google-apis-securitycenter_v1beta2 0.63.0 → 0.65.0
Sign up to get free protection for your applications and to get access to all the features.
@@ -518,6 +518,68 @@ module Google
|
|
518
518
|
end
|
519
519
|
end
|
520
520
|
|
521
|
+
# Result containing the properties and count of a ComplianceSnapshot request.
|
522
|
+
class ComplianceSnapshot
|
523
|
+
include Google::Apis::Core::Hashable
|
524
|
+
|
525
|
+
# The category of Findings matching.
|
526
|
+
# Corresponds to the JSON property `category`
|
527
|
+
# @return [String]
|
528
|
+
attr_accessor :category
|
529
|
+
|
530
|
+
# The compliance standard (ie CIS).
|
531
|
+
# Corresponds to the JSON property `complianceStandard`
|
532
|
+
# @return [String]
|
533
|
+
attr_accessor :compliance_standard
|
534
|
+
|
535
|
+
# The compliance version (ie 1.3) in CIS 1.3.
|
536
|
+
# Corresponds to the JSON property `complianceVersion`
|
537
|
+
# @return [String]
|
538
|
+
attr_accessor :compliance_version
|
539
|
+
|
540
|
+
# Total count of findings for the given properties.
|
541
|
+
# Corresponds to the JSON property `count`
|
542
|
+
# @return [Fixnum]
|
543
|
+
attr_accessor :count
|
544
|
+
|
545
|
+
# The leaf container resource name that is closest to the snapshot.
|
546
|
+
# Corresponds to the JSON property `leafContainerResource`
|
547
|
+
# @return [String]
|
548
|
+
attr_accessor :leaf_container_resource
|
549
|
+
|
550
|
+
# The compliance snapshot name. Format: //sources//complianceSnapshots/
|
551
|
+
# Corresponds to the JSON property `name`
|
552
|
+
# @return [String]
|
553
|
+
attr_accessor :name
|
554
|
+
|
555
|
+
# The CRM resource display name that is closest to the snapshot the Findings
|
556
|
+
# belong to.
|
557
|
+
# Corresponds to the JSON property `projectDisplayName`
|
558
|
+
# @return [String]
|
559
|
+
attr_accessor :project_display_name
|
560
|
+
|
561
|
+
# The snapshot time of the snapshot.
|
562
|
+
# Corresponds to the JSON property `snapshotTime`
|
563
|
+
# @return [String]
|
564
|
+
attr_accessor :snapshot_time
|
565
|
+
|
566
|
+
def initialize(**args)
|
567
|
+
update!(**args)
|
568
|
+
end
|
569
|
+
|
570
|
+
# Update properties of this object
|
571
|
+
def update!(**args)
|
572
|
+
@category = args[:category] if args.key?(:category)
|
573
|
+
@compliance_standard = args[:compliance_standard] if args.key?(:compliance_standard)
|
574
|
+
@compliance_version = args[:compliance_version] if args.key?(:compliance_version)
|
575
|
+
@count = args[:count] if args.key?(:count)
|
576
|
+
@leaf_container_resource = args[:leaf_container_resource] if args.key?(:leaf_container_resource)
|
577
|
+
@name = args[:name] if args.key?(:name)
|
578
|
+
@project_display_name = args[:project_display_name] if args.key?(:project_display_name)
|
579
|
+
@snapshot_time = args[:snapshot_time] if args.key?(:snapshot_time)
|
580
|
+
end
|
581
|
+
end
|
582
|
+
|
521
583
|
# Configuration of a module.
|
522
584
|
class Config
|
523
585
|
include Google::Apis::Core::Hashable
|
@@ -734,11 +796,27 @@ module Google
|
|
734
796
|
# @return [Google::Apis::SecuritycenterV1beta2::Cvssv3]
|
735
797
|
attr_accessor :cvssv3
|
736
798
|
|
799
|
+
# The exploitation activity of the vulnerability in the wild.
|
800
|
+
# Corresponds to the JSON property `exploitationActivity`
|
801
|
+
# @return [String]
|
802
|
+
attr_accessor :exploitation_activity
|
803
|
+
|
737
804
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
738
805
|
# Corresponds to the JSON property `id`
|
739
806
|
# @return [String]
|
740
807
|
attr_accessor :id
|
741
808
|
|
809
|
+
# The potential impact of the vulnerability if it was to be exploited.
|
810
|
+
# Corresponds to the JSON property `impact`
|
811
|
+
# @return [String]
|
812
|
+
attr_accessor :impact
|
813
|
+
|
814
|
+
# Whether or not the vulnerability has been observed in the wild.
|
815
|
+
# Corresponds to the JSON property `observedInTheWild`
|
816
|
+
# @return [Boolean]
|
817
|
+
attr_accessor :observed_in_the_wild
|
818
|
+
alias_method :observed_in_the_wild?, :observed_in_the_wild
|
819
|
+
|
742
820
|
# Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/
|
743
821
|
# cvename.cgi?name=CVE-2021-34527
|
744
822
|
# Corresponds to the JSON property `references`
|
@@ -751,6 +829,12 @@ module Google
|
|
751
829
|
attr_accessor :upstream_fix_available
|
752
830
|
alias_method :upstream_fix_available?, :upstream_fix_available
|
753
831
|
|
832
|
+
# Whether or not the vulnerability was zero day when the finding was published.
|
833
|
+
# Corresponds to the JSON property `zeroDay`
|
834
|
+
# @return [Boolean]
|
835
|
+
attr_accessor :zero_day
|
836
|
+
alias_method :zero_day?, :zero_day
|
837
|
+
|
754
838
|
def initialize(**args)
|
755
839
|
update!(**args)
|
756
840
|
end
|
@@ -758,9 +842,13 @@ module Google
|
|
758
842
|
# Update properties of this object
|
759
843
|
def update!(**args)
|
760
844
|
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
845
|
+
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
761
846
|
@id = args[:id] if args.key?(:id)
|
847
|
+
@impact = args[:impact] if args.key?(:impact)
|
848
|
+
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
762
849
|
@references = args[:references] if args.key?(:references)
|
763
850
|
@upstream_fix_available = args[:upstream_fix_available] if args.key?(:upstream_fix_available)
|
851
|
+
@zero_day = args[:zero_day] if args.key?(:zero_day)
|
764
852
|
end
|
765
853
|
end
|
766
854
|
|
@@ -2757,6 +2845,2970 @@ module Google
|
|
2757
2845
|
end
|
2758
2846
|
end
|
2759
2847
|
|
2848
|
+
# Represents an access event.
|
2849
|
+
class GoogleCloudSecuritycenterV2Access
|
2850
|
+
include Google::Apis::Core::Hashable
|
2851
|
+
|
2852
|
+
# Caller's IP address, such as "1.1.1.1".
|
2853
|
+
# Corresponds to the JSON property `callerIp`
|
2854
|
+
# @return [String]
|
2855
|
+
attr_accessor :caller_ip
|
2856
|
+
|
2857
|
+
# Represents a geographical location for a given access.
|
2858
|
+
# Corresponds to the JSON property `callerIpGeo`
|
2859
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Geolocation]
|
2860
|
+
attr_accessor :caller_ip_geo
|
2861
|
+
|
2862
|
+
# The method that the service account called, e.g. "SetIamPolicy".
|
2863
|
+
# Corresponds to the JSON property `methodName`
|
2864
|
+
# @return [String]
|
2865
|
+
attr_accessor :method_name
|
2866
|
+
|
2867
|
+
# Associated email, such as "foo@google.com". The email address of the
|
2868
|
+
# authenticated user or a service account acting on behalf of a third party
|
2869
|
+
# principal making the request. For third party identity callers, the `
|
2870
|
+
# principal_subject` field is populated instead of this field. For privacy
|
2871
|
+
# reasons, the principal email address is sometimes redacted. For more
|
2872
|
+
# information, see [Caller identities in audit logs](https://cloud.google.com/
|
2873
|
+
# logging/docs/audit#user-id).
|
2874
|
+
# Corresponds to the JSON property `principalEmail`
|
2875
|
+
# @return [String]
|
2876
|
+
attr_accessor :principal_email
|
2877
|
+
|
2878
|
+
# A string that represents the principal_subject that is associated with the
|
2879
|
+
# identity. Unlike `principal_email`, `principal_subject` supports principals
|
2880
|
+
# that aren't associated with email addresses, such as third party principals.
|
2881
|
+
# For most identities, the format is `principal://iam.googleapis.com/`identity
|
2882
|
+
# pool name`/subject/`subject``. Some GKE identities, such as GKE_WORKLOAD,
|
2883
|
+
# FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format `serviceAccount:`
|
2884
|
+
# identity pool name`[`subject`]`.
|
2885
|
+
# Corresponds to the JSON property `principalSubject`
|
2886
|
+
# @return [String]
|
2887
|
+
attr_accessor :principal_subject
|
2888
|
+
|
2889
|
+
# The identity delegation history of an authenticated service account that made
|
2890
|
+
# the request. The `serviceAccountDelegationInfo[]` object contains information
|
2891
|
+
# about the real authorities that try to access Google Cloud resources by
|
2892
|
+
# delegating on a service account. When multiple authorities are present, they
|
2893
|
+
# are guaranteed to be sorted based on the original ordering of the identity
|
2894
|
+
# delegation events.
|
2895
|
+
# Corresponds to the JSON property `serviceAccountDelegationInfo`
|
2896
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo>]
|
2897
|
+
attr_accessor :service_account_delegation_info
|
2898
|
+
|
2899
|
+
# The name of the service account key that was used to create or exchange
|
2900
|
+
# credentials when authenticating the service account that made the request.
|
2901
|
+
# This is a scheme-less URI full resource name. For example: "//iam.googleapis.
|
2902
|
+
# com/projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT`/keys/`key`".
|
2903
|
+
# Corresponds to the JSON property `serviceAccountKeyName`
|
2904
|
+
# @return [String]
|
2905
|
+
attr_accessor :service_account_key_name
|
2906
|
+
|
2907
|
+
# This is the API service that the service account made a call to, e.g. "iam.
|
2908
|
+
# googleapis.com"
|
2909
|
+
# Corresponds to the JSON property `serviceName`
|
2910
|
+
# @return [String]
|
2911
|
+
attr_accessor :service_name
|
2912
|
+
|
2913
|
+
# The caller's user agent string associated with the finding.
|
2914
|
+
# Corresponds to the JSON property `userAgent`
|
2915
|
+
# @return [String]
|
2916
|
+
attr_accessor :user_agent
|
2917
|
+
|
2918
|
+
# Type of user agent associated with the finding. For example, an operating
|
2919
|
+
# system shell or an embedded or standalone application.
|
2920
|
+
# Corresponds to the JSON property `userAgentFamily`
|
2921
|
+
# @return [String]
|
2922
|
+
attr_accessor :user_agent_family
|
2923
|
+
|
2924
|
+
# A string that represents a username. The username provided depends on the type
|
2925
|
+
# of the finding and is likely not an IAM principal. For example, this can be a
|
2926
|
+
# system username if the finding is related to a virtual machine, or it can be
|
2927
|
+
# an application login username.
|
2928
|
+
# Corresponds to the JSON property `userName`
|
2929
|
+
# @return [String]
|
2930
|
+
attr_accessor :user_name
|
2931
|
+
|
2932
|
+
def initialize(**args)
|
2933
|
+
update!(**args)
|
2934
|
+
end
|
2935
|
+
|
2936
|
+
# Update properties of this object
|
2937
|
+
def update!(**args)
|
2938
|
+
@caller_ip = args[:caller_ip] if args.key?(:caller_ip)
|
2939
|
+
@caller_ip_geo = args[:caller_ip_geo] if args.key?(:caller_ip_geo)
|
2940
|
+
@method_name = args[:method_name] if args.key?(:method_name)
|
2941
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
2942
|
+
@principal_subject = args[:principal_subject] if args.key?(:principal_subject)
|
2943
|
+
@service_account_delegation_info = args[:service_account_delegation_info] if args.key?(:service_account_delegation_info)
|
2944
|
+
@service_account_key_name = args[:service_account_key_name] if args.key?(:service_account_key_name)
|
2945
|
+
@service_name = args[:service_name] if args.key?(:service_name)
|
2946
|
+
@user_agent = args[:user_agent] if args.key?(:user_agent)
|
2947
|
+
@user_agent_family = args[:user_agent_family] if args.key?(:user_agent_family)
|
2948
|
+
@user_name = args[:user_name] if args.key?(:user_name)
|
2949
|
+
end
|
2950
|
+
end
|
2951
|
+
|
2952
|
+
# Conveys information about a Kubernetes access review (such as one returned by
|
2953
|
+
# a [`kubectl auth can-i`](https://kubernetes.io/docs/reference/access-authn-
|
2954
|
+
# authz/authorization/#checking-api-access) command) that was involved in a
|
2955
|
+
# finding.
|
2956
|
+
class GoogleCloudSecuritycenterV2AccessReview
|
2957
|
+
include Google::Apis::Core::Hashable
|
2958
|
+
|
2959
|
+
# The API group of the resource. "*" means all.
|
2960
|
+
# Corresponds to the JSON property `group`
|
2961
|
+
# @return [String]
|
2962
|
+
attr_accessor :group
|
2963
|
+
|
2964
|
+
# The name of the resource being requested. Empty means all.
|
2965
|
+
# Corresponds to the JSON property `name`
|
2966
|
+
# @return [String]
|
2967
|
+
attr_accessor :name
|
2968
|
+
|
2969
|
+
# Namespace of the action being requested. Currently, there is no distinction
|
2970
|
+
# between no namespace and all namespaces. Both are represented by "" (empty).
|
2971
|
+
# Corresponds to the JSON property `ns`
|
2972
|
+
# @return [String]
|
2973
|
+
attr_accessor :ns
|
2974
|
+
|
2975
|
+
# The optional resource type requested. "*" means all.
|
2976
|
+
# Corresponds to the JSON property `resource`
|
2977
|
+
# @return [String]
|
2978
|
+
attr_accessor :resource
|
2979
|
+
|
2980
|
+
# The optional subresource type.
|
2981
|
+
# Corresponds to the JSON property `subresource`
|
2982
|
+
# @return [String]
|
2983
|
+
attr_accessor :subresource
|
2984
|
+
|
2985
|
+
# A Kubernetes resource API verb, like get, list, watch, create, update, delete,
|
2986
|
+
# proxy. "*" means all.
|
2987
|
+
# Corresponds to the JSON property `verb`
|
2988
|
+
# @return [String]
|
2989
|
+
attr_accessor :verb
|
2990
|
+
|
2991
|
+
# The API version of the resource. "*" means all.
|
2992
|
+
# Corresponds to the JSON property `version`
|
2993
|
+
# @return [String]
|
2994
|
+
attr_accessor :version
|
2995
|
+
|
2996
|
+
def initialize(**args)
|
2997
|
+
update!(**args)
|
2998
|
+
end
|
2999
|
+
|
3000
|
+
# Update properties of this object
|
3001
|
+
def update!(**args)
|
3002
|
+
@group = args[:group] if args.key?(:group)
|
3003
|
+
@name = args[:name] if args.key?(:name)
|
3004
|
+
@ns = args[:ns] if args.key?(:ns)
|
3005
|
+
@resource = args[:resource] if args.key?(:resource)
|
3006
|
+
@subresource = args[:subresource] if args.key?(:subresource)
|
3007
|
+
@verb = args[:verb] if args.key?(:verb)
|
3008
|
+
@version = args[:version] if args.key?(:version)
|
3009
|
+
end
|
3010
|
+
end
|
3011
|
+
|
3012
|
+
# Represents an application associated with a finding.
|
3013
|
+
class GoogleCloudSecuritycenterV2Application
|
3014
|
+
include Google::Apis::Core::Hashable
|
3015
|
+
|
3016
|
+
# The base URI that identifies the network location of the application in which
|
3017
|
+
# the vulnerability was detected. Examples: http://11.22.33.44, http://foo.com,
|
3018
|
+
# http://11.22.33.44:8080
|
3019
|
+
# Corresponds to the JSON property `baseUri`
|
3020
|
+
# @return [String]
|
3021
|
+
attr_accessor :base_uri
|
3022
|
+
|
3023
|
+
# The full URI with payload that could be used to reproduce the vulnerability.
|
3024
|
+
# Example: http://11.22.33.44/reflected/parameter/attribute/singlequoted/js?p=
|
3025
|
+
# aMmYgI6H
|
3026
|
+
# Corresponds to the JSON property `fullUri`
|
3027
|
+
# @return [String]
|
3028
|
+
attr_accessor :full_uri
|
3029
|
+
|
3030
|
+
def initialize(**args)
|
3031
|
+
update!(**args)
|
3032
|
+
end
|
3033
|
+
|
3034
|
+
# Update properties of this object
|
3035
|
+
def update!(**args)
|
3036
|
+
@base_uri = args[:base_uri] if args.key?(:base_uri)
|
3037
|
+
@full_uri = args[:full_uri] if args.key?(:full_uri)
|
3038
|
+
end
|
3039
|
+
end
|
3040
|
+
|
3041
|
+
# An attack exposure contains the results of an attack path simulation run.
|
3042
|
+
class GoogleCloudSecuritycenterV2AttackExposure
|
3043
|
+
include Google::Apis::Core::Hashable
|
3044
|
+
|
3045
|
+
# The resource name of the attack path simulation result that contains the
|
3046
|
+
# details regarding this attack exposure score. Example: organizations/123/
|
3047
|
+
# simulations/456/attackExposureResults/789
|
3048
|
+
# Corresponds to the JSON property `attackExposureResult`
|
3049
|
+
# @return [String]
|
3050
|
+
attr_accessor :attack_exposure_result
|
3051
|
+
|
3052
|
+
# The number of high value resources that are exposed as a result of this
|
3053
|
+
# finding.
|
3054
|
+
# Corresponds to the JSON property `exposedHighValueResourcesCount`
|
3055
|
+
# @return [Fixnum]
|
3056
|
+
attr_accessor :exposed_high_value_resources_count
|
3057
|
+
|
3058
|
+
# The number of high value resources that are exposed as a result of this
|
3059
|
+
# finding.
|
3060
|
+
# Corresponds to the JSON property `exposedLowValueResourcesCount`
|
3061
|
+
# @return [Fixnum]
|
3062
|
+
attr_accessor :exposed_low_value_resources_count
|
3063
|
+
|
3064
|
+
# The number of medium value resources that are exposed as a result of this
|
3065
|
+
# finding.
|
3066
|
+
# Corresponds to the JSON property `exposedMediumValueResourcesCount`
|
3067
|
+
# @return [Fixnum]
|
3068
|
+
attr_accessor :exposed_medium_value_resources_count
|
3069
|
+
|
3070
|
+
# The most recent time the attack exposure was updated on this finding.
|
3071
|
+
# Corresponds to the JSON property `latestCalculationTime`
|
3072
|
+
# @return [String]
|
3073
|
+
attr_accessor :latest_calculation_time
|
3074
|
+
|
3075
|
+
# A number between 0 (inclusive) and infinity that represents how important this
|
3076
|
+
# finding is to remediate. The higher the score, the more important it is to
|
3077
|
+
# remediate.
|
3078
|
+
# Corresponds to the JSON property `score`
|
3079
|
+
# @return [Float]
|
3080
|
+
attr_accessor :score
|
3081
|
+
|
3082
|
+
# Output only. What state this AttackExposure is in. This captures whether or
|
3083
|
+
# not an attack exposure has been calculated or not.
|
3084
|
+
# Corresponds to the JSON property `state`
|
3085
|
+
# @return [String]
|
3086
|
+
attr_accessor :state
|
3087
|
+
|
3088
|
+
def initialize(**args)
|
3089
|
+
update!(**args)
|
3090
|
+
end
|
3091
|
+
|
3092
|
+
# Update properties of this object
|
3093
|
+
def update!(**args)
|
3094
|
+
@attack_exposure_result = args[:attack_exposure_result] if args.key?(:attack_exposure_result)
|
3095
|
+
@exposed_high_value_resources_count = args[:exposed_high_value_resources_count] if args.key?(:exposed_high_value_resources_count)
|
3096
|
+
@exposed_low_value_resources_count = args[:exposed_low_value_resources_count] if args.key?(:exposed_low_value_resources_count)
|
3097
|
+
@exposed_medium_value_resources_count = args[:exposed_medium_value_resources_count] if args.key?(:exposed_medium_value_resources_count)
|
3098
|
+
@latest_calculation_time = args[:latest_calculation_time] if args.key?(:latest_calculation_time)
|
3099
|
+
@score = args[:score] if args.key?(:score)
|
3100
|
+
@state = args[:state] if args.key?(:state)
