis::SecuritycenterV1beta1::Disk]
|
|
2149
|
+
attr_accessor :disk
|
|
2150
|
+
|
|
1896
2151
|
# The time the finding was first detected. If an existing finding is updated,
|
|
1897
2152
|
# then this is the time the update occurred. For example, if the finding
|
|
1898
2153
|
# represents an open firewall, this property captures the time the detector
|
|
@@ -1994,6 +2249,12 @@ module Google
|
|
|
1994
2249
|
# @return [String]
|
|
1995
2250
|
attr_accessor :mute
|
|
1996
2251
|
|
|
2252
|
+
# Mute information about the finding, including whether the finding has a static
|
|
2253
|
+
# mute or any matching dynamic mute rules.
|
|
2254
|
+
# Corresponds to the JSON property `muteInfo`
|
|
2255
|
+
# @return [Google::Apis::SecuritycenterV1beta1::MuteInfo]
|
|
2256
|
+
attr_accessor :mute_info
|
|
2257
|
+
|
|
1997
2258
|
# Records additional information about the mute operation, for example, the [
|
|
1998
2259
|
# mute configuration](/security-command-center/docs/how-to-mute-findings) that
|
|
1999
2260
|
# muted the finding and the user who muted the finding.
|
|
@@ -2127,8 +2388,12 @@ module Google
|
|
|
2127
2388
|
@contacts = args[:contacts] if args.key?(:contacts)
|
|
2128
2389
|
@containers = args[:containers] if args.key?(:containers)
|
|
2129
2390
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
2391
|
+
@data_access_events = args[:data_access_events] if args.key?(:data_access_events)
|
|
2392
|
+
@data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
|
|
2393
|
+
@data_retention_deletion_events = args[:data_retention_deletion_events] if args.key?(:data_retention_deletion_events)
|
|
2130
2394
|
@database = args[:database] if args.key?(:database)
|
|
2131
2395
|
@description = args[:description] if args.key?(:description)
|
|
2396
|
+
@disk = args[:disk] if args.key?(:disk)
|
|
2132
2397
|
@event_time = args[:event_time] if args.key?(:event_time)
|
|
2133
2398
|
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
2134
2399
|
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
@@ -2145,6 +2410,7 @@ module Google
|
|
|
2145
2410
|
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
2146
2411
|
@module_name = args[:module_name] if args.key?(:module_name)
|
|
2147
2412
|
@mute = args[:mute] if args.key?(:mute)
|
|
2413
|
+
@mute_info = args[:mute_info] if args.key?(:mute_info)
|
|
2148
2414
|
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
2149
2415
|
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
2150
2416
|
@name = args[:name] if args.key?(:name)
|
|
@@ -2550,6 +2816,11 @@ module Google
|
|
|
2550
2816
|
class GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule
|
|
2551
2817
|
include Google::Apis::Core::Hashable
|
|
2552
2818
|
|
|
2819
|
+
# The cloud provider of the custom module.
|
|
2820
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
2821
|
+
# @return [String]
|
|
2822
|
+
attr_accessor :cloud_provider
|
|
2823
|
+
|
|
2553
2824
|
# Defines the properties in a custom module configuration for Security Health
|
|
2554
2825
|
# Analytics. Use the custom module configuration to create custom detectors that
|
|
2555
2826
|
# generate custom findings for resources that you specify.
|
|
@@ -2586,6 +2857,7 @@ module Google
|
|
|
2586
2857
|
|
|
2587
2858
|
# Update properties of this object
|
|
2588
2859
|
def update!(**args)
|
|
2860
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
2589
2861
|
@custom_config = args[:custom_config] if args.key?(:custom_config)
|
|
2590
2862
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
2591
2863
|
@enablement_state = args[:enablement_state] if args.key?(:enablement_state)
|
|
@@ -2699,6 +2971,12 @@ module Google
|
|
|
2699
2971
|
# @return [String]
|
|
2700
2972
|
attr_accessor :display_name
|
|
2701
2973
|
|
|
2974
|
+
# Optional. The expiry of the mute config. Only applicable for dynamic configs.
|
|
2975
|
+
# If the expiry is set, when the config expires, it is removed from all findings.
|
|
2976
|
+
# Corresponds to the JSON property `expiryTime`
|
|
2977
|
+
# @return [String]
|
|
2978
|
+
attr_accessor :expiry_time
|
|
2979
|
+
|
|
2702
2980
|
# Required. An expression that defines the filter to apply across create/update
|
|
2703
2981
|
# events of findings. While creating a filter string, be mindful of the scope in
|
|
2704
2982
|
# which the mute configuration is being created. E.g., If a filter contains
|
|
@@ -2730,6 +3008,14 @@ module Google
|
|
|
2730
3008
|
# @return [String]
|
|
2731
3009
|
attr_accessor :name
|
|
2732
3010
|
|
|
3011
|
+
# Optional. The type of the mute config, which determines what type of mute
|
|
3012
|
+
# state the config affects. The static mute state takes precedence over the
|
|
3013
|
+
# dynamic mute state. Immutable after creation. STATIC by default if not set
|
|
3014
|
+
# during creation.
|
|
3015
|
+
# Corresponds to the JSON property `type`
|
|
3016
|
+
# @return [String]
|
|
3017
|
+
attr_accessor :type
|
|
3018
|
+
|
|
2733
3019
|
# Output only. The most recent time at which the mute config was updated. This
|
|
2734
3020
|
# field is set by the server and will be ignored if provided on config creation
|
|
2735
3021
|
# or update.
|
|
@@ -2746,9 +3032,11 @@ module Google
|
|
|
2746
3032
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
2747
3033
|
@description = args[:description] if args.key?(:description)
|
|
2748
3034
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
3035
|
+
@expiry_time = args[:expiry_time] if args.key?(:expiry_time)
|
|
2749
3036
|
@filter = args[:filter] if args.key?(:filter)
|
|
2750
3037
|
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
|
2751
3038
|
@name = args[:name] if args.key?(:name)
|
|
3039
|
+
@type = args[:type] if args.key?(:type)
|
|
2752
3040
|
@update_time = args[:update_time] if args.key?(:update_time)
|
|
2753
3041
|
end
|
|
2754
3042
|
end
|
|
@@ -3031,10 +3319,10 @@ module Google
|
|
|
3031
3319
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping]
|
|
3032
3320
|
attr_accessor :sensitive_data_protection_mapping
|
|
3033
3321
|
|
|
3034
|
-
# Required. Tag values combined with `AND` to check against.
|
|
3035
|
-
# tagValues/123" Example: `[ "
|
|
3036
|
-
# https://cloud.google.com/
|
|
3037
|
-
# managing
|
|
3322
|
+
# Required. Tag values combined with `AND` to check against. For Google Cloud
|
|
3323
|
+
# resources, they are tag value IDs in the form of "tagValues/123". Example: `[ "
|
|
3324
|
+
# tagValues/123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/
|
|
3325
|
+
# resource-manager/docs/tags/tags-creating-and-managing
|
|
3038
3326
|
# Corresponds to the JSON property `tagValues`
|
|
3039
3327
|
# @return [Array<String>]
|
|
3040
3328
|
attr_accessor :tag_values
|
|
@@ -3105,6 +3393,11 @@ module Google
|
|
|
3105
3393
|
# @return [String]
|
|
3106
3394
|
attr_accessor :ancestor_module
|
|
3107
3395
|
|
|
3396
|
+
# The cloud provider of the custom module.
|
|
3397
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
3398
|
+
# @return [String]
|
|
3399
|
+
attr_accessor :cloud_provider
|
|
3400
|
+
|
|
3108
3401
|
# Defines the properties in a custom module configuration for Security Health
|
|
3109
3402
|
# Analytics. Use the custom module configuration to create custom detectors that
|
|
3110
3403
|
# generate custom findings for resources that you specify.
|
|
@@ -3154,6 +3447,7 @@ module Google
|
|
|
3154
3447
|
# Update properties of this object
|
|
3155
3448
|
def update!(**args)
|
|
3156
3449
|
@ancestor_module = args[:ancestor_module] if args.key?(:ancestor_module)
|
|
3450
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
3157
3451
|
@custom_config = args[:custom_config] if args.key?(:custom_config)
|
|
3158
3452
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
3159
3453
|
@enablement_state = args[:enablement_state] if args.key?(:enablement_state)
|
|
@@ -4120,6 +4414,11 @@ module Google
|
|
|
4120
4414
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2AzureSubscription]
|
|
4121
4415
|
attr_accessor :subscription
|
|
4122
4416
|
|
|
4417
|
+
# Represents a Microsoft Entra tenant.
|
|
4418
|
+
# Corresponds to the JSON property `tenant`
|
|
4419
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2AzureTenant]
|
|
4420
|
+
attr_accessor :tenant
|
|
4421
|
+
|
|
4123
4422
|
def initialize(**args)
|
|
4124
4423
|
update!(**args)
|
|
4125
4424
|
end
|
|
@@ -4129,6 +4428,7 @@ module Google
|
|
|
4129
4428
|
@management_groups = args[:management_groups] if args.key?(:management_groups)
|
|
4130
4429
|
@resource_group = args[:resource_group] if args.key?(:resource_group)
|
|
4131
4430
|
@subscription = args[:subscription] if args.key?(:subscription)
|
|
4431
|
+
@tenant = args[:tenant] if args.key?(:tenant)
|
|
4132
4432
|
end
|
|
4133
4433
|
end
|
|
4134
4434
|
|
|
@@ -4136,6 +4436,11 @@ module Google
|
|
|
4136
4436
|
class GoogleCloudSecuritycenterV2AzureResourceGroup
|
|
4137
4437
|
include Google::Apis::Core::Hashable
|
|
4138
4438
|
|
|
4439
|
+
# The ID of the Azure resource group.
|
|
4440
|
+
# Corresponds to the JSON property `id`
|
|
4441
|
+
# @return [String]
|
|
4442
|
+
attr_accessor :id
|
|
4443
|
+
|
|
4139
4444
|
# The name of the Azure resource group. This is not a UUID.
|
|
4140
4445
|
# Corresponds to the JSON property `name`
|
|
4141
4446
|
# @return [String]
|
|
@@ -4147,6 +4452,7 @@ module Google
|
|
|
4147
4452
|
|
|
4148
4453
|
# Update properties of this object
|
|
4149
4454
|
def update!(**args)
|
|
4455
|
+
@id = args[:id] if args.key?(:id)
|
|
4150
4456
|
@name = args[:name] if args.key?(:name)
