google-apis-securitycenter_v1beta2 0.71.0 → 0.73.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/lib/google/apis/securitycenter_v1beta2/classes.rb +1378 -219
- data/lib/google/apis/securitycenter_v1beta2/gem_version.rb +3 -3
- data/lib/google/apis/securitycenter_v1beta2/representations.rb +517 -0
- data/lib/google/apis/securitycenter_v1beta2/service.rb +80 -16
- metadata +4 -4
|
@@ -493,6 +493,11 @@ module Google
|
|
|
493
493
|
# @return [Google::Apis::SecuritycenterV1beta2::AzureSubscription]
|
|
494
494
|
attr_accessor :subscription
|
|
495
495
|
|
|
496
|
+
# Represents a Microsoft Entra tenant.
|
|
497
|
+
# Corresponds to the JSON property `tenant`
|
|
498
|
+
# @return [Google::Apis::SecuritycenterV1beta2::AzureTenant]
|
|
499
|
+
attr_accessor :tenant
|
|
500
|
+
|
|
496
501
|
def initialize(**args)
|
|
497
502
|
update!(**args)
|
|
498
503
|
end
|
|
@@ -502,6 +507,7 @@ module Google
|
|
|
502
507
|
@management_groups = args[:management_groups] if args.key?(:management_groups)
|
|
503
508
|
@resource_group = args[:resource_group] if args.key?(:resource_group)
|
|
504
509
|
@subscription = args[:subscription] if args.key?(:subscription)
|
|
510
|
+
@tenant = args[:tenant] if args.key?(:tenant)
|
|
505
511
|
end
|
|
506
512
|
end
|
|
507
513
|
|
|
@@ -509,6 +515,11 @@ module Google
|
|
|
509
515
|
class AzureResourceGroup
|
|
510
516
|
include Google::Apis::Core::Hashable
|
|
511
517
|
|
|
518
|
+
# The ID of the Azure resource group.
|
|
519
|
+
# Corresponds to the JSON property `id`
|
|
520
|
+
# @return [String]
|
|
521
|
+
attr_accessor :id
|
|
522
|
+
|
|
512
523
|
# The name of the Azure resource group. This is not a UUID.
|
|
513
524
|
# Corresponds to the JSON property `name`
|
|
514
525
|
# @return [String]
|
|
@@ -520,6 +531,7 @@ module Google
|
|
|
520
531
|
|
|
521
532
|
# Update properties of this object
|
|
522
533
|
def update!(**args)
|
|
534
|
+
@id = args[:id] if args.key?(:id)
|
|
523
535
|
@name = args[:name] if args.key?(:name)
|
|
524
536
|
end
|
|
525
537
|
end
|
|
@@ -550,6 +562,32 @@ module Google
|
|
|
550
562
|
end
|
|
551
563
|
end
|
|
552
564
|
|
|
565
|
+
# Represents a Microsoft Entra tenant.
|
|
566
|
+
class AzureTenant
|
|
567
|
+
include Google::Apis::Core::Hashable
|
|
568
|
+
|
|
569
|
+
# The display name of the Azure tenant.
|
|
570
|
+
# Corresponds to the JSON property `displayName`
|
|
571
|
+
# @return [String]
|
|
572
|
+
attr_accessor :display_name
|
|
573
|
+
|
|
574
|
+
# The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
|
|
575
|
+
# 1aaa11a".
|
|
576
|
+
# Corresponds to the JSON property `id`
|
|
577
|
+
# @return [String]
|
|
578
|
+
attr_accessor :id
|
|
579
|
+
|
|
580
|
+
def initialize(**args)
|
|
581
|
+
update!(**args)
|
|
582
|
+
end
|
|
583
|
+
|
|
584
|
+
# Update properties of this object
|
|
585
|
+
def update!(**args)
|
|
586
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
587
|
+
@id = args[:id] if args.key?(:id)
|
|
588
|
+
end
|
|
589
|
+
end
|
|
590
|
+
|
|
553
591
|
# Information related to Google Cloud Backup and DR Service findings.
|
|
554
592
|
class BackupDisasterRecovery
|
|
555
593
|
include Google::Apis::Core::Hashable
|
|
@@ -1122,11 +1160,21 @@ module Google
|
|
|
1122
1160
|
# @return [Google::Apis::SecuritycenterV1beta2::Cvssv3]
|
|
1123
1161
|
attr_accessor :cvssv3
|
|
1124
1162
|
|
|
1163
|
+
# Date the first publicly available exploit or PoC was released.
|
|
1164
|
+
# Corresponds to the JSON property `exploitReleaseDate`
|
|
1165
|
+
# @return [String]
|
|
1166
|
+
attr_accessor :exploit_release_date
|
|
1167
|
+
|
|
1125
1168
|
# The exploitation activity of the vulnerability in the wild.
|
|
1126
1169
|
# Corresponds to the JSON property `exploitationActivity`
|
|
1127
1170
|
# @return [String]
|
|
1128
1171
|
attr_accessor :exploitation_activity
|
|
1129
1172
|
|
|
1173
|
+
# Date of the earliest known exploitation.
|
|
1174
|
+
# Corresponds to the JSON property `firstExploitationDate`
|
|
1175
|
+
# @return [String]
|
|
1176
|
+
attr_accessor :first_exploitation_date
|
|
1177
|
+
|
|
1130
1178
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
|
1131
1179
|
# Corresponds to the JSON property `id`
|
|
1132
1180
|
# @return [String]
|
|
@@ -1168,7 +1216,9 @@ module Google
|
|
|
1168
1216
|
# Update properties of this object
|
|
1169
1217
|
def update!(**args)
|
|
1170
1218
|
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
|
1219
|
+
@exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
|
|
1171
1220
|
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
|
1221
|
+
@first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
|
|
1172
1222
|
@id = args[:id] if args.key?(:id)
|
|
1173
1223
|
@impact = args[:impact] if args.key?(:impact)