|
3101
|
+
end
|
3102
|
+
end
|
3103
|
+
|
3104
|
+
# Information related to Google Cloud Backup and DR Service findings.
|
3105
|
+
class GoogleCloudSecuritycenterV2BackupDisasterRecovery
|
3106
|
+
include Google::Apis::Core::Hashable
|
3107
|
+
|
3108
|
+
# The name of the Backup and DR appliance that captures, moves, and manages the
|
3109
|
+
# lifecycle of backup data. For example, “backup-server-57137”.
|
3110
|
+
# Corresponds to the JSON property `appliance`
|
3111
|
+
# @return [String]
|
3112
|
+
attr_accessor :appliance
|
3113
|
+
|
3114
|
+
# The names of Backup and DR applications. An application is a VM, database, or
|
3115
|
+
# file system on a managed host monitored by a backup and recovery appliance.
|
3116
|
+
# For example, “centos7-01-vol00”, “centos7-01-vol01”, “centos7-01-vol02”.
|
3117
|
+
# Corresponds to the JSON property `applications`
|
3118
|
+
# @return [Array<String>]
|
3119
|
+
attr_accessor :applications
|
3120
|
+
|
3121
|
+
# The timestamp at which the Backup and DR backup was created.
|
3122
|
+
# Corresponds to the JSON property `backupCreateTime`
|
3123
|
+
# @return [String]
|
3124
|
+
attr_accessor :backup_create_time
|
3125
|
+
|
3126
|
+
# The name of a Backup and DR template which comprises one or more backup
|
3127
|
+
# policies. See the [Backup and DR documentation](https://cloud.google.com/
|
3128
|
+
# backup-disaster-recovery/docs/concepts/backup-plan#temp) for more information.
|
3129
|
+
# For example, “snap-ov”.
|
3130
|
+
# Corresponds to the JSON property `backupTemplate`
|
3131
|
+
# @return [String]
|
3132
|
+
attr_accessor :backup_template
|
3133
|
+
|
3134
|
+
# The backup type of the Backup and DR image. For example, “Snapshot”, “Remote
|
3135
|
+
# Snapshot”, “OnVault”.
|
3136
|
+
# Corresponds to the JSON property `backupType`
|
3137
|
+
# @return [String]
|
3138
|
+
attr_accessor :backup_type
|
3139
|
+
|
3140
|
+
# The name of a Backup and DR host, which is managed by the backup and recovery
|
3141
|
+
# appliance and known to the management console. The host can be of type Generic
|
3142
|
+
# (for example, Compute Engine, SQL Server, Oracle DB, SMB file system, etc.),
|
3143
|
+
# vCenter, or an ESX server. See the [Backup and DR documentation on hosts](
|
3144
|
+
# https://cloud.google.com/backup-disaster-recovery/docs/configuration/manage-
|
3145
|
+
# hosts-and-their-applications) for more information. For example, “centos7-01”.
|
3146
|
+
# Corresponds to the JSON property `host`
|
3147
|
+
# @return [String]
|
3148
|
+
attr_accessor :host
|
3149
|
+
|
3150
|
+
# The names of Backup and DR policies that are associated with a template and
|
3151
|
+
# that define when to run a backup, how frequently to run a backup, and how long
|
3152
|
+
# to retain the backup image. For example, “onvaults”.
|
3153
|
+
# Corresponds to the JSON property `policies`
|
3154
|
+
# @return [Array<String>]
|
3155
|
+
attr_accessor :policies
|
3156
|
+
|
3157
|
+
# The names of Backup and DR advanced policy options of a policy applying to an
|
3158
|
+
# application. See the [Backup and DR documentation on policy options](https://
|
3159
|
+
# cloud.google.com/backup-disaster-recovery/docs/create-plan/policy-settings).
|
3160
|
+
# For example, “skipofflineappsincongrp, nounmap”.
|
3161
|
+
# Corresponds to the JSON property `policyOptions`
|
3162
|
+
# @return [Array<String>]
|
3163
|
+
attr_accessor :policy_options
|
3164
|
+
|
3165
|
+
# The name of the Backup and DR resource profile that specifies the storage
|
3166
|
+
# media for backups of application and VM data. See the [Backup and DR
|
3167
|
+
# documentation on profiles](https://cloud.google.com/backup-disaster-recovery/
|
3168
|
+
# docs/concepts/backup-plan#profile). For example, “GCP”.
|
3169
|
+
# Corresponds to the JSON property `profile`
|
3170
|
+
# @return [String]
|
3171
|
+
attr_accessor :profile
|
3172
|
+
|
3173
|
+
# The name of the Backup and DR storage pool that the backup and recovery
|
3174
|
+
# appliance is storing data in. The storage pool could be of type Cloud, Primary,
|
3175
|
+
# Snapshot, or OnVault. See the [Backup and DR documentation on storage pools](
|
3176
|
+
# https://cloud.google.com/backup-disaster-recovery/docs/concepts/storage-pools).
|
3177
|
+
# For example, “DiskPoolOne”.
|
3178
|
+
# Corresponds to the JSON property `storagePool`
|
3179
|
+
# @return [String]
|
3180
|
+
attr_accessor :storage_pool
|
3181
|
+
|
3182
|
+
def initialize(**args)
|
3183
|
+
update!(**args)
|
3184
|
+
end
|
3185
|
+
|
3186
|
+
# Update properties of this object
|
3187
|
+
def update!(**args)
|
3188
|
+
@appliance = args[:appliance] if args.key?(:appliance)
|
3189
|
+
@applications = args[:applications] if args.key?(:applications)
|
3190
|
+
@backup_create_time = args[:backup_create_time] if args.key?(:backup_create_time)
|
3191
|
+
@backup_template = args[:backup_template] if args.key?(:backup_template)
|
3192
|
+
@backup_type = args[:backup_type] if args.key?(:backup_type)
|
3193
|
+
@host = args[:host] if args.key?(:host)
|
3194
|
+
@policies = args[:policies] if args.key?(:policies)
|
3195
|
+
@policy_options = args[:policy_options] if args.key?(:policy_options)
|
3196
|
+
@profile = args[:profile] if args.key?(:profile)
|
3197
|
+
@storage_pool = args[:storage_pool] if args.key?(:storage_pool)
|
3198
|
+
end
|
3199
|
+
end
|
3200
|
+
|
3201
|
+
# Configures how to deliver Findings to BigQuery Instance.
|
3202
|
+
class GoogleCloudSecuritycenterV2BigQueryExport
|
3203
|
+
include Google::Apis::Core::Hashable
|
3204
|
+
|
3205
|
+
# Output only. The time at which the BigQuery export was created. This field is
|
3206
|
+
# set by the server and will be ignored if provided on export on creation.
|
3207
|
+
# Corresponds to the JSON property `createTime`
|
3208
|
+
# @return [String]
|
3209
|
+
attr_accessor :create_time
|
3210
|
+
|
3211
|
+
# The dataset to write findings' updates to. Its format is "projects/[project_id]
|
3212
|
+
# /datasets/[bigquery_dataset_id]". BigQuery Dataset unique ID must contain only
|
3213
|
+
# letters (a-z, A-Z), numbers (0-9), or underscores (_).
|
3214
|
+
# Corresponds to the JSON property `dataset`
|
3215
|
+
# @return [String]
|
3216
|
+
attr_accessor :dataset
|
3217
|
+
|
3218
|
+
# The description of the export (max of 1024 characters).
|
3219
|
+
# Corresponds to the JSON property `description`
|
3220
|
+
# @return [String]
|
3221
|
+
attr_accessor :description
|
3222
|
+
|
3223
|
+
# Expression that defines the filter to apply across create/update events of
|
3224
|
+
# findings. The expression is a list of zero or more restrictions combined via
|
3225
|
+
# logical operators `AND` and `OR`. Parentheses are supported, and `OR` has
|
3226
|
+
# higher precedence than `AND`. Restrictions have the form ` ` and may have a `-`
|
3227
|
+
# character in front of them to indicate negation. The fields map to those
|
3228
|
+
# defined in the corresponding resource. The supported operators are: * `=` for
|
3229
|
+
# all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning
|
3230
|
+
# substring matching, for strings. The supported value types are: * string
|
3231
|
+
# literals in quotes. * integer literals without quotes. * boolean literals `
|
3232
|
+
# true` and `false` without quotes.
|
3233
|
+
# Corresponds to the JSON property `filter`
|
3234
|
+
# @return [String]
|
3235
|
+
attr_accessor :filter
|
3236
|
+
|
3237
|
+
# Output only. Email address of the user who last edited the BigQuery export.
|
3238
|
+
# This field is set by the server and will be ignored if provided on export
|
3239
|
+
# creation or update.
|
3240
|
+
# Corresponds to the JSON property `mostRecentEditor`
|
3241
|
+
# @return [String]
|
3242
|
+
attr_accessor :most_recent_editor
|
3243
|
+
|
3244
|
+
# The relative resource name of this export. See: https://cloud.google.com/apis/
|
3245
|
+
# design/resource_names#relative_resource_name. The following list shows some
|
3246
|
+
# examples: + `organizations/`organization_id`/locations/`location_id`/
|
3247
|
+
# bigQueryExports/`export_id`` + `folders/`folder_id`/locations/`location_id`/
|
3248
|
+
# bigQueryExports/`export_id`` + `projects/`project_id`/locations/`location_id`/
|
3249
|
+
# bigQueryExports/`export_id`` This field is provided in responses, and is
|
3250
|
+
# ignored when provided in create requests.
|
3251
|
+
# Corresponds to the JSON property `name`
|
3252
|
+
# @return [String]
|
3253
|
+
attr_accessor :name
|
3254
|
+
|
3255
|
+
# Output only. The service account that needs permission to create table and
|
3256
|
+
# upload data to the BigQuery dataset.
|
3257
|
+
# Corresponds to the JSON property `principal`
|
3258
|
+
# @return [String]
|
3259
|
+
attr_accessor :principal
|
3260
|
+
|
3261
|
+
# Output only. The most recent time at which the BigQuery export was updated.
|
3262
|
+
# This field is set by the server and will be ignored if provided on export
|
3263
|
+
# creation or update.
|
3264
|
+
# Corresponds to the JSON property `updateTime`
|
3265
|
+
# @return [String]
|
3266
|
+
attr_accessor :update_time
|
3267
|
+
|
3268
|
+
def initialize(**args)
|
3269
|
+
update!(**args)
|
3270
|
+
end
|
3271
|
+
|
3272
|
+
# Update properties of this object
|
3273
|
+
def update!(**args)
|
3274
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
3275
|
+
@dataset = args[:dataset] if args.key?(:dataset)
|
3276
|
+
@description = args[:description] if args.key?(:description)
|
3277
|
+
@filter = args[:filter] if args.key?(:filter)
|
3278
|
+
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
3279
|
+
@name = args[:name] if args.key?(:name)
|
3280
|
+
@principal = args[:principal] if args.key?(:principal)
|
3281
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
3282
|
+
end
|
3283
|
+
end
|
3284
|
+
|
3285
|
+
# Represents a Kubernetes RoleBinding or ClusterRoleBinding.
|
3286
|
+
class GoogleCloudSecuritycenterV2Binding
|
3287
|
+
include Google::Apis::Core::Hashable
|
3288
|
+
|
3289
|
+
# Name for the binding.
|
3290
|
+
# Corresponds to the JSON property `name`
|
3291
|
+
# @return [String]
|
3292
|
+
attr_accessor :name
|
3293
|
+
|
3294
|
+
# Namespace for the binding.
|
3295
|
+
# Corresponds to the JSON property `ns`
|
3296
|
+
# @return [String]
|
3297
|
+
attr_accessor :ns
|
3298
|
+
|
3299
|
+
# Kubernetes Role or ClusterRole.
|
3300
|
+
# Corresponds to the JSON property `role`
|
3301
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Role]
|
3302
|
+
attr_accessor :role
|
3303
|
+
|
3304
|
+
# Represents one or more subjects that are bound to the role. Not always
|
3305
|
+
# available for PATCH requests.
|
3306
|
+
# Corresponds to the JSON property `subjects`
|
3307
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Subject>]
|
3308
|
+
attr_accessor :subjects
|
3309
|
+
|
3310
|
+
def initialize(**args)
|
3311
|
+
update!(**args)
|
3312
|
+
end
|
3313
|
+
|
3314
|
+
# Update properties of this object
|
3315
|
+
def update!(**args)
|
3316
|
+
@name = args[:name] if args.key?(:name)
|
3317
|
+
@ns = args[:ns] if args.key?(:ns)
|
3318
|
+
@role = args[:role] if args.key?(:role)
|
3319
|
+
@subjects = args[:subjects] if args.key?(:subjects)
|
3320
|
+
end
|
3321
|
+
end
|
3322
|
+
|
3323
|
+
# The response to a BulkMute request. Contains the LRO information.
|
3324
|
+
class GoogleCloudSecuritycenterV2BulkMuteFindingsResponse
|
3325
|
+
include Google::Apis::Core::Hashable
|
3326
|
+
|
3327
|
+
def initialize(**args)
|
3328
|
+
update!(**args)
|
3329
|
+
end
|
3330
|
+
|
3331
|
+
# Update properties of this object
|
3332
|
+
def update!(**args)
|
3333
|
+
end
|
3334
|
+
end
|
3335
|
+
|
3336
|
+
# The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated
|
3337
|
+
# with the finding.
|
3338
|
+
class GoogleCloudSecuritycenterV2CloudDlpDataProfile
|
3339
|
+
include Google::Apis::Core::Hashable
|
3340
|
+
|
3341
|
+
# Name of the data profile, for example, `projects/123/locations/europe/
|
3342
|
+
# tableProfiles/8383929`.
|
3343
|
+
# Corresponds to the JSON property `dataProfile`
|
3344
|
+
# @return [String]
|
3345
|
+
attr_accessor :data_profile
|
3346
|
+
|
3347
|
+
# The resource hierarchy level at which the data profile was generated.
|
3348
|
+
# Corresponds to the JSON property `parentType`
|
3349
|
+
# @return [String]
|
3350
|
+
attr_accessor :parent_type
|
3351
|
+
|
3352
|
+
def initialize(**args)
|
3353
|
+
update!(**args)
|
3354
|
+
end
|
3355
|
+
|
3356
|
+
# Update properties of this object
|
3357
|
+
def update!(**args)
|
3358
|
+
@data_profile = args[:data_profile] if args.key?(:data_profile)
|
3359
|
+
@parent_type = args[:parent_type] if args.key?(:parent_type)
|
3360
|
+
end
|
3361
|
+
end
|
3362
|
+
|
3363
|
+
# Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection job](
|
3364
|
+
# https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the
|
3365
|
+
# finding.
|
3366
|
+
class GoogleCloudSecuritycenterV2CloudDlpInspection
|
3367
|
+
include Google::Apis::Core::Hashable
|
3368
|
+
|
3369
|
+
# Whether Cloud DLP scanned the complete resource or a sampled subset.
|
3370
|
+
# Corresponds to the JSON property `fullScan`
|
3371
|
+
# @return [Boolean]
|
3372
|
+
attr_accessor :full_scan
|
3373
|
+
alias_method :full_scan?, :full_scan
|
3374
|
+
|
3375
|
+
# The type of information (or *[infoType](https://cloud.google.com/dlp/docs/
|
3376
|
+
# infotypes-reference)*) found, for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
|
3377
|
+
# Corresponds to the JSON property `infoType`
|
3378
|
+
# @return [String]
|
3379
|
+
attr_accessor :info_type
|
3380
|
+
|
3381
|
+
# The number of times Cloud DLP found this infoType within this job and resource.
|
3382
|
+
# Corresponds to the JSON property `infoTypeCount`
|
3383
|
+
# @return [Fixnum]
|
3384
|
+
attr_accessor :info_type_count
|
3385
|
+
|
3386
|
+
# Name of the inspection job, for example, `projects/123/locations/europe/
|
3387
|
+
# dlpJobs/i-8383929`.
|
3388
|
+
# Corresponds to the JSON property `inspectJob`
|
3389
|
+
# @return [String]
|
3390
|
+
attr_accessor :inspect_job
|
3391
|
+
|
3392
|
+
def initialize(**args)
|
3393
|
+
update!(**args)
|
3394
|
+
end
|
3395
|
+
|
3396
|
+
# Update properties of this object
|
3397
|
+
def update!(**args)
|
3398
|
+
@full_scan = args[:full_scan] if args.key?(:full_scan)
|
3399
|
+
@info_type = args[:info_type] if args.key?(:info_type)
|
3400
|
+
@info_type_count = args[:info_type_count] if args.key?(:info_type_count)
|
3401
|
+
@inspect_job = args[:inspect_job] if args.key?(:inspect_job)
|
3402
|
+
end
|
3403
|
+
end
|
3404
|
+
|
3405
|
+
# Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
|
3406
|
+
# logging/docs/reference/v2/rest/v2/LogEntry)
|
3407
|
+
class GoogleCloudSecuritycenterV2CloudLoggingEntry
|
3408
|
+
include Google::Apis::Core::Hashable
|
3409
|
+
|
3410
|
+
# A unique identifier for the log entry.
|
3411
|
+
# Corresponds to the JSON property `insertId`
|
3412
|
+
# @return [String]
|
3413
|
+
attr_accessor :insert_id
|
3414
|
+
|
3415
|
+
# The type of the log (part of `log_name`. `log_name` is the resource name of
|
3416
|
+
# the log to which this log entry belongs). For example: `cloudresourcemanager.
|
3417
|
+
# googleapis.com/activity` Note that this field is not URL-encoded, unlike in `
|
3418
|
+
# LogEntry`.
|
3419
|
+
# Corresponds to the JSON property `logId`
|
3420
|
+
# @return [String]
|
3421
|
+
attr_accessor :log_id
|
3422
|
+
|
3423
|
+
# The organization, folder, or project of the monitored resource that produced
|
3424
|
+
# this log entry.
|
3425
|
+
# Corresponds to the JSON property `resourceContainer`
|
3426
|
+
# @return [String]
|
3427
|
+
attr_accessor :resource_container
|
3428
|
+
|
3429
|
+
# The time the event described by the log entry occurred.
|
3430
|
+
# Corresponds to the JSON property `timestamp`
|
3431
|
+
# @return [String]
|
3432
|
+
attr_accessor :timestamp
|
3433
|
+
|
3434
|
+
def initialize(**args)
|
3435
|
+
update!(**args)
|
3436
|
+
end
|
3437
|
+
|
3438
|
+
# Update properties of this object
|
3439
|
+
def update!(**args)
|
3440
|
+
@insert_id = args[:insert_id] if args.key?(:insert_id)
|
3441
|
+
@log_id = args[:log_id] if args.key?(:log_id)
|
3442
|
+
@resource_container = args[:resource_container] if args.key?(:resource_container)
|
3443
|
+
@timestamp = args[:timestamp] if args.key?(:timestamp)
|
3444
|
+
end
|
3445
|
+
end
|
3446
|
+
|
3447
|
+
# Contains compliance information about a security standard indicating unmet
|
3448
|
+
# recommendations.
|
3449
|
+
class GoogleCloudSecuritycenterV2Compliance
|
3450
|
+
include Google::Apis::Core::Hashable
|
3451
|
+
|
3452
|
+
# Policies within the standard or benchmark, for example, A.12.4.1
|
3453
|
+
# Corresponds to the JSON property `ids`
|
3454
|
+
# @return [Array<String>]
|
3455
|
+
attr_accessor :ids
|
3456
|
+
|
3457
|
+
# Industry-wide compliance standards or benchmarks, such as CIS, PCI, and OWASP.
|
3458
|
+
# Corresponds to the JSON property `standard`
|
3459
|
+
# @return [String]
|
3460
|
+
attr_accessor :standard
|
3461
|
+
|
3462
|
+
# Version of the standard or benchmark, for example, 1.1
|
3463
|
+
# Corresponds to the JSON property `version`
|
3464
|
+
# @return [String]
|
3465
|
+
attr_accessor :version
|
3466
|
+
|
3467
|
+
def initialize(**args)
|
3468
|
+
update!(**args)
|
3469
|
+
end
|
3470
|
+
|
3471
|
+
# Update properties of this object
|
3472
|
+
def update!(**args)
|
3473
|
+
@ids = args[:ids] if args.key?(:ids)
|
3474
|
+
@standard = args[:standard] if args.key?(:standard)
|
3475
|
+
@version = args[:version] if args.key?(:version)
