google-apis-securitycenter_v1beta1 0.79.0 → 0.81.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/lib/google/apis/securitycenter_v1beta1/classes.rb +1380 -220
- data/lib/google/apis/securitycenter_v1beta1/gem_version.rb +3 -3
- data/lib/google/apis/securitycenter_v1beta1/representations.rb +517 -0
- data/lib/google/apis/securitycenter_v1beta1/service.rb +2 -2
- metadata +4 -4
|
@@ -650,6 +650,11 @@ module Google
|
|
|
650
650
|
# @return [Google::Apis::SecuritycenterV1beta1::AzureSubscription]
|
|
651
651
|
attr_accessor :subscription
|
|
652
652
|
|
|
653
|
+
# Represents a Microsoft Entra tenant.
|
|
654
|
+
# Corresponds to the JSON property `tenant`
|
|
655
|
+
# @return [Google::Apis::SecuritycenterV1beta1::AzureTenant]
|
|
656
|
+
attr_accessor :tenant
|
|
657
|
+
|
|
653
658
|
def initialize(**args)
|
|
654
659
|
update!(**args)
|
|
655
660
|
end
|
|
@@ -659,6 +664,7 @@ module Google
|
|
|
659
664
|
@management_groups = args[:management_groups] if args.key?(:management_groups)
|
|
660
665
|
@resource_group = args[:resource_group] if args.key?(:resource_group)
|
|
661
666
|
@subscription = args[:subscription] if args.key?(:subscription)
|
|
667
|
+
@tenant = args[:tenant] if args.key?(:tenant)
|
|
662
668
|
end
|
|
663
669
|
end
|
|
664
670
|
|
|
@@ -666,6 +672,11 @@ module Google
|
|
|
666
672
|
class AzureResourceGroup
|
|
667
673
|
include Google::Apis::Core::Hashable
|
|
668
674
|
|
|
675
|
+
# The ID of the Azure resource group.
|
|
676
|
+
# Corresponds to the JSON property `id`
|
|
677
|
+
# @return [String]
|
|
678
|
+
attr_accessor :id
|
|
679
|
+
|
|
669
680
|
# The name of the Azure resource group. This is not a UUID.
|
|
670
681
|
# Corresponds to the JSON property `name`
|
|
671
682
|
# @return [String]
|
|
@@ -677,6 +688,7 @@ module Google
|
|
|
677
688
|
|
|
678
689
|
# Update properties of this object
|
|
679
690
|
def update!(**args)
|
|
691
|
+
@id = args[:id] if args.key?(:id)
|
|
680
692
|
@name = args[:name] if args.key?(:name)
|
|
681
693
|
end
|
|
682
694
|
end
|
|
@@ -707,6 +719,32 @@ module Google
|
|
|
707
719
|
end
|
|
708
720
|
end
|
|
709
721
|
|
|
722
|
+
# Represents a Microsoft Entra tenant.
|
|
723
|
+
class AzureTenant
|
|
724
|
+
include Google::Apis::Core::Hashable
|
|
725
|
+
|
|
726
|
+
# The display name of the Azure tenant.
|
|
727
|
+
# Corresponds to the JSON property `displayName`
|
|
728
|
+
# @return [String]
|
|
729
|
+
attr_accessor :display_name
|
|
730
|
+
|
|
731
|
+
# The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
|
|
732
|
+
# 1aaa11a".
|
|
733
|
+
# Corresponds to the JSON property `id`
|
|
734
|
+
# @return [String]
|
|
735
|
+
attr_accessor :id
|
|
736
|
+
|
|
737
|
+
def initialize(**args)
|
|
738
|
+
update!(**args)
|
|
739
|
+
end
|
|
740
|
+
|
|
741
|
+
# Update properties of this object
|
|
742
|
+
def update!(**args)
|
|
743
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
744
|
+
@id = args[:id] if args.key?(:id)
|
|
745
|
+
end
|
|
746
|
+
end
|
|
747
|
+
|
|
710
748
|
# Information related to Google Cloud Backup and DR Service findings.
|
|
711
749
|
class BackupDisasterRecovery
|
|
712
750
|
include Google::Apis::Core::Hashable
|
|
@@ -1315,11 +1353,21 @@ module Google
|
|
|
1315
1353
|
# @return [Google::Apis::SecuritycenterV1beta1::Cvssv3]
|
|
1316
1354
|
attr_accessor :cvssv3
|
|
1317
1355
|
|
|
1356
|
+
# Date the first publicly available exploit or PoC was released.
|
|
1357
|
+
# Corresponds to the JSON property `exploitReleaseDate`
|
|
1358
|
+
# @return [String]
|
|
1359
|
+
attr_accessor :exploit_release_date
|
|
1360
|
+
|
|
1318
1361
|
# The exploitation activity of the vulnerability in the wild.
|
|
1319
1362
|
# Corresponds to the JSON property `exploitationActivity`
|
|
1320
1363
|
# @return [String]
|
|
1321
1364
|
attr_accessor :exploitation_activity
|
|
1322
1365
|
|
|
1366
|
+
# Date of the earliest known exploitation.
|
|
1367
|
+
# Corresponds to the JSON property `firstExploitationDate`
|
|
1368
|
+
# @return [String]
|
|
1369
|
+
attr_accessor :first_exploitation_date
|
|
1370
|
+
|
|
1323
1371
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
|
1324
1372
|
# Corresponds to the JSON property `id`
|
|
1325
1373
|
# @return [String]
|
|
@@ -1361,7 +1409,9 @@ module Google
|
|
|
1361
1409
|
# Update properties of this object
|
|
1362
1410
|
def update!(**args)
|
|
1363
1411
|
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
|
1412
|
+
@exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
|
|
1364
1413
|
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
|
1414
|
+
@first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
|
|
1365
1415
|
@id = args[:id] if args.key?(:id)
|
|
1366
1416
|
@impact = args[:impact] if args.key?(:impact)
|
|
1367
1417
|
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
|
@@ -1448,6 +1498,144 @@ module Google
|
|
|
1448
1498
|
end
|
|
1449
1499
|
end
|
|
1450
1500
|
|
|
1501
|
+
# Details about a data access attempt made by a principal not authorized under
|
|
1502
|
+
# applicable data security policy.
|
|
1503
|
+
class DataAccessEvent
|
|
1504
|
+
include Google::Apis::Core::Hashable
|
|
1505
|
+
|
|
1506
|
+
# Unique identifier for data access event.
|
|
1507
|
+
# Corresponds to the JSON property `eventId`
|
|
1508
|
+
# @return [String]
|
|
1509
|
+
attr_accessor :event_id
|
|
1510
|
+
|
|
1511
|
+
# Timestamp of data access event.
|
|
1512
|
+
# Corresponds to the JSON property `eventTime`
|
|
1513
|
+
# @return [String]
|
|
1514
|
+
attr_accessor :event_time
|
|
1515
|
+
|
|
1516
|
+
# The operation performed by the principal to access the data.
|
|
1517
|
+
# Corresponds to the JSON property `operation`
|
|
1518
|
+
# @return [String]
|
|
1519
|
+
attr_accessor :operation
|
|
1520
|
+
|
|
1521
|
+
# The email address of the principal that accessed the data. The principal could
|
|
1522
|
+
# be a user account, service account, Google group, or other.
|
|
1523
|
+
# Corresponds to the JSON property `principalEmail`
|
|
1524
|
+
# @return [String]
|
|
1525
|
+
attr_accessor :principal_email
|
|
1526
|
+
|
|
1527
|
+
def initialize(**args)
|
|
1528
|
+
update!(**args)
|
|
1529
|
+
end
|
|
1530
|
+
|
|
1531
|
+
# Update properties of this object
|
|
1532
|
+
def update!(**args)
|
|
1533
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
1534
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
1535
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
1536
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
1537
|
+
end
|
|
1538
|
+
end
|
|
1539
|
+
|
|
1540
|
+
# Details about a data flow event, in which either the data is moved to or is
|
|
1541
|
+
# accessed from a non-compliant geo-location, as defined in the applicable data
|
|
1542
|
+
# security policy.
|
|
1543
|
+
class DataFlowEvent
|
|
1544
|
+
include Google::Apis::Core::Hashable
|
|
1545
|
+
|
|
1546
|
+
# Unique identifier for data flow event.
|
|
1547
|
+
# Corresponds to the JSON property `eventId`
|
|
1548
|
+
# @return [String]
|
|
1549
|
+
attr_accessor :event_id
|
|
1550
|
+
|
|
1551
|
+
# Timestamp of data flow event.
|
|
1552
|
+
# Corresponds to the JSON property `eventTime`
|
|
1553
|
+
# @return [String]
|
|
1554
|
+
attr_accessor :event_time
|
|
1555
|
+
|
|
1556
|
+
# The operation performed by the principal for the data flow event.
|
|
1557
|
+
# Corresponds to the JSON property `operation`
|
|
1558
|
+
# @return [String]
|
|
1559
|
+
attr_accessor :operation
|
|
1560
|
+
|
|
1561
|
+
# The email address of the principal that initiated the data flow event. The
|
|
1562
|
+
# principal could be a user account, service account, Google group, or other.
|
|
1563
|
+
# Corresponds to the JSON property `principalEmail`
|
|
1564
|
+
# @return [String]
|
|
1565
|
+
attr_accessor :principal_email
|
|
1566
|
+
|
|
1567
|
+
# Non-compliant location of the principal or the data destination.
|
|
1568
|
+
# Corresponds to the JSON property `violatedLocation`
|
|
1569
|
+
# @return [String]
|
|
1570
|
+
attr_accessor :violated_location
|
|
1571
|
+
|
|
1572
|
+
def initialize(**args)
|
|
1573
|
+
update!(**args)
|
|
1574
|
+
end
|
|
1575
|
+
|
|
1576
|
+
# Update properties of this object
|
|
1577
|
+
def update!(**args)
|
|
1578
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
1579
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
1580
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
1581
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
1582
|
+
@violated_location = args[:violated_location] if args.key?(:violated_location)
|
|
1583
|
+
end
|
|
1584
|
+
end
|
|
1585
|
+
|
|
1586
|
+
# Details about data retention deletion violations, in which the data is non-
|
|
1587
|
+
# compliant based on their retention or deletion time, as defined in the
|
|
1588
|
+
# applicable data security policy. The Data Retention Deletion (DRD) control is
|
|
1589
|
+
# a control of the DSPM (Data Security Posture Management) suite that enables
|
|
1590
|
+
# organizations to manage data retention and deletion policies in compliance
|
|
1591
|
+
# with regulations, such as GDPR and CRPA. DRD supports two primary policy types:
|
|
1592
|
+
# maximum storage length (max TTL) and minimum storage length (min TTL). Both
|
|
1593
|
+
# are aimed at helping organizations meet regulatory and data management
|
|
1594
|
+
# commitments.
|
|
1595
|
+
class DataRetentionDeletionEvent
|
|
1596
|
+
include Google::Apis::Core::Hashable
|
|
1597
|
+
|
|
1598
|
+
# Number of objects that violated the policy for this resource. If the number is
|
|
1599
|
+
# less than 1,000, then the value of this field is the exact number. If the
|
|
1600
|
+
# number of objects that violated the policy is greater than or equal to 1,000,
|
|
1601
|
+
# then the value of this field is 1000.
|
|
1602
|
+
# Corresponds to the JSON property `dataObjectCount`
|
|
1603
|
+
# @return [Fixnum]
|
|
1604
|
+
attr_accessor :data_object_count
|
|
1605
|
+
|
|
1606
|
+
# Timestamp indicating when the event was detected.
|
|
1607
|
+
# Corresponds to the JSON property `eventDetectionTime`
|
|
1608
|
+
# @return [String]
|
|
1609
|
+
attr_accessor :event_detection_time
|
|
1610
|
+
|
|
1611
|
+
# Type of the DRD event.
|
|
1612
|
+
# Corresponds to the JSON property `eventType`
|
|
1613
|
+
# @return [String]
|
|
1614
|
+
attr_accessor :event_type
|
|
1615
|
+
|
|
1616
|
+
# Maximum duration of retention allowed from the DRD control. This comes from
|
|
1617
|
+
# the DRD control where users set a max TTL for their data. For example, suppose
|
|
1618
|
+
# that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an
|
|
1619
|
+
# object in that bucket is 100 days old. In this case, a
|
|
1620
|
+
# DataRetentionDeletionEvent will be generated for that Cloud Storage bucket,
|
|
1621
|
+
# and the max_retention_allowed is 90 days.
|
|
1622
|
+
# Corresponds to the JSON property `maxRetentionAllowed`
|
|
1623
|
+
# @return [String]
|
|
1624
|
+
attr_accessor :max_retention_allowed
|
|
1625
|
+
|
|
1626
|
+
def initialize(**args)
|
|
1627
|
+
update!(**args)
|
|
1628
|
+
end
|
|
1629
|
+
|
|
1630
|
+
# Update properties of this object
|
|
1631
|
+
def update!(**args)
|
|
1632
|
+
@data_object_count = args[:data_object_count] if args.key?(:data_object_count)
|
|
1633
|
+
@event_detection_time = args[:event_detection_time] if args.key?(:event_detection_time)
|
|
1634
|
+
@event_type = args[:event_type] if args.key?(:event_type)
|
|
1635
|
+
@max_retention_allowed = args[:max_retention_allowed] if args.key?(:max_retention_allowed)
|
|
1636
|
+
end
|
|
1637
|
+
end
|
|
1638
|
+
|
|
1451
1639
|
# Represents database access information, such as queries. A database may be a
|
|
1452
1640
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
1453
1641
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -1536,6 +1724,26 @@ module Google