|
|
1174
1224
|
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
|
@@ -1255,6 +1305,144 @@ module Google
|
|
|
1255
1305
|
end
|
|
1256
1306
|
end
|
|
1257
1307
|
|
|
1308
|
+
# Details about a data access attempt made by a principal not authorized under
|
|
1309
|
+
# applicable data security policy.
|
|
1310
|
+
class DataAccessEvent
|
|
1311
|
+
include Google::Apis::Core::Hashable
|
|
1312
|
+
|
|
1313
|
+
# Unique identifier for data access event.
|
|
1314
|
+
# Corresponds to the JSON property `eventId`
|
|
1315
|
+
# @return [String]
|
|
1316
|
+
attr_accessor :event_id
|
|
1317
|
+
|
|
1318
|
+
# Timestamp of data access event.
|
|
1319
|
+
# Corresponds to the JSON property `eventTime`
|
|
1320
|
+
# @return [String]
|
|
1321
|
+
attr_accessor :event_time
|
|
1322
|
+
|
|
1323
|
+
# The operation performed by the principal to access the data.
|
|
1324
|
+
# Corresponds to the JSON property `operation`
|
|
1325
|
+
# @return [String]
|
|
1326
|
+
attr_accessor :operation
|
|
1327
|
+
|
|
1328
|
+
# The email address of the principal that accessed the data. The principal could
|
|
1329
|
+
# be a user account, service account, Google group, or other.
|
|
1330
|
+
# Corresponds to the JSON property `principalEmail`
|
|
1331
|
+
# @return [String]
|
|
1332
|
+
attr_accessor :principal_email
|
|
1333
|
+
|
|
1334
|
+
def initialize(**args)
|
|
1335
|
+
update!(**args)
|
|
1336
|
+
end
|
|
1337
|
+
|
|
1338
|
+
# Update properties of this object
|
|
1339
|
+
def update!(**args)
|
|
1340
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
1341
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
1342
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
1343
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
1344
|
+
end
|
|
1345
|
+
end
|
|
1346
|
+
|
|
1347
|
+
# Details about a data flow event, in which either the data is moved to or is
|
|
1348
|
+
# accessed from a non-compliant geo-location, as defined in the applicable data
|
|
1349
|
+
# security policy.
|
|
1350
|
+
class DataFlowEvent
|
|
1351
|
+
include Google::Apis::Core::Hashable
|
|
1352
|
+
|
|
1353
|
+
# Unique identifier for data flow event.
|
|
1354
|
+
# Corresponds to the JSON property `eventId`
|
|
1355
|
+
# @return [String]
|
|
1356
|
+
attr_accessor :event_id
|
|
1357
|
+
|
|
1358
|
+
# Timestamp of data flow event.
|
|
1359
|
+
# Corresponds to the JSON property `eventTime`
|
|
1360
|
+
# @return [String]
|
|
1361
|
+
attr_accessor :event_time
|
|
1362
|
+
|
|
1363
|
+
# The operation performed by the principal for the data flow event.
|
|
1364
|
+
# Corresponds to the JSON property `operation`
|
|
1365
|
+
# @return [String]
|
|
1366
|
+
attr_accessor :operation
|
|
1367
|
+
|
|
1368
|
+
# The email address of the principal that initiated the data flow event. The
|
|
1369
|
+
# principal could be a user account, service account, Google group, or other.
|
|
1370
|
+
# Corresponds to the JSON property `principalEmail`
|
|
1371
|
+
# @return [String]
|
|
1372
|
+
attr_accessor :principal_email
|
|
1373
|
+
|
|
1374
|
+
# Non-compliant location of the principal or the data destination.
|
|
1375
|
+
# Corresponds to the JSON property `violatedLocation`
|
|
1376
|
+
# @return [String]
|
|
1377
|
+
attr_accessor :violated_location
|
|
1378
|
+
|
|
1379
|
+
def initialize(**args)
|
|
1380
|
+
update!(**args)
|
|
1381
|
+
end
|
|
1382
|
+
|
|
1383
|
+
# Update properties of this object
|
|
1384
|
+
def update!(**args)
|
|
1385
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
1386
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
1387
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
1388
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
1389
|
+
@violated_location = args[:violated_location] if args.key?(:violated_location)
|
|
1390
|
+
end
|
|
1391
|
+
end
|
|
1392
|
+
|
|
1393
|
+
# Details about data retention deletion violations, in which the data is non-
|
|
1394
|
+
# compliant based on their retention or deletion time, as defined in the
|
|
1395
|
+
# applicable data security policy. The Data Retention Deletion (DRD) control is
|
|
1396
|
+
# a control of the DSPM (Data Security Posture Management) suite that enables
|
|
1397
|
+
# organizations to manage data retention and deletion policies in compliance
|
|
1398
|
+
# with regulations, such as GDPR and CRPA. DRD supports two primary policy types:
|
|
1399
|
+
# maximum storage length (max TTL) and minimum storage length (min TTL). Both
|
|
1400
|
+
# are aimed at helping organizations meet regulatory and data management
|
|
1401
|
+
# commitments.
|
|
1402
|
+
class DataRetentionDeletionEvent
|
|
1403
|
+
include Google::Apis::Core::Hashable
|
|
1404
|
+
|
|
1405
|
+
# Number of objects that violated the policy for this resource. If the number is
|
|
1406
|
+
# less than 1,000, then the value of this field is the exact number. If the
|
|
1407
|
+
# number of objects that violated the policy is greater than or equal to 1,000,
|
|
1408
|
+
# then the value of this field is 1000.
|
|
1409
|
+
# Corresponds to the JSON property `dataObjectCount`
|
|
1410
|
+
# @return [Fixnum]
|
|
1411
|
+
attr_accessor :data_object_count
|
|
1412
|
+
|
|
1413
|
+
# Timestamp indicating when the event was detected.
|
|
1414
|
+
# Corresponds to the JSON property `eventDetectionTime`
|
|
1415
|
+
# @return [String]
|
|
1416
|
+
attr_accessor :event_detection_time
|
|
1417
|
+
|
|
1418
|
+
# Type of the DRD event.
|
|
1419
|
+
# Corresponds to the JSON property `eventType`
|
|
1420
|
+
# @return [String]
|
|
1421
|
+
attr_accessor :event_type
|
|
1422
|
+
|
|
1423
|
+
# Maximum duration of retention allowed from the DRD control. This comes from
|
|
1424
|
+
# the DRD control where users set a max TTL for their data. For example, suppose
|
|
1425
|
+
# that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an
|
|
1426
|
+
# object in that bucket is 100 days old. In this case, a
|
|
1427
|
+
# DataRetentionDeletionEvent will be generated for that Cloud Storage bucket,
|
|
1428
|
+
# and the max_retention_allowed is 90 days.
|
|
1429
|
+
# Corresponds to the JSON property `maxRetentionAllowed`
|
|
1430
|
+
# @return [String]
|
|
1431
|
+
attr_accessor :max_retention_allowed
|
|
1432
|
+
|
|
1433
|
+
def initialize(**args)
|
|
1434
|
+
update!(**args)
|
|
1435
|
+
end
|
|
1436
|
+
|
|
1437
|
+
# Update properties of this object
|
|
1438
|
+
def update!(**args)
|
|
1439
|
+
@data_object_count = args[:data_object_count] if args.key?(:data_object_count)
|
|
1440
|
+
@event_detection_time = args[:event_detection_time] if args.key?(:event_detection_time)
|
|
1441
|
+
@event_type = args[:event_type] if args.key?(:event_type)
|
|
1442
|
+
@max_retention_allowed = args[:max_retention_allowed] if args.key?(:max_retention_allowed)
|
|
1443
|
+
end
|
|
1444
|
+
end
|
|
1445
|
+
|
|
1258
1446
|
# Represents database access information, such as queries. A database may be a
|
|
1259
1447
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
1260
1448
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -1374,6 +1562,26 @@ module Google