|
3476
|
+
end
|
3477
|
+
end
|
3478
|
+
|
3479
|
+
# Contains information about the IP connection associated with the finding.
|
3480
|
+
class GoogleCloudSecuritycenterV2Connection
|
3481
|
+
include Google::Apis::Core::Hashable
|
3482
|
+
|
3483
|
+
# Destination IP address. Not present for sockets that are listening and not
|
3484
|
+
# connected.
|
3485
|
+
# Corresponds to the JSON property `destinationIp`
|
3486
|
+
# @return [String]
|
3487
|
+
attr_accessor :destination_ip
|
3488
|
+
|
3489
|
+
# Destination port. Not present for sockets that are listening and not connected.
|
3490
|
+
# Corresponds to the JSON property `destinationPort`
|
3491
|
+
# @return [Fixnum]
|
3492
|
+
attr_accessor :destination_port
|
3493
|
+
|
3494
|
+
# IANA Internet Protocol Number such as TCP(6) and UDP(17).
|
3495
|
+
# Corresponds to the JSON property `protocol`
|
3496
|
+
# @return [String]
|
3497
|
+
attr_accessor :protocol
|
3498
|
+
|
3499
|
+
# Source IP address.
|
3500
|
+
# Corresponds to the JSON property `sourceIp`
|
3501
|
+
# @return [String]
|
3502
|
+
attr_accessor :source_ip
|
3503
|
+
|
3504
|
+
# Source port.
|
3505
|
+
# Corresponds to the JSON property `sourcePort`
|
3506
|
+
# @return [Fixnum]
|
3507
|
+
attr_accessor :source_port
|
3508
|
+
|
3509
|
+
def initialize(**args)
|
3510
|
+
update!(**args)
|
3511
|
+
end
|
3512
|
+
|
3513
|
+
# Update properties of this object
|
3514
|
+
def update!(**args)
|
3515
|
+
@destination_ip = args[:destination_ip] if args.key?(:destination_ip)
|
3516
|
+
@destination_port = args[:destination_port] if args.key?(:destination_port)
|
3517
|
+
@protocol = args[:protocol] if args.key?(:protocol)
|
3518
|
+
@source_ip = args[:source_ip] if args.key?(:source_ip)
|
3519
|
+
@source_port = args[:source_port] if args.key?(:source_port)
|
3520
|
+
end
|
3521
|
+
end
|
3522
|
+
|
3523
|
+
# The email address of a contact.
|
3524
|
+
class GoogleCloudSecuritycenterV2Contact
|
3525
|
+
include Google::Apis::Core::Hashable
|
3526
|
+
|
3527
|
+
# An email address. For example, "`person123@company.com`".
|
3528
|
+
# Corresponds to the JSON property `email`
|
3529
|
+
# @return [String]
|
3530
|
+
attr_accessor :email
|
3531
|
+
|
3532
|
+
def initialize(**args)
|
3533
|
+
update!(**args)
|
3534
|
+
end
|
3535
|
+
|
3536
|
+
# Update properties of this object
|
3537
|
+
def update!(**args)
|
3538
|
+
@email = args[:email] if args.key?(:email)
|
3539
|
+
end
|
3540
|
+
end
|
3541
|
+
|
3542
|
+
# Details about specific contacts
|
3543
|
+
class GoogleCloudSecuritycenterV2ContactDetails
|
3544
|
+
include Google::Apis::Core::Hashable
|
3545
|
+
|
3546
|
+
# A list of contacts
|
3547
|
+
# Corresponds to the JSON property `contacts`
|
3548
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Contact>]
|
3549
|
+
attr_accessor :contacts
|
3550
|
+
|
3551
|
+
def initialize(**args)
|
3552
|
+
update!(**args)
|
3553
|
+
end
|
3554
|
+
|
3555
|
+
# Update properties of this object
|
3556
|
+
def update!(**args)
|
3557
|
+
@contacts = args[:contacts] if args.key?(:contacts)
|
3558
|
+
end
|
3559
|
+
end
|
3560
|
+
|
3561
|
+
# Container associated with the finding.
|
3562
|
+
class GoogleCloudSecuritycenterV2Container
|
3563
|
+
include Google::Apis::Core::Hashable
|
3564
|
+
|
3565
|
+
# The time that the container was created.
|
3566
|
+
# Corresponds to the JSON property `createTime`
|
3567
|
+
# @return [String]
|
3568
|
+
attr_accessor :create_time
|
3569
|
+
|
3570
|
+
# Optional container image ID, if provided by the container runtime. Uniquely
|
3571
|
+
# identifies the container image launched using a container image digest.
|
3572
|
+
# Corresponds to the JSON property `imageId`
|
3573
|
+
# @return [String]
|
3574
|
+
attr_accessor :image_id
|
3575
|
+
|
3576
|
+
# Container labels, as provided by the container runtime.
|
3577
|
+
# Corresponds to the JSON property `labels`
|
3578
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Label>]
|
3579
|
+
attr_accessor :labels
|
3580
|
+
|
3581
|
+
# Name of the container.
|
3582
|
+
# Corresponds to the JSON property `name`
|
3583
|
+
# @return [String]
|
3584
|
+
attr_accessor :name
|
3585
|
+
|
3586
|
+
# Container image URI provided when configuring a pod or container. This string
|
3587
|
+
# can identify a container image version using mutable tags.
|
3588
|
+
# Corresponds to the JSON property `uri`
|
3589
|
+
# @return [String]
|
3590
|
+
attr_accessor :uri
|
3591
|
+
|
3592
|
+
def initialize(**args)
|
3593
|
+
update!(**args)
|
3594
|
+
end
|
3595
|
+
|
3596
|
+
# Update properties of this object
|
3597
|
+
def update!(**args)
|
3598
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
3599
|
+
@image_id = args[:image_id] if args.key?(:image_id)
|
3600
|
+
@labels = args[:labels] if args.key?(:labels)
|
3601
|
+
@name = args[:name] if args.key?(:name)
|
3602
|
+
@uri = args[:uri] if args.key?(:uri)
|
3603
|
+
end
|
3604
|
+
end
|
3605
|
+
|
3606
|
+
# CVE stands for Common Vulnerabilities and Exposures. Information from the [CVE
|
3607
|
+
# record](https://www.cve.org/ResourcesSupport/Glossary) that describes this
|
3608
|
+
# vulnerability.
|
3609
|
+
class GoogleCloudSecuritycenterV2Cve
|
3610
|
+
include Google::Apis::Core::Hashable
|
3611
|
+
|
3612
|
+
# Common Vulnerability Scoring System version 3.
|
3613
|
+
# Corresponds to the JSON property `cvssv3`
|
3614
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cvssv3]
|
3615
|
+
attr_accessor :cvssv3
|
3616
|
+
|
3617
|
+
# The exploitation activity of the vulnerability in the wild.
|
3618
|
+
# Corresponds to the JSON property `exploitationActivity`
|
3619
|
+
# @return [String]
|
3620
|
+
attr_accessor :exploitation_activity
|
3621
|
+
|
3622
|
+
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
3623
|
+
# Corresponds to the JSON property `id`
|
3624
|
+
# @return [String]
|
3625
|
+
attr_accessor :id
|
3626
|
+
|
3627
|
+
# The potential impact of the vulnerability if it was to be exploited.
|
3628
|
+
# Corresponds to the JSON property `impact`
|
3629
|
+
# @return [String]
|
3630
|
+
attr_accessor :impact
|
3631
|
+
|
3632
|
+
# Whether or not the vulnerability has been observed in the wild.
|
3633
|
+
# Corresponds to the JSON property `observedInTheWild`
|
3634
|
+
# @return [Boolean]
|
3635
|
+
attr_accessor :observed_in_the_wild
|
3636
|
+
alias_method :observed_in_the_wild?, :observed_in_the_wild
|
3637
|
+
|
3638
|
+
# Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/
|
3639
|
+
# cvename.cgi?name=CVE-2021-34527
|
3640
|
+
# Corresponds to the JSON property `references`
|
3641
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Reference>]
|
3642
|
+
attr_accessor :references
|
3643
|
+
|
3644
|
+
# Whether upstream fix is available for the CVE.
|
3645
|
+
# Corresponds to the JSON property `upstreamFixAvailable`
|
3646
|
+
# @return [Boolean]
|
3647
|
+
attr_accessor :upstream_fix_available
|
3648
|
+
alias_method :upstream_fix_available?, :upstream_fix_available
|
3649
|
+
|
3650
|
+
# Whether or not the vulnerability was zero day when the finding was published.
|
3651
|
+
# Corresponds to the JSON property `zeroDay`
|
3652
|
+
# @return [Boolean]
|
3653
|
+
attr_accessor :zero_day
|
3654
|
+
alias_method :zero_day?, :zero_day
|
3655
|
+
|
3656
|
+
def initialize(**args)
|
3657
|
+
update!(**args)
|
3658
|
+
end
|
3659
|
+
|
3660
|
+
# Update properties of this object
|
3661
|
+
def update!(**args)
|
3662
|
+
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
3663
|
+
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
3664
|
+
@id = args[:id] if args.key?(:id)
|
3665
|
+
@impact = args[:impact] if args.key?(:impact)
|
3666
|
+
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
3667
|
+
@references = args[:references] if args.key?(:references)
|
3668
|
+
@upstream_fix_available = args[:upstream_fix_available] if args.key?(:upstream_fix_available)
|
3669
|
+
@zero_day = args[:zero_day] if args.key?(:zero_day)
|
3670
|
+
end
|
3671
|
+
end
|
3672
|
+
|
3673
|
+
# Common Vulnerability Scoring System version 3.
|
3674
|
+
class GoogleCloudSecuritycenterV2Cvssv3
|
3675
|
+
include Google::Apis::Core::Hashable
|
3676
|
+
|
3677
|
+
# This metric describes the conditions beyond the attacker's control that must
|
3678
|
+
# exist in order to exploit the vulnerability.
|
3679
|
+
# Corresponds to the JSON property `attackComplexity`
|
3680
|
+
# @return [String]
|
3681
|
+
attr_accessor :attack_complexity
|
3682
|
+
|
3683
|
+
# Base Metrics Represents the intrinsic characteristics of a vulnerability that
|
3684
|
+
# are constant over time and across user environments. This metric reflects the
|
3685
|
+
# context by which vulnerability exploitation is possible.
|
3686
|
+
# Corresponds to the JSON property `attackVector`
|
3687
|
+
# @return [String]
|
3688
|
+
attr_accessor :attack_vector
|
3689
|
+
|
3690
|
+
# This metric measures the impact to the availability of the impacted component
|
3691
|
+
# resulting from a successfully exploited vulnerability.
|
3692
|
+
# Corresponds to the JSON property `availabilityImpact`
|
3693
|
+
# @return [String]
|
3694
|
+
attr_accessor :availability_impact
|
3695
|
+
|
3696
|
+
# The base score is a function of the base metric scores.
|
3697
|
+
# Corresponds to the JSON property `baseScore`
|
3698
|
+
# @return [Float]
|
3699
|
+
attr_accessor :base_score
|
3700
|
+
|
3701
|
+
# This metric measures the impact to the confidentiality of the information
|
3702
|
+
# resources managed by a software component due to a successfully exploited
|
3703
|
+
# vulnerability.
|
3704
|
+
# Corresponds to the JSON property `confidentialityImpact`
|
3705
|
+
# @return [String]
|
3706
|
+
attr_accessor :confidentiality_impact
|
3707
|
+
|
3708
|
+
# This metric measures the impact to integrity of a successfully exploited
|
3709
|
+
# vulnerability.
|
3710
|
+
# Corresponds to the JSON property `integrityImpact`
|
3711
|
+
# @return [String]
|
3712
|
+
attr_accessor :integrity_impact
|
3713
|
+
|
3714
|
+
# This metric describes the level of privileges an attacker must possess before
|
3715
|
+
# successfully exploiting the vulnerability.
|
3716
|
+
# Corresponds to the JSON property `privilegesRequired`
|
3717
|
+
# @return [String]
|
3718
|
+
attr_accessor :privileges_required
|
3719
|
+
|
3720
|
+
# The Scope metric captures whether a vulnerability in one vulnerable component
|
3721
|
+
# impacts resources in components beyond its security scope.
|
3722
|
+
# Corresponds to the JSON property `scope`
|
3723
|
+
# @return [String]
|
3724
|
+
attr_accessor :scope
|
3725
|
+
|
3726
|
+
# This metric captures the requirement for a human user, other than the attacker,
|
3727
|
+
# to participate in the successful compromise of the vulnerable component.
|
3728
|
+
# Corresponds to the JSON property `userInteraction`
|
3729
|
+
# @return [String]
|
3730
|
+
attr_accessor :user_interaction
|
3731
|
+
|
3732
|
+
def initialize(**args)
|
3733
|
+
update!(**args)
|
3734
|
+
end
|
3735
|
+
|
3736
|
+
# Update properties of this object
|
3737
|
+
def update!(**args)
|
3738
|
+
@attack_complexity = args[:attack_complexity] if args.key?(:attack_complexity)
|
3739
|
+
@attack_vector = args[:attack_vector] if args.key?(:attack_vector)
|
3740
|
+
@availability_impact = args[:availability_impact] if args.key?(:availability_impact)
|
3741
|
+
@base_score = args[:base_score] if args.key?(:base_score)
|
3742
|
+
@confidentiality_impact = args[:confidentiality_impact] if args.key?(:confidentiality_impact)
|
3743
|
+
@integrity_impact = args[:integrity_impact] if args.key?(:integrity_impact)
|
3744
|
+
@privileges_required = args[:privileges_required] if args.key?(:privileges_required)
|
3745
|
+
@scope = args[:scope] if args.key?(:scope)
|
3746
|
+
@user_interaction = args[:user_interaction] if args.key?(:user_interaction)
|
3747
|
+
end
|
3748
|
+
end
|
3749
|
+
|
3750
|
+
# Represents database access information, such as queries. A database may be a
|
3751
|
+
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
3752
|
+
# Spanner instances), or the database instance itself. Some database resources
|
3753
|
+
# might not have the [full resource name](https://google.aip.dev/122#full-
|
3754
|
+
# resource-names) populated because these resource types, such as Cloud SQL
|
3755
|
+
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
3756
|
+
# the display name is provided.
|
3757
|
+
class GoogleCloudSecuritycenterV2Database
|
3758
|
+
include Google::Apis::Core::Hashable
|
3759
|
+
|
3760
|
+
# The human-readable name of the database that the user connected to.
|
3761
|
+
# Corresponds to the JSON property `displayName`
|
3762
|
+
# @return [String]
|
3763
|
+
attr_accessor :display_name
|
3764
|
+
|
3765
|
+
# The target usernames, roles, or groups of an SQL privilege grant, which is not
|
3766
|
+
# an IAM policy change.
|
3767
|
+
# Corresponds to the JSON property `grantees`
|
3768
|
+
# @return [Array<String>]
|
3769
|
+
attr_accessor :grantees
|
3770
|
+
|
3771
|
+
# Some database resources may not have the [full resource name](https://google.
|
3772
|
+
# aip.dev/122#full-resource-names) populated because these resource types are
|
3773
|
+
# not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
|
3774
|
+
# these cases only the display name will be provided. The [full resource name](
|
3775
|
+
# https://google.aip.dev/122#full-resource-names) of the database that the user
|
3776
|
+
# connected to, if it is supported by Cloud Asset Inventory.
|
3777
|
+
# Corresponds to the JSON property `name`
|
3778
|
+
# @return [String]
|
3779
|
+
attr_accessor :name
|
3780
|
+
|
3781
|
+
# The SQL statement that is associated with the database access.
|
3782
|
+
# Corresponds to the JSON property `query`
|
3783
|
+
# @return [String]
|
3784
|
+
attr_accessor :query
|
3785
|
+
|
3786
|
+
# The username used to connect to the database. The username might not be an IAM
|
3787
|
+
# principal and does not have a set format.
|
3788
|
+
# Corresponds to the JSON property `userName`
|
3789
|
+
# @return [String]
|
3790
|
+
attr_accessor :user_name
|
3791
|
+
|
3792
|
+
# The version of the database, for example, POSTGRES_14. See [the complete list](
|
3793
|
+
# https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
|
3794
|
+
# Corresponds to the JSON property `version`
|
3795
|
+
# @return [String]
|
3796
|
+
attr_accessor :version
|
3797
|
+
|
3798
|
+
def initialize(**args)
|
3799
|
+
update!(**args)
|
3800
|
+
end
|
3801
|
+
|
3802
|
+
# Update properties of this object
|
3803
|
+
def update!(**args)
|
3804
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
3805
|
+
@grantees = args[:grantees] if args.key?(:grantees)
|
3806
|
+
@name = args[:name] if args.key?(:name)
|
3807
|
+
@query = args[:query] if args.key?(:query)
|
3808
|
+
@user_name = args[:user_name] if args.key?(:user_name)
|
3809
|
+
@version = args[:version] if args.key?(:version)
|
3810
|
+
end
|
3811
|
+
end
|
3812
|
+
|
3813
|
+
# Memory hash detection contributing to the binary family match.
|
3814
|
+
class GoogleCloudSecuritycenterV2Detection
|
3815
|
+
include Google::Apis::Core::Hashable
|
3816
|
+
|
3817
|
+
# The name of the binary associated with the memory hash signature detection.
|
3818
|
+
# Corresponds to the JSON property `binary`
|
3819
|
+
# @return [String]
|
3820
|
+
attr_accessor :binary
|
3821
|
+
|
3822
|
+
# The percentage of memory page hashes in the signature that were matched.
|
3823
|
+
# Corresponds to the JSON property `percentPagesMatched`
|
3824
|
+
# @return [Float]
|
3825
|
+
attr_accessor :percent_pages_matched
|
3826
|
+
|
3827
|
+
def initialize(**args)
|
3828
|
+
update!(**args)
|
3829
|
+
end
|
3830
|
+
|
3831
|
+
# Update properties of this object
|
3832
|
+
def update!(**args)
|
3833
|
+
@binary = args[:binary] if args.key?(:binary)
|
3834
|
+
@percent_pages_matched = args[:percent_pages_matched] if args.key?(:percent_pages_matched)
|
3835
|
+
end
|
3836
|
+
end
|
3837
|
+
|
3838
|
+
# Path of the file in terms of underlying disk/partition identifiers.
|
3839
|
+
class GoogleCloudSecuritycenterV2DiskPath
|
3840
|
+
include Google::Apis::Core::Hashable
|
3841
|
+
|
3842
|
+
# UUID of the partition (format https://wiki.archlinux.org/title/
|
3843
|
+
# persistent_block_device_naming#by-uuid)
|
3844
|
+
# Corresponds to the JSON property `partitionUuid`
|
3845
|
+
# @return [String]
|
3846
|
+
attr_accessor :partition_uuid
|
3847
|
+
|
3848
|
+
# Relative path of the file in the partition as a JSON encoded string. Example: /
|
3849
|
+
# home/user1/executable_file.sh
|
3850
|
+
# Corresponds to the JSON property `relativePath`
|
3851
|
+
# @return [String]
|
3852
|
+
attr_accessor :relative_path
|
3853
|
+
|
3854
|
+
def initialize(**args)
|
3855
|
+
update!(**args)
|
3856
|
+
end
|
3857
|
+
|
3858
|
+
# Update properties of this object
|
3859
|
+
def update!(**args)
|
3860
|
+
@partition_uuid = args[:partition_uuid] if args.key?(:partition_uuid)
|
3861
|
+
@relative_path = args[:relative_path] if args.key?(:relative_path)