|
|
4151
4457
|
end
|
|
4152
4458
|
end
|
|
@@ -4177,6 +4483,32 @@ module Google
|
|
|
4177
4483
|
end
|
|
4178
4484
|
end
|
|
4179
4485
|
|
|
4486
|
+
# Represents a Microsoft Entra tenant.
|
|
4487
|
+
class GoogleCloudSecuritycenterV2AzureTenant
|
|
4488
|
+
include Google::Apis::Core::Hashable
|
|
4489
|
+
|
|
4490
|
+
# The display name of the Azure tenant.
|
|
4491
|
+
# Corresponds to the JSON property `displayName`
|
|
4492
|
+
# @return [String]
|
|
4493
|
+
attr_accessor :display_name
|
|
4494
|
+
|
|
4495
|
+
# The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
|
|
4496
|
+
# 1aaa11a".
|
|
4497
|
+
# Corresponds to the JSON property `id`
|
|
4498
|
+
# @return [String]
|
|
4499
|
+
attr_accessor :id
|
|
4500
|
+
|
|
4501
|
+
def initialize(**args)
|
|
4502
|
+
update!(**args)
|
|
4503
|
+
end
|
|
4504
|
+
|
|
4505
|
+
# Update properties of this object
|
|
4506
|
+
def update!(**args)
|
|
4507
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
4508
|
+
@id = args[:id] if args.key?(:id)
|
|
4509
|
+
end
|
|
4510
|
+
end
|
|
4511
|
+
|
|
4180
4512
|
# Information related to Google Cloud Backup and DR Service findings.
|
|
4181
4513
|
class GoogleCloudSecuritycenterV2BackupDisasterRecovery
|
|
4182
4514
|
include Google::Apis::Core::Hashable
|
|
@@ -4745,11 +5077,21 @@ module Google
|
|
|
4745
5077
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2Cvssv3]
|
|
4746
5078
|
attr_accessor :cvssv3
|
|
4747
5079
|
|
|
5080
|
+
# Date the first publicly available exploit or PoC was released.
|
|
5081
|
+
# Corresponds to the JSON property `exploitReleaseDate`
|
|
5082
|
+
# @return [String]
|
|
5083
|
+
attr_accessor :exploit_release_date
|
|
5084
|
+
|
|
4748
5085
|
# The exploitation activity of the vulnerability in the wild.
|
|
4749
5086
|
# Corresponds to the JSON property `exploitationActivity`
|
|
4750
5087
|
# @return [String]
|
|
4751
5088
|
attr_accessor :exploitation_activity
|
|
4752
5089
|
|
|
5090
|
+
# Date of the earliest known exploitation.
|
|
5091
|
+
# Corresponds to the JSON property `firstExploitationDate`
|
|
5092
|
+
# @return [String]
|
|
5093
|
+
attr_accessor :first_exploitation_date
|
|
5094
|
+
|
|
4753
5095
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
|
4754
5096
|
# Corresponds to the JSON property `id`
|
|
4755
5097
|
# @return [String]
|
|
@@ -4791,7 +5133,9 @@ module Google
|
|
|
4791
5133
|
# Update properties of this object
|
|
4792
5134
|
def update!(**args)
|
|
4793
5135
|
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
|
5136
|
+
@exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
|
|
4794
5137
|
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
|
5138
|
+
@first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
|
|
4795
5139
|
@id = args[:id] if args.key?(:id)
|
|
4796
5140
|
@impact = args[:impact] if args.key?(:impact)
|
|
4797
5141
|
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
|
@@ -4878,53 +5222,31 @@ module Google
|
|
|
4878
5222
|
end
|
|
4879
5223
|
end
|
|
4880
5224
|
|
|
4881
|
-
#
|
|
4882
|
-
#
|
|
4883
|
-
|
|
4884
|
-
# might not have the [full resource name](https://google.aip.dev/122#full-
|
|
4885
|
-
# resource-names) populated because these resource types, such as Cloud SQL
|
|
4886
|
-
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
|
4887
|
-
# the display name is provided.
|
|
4888
|
-
class GoogleCloudSecuritycenterV2Database
|
|
5225
|
+
# Details about a data access attempt made by a principal not authorized under
|
|
5226
|
+
# applicable data security policy.
|
|
5227
|
+
class GoogleCloudSecuritycenterV2DataAccessEvent
|
|
4889
5228
|
include Google::Apis::Core::Hashable
|
|
4890
5229
|
|
|
4891
|
-
#
|
|
4892
|
-
# Corresponds to the JSON property `
|
|
4893
|
-
# @return [String]
|
|
4894
|
-
attr_accessor :display_name
|
|
4895
|
-
|
|
4896
|
-
# The target usernames, roles, or groups of an SQL privilege grant, which is not
|
|
4897
|
-
# an IAM policy change.
|
|
4898
|
-
# Corresponds to the JSON property `grantees`
|
|
4899
|
-
# @return [Array<String>]
|
|
4900
|
-
attr_accessor :grantees
|
|
4901
|
-
|
|
4902
|
-
# Some database resources may not have the [full resource name](https://google.
|
|
4903
|
-
# aip.dev/122#full-resource-names) populated because these resource types are
|
|
4904
|
-
# not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
|
|
4905
|
-
# these cases only the display name will be provided. The [full resource name](
|
|
4906
|
-
# https://google.aip.dev/122#full-resource-names) of the database that the user
|
|
4907
|
-
# connected to, if it is supported by Cloud Asset Inventory.
|
|
4908
|
-
# Corresponds to the JSON property `name`
|
|
5230
|
+
# Unique identifier for data access event.
|
|
5231
|
+
# Corresponds to the JSON property `eventId`
|
|
4909
5232
|
# @return [String]
|
|
4910
|
-
attr_accessor :
|
|
5233
|
+
attr_accessor :event_id
|
|
4911
5234
|
|
|
4912
|
-
#
|
|
4913
|
-
# Corresponds to the JSON property `
|
|
5235
|
+
# Timestamp of data access event.
|
|
5236
|
+
# Corresponds to the JSON property `eventTime`
|
|
4914
5237
|
# @return [String]
|
|
4915
|
-
attr_accessor :
|
|
5238
|
+
attr_accessor :event_time
|
|
4916
5239
|
|
|
4917
|
-
# The
|
|
4918
|
-
#
|
|
4919
|
-
# Corresponds to the JSON property `userName`
|
|
5240
|
+
# The operation performed by the principal to access the data.
|
|
5241
|
+
# Corresponds to the JSON property `operation`
|
|
4920
5242
|
# @return [String]
|
|
4921
|
-
attr_accessor :
|
|
5243
|
+
attr_accessor :operation
|
|
4922
5244
|
|
|
4923
|
-
# The
|
|
4924
|
-
#
|
|
4925
|
-
# Corresponds to the JSON property `
|
|
5245
|
+
# The email address of the principal that accessed the data. The principal could
|
|
5246
|
+
# be a user account, service account, Google group, or other.
|
|
5247
|
+
# Corresponds to the JSON property `principalEmail`
|
|
4926
5248
|
# @return [String]
|
|
4927
|
-
attr_accessor :
|
|
5249
|
+
attr_accessor :principal_email
|
|
4928
5250
|
|
|
4929
5251
|
def initialize(**args)
|
|
4930
5252
|
update!(**args)
|
|
@@ -4932,28 +5254,188 @@ module Google
|
|
|
4932
5254
|
|
|
4933
5255
|
# Update properties of this object
|
|
4934
5256
|
def update!(**args)
|
|
4935
|
-
@
|
|
4936
|
-
@
|
|
4937
|
-
@
|
|
4938
|
-
@
|
|
4939
|
-
@user_name = args[:user_name] if args.key?(:user_name)
|
|
4940
|
-
@version = args[:version] if args.key?(:version)
|
|
5257
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
5258
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5259
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
5260
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
4941
5261
|
end
|
|
4942
5262
|
end
|
|
4943
5263
|
|
|
4944
|
-
#
|
|
4945
|
-
|
|
5264
|
+
# Details about a data flow event, in which either the data is moved to or is
|
|
5265
|
+
# accessed from a non-compliant geo-location, as defined in the applicable data
|
|
5266
|
+
# security policy.
|
|
5267
|
+
class GoogleCloudSecuritycenterV2DataFlowEvent
|
|
4946
5268
|
include Google::Apis::Core::Hashable
|
|
4947
5269
|
|
|
4948
|
-
#
|
|
4949
|
-
# Corresponds to the JSON property `
|
|
5270
|
+
# Unique identifier for data flow event.
|
|
5271
|
+
# Corresponds to the JSON property `eventId`
|
|
4950
5272
|
# @return [String]
|
|
4951
|
-
attr_accessor :
|
|
5273
|
+
attr_accessor :event_id
|
|
4952
5274
|
|
|
4953
|
-
#
|
|
4954
|
-
# Corresponds to the JSON property `
|
|
4955
|
-
# @return [
|
|
4956
|
-
attr_accessor :
|
|
5275
|
+
# Timestamp of data flow event.
|
|
5276
|
+
# Corresponds to the JSON property `eventTime`
|
|
5277
|
+
# @return [String]
|
|
5278
|
+
attr_accessor :event_time
|
|
5279
|
+
|
|
5280
|
+
# The operation performed by the principal for the data flow event.
|
|
5281
|
+
# Corresponds to the JSON property `operation`
|
|
5282
|
+
# @return [String]
|
|
5283
|
+
attr_accessor :operation
|
|
5284
|
+
|
|
5285
|
+
# The email address of the principal that initiated the data flow event. The
|
|
5286
|
+
# principal could be a user account, service account, Google group, or other.
|
|
5287
|
+
# Corresponds to the JSON property `principalEmail`
|
|
5288
|
+
# @return [String]
|
|
5289
|
+
attr_accessor :principal_email
|
|
5290
|
+
|
|
5291
|
+
# Non-compliant location of the principal or the data destination.
|
|
5292
|
+
# Corresponds to the JSON property `violatedLocation`
|
|
5293
|
+
# @return [String]
|
|
5294
|
+
attr_accessor :violated_location
|
|
5295
|
+
|
|
5296
|
+
def initialize(**args)
|
|
5297
|
+
update!(**args)
|
|
5298
|
+
end
|
|
5299
|
+
|
|
5300
|
+
# Update properties of this object
|
|
5301
|
+
def update!(**args)
|
|
5302
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
5303
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5304
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
5305
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
5306
|
+
@violated_location = args[:violated_location] if args.key?(:violated_location)