|
|
|
1536
1724
|
end
|
|
1537
1725
|
end
|
|
1538
1726
|
|
|
1727
|
+
# Contains information about the disk associated with the finding.
|
|
1728
|
+
class Disk
|
|
1729
|
+
include Google::Apis::Core::Hashable
|
|
1730
|
+
|
|
1731
|
+
# The name of the disk, for example, "https://www.googleapis.com/compute/v1/
|
|
1732
|
+
# projects/project-id/zones/zone-id/disks/disk-id".
|
|
1733
|
+
# Corresponds to the JSON property `name`
|
|
1734
|
+
# @return [String]
|
|
1735
|
+
attr_accessor :name
|
|
1736
|
+
|
|
1737
|
+
def initialize(**args)
|
|
1738
|
+
update!(**args)
|
|
1739
|
+
end
|
|
1740
|
+
|
|
1741
|
+
# Update properties of this object
|
|
1742
|
+
def update!(**args)
|
|
1743
|
+
@name = args[:name] if args.key?(:name)
|
|
1744
|
+
end
|
|
1745
|
+
end
|
|
1746
|
+
|
|
1539
1747
|
# Path of the file in terms of underlying disk/partition identifiers.
|
|
1540
1748
|
class DiskPath
|
|
1541
1749
|
include Google::Apis::Core::Hashable
|
|
@@ -1563,6 +1771,33 @@ module Google
|
|
|
1563
1771
|
end
|
|
1564
1772
|
end
|
|
1565
1773
|
|
|
1774
|
+
# The record of a dynamic mute rule that matches the finding.
|
|
1775
|
+
class DynamicMuteRecord
|
|
1776
|
+
include Google::Apis::Core::Hashable
|
|
1777
|
+
|
|
1778
|
+
# When the dynamic mute rule first matched the finding.
|
|
1779
|
+
# Corresponds to the JSON property `matchTime`
|
|
1780
|
+
# @return [String]
|
|
1781
|
+
attr_accessor :match_time
|
|
1782
|
+
|
|
1783
|
+
# The relative resource name of the mute rule, represented by a mute config,
|
|
1784
|
+
# that created this record, for example `organizations/123/muteConfigs/
|
|
1785
|
+
# mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
|
1786
|
+
# Corresponds to the JSON property `muteConfig`
|
|
1787
|
+
# @return [String]
|
|
1788
|
+
attr_accessor :mute_config
|
|
1789
|
+
|
|
1790
|
+
def initialize(**args)
|
|
1791
|
+
update!(**args)
|
|
1792
|
+
end
|
|
1793
|
+
|
|
1794
|
+
# Update properties of this object
|
|
1795
|
+
def update!(**args)
|
|
1796
|
+
@match_time = args[:match_time] if args.key?(:match_time)
|
|
1797
|
+
@mute_config = args[:mute_config] if args.key?(:mute_config)
|
|
1798
|
+
end
|
|
1799
|
+
end
|
|
1800
|
+
|
|
1566
1801
|
# A generic empty message that you can re-use to avoid defining duplicated empty
|
|
1567
1802
|
# messages in your APIs. A typical example is to use it as the request or the
|
|
1568
1803
|
# response type of an API method. For instance: service Foo ` rpc Bar(google.
|
|
@@ -1877,6 +2112,21 @@ module Google
|
|
|
1877
2112
|
# @return [String]
|
|
1878
2113
|
attr_accessor :create_time
|
|
1879
2114
|
|
|
2115
|
+
# Data access events associated with the finding.
|
|
2116
|
+
# Corresponds to the JSON property `dataAccessEvents`
|
|
2117
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DataAccessEvent>]
|
|
2118
|
+
attr_accessor :data_access_events
|
|
2119
|
+
|
|
2120
|
+
# Data flow events associated with the finding.
|
|
2121
|
+
# Corresponds to the JSON property `dataFlowEvents`
|
|
2122
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DataFlowEvent>]
|
|
2123
|
+
attr_accessor :data_flow_events
|
|
2124
|
+
|
|
2125
|
+
# Data retention deletion events associated with the finding.
|
|
2126
|
+
# Corresponds to the JSON property `dataRetentionDeletionEvents`
|
|
2127
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DataRetentionDeletionEvent>]
|
|
2128
|
+
attr_accessor :data_retention_deletion_events
|
|
2129
|
+
|
|
1880
2130
|
# Represents database access information, such as queries. A database may be a
|
|
1881
2131
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
1882
2132
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -1893,6 +2143,11 @@ module Google
|
|
|
1893
2143
|
# @return [String]
|
|
1894
2144
|
attr_accessor :description
|
|
1895
2145
|
|
|
2146
|
+
# Contains information about the disk associated with the finding.
|
|
2147
|
+
# Corresponds to the JSON property `disk`
|
|
2148
|
+
# @return [Google::Apis::SecuritycenterV1beta1::Disk]
|
|
2149
|
+
attr_accessor :disk
|
|
2150
|
+
|
|
1896
2151
|
# The time the finding was first detected. If an existing finding is updated,
|
|
1897
2152
|
# then this is the time the update occurred. For example, if the finding
|
|
1898
2153
|
# represents an open firewall, this property captures the time the detector
|
|
@@ -1994,6 +2249,12 @@ module Google
|
|
|
1994
2249
|
# @return [String]
|
|
1995
2250
|
attr_accessor :mute
|
|
1996
2251
|
|
|
2252
|
+
# Mute information about the finding, including whether the finding has a static
|
|
2253
|
+
# mute or any matching dynamic mute rules.
|
|
2254
|
+
# Corresponds to the JSON property `muteInfo`
|
|
2255
|
+
# @return [Google::Apis::SecuritycenterV1beta1::MuteInfo]
|
|
2256
|
+
attr_accessor :mute_info
|
|
2257
|
+
|
|
1997
2258
|
# Records additional information about the mute operation, for example, the [
|
|
1998
2259
|
# mute configuration](/security-command-center/docs/how-to-mute-findings) that
|
|
1999
2260
|
# muted the finding and the user who muted the finding.
|
|
@@ -2127,8 +2388,12 @@ module Google
|
|
|
2127
2388
|
@contacts = args[:contacts] if args.key?(:contacts)
|
|
2128
2389
|
@containers = args[:containers] if args.key?(:containers)
|
|
2129
2390
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
2391
|
+
@data_access_events = args[:data_access_events] if args.key?(:data_access_events)
|
|
2392
|
+
@data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
|
|
2393
|
+
@data_retention_deletion_events = args[:data_retention_deletion_events] if args.key?(:data_retention_deletion_events)
|
|
2130
2394
|
@database = args[:database] if args.key?(:database)
|
|
2131
2395
|
@description = args[:description] if args.key?(:description)
|
|
2396
|
+
@disk = args[:disk] if args.key?(:disk)
|
|
2132
2397
|
@event_time = args[:event_time] if args.key?(:event_time)
|
|
2133
2398
|
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
2134
2399
|
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
@@ -2145,6 +2410,7 @@ module Google
|
|
|
2145
2410
|
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
2146
2411
|
@module_name = args[:module_name] if args.key?(:module_name)
|
|
2147
2412
|
@mute = args[:mute] if args.key?(:mute)
|
|
2413
|
+
@mute_info = args[:mute_info] if args.key?(:mute_info)
|
|
2148
2414
|
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
2149
2415
|
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
2150
2416
|
@name = args[:name] if args.key?(:name)
|
|
@@ -2550,6 +2816,11 @@ module Google
|
|
|
2550
2816
|
class GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule
|
|
2551
2817
|
include Google::Apis::Core::Hashable
|
|
2552
2818
|
|
|
2819
|
+
# The cloud provider of the custom module.
|
|
2820
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
2821
|
+
# @return [String]
|
|
2822
|
+
attr_accessor :cloud_provider
|
|
2823
|
+
|
|
2553
2824
|
# Defines the properties in a custom module configuration for Security Health
|
|
2554
2825
|
# Analytics. Use the custom module configuration to create custom detectors that
|
|
2555
2826
|
# generate custom findings for resources that you specify.
|
|
@@ -2586,6 +2857,7 @@ module Google
|
|
|
2586
2857
|
|
|
2587
2858
|
# Update properties of this object
|
|
2588
2859
|
def update!(**args)
|
|
2860
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
2589
2861
|
@custom_config = args[:custom_config] if args.key?(:custom_config)
|
|
2590
2862
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
2591
2863
|
@enablement_state = args[:enablement_state] if args.key?(:enablement_state)
|
|
@@ -2699,6 +2971,12 @@ module Google
|
|
|
2699
2971
|
# @return [String]
|
|
2700
2972
|
attr_accessor :display_name
|
|
2701
2973
|
|
|
2974
|
+
# Optional. The expiry of the mute config. Only applicable for dynamic configs.
|
|
2975
|
+
# If the expiry is set, when the config expires, it is removed from all findings.
|
|
2976
|
+
# Corresponds to the JSON property `expiryTime`
|
|
2977
|
+
# @return [String]
|
|
2978
|
+
attr_accessor :expiry_time
|
|
2979
|
+
|
|
2702
2980
|
# Required. An expression that defines the filter to apply across create/update
|
|
2703
2981
|
# events of findings. While creating a filter string, be mindful of the scope in
|
|
2704
2982
|
# which the mute configuration is being created. E.g., If a filter contains
|
|
@@ -2730,6 +3008,14 @@ module Google
|
|
|
2730
3008
|
# @return [String]
|
|
2731
3009
|
attr_accessor :name
|
|
2732
3010
|
|
|
3011
|
+
# Optional. The type of the mute config, which determines what type of mute
|
|
3012
|
+
# state the config affects. The static mute state takes precedence over the
|
|
3013
|
+
# dynamic mute state. Immutable after creation. STATIC by default if not set
|
|
3014
|
+
# during creation.
|
|
3015
|
+
# Corresponds to the JSON property `type`
|
|
3016
|
+
# @return [String]
|
|
3017
|
+
attr_accessor :type
|
|
3018
|
+
|
|
2733
3019
|
# Output only. The most recent time at which the mute config was updated. This
|
|
2734
3020
|
# field is set by the server and will be ignored if provided on config creation
|
|
2735
3021
|
# or update.
|
|
@@ -2746,9 +3032,11 @@ module Google
|
|
|
2746
3032
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
2747
3033
|
@description = args[:description] if args.key?(:description)
|
|
2748
3034
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
3035
|
+
@expiry_time = args[:expiry_time] if args.key?(:expiry_time)
|
|
2749
3036
|
@filter = args[:filter] if args.key?(:filter)
|
|
2750
3037
|
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
|
2751
3038
|
@name = args[:name] if args.key?(:name)
|
|
3039
|
+
@type = args[:type] if args.key?(:type)
|
|
2752
3040
|
@update_time = args[:update_time] if args.key?(:update_time)
|
|
2753
3041
|
end
|
|
2754
3042
|
end
|
|
@@ -3031,10 +3319,10 @@ module Google
|
|
|
3031
3319
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping]
|
|
3032
3320
|
attr_accessor :sensitive_data_protection_mapping
|
|
3033
3321
|
|
|
3034
|
-
# Required. Tag values combined with `AND` to check against.
|
|
3035
|
-
# tagValues/123" Example: `[ "
|
|
3036
|
-
# https://cloud.google.com/
|
|
3037
|
-
# managing
|
|
3322
|
+
# Required. Tag values combined with `AND` to check against. For Google Cloud
|
|
3323
|
+
# resources, they are tag value IDs in the form of "tagValues/123". Example: `[ "
|
|
3324
|
+
# tagValues/123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/
|
|
3325
|
+
# resource-manager/docs/tags/tags-creating-and-managing
|
|
3038
3326
|
# Corresponds to the JSON property `tagValues`
|
|
3039
3327
|
# @return [Array<String>]
|
|
3040
3328
|
attr_accessor :tag_values
|
|
@@ -3105,6 +3393,11 @@ module Google
|
|
|
3105
3393
|
# @return [String]
|
|
3106
3394
|
attr_accessor :ancestor_module
|
|
3107
3395
|
|
|
3396
|
+
# The cloud provider of the custom module.
|
|
3397
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
3398
|
+
# @return [String]
|
|
3399
|
+
attr_accessor :cloud_provider
|
|
3400
|
+
|
|
3108
3401
|
# Defines the properties in a custom module configuration for Security Health
|
|
3109
3402
|
# Analytics. Use the custom module configuration to create custom detectors that
|
|
3110
3403
|
# generate custom findings for resources that you specify.
|
|
@@ -3154,6 +3447,7 @@ module Google
|
|
|
3154
3447
|
# Update properties of this object
|
|
3155
3448
|
def update!(**args)
|
|
3156
3449
|
@ancestor_module = args[:ancestor_module] if args.key?(:ancestor_module)
|
|
3450
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
3157
3451
|
@custom_config = args[:custom_config] if args.key?(:custom_config)
|
|
3158
3452
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
3159
3453
|
@enablement_state = args[:enablement_state] if args.key?(:enablement_state)
|
|
@@ -4120,6 +4414,11 @@ module Google
|
|
|
4120
4414
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2AzureSubscription]
|
|
4121
4415
|
attr_accessor :subscription
|
|
4122
4416
|
|
|
4417
|
+
# Represents a Microsoft Entra tenant.
|
|
4418
|
+
# Corresponds to the JSON property `tenant`
|
|
4419
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2AzureTenant]
|
|
4420
|
+
attr_accessor :tenant
|
|
4421
|
+
|
|
4123
4422
|
def initialize(**args)
|
|
4124
4423
|
update!(**args)
|
|
4125
4424
|
end
|
|
@@ -4129,6 +4428,7 @@ module Google
|
|
|
4129
4428
|
@management_groups = args[:management_groups] if args.key?(:management_groups)
|
|
4130
4429
|
@resource_group = args[:resource_group] if args.key?(:resource_group)
|
|
4131
4430
|
@subscription = args[:subscription] if args.key?(:subscription)
|
|
4431
|
+
@tenant = args[:tenant] if args.key?(:tenant)