|
3862
|
+
end
|
3863
|
+
end
|
3864
|
+
|
3865
|
+
# A name-value pair representing an environment variable used in an operating
|
3866
|
+
# system process.
|
3867
|
+
class GoogleCloudSecuritycenterV2EnvironmentVariable
|
3868
|
+
include Google::Apis::Core::Hashable
|
3869
|
+
|
3870
|
+
# Environment variable name as a JSON encoded string.
|
3871
|
+
# Corresponds to the JSON property `name`
|
3872
|
+
# @return [String]
|
3873
|
+
attr_accessor :name
|
3874
|
+
|
3875
|
+
# Environment variable value as a JSON encoded string.
|
3876
|
+
# Corresponds to the JSON property `val`
|
3877
|
+
# @return [String]
|
3878
|
+
attr_accessor :val
|
3879
|
+
|
3880
|
+
def initialize(**args)
|
3881
|
+
update!(**args)
|
3882
|
+
end
|
3883
|
+
|
3884
|
+
# Update properties of this object
|
3885
|
+
def update!(**args)
|
3886
|
+
@name = args[:name] if args.key?(:name)
|
3887
|
+
@val = args[:val] if args.key?(:val)
|
3888
|
+
end
|
3889
|
+
end
|
3890
|
+
|
3891
|
+
# Resource where data was exfiltrated from or exfiltrated to.
|
3892
|
+
class GoogleCloudSecuritycenterV2ExfilResource
|
3893
|
+
include Google::Apis::Core::Hashable
|
3894
|
+
|
3895
|
+
# Subcomponents of the asset that was exfiltrated, like URIs used during
|
3896
|
+
# exfiltration, table names, databases, and filenames. For example, multiple
|
3897
|
+
# tables might have been exfiltrated from the same Cloud SQL instance, or
|
3898
|
+
# multiple files might have been exfiltrated from the same Cloud Storage bucket.
|
3899
|
+
# Corresponds to the JSON property `components`
|
3900
|
+
# @return [Array<String>]
|
3901
|
+
attr_accessor :components
|
3902
|
+
|
3903
|
+
# The resource's [full resource name](https://cloud.google.com/apis/design/
|
3904
|
+
# resource_names#full_resource_name).
|
3905
|
+
# Corresponds to the JSON property `name`
|
3906
|
+
# @return [String]
|
3907
|
+
attr_accessor :name
|
3908
|
+
|
3909
|
+
def initialize(**args)
|
3910
|
+
update!(**args)
|
3911
|
+
end
|
3912
|
+
|
3913
|
+
# Update properties of this object
|
3914
|
+
def update!(**args)
|
3915
|
+
@components = args[:components] if args.key?(:components)
|
3916
|
+
@name = args[:name] if args.key?(:name)
|
3917
|
+
end
|
3918
|
+
end
|
3919
|
+
|
3920
|
+
# Exfiltration represents a data exfiltration attempt from one or more sources
|
3921
|
+
# to one or more targets. The `sources` attribute lists the sources of the
|
3922
|
+
# exfiltrated data. The `targets` attribute lists the destinations the data was
|
3923
|
+
# copied to.
|
3924
|
+
class GoogleCloudSecuritycenterV2Exfiltration
|
3925
|
+
include Google::Apis::Core::Hashable
|
3926
|
+
|
3927
|
+
# If there are multiple sources, then the data is considered "joined" between
|
3928
|
+
# them. For instance, BigQuery can join multiple tables, and each table would be
|
3929
|
+
# considered a source.
|
3930
|
+
# Corresponds to the JSON property `sources`
|
3931
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExfilResource>]
|
3932
|
+
attr_accessor :sources
|
3933
|
+
|
3934
|
+
# If there are multiple targets, each target would get a complete copy of the "
|
3935
|
+
# joined" source data.
|
3936
|
+
# Corresponds to the JSON property `targets`
|
3937
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExfilResource>]
|
3938
|
+
attr_accessor :targets
|
3939
|
+
|
3940
|
+
# Total exfiltrated bytes processed for the entire job.
|
3941
|
+
# Corresponds to the JSON property `totalExfiltratedBytes`
|
3942
|
+
# @return [Fixnum]
|
3943
|
+
attr_accessor :total_exfiltrated_bytes
|
3944
|
+
|
3945
|
+
def initialize(**args)
|
3946
|
+
update!(**args)
|
3947
|
+
end
|
3948
|
+
|
3949
|
+
# Update properties of this object
|
3950
|
+
def update!(**args)
|
3951
|
+
@sources = args[:sources] if args.key?(:sources)
|
3952
|
+
@targets = args[:targets] if args.key?(:targets)
|
3953
|
+
@total_exfiltrated_bytes = args[:total_exfiltrated_bytes] if args.key?(:total_exfiltrated_bytes)
|
3954
|
+
end
|
3955
|
+
end
|
3956
|
+
|
3957
|
+
# Representation of third party SIEM/SOAR fields within SCC.
|
3958
|
+
class GoogleCloudSecuritycenterV2ExternalSystem
|
3959
|
+
include Google::Apis::Core::Hashable
|
3960
|
+
|
3961
|
+
# References primary/secondary etc assignees in the external system.
|
3962
|
+
# Corresponds to the JSON property `assignees`
|
3963
|
+
# @return [Array<String>]
|
3964
|
+
attr_accessor :assignees
|
3965
|
+
|
3966
|
+
# The priority of the finding's corresponding case in the external system.
|
3967
|
+
# Corresponds to the JSON property `casePriority`
|
3968
|
+
# @return [String]
|
3969
|
+
attr_accessor :case_priority
|
3970
|
+
|
3971
|
+
# The SLA of the finding's corresponding case in the external system.
|
3972
|
+
# Corresponds to the JSON property `caseSla`
|
3973
|
+
# @return [String]
|
3974
|
+
attr_accessor :case_sla
|
3975
|
+
|
3976
|
+
# The link to the finding's corresponding case in the external system.
|
3977
|
+
# Corresponds to the JSON property `caseUri`
|
3978
|
+
# @return [String]
|
3979
|
+
attr_accessor :case_uri
|
3980
|
+
|
3981
|
+
# The time when the case was last updated, as reported by the external system.
|
3982
|
+
# Corresponds to the JSON property `externalSystemUpdateTime`
|
3983
|
+
# @return [String]
|
3984
|
+
attr_accessor :external_system_update_time
|
3985
|
+
|
3986
|
+
# The identifier that's used to track the finding's corresponding case in the
|
3987
|
+
# external system.
|
3988
|
+
# Corresponds to the JSON property `externalUid`
|
3989
|
+
# @return [String]
|
3990
|
+
attr_accessor :external_uid
|
3991
|
+
|
3992
|
+
# Full resource name of the external system. The following list shows some
|
3993
|
+
# examples: + `organizations/1234/sources/5678/findings/123456/externalSystems/
|
3994
|
+
# jira` + `organizations/1234/sources/5678/locations/us/findings/123456/
|
3995
|
+
# externalSystems/jira` + `folders/1234/sources/5678/findings/123456/
|
3996
|
+
# externalSystems/jira` + `folders/1234/sources/5678/locations/us/findings/
|
3997
|
+
# 123456/externalSystems/jira` + `projects/1234/sources/5678/findings/123456/
|
3998
|
+
# externalSystems/jira` + `projects/1234/sources/5678/locations/us/findings/
|
3999
|
+
# 123456/externalSystems/jira`
|
4000
|
+
# Corresponds to the JSON property `name`
|
4001
|
+
# @return [String]
|
4002
|
+
attr_accessor :name
|
4003
|
+
|
4004
|
+
# The most recent status of the finding's corresponding case, as reported by the
|
4005
|
+
# external system.
|
4006
|
+
# Corresponds to the JSON property `status`
|
4007
|
+
# @return [String]
|
4008
|
+
attr_accessor :status
|
4009
|
+
|
4010
|
+
# Information about the ticket, if any, that is being used to track the
|
4011
|
+
# resolution of the issue that is identified by this finding.
|
4012
|
+
# Corresponds to the JSON property `ticketInfo`
|
4013
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2TicketInfo]
|
4014
|
+
attr_accessor :ticket_info
|
4015
|
+
|
4016
|
+
def initialize(**args)
|
4017
|
+
update!(**args)
|
4018
|
+
end
|
4019
|
+
|
4020
|
+
# Update properties of this object
|
4021
|
+
def update!(**args)
|
4022
|
+
@assignees = args[:assignees] if args.key?(:assignees)
|
4023
|
+
@case_priority = args[:case_priority] if args.key?(:case_priority)
|
4024
|
+
@case_sla = args[:case_sla] if args.key?(:case_sla)
|
4025
|
+
@case_uri = args[:case_uri] if args.key?(:case_uri)
|
4026
|
+
@external_system_update_time = args[:external_system_update_time] if args.key?(:external_system_update_time)
|
4027
|
+
@external_uid = args[:external_uid] if args.key?(:external_uid)
|
4028
|
+
@name = args[:name] if args.key?(:name)
|
4029
|
+
@status = args[:status] if args.key?(:status)
|
4030
|
+
@ticket_info = args[:ticket_info] if args.key?(:ticket_info)
|
4031
|
+
end
|
4032
|
+
end
|
4033
|
+
|
4034
|
+
# File information about the related binary/library used by an executable, or
|
4035
|
+
# the script used by a script interpreter
|
4036
|
+
class GoogleCloudSecuritycenterV2File
|
4037
|
+
include Google::Apis::Core::Hashable
|
4038
|
+
|
4039
|
+
# Prefix of the file contents as a JSON-encoded string.
|
4040
|
+
# Corresponds to the JSON property `contents`
|
4041
|
+
# @return [String]
|
4042
|
+
attr_accessor :contents
|
4043
|
+
|
4044
|
+
# Path of the file in terms of underlying disk/partition identifiers.
|
4045
|
+
# Corresponds to the JSON property `diskPath`
|
4046
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DiskPath]
|
4047
|
+
attr_accessor :disk_path
|
4048
|
+
|
4049
|
+
# The length in bytes of the file prefix that was hashed. If hashed_size == size,
|
4050
|
+
# any hashes reported represent the entire file.
|
4051
|
+
# Corresponds to the JSON property `hashedSize`
|
4052
|
+
# @return [Fixnum]
|
4053
|
+
attr_accessor :hashed_size
|
4054
|
+
|
4055
|
+
# True when the hash covers only a prefix of the file.
|
4056
|
+
# Corresponds to the JSON property `partiallyHashed`
|
4057
|
+
# @return [Boolean]
|
4058
|
+
attr_accessor :partially_hashed
|
4059
|
+
alias_method :partially_hashed?, :partially_hashed
|
4060
|
+
|
4061
|
+
# Absolute path of the file as a JSON encoded string.
|
4062
|
+
# Corresponds to the JSON property `path`
|
4063
|
+
# @return [String]
|
4064
|
+
attr_accessor :path
|
4065
|
+
|
4066
|
+
# SHA256 hash of the first hashed_size bytes of the file encoded as a hex string.
|
4067
|
+
# If hashed_size == size, sha256 represents the SHA256 hash of the entire file.
|
4068
|
+
# Corresponds to the JSON property `sha256`
|
4069
|
+
# @return [String]
|
4070
|
+
attr_accessor :sha256
|
4071
|
+
|
4072
|
+
# Size of the file in bytes.
|
4073
|
+
# Corresponds to the JSON property `size`
|
4074
|
+
# @return [Fixnum]
|
4075
|
+
attr_accessor :size
|
4076
|
+
|
4077
|
+
def initialize(**args)
|
4078
|
+
update!(**args)
|
4079
|
+
end
|
4080
|
+
|
4081
|
+
# Update properties of this object
|
4082
|
+
def update!(**args)
|
4083
|
+
@contents = args[:contents] if args.key?(:contents)
|
4084
|
+
@disk_path = args[:disk_path] if args.key?(:disk_path)
|
4085
|
+
@hashed_size = args[:hashed_size] if args.key?(:hashed_size)
|
4086
|
+
@partially_hashed = args[:partially_hashed] if args.key?(:partially_hashed)
|
4087
|
+
@path = args[:path] if args.key?(:path)
|
4088
|
+
@sha256 = args[:sha256] if args.key?(:sha256)
|
4089
|
+
@size = args[:size] if args.key?(:size)
|
4090
|
+
end
|
4091
|
+
end
|
4092
|
+
|
4093
|
+
# Security Command Center finding. A finding is a record of assessment data like
|
4094
|
+
# security, risk, health, or privacy, that is ingested into Security Command
|
4095
|
+
# Center for presentation, notification, analysis, policy testing, and
|
4096
|
+
# enforcement. For example, a cross-site scripting (XSS) vulnerability in an App
|
4097
|
+
# Engine application is a finding.
|
4098
|
+
class GoogleCloudSecuritycenterV2Finding
|
4099
|
+
include Google::Apis::Core::Hashable
|
4100
|
+
|
4101
|
+
# Represents an access event.
|
4102
|
+
# Corresponds to the JSON property `access`
|
4103
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Access]
|
4104
|
+
attr_accessor :access
|
4105
|
+
|
4106
|
+
# Represents an application associated with a finding.
|
4107
|
+
# Corresponds to the JSON property `application`
|
4108
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Application]
|
4109
|
+
attr_accessor :application
|
4110
|
+
|
4111
|
+
# An attack exposure contains the results of an attack path simulation run.
|
4112
|
+
# Corresponds to the JSON property `attackExposure`
|
4113
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AttackExposure]
|
4114
|
+
attr_accessor :attack_exposure
|
4115
|
+
|
4116
|
+
# Information related to Google Cloud Backup and DR Service findings.
|
4117
|
+
# Corresponds to the JSON property `backupDisasterRecovery`
|
4118
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2BackupDisasterRecovery]
|
4119
|
+
attr_accessor :backup_disaster_recovery
|
4120
|
+
|
4121
|
+
# Output only. The canonical name of the finding. The following list shows some
|
4122
|
+
# examples: + `organizations/`organization_id`/sources/`source_id`/findings/`
|
4123
|
+
# finding_id`` + `organizations/`organization_id`/sources/`source_id`/locations/`
|
4124
|
+
# location_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/
|
4125
|
+
# findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/locations/`
|
4126
|
+
# location_id`/findings/`finding_id`` + `projects/`project_id`/sources/`
|
4127
|
+
# source_id`/findings/`finding_id`` + `projects/`project_id`/sources/`source_id`/
|
4128
|
+
# locations/`location_id`/findings/`finding_id`` The prefix is the closest CRM
|
4129
|
+
# ancestor of the resource associated with the finding.
|
4130
|
+
# Corresponds to the JSON property `canonicalName`
|
4131
|
+
# @return [String]
|
4132
|
+
attr_accessor :canonical_name
|
4133
|
+
|
4134
|
+
# Immutable. The additional taxonomy group within findings from a given source.
|
4135
|
+
# Example: "XSS_FLASH_INJECTION"
|
4136
|
+
# Corresponds to the JSON property `category`
|
4137
|
+
# @return [String]
|
4138
|
+
attr_accessor :category
|
4139
|
+
|
4140
|
+
# The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated
|
4141
|
+
# with the finding.
|
4142
|
+
# Corresponds to the JSON property `cloudDlpDataProfile`
|
4143
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudDlpDataProfile]
|
4144
|
+
attr_accessor :cloud_dlp_data_profile
|
4145
|
+
|
4146
|
+
# Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection job](
|
4147
|
+
# https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the
|
4148
|
+
# finding.
|
4149
|
+
# Corresponds to the JSON property `cloudDlpInspection`
|
4150
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudDlpInspection]
|
4151
|
+
attr_accessor :cloud_dlp_inspection
|
4152
|
+
|
4153
|
+
# Contains compliance information for security standards associated to the
|
4154
|
+
# finding.
|
4155
|
+
# Corresponds to the JSON property `compliances`
|
4156
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Compliance>]
|
4157
|
+
attr_accessor :compliances
|
4158
|
+
|
4159
|
+
# Contains information about the IP connection associated with the finding.
|
4160
|
+
# Corresponds to the JSON property `connections`
|
4161
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Connection>]
|
4162
|
+
attr_accessor :connections
|
4163
|
+
|
4164
|
+
# Output only. Map containing the points of contact for the given finding. The
|
4165
|
+
# key represents the type of contact, while the value contains a list of all the
|
4166
|
+
# contacts that pertain. Please refer to: https://cloud.google.com/resource-
|
4167
|
+
# manager/docs/managing-notification-contacts#notification-categories ` "
|
4168
|
+
# security": ` "contacts": [ ` "email": "person1@company.com" `, ` "email": "
|
4169
|
+
# person2@company.com" ` ] ` `
|
4170
|
+
# Corresponds to the JSON property `contacts`
|
4171
|
+
# @return [Hash<String,Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ContactDetails>]
|
4172
|
+
attr_accessor :contacts
|
4173
|
+
|
4174
|
+
# Containers associated with the finding. This field provides information for
|
4175
|
+
# both Kubernetes and non-Kubernetes containers.
|
4176
|
+
# Corresponds to the JSON property `containers`
|
4177
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
|
4178
|
+
attr_accessor :containers
|
4179
|
+
|
4180
|
+
# Output only. The time at which the finding was created in Security Command
|
4181
|
+
# Center.
|
4182
|
+
# Corresponds to the JSON property `createTime`
|
4183
|
+
# @return [String]
|
4184
|
+
attr_accessor :create_time
|
4185
|
+
|
4186
|
+
# Represents database access information, such as queries. A database may be a
|
4187
|
+
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
4188
|
+
# Spanner instances), or the database instance itself. Some database resources
|
4189
|
+
# might not have the [full resource name](https://google.aip.dev/122#full-
|
4190
|
+
# resource-names) populated because these resource types, such as Cloud SQL
|
4191
|
+
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
4192
|
+
# the display name is provided.
|
4193
|
+
# Corresponds to the JSON property `database`
|
4194
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Database]
|
4195
|
+
attr_accessor :database
|
4196
|
+
|
4197
|
+
# Contains more details about the finding.
|
4198
|
+
# Corresponds to the JSON property `description`
|
4199
|
+
# @return [String]
|
4200
|
+
attr_accessor :description
|
4201
|
+
|
4202
|
+
# The time the finding was first detected. If an existing finding is updated,
|
4203
|
+
# then this is the time the update occurred. For example, if the finding
|
4204
|
+
# represents an open firewall, this property captures the time the detector
|
4205
|
+
# believes the firewall became open. The accuracy is determined by the detector.
|
4206
|
+
# If the finding is later resolved, then this time reflects when the finding was
|
4207
|
+
# resolved. This must not be set to a value greater than the current timestamp.
|
4208
|
+
# Corresponds to the JSON property `eventTime`
|
4209
|
+
# @return [String]
|
4210
|
+
attr_accessor :event_time
|
4211
|
+
|
4212
|
+
# Exfiltration represents a data exfiltration attempt from one or more sources
|
4213
|
+
# to one or more targets. The `sources` attribute lists the sources of the
|
4214
|
+
# exfiltrated data. The `targets` attribute lists the destinations the data was
|
4215
|
+
# copied to.
|
4216
|
+
# Corresponds to the JSON property `exfiltration`
|
4217
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Exfiltration]
|
4218
|
+
attr_accessor :exfiltration
|
4219
|
+
|
4220
|
+
# Output only. Third party SIEM/SOAR fields within SCC, contains external system
|
4221
|
+
# information and external system finding fields.
|
4222
|
+
# Corresponds to the JSON property `externalSystems`
|
4223
|
+
# @return [Hash<String,Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExternalSystem>]
|
4224
|
+
attr_accessor :external_systems
|
4225
|
+
|
4226
|
+
# The URI that, if available, points to a web page outside of Security Command
|
4227
|
+
# Center where additional information about the finding can be found. This field
|
4228
|
+
# is guaranteed to be either empty or a well formed URL.
|
4229
|
+
# Corresponds to the JSON property `externalUri`
|
4230
|
+
# @return [String]
|
4231
|
+
attr_accessor :external_uri
|
4232
|
+
|
4233
|
+
# File associated with the finding.
|
4234
|
+
# Corresponds to the JSON property `files`
|
4235
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File>]
|
4236
|
+
attr_accessor :files
|
4237
|
+
|
4238
|
+
# The class of the finding.
|
4239
|
+
# Corresponds to the JSON property `findingClass`
|
4240
|
+
# @return [String]
|
4241
|
+
attr_accessor :finding_class
|
4242
|
+
|
4243
|
+
# Represents IAM bindings associated with the finding.
|
4244
|
+
# Corresponds to the JSON property `iamBindings`
|
4245
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IamBinding>]
|
4246
|
+
attr_accessor :iam_bindings
|
4247
|
+
|
4248
|
+
# Represents what's commonly known as an _indicator of compromise_ (IoC) in
|
4249
|
+
# computer forensics. This is an artifact observed on a network or in an
|
4250
|
+
# operating system that, with high confidence, indicates a computer intrusion.
|
4251
|
+
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
4252
|
+
# wiki/Indicator_of_compromise).
|
4253
|
+
# Corresponds to the JSON property `indicator`
|
4254
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Indicator]