|
|
5307
|
+
end
|
|
5308
|
+
end
|
|
5309
|
+
|
|
5310
|
+
# Details about data retention deletion violations, in which the data is non-
|
|
5311
|
+
# compliant based on their retention or deletion time, as defined in the
|
|
5312
|
+
# applicable data security policy. The Data Retention Deletion (DRD) control is
|
|
5313
|
+
# a control of the DSPM (Data Security Posture Management) suite that enables
|
|
5314
|
+
# organizations to manage data retention and deletion policies in compliance
|
|
5315
|
+
# with regulations, such as GDPR and CRPA. DRD supports two primary policy types:
|
|
5316
|
+
# maximum storage length (max TTL) and minimum storage length (min TTL). Both
|
|
5317
|
+
# are aimed at helping organizations meet regulatory and data management
|
|
5318
|
+
# commitments.
|
|
5319
|
+
class GoogleCloudSecuritycenterV2DataRetentionDeletionEvent
|
|
5320
|
+
include Google::Apis::Core::Hashable
|
|
5321
|
+
|
|
5322
|
+
# Number of objects that violated the policy for this resource. If the number is
|
|
5323
|
+
# less than 1,000, then the value of this field is the exact number. If the
|
|
5324
|
+
# number of objects that violated the policy is greater than or equal to 1,000,
|
|
5325
|
+
# then the value of this field is 1000.
|
|
5326
|
+
# Corresponds to the JSON property `dataObjectCount`
|
|
5327
|
+
# @return [Fixnum]
|
|
5328
|
+
attr_accessor :data_object_count
|
|
5329
|
+
|
|
5330
|
+
# Timestamp indicating when the event was detected.
|
|
5331
|
+
# Corresponds to the JSON property `eventDetectionTime`
|
|
5332
|
+
# @return [String]
|
|
5333
|
+
attr_accessor :event_detection_time
|
|
5334
|
+
|
|
5335
|
+
# Type of the DRD event.
|
|
5336
|
+
# Corresponds to the JSON property `eventType`
|
|
5337
|
+
# @return [String]
|
|
5338
|
+
attr_accessor :event_type
|
|
5339
|
+
|
|
5340
|
+
# Maximum duration of retention allowed from the DRD control. This comes from
|
|
5341
|
+
# the DRD control where users set a max TTL for their data. For example, suppose
|
|
5342
|
+
# that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an
|
|
5343
|
+
# object in that bucket is 100 days old. In this case, a
|
|
5344
|
+
# DataRetentionDeletionEvent will be generated for that Cloud Storage bucket,
|
|
5345
|
+
# and the max_retention_allowed is 90 days.
|
|
5346
|
+
# Corresponds to the JSON property `maxRetentionAllowed`
|
|
5347
|
+
# @return [String]
|
|
5348
|
+
attr_accessor :max_retention_allowed
|
|
5349
|
+
|
|
5350
|
+
def initialize(**args)
|
|
5351
|
+
update!(**args)
|
|
5352
|
+
end
|
|
5353
|
+
|
|
5354
|
+
# Update properties of this object
|
|
5355
|
+
def update!(**args)
|
|
5356
|
+
@data_object_count = args[:data_object_count] if args.key?(:data_object_count)
|
|
5357
|
+
@event_detection_time = args[:event_detection_time] if args.key?(:event_detection_time)
|
|
5358
|
+
@event_type = args[:event_type] if args.key?(:event_type)
|
|
5359
|
+
@max_retention_allowed = args[:max_retention_allowed] if args.key?(:max_retention_allowed)
|
|
5360
|
+
end
|
|
5361
|
+
end
|
|
5362
|
+
|
|
5363
|
+
# Represents database access information, such as queries. A database may be a
|
|
5364
|
+
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
5365
|
+
# Spanner instances), or the database instance itself. Some database resources
|
|
5366
|
+
# might not have the [full resource name](https://google.aip.dev/122#full-
|
|
5367
|
+
# resource-names) populated because these resource types, such as Cloud SQL
|
|
5368
|
+
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
|
5369
|
+
# the display name is provided.
|
|
5370
|
+
class GoogleCloudSecuritycenterV2Database
|
|
5371
|
+
include Google::Apis::Core::Hashable
|
|
5372
|
+
|
|
5373
|
+
# The human-readable name of the database that the user connected to.
|
|
5374
|
+
# Corresponds to the JSON property `displayName`
|
|
5375
|
+
# @return [String]
|
|
5376
|
+
attr_accessor :display_name
|
|
5377
|
+
|
|
5378
|
+
# The target usernames, roles, or groups of an SQL privilege grant, which is not
|
|
5379
|
+
# an IAM policy change.
|
|
5380
|
+
# Corresponds to the JSON property `grantees`
|
|
5381
|
+
# @return [Array<String>]
|
|
5382
|
+
attr_accessor :grantees
|
|
5383
|
+
|
|
5384
|
+
# Some database resources may not have the [full resource name](https://google.
|
|
5385
|
+
# aip.dev/122#full-resource-names) populated because these resource types are
|
|
5386
|
+
# not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
|
|
5387
|
+
# these cases only the display name will be provided. The [full resource name](
|
|
5388
|
+
# https://google.aip.dev/122#full-resource-names) of the database that the user
|
|
5389
|
+
# connected to, if it is supported by Cloud Asset Inventory.
|
|
5390
|
+
# Corresponds to the JSON property `name`
|
|
5391
|
+
# @return [String]
|
|
5392
|
+
attr_accessor :name
|
|
5393
|
+
|
|
5394
|
+
# The SQL statement that is associated with the database access.
|
|
5395
|
+
# Corresponds to the JSON property `query`
|
|
5396
|
+
# @return [String]
|
|
5397
|
+
attr_accessor :query
|
|
5398
|
+
|
|
5399
|
+
# The username used to connect to the database. The username might not be an IAM
|
|
5400
|
+
# principal and does not have a set format.
|
|
5401
|
+
# Corresponds to the JSON property `userName`
|
|
5402
|
+
# @return [String]
|
|
5403
|
+
attr_accessor :user_name
|
|
5404
|
+
|
|
5405
|
+
# The version of the database, for example, POSTGRES_14. See [the complete list](
|
|
5406
|
+
# https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
|
|
5407
|
+
# Corresponds to the JSON property `version`
|
|
5408
|
+
# @return [String]
|
|
5409
|
+
attr_accessor :version
|
|
5410
|
+
|
|
5411
|
+
def initialize(**args)
|
|
5412
|
+
update!(**args)
|
|
5413
|
+
end
|
|
5414
|
+
|
|
5415
|
+
# Update properties of this object
|
|
5416
|
+
def update!(**args)
|
|
5417
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
5418
|
+
@grantees = args[:grantees] if args.key?(:grantees)
|
|
5419
|
+
@name = args[:name] if args.key?(:name)
|
|
5420
|
+
@query = args[:query] if args.key?(:query)
|
|
5421
|
+
@user_name = args[:user_name] if args.key?(:user_name)
|
|
5422
|
+
@version = args[:version] if args.key?(:version)
|
|
5423
|
+
end
|
|
5424
|
+
end
|
|
5425
|
+
|
|
5426
|
+
# Memory hash detection contributing to the binary family match.
|
|
5427
|
+
class GoogleCloudSecuritycenterV2Detection
|
|
5428
|
+
include Google::Apis::Core::Hashable
|
|
5429
|
+
|
|
5430
|
+
# The name of the binary associated with the memory hash signature detection.
|
|
5431
|
+
# Corresponds to the JSON property `binary`
|
|
5432
|
+
# @return [String]
|
|
5433
|
+
attr_accessor :binary
|
|
5434
|
+
|
|
5435
|
+
# The percentage of memory page hashes in the signature that were matched.
|
|
5436
|
+
# Corresponds to the JSON property `percentPagesMatched`
|
|
5437
|
+
# @return [Float]
|
|
5438
|
+
attr_accessor :percent_pages_matched
|
|
4957
5439
|
|
|
4958
5440
|
def initialize(**args)
|
|
4959
5441
|
update!(**args)
|
|
@@ -4966,6 +5448,26 @@ module Google
|
|
|
4966
5448
|
end
|
|
4967
5449
|
end
|
|
4968
5450
|
|
|
5451
|
+
# Contains information about the disk associated with the finding.
|
|
5452
|
+
class GoogleCloudSecuritycenterV2Disk
|
|
5453
|
+
include Google::Apis::Core::Hashable
|
|
5454
|
+
|
|
5455
|
+
# The name of the disk, for example, "https://www.googleapis.com/compute/v1/
|
|
5456
|
+
# projects/project-id/zones/zone-id/disks/disk-id".
|
|
5457
|
+
# Corresponds to the JSON property `name`
|
|
5458
|
+
# @return [String]
|
|
5459
|
+
attr_accessor :name
|
|
5460
|
+
|
|
5461
|
+
def initialize(**args)
|
|
5462
|
+
update!(**args)
|
|
5463
|
+
end
|
|
5464
|
+
|
|
5465
|
+
# Update properties of this object
|
|
5466
|
+
def update!(**args)
|
|
5467
|
+
@name = args[:name] if args.key?(:name)
|
|
5468
|
+
end
|
|
5469
|
+
end
|
|
5470
|
+
|
|
4969
5471
|
# Path of the file in terms of underlying disk/partition identifiers.
|
|
4970
5472
|
class GoogleCloudSecuritycenterV2DiskPath
|
|
4971
5473
|
include Google::Apis::Core::Hashable
|
|
@@ -4993,6 +5495,33 @@ module Google
|
|
|
4993
5495
|
end
|
|
4994
5496
|
end
|
|
4995
5497
|
|
|
5498
|
+
# The record of a dynamic mute rule that matches the finding.
|
|
5499
|
+
class GoogleCloudSecuritycenterV2DynamicMuteRecord
|
|
5500
|
+
include Google::Apis::Core::Hashable
|
|
5501
|
+
|
|
5502
|
+
# When the dynamic mute rule first matched the finding.
|
|
5503
|
+
# Corresponds to the JSON property `matchTime`
|
|
5504
|
+
# @return [String]
|
|
5505
|
+
attr_accessor :match_time
|
|
5506
|
+
|
|
5507
|
+
# The relative resource name of the mute rule, represented by a mute config,
|
|
5508
|
+
# that created this record, for example `organizations/123/muteConfigs/
|
|
5509
|
+
# mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
|
5510
|
+
# Corresponds to the JSON property `muteConfig`
|
|
5511
|
+
# @return [String]
|
|
5512
|
+
attr_accessor :mute_config
|
|
5513
|
+
|
|
5514
|
+
def initialize(**args)
|
|
5515
|
+
update!(**args)
|
|
5516
|
+
end
|
|
5517
|
+
|
|
5518
|
+
# Update properties of this object
|
|
5519
|
+
def update!(**args)
|
|
5520
|
+
@match_time = args[:match_time] if args.key?(:match_time)
|
|
5521
|
+
@mute_config = args[:mute_config] if args.key?(:mute_config)
|
|
5522
|
+
end
|
|
5523
|
+
end
|
|
5524
|
+
|
|
4996
5525
|
# A name-value pair representing an environment variable used in an operating
|
|
4997
5526
|
# system process.
|
|
4998
5527
|
class GoogleCloudSecuritycenterV2EnvironmentVariable
|
|
@@ -5331,6 +5860,21 @@ module Google
|
|
|
5331
5860
|
# @return [String]
|
|
5332
5861
|
attr_accessor :create_time
|
|
5333
5862
|
|
|
5863
|
+
# Data access events associated with the finding.
|
|
5864
|
+
# Corresponds to the JSON property `dataAccessEvents`
|
|
5865
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DataAccessEvent>]
|
|
5866
|
+
attr_accessor :data_access_events
|
|
5867
|
+
|
|
5868
|
+
# Data flow events associated with the finding.
|
|
5869
|
+
# Corresponds to the JSON property `dataFlowEvents`
|
|
5870
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DataFlowEvent>]
|
|
5871
|
+
attr_accessor :data_flow_events
|
|
5872
|
+
|
|
5873
|
+
# Data retention deletion events associated with the finding.
|
|
5874
|
+
# Corresponds to the JSON property `dataRetentionDeletionEvents`
|
|
5875
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DataRetentionDeletionEvent>]
|
|
5876
|
+
attr_accessor :data_retention_deletion_events
|
|
5877
|
+
|
|
5334
5878
|
# Represents database access information, such as queries. A database may be a
|
|
5335
5879
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
5336
5880
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -5347,6 +5891,11 @@ module Google
|
|
|
5347
5891
|
# @return [String]
|
|
5348
5892
|
attr_accessor :description
|
|
5349
5893
|
|
|
5894
|
+
# Contains information about the disk associated with the finding.
|
|
5895
|
+
# Corresponds to the JSON property `disk`
|
|
5896
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2Disk]