|
|
|
1374
1562
|
end
|
|
1375
1563
|
end
|
|
1376
1564
|
|
|
1565
|
+
# Contains information about the disk associated with the finding.
|
|
1566
|
+
class Disk
|
|
1567
|
+
include Google::Apis::Core::Hashable
|
|
1568
|
+
|
|
1569
|
+
# The name of the disk, for example, "https://www.googleapis.com/compute/v1/
|
|
1570
|
+
# projects/project-id/zones/zone-id/disks/disk-id".
|
|
1571
|
+
# Corresponds to the JSON property `name`
|
|
1572
|
+
# @return [String]
|
|
1573
|
+
attr_accessor :name
|
|
1574
|
+
|
|
1575
|
+
def initialize(**args)
|
|
1576
|
+
update!(**args)
|
|
1577
|
+
end
|
|
1578
|
+
|
|
1579
|
+
# Update properties of this object
|
|
1580
|
+
def update!(**args)
|
|
1581
|
+
@name = args[:name] if args.key?(:name)
|
|
1582
|
+
end
|
|
1583
|
+
end
|
|
1584
|
+
|
|
1377
1585
|
# Path of the file in terms of underlying disk/partition identifiers.
|
|
1378
1586
|
class DiskPath
|
|
1379
1587
|
include Google::Apis::Core::Hashable
|
|
@@ -1401,6 +1609,33 @@ module Google
|
|
|
1401
1609
|
end
|
|
1402
1610
|
end
|
|
1403
1611
|
|
|
1612
|
+
# The record of a dynamic mute rule that matches the finding.
|
|
1613
|
+
class DynamicMuteRecord
|
|
1614
|
+
include Google::Apis::Core::Hashable
|
|
1615
|
+
|
|
1616
|
+
# When the dynamic mute rule first matched the finding.
|
|
1617
|
+
# Corresponds to the JSON property `matchTime`
|
|
1618
|
+
# @return [String]
|
|
1619
|
+
attr_accessor :match_time
|
|
1620
|
+
|
|
1621
|
+
# The relative resource name of the mute rule, represented by a mute config,
|
|
1622
|
+
# that created this record, for example `organizations/123/muteConfigs/
|
|
1623
|
+
# mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
|
1624
|
+
# Corresponds to the JSON property `muteConfig`
|
|
1625
|
+
# @return [String]
|
|
1626
|
+
attr_accessor :mute_config
|
|
1627
|
+
|
|
1628
|
+
def initialize(**args)
|
|
1629
|
+
update!(**args)
|
|
1630
|
+
end
|
|
1631
|
+
|
|
1632
|
+
# Update properties of this object
|
|
1633
|
+
def update!(**args)
|
|
1634
|
+
@match_time = args[:match_time] if args.key?(:match_time)
|
|
1635
|
+
@mute_config = args[:mute_config] if args.key?(:mute_config)
|
|
1636
|
+
end
|
|
1637
|
+
end
|
|
1638
|
+
|
|
1404
1639
|
# A name-value pair representing an environment variable used in an operating
|
|
1405
1640
|
# system process.
|
|
1406
1641
|
class EnvironmentVariable
|
|
@@ -1741,6 +1976,21 @@ module Google
|
|
|
1741
1976
|
# @return [String]
|
|
1742
1977
|
attr_accessor :create_time
|
|
1743
1978
|
|
|
1979
|
+
# Data access events associated with the finding.
|
|
1980
|
+
# Corresponds to the JSON property `dataAccessEvents`
|
|
1981
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::DataAccessEvent>]
|
|
1982
|
+
attr_accessor :data_access_events
|
|
1983
|
+
|
|
1984
|
+
# Data flow events associated with the finding.
|
|
1985
|
+
# Corresponds to the JSON property `dataFlowEvents`
|
|
1986
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::DataFlowEvent>]
|
|
1987
|
+
attr_accessor :data_flow_events
|
|
1988
|
+
|
|
1989
|
+
# Data retention deletion events associated with the finding.
|
|
1990
|
+
# Corresponds to the JSON property `dataRetentionDeletionEvents`
|
|
1991
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::DataRetentionDeletionEvent>]
|
|
1992
|
+
attr_accessor :data_retention_deletion_events
|
|
1993
|
+
|
|
1744
1994
|
# Represents database access information, such as queries. A database may be a
|
|
1745
1995
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
1746
1996
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -1757,6 +2007,11 @@ module Google
|
|
|
1757
2007
|
# @return [String]
|
|
1758
2008
|
attr_accessor :description
|
|
1759
2009
|
|
|
2010
|
+
# Contains information about the disk associated with the finding.
|
|
2011
|
+
# Corresponds to the JSON property `disk`
|
|
2012
|
+
# @return [Google::Apis::SecuritycenterV1beta2::Disk]
|
|
2013
|
+
attr_accessor :disk
|
|
2014
|
+
|
|
1760
2015
|
# The time the finding was first detected. If an existing finding is updated,
|
|
1761
2016
|
# then this is the time the update occurred. For example, if the finding
|
|
1762
2017
|
# represents an open firewall, this property captures the time the detector
|
|
@@ -1858,6 +2113,12 @@ module Google
|
|
|
1858
2113
|
# @return [String]
|
|
1859
2114
|
attr_accessor :mute
|
|
1860
2115
|
|
|
2116
|
+
# Mute information about the finding, including whether the finding has a static
|
|
2117
|
+
# mute or any matching dynamic mute rules.
|
|
2118
|
+
# Corresponds to the JSON property `muteInfo`
|
|
2119
|
+
# @return [Google::Apis::SecuritycenterV1beta2::MuteInfo]
|
|
2120
|
+
attr_accessor :mute_info
|
|
2121
|
+
|
|
1861
2122
|
# Records additional information about the mute operation, for example, the [
|
|
1862
2123
|
# mute configuration](/security-command-center/docs/how-to-mute-findings) that
|
|
1863
2124
|
# muted the finding and the user who muted the finding.
|
|
@@ -1991,8 +2252,12 @@ module Google
|
|
|
1991
2252
|
@contacts = args[:contacts] if args.key?(:contacts)
|
|
1992
2253
|
@containers = args[:containers] if args.key?(:containers)
|
|
1993
2254
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
2255
|
+
@data_access_events = args[:data_access_events] if args.key?(:data_access_events)
|
|
2256
|
+
@data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
|
|
2257
|
+
@data_retention_deletion_events = args[:data_retention_deletion_events] if args.key?(:data_retention_deletion_events)
|
|
1994
2258
|
@database = args[:database] if args.key?(:database)
|
|
1995
2259
|
@description = args[:description] if args.key?(:description)
|
|
2260
|
+
@disk = args[:disk] if args.key?(:disk)
|
|
1996
2261
|
@event_time = args[:event_time] if args.key?(:event_time)
|
|
1997
2262
|
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
1998
2263
|
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
@@ -2009,6 +2274,7 @@ module Google
|
|
|
2009
2274
|
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
2010
2275
|
@module_name = args[:module_name] if args.key?(:module_name)
|
|
2011
2276
|
@mute = args[:mute] if args.key?(:mute)
|
|
2277
|
+
@mute_info = args[:mute_info] if args.key?(:mute_info)
|
|
2012
2278
|
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
2013
2279
|
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
2014
2280
|
@name = args[:name] if args.key?(:name)