|
4255
|
+
attr_accessor :indicator
|
4256
|
+
|
4257
|
+
# Kernel mode rootkit signatures.
|
4258
|
+
# Corresponds to the JSON property `kernelRootkit`
|
4259
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2KernelRootkit]
|
4260
|
+
attr_accessor :kernel_rootkit
|
4261
|
+
|
4262
|
+
# Kubernetes-related attributes.
|
4263
|
+
# Corresponds to the JSON property `kubernetes`
|
4264
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Kubernetes]
|
4265
|
+
attr_accessor :kubernetes
|
4266
|
+
|
4267
|
+
# The load balancers associated with the finding.
|
4268
|
+
# Corresponds to the JSON property `loadBalancers`
|
4269
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2LoadBalancer>]
|
4270
|
+
attr_accessor :load_balancers
|
4271
|
+
|
4272
|
+
# Log entries that are relevant to the finding.
|
4273
|
+
# Corresponds to the JSON property `logEntries`
|
4274
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2LogEntry>]
|
4275
|
+
attr_accessor :log_entries
|
4276
|
+
|
4277
|
+
# MITRE ATT&CK tactics and techniques related to this finding. See: https://
|
4278
|
+
# attack.mitre.org
|
4279
|
+
# Corresponds to the JSON property `mitreAttack`
|
4280
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MitreAttack]
|
4281
|
+
attr_accessor :mitre_attack
|
4282
|
+
|
4283
|
+
# Unique identifier of the module which generated the finding. Example: folders/
|
4284
|
+
# 598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
|
4285
|
+
# Corresponds to the JSON property `moduleName`
|
4286
|
+
# @return [String]
|
4287
|
+
attr_accessor :module_name
|
4288
|
+
|
4289
|
+
# Indicates the mute state of a finding (either muted, unmuted or undefined).
|
4290
|
+
# Unlike other attributes of a finding, a finding provider shouldn't set the
|
4291
|
+
# value of mute.
|
4292
|
+
# Corresponds to the JSON property `mute`
|
4293
|
+
# @return [String]
|
4294
|
+
attr_accessor :mute
|
4295
|
+
|
4296
|
+
# Records additional information about the mute operation, for example, the [
|
4297
|
+
# mute configuration](https://cloud.google.com/security-command-center/docs/how-
|
4298
|
+
# to-mute-findings) that muted the finding and the user who muted the finding.
|
4299
|
+
# Corresponds to the JSON property `muteInitiator`
|
4300
|
+
# @return [String]
|
4301
|
+
attr_accessor :mute_initiator
|
4302
|
+
|
4303
|
+
# Output only. The most recent time this finding was muted or unmuted.
|
4304
|
+
# Corresponds to the JSON property `muteUpdateTime`
|
4305
|
+
# @return [String]
|
4306
|
+
attr_accessor :mute_update_time
|
4307
|
+
|
4308
|
+
# The [relative resource name](https://cloud.google.com/apis/design/
|
4309
|
+
# resource_names#relative_resource_name) of the finding. The following list
|
4310
|
+
# shows some examples: + `organizations/`organization_id`/sources/`source_id`/
|
4311
|
+
# findings/`finding_id`` + `organizations/`organization_id`/sources/`source_id`/
|
4312
|
+
# locations/`location_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`
|
4313
|
+
# source_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/
|
4314
|
+
# locations/`location_id`/findings/`finding_id`` + `projects/`project_id`/
|
4315
|
+
# sources/`source_id`/findings/`finding_id`` + `projects/`project_id`/sources/`
|
4316
|
+
# source_id`/locations/`location_id`/findings/`finding_id``
|
4317
|
+
# Corresponds to the JSON property `name`
|
4318
|
+
# @return [String]
|
4319
|
+
attr_accessor :name
|
4320
|
+
|
4321
|
+
# Steps to address the finding.
|
4322
|
+
# Corresponds to the JSON property `nextSteps`
|
4323
|
+
# @return [String]
|
4324
|
+
attr_accessor :next_steps
|
4325
|
+
|
4326
|
+
# Contains information about the org policies associated with the finding.
|
4327
|
+
# Corresponds to the JSON property `orgPolicies`
|
4328
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2OrgPolicy>]
|
4329
|
+
attr_accessor :org_policies
|
4330
|
+
|
4331
|
+
# The relative resource name of the source and location the finding belongs to.
|
4332
|
+
# See: https://cloud.google.com/apis/design/resource_names#
|
4333
|
+
# relative_resource_name This field is immutable after creation time. The
|
4334
|
+
# following list shows some examples: + `organizations/`organization_id`/sources/
|
4335
|
+
# `source_id`` + `folders/`folders_id`/sources/`source_id`` + `projects/`
|
4336
|
+
# projects_id`/sources/`source_id`` + `organizations/`organization_id`/sources/`
|
4337
|
+
# source_id`/locations/`location_id`` + `folders/`folders_id`/sources/`source_id`
|
4338
|
+
# /locations/`location_id`` + `projects/`projects_id`/sources/`source_id`/
|
4339
|
+
# locations/`location_id``
|
4340
|
+
# Corresponds to the JSON property `parent`
|
4341
|
+
# @return [String]
|
4342
|
+
attr_accessor :parent
|
4343
|
+
|
4344
|
+
# Output only. The human readable display name of the finding source such as "
|
4345
|
+
# Event Threat Detection" or "Security Health Analytics".
|
4346
|
+
# Corresponds to the JSON property `parentDisplayName`
|
4347
|
+
# @return [String]
|
4348
|
+
attr_accessor :parent_display_name
|
4349
|
+
|
4350
|
+
# Represents operating system processes associated with the Finding.
|
4351
|
+
# Corresponds to the JSON property `processes`
|
4352
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Process>]
|
4353
|
+
attr_accessor :processes
|
4354
|
+
|
4355
|
+
# Immutable. For findings on Google Cloud resources, the full resource name of
|
4356
|
+
# the Google Cloud resource this finding is for. See: https://cloud.google.com/
|
4357
|
+
# apis/design/resource_names#full_resource_name When the finding is for a non-
|
4358
|
+
# Google Cloud resource, the resourceName can be a customer or partner defined
|
4359
|
+
# string.
|
4360
|
+
# Corresponds to the JSON property `resourceName`
|
4361
|
+
# @return [String]
|
4362
|
+
attr_accessor :resource_name
|
4363
|
+
|
4364
|
+
# User specified security marks that are attached to the parent Security Command
|
4365
|
+
# Center resource. Security marks are scoped within a Security Command Center
|
4366
|
+
# organization -- they can be modified and viewed by all users who have proper
|
4367
|
+
# permissions on the organization.
|
4368
|
+
# Corresponds to the JSON property `securityMarks`
|
4369
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityMarks]
|
4370
|
+
attr_accessor :security_marks
|
4371
|
+
|
4372
|
+
# Represents a posture that is deployed on Google Cloud by the Security Command
|
4373
|
+
# Center Posture Management service. A posture contains one or more policy sets.
|
4374
|
+
# A policy set is a group of policies that enforce a set of security rules on
|
4375
|
+
# Google Cloud.
|
4376
|
+
# Corresponds to the JSON property `securityPosture`
|
4377
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityPosture]
|
4378
|
+
attr_accessor :security_posture
|
4379
|
+
|
4380
|
+
# The severity of the finding. This field is managed by the source that writes
|
4381
|
+
# the finding.
|
4382
|
+
# Corresponds to the JSON property `severity`
|
4383
|
+
# @return [String]
|
4384
|
+
attr_accessor :severity
|
4385
|
+
|
4386
|
+
# Source specific properties. These properties are managed by the source that
|
4387
|
+
# writes the finding. The key names in the source_properties map must be between
|
4388
|
+
# 1 and 255 characters, and must start with a letter and contain alphanumeric
|
4389
|
+
# characters or underscores only.
|
4390
|
+
# Corresponds to the JSON property `sourceProperties`
|
4391
|
+
# @return [Hash<String,Object>]
|
4392
|
+
attr_accessor :source_properties
|
4393
|
+
|
4394
|
+
# Output only. The state of the finding.
|
4395
|
+
# Corresponds to the JSON property `state`
|
4396
|
+
# @return [String]
|
4397
|
+
attr_accessor :state
|
4398
|
+
|
4399
|
+
# Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
|
4400
|
+
# Corresponds to the JSON property `vulnerability`
|
4401
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Vulnerability]
|
4402
|
+
attr_accessor :vulnerability
|
4403
|
+
|
4404
|
+
def initialize(**args)
|
4405
|
+
update!(**args)
|
4406
|
+
end
|
4407
|
+
|
4408
|
+
# Update properties of this object
|
4409
|
+
def update!(**args)
|
4410
|
+
@access = args[:access] if args.key?(:access)
|
4411
|
+
@application = args[:application] if args.key?(:application)
|
4412
|
+
@attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
|
4413
|
+
@backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
|
4414
|
+
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
4415
|
+
@category = args[:category] if args.key?(:category)
|
4416
|
+
@cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
|
4417
|
+
@cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
|
4418
|
+
@compliances = args[:compliances] if args.key?(:compliances)
|
4419
|
+
@connections = args[:connections] if args.key?(:connections)
|
4420
|
+
@contacts = args[:contacts] if args.key?(:contacts)
|
4421
|
+
@containers = args[:containers] if args.key?(:containers)
|
4422
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
4423
|
+
@database = args[:database] if args.key?(:database)
|
4424
|
+
@description = args[:description] if args.key?(:description)
|
4425
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
4426
|
+
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
4427
|
+
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
4428
|
+
@external_uri = args[:external_uri] if args.key?(:external_uri)
|
4429
|
+
@files = args[:files] if args.key?(:files)
|
4430
|
+
@finding_class = args[:finding_class] if args.key?(:finding_class)
|
4431
|
+
@iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
|
4432
|
+
@indicator = args[:indicator] if args.key?(:indicator)
|
4433
|
+
@kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
|
4434
|
+
@kubernetes = args[:kubernetes] if args.key?(:kubernetes)
|
4435
|
+
@load_balancers = args[:load_balancers] if args.key?(:load_balancers)
|
4436
|
+
@log_entries = args[:log_entries] if args.key?(:log_entries)
|
4437
|
+
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
4438
|
+
@module_name = args[:module_name] if args.key?(:module_name)
|
4439
|
+
@mute = args[:mute] if args.key?(:mute)
|
4440
|
+
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
4441
|
+
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
4442
|
+
@name = args[:name] if args.key?(:name)
|
4443
|
+
@next_steps = args[:next_steps] if args.key?(:next_steps)
|
4444
|
+
@org_policies = args[:org_policies] if args.key?(:org_policies)
|
4445
|
+
@parent = args[:parent] if args.key?(:parent)
|
4446
|
+
@parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
|
4447
|
+
@processes = args[:processes] if args.key?(:processes)
|
4448
|
+
@resource_name = args[:resource_name] if args.key?(:resource_name)
|
4449
|
+
@security_marks = args[:security_marks] if args.key?(:security_marks)
|
4450
|
+
@security_posture = args[:security_posture] if args.key?(:security_posture)
|
4451
|
+
@severity = args[:severity] if args.key?(:severity)
|
4452
|
+
@source_properties = args[:source_properties] if args.key?(:source_properties)
|
4453
|
+
@state = args[:state] if args.key?(:state)
|
4454
|
+
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
4455
|
+
end
|
4456
|
+
end
|
4457
|
+
|
4458
|
+
# Represents a geographical location for a given access.
|
4459
|
+
class GoogleCloudSecuritycenterV2Geolocation
|
4460
|
+
include Google::Apis::Core::Hashable
|
4461
|
+
|
4462
|
+
# A CLDR.
|
4463
|
+
# Corresponds to the JSON property `regionCode`
|
4464
|
+
# @return [String]
|
4465
|
+
attr_accessor :region_code
|
4466
|
+
|
4467
|
+
def initialize(**args)
|
4468
|
+
update!(**args)
|
4469
|
+
end
|
4470
|
+
|
4471
|
+
# Update properties of this object
|
4472
|
+
def update!(**args)
|
4473
|
+
@region_code = args[:region_code] if args.key?(:region_code)
|
4474
|
+
end
|
4475
|
+
end
|
4476
|
+
|
4477
|
+
# Represents a particular IAM binding, which captures a member's role addition,
|
4478
|
+
# removal, or state.
|
4479
|
+
class GoogleCloudSecuritycenterV2IamBinding
|
4480
|
+
include Google::Apis::Core::Hashable
|
4481
|
+
|
4482
|
+
# The action that was performed on a Binding.
|
4483
|
+
# Corresponds to the JSON property `action`
|
4484
|
+
# @return [String]
|
4485
|
+
attr_accessor :action
|
4486
|
+
|
4487
|
+
# A single identity requesting access for a Cloud Platform resource, for example,
|
4488
|
+
# "foo@google.com".
|
4489
|
+
# Corresponds to the JSON property `member`
|
4490
|
+
# @return [String]
|
4491
|
+
attr_accessor :member
|
4492
|
+
|
4493
|
+
# Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
|
4494
|
+
# , or "roles/owner".
|
4495
|
+
# Corresponds to the JSON property `role`
|
4496
|
+
# @return [String]
|
4497
|
+
attr_accessor :role
|
4498
|
+
|
4499
|
+
def initialize(**args)
|
4500
|
+
update!(**args)
|
4501
|
+
end
|
4502
|
+
|
4503
|
+
# Update properties of this object
|
4504
|
+
def update!(**args)
|
4505
|
+
@action = args[:action] if args.key?(:action)
|
4506
|
+
@member = args[:member] if args.key?(:member)
|
4507
|
+
@role = args[:role] if args.key?(:role)
|
4508
|
+
end
|
4509
|
+
end
|
4510
|
+
|
4511
|
+
# Represents what's commonly known as an _indicator of compromise_ (IoC) in
|
4512
|
+
# computer forensics. This is an artifact observed on a network or in an
|
4513
|
+
# operating system that, with high confidence, indicates a computer intrusion.
|
4514
|
+
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
4515
|
+
# wiki/Indicator_of_compromise).
|
4516
|
+
class GoogleCloudSecuritycenterV2Indicator
|
4517
|
+
include Google::Apis::Core::Hashable
|
4518
|
+
|
4519
|
+
# List of domains associated to the Finding.
|
4520
|
+
# Corresponds to the JSON property `domains`
|
4521
|
+
# @return [Array<String>]
|
4522
|
+
attr_accessor :domains
|
4523
|
+
|
4524
|
+
# The list of IP addresses that are associated with the finding.
|
4525
|
+
# Corresponds to the JSON property `ipAddresses`
|
4526
|
+
# @return [Array<String>]
|
4527
|
+
attr_accessor :ip_addresses
|
4528
|
+
|
4529
|
+
# The list of matched signatures indicating that the given process is present in
|
4530
|
+
# the environment.
|
4531
|
+
# Corresponds to the JSON property `signatures`
|
4532
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ProcessSignature>]
|
4533
|
+
attr_accessor :signatures
|
4534
|
+
|
4535
|
+
# The list of URIs associated to the Findings.
|
4536
|
+
# Corresponds to the JSON property `uris`
|
4537
|
+
# @return [Array<String>]
|
4538
|
+
attr_accessor :uris
|
4539
|
+
|
4540
|
+
def initialize(**args)
|
4541
|
+
update!(**args)
|
4542
|
+
end
|
4543
|
+
|
4544
|
+
# Update properties of this object
|
4545
|
+
def update!(**args)
|
4546
|
+
@domains = args[:domains] if args.key?(:domains)
|
4547
|
+
@ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
|
4548
|
+
@signatures = args[:signatures] if args.key?(:signatures)
|
4549
|
+
@uris = args[:uris] if args.key?(:uris)
|
4550
|
+
end
|
4551
|
+
end
|
4552
|
+
|
4553
|
+
# Kernel mode rootkit signatures.
|
4554
|
+
class GoogleCloudSecuritycenterV2KernelRootkit
|
4555
|
+
include Google::Apis::Core::Hashable
|
4556
|
+
|
4557
|
+
# Rootkit name, when available.
|
4558
|
+
# Corresponds to the JSON property `name`
|
4559
|
+
# @return [String]
|
4560
|
+
attr_accessor :name
|
4561
|
+
|
4562
|
+
# True if unexpected modifications of kernel code memory are present.
|
4563
|
+
# Corresponds to the JSON property `unexpectedCodeModification`
|
4564
|
+
# @return [Boolean]
|
4565
|
+
attr_accessor :unexpected_code_modification
|
4566
|
+
alias_method :unexpected_code_modification?, :unexpected_code_modification
|
4567
|
+
|
4568
|
+
# True if `ftrace` points are present with callbacks pointing to regions that
|
4569
|
+
# are not in the expected kernel or module code range.
|
4570
|
+
# Corresponds to the JSON property `unexpectedFtraceHandler`
|
4571
|
+
# @return [Boolean]
|
4572
|
+
attr_accessor :unexpected_ftrace_handler
|
4573
|
+
alias_method :unexpected_ftrace_handler?, :unexpected_ftrace_handler
|
4574
|
+
|
4575
|
+
# True if interrupt handlers that are are not in the expected kernel or module
|
4576
|
+
# code regions are present.
|
4577
|
+
# Corresponds to the JSON property `unexpectedInterruptHandler`
|
4578
|
+
# @return [Boolean]
|
4579
|
+
attr_accessor :unexpected_interrupt_handler
|
4580
|
+
alias_method :unexpected_interrupt_handler?, :unexpected_interrupt_handler
|
4581
|
+
|
4582
|
+
# True if kernel code pages that are not in the expected kernel or module code
|
4583
|
+
# regions are present.
|
4584
|
+
# Corresponds to the JSON property `unexpectedKernelCodePages`
|
4585
|
+
# @return [Boolean]
|
4586
|
+
attr_accessor :unexpected_kernel_code_pages
|
4587
|
+
alias_method :unexpected_kernel_code_pages?, :unexpected_kernel_code_pages
|
4588
|
+
|
4589
|
+
# True if `kprobe` points are present with callbacks pointing to regions that
|
4590
|
+
# are not in the expected kernel or module code range.
|
4591
|
+
# Corresponds to the JSON property `unexpectedKprobeHandler`
|
4592
|
+
# @return [Boolean]
|
4593
|
+
attr_accessor :unexpected_kprobe_handler
|
4594
|
+
alias_method :unexpected_kprobe_handler?, :unexpected_kprobe_handler
|
4595
|
+
|
4596
|
+
# True if unexpected processes in the scheduler run queue are present. Such
|
4597
|
+
# processes are in the run queue, but not in the process task list.
|
4598
|
+
# Corresponds to the JSON property `unexpectedProcessesInRunqueue`
|
4599
|
+
# @return [Boolean]
|
4600
|
+
attr_accessor :unexpected_processes_in_runqueue
|
4601
|
+
alias_method :unexpected_processes_in_runqueue?, :unexpected_processes_in_runqueue
|
4602
|
+
|
4603
|
+
# True if unexpected modifications of kernel read-only data memory are present.
|
4604
|
+
# Corresponds to the JSON property `unexpectedReadOnlyDataModification`
|
4605
|
+
# @return [Boolean]
|
4606
|
+
attr_accessor :unexpected_read_only_data_modification
|
4607
|
+
alias_method :unexpected_read_only_data_modification?, :unexpected_read_only_data_modification
|
4608
|
+
|
4609
|
+
# True if system call handlers that are are not in the expected kernel or module
|
4610
|
+
# code regions are present.
|
4611
|
+
# Corresponds to the JSON property `unexpectedSystemCallHandler`
|
4612
|
+
# @return [Boolean]
|
4613
|
+
attr_accessor :unexpected_system_call_handler
|
4614
|
+
alias_method :unexpected_system_call_handler?, :unexpected_system_call_handler
|
4615
|
+
|
4616
|
+
def initialize(**args)
|
4617
|
+
update!(**args)
|
4618
|
+
end
|
4619
|
+
|
4620
|
+
# Update properties of this object
|
4621
|
+
def update!(**args)
|
4622
|
+
@name = args[:name] if args.key?(:name)
|
4623
|
+
@unexpected_code_modification = args[:unexpected_code_modification] if args.key?(:unexpected_code_modification)
|
4624
|
+
@unexpected_ftrace_handler = args[:unexpected_ftrace_handler] if args.key?(:unexpected_ftrace_handler)
|
4625
|
+
@unexpected_interrupt_handler = args[:unexpected_interrupt_handler] if args.key?(:unexpected_interrupt_handler)
|
4626
|
+
@unexpected_kernel_code_pages = args[:unexpected_kernel_code_pages] if args.key?(:unexpected_kernel_code_pages)
|
4627
|
+
@unexpected_kprobe_handler = args[:unexpected_kprobe_handler] if args.key?(:unexpected_kprobe_handler)
|
4628
|
+
@unexpected_processes_in_runqueue = args[:unexpected_processes_in_runqueue] if args.key?(:unexpected_processes_in_runqueue)
|
4629
|
+
@unexpected_read_only_data_modification = args[:unexpected_read_only_data_modification] if args.key?(:unexpected_read_only_data_modification)
|
4630
|
+
@unexpected_system_call_handler = args[:unexpected_system_call_handler] if args.key?(:unexpected_system_call_handler)