|
|
4132
4432
|
end
|
|
4133
4433
|
end
|
|
4134
4434
|
|
|
@@ -4136,6 +4436,11 @@ module Google
|
|
|
4136
4436
|
class GoogleCloudSecuritycenterV2AzureResourceGroup
|
|
4137
4437
|
include Google::Apis::Core::Hashable
|
|
4138
4438
|
|
|
4439
|
+
# The ID of the Azure resource group.
|
|
4440
|
+
# Corresponds to the JSON property `id`
|
|
4441
|
+
# @return [String]
|
|
4442
|
+
attr_accessor :id
|
|
4443
|
+
|
|
4139
4444
|
# The name of the Azure resource group. This is not a UUID.
|
|
4140
4445
|
# Corresponds to the JSON property `name`
|
|
4141
4446
|
# @return [String]
|
|
@@ -4147,6 +4452,7 @@ module Google
|
|
|
4147
4452
|
|
|
4148
4453
|
# Update properties of this object
|
|
4149
4454
|
def update!(**args)
|
|
4455
|
+
@id = args[:id] if args.key?(:id)
|
|
4150
4456
|
@name = args[:name] if args.key?(:name)
|
|
4151
4457
|
end
|
|
4152
4458
|
end
|
|
@@ -4177,6 +4483,32 @@ module Google
|
|
|
4177
4483
|
end
|
|
4178
4484
|
end
|
|
4179
4485
|
|
|
4486
|
+
# Represents a Microsoft Entra tenant.
|
|
4487
|
+
class GoogleCloudSecuritycenterV2AzureTenant
|
|
4488
|
+
include Google::Apis::Core::Hashable
|
|
4489
|
+
|
|
4490
|
+
# The display name of the Azure tenant.
|
|
4491
|
+
# Corresponds to the JSON property `displayName`
|
|
4492
|
+
# @return [String]
|
|
4493
|
+
attr_accessor :display_name
|
|
4494
|
+
|
|
4495
|
+
# The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
|
|
4496
|
+
# 1aaa11a".
|
|
4497
|
+
# Corresponds to the JSON property `id`
|
|
4498
|
+
# @return [String]
|
|
4499
|
+
attr_accessor :id
|
|
4500
|
+
|
|
4501
|
+
def initialize(**args)
|
|
4502
|
+
update!(**args)
|
|
4503
|
+
end
|
|
4504
|
+
|
|
4505
|
+
# Update properties of this object
|
|
4506
|
+
def update!(**args)
|
|
4507
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
4508
|
+
@id = args[:id] if args.key?(:id)
|
|
4509
|
+
end
|
|
4510
|
+
end
|
|
4511
|
+
|
|
4180
4512
|
# Information related to Google Cloud Backup and DR Service findings.
|
|
4181
4513
|
class GoogleCloudSecuritycenterV2BackupDisasterRecovery
|
|
4182
4514
|
include Google::Apis::Core::Hashable
|
|
@@ -4745,11 +5077,21 @@ module Google
|
|
|
4745
5077
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2Cvssv3]
|
|
4746
5078
|
attr_accessor :cvssv3
|
|
4747
5079
|
|
|
5080
|
+
# Date the first publicly available exploit or PoC was released.
|
|
5081
|
+
# Corresponds to the JSON property `exploitReleaseDate`
|
|
5082
|
+
# @return [String]
|
|
5083
|
+
attr_accessor :exploit_release_date
|
|
5084
|
+
|
|
4748
5085
|
# The exploitation activity of the vulnerability in the wild.
|
|
4749
5086
|
# Corresponds to the JSON property `exploitationActivity`
|
|
4750
5087
|
# @return [String]
|
|
4751
5088
|
attr_accessor :exploitation_activity
|
|
4752
5089
|
|
|
5090
|
+
# Date of the earliest known exploitation.
|
|
5091
|
+
# Corresponds to the JSON property `firstExploitationDate`
|
|
5092
|
+
# @return [String]
|
|
5093
|
+
attr_accessor :first_exploitation_date
|
|
5094
|
+
|
|
4753
5095
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
|
4754
5096
|
# Corresponds to the JSON property `id`
|
|
4755
5097
|
# @return [String]
|
|
@@ -4791,7 +5133,9 @@ module Google
|
|
|
4791
5133
|
# Update properties of this object
|
|
4792
5134
|
def update!(**args)
|
|
4793
5135
|
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
|
5136
|
+
@exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
|
|
4794
5137
|
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
|
5138
|
+
@first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
|
|
4795
5139
|
@id = args[:id] if args.key?(:id)
|
|
4796
5140
|
@impact = args[:impact] if args.key?(:impact)
|
|
4797
5141
|
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
|
@@ -4878,53 +5222,31 @@ module Google
|
|
|
4878
5222
|
end
|
|
4879
5223
|
end
|
|
4880
5224
|
|
|
4881
|
-
#
|
|
4882
|
-
#
|
|
4883
|
-
|
|
4884
|
-
# might not have the [full resource name](https://google.aip.dev/122#full-
|
|
4885
|
-
# resource-names) populated because these resource types, such as Cloud SQL
|
|
4886
|
-
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
|
4887
|
-
# the display name is provided.
|
|
4888
|
-
class GoogleCloudSecuritycenterV2Database
|
|
5225
|
+
# Details about a data access attempt made by a principal not authorized under
|
|
5226
|
+
# applicable data security policy.
|
|
5227
|
+
class GoogleCloudSecuritycenterV2DataAccessEvent
|
|
4889
5228
|
include Google::Apis::Core::Hashable
|
|
4890
5229
|
|
|
4891
|
-
#
|
|
4892
|
-
# Corresponds to the JSON property `
|
|
4893
|
-
# @return [String]
|
|
4894
|
-
attr_accessor :display_name
|
|
4895
|
-
|
|
4896
|
-
# The target usernames, roles, or groups of an SQL privilege grant, which is not
|
|
4897
|
-
# an IAM policy change.
|
|
4898
|
-
# Corresponds to the JSON property `grantees`
|
|
4899
|
-
# @return [Array<String>]
|
|
4900
|
-
attr_accessor :grantees
|
|
4901
|
-
|
|
4902
|
-
# Some database resources may not have the [full resource name](https://google.
|
|
4903
|
-
# aip.dev/122#full-resource-names) populated because these resource types are
|
|
4904
|
-
# not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
|
|
4905
|
-
# these cases only the display name will be provided. The [full resource name](
|
|
4906
|
-
# https://google.aip.dev/122#full-resource-names) of the database that the user
|
|
4907
|
-
# connected to, if it is supported by Cloud Asset Inventory.
|
|
4908
|
-
# Corresponds to the JSON property `name`
|
|
5230
|
+
# Unique identifier for data access event.
|
|
5231
|
+
# Corresponds to the JSON property `eventId`
|
|
4909
5232
|
# @return [String]
|
|
4910
|
-
attr_accessor :
|
|
5233
|
+
attr_accessor :event_id
|
|
4911
5234
|
|
|
4912
|
-
#
|
|
4913
|
-
# Corresponds to the JSON property `
|
|
5235
|
+
# Timestamp of data access event.
|
|
5236
|
+
# Corresponds to the JSON property `eventTime`
|
|
4914
5237
|
# @return [String]
|
|
4915
|
-
attr_accessor :
|
|
5238
|
+
attr_accessor :event_time
|
|
4916
5239
|
|
|
4917
|
-
# The
|
|
4918
|
-
#
|
|
4919
|
-
# Corresponds to the JSON property `userName`
|
|
5240
|
+
# The operation performed by the principal to access the data.
|
|
5241
|
+
# Corresponds to the JSON property `operation`
|
|
4920
5242
|
# @return [String]
|
|
4921
|
-
attr_accessor :
|
|
5243
|
+
attr_accessor :operation
|
|
4922
5244
|
|
|
4923
|
-
# The
|
|
4924
|
-
#
|
|
4925
|
-
# Corresponds to the JSON property `
|
|
5245
|
+
# The email address of the principal that accessed the data. The principal could
|
|
5246
|
+
# be a user account, service account, Google group, or other.
|
|
5247
|
+
# Corresponds to the JSON property `principalEmail`
|
|
4926
5248
|
# @return [String]
|
|
4927
|
-
attr_accessor :
|
|
5249
|
+
attr_accessor :principal_email
|
|
4928
5250
|
|
|
4929
5251
|
def initialize(**args)
|
|
4930
5252
|
update!(**args)
|
|
@@ -4932,28 +5254,188 @@ module Google
|
|
|
4932
5254
|
|
|
4933
5255
|
# Update properties of this object
|
|
4934
5256
|
def update!(**args)
|
|
4935
|
-
@
|
|
4936
|
-
@
|
|
4937
|
-
@
|
|
4938
|
-
@
|
|
4939
|
-
@user_name = args[:user_name] if args.key?(:user_name)
|
|
4940
|
-
@version = args[:version] if args.key?(:version)
|
|
5257
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
5258
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5259
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
5260
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
4941
5261
|
end
|
|
4942
5262
|
end
|
|
4943
5263
|
|
|
4944
|
-
#
|
|
4945
|
-
|
|
5264
|
+
# Details about a data flow event, in which either the data is moved to or is
|
|
5265
|
+
# accessed from a non-compliant geo-location, as defined in the applicable data
|
|
5266
|
+
# security policy.
|
|
5267
|
+
class GoogleCloudSecuritycenterV2DataFlowEvent
|
|
4946
5268
|
include Google::Apis::Core::Hashable
|
|
4947
5269
|
|
|
4948
|
-
#
|
|
4949
|
-
# Corresponds to the JSON property `
|
|
5270
|
+
# Unique identifier for data flow event.
|
|
5271
|
+
# Corresponds to the JSON property `eventId`
|
|
4950
5272
|
# @return [String]
|
|
4951
|
-
attr_accessor :
|
|
5273
|
+
attr_accessor :event_id
|
|
4952
5274
|
|
|
4953
|
-
#
|
|
4954
|
-
# Corresponds to the JSON property `
|
|
4955
|
-
# @return [
|
|
4956
|
-
attr_accessor :
|
|
5275
|
+
# Timestamp of data flow event.
|
|
5276
|
+
# Corresponds to the JSON property `eventTime`
|
|
5277
|
+
# @return [String]
|
|
5278
|
+
attr_accessor :event_time
|
|
5279
|
+
|
|
5280
|
+
# The operation performed by the principal for the data flow event.
|
|
5281
|
+
# Corresponds to the JSON property `operation`
|
|
5282
|
+
# @return [String]
|
|
5283
|
+
attr_accessor :operation
|
|
5284
|
+
|
|
5285
|
+
# The email address of the principal that initiated the data flow event. The
|
|
5286
|
+
# principal could be a user account, service account, Google group, or other.
|
|
5287
|
+
# Corresponds to the JSON property `principalEmail`
|
|
5288
|
+
# @return [String]
|
|
5289
|
+
attr_accessor :principal_email
|
|
5290
|
+
|
|
5291
|
+
# Non-compliant location of the principal or the data destination.
|
|
5292
|
+
# Corresponds to the JSON property `violatedLocation`
|
|
5293
|
+
# @return [String]
|
|
5294
|
+
attr_accessor :violated_location
|
|
5295
|
+
|
|
5296
|
+
def initialize(**args)
|
|
5297
|
+
update!(**args)
|
|
5298
|
+
end
|
|
5299
|
+
|
|
5300
|
+
# Update properties of this object
|
|
5301
|
+
def update!(**args)
|
|
5302
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
5303
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5304
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
5305
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
5306
|
+
@violated_location = args[:violated_location] if args.key?(:violated_location)