|
|
@@ -2367,6 +2633,11 @@ module Google
|
|
|
2367
2633
|
class GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule
|
|
2368
2634
|
include Google::Apis::Core::Hashable
|
|
2369
2635
|
|
|
2636
|
+
# The cloud provider of the custom module.
|
|
2637
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
2638
|
+
# @return [String]
|
|
2639
|
+
attr_accessor :cloud_provider
|
|
2640
|
+
|
|
2370
2641
|
# Defines the properties in a custom module configuration for Security Health
|
|
2371
2642
|
# Analytics. Use the custom module configuration to create custom detectors that
|
|
2372
2643
|
# generate custom findings for resources that you specify.
|
|
@@ -2403,6 +2674,7 @@ module Google
|
|
|
2403
2674
|
|
|
2404
2675
|
# Update properties of this object
|
|
2405
2676
|
def update!(**args)
|
|
2677
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
2406
2678
|
@custom_config = args[:custom_config] if args.key?(:custom_config)
|
|
2407
2679
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
2408
2680
|
@enablement_state = args[:enablement_state] if args.key?(:enablement_state)
|
|
@@ -2516,6 +2788,12 @@ module Google
|
|
|
2516
2788
|
# @return [String]
|
|
2517
2789
|
attr_accessor :display_name
|
|
2518
2790
|
|
|
2791
|
+
# Optional. The expiry of the mute config. Only applicable for dynamic configs.
|
|
2792
|
+
# If the expiry is set, when the config expires, it is removed from all findings.
|
|
2793
|
+
# Corresponds to the JSON property `expiryTime`
|
|
2794
|
+
# @return [String]
|
|
2795
|
+
attr_accessor :expiry_time
|
|
2796
|
+
|
|
2519
2797
|
# Required. An expression that defines the filter to apply across create/update
|
|
2520
2798
|
# events of findings. While creating a filter string, be mindful of the scope in
|
|
2521
2799
|
# which the mute configuration is being created. E.g., If a filter contains
|
|
@@ -2547,6 +2825,14 @@ module Google
|
|
|
2547
2825
|
# @return [String]
|
|
2548
2826
|
attr_accessor :name
|
|
2549
2827
|
|
|
2828
|
+
# Optional. The type of the mute config, which determines what type of mute
|
|
2829
|
+
# state the config affects. The static mute state takes precedence over the
|
|
2830
|
+
# dynamic mute state. Immutable after creation. STATIC by default if not set
|
|
2831
|
+
# during creation.
|
|
2832
|
+
# Corresponds to the JSON property `type`
|
|
2833
|
+
# @return [String]
|
|
2834
|
+
attr_accessor :type
|
|
2835
|
+
|
|
2550
2836
|
# Output only. The most recent time at which the mute config was updated. This
|
|
2551
2837
|
# field is set by the server and will be ignored if provided on config creation
|
|
2552
2838
|
# or update.
|
|
@@ -2563,9 +2849,11 @@ module Google
|
|
|
2563
2849
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
2564
2850
|
@description = args[:description] if args.key?(:description)
|
|
2565
2851
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
2852
|
+
@expiry_time = args[:expiry_time] if args.key?(:expiry_time)
|
|
2566
2853
|
@filter = args[:filter] if args.key?(:filter)
|
|
2567
2854
|
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
|
2568
2855
|
@name = args[:name] if args.key?(:name)
|
|
2856
|
+
@type = args[:type] if args.key?(:type)
|
|
2569
2857
|
@update_time = args[:update_time] if args.key?(:update_time)
|
|
2570
2858
|
end
|
|
2571
2859
|
end
|
|
@@ -2848,10 +3136,10 @@ module Google
|
|
|
2848
3136
|
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping]
|
|
2849
3137
|
attr_accessor :sensitive_data_protection_mapping
|
|
2850
3138
|
|
|
2851
|
-
# Required. Tag values combined with `AND` to check against.
|
|
2852
|
-
# tagValues/123" Example: `[ "
|
|
2853
|
-
# https://cloud.google.com/
|
|
2854
|
-
# managing
|
|
3139
|
+
# Required. Tag values combined with `AND` to check against. For Google Cloud
|
|
3140
|
+
# resources, they are tag value IDs in the form of "tagValues/123". Example: `[ "
|
|
3141
|
+
# tagValues/123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/
|
|
3142
|
+
# resource-manager/docs/tags/tags-creating-and-managing
|
|
2855
3143
|
# Corresponds to the JSON property `tagValues`
|
|
2856
3144
|
# @return [Array<String>]
|
|
2857
3145
|
attr_accessor :tag_values
|
|
@@ -2922,6 +3210,11 @@ module Google
|
|
|
2922
3210
|
# @return [String]
|
|
2923
3211
|
attr_accessor :ancestor_module
|
|
2924
3212
|
|
|
3213
|
+
# The cloud provider of the custom module.
|
|
3214
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
3215
|
+
# @return [String]
|
|
3216
|
+
attr_accessor :cloud_provider
|
|
3217
|
+
|
|
2925
3218
|
# Defines the properties in a custom module configuration for Security Health
|
|
2926
3219
|
# Analytics. Use the custom module configuration to create custom detectors that
|
|
2927
3220
|
# generate custom findings for resources that you specify.
|
|
@@ -2971,6 +3264,7 @@ module Google
|
|
|
2971
3264
|
# Update properties of this object
|
|
2972
3265
|
def update!(**args)
|
|
2973
3266
|
@ancestor_module = args[:ancestor_module] if args.key?(:ancestor_module)
|
|
3267
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
2974
3268
|
@custom_config = args[:custom_config] if args.key?(:custom_config)
|
|
2975
3269
|
@display_name = args[:display_name] if args.key?(:display_name)
|
|
2976
3270
|
@enablement_state = args[:enablement_state] if args.key?(:enablement_state)
|
|
@@ -3804,6 +4098,11 @@ module Google
|
|
|
3804
4098
|
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AzureSubscription]
|
|
3805
4099
|
attr_accessor :subscription
|
|
3806
4100
|
|
|
4101
|
+
# Represents a Microsoft Entra tenant.
|
|
4102
|
+
# Corresponds to the JSON property `tenant`
|
|
4103
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AzureTenant]
|
|
4104
|
+
attr_accessor :tenant
|
|
4105
|
+
|
|
3807
4106
|
def initialize(**args)
|
|
3808
4107
|
update!(**args)
|
|
3809
4108
|
end
|
|
@@ -3813,6 +4112,7 @@ module Google
|
|
|
3813
4112
|
@management_groups = args[:management_groups] if args.key?(:management_groups)
|
|
3814
4113
|
@resource_group = args[:resource_group] if args.key?(:resource_group)
|
|
3815
4114
|
@subscription = args[:subscription] if args.key?(:subscription)
|
|
4115
|
+
@tenant = args[:tenant] if args.key?(:tenant)