|
|
5897
|
+
attr_accessor :disk
|
|
5898
|
+
|
|
5350
5899
|
# The time the finding was first detected. If an existing finding is updated,
|
|
5351
5900
|
# then this is the time the update occurred. For example, if the finding
|
|
5352
5901
|
# represents an open firewall, this property captures the time the detector
|
|
@@ -5448,6 +5997,12 @@ module Google
|
|
|
5448
5997
|
# @return [String]
|
|
5449
5998
|
attr_accessor :mute
|
|
5450
5999
|
|
|
6000
|
+
# Mute information about the finding, including whether the finding has a static
|
|
6001
|
+
# mute or any matching dynamic mute rules.
|
|
6002
|
+
# Corresponds to the JSON property `muteInfo`
|
|
6003
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2MuteInfo]
|
|
6004
|
+
attr_accessor :mute_info
|
|
6005
|
+
|
|
5451
6006
|
# Records additional information about the mute operation, for example, the [
|
|
5452
6007
|
# mute configuration](https://cloud.google.com/security-command-center/docs/how-
|
|
5453
6008
|
# to-mute-findings) that muted the finding and the user who muted the finding.
|
|
@@ -5531,44 +6086,604 @@ module Google
|
|
|
5531
6086
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SecurityMarks]
|
|
5532
6087
|
attr_accessor :security_marks
|
|
5533
6088
|
|
|
5534
|
-
# Represents a posture that is deployed on Google Cloud by the Security Command
|
|
5535
|
-
# Center Posture Management service. A posture contains one or more policy sets.
|
|
5536
|
-
# A policy set is a group of policies that enforce a set of security rules on
|
|
5537
|
-
# Google Cloud.
|
|
5538
|
-
# Corresponds to the JSON property `securityPosture`
|
|
5539
|
-
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SecurityPosture]
|
|
5540
|
-
attr_accessor :security_posture
|
|
6089
|
+
# Represents a posture that is deployed on Google Cloud by the Security Command
|
|
6090
|
+
# Center Posture Management service. A posture contains one or more policy sets.
|
|
6091
|
+
# A policy set is a group of policies that enforce a set of security rules on
|
|
6092
|
+
# Google Cloud.
|
|
6093
|
+
# Corresponds to the JSON property `securityPosture`
|
|
6094
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SecurityPosture]
|
|
6095
|
+
attr_accessor :security_posture
|
|
6096
|
+
|
|
6097
|
+
# The severity of the finding. This field is managed by the source that writes
|
|
6098
|
+
# the finding.
|
|
6099
|
+
# Corresponds to the JSON property `severity`
|
|
6100
|
+
# @return [String]
|
|
6101
|
+
attr_accessor :severity
|
|
6102
|
+
|
|
6103
|
+
# Source specific properties. These properties are managed by the source that
|
|
6104
|
+
# writes the finding. The key names in the source_properties map must be between
|
|
6105
|
+
# 1 and 255 characters, and must start with a letter and contain alphanumeric
|
|
6106
|
+
# characters or underscores only.
|
|
6107
|
+
# Corresponds to the JSON property `sourceProperties`
|
|
6108
|
+
# @return [Hash<String,Object>]
|
|
6109
|
+
attr_accessor :source_properties
|
|
6110
|
+
|
|
6111
|
+
# Output only. The state of the finding.
|
|
6112
|
+
# Corresponds to the JSON property `state`
|
|
6113
|
+
# @return [String]
|
|
6114
|
+
attr_accessor :state
|
|
6115
|
+
|
|
6116
|
+
# Contains details about a group of security issues that, when the issues occur
|
|
6117
|
+
# together, represent a greater risk than when the issues occur independently. A
|
|
6118
|
+
# group of such issues is referred to as a toxic combination.
|
|
6119
|
+
# Corresponds to the JSON property `toxicCombination`
|
|
6120
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ToxicCombination]
|
|
6121
|
+
attr_accessor :toxic_combination
|
|
6122
|
+
|
|
6123
|
+
# Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
|
|
6124
|
+
# Corresponds to the JSON property `vulnerability`
|
|
6125
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2Vulnerability]
|
|
6126
|
+
attr_accessor :vulnerability
|
|
6127
|
+
|
|
6128
|
+
def initialize(**args)
|
|
6129
|
+
update!(**args)
|
|
6130
|
+
end
|
|
6131
|
+
|
|
6132
|
+
# Update properties of this object
|
|
6133
|
+
def update!(**args)
|
|
6134
|
+
@access = args[:access] if args.key?(:access)
|
|
6135
|
+
@application = args[:application] if args.key?(:application)
|
|
6136
|
+
@attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
|
|
6137
|
+
@backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
|
|
6138
|
+
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
|
6139
|
+
@category = args[:category] if args.key?(:category)
|
|
6140
|
+
@cloud_armor = args[:cloud_armor] if args.key?(:cloud_armor)
|
|
6141
|
+
@cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
|
|
6142
|
+
@cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
|
|
6143
|
+
@compliances = args[:compliances] if args.key?(:compliances)
|
|
6144
|
+
@connections = args[:connections] if args.key?(:connections)
|
|
6145
|
+
@contacts = args[:contacts] if args.key?(:contacts)
|
|
6146
|
+
@containers = args[:containers] if args.key?(:containers)
|
|
6147
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
|
6148
|
+
@data_access_events = args[:data_access_events] if args.key?(:data_access_events)
|
|
6149
|
+
@data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
|
|
6150
|
+
@data_retention_deletion_events = args[:data_retention_deletion_events] if args.key?(:data_retention_deletion_events)
|
|
6151
|
+
@database = args[:database] if args.key?(:database)
|
|
6152
|
+
@description = args[:description] if args.key?(:description)
|
|
6153
|
+
@disk = args[:disk] if args.key?(:disk)
|
|
6154
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
6155
|
+
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
6156
|
+
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
6157
|
+
@external_uri = args[:external_uri] if args.key?(:external_uri)
|
|
6158
|
+
@files = args[:files] if args.key?(:files)
|
|
6159
|
+
@finding_class = args[:finding_class] if args.key?(:finding_class)
|
|
6160
|
+
@group_memberships = args[:group_memberships] if args.key?(:group_memberships)
|
|
6161
|
+
@iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
|
|
6162
|
+
@indicator = args[:indicator] if args.key?(:indicator)
|
|
6163
|
+
@kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
|
|
6164
|
+
@kubernetes = args[:kubernetes] if args.key?(:kubernetes)
|
|
6165
|
+
@load_balancers = args[:load_balancers] if args.key?(:load_balancers)
|
|
6166
|
+
@log_entries = args[:log_entries] if args.key?(:log_entries)
|
|
6167
|
+
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
6168
|
+
@module_name = args[:module_name] if args.key?(:module_name)
|
|
6169
|
+
@mute = args[:mute] if args.key?(:mute)
|
|
6170
|
+
@mute_info = args[:mute_info] if args.key?(:mute_info)
|
|
6171
|
+
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
6172
|
+
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
6173
|
+
@name = args[:name] if args.key?(:name)
|
|
6174
|
+
@next_steps = args[:next_steps] if args.key?(:next_steps)
|
|
6175
|
+
@notebook = args[:notebook] if args.key?(:notebook)
|
|
6176
|
+
@org_policies = args[:org_policies] if args.key?(:org_policies)
|
|
6177
|
+
@parent = args[:parent] if args.key?(:parent)
|
|
6178
|
+
@parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
|
|
6179
|
+
@processes = args[:processes] if args.key?(:processes)
|
|
6180
|
+
@resource_name = args[:resource_name] if args.key?(:resource_name)
|
|
6181
|
+
@security_marks = args[:security_marks] if args.key?(:security_marks)
|
|
6182
|
+
@security_posture = args[:security_posture] if args.key?(:security_posture)
|
|
6183
|
+
@severity = args[:severity] if args.key?(:severity)
|
|
6184
|
+
@source_properties = args[:source_properties] if args.key?(:source_properties)
|
|
6185
|
+
@state = args[:state] if args.key?(:state)
|
|
6186
|
+
@toxic_combination = args[:toxic_combination] if args.key?(:toxic_combination)
|
|
6187
|
+
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
|
6188
|
+
end
|
|
6189
|
+
end
|
|
6190
|
+
|
|
6191
|
+
# Message that contains the resource name and display name of a folder resource.
|
|
6192
|
+
class GoogleCloudSecuritycenterV2Folder
|
|
6193
|
+
include Google::Apis::Core::Hashable
|
|
6194
|
+
|
|
6195
|
+
# Full resource name of this folder. See: https://cloud.google.com/apis/design/
|
|
6196
|
+
# resource_names#full_resource_name
|
|
6197
|
+
# Corresponds to the JSON property `resourceFolder`
|
|
6198
|
+
# @return [String]
|
|
6199
|
+
attr_accessor :resource_folder
|
|
6200
|
+
|
|
6201
|
+
# The user defined display name for this folder.
|
|
6202
|
+
# Corresponds to the JSON property `resourceFolderDisplayName`
|
|
6203
|
+
# @return [String]
|
|
6204
|
+
attr_accessor :resource_folder_display_name
|
|
6205
|
+
|
|
6206
|
+
def initialize(**args)
|
|
6207
|
+
update!(**args)
|
|
6208
|
+
end
|
|
6209
|
+
|
|
6210
|
+
# Update properties of this object
|
|
6211
|
+
def update!(**args)
|
|
6212
|
+
@resource_folder = args[:resource_folder] if args.key?(:resource_folder)
|
|
6213
|
+
@resource_folder_display_name = args[:resource_folder_display_name] if args.key?(:resource_folder_display_name)
|
|
6214
|
+
end
|
|
6215
|
+
end
|
|
6216
|
+
|
|
6217
|
+
# Represents a geographical location for a given access.
|
|
6218
|
+
class GoogleCloudSecuritycenterV2Geolocation
|
|
6219
|
+
include Google::Apis::Core::Hashable
|
|
6220
|
+
|
|
6221
|
+
# A CLDR.
|
|
6222
|
+
# Corresponds to the JSON property `regionCode`
|
|
6223
|
+
# @return [String]
|
|
6224
|
+
attr_accessor :region_code
|
|
6225
|
+
|
|
6226
|
+
def initialize(**args)
|
|
6227
|
+
update!(**args)
|
|
6228
|
+
end
|
|
6229
|
+
|
|
6230
|
+
# Update properties of this object
|
|
6231
|
+
def update!(**args)
|
|
6232
|
+
@region_code = args[:region_code] if args.key?(:region_code)
|
|
6233
|
+
end
|
|
6234
|
+
end
|
|
6235
|
+
|
|
6236
|
+
# Contains details about groups of which this finding is a member. A group is a
|
|
6237
|
+
# collection of findings that are related in some way.
|
|
6238
|
+
class GoogleCloudSecuritycenterV2GroupMembership
|
|
6239
|
+
include Google::Apis::Core::Hashable
|
|
6240
|
+
|
|
6241
|
+
# ID of the group.
|
|
6242
|
+
# Corresponds to the JSON property `groupId`
|
|
6243
|
+
# @return [String]
|
|
6244
|
+
attr_accessor :group_id
|
|
6245
|
+
|
|
6246
|
+
# Type of group.
|
|
6247
|
+
# Corresponds to the JSON property `groupType`
|
|
6248
|
+
# @return [String]
|
|
6249
|
+
attr_accessor :group_type
|
|
6250
|
+
|
|
6251
|
+
def initialize(**args)
|
|
6252
|
+
update!(**args)
|
|
6253
|
+
end
|
|
6254
|
+
|
|
6255
|
+
# Update properties of this object
|
|
6256
|
+
def update!(**args)
|
|
6257
|
+
@group_id = args[:group_id] if args.key?(:group_id)
|
|
6258
|
+
@group_type = args[:group_type] if args.key?(:group_type)