|
|
5307
|
+
end
|
|
5308
|
+
end
|
|
5309
|
+
|
|
5310
|
+
# Details about data retention deletion violations, in which the data is non-
|
|
5311
|
+
# compliant based on their retention or deletion time, as defined in the
|
|
5312
|
+
# applicable data security policy. The Data Retention Deletion (DRD) control is
|
|
5313
|
+
# a control of the DSPM (Data Security Posture Management) suite that enables
|
|
5314
|
+
# organizations to manage data retention and deletion policies in compliance
|
|
5315
|
+
# with regulations, such as GDPR and CRPA. DRD supports two primary policy types:
|
|
5316
|
+
# maximum storage length (max TTL) and minimum storage length (min TTL). Both
|
|
5317
|
+
# are aimed at helping organizations meet regulatory and data management
|
|
5318
|
+
# commitments.
|
|
5319
|
+
class GoogleCloudSecuritycenterV2DataRetentionDeletionEvent
|
|
5320
|
+
include Google::Apis::Core::Hashable
|
|
5321
|
+
|
|
5322
|
+
# Number of objects that violated the policy for this resource. If the number is
|
|
5323
|
+
# less than 1,000, then the value of this field is the exact number. If the
|
|
5324
|
+
# number of objects that violated the policy is greater than or equal to 1,000,
|
|
5325
|
+
# then the value of this field is 1000.
|
|
5326
|
+
# Corresponds to the JSON property `dataObjectCount`
|
|
5327
|
+
# @return [Fixnum]
|
|
5328
|
+
attr_accessor :data_object_count
|
|
5329
|
+
|
|
5330
|
+
# Timestamp indicating when the event was detected.
|
|
5331
|
+
# Corresponds to the JSON property `eventDetectionTime`
|
|
5332
|
+
# @return [String]
|
|
5333
|
+
attr_accessor :event_detection_time
|
|
5334
|
+
|
|
5335
|
+
# Type of the DRD event.
|
|
5336
|
+
# Corresponds to the JSON property `eventType`
|
|
5337
|
+
# @return [String]
|
|
5338
|
+
attr_accessor :event_type
|
|
5339
|
+
|
|
5340
|
+
# Maximum duration of retention allowed from the DRD control. This comes from
|
|
5341
|
+
# the DRD control where users set a max TTL for their data. For example, suppose
|
|
5342
|
+
# that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an
|
|
5343
|
+
# object in that bucket is 100 days old. In this case, a
|
|
5344
|
+
# DataRetentionDeletionEvent will be generated for that Cloud Storage bucket,
|
|
5345
|
+
# and the max_retention_allowed is 90 days.
|
|
5346
|
+
# Corresponds to the JSON property `maxRetentionAllowed`
|
|
5347
|
+
# @return [String]
|
|
5348
|
+
attr_accessor :max_retention_allowed
|
|
5349
|
+
|
|
5350
|
+
def initialize(**args)
|
|
5351
|
+
update!(**args)
|
|
5352
|
+
end
|
|
5353
|
+
|
|
5354
|
+
# Update properties of this object
|
|
5355
|
+
def update!(**args)
|
|
5356
|
+
@data_object_count = args[:data_object_count] if args.key?(:data_object_count)
|
|
5357
|
+
@event_detection_time = args[:event_detection_time] if args.key?(:event_detection_time)
|
|
5358
|
+
@event_type = args[:event_type] if args.key?(:event_type)
|
|
5359
|
+
@max_retention_allowed = args[:max_retention_allowed] if args.key?(:max_retention_allowed)
|
|
5360
|
+
end
|
|
5361
|
+
end
|
|
5362
|
+
|
|
5363
|
+
# Represents database access information, such as queries. A database may be a
|
|
5364
|
+
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
5365
|
+
# Spanner instances), or the database instance itself. Some database resources
|
|
5366
|
+
# might not have the [full resource name](https://google.aip.dev/122#full-
|
|
5367
|
+
# resource-names) populated because these resource types, such as Cloud SQL
|
|
5368
|
+
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
|
5369
|
+
# the display name is provided.
|
|
5370
|
+
class GoogleCloudSecuritycenterV2Database
|
|
5371
|
+
include Google::Apis::Core::Hashable
|
|
5372
|
+
|
|
5373
|
+
# The human-readable name of the database that the user connected to.
|
|
5374
|
+
# Corresponds to the JSON property `displayName`
|
|
5375
|
+
# @return [String]
|
|
5376
|
+
attr_accessor :display_name
|
|
5377
|
+
|
|
5378
|
+
# The target usernames, roles, or groups of an SQL privilege grant, which is not
|
|
5379
|
+
# an IAM policy change.
|
|
5380
|
+
# Corresponds to the JSON property `grantees`
|
|
5381
|
+
# @return [Array<String>]
|
|
5382
|
+
attr_accessor :grantees
|
|
5383
|
+
|
|
5384
|
+
# Some database resources may not have the [full resource name](https://google.
|
|
5385
|
+
# aip.dev/122#full-resource-names) populated because these resource types are
|
|
5386
|
+
# not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
|
|
5387
|
+
# these cases only the display name will be provided. The [full resource name](
|
|
5388
|
+
# https://google.aip.dev/122#full-resource-names) of the database that the user
|
|
5389
|
+
# connected to, if it is supported by Cloud Asset Inventory.
|
|
5390
|
+
# Corresponds to the JSON property `name`
|
|
5391
|
+
# @return [String]
|
|
5392
|
+
attr_accessor :name
|
|
5393
|
+
|
|
5394
|
+
# The SQL statement that is associated with the database access.
|
|
5395
|
+
# Corresponds to the JSON property `query`
|
|
5396
|
+
# @return [String]
|
|
5397
|
+
attr_accessor :query
|
|
5398
|
+
|
|
5399
|
+
# The username used to connect to the database. The username might not be an IAM
|
|
5400
|
+
# principal and does not have a set format.
|
|
5401
|
+
# Corresponds to the JSON property `userName`
|
|
5402
|
+
# @return [String]
|
|
5403
|
+
attr_accessor :user_name
|
|
5404
|
+
|
|
5405
|
+
# The version of the database, for example, POSTGRES_14. See [the complete list](
|
|
5406
|
+
# https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
|
|
5407
|
+
# Corresponds to the JSON property `version`
|
|
5408
|
+
# @return [String]
|
|
5409
|
+
attr_accessor :version
|
|
5410
|
+
|
|
5411
|
+
def initialize(**args)
|
|
5412
|
+
update!(**args)
|
|
5413
|
+
end
|
|
5414
|
+
|
|
5415
|
+
# Update properties of this object
|
|
5416
|
+
def update!(**args)
|
|
5417
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
5418
|
+
@grantees = args[:grantees] if args.key?(:grantees)
|
|
5419
|
+
@name = args[:name] if args.key?(:name)
|
|
5420
|
+
@query = args[:query] if args.key?(:query)
|
|
5421
|
+
@user_name = args[:user_name] if args.key?(:user_name)
|
|
5422
|
+
@version = args[:version] if args.key?(:version)
|
|
5423
|
+
end
|
|
5424
|
+
end
|
|
5425
|
+
|
|
5426
|
+
# Memory hash detection contributing to the binary family match.
|
|
5427
|
+
class GoogleCloudSecuritycenterV2Detection
|
|
5428
|
+
include Google::Apis::Core::Hashable
|
|
5429
|
+
|
|
5430
|
+
# The name of the binary associated with the memory hash signature detection.
|
|
5431
|
+
# Corresponds to the JSON property `binary`
|
|
5432
|
+
# @return [String]
|
|
5433
|
+
attr_accessor :binary
|
|
5434
|
+
|
|
5435
|
+
# The percentage of memory page hashes in the signature that were matched.
|
|
5436
|
+
# Corresponds to the JSON property `percentPagesMatched`
|
|
5437
|
+
# @return [Float]
|
|
5438
|
+
attr_accessor :percent_pages_matched
|
|
4957
5439
|
|
|
4958
5440
|
def initialize(**args)
|
|
4959
5441
|
update!(**args)
|
|
@@ -4966,6 +5448,26 @@ module Google
|
|
|
4966
5448
|
end
|
|
4967
5449
|
end
|
|
4968
5450
|
|
|
5451
|
+
# Contains information about the disk associated with the finding.
|
|
5452
|
+
class GoogleCloudSecuritycenterV2Disk
|
|
5453
|
+
include Google::Apis::Core::Hashable
|
|
5454
|
+
|
|
5455
|
+
# The name of the disk, for example, "https://www.googleapis.com/compute/v1/
|
|
5456
|
+
# projects/project-id/zones/zone-id/disks/disk-id".
|
|
5457
|
+
# Corresponds to the JSON property `name`
|
|
5458
|
+
# @return [String]
|
|
5459
|
+
attr_accessor :name
|
|
5460
|
+
|
|
5461
|
+
def initialize(**args)
|
|
5462
|
+
update!(**args)
|
|
5463
|
+
end
|
|
5464
|
+
|
|
5465
|
+
# Update properties of this object
|
|
5466
|
+
def update!(**args)
|
|
5467
|
+
@name = args[:name] if args.key?(:name)
|
|
5468
|
+
end
|
|
5469
|
+
end
|
|
5470
|
+
|
|
4969
5471
|
# Path of the file in terms of underlying disk/partition identifiers.
|
|
4970
5472
|
class GoogleCloudSecuritycenterV2DiskPath
|
|
4971
5473
|
include Google::Apis::Core::Hashable
|
|
@@ -4993,6 +5495,33 @@ module Google
|
|
|
4993
5495
|
end
|
|
4994
5496
|
end
|
|
4995
5497
|
|
|
5498
|
+
# The record of a dynamic mute rule that matches the finding.
|
|
5499
|
+
class GoogleCloudSecuritycenterV2DynamicMuteRecord
|
|
5500
|
+
include Google::Apis::Core::Hashable
|
|
5501
|
+
|
|
5502
|
+
# When the dynamic mute rule first matched the finding.
|
|
5503
|
+
# Corresponds to the JSON property `matchTime`
|
|
5504
|
+
# @return [String]
|
|
5505
|
+
attr_accessor :match_time
|
|
5506
|
+
|
|
5507
|
+
# The relative resource name of the mute rule, represented by a mute config,
|
|
5508
|
+
# that created this record, for example `organizations/123/muteConfigs/
|
|
5509
|
+
# mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
|
5510
|
+
# Corresponds to the JSON property `muteConfig`
|
|
5511
|
+
# @return [String]
|
|
5512
|
+
attr_accessor :mute_config
|
|
5513
|
+
|
|
5514
|
+
def initialize(**args)
|
|
5515
|
+
update!(**args)
|
|
5516
|
+
end
|
|
5517
|
+
|
|
5518
|
+
# Update properties of this object
|
|
5519
|
+
def update!(**args)
|
|
5520
|
+
@match_time = args[:match_time] if args.key?(:match_time)
|
|
5521
|
+
@mute_config = args[:mute_config] if args.key?(:mute_config)
|
|
5522
|
+
end
|
|
5523
|
+
end
|
|
5524
|
+
|
|
4996
5525
|
# A name-value pair representing an environment variable used in an operating
|
|
4997
5526
|
# system process.
|
|
4998
5527
|
class GoogleCloudSecuritycenterV2EnvironmentVariable
|
|
@@ -5331,6 +5860,21 @@ module Google
|
|
|
5331
5860
|
# @return [String]
|
|
5332
5861
|
attr_accessor :create_time
|
|
5333
5862
|
|
|
5863
|
+
# Data access events associated with the finding.
|
|
5864
|
+
# Corresponds to the JSON property `dataAccessEvents`
|
|
5865
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DataAccessEvent>]
|
|
5866
|
+
attr_accessor :data_access_events
|
|
5867
|
+
|
|
5868
|
+
# Data flow events associated with the finding.
|
|
5869
|
+
# Corresponds to the JSON property `dataFlowEvents`
|
|
5870
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DataFlowEvent>]
|
|
5871
|
+
attr_accessor :data_flow_events
|
|
5872
|
+
|
|
5873
|
+
# Data retention deletion events associated with the finding.
|
|
5874
|
+
# Corresponds to the JSON property `dataRetentionDeletionEvents`
|
|
5875
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DataRetentionDeletionEvent>]
|
|
5876
|
+
attr_accessor :data_retention_deletion_events
|
|
5877
|
+
|
|
5334
5878
|
# Represents database access information, such as queries. A database may be a
|
|
5335
5879
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
5336
5880
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -5347,6 +5891,11 @@ module Google
|
|
|
5347
5891
|
# @return [String]
|
|
5348
5892
|
attr_accessor :description
|
|
5349
5893
|
|
|
5894
|
+
# Contains information about the disk associated with the finding.
|
|
5895
|
+
# Corresponds to the JSON property `disk`
|
|
5896
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2Disk]
|
|
5897
|
+
attr_accessor :disk
|
|
5898
|
+
|
|
5350
5899
|
# The time the finding was first detected. If an existing finding is updated,
|
|
5351
5900
|
# then this is the time the update occurred. For example, if the finding
|
|
5352
5901
|
# represents an open firewall, this property captures the time the detector
|
|
@@ -5448,6 +5997,12 @@ module Google
|
|
|
5448
5997
|
# @return [String]
|
|
5449
5998
|
attr_accessor :mute
|
|
5450
5999
|
|
|
6000
|
+
# Mute information about the finding, including whether the finding has a static
|
|
6001
|
+
# mute or any matching dynamic mute rules.
|
|
6002
|
+
# Corresponds to the JSON property `muteInfo`
|
|
6003
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2MuteInfo]
|
|
6004
|
+
attr_accessor :mute_info
|
|
6005
|
+
|
|
5451
6006
|
# Records additional information about the mute operation, for example, the [
|
|
5452
6007
|
# mute configuration](https://cloud.google.com/security-command-center/docs/how-
|
|
5453
6008
|
# to-mute-findings) that muted the finding and the user who muted the finding.
|
|
@@ -5531,44 +6086,604 @@ module Google
|
|
|
5531
6086
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SecurityMarks]
|
|
5532
6087
|
attr_accessor :security_marks
|
|
5533
6088
|
|
|
5534
|
-
# Represents a posture that is deployed on Google Cloud by the Security Command
|
|
5535
|
-
# Center Posture Management service. A posture contains one or more policy sets.
|
|
5536
|
-
# A policy set is a group of policies that enforce a set of security rules on
|
|
5537
|
-
# Google Cloud.
|
|
5538
|
-
# Corresponds to the JSON property `securityPosture`
|
|
5539
|
-
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SecurityPosture]
|
|
5540
|
-
attr_accessor :security_posture
|
|
6089
|
+
# Represents a posture that is deployed on Google Cloud by the Security Command
|
|
6090
|
+
# Center Posture Management service. A posture contains one or more policy sets.
|
|
6091
|
+
# A policy set is a group of policies that enforce a set of security rules on
|
|
6092
|
+
# Google Cloud.
|
|
6093
|
+
# Corresponds to the JSON property `securityPosture`
|
|
6094
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SecurityPosture]