|
4631
|
+
end
|
4632
|
+
end
|
4633
|
+
|
4634
|
+
# Kubernetes-related attributes.
|
4635
|
+
class GoogleCloudSecuritycenterV2Kubernetes
|
4636
|
+
include Google::Apis::Core::Hashable
|
4637
|
+
|
4638
|
+
# Provides information on any Kubernetes access reviews (privilege checks)
|
4639
|
+
# relevant to the finding.
|
4640
|
+
# Corresponds to the JSON property `accessReviews`
|
4641
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AccessReview>]
|
4642
|
+
attr_accessor :access_reviews
|
4643
|
+
|
4644
|
+
# Provides Kubernetes role binding information for findings that involve [
|
4645
|
+
# RoleBindings or ClusterRoleBindings](https://cloud.google.com/kubernetes-
|
4646
|
+
# engine/docs/how-to/role-based-access-control).
|
4647
|
+
# Corresponds to the JSON property `bindings`
|
4648
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Binding>]
|
4649
|
+
attr_accessor :bindings
|
4650
|
+
|
4651
|
+
# GKE [node pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-
|
4652
|
+
# pools) associated with the finding. This field contains node pool information
|
4653
|
+
# for each node, when it is available.
|
4654
|
+
# Corresponds to the JSON property `nodePools`
|
4655
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2NodePool>]
|
4656
|
+
attr_accessor :node_pools
|
4657
|
+
|
4658
|
+
# Provides Kubernetes [node](https://cloud.google.com/kubernetes-engine/docs/
|
4659
|
+
# concepts/cluster-architecture#nodes) information.
|
4660
|
+
# Corresponds to the JSON property `nodes`
|
4661
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Node>]
|
4662
|
+
attr_accessor :nodes
|
4663
|
+
|
4664
|
+
# Kubernetes objects related to the finding.
|
4665
|
+
# Corresponds to the JSON property `objects`
|
4666
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Object>]
|
4667
|
+
attr_accessor :objects
|
4668
|
+
|
4669
|
+
# Kubernetes [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
|
4670
|
+
# associated with the finding. This field contains Pod records for each
|
4671
|
+
# container that is owned by a Pod.
|
4672
|
+
# Corresponds to the JSON property `pods`
|
4673
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Pod>]
|
4674
|
+
attr_accessor :pods
|
4675
|
+
|
4676
|
+
# Provides Kubernetes role information for findings that involve [Roles or
|
4677
|
+
# ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-
|
4678
|
+
# based-access-control).
|
4679
|
+
# Corresponds to the JSON property `roles`
|
4680
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Role>]
|
4681
|
+
attr_accessor :roles
|
4682
|
+
|
4683
|
+
def initialize(**args)
|
4684
|
+
update!(**args)
|
4685
|
+
end
|
4686
|
+
|
4687
|
+
# Update properties of this object
|
4688
|
+
def update!(**args)
|
4689
|
+
@access_reviews = args[:access_reviews] if args.key?(:access_reviews)
|
4690
|
+
@bindings = args[:bindings] if args.key?(:bindings)
|
4691
|
+
@node_pools = args[:node_pools] if args.key?(:node_pools)
|
4692
|
+
@nodes = args[:nodes] if args.key?(:nodes)
|
4693
|
+
@objects = args[:objects] if args.key?(:objects)
|
4694
|
+
@pods = args[:pods] if args.key?(:pods)
|
4695
|
+
@roles = args[:roles] if args.key?(:roles)
|
4696
|
+
end
|
4697
|
+
end
|
4698
|
+
|
4699
|
+
# Represents a generic name-value label. A label has separate name and value
|
4700
|
+
# fields to support filtering with the `contains()` function. For more
|
4701
|
+
# information, see [Filtering on array-type fields](https://cloud.google.com/
|
4702
|
+
# security-command-center/docs/how-to-api-list-findings#array-contains-filtering)
|
4703
|
+
# .
|
4704
|
+
class GoogleCloudSecuritycenterV2Label
|
4705
|
+
include Google::Apis::Core::Hashable
|
4706
|
+
|
4707
|
+
# Name of the label.
|
4708
|
+
# Corresponds to the JSON property `name`
|
4709
|
+
# @return [String]
|
4710
|
+
attr_accessor :name
|
4711
|
+
|
4712
|
+
# Value that corresponds to the label's name.
|
4713
|
+
# Corresponds to the JSON property `value`
|
4714
|
+
# @return [String]
|
4715
|
+
attr_accessor :value
|
4716
|
+
|
4717
|
+
def initialize(**args)
|
4718
|
+
update!(**args)
|
4719
|
+
end
|
4720
|
+
|
4721
|
+
# Update properties of this object
|
4722
|
+
def update!(**args)
|
4723
|
+
@name = args[:name] if args.key?(:name)
|
4724
|
+
@value = args[:value] if args.key?(:value)
|
4725
|
+
end
|
4726
|
+
end
|
4727
|
+
|
4728
|
+
# Contains information related to the load balancer associated with the finding.
|
4729
|
+
class GoogleCloudSecuritycenterV2LoadBalancer
|
4730
|
+
include Google::Apis::Core::Hashable
|
4731
|
+
|
4732
|
+
# The name of the load balancer associated with the finding.
|
4733
|
+
# Corresponds to the JSON property `name`
|
4734
|
+
# @return [String]
|
4735
|
+
attr_accessor :name
|
4736
|
+
|
4737
|
+
def initialize(**args)
|
4738
|
+
update!(**args)
|
4739
|
+
end
|
4740
|
+
|
4741
|
+
# Update properties of this object
|
4742
|
+
def update!(**args)
|
4743
|
+
@name = args[:name] if args.key?(:name)
|
4744
|
+
end
|
4745
|
+
end
|
4746
|
+
|
4747
|
+
# An individual entry in a log.
|
4748
|
+
class GoogleCloudSecuritycenterV2LogEntry
|
4749
|
+
include Google::Apis::Core::Hashable
|
4750
|
+
|
4751
|
+
# Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
|
4752
|
+
# logging/docs/reference/v2/rest/v2/LogEntry)
|
4753
|
+
# Corresponds to the JSON property `cloudLoggingEntry`
|
4754
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudLoggingEntry]
|
4755
|
+
attr_accessor :cloud_logging_entry
|
4756
|
+
|
4757
|
+
def initialize(**args)
|
4758
|
+
update!(**args)
|
4759
|
+
end
|
4760
|
+
|
4761
|
+
# Update properties of this object
|
4762
|
+
def update!(**args)
|
4763
|
+
@cloud_logging_entry = args[:cloud_logging_entry] if args.key?(:cloud_logging_entry)
|
4764
|
+
end
|
4765
|
+
end
|
4766
|
+
|
4767
|
+
# A signature corresponding to memory page hashes.
|
4768
|
+
class GoogleCloudSecuritycenterV2MemoryHashSignature
|
4769
|
+
include Google::Apis::Core::Hashable
|
4770
|
+
|
4771
|
+
# The binary family.
|
4772
|
+
# Corresponds to the JSON property `binaryFamily`
|
4773
|
+
# @return [String]
|
4774
|
+
attr_accessor :binary_family
|
4775
|
+
|
4776
|
+
# The list of memory hash detections contributing to the binary family match.
|
4777
|
+
# Corresponds to the JSON property `detections`
|
4778
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Detection>]
|
4779
|
+
attr_accessor :detections
|
4780
|
+
|
4781
|
+
def initialize(**args)
|
4782
|
+
update!(**args)
|
4783
|
+
end
|
4784
|
+
|
4785
|
+
# Update properties of this object
|
4786
|
+
def update!(**args)
|
4787
|
+
@binary_family = args[:binary_family] if args.key?(:binary_family)
|
4788
|
+
@detections = args[:detections] if args.key?(:detections)
|
4789
|
+
end
|
4790
|
+
end
|
4791
|
+
|
4792
|
+
# MITRE ATT&CK tactics and techniques related to this finding. See: https://
|
4793
|
+
# attack.mitre.org
|
4794
|
+
class GoogleCloudSecuritycenterV2MitreAttack
|
4795
|
+
include Google::Apis::Core::Hashable
|
4796
|
+
|
4797
|
+
# Additional MITRE ATT&CK tactics related to this finding, if any.
|
4798
|
+
# Corresponds to the JSON property `additionalTactics`
|
4799
|
+
# @return [Array<String>]
|
4800
|
+
attr_accessor :additional_tactics
|
4801
|
+
|
4802
|
+
# Additional MITRE ATT&CK techniques related to this finding, if any, along with
|
4803
|
+
# any of their respective parent techniques.
|
4804
|
+
# Corresponds to the JSON property `additionalTechniques`
|
4805
|
+
# @return [Array<String>]
|
4806
|
+
attr_accessor :additional_techniques
|
4807
|
+
|
4808
|
+
# The MITRE ATT&CK tactic most closely represented by this finding, if any.
|
4809
|
+
# Corresponds to the JSON property `primaryTactic`
|
4810
|
+
# @return [String]
|
4811
|
+
attr_accessor :primary_tactic
|
4812
|
+
|
4813
|
+
# The MITRE ATT&CK technique most closely represented by this finding, if any.
|
4814
|
+
# primary_techniques is a repeated field because there are multiple levels of
|
4815
|
+
# MITRE ATT&CK techniques. If the technique most closely represented by this
|
4816
|
+
# finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`), both the sub-technique
|
4817
|
+
# and its parent technique(s) will be listed (e.g. `SCANNING_IP_BLOCKS`, `
|
4818
|
+
# ACTIVE_SCANNING`).
|
4819
|
+
# Corresponds to the JSON property `primaryTechniques`
|
4820
|
+
# @return [Array<String>]
|
4821
|
+
attr_accessor :primary_techniques
|
4822
|
+
|
4823
|
+
# The MITRE ATT&CK version referenced by the above fields. E.g. "8".
|
4824
|
+
# Corresponds to the JSON property `version`
|
4825
|
+
# @return [String]
|
4826
|
+
attr_accessor :version
|
4827
|
+
|
4828
|
+
def initialize(**args)
|
4829
|
+
update!(**args)
|
4830
|
+
end
|
4831
|
+
|
4832
|
+
# Update properties of this object
|
4833
|
+
def update!(**args)
|
4834
|
+
@additional_tactics = args[:additional_tactics] if args.key?(:additional_tactics)
|
4835
|
+
@additional_techniques = args[:additional_techniques] if args.key?(:additional_techniques)
|
4836
|
+
@primary_tactic = args[:primary_tactic] if args.key?(:primary_tactic)
|
4837
|
+
@primary_techniques = args[:primary_techniques] if args.key?(:primary_techniques)
|
4838
|
+
@version = args[:version] if args.key?(:version)
|
4839
|
+
end
|
4840
|
+
end
|
4841
|
+
|
4842
|
+
# A mute config is a Cloud SCC resource that contains the configuration to mute
|
4843
|
+
# create/update events of findings.
|
4844
|
+
class GoogleCloudSecuritycenterV2MuteConfig
|
4845
|
+
include Google::Apis::Core::Hashable
|
4846
|
+
|
4847
|
+
# Output only. The time at which the mute config was created. This field is set
|
4848
|
+
# by the server and will be ignored if provided on config creation.
|
4849
|
+
# Corresponds to the JSON property `createTime`
|
4850
|
+
# @return [String]
|
4851
|
+
attr_accessor :create_time
|
4852
|
+
|
4853
|
+
# A description of the mute config.
|
4854
|
+
# Corresponds to the JSON property `description`
|
4855
|
+
# @return [String]
|
4856
|
+
attr_accessor :description
|
4857
|
+
|
4858
|
+
# Required. An expression that defines the filter to apply across create/update
|
4859
|
+
# events of findings. While creating a filter string, be mindful of the scope in
|
4860
|
+
# which the mute configuration is being created. E.g., If a filter contains
|
4861
|
+
# project = X but is created under the project = Y scope, it might not match any
|
4862
|
+
# findings. The following field and operator combinations are supported: *
|
4863
|
+
# severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.
|
4864
|
+
# project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.
|
4865
|
+
# folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.
|
4866
|
+
# parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `
|
4867
|
+
# :` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
|
4868
|
+
# Corresponds to the JSON property `filter`
|
4869
|
+
# @return [String]
|
4870
|
+
attr_accessor :filter
|
4871
|
+
|
4872
|
+
# Output only. Email address of the user who last edited the mute config. This
|
4873
|
+
# field is set by the server and will be ignored if provided on config creation
|
4874
|
+
# or update.
|
4875
|
+
# Corresponds to the JSON property `mostRecentEditor`
|
4876
|
+
# @return [String]
|
4877
|
+
attr_accessor :most_recent_editor
|
4878
|
+
|
4879
|
+
# This field will be ignored if provided on config creation. The following list
|
4880
|
+
# shows some examples of the format: + `organizations/`organization`/muteConfigs/
|
4881
|
+
# `mute_config`` + `organizations/`organization`locations/`location`//
|
4882
|
+
# muteConfigs/`mute_config`` + `folders/`folder`/muteConfigs/`mute_config`` + `
|
4883
|
+
# folders/`folder`/locations/`location`/muteConfigs/`mute_config`` + `projects/`
|
4884
|
+
# project`/muteConfigs/`mute_config`` + `projects/`project`/locations/`location`/
|
4885
|
+
# muteConfigs/`mute_config``
|
4886
|
+
# Corresponds to the JSON property `name`
|
4887
|
+
# @return [String]
|
4888
|
+
attr_accessor :name
|
4889
|
+
|
4890
|
+
# Required. The type of the mute config, which determines what type of mute
|
4891
|
+
# state the config affects. Immutable after creation.
|
4892
|
+
# Corresponds to the JSON property `type`
|
4893
|
+
# @return [String]
|
4894
|
+
attr_accessor :type
|
4895
|
+
|
4896
|
+
# Output only. The most recent time at which the mute config was updated. This
|
4897
|
+
# field is set by the server and will be ignored if provided on config creation
|
4898
|
+
# or update.
|
4899
|
+
# Corresponds to the JSON property `updateTime`
|
4900
|
+
# @return [String]
|
4901
|
+
attr_accessor :update_time
|
4902
|
+
|
4903
|
+
def initialize(**args)
|
4904
|
+
update!(**args)
|
4905
|
+
end
|
4906
|
+
|
4907
|
+
# Update properties of this object
|
4908
|
+
def update!(**args)
|
4909
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
4910
|
+
@description = args[:description] if args.key?(:description)
|
4911
|
+
@filter = args[:filter] if args.key?(:filter)
|
4912
|
+
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
4913
|
+
@name = args[:name] if args.key?(:name)
|
4914
|
+
@type = args[:type] if args.key?(:type)
|
4915
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
4916
|
+
end
|
4917
|
+
end
|
4918
|
+
|
4919
|
+
# Kubernetes nodes associated with the finding.
|
4920
|
+
class GoogleCloudSecuritycenterV2Node
|
4921
|
+
include Google::Apis::Core::Hashable
|
4922
|
+
|
4923
|
+
# [Full resource name](https://google.aip.dev/122#full-resource-names) of the
|
4924
|
+
# Compute Engine VM running the cluster node.
|
4925
|
+
# Corresponds to the JSON property `name`
|
4926
|
+
# @return [String]
|
4927
|
+
attr_accessor :name
|
4928
|
+
|
4929
|
+
def initialize(**args)
|
4930
|
+
update!(**args)
|
4931
|
+
end
|
4932
|
+
|
4933
|
+
# Update properties of this object
|
4934
|
+
def update!(**args)
|
4935
|
+
@name = args[:name] if args.key?(:name)
|
4936
|
+
end
|
4937
|
+
end
|
4938
|
+
|
4939
|
+
# Provides GKE node pool information.
|
4940
|
+
class GoogleCloudSecuritycenterV2NodePool
|
4941
|
+
include Google::Apis::Core::Hashable
|
4942
|
+
|
4943
|
+
# Kubernetes node pool name.
|
4944
|
+
# Corresponds to the JSON property `name`
|
4945
|
+
# @return [String]
|
4946
|
+
attr_accessor :name
|
4947
|
+
|
4948
|
+
# Nodes associated with the finding.
|
4949
|
+
# Corresponds to the JSON property `nodes`
|
4950
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Node>]
|
4951
|
+
attr_accessor :nodes
|
4952
|
+
|
4953
|
+
def initialize(**args)
|
4954
|
+
update!(**args)
|
4955
|
+
end
|
4956
|
+
|
4957
|
+
# Update properties of this object
|
4958
|
+
def update!(**args)
|
4959
|
+
@name = args[:name] if args.key?(:name)
|
4960
|
+
@nodes = args[:nodes] if args.key?(:nodes)
|
4961
|
+
end
|
4962
|
+
end
|
4963
|
+
|
4964
|
+
# Cloud SCC's Notification
|
4965
|
+
class GoogleCloudSecuritycenterV2NotificationMessage
|
4966
|
+
include Google::Apis::Core::Hashable
|
4967
|
+
|
4968
|
+
# Security Command Center finding. A finding is a record of assessment data like
|
4969
|
+
# security, risk, health, or privacy, that is ingested into Security Command
|
4970
|
+
# Center for presentation, notification, analysis, policy testing, and
|
4971
|
+
# enforcement. For example, a cross-site scripting (XSS) vulnerability in an App
|
4972
|
+
# Engine application is a finding.
|
4973
|
+
# Corresponds to the JSON property `finding`
|
4974
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Finding]
|
4975
|
+
attr_accessor :finding
|
4976
|
+
|
4977
|
+
# Name of the notification config that generated current notification.
|
4978
|
+
# Corresponds to the JSON property `notificationConfigName`
|
4979
|
+
# @return [String]
|
4980
|
+
attr_accessor :notification_config_name
|
4981
|
+
|
4982
|
+
# Information related to the Google Cloud resource.
|
4983
|
+
# Corresponds to the JSON property `resource`
|
4984
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Resource]
|
4985
|
+
attr_accessor :resource
|
4986
|
+
|
4987
|
+
def initialize(**args)
|
4988
|
+
update!(**args)
|
4989
|
+
end
|
4990
|
+
|
4991
|
+
# Update properties of this object
|
4992
|
+
def update!(**args)
|
4993
|
+
@finding = args[:finding] if args.key?(:finding)
|
4994
|
+
@notification_config_name = args[:notification_config_name] if args.key?(:notification_config_name)
|
4995
|
+
@resource = args[:resource] if args.key?(:resource)