|
|
6259
|
+
end
|
|
6260
|
+
end
|
|
6261
|
+
|
|
6262
|
+
# Represents a particular IAM binding, which captures a member's role addition,
|
|
6263
|
+
# removal, or state.
|
|
6264
|
+
class GoogleCloudSecuritycenterV2IamBinding
|
|
6265
|
+
include Google::Apis::Core::Hashable
|
|
6266
|
+
|
|
6267
|
+
# The action that was performed on a Binding.
|
|
6268
|
+
# Corresponds to the JSON property `action`
|
|
6269
|
+
# @return [String]
|
|
6270
|
+
attr_accessor :action
|
|
6271
|
+
|
|
6272
|
+
# A single identity requesting access for a Cloud Platform resource, for example,
|
|
6273
|
+
# "foo@google.com".
|
|
6274
|
+
# Corresponds to the JSON property `member`
|
|
6275
|
+
# @return [String]
|
|
6276
|
+
attr_accessor :member
|
|
6277
|
+
|
|
6278
|
+
# Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
|
|
6279
|
+
# , or "roles/owner".
|
|
6280
|
+
# Corresponds to the JSON property `role`
|
|
6281
|
+
# @return [String]
|
|
6282
|
+
attr_accessor :role
|
|
6283
|
+
|
|
6284
|
+
def initialize(**args)
|
|
6285
|
+
update!(**args)
|
|
6286
|
+
end
|
|
6287
|
+
|
|
6288
|
+
# Update properties of this object
|
|
6289
|
+
def update!(**args)
|
|
6290
|
+
@action = args[:action] if args.key?(:action)
|
|
6291
|
+
@member = args[:member] if args.key?(:member)
|
|
6292
|
+
@role = args[:role] if args.key?(:role)
|
|
6293
|
+
end
|
|
6294
|
+
end
|
|
6295
|
+
|
|
6296
|
+
# Represents what's commonly known as an _indicator of compromise_ (IoC) in
|
|
6297
|
+
# computer forensics. This is an artifact observed on a network or in an
|
|
6298
|
+
# operating system that, with high confidence, indicates a computer intrusion.
|
|
6299
|
+
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
|
6300
|
+
# wiki/Indicator_of_compromise).
|
|
6301
|
+
class GoogleCloudSecuritycenterV2Indicator
|
|
6302
|
+
include Google::Apis::Core::Hashable
|
|
6303
|
+
|
|
6304
|
+
# List of domains associated to the Finding.
|
|
6305
|
+
# Corresponds to the JSON property `domains`
|
|
6306
|
+
# @return [Array<String>]
|
|
6307
|
+
attr_accessor :domains
|
|
6308
|
+
|
|
6309
|
+
# The list of IP addresses that are associated with the finding.
|
|
6310
|
+
# Corresponds to the JSON property `ipAddresses`
|
|
6311
|
+
# @return [Array<String>]
|
|
6312
|
+
attr_accessor :ip_addresses
|
|
6313
|
+
|
|
6314
|
+
# The list of matched signatures indicating that the given process is present in
|
|
6315
|
+
# the environment.
|
|
6316
|
+
# Corresponds to the JSON property `signatures`
|
|
6317
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ProcessSignature>]
|
|
6318
|
+
attr_accessor :signatures
|
|
6319
|
+
|
|
6320
|
+
# The list of URIs associated to the Findings.
|
|
6321
|
+
# Corresponds to the JSON property `uris`
|
|
6322
|
+
# @return [Array<String>]
|
|
6323
|
+
attr_accessor :uris
|
|
6324
|
+
|
|
6325
|
+
def initialize(**args)
|
|
6326
|
+
update!(**args)
|
|
6327
|
+
end
|
|
6328
|
+
|
|
6329
|
+
# Update properties of this object
|
|
6330
|
+
def update!(**args)
|
|
6331
|
+
@domains = args[:domains] if args.key?(:domains)
|
|
6332
|
+
@ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
|
|
6333
|
+
@signatures = args[:signatures] if args.key?(:signatures)
|
|
6334
|
+
@uris = args[:uris] if args.key?(:uris)
|
|
6335
|
+
end
|
|
6336
|
+
end
|
|
6337
|
+
|
|
6338
|
+
# Security Command Center Issue.
|
|
6339
|
+
class GoogleCloudSecuritycenterV2Issue
|
|
6340
|
+
include Google::Apis::Core::Hashable
|
|
6341
|
+
|
|
6342
|
+
# Output only. The time the issue was created.
|
|
6343
|
+
# Corresponds to the JSON property `createTime`
|
|
6344
|
+
# @return [String]
|
|
6345
|
+
attr_accessor :create_time
|
|
6346
|
+
|
|
6347
|
+
# The description of the issue in Markdown format.
|
|
6348
|
+
# Corresponds to the JSON property `description`
|
|
6349
|
+
# @return [String]
|
|
6350
|
+
attr_accessor :description
|
|
6351
|
+
|
|
6352
|
+
# The finding category or rule name that generated the issue.
|
|
6353
|
+
# Corresponds to the JSON property `detection`
|
|
6354
|
+
# @return [String]
|
|
6355
|
+
attr_accessor :detection
|
|
6356
|
+
|
|
6357
|
+
# The domains of the issue.
|
|
6358
|
+
# Corresponds to the JSON property `domains`
|
|
6359
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueDomain>]
|
|
6360
|
+
attr_accessor :domains
|
|
6361
|
+
|
|
6362
|
+
# The exposure score of the issue.
|
|
6363
|
+
# Corresponds to the JSON property `exposureScore`
|
|
6364
|
+
# @return [Float]
|
|
6365
|
+
attr_accessor :exposure_score
|
|
6366
|
+
|
|
6367
|
+
# The type of the issue.
|
|
6368
|
+
# Corresponds to the JSON property `issueType`
|
|
6369
|
+
# @return [String]
|
|
6370
|
+
attr_accessor :issue_type
|
|
6371
|
+
|
|
6372
|
+
# The time the issue was last observed.
|
|
6373
|
+
# Corresponds to the JSON property `lastObservationTime`
|
|
6374
|
+
# @return [String]
|
|
6375
|
+
attr_accessor :last_observation_time
|
|
6376
|
+
|
|
6377
|
+
# The mute information of the issue.
|
|
6378
|
+
# Corresponds to the JSON property `mute`
|
|
6379
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueMute]
|
|
6380
|
+
attr_accessor :mute
|
|
6381
|
+
|
|
6382
|
+
# Identifier. The name of the issue. Format: organizations/`organization`/
|
|
6383
|
+
# locations/`location`/issues/`issue`
|
|
6384
|
+
# Corresponds to the JSON property `name`
|
|
6385
|
+
# @return [String]
|
|
6386
|
+
attr_accessor :name
|
|
6387
|
+
|
|
6388
|
+
# A resource associated with the an issue.
|
|
6389
|
+
# Corresponds to the JSON property `primaryResource`
|
|
6390
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResource]
|
|
6391
|
+
attr_accessor :primary_resource
|
|
6392
|
+
|
|
6393
|
+
# The findings related to the issue.
|
|
6394
|
+
# Corresponds to the JSON property `relatedFindings`
|
|
6395
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueFinding>]
|
|
6396
|
+
attr_accessor :related_findings
|
|
6397
|
+
|
|
6398
|
+
# Approaches to remediate the issue in Markdown format.
|
|
6399
|
+
# Corresponds to the JSON property `remediations`
|
|
6400
|
+
# @return [Array<String>]
|
|
6401
|
+
attr_accessor :remediations
|
|
6402
|
+
|
|
6403
|
+
# Additional resources associated with the issue.
|
|
6404
|
+
# Corresponds to the JSON property `secondaryResources`
|
|
6405
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResource>]
|
|
6406
|
+
attr_accessor :secondary_resources
|
|
6407
|
+
|
|
6408
|
+
# The security context of the issue.
|
|
6409
|
+
# Corresponds to the JSON property `securityContexts`
|
|
6410
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueSecurityContext>]
|
|
6411
|
+
attr_accessor :security_contexts
|
|
6412
|
+
|
|
6413
|
+
# The severity of the issue.
|
|
6414
|
+
# Corresponds to the JSON property `severity`
|
|
6415
|
+
# @return [String]
|
|
6416
|
+
attr_accessor :severity
|
|
6417
|
+
|
|
6418
|
+
# Output only. The state of the issue.
|
|
6419
|
+
# Corresponds to the JSON property `state`
|
|
6420
|
+
# @return [String]
|
|
6421
|
+
attr_accessor :state
|
|
6422
|
+
|
|
6423
|
+
# Output only. The time the issue was last updated.
|
|
6424
|
+
# Corresponds to the JSON property `updateTime`
|
|
6425
|
+
# @return [String]
|
|
6426
|
+
attr_accessor :update_time
|
|
6427
|
+
|
|
6428
|
+
def initialize(**args)
|
|
6429
|
+
update!(**args)
|
|
6430
|
+
end
|
|
6431
|
+
|
|
6432
|
+
# Update properties of this object
|
|
6433
|
+
def update!(**args)
|
|
6434
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
|
6435
|
+
@description = args[:description] if args.key?(:description)
|
|
6436
|
+
@detection = args[:detection] if args.key?(:detection)
|
|
6437
|
+
@domains = args[:domains] if args.key?(:domains)
|
|
6438
|
+
@exposure_score = args[:exposure_score] if args.key?(:exposure_score)
|
|
6439
|
+
@issue_type = args[:issue_type] if args.key?(:issue_type)
|
|
6440
|
+
@last_observation_time = args[:last_observation_time] if args.key?(:last_observation_time)
|
|
6441
|
+
@mute = args[:mute] if args.key?(:mute)
|
|
6442
|
+
@name = args[:name] if args.key?(:name)
|
|
6443
|
+
@primary_resource = args[:primary_resource] if args.key?(:primary_resource)
|
|
6444
|
+
@related_findings = args[:related_findings] if args.key?(:related_findings)
|
|
6445
|
+
@remediations = args[:remediations] if args.key?(:remediations)
|
|
6446
|
+
@secondary_resources = args[:secondary_resources] if args.key?(:secondary_resources)
|
|
6447
|
+
@security_contexts = args[:security_contexts] if args.key?(:security_contexts)
|
|
6448
|
+
@severity = args[:severity] if args.key?(:severity)
|
|
6449
|
+
@state = args[:state] if args.key?(:state)
|
|
6450
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
|
6451
|
+
end
|
|
6452
|
+
end
|
|
6453
|
+
|
|
6454
|
+
# The domains of an issue.
|
|
6455
|
+
class GoogleCloudSecuritycenterV2IssueDomain
|
|
6456
|
+
include Google::Apis::Core::Hashable
|
|
6457
|
+
|
|
6458
|
+
# The domain category of the issue.
|
|
6459
|
+
# Corresponds to the JSON property `domainCategory`
|
|
6460
|
+
# @return [String]
|
|
6461
|
+
attr_accessor :domain_category
|
|
6462
|
+
|
|
6463
|
+
def initialize(**args)
|
|
6464
|
+
update!(**args)
|
|
6465
|
+
end
|
|
6466
|
+
|
|
6467
|
+
# Update properties of this object
|
|
6468
|
+
def update!(**args)
|
|
6469
|
+
@domain_category = args[:domain_category] if args.key?(:domain_category)
|
|
6470
|
+
end
|
|
6471
|
+
end
|
|
6472
|
+
|
|
6473
|
+
# Finding related to an issue.
|
|
6474
|
+
class GoogleCloudSecuritycenterV2IssueFinding
|
|
6475
|
+
include Google::Apis::Core::Hashable
|
|
6476
|
+
|
|
6477
|
+
# The CVE of the finding.
|
|
6478
|
+
# Corresponds to the JSON property `cve`
|
|
6479
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueFindingCve]