|
|
6095
|
+
attr_accessor :security_posture
|
|
6096
|
+
|
|
6097
|
+
# The severity of the finding. This field is managed by the source that writes
|
|
6098
|
+
# the finding.
|
|
6099
|
+
# Corresponds to the JSON property `severity`
|
|
6100
|
+
# @return [String]
|
|
6101
|
+
attr_accessor :severity
|
|
6102
|
+
|
|
6103
|
+
# Source specific properties. These properties are managed by the source that
|
|
6104
|
+
# writes the finding. The key names in the source_properties map must be between
|
|
6105
|
+
# 1 and 255 characters, and must start with a letter and contain alphanumeric
|
|
6106
|
+
# characters or underscores only.
|
|
6107
|
+
# Corresponds to the JSON property `sourceProperties`
|
|
6108
|
+
# @return [Hash<String,Object>]
|
|
6109
|
+
attr_accessor :source_properties
|
|
6110
|
+
|
|
6111
|
+
# Output only. The state of the finding.
|
|
6112
|
+
# Corresponds to the JSON property `state`
|
|
6113
|
+
# @return [String]
|
|
6114
|
+
attr_accessor :state
|
|
6115
|
+
|
|
6116
|
+
# Contains details about a group of security issues that, when the issues occur
|
|
6117
|
+
# together, represent a greater risk than when the issues occur independently. A
|
|
6118
|
+
# group of such issues is referred to as a toxic combination.
|
|
6119
|
+
# Corresponds to the JSON property `toxicCombination`
|
|
6120
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ToxicCombination]
|
|
6121
|
+
attr_accessor :toxic_combination
|
|
6122
|
+
|
|
6123
|
+
# Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
|
|
6124
|
+
# Corresponds to the JSON property `vulnerability`
|
|
6125
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2Vulnerability]
|
|
6126
|
+
attr_accessor :vulnerability
|
|
6127
|
+
|
|
6128
|
+
def initialize(**args)
|
|
6129
|
+
update!(**args)
|
|
6130
|
+
end
|
|
6131
|
+
|
|
6132
|
+
# Update properties of this object
|
|
6133
|
+
def update!(**args)
|
|
6134
|
+
@access = args[:access] if args.key?(:access)
|
|
6135
|
+
@application = args[:application] if args.key?(:application)
|
|
6136
|
+
@attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
|
|
6137
|
+
@backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
|
|
6138
|
+
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
|
6139
|
+
@category = args[:category] if args.key?(:category)
|
|
6140
|
+
@cloud_armor = args[:cloud_armor] if args.key?(:cloud_armor)
|
|
6141
|
+
@cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
|
|
6142
|
+
@cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
|
|
6143
|
+
@compliances = args[:compliances] if args.key?(:compliances)
|
|
6144
|
+
@connections = args[:connections] if args.key?(:connections)
|
|
6145
|
+
@contacts = args[:contacts] if args.key?(:contacts)
|
|
6146
|
+
@containers = args[:containers] if args.key?(:containers)
|
|
6147
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
|
6148
|
+
@data_access_events = args[:data_access_events] if args.key?(:data_access_events)
|
|
6149
|
+
@data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
|
|
6150
|
+
@data_retention_deletion_events = args[:data_retention_deletion_events] if args.key?(:data_retention_deletion_events)
|
|
6151
|
+
@database = args[:database] if args.key?(:database)
|
|
6152
|
+
@description = args[:description] if args.key?(:description)
|
|
6153
|
+
@disk = args[:disk] if args.key?(:disk)
|
|
6154
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
6155
|
+
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
6156
|
+
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
6157
|
+
@external_uri = args[:external_uri] if args.key?(:external_uri)
|
|
6158
|
+
@files = args[:files] if args.key?(:files)
|
|
6159
|
+
@finding_class = args[:finding_class] if args.key?(:finding_class)
|
|
6160
|
+
@group_memberships = args[:group_memberships] if args.key?(:group_memberships)
|
|
6161
|
+
@iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
|
|
6162
|
+
@indicator = args[:indicator] if args.key?(:indicator)
|
|
6163
|
+
@kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
|
|
6164
|
+
@kubernetes = args[:kubernetes] if args.key?(:kubernetes)
|
|
6165
|
+
@load_balancers = args[:load_balancers] if args.key?(:load_balancers)
|
|
6166
|
+
@log_entries = args[:log_entries] if args.key?(:log_entries)
|
|
6167
|
+
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
6168
|
+
@module_name = args[:module_name] if args.key?(:module_name)
|
|
6169
|
+
@mute = args[:mute] if args.key?(:mute)
|
|
6170
|
+
@mute_info = args[:mute_info] if args.key?(:mute_info)
|
|
6171
|
+
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
6172
|
+
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
6173
|
+
@name = args[:name] if args.key?(:name)
|
|
6174
|
+
@next_steps = args[:next_steps] if args.key?(:next_steps)
|
|
6175
|
+
@notebook = args[:notebook] if args.key?(:notebook)
|
|
6176
|
+
@org_policies = args[:org_policies] if args.key?(:org_policies)
|
|
6177
|
+
@parent = args[:parent] if args.key?(:parent)
|
|
6178
|
+
@parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
|
|
6179
|
+
@processes = args[:processes] if args.key?(:processes)
|
|
6180
|
+
@resource_name = args[:resource_name] if args.key?(:resource_name)
|
|
6181
|
+
@security_marks = args[:security_marks] if args.key?(:security_marks)
|
|
6182
|
+
@security_posture = args[:security_posture] if args.key?(:security_posture)
|
|
6183
|
+
@severity = args[:severity] if args.key?(:severity)
|
|
6184
|
+
@source_properties = args[:source_properties] if args.key?(:source_properties)
|
|
6185
|
+
@state = args[:state] if args.key?(:state)
|
|
6186
|
+
@toxic_combination = args[:toxic_combination] if args.key?(:toxic_combination)
|
|
6187
|
+
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
|
6188
|
+
end
|
|
6189
|
+
end
|
|
6190
|
+
|
|
6191
|
+
# Message that contains the resource name and display name of a folder resource.
|
|
6192
|
+
class GoogleCloudSecuritycenterV2Folder
|
|
6193
|
+
include Google::Apis::Core::Hashable
|
|
6194
|
+
|
|
6195
|
+
# Full resource name of this folder. See: https://cloud.google.com/apis/design/
|
|
6196
|
+
# resource_names#full_resource_name
|
|
6197
|
+
# Corresponds to the JSON property `resourceFolder`
|
|
6198
|
+
# @return [String]
|
|
6199
|
+
attr_accessor :resource_folder
|
|
6200
|
+
|
|
6201
|
+
# The user defined display name for this folder.
|
|
6202
|
+
# Corresponds to the JSON property `resourceFolderDisplayName`
|
|
6203
|
+
# @return [String]
|
|
6204
|
+
attr_accessor :resource_folder_display_name
|
|
6205
|
+
|
|
6206
|
+
def initialize(**args)
|
|
6207
|
+
update!(**args)
|
|
6208
|
+
end
|
|
6209
|
+
|
|
6210
|
+
# Update properties of this object
|
|
6211
|
+
def update!(**args)
|
|
6212
|
+
@resource_folder = args[:resource_folder] if args.key?(:resource_folder)
|
|
6213
|
+
@resource_folder_display_name = args[:resource_folder_display_name] if args.key?(:resource_folder_display_name)
|
|
6214
|
+
end
|
|
6215
|
+
end
|
|
6216
|
+
|
|
6217
|
+
# Represents a geographical location for a given access.
|
|
6218
|
+
class GoogleCloudSecuritycenterV2Geolocation
|
|
6219
|
+
include Google::Apis::Core::Hashable
|
|
6220
|
+
|
|
6221
|
+
# A CLDR.
|
|
6222
|
+
# Corresponds to the JSON property `regionCode`
|
|
6223
|
+
# @return [String]
|
|
6224
|
+
attr_accessor :region_code
|
|
6225
|
+
|
|
6226
|
+
def initialize(**args)
|
|
6227
|
+
update!(**args)
|
|
6228
|
+
end
|
|
6229
|
+
|
|
6230
|
+
# Update properties of this object
|
|
6231
|
+
def update!(**args)
|
|
6232
|
+
@region_code = args[:region_code] if args.key?(:region_code)
|
|
6233
|
+
end
|
|
6234
|
+
end
|
|
6235
|
+
|
|
6236
|
+
# Contains details about groups of which this finding is a member. A group is a
|
|
6237
|
+
# collection of findings that are related in some way.
|
|
6238
|
+
class GoogleCloudSecuritycenterV2GroupMembership
|
|
6239
|
+
include Google::Apis::Core::Hashable
|
|
6240
|
+
|
|
6241
|
+
# ID of the group.
|
|
6242
|
+
# Corresponds to the JSON property `groupId`
|
|
6243
|
+
# @return [String]
|
|
6244
|
+
attr_accessor :group_id
|
|
6245
|
+
|
|
6246
|
+
# Type of group.
|
|
6247
|
+
# Corresponds to the JSON property `groupType`
|
|
6248
|
+
# @return [String]
|
|
6249
|
+
attr_accessor :group_type
|
|
6250
|
+
|
|
6251
|
+
def initialize(**args)
|
|
6252
|
+
update!(**args)
|
|
6253
|
+
end
|
|
6254
|
+
|
|
6255
|
+
# Update properties of this object
|
|
6256
|
+
def update!(**args)
|
|
6257
|
+
@group_id = args[:group_id] if args.key?(:group_id)
|
|
6258
|
+
@group_type = args[:group_type] if args.key?(:group_type)
|
|
6259
|
+
end
|
|
6260
|
+
end
|
|
6261
|
+
|
|
6262
|
+
# Represents a particular IAM binding, which captures a member's role addition,
|
|
6263
|
+
# removal, or state.
|
|
6264
|
+
class GoogleCloudSecuritycenterV2IamBinding
|
|
6265
|
+
include Google::Apis::Core::Hashable
|
|
6266
|
+
|
|
6267
|
+
# The action that was performed on a Binding.
|
|
6268
|
+
# Corresponds to the JSON property `action`
|
|
6269
|
+
# @return [String]
|
|
6270
|
+
attr_accessor :action
|
|
6271
|
+
|
|
6272
|
+
# A single identity requesting access for a Cloud Platform resource, for example,
|
|
6273
|
+
# "foo@google.com".
|
|
6274
|
+
# Corresponds to the JSON property `member`
|
|
6275
|
+
# @return [String]
|
|
6276
|
+
attr_accessor :member
|
|
6277
|
+
|
|
6278
|
+
# Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
|
|
6279
|
+
# , or "roles/owner".
|
|
6280
|
+
# Corresponds to the JSON property `role`
|
|
6281
|
+
# @return [String]
|
|
6282
|
+
attr_accessor :role
|
|
6283
|
+
|
|
6284
|
+
def initialize(**args)
|
|
6285
|
+
update!(**args)
|
|
6286
|
+
end
|
|
6287
|
+
|
|
6288
|
+
# Update properties of this object
|
|
6289
|
+
def update!(**args)
|
|
6290
|
+
@action = args[:action] if args.key?(:action)
|
|
6291
|
+
@member = args[:member] if args.key?(:member)
|
|
6292
|
+
@role = args[:role] if args.key?(:role)
|
|
6293
|
+
end
|
|
6294
|
+
end
|
|
6295
|
+
|
|
6296
|
+
# Represents what's commonly known as an _indicator of compromise_ (IoC) in
|
|
6297
|
+
# computer forensics. This is an artifact observed on a network or in an
|
|
6298
|
+
# operating system that, with high confidence, indicates a computer intrusion.
|
|
6299
|
+
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
|
6300
|
+
# wiki/Indicator_of_compromise).
|
|
6301
|
+
class GoogleCloudSecuritycenterV2Indicator
|
|
6302
|
+
include Google::Apis::Core::Hashable
|
|
6303
|
+
|
|
6304
|
+
# List of domains associated to the Finding.
|
|
6305
|
+
# Corresponds to the JSON property `domains`
|
|
6306
|
+
# @return [Array<String>]
|
|
6307
|
+
attr_accessor :domains
|
|
6308
|
+
|
|
6309
|
+
# The list of IP addresses that are associated with the finding.
|
|
6310
|
+
# Corresponds to the JSON property `ipAddresses`
|
|
6311
|
+
# @return [Array<String>]
|
|
6312
|
+
attr_accessor :ip_addresses
|
|
6313
|
+
|
|
6314
|
+
# The list of matched signatures indicating that the given process is present in
|
|
6315
|
+
# the environment.
|
|
6316
|
+
# Corresponds to the JSON property `signatures`
|
|
6317
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ProcessSignature>]
|
|
6318
|
+
attr_accessor :signatures
|
|
6319
|
+
|
|
6320
|
+
# The list of URIs associated to the Findings.
|
|
6321
|
+
# Corresponds to the JSON property `uris`
|
|
6322
|
+
# @return [Array<String>]
|
|
6323
|
+
attr_accessor :uris
|
|
6324
|
+
|
|
6325
|
+
def initialize(**args)
|
|
6326
|
+
update!(**args)
|
|
6327
|
+
end
|
|
6328
|
+
|
|
6329
|
+
# Update properties of this object
|
|
6330
|
+
def update!(**args)
|
|
6331
|
+
@domains = args[:domains] if args.key?(:domains)
|
|
6332
|
+
@ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
|
|
6333
|
+
@signatures = args[:signatures] if args.key?(:signatures)
|
|
6334
|
+
@uris = args[:uris] if args.key?(:uris)
|
|
6335
|
+
end
|
|
6336
|
+
end
|
|
6337
|
+
|
|
6338
|
+
# Security Command Center Issue.
|
|
6339
|
+
class GoogleCloudSecuritycenterV2Issue
|
|
6340
|
+
include Google::Apis::Core::Hashable
|
|
6341
|
+
|
|
6342
|
+
# Output only. The time the issue was created.
|
|
6343
|
+
# Corresponds to the JSON property `createTime`
|
|
6344
|
+
# @return [String]
|
|
6345
|
+
attr_accessor :create_time
|
|
6346
|
+
|
|
6347
|
+
# The description of the issue in Markdown format.
|
|
6348
|
+
# Corresponds to the JSON property `description`
|
|
6349
|
+
# @return [String]
|
|
6350
|
+
attr_accessor :description
|
|
6351
|
+
|
|
6352
|
+
# The finding category or rule name that generated the issue.
|
|
6353
|
+
# Corresponds to the JSON property `detection`
|
|
6354
|
+
# @return [String]
|
|
6355
|
+
attr_accessor :detection
|
|
6356
|
+
|
|
6357
|
+
# The domains of the issue.
|
|
6358
|
+
# Corresponds to the JSON property `domains`
|
|
6359
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueDomain>]