|
|
3816
4116
|
end
|
|
3817
4117
|
end
|
|
3818
4118
|
|
|
@@ -3820,6 +4120,11 @@ module Google
|
|
|
3820
4120
|
class GoogleCloudSecuritycenterV2AzureResourceGroup
|
|
3821
4121
|
include Google::Apis::Core::Hashable
|
|
3822
4122
|
|
|
4123
|
+
# The ID of the Azure resource group.
|
|
4124
|
+
# Corresponds to the JSON property `id`
|
|
4125
|
+
# @return [String]
|
|
4126
|
+
attr_accessor :id
|
|
4127
|
+
|
|
3823
4128
|
# The name of the Azure resource group. This is not a UUID.
|
|
3824
4129
|
# Corresponds to the JSON property `name`
|
|
3825
4130
|
# @return [String]
|
|
@@ -3831,6 +4136,7 @@ module Google
|
|
|
3831
4136
|
|
|
3832
4137
|
# Update properties of this object
|
|
3833
4138
|
def update!(**args)
|
|
4139
|
+
@id = args[:id] if args.key?(:id)
|
|
3834
4140
|
@name = args[:name] if args.key?(:name)
|
|
3835
4141
|
end
|
|
3836
4142
|
end
|
|
@@ -3861,6 +4167,32 @@ module Google
|
|
|
3861
4167
|
end
|
|
3862
4168
|
end
|
|
3863
4169
|
|
|
4170
|
+
# Represents a Microsoft Entra tenant.
|
|
4171
|
+
class GoogleCloudSecuritycenterV2AzureTenant
|
|
4172
|
+
include Google::Apis::Core::Hashable
|
|
4173
|
+
|
|
4174
|
+
# The display name of the Azure tenant.
|
|
4175
|
+
# Corresponds to the JSON property `displayName`
|
|
4176
|
+
# @return [String]
|
|
4177
|
+
attr_accessor :display_name
|
|
4178
|
+
|
|
4179
|
+
# The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
|
|
4180
|
+
# 1aaa11a".
|
|
4181
|
+
# Corresponds to the JSON property `id`
|
|
4182
|
+
# @return [String]
|
|
4183
|
+
attr_accessor :id
|
|
4184
|
+
|
|
4185
|
+
def initialize(**args)
|
|
4186
|
+
update!(**args)
|
|
4187
|
+
end
|
|
4188
|
+
|
|
4189
|
+
# Update properties of this object
|
|
4190
|
+
def update!(**args)
|
|
4191
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
4192
|
+
@id = args[:id] if args.key?(:id)
|
|
4193
|
+
end
|
|
4194
|
+
end
|
|
4195
|
+
|
|
3864
4196
|
# Information related to Google Cloud Backup and DR Service findings.
|
|
3865
4197
|
class GoogleCloudSecuritycenterV2BackupDisasterRecovery
|
|
3866
4198
|
include Google::Apis::Core::Hashable
|
|
@@ -4429,11 +4761,21 @@ module Google
|
|
|
4429
4761
|
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cvssv3]
|
|
4430
4762
|
attr_accessor :cvssv3
|
|
4431
4763
|
|
|
4764
|
+
# Date the first publicly available exploit or PoC was released.
|
|
4765
|
+
# Corresponds to the JSON property `exploitReleaseDate`
|
|
4766
|
+
# @return [String]
|
|
4767
|
+
attr_accessor :exploit_release_date
|
|
4768
|
+
|
|
4432
4769
|
# The exploitation activity of the vulnerability in the wild.
|
|
4433
4770
|
# Corresponds to the JSON property `exploitationActivity`
|
|
4434
4771
|
# @return [String]
|
|
4435
4772
|
attr_accessor :exploitation_activity
|
|
4436
4773
|
|
|
4774
|
+
# Date of the earliest known exploitation.
|
|
4775
|
+
# Corresponds to the JSON property `firstExploitationDate`
|
|
4776
|
+
# @return [String]
|
|
4777
|
+
attr_accessor :first_exploitation_date
|
|
4778
|
+
|
|
4437
4779
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
|
4438
4780
|
# Corresponds to the JSON property `id`
|
|
4439
4781
|
# @return [String]
|
|
@@ -4475,7 +4817,9 @@ module Google
|
|
|
4475
4817
|
# Update properties of this object
|
|
4476
4818
|
def update!(**args)
|
|
4477
4819
|
@cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
|
|
4820
|
+
@exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
|
|
4478
4821
|
@exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
|
|
4822
|
+
@first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
|
|
4479
4823
|
@id = args[:id] if args.key?(:id)
|
|
4480
4824
|
@impact = args[:impact] if args.key?(:impact)
|
|
4481
4825
|
@observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
|
|
@@ -4562,53 +4906,31 @@ module Google
|
|
|
4562
4906
|
end
|
|
4563
4907
|
end
|
|
4564
4908
|
|
|
4565
|
-
#
|
|
4566
|
-
#
|
|
4567
|
-
|
|
4568
|
-
# might not have the [full resource name](https://google.aip.dev/122#full-
|
|
4569
|
-
# resource-names) populated because these resource types, such as Cloud SQL
|
|
4570
|
-
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
|
4571
|
-
# the display name is provided.
|
|
4572
|
-
class GoogleCloudSecuritycenterV2Database
|
|
4909
|
+
# Details about a data access attempt made by a principal not authorized under
|
|
4910
|
+
# applicable data security policy.
|
|
4911
|
+
class GoogleCloudSecuritycenterV2DataAccessEvent
|
|
4573
4912
|
include Google::Apis::Core::Hashable
|
|
4574
4913
|
|
|
4575
|
-
#
|
|
4576
|
-
# Corresponds to the JSON property `
|
|
4577
|
-
# @return [String]
|
|
4578
|
-
attr_accessor :display_name
|
|
4579
|
-
|
|
4580
|
-
# The target usernames, roles, or groups of an SQL privilege grant, which is not
|
|
4581
|
-
# an IAM policy change.
|
|
4582
|
-
# Corresponds to the JSON property `grantees`
|
|
4583
|
-
# @return [Array<String>]
|
|
4584
|
-
attr_accessor :grantees
|
|
4585
|
-
|
|
4586
|
-
# Some database resources may not have the [full resource name](https://google.
|
|
4587
|
-
# aip.dev/122#full-resource-names) populated because these resource types are
|
|
4588
|
-
# not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
|
|
4589
|
-
# these cases only the display name will be provided. The [full resource name](
|
|
4590
|
-
# https://google.aip.dev/122#full-resource-names) of the database that the user
|
|
4591
|
-
# connected to, if it is supported by Cloud Asset Inventory.
|
|
4592
|
-
# Corresponds to the JSON property `name`
|
|
4914
|
+
# Unique identifier for data access event.
|
|
4915
|
+
# Corresponds to the JSON property `eventId`
|
|
4593
4916
|
# @return [String]
|
|
4594
|
-
attr_accessor :
|
|
4917
|
+
attr_accessor :event_id
|
|
4595
4918
|
|
|
4596
|
-
#
|
|
4597
|
-
# Corresponds to the JSON property `
|
|
4919
|
+
# Timestamp of data access event.
|
|
4920
|
+
# Corresponds to the JSON property `eventTime`
|
|
4598
4921
|
# @return [String]
|
|
4599
|
-
attr_accessor :