|
|
6480
|
+
attr_accessor :cve
|
|
6481
|
+
|
|
6482
|
+
# The name of the finding.
|
|
6483
|
+
# Corresponds to the JSON property `name`
|
|
6484
|
+
# @return [String]
|
|
6485
|
+
attr_accessor :name
|
|
6486
|
+
|
|
6487
|
+
# The security bulletin of the finding.
|
|
6488
|
+
# Corresponds to the JSON property `securityBulletin`
|
|
6489
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin]
|
|
6490
|
+
attr_accessor :security_bulletin
|
|
6491
|
+
|
|
6492
|
+
def initialize(**args)
|
|
6493
|
+
update!(**args)
|
|
6494
|
+
end
|
|
6495
|
+
|
|
6496
|
+
# Update properties of this object
|
|
6497
|
+
def update!(**args)
|
|
6498
|
+
@cve = args[:cve] if args.key?(:cve)
|
|
6499
|
+
@name = args[:name] if args.key?(:name)
|
|
6500
|
+
@security_bulletin = args[:security_bulletin] if args.key?(:security_bulletin)
|
|
6501
|
+
end
|
|
6502
|
+
end
|
|
6503
|
+
|
|
6504
|
+
# The CVE of the finding.
|
|
6505
|
+
class GoogleCloudSecuritycenterV2IssueFindingCve
|
|
6506
|
+
include Google::Apis::Core::Hashable
|
|
6507
|
+
|
|
6508
|
+
# The CVE name.
|
|
6509
|
+
# Corresponds to the JSON property `name`
|
|
6510
|
+
# @return [String]
|
|
6511
|
+
attr_accessor :name
|
|
6512
|
+
|
|
6513
|
+
def initialize(**args)
|
|
6514
|
+
update!(**args)
|
|
6515
|
+
end
|
|
6516
|
+
|
|
6517
|
+
# Update properties of this object
|
|
6518
|
+
def update!(**args)
|
|
6519
|
+
@name = args[:name] if args.key?(:name)
|
|
6520
|
+
end
|
|
6521
|
+
end
|
|
6522
|
+
|
|
6523
|
+
# The security bulletin of the finding.
|
|
6524
|
+
class GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin
|
|
6525
|
+
include Google::Apis::Core::Hashable
|
|
6526
|
+
|
|
6527
|
+
# The security bulletin name.
|
|
6528
|
+
# Corresponds to the JSON property `name`
|
|
6529
|
+
# @return [String]
|
|
6530
|
+
attr_accessor :name
|
|
6531
|
+
|
|
6532
|
+
def initialize(**args)
|
|
6533
|
+
update!(**args)
|
|
6534
|
+
end
|
|
6535
|
+
|
|
6536
|
+
# Update properties of this object
|
|
6537
|
+
def update!(**args)
|
|
6538
|
+
@name = args[:name] if args.key?(:name)
|
|
6539
|
+
end
|
|
6540
|
+
end
|
|
6541
|
+
|
|
6542
|
+
# The mute information of the issue.
|
|
6543
|
+
class GoogleCloudSecuritycenterV2IssueMute
|
|
6544
|
+
include Google::Apis::Core::Hashable
|
|
6545
|
+
|
|
6546
|
+
# The email address of the user who last changed the mute state of the issue.
|
|
6547
|
+
# Corresponds to the JSON property `muteInitiator`
|
|
6548
|
+
# @return [String]
|
|
6549
|
+
attr_accessor :mute_initiator
|
|
6550
|
+
|
|
6551
|
+
# The user-provided reason for muting the issue.
|
|
6552
|
+
# Corresponds to the JSON property `muteReason`
|
|
6553
|
+
# @return [String]
|
|
6554
|
+
attr_accessor :mute_reason
|
|
6555
|
+
|
|
6556
|
+
# Output only. The mute state of the issue.
|
|
6557
|
+
# Corresponds to the JSON property `muteState`
|
|
6558
|
+
# @return [String]
|
|
6559
|
+
attr_accessor :mute_state
|
|
6560
|
+
|
|
6561
|
+
# The time the issue was muted.
|
|
6562
|
+
# Corresponds to the JSON property `muteUpdateTime`
|
|
6563
|
+
# @return [String]
|
|
6564
|
+
attr_accessor :mute_update_time
|
|
6565
|
+
|
|
6566
|
+
def initialize(**args)
|
|
6567
|
+
update!(**args)
|
|
6568
|
+
end
|
|
6569
|
+
|
|
6570
|
+
# Update properties of this object
|
|
6571
|
+
def update!(**args)
|
|
6572
|
+
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
6573
|
+
@mute_reason = args[:mute_reason] if args.key?(:mute_reason)
|
|
6574
|
+
@mute_state = args[:mute_state] if args.key?(:mute_state)
|
|
6575
|
+
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
6576
|
+
end
|
|
6577
|
+
end
|
|
6578
|
+
|
|
6579
|
+
# A resource associated with the an issue.
|
|
6580
|
+
class GoogleCloudSecuritycenterV2IssueResource
|
|
6581
|
+
include Google::Apis::Core::Hashable
|
|
6582
|
+
|
|
6583
|
+
# The AWS metadata of a resource associated with an issue.
|
|
6584
|
+
# Corresponds to the JSON property `awsMetadata`
|
|
6585
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAwsMetadata]
|
|
6586
|
+
attr_accessor :aws_metadata
|
|
6587
|
+
|
|
6588
|
+
# The Azure metadata of a resource associated with an issue.
|
|
6589
|
+
# Corresponds to the JSON property `azureMetadata`
|
|
6590
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAzureMetadata]
|
|
6591
|
+
attr_accessor :azure_metadata
|
|
6592
|
+
|
|
6593
|
+
# The cloud provider of the resource associated with the issue.
|
|
6594
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
6595
|
+
# @return [String]
|
|
6596
|
+
attr_accessor :cloud_provider
|
|
6597
|
+
|
|
6598
|
+
# The resource-type specific display name of the resource associated with the
|
|
6599
|
+
# issue.
|
|
6600
|
+
# Corresponds to the JSON property `displayName`
|
|
6601
|
+
# @return [String]
|
|
6602
|
+
attr_accessor :display_name
|
|
6603
|
+
|
|
6604
|
+
# Google Cloud metadata of a resource associated with an issue.
|
|
6605
|
+
# Corresponds to the JSON property `googleCloudMetadata`
|
|
6606
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata]
|
|
6607
|
+
attr_accessor :google_cloud_metadata
|
|
6608
|
+
|
|
6609
|
+
# The full resource name of the resource associated with the issue.
|
|
6610
|
+
# Corresponds to the JSON property `name`
|
|
6611
|
+
# @return [String]
|
|
6612
|
+
attr_accessor :name
|
|
6613
|
+
|
|
6614
|
+
# The type of the resource associated with the issue.
|
|
6615
|
+
# Corresponds to the JSON property `type`
|
|
6616
|
+
# @return [String]
|
|
6617
|
+
attr_accessor :type
|
|
6618
|
+
|
|
6619
|
+
def initialize(**args)
|
|
6620
|
+
update!(**args)
|
|
6621
|
+
end
|
|
6622
|
+
|
|
6623
|
+
# Update properties of this object
|
|
6624
|
+
def update!(**args)
|
|
6625
|
+
@aws_metadata = args[:aws_metadata] if args.key?(:aws_metadata)
|
|
6626
|
+
@azure_metadata = args[:azure_metadata] if args.key?(:azure_metadata)
|
|
6627
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
6628
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
6629
|
+
@google_cloud_metadata = args[:google_cloud_metadata] if args.key?(:google_cloud_metadata)
|
|
6630
|
+
@name = args[:name] if args.key?(:name)
|
|
6631
|
+
@type = args[:type] if args.key?(:type)
|
|
6632
|
+
end
|
|
6633
|
+
end
|
|
6634
|
+
|
|
6635
|
+
# The AWS metadata of a resource associated with an issue.
|
|
6636
|
+
class GoogleCloudSecuritycenterV2IssueResourceAwsMetadata
|
|
6637
|
+
include Google::Apis::Core::Hashable
|
|
6638
|
+
|
|
6639
|
+
# The AWS account of the resource associated with the issue.
|
|
6640
|
+
# Corresponds to the JSON property `account`
|
|
6641
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount]
|
|
6642
|
+
attr_accessor :account
|
|
6643
|
+
|
|
6644
|
+
def initialize(**args)
|
|
6645
|
+
update!(**args)
|
|
6646
|
+
end
|
|
6647
|
+
|
|
6648
|
+
# Update properties of this object
|
|
6649
|
+
def update!(**args)
|
|
6650
|
+
@account = args[:account] if args.key?(:account)
|
|
6651
|
+
end
|
|
6652
|
+
end
|
|
6653
|
+
|
|
6654
|
+
# The AWS account of the resource associated with the issue.
|
|
6655
|
+
class GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount
|
|
6656
|
+
include Google::Apis::Core::Hashable
|
|
6657
|
+
|
|
6658
|
+
# The AWS account ID of the resource associated with the issue.
|
|
6659
|
+
# Corresponds to the JSON property `id`
|
|
6660
|
+
# @return [String]
|
|
6661
|
+
attr_accessor :id
|
|
5541
6662
|
|
|
5542
|
-
# The
|
|
5543
|
-
# the
|
|
5544
|
-
# Corresponds to the JSON property `severity`
|
|
6663
|
+
# The AWS account name of the resource associated with the issue.
|
|
6664
|
+
# Corresponds to the JSON property `name`
|
|
5545
6665
|
# @return [String]
|
|
5546
|
-
attr_accessor :
|
|
6666
|
+
attr_accessor :name
|
|
5547
6667
|
|
|
5548
|
-
|
|
5549
|
-
|
|
5550
|
-
|
|
5551
|
-
# characters or underscores only.
|
|
5552
|
-
# Corresponds to the JSON property `sourceProperties`
|
|
5553
|
-
# @return [Hash<String,Object>]
|
|
5554
|
-
attr_accessor :source_properties
|
|
6668
|
+
def initialize(**args)
|
|
6669
|
+
update!(**args)
|
|
6670
|
+
end
|
|
5555
6671
|
|
|
5556
|
-
#
|
|
5557
|
-
|
|
5558
|
-
|
|
5559
|
-
|
|
6672
|
+
# Update properties of this object
|
|
6673
|
+
def update!(**args)
|
|
6674
|
+
@id = args[:id] if args.key?(:id)
|
|
6675
|
+
@name = args[:name] if args.key?(:name)
|
|
6676
|
+
end
|
|
6677
|
+
end
|
|
5560
6678
|
|
|
5561
|
-
|
|
5562
|
-
|
|
5563
|
-
|
|
5564
|
-
# Corresponds to the JSON property `toxicCombination`
|
|
5565
|
-
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ToxicCombination]
|
|
5566
|
-
attr_accessor :toxic_combination
|
|
6679
|
+
# The Azure metadata of a resource associated with an issue.
|
|
6680
|
+
class GoogleCloudSecuritycenterV2IssueResourceAzureMetadata
|
|
6681
|
+
include Google::Apis::Core::Hashable
|
|
5567
6682
|
|
|
5568
|
-
#
|
|
5569
|
-
# Corresponds to the JSON property `
|
|
5570
|
-
# @return [Google::Apis::SecuritycenterV1beta1::
|
|
5571
|
-
attr_accessor :