|
|
6360
|
+
attr_accessor :domains
|
|
6361
|
+
|
|
6362
|
+
# The exposure score of the issue.
|
|
6363
|
+
# Corresponds to the JSON property `exposureScore`
|
|
6364
|
+
# @return [Float]
|
|
6365
|
+
attr_accessor :exposure_score
|
|
6366
|
+
|
|
6367
|
+
# The type of the issue.
|
|
6368
|
+
# Corresponds to the JSON property `issueType`
|
|
6369
|
+
# @return [String]
|
|
6370
|
+
attr_accessor :issue_type
|
|
6371
|
+
|
|
6372
|
+
# The time the issue was last observed.
|
|
6373
|
+
# Corresponds to the JSON property `lastObservationTime`
|
|
6374
|
+
# @return [String]
|
|
6375
|
+
attr_accessor :last_observation_time
|
|
6376
|
+
|
|
6377
|
+
# The mute information of the issue.
|
|
6378
|
+
# Corresponds to the JSON property `mute`
|
|
6379
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueMute]
|
|
6380
|
+
attr_accessor :mute
|
|
6381
|
+
|
|
6382
|
+
# Identifier. The name of the issue. Format: organizations/`organization`/
|
|
6383
|
+
# locations/`location`/issues/`issue`
|
|
6384
|
+
# Corresponds to the JSON property `name`
|
|
6385
|
+
# @return [String]
|
|
6386
|
+
attr_accessor :name
|
|
6387
|
+
|
|
6388
|
+
# A resource associated with the an issue.
|
|
6389
|
+
# Corresponds to the JSON property `primaryResource`
|
|
6390
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResource]
|
|
6391
|
+
attr_accessor :primary_resource
|
|
6392
|
+
|
|
6393
|
+
# The findings related to the issue.
|
|
6394
|
+
# Corresponds to the JSON property `relatedFindings`
|
|
6395
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueFinding>]
|
|
6396
|
+
attr_accessor :related_findings
|
|
6397
|
+
|
|
6398
|
+
# Approaches to remediate the issue in Markdown format.
|
|
6399
|
+
# Corresponds to the JSON property `remediations`
|
|
6400
|
+
# @return [Array<String>]
|
|
6401
|
+
attr_accessor :remediations
|
|
6402
|
+
|
|
6403
|
+
# Additional resources associated with the issue.
|
|
6404
|
+
# Corresponds to the JSON property `secondaryResources`
|
|
6405
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResource>]
|
|
6406
|
+
attr_accessor :secondary_resources
|
|
6407
|
+
|
|
6408
|
+
# The security context of the issue.
|
|
6409
|
+
# Corresponds to the JSON property `securityContexts`
|
|
6410
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueSecurityContext>]
|
|
6411
|
+
attr_accessor :security_contexts
|
|
6412
|
+
|
|
6413
|
+
# The severity of the issue.
|
|
6414
|
+
# Corresponds to the JSON property `severity`
|
|
6415
|
+
# @return [String]
|
|
6416
|
+
attr_accessor :severity
|
|
6417
|
+
|
|
6418
|
+
# Output only. The state of the issue.
|
|
6419
|
+
# Corresponds to the JSON property `state`
|
|
6420
|
+
# @return [String]
|
|
6421
|
+
attr_accessor :state
|
|
6422
|
+
|
|
6423
|
+
# Output only. The time the issue was last updated.
|
|
6424
|
+
# Corresponds to the JSON property `updateTime`
|
|
6425
|
+
# @return [String]
|
|
6426
|
+
attr_accessor :update_time
|
|
6427
|
+
|
|
6428
|
+
def initialize(**args)
|
|
6429
|
+
update!(**args)
|
|
6430
|
+
end
|
|
6431
|
+
|
|
6432
|
+
# Update properties of this object
|
|
6433
|
+
def update!(**args)
|
|
6434
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
|
6435
|
+
@description = args[:description] if args.key?(:description)
|
|
6436
|
+
@detection = args[:detection] if args.key?(:detection)
|
|
6437
|
+
@domains = args[:domains] if args.key?(:domains)
|
|
6438
|
+
@exposure_score = args[:exposure_score] if args.key?(:exposure_score)
|
|
6439
|
+
@issue_type = args[:issue_type] if args.key?(:issue_type)
|
|
6440
|
+
@last_observation_time = args[:last_observation_time] if args.key?(:last_observation_time)
|
|
6441
|
+
@mute = args[:mute] if args.key?(:mute)
|
|
6442
|
+
@name = args[:name] if args.key?(:name)
|
|
6443
|
+
@primary_resource = args[:primary_resource] if args.key?(:primary_resource)
|
|
6444
|
+
@related_findings = args[:related_findings] if args.key?(:related_findings)
|
|
6445
|
+
@remediations = args[:remediations] if args.key?(:remediations)
|
|
6446
|
+
@secondary_resources = args[:secondary_resources] if args.key?(:secondary_resources)
|
|
6447
|
+
@security_contexts = args[:security_contexts] if args.key?(:security_contexts)
|
|
6448
|
+
@severity = args[:severity] if args.key?(:severity)
|
|
6449
|
+
@state = args[:state] if args.key?(:state)
|
|
6450
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
|
6451
|
+
end
|
|
6452
|
+
end
|
|
6453
|
+
|
|
6454
|
+
# The domains of an issue.
|
|
6455
|
+
class GoogleCloudSecuritycenterV2IssueDomain
|
|
6456
|
+
include Google::Apis::Core::Hashable
|
|
6457
|
+
|
|
6458
|
+
# The domain category of the issue.
|
|
6459
|
+
# Corresponds to the JSON property `domainCategory`
|
|
6460
|
+
# @return [String]
|
|
6461
|
+
attr_accessor :domain_category
|
|
6462
|
+
|
|
6463
|
+
def initialize(**args)
|
|
6464
|
+
update!(**args)
|
|
6465
|
+
end
|
|
6466
|
+
|
|
6467
|
+
# Update properties of this object
|
|
6468
|
+
def update!(**args)
|
|
6469
|
+
@domain_category = args[:domain_category] if args.key?(:domain_category)
|
|
6470
|
+
end
|
|
6471
|
+
end
|
|
6472
|
+
|
|
6473
|
+
# Finding related to an issue.
|
|
6474
|
+
class GoogleCloudSecuritycenterV2IssueFinding
|
|
6475
|
+
include Google::Apis::Core::Hashable
|
|
6476
|
+
|
|
6477
|
+
# The CVE of the finding.
|
|
6478
|
+
# Corresponds to the JSON property `cve`
|
|
6479
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueFindingCve]
|
|
6480
|
+
attr_accessor :cve
|
|
6481
|
+
|
|
6482
|
+
# The name of the finding.
|
|
6483
|
+
# Corresponds to the JSON property `name`
|
|
6484
|
+
# @return [String]
|
|
6485
|
+
attr_accessor :name
|
|
6486
|
+
|
|
6487
|
+
# The security bulletin of the finding.
|
|
6488
|
+
# Corresponds to the JSON property `securityBulletin`
|
|
6489
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin]
|
|
6490
|
+
attr_accessor :security_bulletin
|
|
6491
|
+
|
|
6492
|
+
def initialize(**args)
|
|
6493
|
+
update!(**args)
|
|
6494
|
+
end
|
|
6495
|
+
|
|
6496
|
+
# Update properties of this object
|
|
6497
|
+
def update!(**args)
|
|
6498
|
+
@cve = args[:cve] if args.key?(:cve)
|
|
6499
|
+
@name = args[:name] if args.key?(:name)
|
|
6500
|
+
@security_bulletin = args[:security_bulletin] if args.key?(:security_bulletin)
|
|
6501
|
+
end
|
|
6502
|
+
end
|
|
6503
|
+
|
|
6504
|
+
# The CVE of the finding.
|
|
6505
|
+
class GoogleCloudSecuritycenterV2IssueFindingCve
|
|
6506
|
+
include Google::Apis::Core::Hashable
|
|
6507
|
+
|
|
6508
|
+
# The CVE name.
|
|
6509
|
+
# Corresponds to the JSON property `name`
|
|
6510
|
+
# @return [String]
|
|
6511
|
+
attr_accessor :name
|
|
6512
|
+
|
|
6513
|
+
def initialize(**args)
|
|
6514
|
+
update!(**args)
|
|
6515
|
+
end
|
|
6516
|
+
|
|
6517
|
+
# Update properties of this object
|
|
6518
|
+
def update!(**args)
|
|
6519
|
+
@name = args[:name] if args.key?(:name)
|
|
6520
|
+
end
|
|
6521
|
+
end
|
|
6522
|
+
|
|
6523
|
+
# The security bulletin of the finding.
|
|
6524
|
+
class GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin
|
|
6525
|
+
include Google::Apis::Core::Hashable
|
|
6526
|
+
|
|
6527
|
+
# The security bulletin name.
|
|
6528
|
+
# Corresponds to the JSON property `name`
|
|
6529
|
+
# @return [String]
|
|
6530
|
+
attr_accessor :name
|
|
6531
|
+
|
|
6532
|
+
def initialize(**args)
|
|
6533
|
+
update!(**args)
|
|
6534
|
+
end
|
|
6535
|
+
|
|
6536
|
+
# Update properties of this object
|
|
6537
|
+
def update!(**args)
|
|
6538
|
+
@name = args[:name] if args.key?(:name)
|
|
6539
|
+
end
|
|
6540
|
+
end
|
|
6541
|
+
|
|
6542
|
+
# The mute information of the issue.
|
|
6543
|
+
class GoogleCloudSecuritycenterV2IssueMute
|
|
6544
|
+
include Google::Apis::Core::Hashable
|
|
6545
|
+
|
|
6546
|
+
# The email address of the user who last changed the mute state of the issue.
|
|
6547
|
+
# Corresponds to the JSON property `muteInitiator`
|
|
6548
|
+
# @return [String]
|
|
6549
|
+
attr_accessor :mute_initiator
|
|
6550
|
+
|
|
6551
|
+
# The user-provided reason for muting the issue.
|
|
6552
|
+
# Corresponds to the JSON property `muteReason`
|
|
6553
|
+
# @return [String]
|
|
6554
|
+
attr_accessor :mute_reason
|
|
6555
|
+
|
|
6556
|
+
# Output only. The mute state of the issue.
|
|
6557
|
+
# Corresponds to the JSON property `muteState`
|
|
6558
|
+
# @return [String]
|
|
6559
|
+
attr_accessor :mute_state
|
|
6560
|
+
|
|
6561
|
+
# The time the issue was muted.
|
|
6562
|
+
# Corresponds to the JSON property `muteUpdateTime`
|
|
6563
|
+
# @return [String]
|
|
6564
|
+
attr_accessor :mute_update_time
|
|
6565
|
+
|
|
6566
|
+
def initialize(**args)
|
|
6567
|
+
update!(**args)
|
|
6568
|
+
end
|
|
6569
|
+
|
|
6570
|
+
# Update properties of this object
|
|
6571
|
+
def update!(**args)
|
|
6572
|
+
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
6573
|
+
@mute_reason = args[:mute_reason] if args.key?(:mute_reason)
|
|
6574
|
+
@mute_state = args[:mute_state] if args.key?(:mute_state)
|
|
6575
|
+
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
6576
|
+
end
|
|
6577
|
+
end
|
|
6578
|
+
|
|
6579
|
+
# A resource associated with the an issue.
|
|
6580
|
+
class GoogleCloudSecuritycenterV2IssueResource
|
|
6581
|
+
include Google::Apis::Core::Hashable
|
|
6582
|
+
|
|
6583
|
+
# The AWS metadata of a resource associated with an issue.
|
|
6584
|
+
# Corresponds to the JSON property `awsMetadata`
|
|
6585
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAwsMetadata]
|
|
6586
|
+
attr_accessor :aws_metadata
|
|
6587
|
+
|
|
6588
|
+
# The Azure metadata of a resource associated with an issue.
|
|
6589
|
+
# Corresponds to the JSON property `azureMetadata`
|
|
6590
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAzureMetadata]
|
|
6591
|
+
attr_accessor :azure_metadata
|
|
6592
|
+
|
|
6593
|
+
# The cloud provider of the resource associated with the issue.
|
|
6594
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
6595
|
+
# @return [String]
|
|
6596
|
+
attr_accessor :cloud_provider
|
|
6597
|
+
|
|
6598
|
+
# The resource-type specific display name of the resource associated with the
|
|
6599
|
+
# issue.
|
|
6600
|
+
# Corresponds to the JSON property `displayName`
|
|
6601
|
+
# @return [String]
|
|
6602
|
+
attr_accessor :display_name
|
|
6603
|
+
|
|
6604
|
+
# Google Cloud metadata of a resource associated with an issue.
|
|
6605
|
+
# Corresponds to the JSON property `googleCloudMetadata`
|
|
6606
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata]
|
|
6607
|
+
attr_accessor :google_cloud_metadata
|
|
6608
|
+
|
|
6609
|
+
# The full resource name of the resource associated with the issue.
|
|
6610
|
+
# Corresponds to the JSON property `name`
|
|
6611
|
+
# @return [String]
|
|
6612
|
+
attr_accessor :name
|
|
6613
|
+
|
|
6614
|
+
# The type of the resource associated with the issue.
|
|
6615
|
+
# Corresponds to the JSON property `type`
|
|
6616
|
+
# @return [String]
|
|
6617
|
+
attr_accessor :type
|
|
6618
|
+
|
|
6619
|
+
def initialize(**args)
|
|
6620
|
+
update!(**args)
|
|
6621
|
+
end
|
|
6622
|
+
|
|
6623
|
+
# Update properties of this object
|
|
6624
|
+
def update!(**args)
|
|
6625
|
+
@aws_metadata = args[:aws_metadata] if args.key?(:aws_metadata)
|
|
6626
|
+
@azure_metadata = args[:azure_metadata] if args.key?(:azure_metadata)
|
|
6627
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
6628
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
6629
|
+
@google_cloud_metadata = args[:google_cloud_metadata] if args.key?(:google_cloud_metadata)
|
|
6630
|
+
@name = args[:name] if args.key?(:name)
|
|
6631
|
+
@type = args[:type] if args.key?(:type)