|
4996
|
+
end
|
4997
|
+
end
|
4998
|
+
|
4999
|
+
# Kubernetes object related to the finding, uniquely identified by GKNN. Used if
|
5000
|
+
# the object Kind is not one of Pod, Node, NodePool, Binding, or AccessReview.
|
5001
|
+
class GoogleCloudSecuritycenterV2Object
|
5002
|
+
include Google::Apis::Core::Hashable
|
5003
|
+
|
5004
|
+
# Pod containers associated with this finding, if any.
|
5005
|
+
# Corresponds to the JSON property `containers`
|
5006
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
|
5007
|
+
attr_accessor :containers
|
5008
|
+
|
5009
|
+
# Kubernetes object group, such as "policy.k8s.io/v1".
|
5010
|
+
# Corresponds to the JSON property `group`
|
5011
|
+
# @return [String]
|
5012
|
+
attr_accessor :group
|
5013
|
+
|
5014
|
+
# Kubernetes object kind, such as "Namespace".
|
5015
|
+
# Corresponds to the JSON property `kind`
|
5016
|
+
# @return [String]
|
5017
|
+
attr_accessor :kind
|
5018
|
+
|
5019
|
+
# Kubernetes object name. For details see https://kubernetes.io/docs/concepts/
|
5020
|
+
# overview/working-with-objects/names/.
|
5021
|
+
# Corresponds to the JSON property `name`
|
5022
|
+
# @return [String]
|
5023
|
+
attr_accessor :name
|
5024
|
+
|
5025
|
+
# Kubernetes object namespace. Must be a valid DNS label. Named "ns" to avoid
|
5026
|
+
# collision with C++ namespace keyword. For details see https://kubernetes.io/
|
5027
|
+
# docs/tasks/administer-cluster/namespaces/.
|
5028
|
+
# Corresponds to the JSON property `ns`
|
5029
|
+
# @return [String]
|
5030
|
+
attr_accessor :ns
|
5031
|
+
|
5032
|
+
def initialize(**args)
|
5033
|
+
update!(**args)
|
5034
|
+
end
|
5035
|
+
|
5036
|
+
# Update properties of this object
|
5037
|
+
def update!(**args)
|
5038
|
+
@containers = args[:containers] if args.key?(:containers)
|
5039
|
+
@group = args[:group] if args.key?(:group)
|
5040
|
+
@kind = args[:kind] if args.key?(:kind)
|
5041
|
+
@name = args[:name] if args.key?(:name)
|
5042
|
+
@ns = args[:ns] if args.key?(:ns)
|
5043
|
+
end
|
5044
|
+
end
|
5045
|
+
|
5046
|
+
# Contains information about the org policies associated with the finding.
|
5047
|
+
class GoogleCloudSecuritycenterV2OrgPolicy
|
5048
|
+
include Google::Apis::Core::Hashable
|
5049
|
+
|
5050
|
+
# The resource name of the org policy. Example: "organizations/`organization_id`/
|
5051
|
+
# policies/`constraint_name`"
|
5052
|
+
# Corresponds to the JSON property `name`
|
5053
|
+
# @return [String]
|
5054
|
+
attr_accessor :name
|
5055
|
+
|
5056
|
+
def initialize(**args)
|
5057
|
+
update!(**args)
|
5058
|
+
end
|
5059
|
+
|
5060
|
+
# Update properties of this object
|
5061
|
+
def update!(**args)
|
5062
|
+
@name = args[:name] if args.key?(:name)
|
5063
|
+
end
|
5064
|
+
end
|
5065
|
+
|
5066
|
+
# Package is a generic definition of a package.
|
5067
|
+
class GoogleCloudSecuritycenterV2Package
|
5068
|
+
include Google::Apis::Core::Hashable
|
5069
|
+
|
5070
|
+
# The CPE URI where the vulnerability was detected.
|
5071
|
+
# Corresponds to the JSON property `cpeUri`
|
5072
|
+
# @return [String]
|
5073
|
+
attr_accessor :cpe_uri
|
5074
|
+
|
5075
|
+
# The name of the package where the vulnerability was detected.
|
5076
|
+
# Corresponds to the JSON property `packageName`
|
5077
|
+
# @return [String]
|
5078
|
+
attr_accessor :package_name
|
5079
|
+
|
5080
|
+
# Type of package, for example, os, maven, or go.
|
5081
|
+
# Corresponds to the JSON property `packageType`
|
5082
|
+
# @return [String]
|
5083
|
+
attr_accessor :package_type
|
5084
|
+
|
5085
|
+
# The version of the package.
|
5086
|
+
# Corresponds to the JSON property `packageVersion`
|
5087
|
+
# @return [String]
|
5088
|
+
attr_accessor :package_version
|
5089
|
+
|
5090
|
+
def initialize(**args)
|
5091
|
+
update!(**args)
|
5092
|
+
end
|
5093
|
+
|
5094
|
+
# Update properties of this object
|
5095
|
+
def update!(**args)
|
5096
|
+
@cpe_uri = args[:cpe_uri] if args.key?(:cpe_uri)
|
5097
|
+
@package_name = args[:package_name] if args.key?(:package_name)
|
5098
|
+
@package_type = args[:package_type] if args.key?(:package_type)
|
5099
|
+
@package_version = args[:package_version] if args.key?(:package_version)
|
5100
|
+
end
|
5101
|
+
end
|
5102
|
+
|
5103
|
+
# A Kubernetes Pod.
|
5104
|
+
class GoogleCloudSecuritycenterV2Pod
|
5105
|
+
include Google::Apis::Core::Hashable
|
5106
|
+
|
5107
|
+
# Pod containers associated with this finding, if any.
|
5108
|
+
# Corresponds to the JSON property `containers`
|
5109
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
|
5110
|
+
attr_accessor :containers
|
5111
|
+
|
5112
|
+
# Pod labels. For Kubernetes containers, these are applied to the container.
|
5113
|
+
# Corresponds to the JSON property `labels`
|
5114
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Label>]
|
5115
|
+
attr_accessor :labels
|
5116
|
+
|
5117
|
+
# Kubernetes Pod name.
|
5118
|
+
# Corresponds to the JSON property `name`
|
5119
|
+
# @return [String]
|
5120
|
+
attr_accessor :name
|
5121
|
+
|
5122
|
+
# Kubernetes Pod namespace.
|
5123
|
+
# Corresponds to the JSON property `ns`
|
5124
|
+
# @return [String]
|
5125
|
+
attr_accessor :ns
|
5126
|
+
|
5127
|
+
def initialize(**args)
|
5128
|
+
update!(**args)
|
5129
|
+
end
|
5130
|
+
|
5131
|
+
# Update properties of this object
|
5132
|
+
def update!(**args)
|
5133
|
+
@containers = args[:containers] if args.key?(:containers)
|
5134
|
+
@labels = args[:labels] if args.key?(:labels)
|
5135
|
+
@name = args[:name] if args.key?(:name)
|
5136
|
+
@ns = args[:ns] if args.key?(:ns)
|
5137
|
+
end
|
5138
|
+
end
|
5139
|
+
|
5140
|
+
# The policy field that violates the deployed posture and its expected and
|
5141
|
+
# detected values.
|
5142
|
+
class GoogleCloudSecuritycenterV2PolicyDriftDetails
|
5143
|
+
include Google::Apis::Core::Hashable
|
5144
|
+
|
5145
|
+
# The detected value that violates the deployed posture, for example, `false` or
|
5146
|
+
# `allowed_values=`"projects/22831892”``.
|
5147
|
+
# Corresponds to the JSON property `detectedValue`
|
5148
|
+
# @return [String]
|
5149
|
+
attr_accessor :detected_value
|
5150
|
+
|
5151
|
+
# The value of this field that was configured in a posture, for example, `true`
|
5152
|
+
# or `allowed_values=`"projects/29831892”``.
|
5153
|
+
# Corresponds to the JSON property `expectedValue`
|
5154
|
+
# @return [String]
|
5155
|
+
attr_accessor :expected_value
|
5156
|
+
|
5157
|
+
# The name of the updated field, for example constraint.implementation.
|
5158
|
+
# policy_rules[0].enforce
|
5159
|
+
# Corresponds to the JSON property `field`
|
5160
|
+
# @return [String]
|
5161
|
+
attr_accessor :field
|
5162
|
+
|
5163
|
+
def initialize(**args)
|
5164
|
+
update!(**args)
|
5165
|
+
end
|
5166
|
+
|
5167
|
+
# Update properties of this object
|
5168
|
+
def update!(**args)
|
5169
|
+
@detected_value = args[:detected_value] if args.key?(:detected_value)
|
5170
|
+
@expected_value = args[:expected_value] if args.key?(:expected_value)
|
5171
|
+
@field = args[:field] if args.key?(:field)
|
5172
|
+
end
|
5173
|
+
end
|
5174
|
+
|
5175
|
+
# Represents an operating system process.
|
5176
|
+
class GoogleCloudSecuritycenterV2Process
|
5177
|
+
include Google::Apis::Core::Hashable
|
5178
|
+
|
5179
|
+
# Process arguments as JSON encoded strings.
|
5180
|
+
# Corresponds to the JSON property `args`
|
5181
|
+
# @return [Array<String>]
|
5182
|
+
attr_accessor :args
|
5183
|
+
|
5184
|
+
# True if `args` is incomplete.
|
5185
|
+
# Corresponds to the JSON property `argumentsTruncated`
|
5186
|
+
# @return [Boolean]
|
5187
|
+
attr_accessor :arguments_truncated
|
5188
|
+
alias_method :arguments_truncated?, :arguments_truncated
|
5189
|
+
|
5190
|
+
# File information about the related binary/library used by an executable, or
|
5191
|
+
# the script used by a script interpreter
|
5192
|
+
# Corresponds to the JSON property `binary`
|
5193
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File]
|
5194
|
+
attr_accessor :binary
|
5195
|
+
|
5196
|
+
# Process environment variables.
|
5197
|
+
# Corresponds to the JSON property `envVariables`
|
5198
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2EnvironmentVariable>]
|
5199
|
+
attr_accessor :env_variables
|
5200
|
+
|
5201
|
+
# True if `env_variables` is incomplete.
|
5202
|
+
# Corresponds to the JSON property `envVariablesTruncated`
|
5203
|
+
# @return [Boolean]
|
5204
|
+
attr_accessor :env_variables_truncated
|
5205
|
+
alias_method :env_variables_truncated?, :env_variables_truncated
|
5206
|
+
|
5207
|
+
# File information for libraries loaded by the process.
|
5208
|
+
# Corresponds to the JSON property `libraries`
|
5209
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File>]
|
5210
|
+
attr_accessor :libraries
|
5211
|
+
|
5212
|
+
# The process name, as displayed in utilities like `top` and `ps`. This name can
|
5213
|
+
# be accessed through `/proc/[pid]/comm` and changed with `prctl(PR_SET_NAME)`.
|
5214
|
+
# Corresponds to the JSON property `name`
|
5215
|
+
# @return [String]
|
5216
|
+
attr_accessor :name
|
5217
|
+
|
5218
|
+
# The parent process ID.
|
5219
|
+
# Corresponds to the JSON property `parentPid`
|
5220
|
+
# @return [Fixnum]
|
5221
|
+
attr_accessor :parent_pid
|
5222
|
+
|
5223
|
+
# The process ID.
|
5224
|
+
# Corresponds to the JSON property `pid`
|
5225
|
+
# @return [Fixnum]
|
5226
|
+
attr_accessor :pid
|
5227
|
+
|
5228
|
+
# File information about the related binary/library used by an executable, or
|
5229
|
+
# the script used by a script interpreter
|
5230
|
+
# Corresponds to the JSON property `script`
|
5231
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File]
|
5232
|
+
attr_accessor :script
|
5233
|
+
|
5234
|
+
def initialize(**args)
|
5235
|
+
update!(**args)
|
5236
|
+
end
|
5237
|
+
|
5238
|
+
# Update properties of this object
|
5239
|
+
def update!(**args)
|
5240
|
+
@args = args[:args] if args.key?(:args)
|
5241
|
+
@arguments_truncated = args[:arguments_truncated] if args.key?(:arguments_truncated)
|
5242
|
+
@binary = args[:binary] if args.key?(:binary)
|
5243
|
+
@env_variables = args[:env_variables] if args.key?(:env_variables)
|
5244
|
+
@env_variables_truncated = args[:env_variables_truncated] if args.key?(:env_variables_truncated)
|
5245
|
+
@libraries = args[:libraries] if args.key?(:libraries)
|
5246
|
+
@name = args[:name] if args.key?(:name)
|
5247
|
+
@parent_pid = args[:parent_pid] if args.key?(:parent_pid)
|
5248
|
+
@pid = args[:pid] if args.key?(:pid)
|
5249
|
+
@script = args[:script] if args.key?(:script)
|
5250
|
+
end
|
5251
|
+
end
|
5252
|
+
|
5253
|
+
# Indicates what signature matched this process.
|
5254
|
+
class GoogleCloudSecuritycenterV2ProcessSignature
|
5255
|
+
include Google::Apis::Core::Hashable
|
5256
|
+
|
5257
|
+
# A signature corresponding to memory page hashes.
|
5258
|
+
# Corresponds to the JSON property `memoryHashSignature`
|
5259
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MemoryHashSignature]
|
5260
|
+
attr_accessor :memory_hash_signature
|
5261
|
+
|
5262
|
+
# Describes the type of resource associated with the signature.
|
5263
|
+
# Corresponds to the JSON property `signatureType`
|
5264
|
+
# @return [String]
|
5265
|
+
attr_accessor :signature_type
|
5266
|
+
|
5267
|
+
# A signature corresponding to a YARA rule.
|
5268
|
+
# Corresponds to the JSON property `yaraRuleSignature`
|
5269
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2YaraRuleSignature]
|
5270
|
+
attr_accessor :yara_rule_signature
|
5271
|
+
|
5272
|
+
def initialize(**args)
|
5273
|
+
update!(**args)
|
5274
|
+
end
|
5275
|
+
|
5276
|
+
# Update properties of this object
|
5277
|
+
def update!(**args)
|
5278
|
+
@memory_hash_signature = args[:memory_hash_signature] if args.key?(:memory_hash_signature)
|
5279
|
+
@signature_type = args[:signature_type] if args.key?(:signature_type)
|
5280
|
+
@yara_rule_signature = args[:yara_rule_signature] if args.key?(:yara_rule_signature)
|
5281
|
+
end
|
5282
|
+
end
|
5283
|
+
|
5284
|
+
# Additional Links
|
5285
|
+
class GoogleCloudSecuritycenterV2Reference
|
5286
|
+
include Google::Apis::Core::Hashable
|
5287
|
+
|
5288
|
+
# Source of the reference e.g. NVD
|
5289
|
+
# Corresponds to the JSON property `source`
|
5290
|
+
# @return [String]
|
5291
|
+
attr_accessor :source
|
5292
|
+
|
5293
|
+
# Uri for the mentioned source e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?
|
5294
|
+
# name=CVE-2021-34527.
|
5295
|
+
# Corresponds to the JSON property `uri`
|
5296
|
+
# @return [String]
|
5297
|
+
attr_accessor :uri
|
5298
|
+
|
5299
|
+
def initialize(**args)
|
5300
|
+
update!(**args)
|
5301
|
+
end
|
5302
|
+
|
5303
|
+
# Update properties of this object
|
5304
|
+
def update!(**args)
|
5305
|
+
@source = args[:source] if args.key?(:source)
|
5306
|
+
@uri = args[:uri] if args.key?(:uri)
|
5307
|
+
end
|
5308
|
+
end
|
5309
|
+
|
5310
|
+
# Information related to the Google Cloud resource.
|
5311
|
+
class GoogleCloudSecuritycenterV2Resource
|
5312
|
+
include Google::Apis::Core::Hashable
|
5313
|
+
|
5314
|
+
# The human readable name of the resource.
|
5315
|
+
# Corresponds to the JSON property `displayName`
|
5316
|
+
# @return [String]
|
5317
|
+
attr_accessor :display_name
|
5318
|
+
|
5319
|
+
# The full resource name of the resource. See: https://cloud.google.com/apis/
|
5320
|
+
# design/resource_names#full_resource_name
|
5321
|
+
# Corresponds to the JSON property `name`
|
5322
|
+
# @return [String]
|
5323
|
+
attr_accessor :name
|
5324
|
+
|
5325
|
+
# The full resource type of the resource.
|
5326
|
+
# Corresponds to the JSON property `type`
|
5327
|
+
# @return [String]
|
5328
|
+
attr_accessor :type
|
5329
|
+
|
5330
|
+
def initialize(**args)
|
5331
|
+
update!(**args)
|
5332
|
+
end
|
5333
|
+
|
5334
|
+
# Update properties of this object
|
5335
|
+
def update!(**args)
|
5336
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
5337
|
+
@name = args[:name] if args.key?(:name)
|
5338
|
+
@type = args[:type] if args.key?(:type)
|
5339
|
+
end
|
5340
|
+
end
|
5341
|
+
|
5342
|
+
# A resource value config (RVC) is a mapping configuration of user's resources
|
5343
|
+
# to resource values. Used in Attack path simulations.
|
5344
|
+
class GoogleCloudSecuritycenterV2ResourceValueConfig
|
5345
|
+
include Google::Apis::Core::Hashable
|
5346
|
+
|
5347
|
+
# Output only. Timestamp this resource value config was created.
|
5348
|
+
# Corresponds to the JSON property `createTime`
|
5349
|
+
# @return [String]
|
5350
|
+
attr_accessor :create_time
|
5351
|
+
|
5352
|
+
# Description of the resource value config.
|
5353
|
+
# Corresponds to the JSON property `description`
|
5354
|
+
# @return [String]
|
5355
|
+
attr_accessor :description
|
5356
|
+
|
5357
|
+
# Name for the resource value config
|
5358
|
+
# Corresponds to the JSON property `name`
|
5359
|
+
# @return [String]
|
5360
|
+
attr_accessor :name
|
5361
|
+
|
5362
|
+
# List of resource labels to search for, evaluated with AND. E.g. "
|
5363
|
+
# resource_labels_selector": `"key": "value", "env": "prod"` will match
|
5364
|
+
# resources with labels "key": "value" AND "env": "prod" https://cloud.google.
|
5365
|
+
# com/resource-manager/docs/creating-managing-labels
|
5366
|
+
# Corresponds to the JSON property `resourceLabelsSelector`
|
5367
|
+
# @return [Hash<String,String>]
|
5368
|
+
attr_accessor :resource_labels_selector
|
5369
|
+
|
5370
|
+
# Apply resource_value only to resources that match resource_type. resource_type
|
5371
|
+
# will be checked with "AND" of other resources. E.g. "storage.googleapis.com/
|
5372
|
+
# Bucket" with resource_value "HIGH" will apply "HIGH" value only to "storage.
|
5373
|
+
# googleapis.com/Bucket" resources.
|
5374
|
+
# Corresponds to the JSON property `resourceType`
|
5375
|
+
# @return [String]
|
5376
|
+
attr_accessor :resource_type
|
5377
|
+
|
5378
|
+
# Resource value level this expression represents Only required when there is no
|
5379
|
+
# SDP mapping in the request
|
5380
|
+
# Corresponds to the JSON property `resourceValue`
|
5381
|
+
# @return [String]
|
5382
|
+
attr_accessor :resource_value
|
5383
|
+
|
5384
|
+
# Project or folder to scope this config to. For example, "project/456" would
|
5385
|
+
# apply this config only to resources in "project/456" scope will be checked
|
5386
|
+
# with "AND" of other resources.
|
5387
|
+
# Corresponds to the JSON property `scope`
|
5388
|
+
# @return [String]
|
5389
|
+
attr_accessor :scope
|
5390
|
+
|
5391
|
+
# Resource value mapping for Sensitive Data Protection findings If any of these
|
5392
|
+
# mappings have a resource value that is not unspecified, the resource_value
|
5393
|
+
# field will be ignored when reading this configuration.
|
5394
|
+
# Corresponds to the JSON property `sensitiveDataProtectionMapping`
|
5395
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping]
|
5396
|
+
attr_accessor :sensitive_data_protection_mapping
|
5397
|
+
|
5398
|
+
# Required. Tag values combined with AND to check against. Values in the form "
|
5399
|
+
# tagValues/123" E.g. [ "tagValues/123", "tagValues/456", "tagValues/789" ]
|
5400
|
+
# https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
|
5401
|
+
# Corresponds to the JSON property `tagValues`
|
5402
|
+
# @return [Array<String>]
|
5403
|
+
attr_accessor :tag_values
|
5404
|
+
|
5405
|
+
# Output only. Timestamp this resource value config was last updated.
|
5406
|
+
# Corresponds to the JSON property `updateTime`
|
5407
|
+
# @return [String]
|
5408
|
+
attr_accessor :update_time
|
5409
|
+
|
5410
|
+
def initialize(**args)
|
5411
|
+
update!(**args)
|
5412
|
+
end
|
5413
|
+
|
5414
|
+
# Update properties of this object
|
5415
|
+
def update!(**args)
|
5416
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
5417
|
+
@description = args[:description] if args.key?(:description)
|
5418
|
+
@name = args[:name] if args.key?(:name)
|
5419
|
+
@resource_labels_selector = args[:resource_labels_selector] if args.key?(:resource_labels_selector)
|
5420
|
+
@resource_type = args[:resource_type] if args.key?(:resource_type)
|
5421
|
+
@resource_value = args[:resource_value] if args.key?(:resource_value)
|
5422
|
+
@scope = args[:scope] if args.key?(:scope)
|
5423
|
+
@sensitive_data_protection_mapping = args[:sensitive_data_protection_mapping] if args.key?(:sensitive_data_protection_mapping)
|
5424
|
+
@tag_values = args[:tag_values] if args.key?(:tag_values)