|
|
6683
|
+
# The Azure subscription of the resource associated with the issue.
|
|
6684
|
+
# Corresponds to the JSON property `subscription`
|
|
6685
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription]
|
|
6686
|
+
attr_accessor :subscription
|
|
5572
6687
|
|
|
5573
6688
|
def initialize(**args)
|
|
5574
6689
|
update!(**args)
|
|
@@ -5576,72 +6691,23 @@ module Google
|
|
|
5576
6691
|
|
|
5577
6692
|
# Update properties of this object
|
|
5578
6693
|
def update!(**args)
|
|
5579
|
-
@
|
|
5580
|
-
@application = args[:application] if args.key?(:application)
|
|
5581
|
-
@attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
|
|
5582
|
-
@backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
|
|
5583
|
-
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
|
5584
|
-
@category = args[:category] if args.key?(:category)
|
|
5585
|
-
@cloud_armor = args[:cloud_armor] if args.key?(:cloud_armor)
|
|
5586
|
-
@cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
|
|
5587
|
-
@cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
|
|
5588
|
-
@compliances = args[:compliances] if args.key?(:compliances)
|
|
5589
|
-
@connections = args[:connections] if args.key?(:connections)
|
|
5590
|
-
@contacts = args[:contacts] if args.key?(:contacts)
|
|
5591
|
-
@containers = args[:containers] if args.key?(:containers)
|
|
5592
|
-
@create_time = args[:create_time] if args.key?(:create_time)
|
|
5593
|
-
@database = args[:database] if args.key?(:database)
|
|
5594
|
-
@description = args[:description] if args.key?(:description)
|
|
5595
|
-
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5596
|
-
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
5597
|
-
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
5598
|
-
@external_uri = args[:external_uri] if args.key?(:external_uri)
|
|
5599
|
-
@files = args[:files] if args.key?(:files)
|
|
5600
|
-
@finding_class = args[:finding_class] if args.key?(:finding_class)
|
|
5601
|
-
@group_memberships = args[:group_memberships] if args.key?(:group_memberships)
|
|
5602
|
-
@iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
|
|
5603
|
-
@indicator = args[:indicator] if args.key?(:indicator)
|
|
5604
|
-
@kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
|
|
5605
|
-
@kubernetes = args[:kubernetes] if args.key?(:kubernetes)
|
|
5606
|
-
@load_balancers = args[:load_balancers] if args.key?(:load_balancers)
|
|
5607
|
-
@log_entries = args[:log_entries] if args.key?(:log_entries)
|
|
5608
|
-
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
5609
|
-
@module_name = args[:module_name] if args.key?(:module_name)
|
|
5610
|
-
@mute = args[:mute] if args.key?(:mute)
|
|
5611
|
-
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
5612
|
-
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
5613
|
-
@name = args[:name] if args.key?(:name)
|
|
5614
|
-
@next_steps = args[:next_steps] if args.key?(:next_steps)
|
|
5615
|
-
@notebook = args[:notebook] if args.key?(:notebook)
|
|
5616
|
-
@org_policies = args[:org_policies] if args.key?(:org_policies)
|
|
5617
|
-
@parent = args[:parent] if args.key?(:parent)
|
|
5618
|
-
@parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
|
|
5619
|
-
@processes = args[:processes] if args.key?(:processes)
|
|
5620
|
-
@resource_name = args[:resource_name] if args.key?(:resource_name)
|
|
5621
|
-
@security_marks = args[:security_marks] if args.key?(:security_marks)
|
|
5622
|
-
@security_posture = args[:security_posture] if args.key?(:security_posture)
|
|
5623
|
-
@severity = args[:severity] if args.key?(:severity)
|
|
5624
|
-
@source_properties = args[:source_properties] if args.key?(:source_properties)
|
|
5625
|
-
@state = args[:state] if args.key?(:state)
|
|
5626
|
-
@toxic_combination = args[:toxic_combination] if args.key?(:toxic_combination)
|
|
5627
|
-
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
|
6694
|
+
@subscription = args[:subscription] if args.key?(:subscription)
|
|
5628
6695
|
end
|
|
5629
6696
|
end
|
|
5630
6697
|
|
|
5631
|
-
#
|
|
5632
|
-
class
|
|
6698
|
+
# The Azure subscription of the resource associated with the issue.
|
|
6699
|
+
class GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription
|
|
5633
6700
|
include Google::Apis::Core::Hashable
|
|
5634
6701
|
|
|
5635
|
-
#
|
|
5636
|
-
#
|
|
5637
|
-
# Corresponds to the JSON property `resourceFolder`
|
|
6702
|
+
# The Azure subscription display name of the resource associated with the issue.
|
|
6703
|
+
# Corresponds to the JSON property `displayName`
|
|
5638
6704
|
# @return [String]
|
|
5639
|
-
attr_accessor :
|
|
6705
|
+
attr_accessor :display_name
|
|
5640
6706
|
|
|
5641
|
-
# The
|
|
5642
|
-
# Corresponds to the JSON property `
|
|
6707
|
+
# The Azure subscription ID of the resource associated with the issue.
|
|
6708
|
+
# Corresponds to the JSON property `id`
|
|
5643
6709
|
# @return [String]
|
|
5644
|
-
attr_accessor :
|
|
6710
|
+
attr_accessor :id
|
|
5645
6711
|
|
|
5646
6712
|
def initialize(**args)
|
|
5647
6713
|
update!(**args)
|
|
@@ -5649,19 +6715,19 @@ module Google
|
|
|
5649
6715
|
|
|
5650
6716
|
# Update properties of this object
|
|
5651
6717
|
def update!(**args)
|
|
5652
|
-
@
|
|
5653
|
-
@
|
|
6718
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
6719
|
+
@id = args[:id] if args.key?(:id)
|
|
5654
6720
|
end
|
|
5655
6721
|
end
|
|
5656
6722
|
|
|
5657
|
-
#
|
|
5658
|
-
class
|
|
6723
|
+
# Google Cloud metadata of a resource associated with an issue.
|
|
6724
|
+
class GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata
|
|
5659
6725
|
include Google::Apis::Core::Hashable
|
|
5660
6726
|
|
|
5661
|
-
#
|
|
5662
|
-
# Corresponds to the JSON property `
|
|
6727
|
+
# The project ID that the resource associated with the issue belongs to.
|
|
6728
|
+
# Corresponds to the JSON property `projectId`
|
|
5663
6729
|
# @return [String]
|
|
5664
|
-
attr_accessor :
|
|
6730
|
+
attr_accessor :project_id
|
|
5665
6731
|
|
|
5666
6732
|
def initialize(**args)
|
|
5667
6733
|
update!(**args)
|
|
@@ -5669,24 +6735,23 @@ module Google
|
|
|
5669
6735
|
|
|
5670
6736
|
# Update properties of this object
|
|
5671
6737
|
def update!(**args)
|
|
5672
|
-
@
|
|
6738
|
+
@project_id = args[:project_id] if args.key?(:project_id)
|
|
5673
6739
|
end
|
|
5674
6740
|
end
|
|
5675
6741
|
|
|
5676
|
-
#
|
|
5677
|
-
|
|
5678
|
-
class GoogleCloudSecuritycenterV2GroupMembership
|
|
6742
|
+
# Security context associated with an issue.
|
|
6743
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContext
|
|
5679
6744
|
include Google::Apis::Core::Hashable
|
|
5680
6745
|
|
|
5681
|
-
#
|
|
5682
|
-
# Corresponds to the JSON property `
|
|
5683
|
-
# @return [
|
|
5684
|
-
attr_accessor :
|
|
6746
|
+
# Aggregated count of a security context.
|
|
6747
|
+
# Corresponds to the JSON property `aggregatedCount`
|
|
6748
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount]
|
|
6749
|
+
attr_accessor :aggregated_count
|
|
5685
6750
|
|
|
5686
|
-
#
|
|
5687
|
-
# Corresponds to the JSON property `
|
|
5688
|
-
# @return [
|
|
5689
|
-
attr_accessor :
|
|
6751
|
+
# Context of a security context.
|
|
6752
|
+
# Corresponds to the JSON property `context`
|
|
6753
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueSecurityContextContext]
|
|
6754
|
+
attr_accessor :context
|
|
5690
6755
|
|
|
5691
6756
|
def initialize(**args)
|
|
5692
6757
|
update!(**args)
|
|
@@ -5694,32 +6759,24 @@ module Google
|
|
|
5694
6759
|
|
|
5695
6760
|
# Update properties of this object
|
|
5696
6761
|
def update!(**args)
|
|
5697
|
-
@
|
|
5698
|
-
@
|
|
6762
|
+
@aggregated_count = args[:aggregated_count] if args.key?(:aggregated_count)
|
|
6763
|
+
@context = args[:context] if args.key?(:context)
|
|
5699
6764
|
end
|
|
5700
6765
|
end
|
|
5701
6766
|
|
|
5702
|
-
#
|
|
5703
|
-
|
|
5704
|
-
class GoogleCloudSecuritycenterV2IamBinding
|
|
6767
|
+
# Aggregated count of a security context.
|
|
6768
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount
|
|
5705
6769
|
include Google::Apis::Core::Hashable
|
|
5706
6770
|
|
|
5707
|
-
#
|
|
5708
|
-
# Corresponds to the JSON property `
|
|
5709
|
-
# @return [String]
|
|
5710
|
-
attr_accessor :action
|
|
5711
|
-
|
|
5712
|
-
# A single identity requesting access for a Cloud Platform resource, for example,
|
|
5713
|
-
# "foo@google.com".
|
|
5714
|
-
# Corresponds to the JSON property `member`
|
|
6771
|
+
# Aggregation key.
|
|
6772
|
+
# Corresponds to the JSON property `key`
|
|
5715
6773
|
# @return [String]
|
|
5716
|
-
attr_accessor :
|
|
6774
|
+
attr_accessor :key
|
|
5717
6775
|
|
|
5718
|
-
#
|
|
5719
|
-
#
|
|
5720
|
-
#
|
|
5721
|
-
|
|
5722
|
-
attr_accessor :role
|
|
6776
|
+
# Aggregation value.
|
|
6777
|
+
# Corresponds to the JSON property `value`
|
|
6778
|
+
# @return [Fixnum]
|
|
6779
|
+
attr_accessor :value
|
|
5723
6780
|
|
|
5724
6781
|
def initialize(**args)
|
|
5725
6782
|
update!(**args)
|
|
@@ -5727,40 +6784,24 @@ module Google
|
|
|
5727
6784
|
|
|
5728
6785
|
# Update properties of this object
|
|
5729
6786
|
def update!(**args)
|
|
5730
|
-
@
|
|
5731
|
-
@
|
|
5732
|
-
@role = args[:role] if args.key?(:role)
|
|
6787
|
+
@key = args[:key] if args.key?(:key)
|
|
6788
|
+
@value = args[:value] if args.key?(:value)
|
|
5733
6789
|
end
|
|
5734
6790
|
end
|
|
5735
6791
|
|
|
5736
|
-
#
|
|
5737
|
-
|
|
5738
|
-
# operating system that, with high confidence, indicates a computer intrusion.
|
|
5739
|
-
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
|
5740
|
-
# wiki/Indicator_of_compromise).
|
|
5741
|
-
class GoogleCloudSecuritycenterV2Indicator
|
|
6792
|
+
# Context of a security context.
|
|
6793
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContextContext
|
|
5742
6794
|
include Google::Apis::Core::Hashable
|
|
5743
6795
|
|
|
5744
|
-
#
|
|
5745
|
-
# Corresponds to the JSON property `
|
|
5746
|
-
# @return [
|
|
5747
|
-
attr_accessor :