|
|
6632
|
+
end
|
|
6633
|
+
end
|
|
6634
|
+
|
|
6635
|
+
# The AWS metadata of a resource associated with an issue.
|
|
6636
|
+
class GoogleCloudSecuritycenterV2IssueResourceAwsMetadata
|
|
6637
|
+
include Google::Apis::Core::Hashable
|
|
6638
|
+
|
|
6639
|
+
# The AWS account of the resource associated with the issue.
|
|
6640
|
+
# Corresponds to the JSON property `account`
|
|
6641
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount]
|
|
6642
|
+
attr_accessor :account
|
|
6643
|
+
|
|
6644
|
+
def initialize(**args)
|
|
6645
|
+
update!(**args)
|
|
6646
|
+
end
|
|
6647
|
+
|
|
6648
|
+
# Update properties of this object
|
|
6649
|
+
def update!(**args)
|
|
6650
|
+
@account = args[:account] if args.key?(:account)
|
|
6651
|
+
end
|
|
6652
|
+
end
|
|
6653
|
+
|
|
6654
|
+
# The AWS account of the resource associated with the issue.
|
|
6655
|
+
class GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount
|
|
6656
|
+
include Google::Apis::Core::Hashable
|
|
6657
|
+
|
|
6658
|
+
# The AWS account ID of the resource associated with the issue.
|
|
6659
|
+
# Corresponds to the JSON property `id`
|
|
6660
|
+
# @return [String]
|
|
6661
|
+
attr_accessor :id
|
|
5541
6662
|
|
|
5542
|
-
# The
|
|
5543
|
-
# the
|
|
5544
|
-
# Corresponds to the JSON property `severity`
|
|
6663
|
+
# The AWS account name of the resource associated with the issue.
|
|
6664
|
+
# Corresponds to the JSON property `name`
|
|
5545
6665
|
# @return [String]
|
|
5546
|
-
attr_accessor :
|
|
6666
|
+
attr_accessor :name
|
|
5547
6667
|
|
|
5548
|
-
|
|
5549
|
-
|
|
5550
|
-
|
|
5551
|
-
# characters or underscores only.
|
|
5552
|
-
# Corresponds to the JSON property `sourceProperties`
|
|
5553
|
-
# @return [Hash<String,Object>]
|
|
5554
|
-
attr_accessor :source_properties
|
|
6668
|
+
def initialize(**args)
|
|
6669
|
+
update!(**args)
|
|
6670
|
+
end
|
|
5555
6671
|
|
|
5556
|
-
#
|
|
5557
|
-
|
|
5558
|
-
|
|
5559
|
-
|
|
6672
|
+
# Update properties of this object
|
|
6673
|
+
def update!(**args)
|
|
6674
|
+
@id = args[:id] if args.key?(:id)
|
|
6675
|
+
@name = args[:name] if args.key?(:name)
|
|
6676
|
+
end
|
|
6677
|
+
end
|
|
5560
6678
|
|
|
5561
|
-
|
|
5562
|
-
|
|
5563
|
-
|
|
5564
|
-
# Corresponds to the JSON property `toxicCombination`
|
|
5565
|
-
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ToxicCombination]
|
|
5566
|
-
attr_accessor :toxic_combination
|
|
6679
|
+
# The Azure metadata of a resource associated with an issue.
|
|
6680
|
+
class GoogleCloudSecuritycenterV2IssueResourceAzureMetadata
|
|
6681
|
+
include Google::Apis::Core::Hashable
|
|
5567
6682
|
|
|
5568
|
-
#
|
|
5569
|
-
# Corresponds to the JSON property `
|
|
5570
|
-
# @return [Google::Apis::SecuritycenterV1beta1::
|
|
5571
|
-
attr_accessor :
|
|
6683
|
+
# The Azure subscription of the resource associated with the issue.
|
|
6684
|
+
# Corresponds to the JSON property `subscription`
|
|
6685
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription]
|
|
6686
|
+
attr_accessor :subscription
|
|
5572
6687
|
|
|
5573
6688
|
def initialize(**args)
|
|
5574
6689
|
update!(**args)
|
|
@@ -5576,72 +6691,23 @@ module Google
|
|
|
5576
6691
|
|
|
5577
6692
|
# Update properties of this object
|
|
5578
6693
|
def update!(**args)
|
|
5579
|
-
@
|
|
5580
|
-
@application = args[:application] if args.key?(:application)
|
|
5581
|
-
@attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
|
|
5582
|
-
@backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
|
|
5583
|
-
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
|
5584
|
-
@category = args[:category] if args.key?(:category)
|
|
5585
|
-
@cloud_armor = args[:cloud_armor] if args.key?(:cloud_armor)
|
|
5586
|
-
@cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
|
|
5587
|
-
@cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
|
|
5588
|
-
@compliances = args[:compliances] if args.key?(:compliances)
|
|
5589
|
-
@connections = args[:connections] if args.key?(:connections)
|
|
5590
|
-
@contacts = args[:contacts] if args.key?(:contacts)
|
|
5591
|
-
@containers = args[:containers] if args.key?(:containers)
|
|
5592
|
-
@create_time = args[:create_time] if args.key?(:create_time)
|
|
5593
|
-
@database = args[:database] if args.key?(:database)
|
|
5594
|
-
@description = args[:description] if args.key?(:description)
|
|
5595
|
-
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5596
|
-
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
5597
|
-
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
5598
|
-
@external_uri = args[:external_uri] if args.key?(:external_uri)
|
|
5599
|
-
@files = args[:files] if args.key?(:files)
|
|
5600
|
-
@finding_class = args[:finding_class] if args.key?(:finding_class)
|
|
5601
|
-
@group_memberships = args[:group_memberships] if args.key?(:group_memberships)
|
|
5602
|
-
@iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
|
|
5603
|
-
@indicator = args[:indicator] if args.key?(:indicator)
|
|
5604
|
-
@kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
|
|
5605
|
-
@kubernetes = args[:kubernetes] if args.key?(:kubernetes)
|
|
5606
|
-
@load_balancers = args[:load_balancers] if args.key?(:load_balancers)
|
|
5607
|
-
@log_entries = args[:log_entries] if args.key?(:log_entries)
|
|
5608
|
-
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
5609
|
-
@module_name = args[:module_name] if args.key?(:module_name)
|
|
5610
|
-
@mute = args[:mute] if args.key?(:mute)
|
|
5611
|
-
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
5612
|
-
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
5613
|
-
@name = args[:name] if args.key?(:name)
|
|
5614
|
-
@next_steps = args[:next_steps] if args.key?(:next_steps)
|
|
5615
|
-
@notebook = args[:notebook] if args.key?(:notebook)
|
|
5616
|
-
@org_policies = args[:org_policies] if args.key?(:org_policies)
|
|
5617
|
-
@parent = args[:parent] if args.key?(:parent)
|
|
5618
|
-
@parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
|
|
5619
|
-
@processes = args[:processes] if args.key?(:processes)
|
|
5620
|
-
@resource_name = args[:resource_name] if args.key?(:resource_name)
|
|
5621
|
-
@security_marks = args[:security_marks] if args.key?(:security_marks)
|
|
5622
|
-
@security_posture = args[:security_posture] if args.key?(:security_posture)
|
|
5623
|
-
@severity = args[:severity] if args.key?(:severity)
|
|
5624
|
-
@source_properties = args[:source_properties] if args.key?(:source_properties)
|
|
5625
|
-
@state = args[:state] if args.key?(:state)
|
|
5626
|
-
@toxic_combination = args[:toxic_combination] if args.key?(:toxic_combination)
|
|
5627
|
-
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
|
6694
|
+
@subscription = args[:subscription] if args.key?(:subscription)
|
|
5628
6695
|
end
|
|
5629
6696
|
end
|
|
5630
6697
|
|
|
5631
|
-
#
|
|
5632
|
-
class
|
|
6698
|
+
# The Azure subscription of the resource associated with the issue.
|
|
6699
|
+
class GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription
|
|
5633
6700
|
include Google::Apis::Core::Hashable
|
|
5634
6701
|
|
|
5635
|
-
#
|
|
5636
|
-
#
|
|
5637
|
-
# Corresponds to the JSON property `resourceFolder`
|
|
6702
|
+
# The Azure subscription display name of the resource associated with the issue.
|
|
6703
|
+
# Corresponds to the JSON property `displayName`
|
|
5638
6704
|
# @return [String]
|
|
5639
|
-
attr_accessor :
|
|
6705
|
+
attr_accessor :display_name
|
|
5640
6706
|
|
|
5641
|
-
# The
|
|
5642
|
-
# Corresponds to the JSON property `
|
|
6707
|
+
# The Azure subscription ID of the resource associated with the issue.
|
|
6708
|
+
# Corresponds to the JSON property `id`
|
|
5643
6709
|
# @return [String]
|
|
5644
|
-
attr_accessor :
|
|
6710
|
+
attr_accessor :id
|
|
5645
6711
|
|
|
5646
6712
|
def initialize(**args)
|
|
5647
6713
|
update!(**args)
|
|
@@ -5649,19 +6715,19 @@ module Google
|
|
|
5649
6715
|
|
|
5650
6716
|
# Update properties of this object
|
|
5651
6717
|
def update!(**args)
|
|
5652
|
-
@
|
|
5653
|
-
@
|
|
6718
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
6719
|
+
@id = args[:id] if args.key?(:id)
|
|
5654
6720
|
end
|
|
5655
6721
|
end
|
|
5656
6722
|
|
|
5657
|
-
#
|
|
5658
|
-
class
|
|
6723
|
+
# Google Cloud metadata of a resource associated with an issue.
|
|
6724
|
+
class GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata
|
|
5659
6725
|
include Google::Apis::Core::Hashable
|
|
5660
6726
|
|
|
5661
|
-
#
|
|
5662
|
-
# Corresponds to the JSON property `
|
|
6727
|
+
# The project ID that the resource associated with the issue belongs to.
|
|
6728
|
+
# Corresponds to the JSON property `projectId`
|
|
5663
6729
|
# @return [String]
|
|
5664
|
-
attr_accessor :
|
|
6730
|
+
attr_accessor :project_id
|
|
5665
6731
|
|
|
5666
6732
|
def initialize(**args)
|
|
5667
6733
|
update!(**args)
|
|
@@ -5669,24 +6735,23 @@ module Google
|
|
|
5669
6735
|
|
|
5670
6736
|
# Update properties of this object
|
|
5671
6737
|
def update!(**args)
|
|
5672
|
-
@
|
|
6738
|
+
@project_id = args[:project_id] if args.key?(:project_id)
|
|
5673
6739
|
end
|
|
5674
6740
|
end
|
|
5675
6741
|
|
|
5676
|
-
#
|
|
5677
|
-
|
|
5678
|
-
class GoogleCloudSecuritycenterV2GroupMembership
|
|
6742
|
+
# Security context associated with an issue.
|
|
6743
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContext
|
|
5679
6744
|
include Google::Apis::Core::Hashable
|
|
5680
6745
|
|
|
5681
|
-
#
|
|
5682
|
-
# Corresponds to the JSON property `
|
|
5683
|
-
# @return [
|
|
5684
|
-
attr_accessor :
|
|
6746
|
+
# Aggregated count of a security context.
|
|
6747
|
+
# Corresponds to the JSON property `aggregatedCount`
|
|
6748
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount]
|
|
6749
|
+
attr_accessor :aggregated_count
|
|
5685
6750
|
|
|
5686
|
-
#
|
|
5687
|
-
# Corresponds to the JSON property `
|
|
5688
|
-
# @return [
|
|
5689
|
-
attr_accessor :
|
|
6751
|
+
# Context of a security context.
|
|
6752
|
+
# Corresponds to the JSON property `context`
|
|
6753
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2IssueSecurityContextContext]
|
|
6754
|
+
attr_accessor :context
|
|
5690
6755
|
|
|
5691
6756
|
def initialize(**args)
|
|
5692
6757
|
update!(**args)
|
|
@@ -5694,32 +6759,24 @@ module Google
|
|
|
5694
6759
|
|
|
5695
6760
|
# Update properties of this object
|
|
5696
6761
|
def update!(**args)
|
|
5697
|
-
@
|
|
5698
|
-
@
|
|
6762
|
+
@aggregated_count = args[:aggregated_count] if args.key?(:aggregated_count)
|
|
6763
|
+
@context = args[:context] if args.key?(:context)
|
|
5699
6764
|
end
|
|
5700
6765
|
end
|
|
5701
6766
|
|
|
5702
|
-
#
|
|
5703
|
-
|
|
5704
|
-
class GoogleCloudSecuritycenterV2IamBinding
|
|
6767
|
+
# Aggregated count of a security context.
|
|
6768
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount
|
|
5705
6769
|
include Google::Apis::Core::Hashable
|
|
5706
6770
|
|
|
5707
|
-
#
|
|
5708
|
-
# Corresponds to the JSON property `
|
|
5709
|
-
# @return [String]
|
|
5710
|
-
attr_accessor :action
|
|
5711
|
-
|
|
5712
|
-
# A single identity requesting access for a Cloud Platform resource, for example,
|
|
5713
|
-
# "foo@google.com".
|
|
5714
|
-
# Corresponds to the JSON property `member`
|
|
6771
|
+
# Aggregation key.
|
|
6772
|
+
# Corresponds to the JSON property `key`
|
|
5715
6773
|
# @return [String]
|
|
5716
|
-
attr_accessor :