|
|
4922
|
+
attr_accessor :event_time
|
|
4600
4923
|
|
|
4601
|
-
# The
|
|
4602
|
-
#
|
|
4603
|
-
# Corresponds to the JSON property `userName`
|
|
4924
|
+
# The operation performed by the principal to access the data.
|
|
4925
|
+
# Corresponds to the JSON property `operation`
|
|
4604
4926
|
# @return [String]
|
|
4605
|
-
attr_accessor :
|
|
4927
|
+
attr_accessor :operation
|
|
4606
4928
|
|
|
4607
|
-
# The
|
|
4608
|
-
#
|
|
4609
|
-
# Corresponds to the JSON property `
|
|
4929
|
+
# The email address of the principal that accessed the data. The principal could
|
|
4930
|
+
# be a user account, service account, Google group, or other.
|
|
4931
|
+
# Corresponds to the JSON property `principalEmail`
|
|
4610
4932
|
# @return [String]
|
|
4611
|
-
attr_accessor :
|
|
4933
|
+
attr_accessor :principal_email
|
|
4612
4934
|
|
|
4613
4935
|
def initialize(**args)
|
|
4614
4936
|
update!(**args)
|
|
@@ -4616,28 +4938,188 @@ module Google
|
|
|
4616
4938
|
|
|
4617
4939
|
# Update properties of this object
|
|
4618
4940
|
def update!(**args)
|
|
4619
|
-
@
|
|
4620
|
-
@
|
|
4621
|
-
@
|
|
4622
|
-
@
|
|
4623
|
-
@user_name = args[:user_name] if args.key?(:user_name)
|
|
4624
|
-
@version = args[:version] if args.key?(:version)
|
|
4941
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
4942
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
4943
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
4944
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
4625
4945
|
end
|
|
4626
4946
|
end
|
|
4627
4947
|
|
|
4628
|
-
#
|
|
4629
|
-
|
|
4948
|
+
# Details about a data flow event, in which either the data is moved to or is
|
|
4949
|
+
# accessed from a non-compliant geo-location, as defined in the applicable data
|
|
4950
|
+
# security policy.
|
|
4951
|
+
class GoogleCloudSecuritycenterV2DataFlowEvent
|
|
4630
4952
|
include Google::Apis::Core::Hashable
|
|
4631
4953
|
|
|
4632
|
-
#
|
|
4633
|
-
# Corresponds to the JSON property `
|
|
4954
|
+
# Unique identifier for data flow event.
|
|
4955
|
+
# Corresponds to the JSON property `eventId`
|
|
4634
4956
|
# @return [String]
|
|
4635
|
-
attr_accessor :
|
|
4957
|
+
attr_accessor :event_id
|
|
4636
4958
|
|
|
4637
|
-
#
|
|
4638
|
-
# Corresponds to the JSON property `
|
|
4639
|
-
# @return [
|
|
4640
|
-
attr_accessor :
|
|
4959
|
+
# Timestamp of data flow event.
|
|
4960
|
+
# Corresponds to the JSON property `eventTime`
|
|
4961
|
+
# @return [String]
|
|
4962
|
+
attr_accessor :event_time
|
|
4963
|
+
|
|
4964
|
+
# The operation performed by the principal for the data flow event.
|
|
4965
|
+
# Corresponds to the JSON property `operation`
|
|
4966
|
+
# @return [String]
|
|
4967
|
+
attr_accessor :operation
|
|
4968
|
+
|
|
4969
|
+
# The email address of the principal that initiated the data flow event. The
|
|
4970
|
+
# principal could be a user account, service account, Google group, or other.
|
|
4971
|
+
# Corresponds to the JSON property `principalEmail`
|
|
4972
|
+
# @return [String]
|
|
4973
|
+
attr_accessor :principal_email
|
|
4974
|
+
|
|
4975
|
+
# Non-compliant location of the principal or the data destination.
|
|
4976
|
+
# Corresponds to the JSON property `violatedLocation`
|
|
4977
|
+
# @return [String]
|
|
4978
|
+
attr_accessor :violated_location
|
|
4979
|
+
|
|
4980
|
+
def initialize(**args)
|
|
4981
|
+
update!(**args)
|
|
4982
|
+
end
|
|
4983
|
+
|
|
4984
|
+
# Update properties of this object
|
|
4985
|
+
def update!(**args)
|
|
4986
|
+
@event_id = args[:event_id] if args.key?(:event_id)
|
|
4987
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
4988
|
+
@operation = args[:operation] if args.key?(:operation)
|
|
4989
|
+
@principal_email = args[:principal_email] if args.key?(:principal_email)
|
|
4990
|
+
@violated_location = args[:violated_location] if args.key?(:violated_location)