|
|
5748
|
-
|
|
5749
|
-
# The list of IP addresses that are associated with the finding.
|
|
5750
|
-
# Corresponds to the JSON property `ipAddresses`
|
|
5751
|
-
# @return [Array<String>]
|
|
5752
|
-
attr_accessor :ip_addresses
|
|
5753
|
-
|
|
5754
|
-
# The list of matched signatures indicating that the given process is present in
|
|
5755
|
-
# the environment.
|
|
5756
|
-
# Corresponds to the JSON property `signatures`
|
|
5757
|
-
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ProcessSignature>]
|
|
5758
|
-
attr_accessor :signatures
|
|
6796
|
+
# Context type.
|
|
6797
|
+
# Corresponds to the JSON property `type`
|
|
6798
|
+
# @return [String]
|
|
6799
|
+
attr_accessor :type
|
|
5759
6800
|
|
|
5760
|
-
#
|
|
5761
|
-
# Corresponds to the JSON property `
|
|
6801
|
+
# Context values.
|
|
6802
|
+
# Corresponds to the JSON property `values`
|
|
5762
6803
|
# @return [Array<String>]
|
|
5763
|
-
attr_accessor :
|
|
6804
|
+
attr_accessor :values
|
|
5764
6805
|
|
|
5765
6806
|
def initialize(**args)
|
|
5766
6807
|
update!(**args)
|
|
@@ -5768,10 +6809,8 @@ module Google
|
|
|
5768
6809
|
|
|
5769
6810
|
# Update properties of this object
|
|
5770
6811
|
def update!(**args)
|
|
5771
|
-
@
|
|
5772
|
-
@
|
|
5773
|
-
@signatures = args[:signatures] if args.key?(:signatures)
|
|
5774
|
-
@uris = args[:uris] if args.key?(:uris)
|
|
6812
|
+
@type = args[:type] if args.key?(:type)
|
|
6813
|
+
@values = args[:values] if args.key?(:values)
|
|
5775
6814
|
end
|
|
5776
6815
|
end
|
|
5777
6816
|
|
|
@@ -6080,6 +7119,12 @@ module Google
|
|
|
6080
7119
|
# @return [String]
|
|
6081
7120
|
attr_accessor :description
|
|
6082
7121
|
|
|
7122
|
+
# Optional. The expiry of the mute config. Only applicable for dynamic configs.
|
|
7123
|
+
# If the expiry is set, when the config expires, it is removed from all findings.
|
|
7124
|
+
# Corresponds to the JSON property `expiryTime`
|
|
7125
|
+
# @return [String]
|
|
7126
|
+
attr_accessor :expiry_time
|
|
7127
|
+
|
|
6083
7128
|
# Required. An expression that defines the filter to apply across create/update
|
|
6084
7129
|
# events of findings. While creating a filter string, be mindful of the scope in
|
|
6085
7130
|
# which the mute configuration is being created. E.g., If a filter contains
|
|
@@ -6133,6 +7178,7 @@ module Google
|
|
|
6133
7178
|
def update!(**args)
|
|
6134
7179
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
6135
7180
|
@description = args[:description] if args.key?(:description)
|
|
7181
|
+
@expiry_time = args[:expiry_time] if args.key?(:expiry_time)
|
|
6136
7182
|
@filter = args[:filter] if args.key?(:filter)
|
|
6137
7183
|
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
|
6138
7184
|
@name = args[:name] if args.key?(:name)
|
|
@@ -6141,6 +7187,34 @@ module Google
|
|
|
6141
7187
|
end
|
|
6142
7188
|
end
|
|
6143
7189
|
|
|
7190
|
+
# Mute information about the finding, including whether the finding has a static
|
|
7191
|
+
# mute or any matching dynamic mute rules.
|
|
7192
|
+
class GoogleCloudSecuritycenterV2MuteInfo
|
|
7193
|
+
include Google::Apis::Core::Hashable
|
|
7194
|
+
|
|
7195
|
+
# The list of dynamic mute rules that currently match the finding.
|
|
7196
|
+
# Corresponds to the JSON property `dynamicMuteRecords`
|
|
7197
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DynamicMuteRecord>]
|
|
7198
|
+
attr_accessor :dynamic_mute_records
|
|
7199
|
+
|
|
7200
|
+
# Information about the static mute state. A static mute state overrides any
|
|
7201
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
7202
|
+
# set by a static mute rule or by muting the finding directly.
|
|
7203
|
+
# Corresponds to the JSON property `staticMute`
|
|
7204
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2StaticMute]
|
|
7205
|
+
attr_accessor :static_mute
|
|
7206
|
+
|
|
7207
|
+
def initialize(**args)
|
|
7208
|
+
update!(**args)
|
|
7209
|
+
end
|
|
7210
|
+
|
|
7211
|
+
# Update properties of this object
|
|
7212
|
+
def update!(**args)
|
|
7213
|
+
@dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
|
|
7214
|
+
@static_mute = args[:static_mute] if args.key?(:static_mute)
|
|
7215
|
+
end
|
|
7216
|
+
end
|
|
7217
|
+
|
|
6144
7218
|
# Kubernetes nodes associated with the finding.
|
|
6145
7219
|
class GoogleCloudSecuritycenterV2Node
|
|
6146
7220
|
include Google::Apis::Core::Hashable
|
|
@@ -6816,9 +7890,10 @@ module Google
|
|
|
6816
7890
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping]
|
|
6817
7891
|
attr_accessor :sensitive_data_protection_mapping
|
|
6818
7892
|
|
|
6819
|
-
# Tag values combined with `AND` to check against.
|
|
6820
|
-
#
|
|
6821
|
-
# cloud.google.com/resource-
|
|
7893
|
+
# Tag values combined with `AND` to check against. For Google Cloud resources,
|
|
7894
|
+
# they are tag value IDs in the form of "tagValues/123". Example: `[ "tagValues/
|
|
7895
|
+
# 123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/resource-
|
|
7896
|
+
# manager/docs/tags/tags-creating-and-managing
|
|
6822
7897
|
# Corresponds to the JSON property `tagValues`
|
|
6823
7898
|
# @return [Array<String>]
|
|
6824
7899
|
attr_accessor :tag_values
|
|
@@ -7128,6 +8203,34 @@ module Google
|
|
|
7128
8203
|
end
|
|
7129
8204
|
end
|
|
7130
8205
|
|
|
8206
|
+
# Information about the static mute state. A static mute state overrides any
|
|
8207
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
8208
|
+
# set by a static mute rule or by muting the finding directly.
|
|
8209
|
+
class GoogleCloudSecuritycenterV2StaticMute
|
|
8210
|
+
include Google::Apis::Core::Hashable
|
|
8211
|
+
|
|
8212
|
+
# When the static mute was applied.
|
|
8213
|
+
# Corresponds to the JSON property `applyTime`
|
|
8214
|
+
# @return [String]
|
|
8215
|
+
attr_accessor :apply_time
|
|
8216
|
+
|
|
8217
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
|
|
8218
|
+
# s overall mute state will have the same value.
|
|
8219
|
+
# Corresponds to the JSON property `state`
|
|
8220
|
+
# @return [String]
|
|
8221
|
+
attr_accessor :state
|
|
8222
|
+
|
|
8223
|
+
def initialize(**args)
|
|
8224
|
+
update!(**args)
|
|
8225
|
+
end
|
|
8226
|
+
|
|
8227
|
+
# Update properties of this object
|
|
8228
|
+
def update!(**args)
|
|
8229
|
+
@apply_time = args[:apply_time] if args.key?(:apply_time)
|
|
8230
|
+
@state = args[:state] if args.key?(:state)
|
|
8231
|
+
end
|
|
8232
|
+
end
|
|
8233
|
+
|
|
7131
8234
|
# Represents a Kubernetes subject.
|
|
7132
8235
|
class GoogleCloudSecuritycenterV2Subject
|
|
7133
8236
|
include Google::Apis::Core::Hashable
|
|
@@ -8084,6 +9187,34 @@ module Google
|
|
|
8084
9187
|
end
|
|
8085
9188
|
end
|
|
8086
9189
|
|
|
9190
|
+
# Mute information about the finding, including whether the finding has a static
|
|
9191
|
+
# mute or any matching dynamic mute rules.
|
|
9192
|
+
class MuteInfo
|
|
9193
|
+
include Google::Apis::Core::Hashable
|
|
9194
|
+
|
|
9195
|
+
# The list of dynamic mute rules that currently match the finding.
|
|
9196
|
+
# Corresponds to the JSON property `dynamicMuteRecords`
|
|
9197
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DynamicMuteRecord>]
|
|
9198
|
+
attr_accessor :dynamic_mute_records
|
|
9199
|
+
|
|
9200
|
+
# Information about the static mute state. A static mute state overrides any
|
|
9201
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
9202
|
+
# set by a static mute rule or by muting the finding directly.
|
|
9203
|
+
# Corresponds to the JSON property `staticMute`
|
|
9204
|
+
# @return [Google::Apis::SecuritycenterV1beta1::StaticMute]
|
|
9205
|
+
attr_accessor :static_mute
|
|
9206
|
+
|
|
9207
|
+
def initialize(**args)
|
|
9208
|
+
update!(**args)
|
|
9209
|
+
end
|
|
9210
|
+
|
|
9211
|
+
# Update properties of this object
|
|
9212
|
+
def update!(**args)
|
|
9213
|
+
@dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
|
|
9214
|
+
@static_mute = args[:static_mute] if args.key?(:static_mute)
|
|
9215
|
+
end
|
|
9216
|
+
end
|
|
9217
|
+
|
|
8087
9218
|
# Kubernetes nodes associated with the finding.
|
|
8088
9219
|
class Node
|
|
8089
9220
|
include Google::Apis::Core::Hashable
|
|
@@ -9077,7 +10208,8 @@ module Google
|
|
|
9077
10208
|
class SetFindingStateRequest
|
|
9078
10209
|
include Google::Apis::Core::Hashable
|
|
9079
10210
|
|
|
9080
|
-
#
|
|
10211
|
+
# Optional. The time at which the updated state takes effect. If not set uses
|
|
10212
|
+
# the current time.
|
|
9081
10213
|
# Corresponds to the JSON property `startTime`
|
|
9082
10214
|
# @return [String]
|
|
9083
10215
|
attr_accessor :start_time
|
|
@@ -9193,6 +10325,34 @@ module Google
|
|
|
9193
10325
|
end
|
|
9194
10326
|
end
|
|
9195
10327
|
|
|
10328
|
+
# Information about the static mute state. A static mute state overrides any
|
|
10329
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
10330
|
+
# set by a static mute rule or by muting the finding directly.
|
|
10331
|
+
class StaticMute
|
|
10332
|
+
include Google::Apis::Core::Hashable
|
|
10333
|
+
|
|
10334
|
+
# When the static mute was applied.
|
|
10335
|
+
# Corresponds to the JSON property `applyTime`
|
|
10336
|
+
# @return [String]
|
|
10337
|
+
attr_accessor :apply_time
|
|
10338
|
+
|
|
10339
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
|
|
10340
|
+
# s overall mute state will have the same value.
|
|
10341
|
+
# Corresponds to the JSON property `state`
|
|
10342
|
+
# @return [String]
|
|
10343
|
+
attr_accessor :state
|
|
10344
|
+
|
|
10345
|
+
def initialize(**args)
|
|
10346
|
+
update!(**args)
|
|
10347
|
+
end
|
|
10348
|
+
|
|
10349
|
+
# Update properties of this object
|
|
10350
|
+
def update!(**args)
|
|
10351
|
+
@apply_time = args[:apply_time] if args.key?(:apply_time)
|
|
10352
|
+
@state = args[:state] if args.key?(:state)
|
|
10353
|
+
end
|
|
10354
|
+
end
|
|
10355
|
+
|
|
9196
10356
|
# The `Status` type defines a logical error model that is suitable for different
|
|
9197
10357
|
# programming environments, including REST APIs and RPC APIs. It is used by [
|
|
9198
10358
|
# gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
|