|
|
6774
|
+
attr_accessor :key
|
|
5717
6775
|
|
|
5718
|
-
#
|
|
5719
|
-
#
|
|
5720
|
-
#
|
|
5721
|
-
|
|
5722
|
-
attr_accessor :role
|
|
6776
|
+
# Aggregation value.
|
|
6777
|
+
# Corresponds to the JSON property `value`
|
|
6778
|
+
# @return [Fixnum]
|
|
6779
|
+
attr_accessor :value
|
|
5723
6780
|
|
|
5724
6781
|
def initialize(**args)
|
|
5725
6782
|
update!(**args)
|
|
@@ -5727,40 +6784,24 @@ module Google
|
|
|
5727
6784
|
|
|
5728
6785
|
# Update properties of this object
|
|
5729
6786
|
def update!(**args)
|
|
5730
|
-
@
|
|
5731
|
-
@
|
|
5732
|
-
@role = args[:role] if args.key?(:role)
|
|
6787
|
+
@key = args[:key] if args.key?(:key)
|
|
6788
|
+
@value = args[:value] if args.key?(:value)
|
|
5733
6789
|
end
|
|
5734
6790
|
end
|
|
5735
6791
|
|
|
5736
|
-
#
|
|
5737
|
-
|
|
5738
|
-
# operating system that, with high confidence, indicates a computer intrusion.
|
|
5739
|
-
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
|
5740
|
-
# wiki/Indicator_of_compromise).
|
|
5741
|
-
class GoogleCloudSecuritycenterV2Indicator
|
|
6792
|
+
# Context of a security context.
|
|
6793
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContextContext
|
|
5742
6794
|
include Google::Apis::Core::Hashable
|
|
5743
6795
|
|
|
5744
|
-
#
|
|
5745
|
-
# Corresponds to the JSON property `
|
|
5746
|
-
# @return [
|
|
5747
|
-
attr_accessor :
|
|
5748
|
-
|
|
5749
|
-
# The list of IP addresses that are associated with the finding.
|
|
5750
|
-
# Corresponds to the JSON property `ipAddresses`
|
|
5751
|
-
# @return [Array<String>]
|
|
5752
|
-
attr_accessor :ip_addresses
|
|
5753
|
-
|
|
5754
|
-
# The list of matched signatures indicating that the given process is present in
|
|
5755
|
-
# the environment.
|
|
5756
|
-
# Corresponds to the JSON property `signatures`
|
|
5757
|
-
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2ProcessSignature>]
|
|
5758
|
-
attr_accessor :signatures
|
|
6796
|
+
# Context type.
|
|
6797
|
+
# Corresponds to the JSON property `type`
|
|
6798
|
+
# @return [String]
|
|
6799
|
+
attr_accessor :type
|
|
5759
6800
|
|
|
5760
|
-
#
|
|
5761
|
-
# Corresponds to the JSON property `
|
|
6801
|
+
# Context values.
|
|
6802
|
+
# Corresponds to the JSON property `values`
|
|
5762
6803
|
# @return [Array<String>]
|
|
5763
|
-
attr_accessor :
|
|
6804
|
+
attr_accessor :values
|
|
5764
6805
|
|
|
5765
6806
|
def initialize(**args)
|
|
5766
6807
|
update!(**args)
|
|
@@ -5768,10 +6809,8 @@ module Google
|
|
|
5768
6809
|
|
|
5769
6810
|
# Update properties of this object
|
|
5770
6811
|
def update!(**args)
|
|
5771
|
-
@
|
|
5772
|
-
@
|
|
5773
|
-
@signatures = args[:signatures] if args.key?(:signatures)
|
|
5774
|
-
@uris = args[:uris] if args.key?(:uris)
|
|
6812
|
+
@type = args[:type] if args.key?(:type)
|
|
6813
|
+
@values = args[:values] if args.key?(:values)
|
|
5775
6814
|
end
|
|
5776
6815
|
end
|
|
5777
6816
|
|
|
@@ -6080,6 +7119,12 @@ module Google
|
|
|
6080
7119
|
# @return [String]
|
|
6081
7120
|
attr_accessor :description
|
|
6082
7121
|
|
|
7122
|
+
# Optional. The expiry of the mute config. Only applicable for dynamic configs.
|
|
7123
|
+
# If the expiry is set, when the config expires, it is removed from all findings.
|
|
7124
|
+
# Corresponds to the JSON property `expiryTime`
|
|
7125
|
+
# @return [String]
|
|
7126
|
+
attr_accessor :expiry_time
|
|
7127
|
+
|
|
6083
7128
|
# Required. An expression that defines the filter to apply across create/update
|
|
6084
7129
|
# events of findings. While creating a filter string, be mindful of the scope in
|
|
6085
7130
|
# which the mute configuration is being created. E.g., If a filter contains
|
|
@@ -6133,6 +7178,7 @@ module Google
|
|
|
6133
7178
|
def update!(**args)
|
|
6134
7179
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
6135
7180
|
@description = args[:description] if args.key?(:description)
|
|
7181
|
+
@expiry_time = args[:expiry_time] if args.key?(:expiry_time)
|
|
6136
7182
|
@filter = args[:filter] if args.key?(:filter)
|
|
6137
7183
|
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
|
6138
7184
|
@name = args[:name] if args.key?(:name)
|
|
@@ -6141,6 +7187,34 @@ module Google
|
|
|
6141
7187
|
end
|
|
6142
7188
|
end
|
|
6143
7189
|
|
|
7190
|
+
# Mute information about the finding, including whether the finding has a static
|
|
7191
|
+
# mute or any matching dynamic mute rules.
|
|
7192
|
+
class GoogleCloudSecuritycenterV2MuteInfo
|
|
7193
|
+
include Google::Apis::Core::Hashable
|
|
7194
|
+
|
|
7195
|
+
# The list of dynamic mute rules that currently match the finding.
|
|
7196
|
+
# Corresponds to the JSON property `dynamicMuteRecords`
|
|
7197
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2DynamicMuteRecord>]
|
|
7198
|
+
attr_accessor :dynamic_mute_records
|
|
7199
|
+
|
|
7200
|
+
# Information about the static mute state. A static mute state overrides any
|
|
7201
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
7202
|
+
# set by a static mute rule or by muting the finding directly.
|
|
7203
|
+
# Corresponds to the JSON property `staticMute`
|
|
7204
|
+
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2StaticMute]
|
|
7205
|
+
attr_accessor :static_mute
|
|
7206
|
+
|
|
7207
|
+
def initialize(**args)
|
|
7208
|
+
update!(**args)
|
|
7209
|
+
end
|
|
7210
|
+
|
|
7211
|
+
# Update properties of this object
|
|
7212
|
+
def update!(**args)
|
|
7213
|
+
@dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
|
|
7214
|
+
@static_mute = args[:static_mute] if args.key?(:static_mute)
|
|
7215
|
+
end
|
|
7216
|
+
end
|
|
7217
|
+
|
|
6144
7218
|
# Kubernetes nodes associated with the finding.
|
|
6145
7219
|
class GoogleCloudSecuritycenterV2Node
|
|
6146
7220
|
include Google::Apis::Core::Hashable
|
|
@@ -6816,9 +7890,10 @@ module Google
|
|
|
6816
7890
|
# @return [Google::Apis::SecuritycenterV1beta1::GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping]
|
|
6817
7891
|
attr_accessor :sensitive_data_protection_mapping
|
|
6818
7892
|
|
|
6819
|
-
# Tag values combined with `AND` to check against.
|
|
6820
|
-
#
|
|
6821
|
-
# cloud.google.com/resource-
|
|
7893
|
+
# Tag values combined with `AND` to check against. For Google Cloud resources,
|
|
7894
|
+
# they are tag value IDs in the form of "tagValues/123". Example: `[ "tagValues/
|
|
7895
|
+
# 123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/resource-
|
|
7896
|
+
# manager/docs/tags/tags-creating-and-managing
|
|
6822
7897
|
# Corresponds to the JSON property `tagValues`
|
|
6823
7898
|
# @return [Array<String>]
|
|
6824
7899
|
attr_accessor :tag_values
|
|
@@ -7128,6 +8203,34 @@ module Google
|
|
|
7128
8203
|
end
|
|
7129
8204
|
end
|
|
7130
8205
|
|
|
8206
|
+
# Information about the static mute state. A static mute state overrides any
|
|
8207
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
8208
|
+
# set by a static mute rule or by muting the finding directly.
|
|
8209
|
+
class GoogleCloudSecuritycenterV2StaticMute
|
|
8210
|
+
include Google::Apis::Core::Hashable
|
|
8211
|
+
|
|
8212
|
+
# When the static mute was applied.
|
|
8213
|
+
# Corresponds to the JSON property `applyTime`
|
|
8214
|
+
# @return [String]
|
|
8215
|
+
attr_accessor :apply_time
|
|
8216
|
+
|
|
8217
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
|
|
8218
|
+
# s overall mute state will have the same value.
|
|
8219
|
+
# Corresponds to the JSON property `state`
|
|
8220
|
+
# @return [String]
|
|
8221
|
+
attr_accessor :state
|
|
8222
|
+
|
|
8223
|
+
def initialize(**args)
|
|
8224
|
+
update!(**args)
|
|
8225
|
+
end
|
|
8226
|
+
|
|
8227
|
+
# Update properties of this object
|
|
8228
|
+
def update!(**args)
|
|
8229
|
+
@apply_time = args[:apply_time] if args.key?(:apply_time)
|
|
8230
|
+
@state = args[:state] if args.key?(:state)
|
|
8231
|
+
end
|
|
8232
|
+
end
|
|
8233
|
+
|
|
7131
8234
|
# Represents a Kubernetes subject.
|
|
7132
8235
|
class GoogleCloudSecuritycenterV2Subject
|
|
7133
8236
|
include Google::Apis::Core::Hashable
|
|
@@ -8084,6 +9187,34 @@ module Google
|
|
|
8084
9187
|
end
|
|
8085
9188
|
end
|
|
8086
9189
|
|
|
9190
|
+
# Mute information about the finding, including whether the finding has a static
|
|
9191
|
+
# mute or any matching dynamic mute rules.
|
|
9192
|
+
class MuteInfo
|
|
9193
|
+
include Google::Apis::Core::Hashable
|
|
9194
|
+
|
|
9195
|
+
# The list of dynamic mute rules that currently match the finding.
|
|
9196
|
+
# Corresponds to the JSON property `dynamicMuteRecords`
|
|
9197
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta1::DynamicMuteRecord>]
|
|
9198
|
+
attr_accessor :dynamic_mute_records
|
|
9199
|
+
|
|
9200
|
+
# Information about the static mute state. A static mute state overrides any
|
|
9201
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
9202
|
+
# set by a static mute rule or by muting the finding directly.
|
|
9203
|
+
# Corresponds to the JSON property `staticMute`
|
|
9204
|
+
# @return [Google::Apis::SecuritycenterV1beta1::StaticMute]
|
|
9205
|
+
attr_accessor :static_mute
|
|
9206
|
+
|
|
9207
|
+
def initialize(**args)
|
|
9208
|
+
update!(**args)
|
|
9209
|
+
end
|
|
9210
|
+
|
|
9211
|
+
# Update properties of this object
|
|
9212
|
+
def update!(**args)
|
|
9213
|
+
@dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
|
|
9214
|
+
@static_mute = args[:static_mute] if args.key?(:static_mute)
|
|
9215
|
+
end
|
|
9216
|
+
end
|
|
9217
|
+
|
|
8087
9218
|
# Kubernetes nodes associated with the finding.
|
|
8088
9219
|
class Node
|
|
8089
9220
|
include Google::Apis::Core::Hashable
|
|
@@ -9077,7 +10208,8 @@ module Google
|
|
|
9077
10208
|
class SetFindingStateRequest
|
|
9078
10209
|
include Google::Apis::Core::Hashable
|
|
9079
10210
|
|
|
9080
|
-
#
|
|
10211
|
+
# Optional. The time at which the updated state takes effect. If not set uses
|
|
10212
|
+
# the current time.
|
|
9081
10213
|
# Corresponds to the JSON property `startTime`
|
|
9082
10214
|
# @return [String]
|
|
9083
10215
|
attr_accessor :start_time
|
|
@@ -9193,6 +10325,34 @@ module Google
|
|
|
9193
10325
|
end
|
|
9194
10326
|
end
|
|
9195
10327
|
|
|
10328
|
+
# Information about the static mute state. A static mute state overrides any
|
|
10329
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
10330
|
+
# set by a static mute rule or by muting the finding directly.
|
|
10331
|
+
class StaticMute
|
|
10332
|
+
include Google::Apis::Core::Hashable
|
|
10333
|
+
|
|
10334
|
+
# When the static mute was applied.
|
|
10335
|
+
# Corresponds to the JSON property `applyTime`
|
|
10336
|
+
# @return [String]
|
|
10337
|
+
attr_accessor :apply_time
|
|
10338
|
+
|
|
10339
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
|
|
10340
|
+
# s overall mute state will have the same value.
|
|
10341
|
+
# Corresponds to the JSON property `state`
|
|
10342
|
+
# @return [String]
|
|
10343
|
+
attr_accessor :state
|
|
10344
|
+
|
|
10345
|
+
def initialize(**args)
|
|
10346
|
+
update!(**args)
|
|
10347
|
+
end
|
|
10348
|
+
|
|
10349
|
+
# Update properties of this object
|
|
10350
|
+
def update!(**args)
|
|
10351
|
+
@apply_time = args[:apply_time] if args.key?(:apply_time)
|
|
10352
|
+
@state = args[:state] if args.key?(:state)
|
|
10353
|
+
end
|
|
10354
|
+
end
|
|
10355
|
+
|
|
9196
10356
|
# The `Status` type defines a logical error model that is suitable for different
|
|
9197
10357
|
# programming environments, including REST APIs and RPC APIs. It is used by [
|
|
9198
10358
|
# gRPC](https://github.com/grpc). Each `Status` message contains three pieces of
|