|
5425
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
5426
|
+
end
|
5427
|
+
end
|
5428
|
+
|
5429
|
+
# Kubernetes Role or ClusterRole.
|
5430
|
+
class GoogleCloudSecuritycenterV2Role
|
5431
|
+
include Google::Apis::Core::Hashable
|
5432
|
+
|
5433
|
+
# Role type.
|
5434
|
+
# Corresponds to the JSON property `kind`
|
5435
|
+
# @return [String]
|
5436
|
+
attr_accessor :kind
|
5437
|
+
|
5438
|
+
# Role name.
|
5439
|
+
# Corresponds to the JSON property `name`
|
5440
|
+
# @return [String]
|
5441
|
+
attr_accessor :name
|
5442
|
+
|
5443
|
+
# Role namespace.
|
5444
|
+
# Corresponds to the JSON property `ns`
|
5445
|
+
# @return [String]
|
5446
|
+
attr_accessor :ns
|
5447
|
+
|
5448
|
+
def initialize(**args)
|
5449
|
+
update!(**args)
|
5450
|
+
end
|
5451
|
+
|
5452
|
+
# Update properties of this object
|
5453
|
+
def update!(**args)
|
5454
|
+
@kind = args[:kind] if args.key?(:kind)
|
5455
|
+
@name = args[:name] if args.key?(:name)
|
5456
|
+
@ns = args[:ns] if args.key?(:ns)
|
5457
|
+
end
|
5458
|
+
end
|
5459
|
+
|
5460
|
+
# SecurityBulletin are notifications of vulnerabilities of Google products.
|
5461
|
+
class GoogleCloudSecuritycenterV2SecurityBulletin
|
5462
|
+
include Google::Apis::Core::Hashable
|
5463
|
+
|
5464
|
+
# ID of the bulletin corresponding to the vulnerability.
|
5465
|
+
# Corresponds to the JSON property `bulletinId`
|
5466
|
+
# @return [String]
|
5467
|
+
attr_accessor :bulletin_id
|
5468
|
+
|
5469
|
+
# Submission time of this Security Bulletin.
|
5470
|
+
# Corresponds to the JSON property `submissionTime`
|
5471
|
+
# @return [String]
|
5472
|
+
attr_accessor :submission_time
|
5473
|
+
|
5474
|
+
# This represents a version that the cluster receiving this notification should
|
5475
|
+
# be upgraded to, based on its current version. For example, 1.15.0
|
5476
|
+
# Corresponds to the JSON property `suggestedUpgradeVersion`
|
5477
|
+
# @return [String]
|
5478
|
+
attr_accessor :suggested_upgrade_version
|
5479
|
+
|
5480
|
+
def initialize(**args)
|
5481
|
+
update!(**args)
|
5482
|
+
end
|
5483
|
+
|
5484
|
+
# Update properties of this object
|
5485
|
+
def update!(**args)
|
5486
|
+
@bulletin_id = args[:bulletin_id] if args.key?(:bulletin_id)
|
5487
|
+
@submission_time = args[:submission_time] if args.key?(:submission_time)
|
5488
|
+
@suggested_upgrade_version = args[:suggested_upgrade_version] if args.key?(:suggested_upgrade_version)
|
5489
|
+
end
|
5490
|
+
end
|
5491
|
+
|
5492
|
+
# User specified security marks that are attached to the parent Security Command
|
5493
|
+
# Center resource. Security marks are scoped within a Security Command Center
|
5494
|
+
# organization -- they can be modified and viewed by all users who have proper
|
5495
|
+
# permissions on the organization.
|
5496
|
+
class GoogleCloudSecuritycenterV2SecurityMarks
|
5497
|
+
include Google::Apis::Core::Hashable
|
5498
|
+
|
5499
|
+
# The canonical name of the marks. The following list shows some examples: + `
|
5500
|
+
# organizations/`organization_id`/assets/`asset_id`/securityMarks" + `
|
5501
|
+
# organizations/`organization_id`/sources/`source_id`/findings/`finding_id`/
|
5502
|
+
# securityMarks" + `organizations/`organization_id`/sources/`source_id`/
|
5503
|
+
# locations/`location`/findings/`finding_id`/securityMarks" + `folders/`
|
5504
|
+
# folder_id`/assets/`asset_id`/securityMarks" + `folders/`folder_id`/sources/`
|
5505
|
+
# source_id`/findings/`finding_id`/securityMarks" + `folders/`folder_id`/sources/
|
5506
|
+
# `source_id`/locations/`location`/findings/`finding_id`/securityMarks" + `
|
5507
|
+
# projects/`project_number`/assets/`asset_id`/securityMarks" + `projects/`
|
5508
|
+
# project_number`/sources/`source_id`/findings/`finding_id`/securityMarks" + `
|
5509
|
+
# projects/`project_number`/sources/`source_id`/locations/`location`/findings/`
|
5510
|
+
# finding_id`/securityMarks"
|
5511
|
+
# Corresponds to the JSON property `canonicalName`
|
5512
|
+
# @return [String]
|
5513
|
+
attr_accessor :canonical_name
|
5514
|
+
|
5515
|
+
# Mutable user specified security marks belonging to the parent resource.
|
5516
|
+
# Constraints are as follows: * Keys and values are treated as case insensitive *
|
5517
|
+
# Keys must be between 1 - 256 characters (inclusive) * Keys must be letters,
|
5518
|
+
# numbers, underscores, or dashes * Values have leading and trailing whitespace
|
5519
|
+
# trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
|
5520
|
+
# Corresponds to the JSON property `marks`
|
5521
|
+
# @return [Hash<String,String>]
|
5522
|
+
attr_accessor :marks
|
5523
|
+
|
5524
|
+
# The relative resource name of the SecurityMarks. See: https://cloud.google.com/
|
5525
|
+
# apis/design/resource_names#relative_resource_name The following list shows
|
5526
|
+
# some examples: + `organizations/`organization_id`/assets/`asset_id`/
|
5527
|
+
# securityMarks` + `organizations/`organization_id`/sources/`source_id`/findings/
|
5528
|
+
# `finding_id`/securityMarks` + `organizations/`organization_id`/sources/`
|
5529
|
+
# source_id`/locations/`location`/findings/`finding_id`/securityMarks`
|
5530
|
+
# Corresponds to the JSON property `name`
|
5531
|
+
# @return [String]
|
5532
|
+
attr_accessor :name
|
5533
|
+
|
5534
|
+
def initialize(**args)
|
5535
|
+
update!(**args)
|
5536
|
+
end
|
5537
|
+
|
5538
|
+
# Update properties of this object
|
5539
|
+
def update!(**args)
|
5540
|
+
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
5541
|
+
@marks = args[:marks] if args.key?(:marks)
|
5542
|
+
@name = args[:name] if args.key?(:name)
|
5543
|
+
end
|
5544
|
+
end
|
5545
|
+
|
5546
|
+
# Represents a posture that is deployed on Google Cloud by the Security Command
|
5547
|
+
# Center Posture Management service. A posture contains one or more policy sets.
|
5548
|
+
# A policy set is a group of policies that enforce a set of security rules on
|
5549
|
+
# Google Cloud.
|
5550
|
+
class GoogleCloudSecuritycenterV2SecurityPosture
|
5551
|
+
include Google::Apis::Core::Hashable
|
5552
|
+
|
5553
|
+
# The name of the updated policy, for example, `projects/`project_id`/policies/`
|
5554
|
+
# constraint_name``.
|
5555
|
+
# Corresponds to the JSON property `changedPolicy`
|
5556
|
+
# @return [String]
|
5557
|
+
attr_accessor :changed_policy
|
5558
|
+
|
5559
|
+
# Name of the posture, for example, `CIS-Posture`.
|
5560
|
+
# Corresponds to the JSON property `name`
|
5561
|
+
# @return [String]
|
5562
|
+
attr_accessor :name
|
5563
|
+
|
5564
|
+
# The ID of the updated policy, for example, `compute-policy-1`.
|
5565
|
+
# Corresponds to the JSON property `policy`
|
5566
|
+
# @return [String]
|
5567
|
+
attr_accessor :policy
|
5568
|
+
|
5569
|
+
# The details about a change in an updated policy that violates the deployed
|
5570
|
+
# posture.
|
5571
|
+
# Corresponds to the JSON property `policyDriftDetails`
|
5572
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2PolicyDriftDetails>]
|
5573
|
+
attr_accessor :policy_drift_details
|
5574
|
+
|
5575
|
+
# The name of the updated policy set, for example, `cis-policyset`.
|
5576
|
+
# Corresponds to the JSON property `policySet`
|
5577
|
+
# @return [String]
|
5578
|
+
attr_accessor :policy_set
|
5579
|
+
|
5580
|
+
# The name of the posture deployment, for example, `organizations/`org_id`/
|
5581
|
+
# posturedeployments/`posture_deployment_id``.
|
5582
|
+
# Corresponds to the JSON property `postureDeployment`
|
5583
|
+
# @return [String]
|
5584
|
+
attr_accessor :posture_deployment
|
5585
|
+
|
5586
|
+
# The project, folder, or organization on which the posture is deployed, for
|
5587
|
+
# example, `projects/`project_number``.
|
5588
|
+
# Corresponds to the JSON property `postureDeploymentResource`
|
5589
|
+
# @return [String]
|
5590
|
+
attr_accessor :posture_deployment_resource
|
5591
|
+
|
5592
|
+
# The version of the posture, for example, `c7cfa2a8`.
|
5593
|
+
# Corresponds to the JSON property `revisionId`
|
5594
|
+
# @return [String]
|
5595
|
+
attr_accessor :revision_id
|
5596
|
+
|
5597
|
+
def initialize(**args)
|
5598
|
+
update!(**args)
|
5599
|
+
end
|
5600
|
+
|
5601
|
+
# Update properties of this object
|
5602
|
+
def update!(**args)
|
5603
|
+
@changed_policy = args[:changed_policy] if args.key?(:changed_policy)
|
5604
|
+
@name = args[:name] if args.key?(:name)
|
5605
|
+
@policy = args[:policy] if args.key?(:policy)
|
5606
|
+
@policy_drift_details = args[:policy_drift_details] if args.key?(:policy_drift_details)
|
5607
|
+
@policy_set = args[:policy_set] if args.key?(:policy_set)
|
5608
|
+
@posture_deployment = args[:posture_deployment] if args.key?(:posture_deployment)
|
5609
|
+
@posture_deployment_resource = args[:posture_deployment_resource] if args.key?(:posture_deployment_resource)
|
5610
|
+
@revision_id = args[:revision_id] if args.key?(:revision_id)
|
5611
|
+
end
|
5612
|
+
end
|
5613
|
+
|
5614
|
+
# Resource value mapping for Sensitive Data Protection findings If any of these
|
5615
|
+
# mappings have a resource value that is not unspecified, the resource_value
|
5616
|
+
# field will be ignored when reading this configuration.
|
5617
|
+
class GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping
|
5618
|
+
include Google::Apis::Core::Hashable
|
5619
|
+
|
5620
|
+
# Resource value mapping for high-sensitivity Sensitive Data Protection findings
|
5621
|
+
# Corresponds to the JSON property `highSensitivityMapping`
|
5622
|
+
# @return [String]
|
5623
|
+
attr_accessor :high_sensitivity_mapping
|
5624
|
+
|
5625
|
+
# Resource value mapping for medium-sensitivity Sensitive Data Protection
|
5626
|
+
# findings
|
5627
|
+
# Corresponds to the JSON property `mediumSensitivityMapping`
|
5628
|
+
# @return [String]
|
5629
|
+
attr_accessor :medium_sensitivity_mapping
|
5630
|
+
|
5631
|
+
def initialize(**args)
|
5632
|
+
update!(**args)
|
5633
|
+
end
|
5634
|
+
|
5635
|
+
# Update properties of this object
|
5636
|
+
def update!(**args)
|
5637
|
+
@high_sensitivity_mapping = args[:high_sensitivity_mapping] if args.key?(:high_sensitivity_mapping)
|
5638
|
+
@medium_sensitivity_mapping = args[:medium_sensitivity_mapping] if args.key?(:medium_sensitivity_mapping)
|
5639
|
+
end
|
5640
|
+
end
|
5641
|
+
|
5642
|
+
# Identity delegation history of an authenticated service account.
|
5643
|
+
class GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo
|
5644
|
+
include Google::Apis::Core::Hashable
|
5645
|
+
|
5646
|
+
# The email address of a Google account.
|
5647
|
+
# Corresponds to the JSON property `principalEmail`
|
5648
|
+
# @return [String]
|
5649
|
+
attr_accessor :principal_email
|
5650
|
+
|
5651
|
+
# A string representing the principal_subject associated with the identity. As
|
5652
|
+
# compared to `principal_email`, supports principals that aren't associated with
|
5653
|
+
# email addresses, such as third party principals. For most identities, the
|
5654
|
+
# format will be `principal://iam.googleapis.com/`identity pool name`/subjects/`
|
5655
|
+
# subject`` except for some GKE identities (GKE_WORKLOAD, FREEFORM,
|
5656
|
+
# GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:`
|
5657
|
+
# identity pool name`[`subject`]`
|
5658
|
+
# Corresponds to the JSON property `principalSubject`
|
5659
|
+
# @return [String]
|
5660
|
+
attr_accessor :principal_subject
|
5661
|
+
|
5662
|
+
def initialize(**args)
|
5663
|
+
update!(**args)
|
5664
|
+
end
|
5665
|
+
|
5666
|
+
# Update properties of this object
|
5667
|
+
def update!(**args)
|
5668
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
5669
|
+
@principal_subject = args[:principal_subject] if args.key?(:principal_subject)
|
5670
|
+
end
|
5671
|
+
end
|
5672
|
+
|
5673
|
+
# Represents a Kubernetes subject.
|
5674
|
+
class GoogleCloudSecuritycenterV2Subject
|
5675
|
+
include Google::Apis::Core::Hashable
|
5676
|
+
|
5677
|
+
# Authentication type for the subject.
|
5678
|
+
# Corresponds to the JSON property `kind`
|
5679
|
+
# @return [String]
|
5680
|
+
attr_accessor :kind
|
5681
|
+
|
5682
|
+
# Name for the subject.
|
5683
|
+
# Corresponds to the JSON property `name`
|
5684
|
+
# @return [String]
|
5685
|
+
attr_accessor :name
|
5686
|
+
|
5687
|
+
# Namespace for the subject.
|
5688
|
+
# Corresponds to the JSON property `ns`
|
5689
|
+
# @return [String]
|
5690
|
+
attr_accessor :ns
|
5691
|
+
|
5692
|
+
def initialize(**args)
|
5693
|
+
update!(**args)
|
5694
|
+
end
|
5695
|
+
|
5696
|
+
# Update properties of this object
|
5697
|
+
def update!(**args)
|
5698
|
+
@kind = args[:kind] if args.key?(:kind)
|
5699
|
+
@name = args[:name] if args.key?(:name)
|
5700
|
+
@ns = args[:ns] if args.key?(:ns)
|
5701
|
+
end
|
5702
|
+
end
|
5703
|
+
|
5704
|
+
# Information about the ticket, if any, that is being used to track the
|
5705
|
+
# resolution of the issue that is identified by this finding.
|
5706
|
+
class GoogleCloudSecuritycenterV2TicketInfo
|
5707
|
+
include Google::Apis::Core::Hashable
|
5708
|
+
|
5709
|
+
# The assignee of the ticket in the ticket system.
|
5710
|
+
# Corresponds to the JSON property `assignee`
|
5711
|
+
# @return [String]
|
5712
|
+
attr_accessor :assignee
|
5713
|
+
|
5714
|
+
# The description of the ticket in the ticket system.
|
5715
|
+
# Corresponds to the JSON property `description`
|
5716
|
+
# @return [String]
|
5717
|
+
attr_accessor :description
|
5718
|
+
|
5719
|
+
# The identifier of the ticket in the ticket system.
|
5720
|
+
# Corresponds to the JSON property `id`
|
5721
|
+
# @return [String]
|
5722
|
+
attr_accessor :id
|
5723
|
+
|
5724
|
+
# The latest status of the ticket, as reported by the ticket system.
|
5725
|
+
# Corresponds to the JSON property `status`
|
5726
|
+
# @return [String]
|
5727
|
+
attr_accessor :status
|
5728
|
+
|
5729
|
+
# The time when the ticket was last updated, as reported by the ticket system.
|
5730
|
+
# Corresponds to the JSON property `updateTime`
|
5731
|
+
# @return [String]
|
5732
|
+
attr_accessor :update_time
|
5733
|
+
|
5734
|
+
# The link to the ticket in the ticket system.
|
5735
|
+
# Corresponds to the JSON property `uri`
|
5736
|
+
# @return [String]
|
5737
|
+
attr_accessor :uri
|
5738
|
+
|
5739
|
+
def initialize(**args)
|
5740
|
+
update!(**args)
|
5741
|
+
end
|
5742
|
+
|
5743
|
+
# Update properties of this object
|
5744
|
+
def update!(**args)
|
5745
|
+
@assignee = args[:assignee] if args.key?(:assignee)
|
5746
|
+
@description = args[:description] if args.key?(:description)
|
5747
|
+
@id = args[:id] if args.key?(:id)
|
5748
|
+
@status = args[:status] if args.key?(:status)
|
5749
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
5750
|
+
@uri = args[:uri] if args.key?(:uri)
|
5751
|
+
end
|
5752
|
+
end
|
5753
|
+
|
5754
|
+
# Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
|
5755
|
+
class GoogleCloudSecuritycenterV2Vulnerability
|
5756
|
+
include Google::Apis::Core::Hashable
|
5757
|
+
|
5758
|
+
# CVE stands for Common Vulnerabilities and Exposures. Information from the [CVE
|
5759
|
+
# record](https://www.cve.org/ResourcesSupport/Glossary) that describes this
|
5760
|
+
# vulnerability.
|
5761
|
+
# Corresponds to the JSON property `cve`
|
5762
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cve]
|
5763
|
+
attr_accessor :cve
|
5764
|
+
|
5765
|
+
# Package is a generic definition of a package.
|
5766
|
+
# Corresponds to the JSON property `fixedPackage`
|
5767
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Package]
|
5768
|
+
attr_accessor :fixed_package
|
5769
|
+
|
5770
|
+
# Package is a generic definition of a package.
|
5771
|
+
# Corresponds to the JSON property `offendingPackage`
|
5772
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Package]
|
5773
|
+
attr_accessor :offending_package
|
5774
|
+
|
5775
|
+
# SecurityBulletin are notifications of vulnerabilities of Google products.
|
5776
|
+
# Corresponds to the JSON property `securityBulletin`
|
5777
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityBulletin]
|
5778
|
+
attr_accessor :security_bulletin
|
5779
|
+
|
5780
|
+
def initialize(**args)
|
5781
|
+
update!(**args)
|
5782
|
+
end
|
5783
|
+
|
5784
|
+
# Update properties of this object
|
5785
|
+
def update!(**args)
|
5786
|
+
@cve = args[:cve] if args.key?(:cve)
|
5787
|
+
@fixed_package = args[:fixed_package] if args.key?(:fixed_package)
|
5788
|
+
@offending_package = args[:offending_package] if args.key?(:offending_package)
|
5789
|
+
@security_bulletin = args[:security_bulletin] if args.key?(:security_bulletin)
|
5790
|
+
end
|
5791
|
+
end
|
5792
|
+
|
5793
|
+
# A signature corresponding to a YARA rule.
|
5794
|
+
class GoogleCloudSecuritycenterV2YaraRuleSignature
|
5795
|
+
include Google::Apis::Core::Hashable
|
5796
|
+
|
5797
|
+
# The name of the YARA rule.
|
5798
|
+
# Corresponds to the JSON property `yaraRule`
|
5799
|
+
# @return [String]
|
5800
|
+
attr_accessor :yara_rule
|
5801
|
+
|
5802
|
+
def initialize(**args)
|
5803
|
+
update!(**args)
|
5804
|
+
end
|
5805
|
+
|
5806
|
+
# Update properties of this object
|
5807
|
+
def update!(**args)
|
5808
|
+
@yara_rule = args[:yara_rule] if args.key?(:yara_rule)
|
5809
|
+
end
|
5810
|
+
end
|
5811
|
+
|
2760
5812
|
# Represents a particular IAM binding, which captures a member's role addition,
|
2761
5813
|
# removal, or state.
|
2762
5814
|
class IamBinding
|