|
|
4991
|
+
end
|
|
4992
|
+
end
|
|
4993
|
+
|
|
4994
|
+
# Details about data retention deletion violations, in which the data is non-
|
|
4995
|
+
# compliant based on their retention or deletion time, as defined in the
|
|
4996
|
+
# applicable data security policy. The Data Retention Deletion (DRD) control is
|
|
4997
|
+
# a control of the DSPM (Data Security Posture Management) suite that enables
|
|
4998
|
+
# organizations to manage data retention and deletion policies in compliance
|
|
4999
|
+
# with regulations, such as GDPR and CRPA. DRD supports two primary policy types:
|
|
5000
|
+
# maximum storage length (max TTL) and minimum storage length (min TTL). Both
|
|
5001
|
+
# are aimed at helping organizations meet regulatory and data management
|
|
5002
|
+
# commitments.
|
|
5003
|
+
class GoogleCloudSecuritycenterV2DataRetentionDeletionEvent
|
|
5004
|
+
include Google::Apis::Core::Hashable
|
|
5005
|
+
|
|
5006
|
+
# Number of objects that violated the policy for this resource. If the number is
|
|
5007
|
+
# less than 1,000, then the value of this field is the exact number. If the
|
|
5008
|
+
# number of objects that violated the policy is greater than or equal to 1,000,
|
|
5009
|
+
# then the value of this field is 1000.
|
|
5010
|
+
# Corresponds to the JSON property `dataObjectCount`
|
|
5011
|
+
# @return [Fixnum]
|
|
5012
|
+
attr_accessor :data_object_count
|
|
5013
|
+
|
|
5014
|
+
# Timestamp indicating when the event was detected.
|
|
5015
|
+
# Corresponds to the JSON property `eventDetectionTime`
|
|
5016
|
+
# @return [String]
|
|
5017
|
+
attr_accessor :event_detection_time
|
|
5018
|
+
|
|
5019
|
+
# Type of the DRD event.
|
|
5020
|
+
# Corresponds to the JSON property `eventType`
|
|
5021
|
+
# @return [String]
|
|
5022
|
+
attr_accessor :event_type
|
|
5023
|
+
|
|
5024
|
+
# Maximum duration of retention allowed from the DRD control. This comes from
|
|
5025
|
+
# the DRD control where users set a max TTL for their data. For example, suppose
|
|
5026
|
+
# that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an
|
|
5027
|
+
# object in that bucket is 100 days old. In this case, a
|
|
5028
|
+
# DataRetentionDeletionEvent will be generated for that Cloud Storage bucket,
|
|
5029
|
+
# and the max_retention_allowed is 90 days.
|
|
5030
|
+
# Corresponds to the JSON property `maxRetentionAllowed`
|
|
5031
|
+
# @return [String]
|
|
5032
|
+
attr_accessor :max_retention_allowed
|
|
5033
|
+
|
|
5034
|
+
def initialize(**args)
|
|
5035
|
+
update!(**args)
|
|
5036
|
+
end
|
|
5037
|
+
|
|
5038
|
+
# Update properties of this object
|
|
5039
|
+
def update!(**args)
|
|
5040
|
+
@data_object_count = args[:data_object_count] if args.key?(:data_object_count)
|
|
5041
|
+
@event_detection_time = args[:event_detection_time] if args.key?(:event_detection_time)
|
|
5042
|
+
@event_type = args[:event_type] if args.key?(:event_type)
|
|
5043
|
+
@max_retention_allowed = args[:max_retention_allowed] if args.key?(:max_retention_allowed)
|
|
5044
|
+
end
|
|
5045
|
+
end
|
|
5046
|
+
|
|
5047
|
+
# Represents database access information, such as queries. A database may be a
|
|
5048
|
+
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
5049
|
+
# Spanner instances), or the database instance itself. Some database resources
|
|
5050
|
+
# might not have the [full resource name](https://google.aip.dev/122#full-
|
|
5051
|
+
# resource-names) populated because these resource types, such as Cloud SQL
|
|
5052
|
+
# databases, are not yet supported by Cloud Asset Inventory. In these cases only
|
|
5053
|
+
# the display name is provided.
|
|
5054
|
+
class GoogleCloudSecuritycenterV2Database
|
|
5055
|
+
include Google::Apis::Core::Hashable
|
|
5056
|
+
|
|
5057
|
+
# The human-readable name of the database that the user connected to.
|
|
5058
|
+
# Corresponds to the JSON property `displayName`
|
|
5059
|
+
# @return [String]
|
|
5060
|
+
attr_accessor :display_name
|
|
5061
|
+
|
|
5062
|
+
# The target usernames, roles, or groups of an SQL privilege grant, which is not
|
|
5063
|
+
# an IAM policy change.
|
|
5064
|
+
# Corresponds to the JSON property `grantees`
|
|
5065
|
+
# @return [Array<String>]
|
|
5066
|
+
attr_accessor :grantees
|
|
5067
|
+
|
|
5068
|
+
# Some database resources may not have the [full resource name](https://google.
|
|
5069
|
+
# aip.dev/122#full-resource-names) populated because these resource types are
|
|
5070
|
+
# not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
|
|
5071
|
+
# these cases only the display name will be provided. The [full resource name](
|
|
5072
|
+
# https://google.aip.dev/122#full-resource-names) of the database that the user
|
|
5073
|
+
# connected to, if it is supported by Cloud Asset Inventory.
|
|
5074
|
+
# Corresponds to the JSON property `name`
|
|
5075
|
+
# @return [String]
|
|
5076
|
+
attr_accessor :name
|
|
5077
|
+
|
|
5078
|
+
# The SQL statement that is associated with the database access.
|
|
5079
|
+
# Corresponds to the JSON property `query`
|
|
5080
|
+
# @return [String]
|
|
5081
|
+
attr_accessor :query
|
|
5082
|
+
|
|
5083
|
+
# The username used to connect to the database. The username might not be an IAM
|
|
5084
|
+
# principal and does not have a set format.
|
|
5085
|
+
# Corresponds to the JSON property `userName`
|
|
5086
|
+
# @return [String]
|
|
5087
|
+
attr_accessor :user_name
|
|
5088
|
+
|
|
5089
|
+
# The version of the database, for example, POSTGRES_14. See [the complete list](
|
|
5090
|
+
# https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
|
|
5091
|
+
# Corresponds to the JSON property `version`
|
|
5092
|
+
# @return [String]
|
|
5093
|
+
attr_accessor :version
|
|
5094
|
+
|
|
5095
|
+
def initialize(**args)
|
|
5096
|
+
update!(**args)
|
|
5097
|
+
end
|
|
5098
|
+
|
|
5099
|
+
# Update properties of this object
|
|
5100
|
+
def update!(**args)
|
|
5101
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
5102
|
+
@grantees = args[:grantees] if args.key?(:grantees)
|
|
5103
|
+
@name = args[:name] if args.key?(:name)
|
|
5104
|
+
@query = args[:query] if args.key?(:query)
|
|
5105
|
+
@user_name = args[:user_name] if args.key?(:user_name)
|
|
5106
|
+
@version = args[:version] if args.key?(:version)
|
|
5107
|
+
end
|
|
5108
|
+
end
|
|
5109
|
+
|
|
5110
|
+
# Memory hash detection contributing to the binary family match.
|
|
5111
|
+
class GoogleCloudSecuritycenterV2Detection
|
|
5112
|
+
include Google::Apis::Core::Hashable
|
|
5113
|
+
|
|
5114
|
+
# The name of the binary associated with the memory hash signature detection.
|
|
5115
|
+
# Corresponds to the JSON property `binary`
|
|
5116
|
+
# @return [String]
|
|
5117
|
+
attr_accessor :binary
|
|
5118
|
+
|
|
5119
|
+
# The percentage of memory page hashes in the signature that were matched.
|
|
5120
|
+
# Corresponds to the JSON property `percentPagesMatched`
|
|
5121
|
+
# @return [Float]
|
|
5122
|
+
attr_accessor :percent_pages_matched
|
|
4641
5123
|
|
|
4642
5124
|
def initialize(**args)
|
|
4643
5125
|
update!(**args)
|
|
@@ -4650,6 +5132,26 @@ module Google
|
|
|
4650
5132
|
end
|
|
4651
5133
|
end
|
|
4652
5134
|
|
|
5135
|
+
# Contains information about the disk associated with the finding.
|
|
5136
|
+
class GoogleCloudSecuritycenterV2Disk
|
|
5137
|
+
include Google::Apis::Core::Hashable
|
|
5138
|
+
|
|
5139
|
+
# The name of the disk, for example, "https://www.googleapis.com/compute/v1/
|
|
5140
|
+
# projects/project-id/zones/zone-id/disks/disk-id".
|
|
5141
|
+
# Corresponds to the JSON property `name`
|
|
5142
|
+
# @return [String]
|
|
5143
|
+
attr_accessor :name
|
|
5144
|
+
|
|
5145
|
+
def initialize(**args)
|
|
5146
|
+
update!(**args)
|
|
5147
|
+
end
|
|
5148
|
+
|
|
5149
|
+
# Update properties of this object
|
|
5150
|
+
def update!(**args)
|
|
5151
|
+
@name = args[:name] if args.key?(:name)
|
|
5152
|
+
end
|
|
5153
|
+
end
|
|
5154
|
+
|
|
4653
5155
|
# Path of the file in terms of underlying disk/partition identifiers.
|
|
4654
5156
|
class GoogleCloudSecuritycenterV2DiskPath
|
|
4655
5157
|
include Google::Apis::Core::Hashable
|
|
@@ -4677,6 +5179,33 @@ module Google
|
|
|
4677
5179
|
end
|
|
4678
5180
|
end
|
|
4679
5181
|
|
|
5182
|
+
# The record of a dynamic mute rule that matches the finding.
|
|
5183
|
+
class GoogleCloudSecuritycenterV2DynamicMuteRecord
|
|
5184
|
+
include Google::Apis::Core::Hashable
|
|
5185
|
+
|
|
5186
|
+
# When the dynamic mute rule first matched the finding.
|
|
5187
|
+
# Corresponds to the JSON property `matchTime`
|
|
5188
|
+
# @return [String]
|
|
5189
|
+
attr_accessor :match_time
|
|
5190
|
+
|
|
5191
|
+
# The relative resource name of the mute rule, represented by a mute config,
|
|
5192
|
+
# that created this record, for example `organizations/123/muteConfigs/
|
|
5193
|
+
# mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
|
5194
|
+
# Corresponds to the JSON property `muteConfig`
|
|
5195
|
+
# @return [String]
|
|
5196
|
+
attr_accessor :mute_config
|
|
5197
|
+
|
|
5198
|
+
def initialize(**args)
|
|
5199
|
+
update!(**args)
|
|
5200
|
+
end
|
|
5201
|
+
|
|
5202
|
+
# Update properties of this object
|
|
5203
|
+
def update!(**args)
|
|
5204
|
+
@match_time = args[:match_time] if args.key?(:match_time)
|
|
5205
|
+
@mute_config = args[:mute_config] if args.key?(:mute_config)
|
|
5206
|
+
end
|
|
5207
|
+
end
|
|
5208
|
+
|
|
4680
5209
|
# A name-value pair representing an environment variable used in an operating
|
|
4681
5210
|
# system process.
|
|
4682
5211
|
class GoogleCloudSecuritycenterV2EnvironmentVariable
|
|
@@ -5015,6 +5544,21 @@ module Google
|
|
|
5015
5544
|
# @return [String]
|
|
5016
5545
|
attr_accessor :create_time
|
|
5017
5546
|
|
|
5547
|
+
# Data access events associated with the finding.
|
|
5548
|
+
# Corresponds to the JSON property `dataAccessEvents`
|
|
5549
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DataAccessEvent>]
|
|
5550
|
+
attr_accessor :data_access_events
|
|
5551
|
+
|
|
5552
|
+
# Data flow events associated with the finding.
|
|
5553
|
+
# Corresponds to the JSON property `dataFlowEvents`
|
|
5554
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DataFlowEvent>]
|
|
5555
|
+
attr_accessor :data_flow_events
|
|
5556
|
+
|
|
5557
|
+
# Data retention deletion events associated with the finding.
|
|
5558
|
+
# Corresponds to the JSON property `dataRetentionDeletionEvents`
|
|
5559
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DataRetentionDeletionEvent>]
|
|
5560
|
+
attr_accessor :data_retention_deletion_events
|
|
5561
|
+
|
|
5018
5562
|
# Represents database access information, such as queries. A database may be a
|
|
5019
5563
|
# sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
|
|
5020
5564
|
# Spanner instances), or the database instance itself. Some database resources
|
|
@@ -5031,6 +5575,11 @@ module Google
|
|
|
5031
5575
|
# @return [String]
|
|
5032
5576
|
attr_accessor :description
|
|
5033
5577
|
|
|
5578
|
+
# Contains information about the disk associated with the finding.
|
|
5579
|
+
# Corresponds to the JSON property `disk`
|
|
5580
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Disk]
|
|
5581
|
+
attr_accessor :disk
|
|
5582
|
+
|
|
5034
5583
|
# The time the finding was first detected. If an existing finding is updated,
|
|
5035
5584
|
# then this is the time the update occurred. For example, if the finding
|
|
5036
5585
|
# represents an open firewall, this property captures the time the detector
|
|
@@ -5132,6 +5681,12 @@ module Google
|
|
|
5132
5681
|
# @return [String]
|
|
5133
5682
|
attr_accessor :mute
|
|
5134
5683
|
|
|
5684
|
+
# Mute information about the finding, including whether the finding has a static
|
|
5685
|
+
# mute or any matching dynamic mute rules.
|
|
5686
|
+
# Corresponds to the JSON property `muteInfo`
|
|
5687
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MuteInfo]
|
|
5688
|
+
attr_accessor :mute_info
|
|
5689
|
+
|
|
5135
5690
|
# Records additional information about the mute operation, for example, the [
|
|
5136
5691
|
# mute configuration](https://cloud.google.com/security-command-center/docs/how-
|
|
5137
5692
|
# to-mute-findings) that muted the finding and the user who muted the finding.
|
|
@@ -5215,44 +5770,604 @@ module Google
|
|
|
5215
5770
|
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityMarks]
|
|
5216
5771
|
attr_accessor :security_marks
|
|
5217
5772
|
|
|
5218
|
-
# Represents a posture that is deployed on Google Cloud by the Security Command
|
|
5219
|
-
# Center Posture Management service. A posture contains one or more policy sets.
|
|
5220
|
-
# A policy set is a group of policies that enforce a set of security rules on
|
|
5221
|
-
# Google Cloud.
|
|
5222
|
-
# Corresponds to the JSON property `securityPosture`
|
|
5223
|
-
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityPosture]
|
|
5224
|
-
attr_accessor :security_posture
|
|
5773
|
+
# Represents a posture that is deployed on Google Cloud by the Security Command
|
|
5774
|
+
# Center Posture Management service. A posture contains one or more policy sets.
|
|
5775
|
+
# A policy set is a group of policies that enforce a set of security rules on
|
|
5776
|
+
# Google Cloud.
|
|
5777
|
+
# Corresponds to the JSON property `securityPosture`
|
|
5778
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityPosture]
|
|
5779
|
+
attr_accessor :security_posture
|
|
5780
|
+
|
|
5781
|
+
# The severity of the finding. This field is managed by the source that writes
|
|
5782
|
+
# the finding.
|
|
5783
|
+
# Corresponds to the JSON property `severity`
|
|
5784
|
+
# @return [String]
|
|
5785
|
+
attr_accessor :severity
|
|
5786
|
+
|
|
5787
|
+
# Source specific properties. These properties are managed by the source that
|
|
5788
|
+
# writes the finding. The key names in the source_properties map must be between
|
|
5789
|
+
# 1 and 255 characters, and must start with a letter and contain alphanumeric
|
|
5790
|
+
# characters or underscores only.
|
|
5791
|
+
# Corresponds to the JSON property `sourceProperties`
|
|
5792
|
+
# @return [Hash<String,Object>]
|
|
5793
|
+
attr_accessor :source_properties
|
|
5794
|
+
|
|
5795
|
+
# Output only. The state of the finding.
|
|
5796
|
+
# Corresponds to the JSON property `state`
|
|
5797
|
+
# @return [String]
|
|
5798
|
+
attr_accessor :state
|
|
5799
|
+
|
|
5800
|
+
# Contains details about a group of security issues that, when the issues occur
|
|
5801
|
+
# together, represent a greater risk than when the issues occur independently. A
|
|
5802
|
+
# group of such issues is referred to as a toxic combination.
|
|
5803
|
+
# Corresponds to the JSON property `toxicCombination`
|
|
5804
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ToxicCombination]
|
|
5805
|
+
attr_accessor :toxic_combination
|
|
5806
|
+
|
|
5807
|
+
# Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
|
|
5808
|
+
# Corresponds to the JSON property `vulnerability`
|
|
5809
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Vulnerability]
|
|
5810
|
+
attr_accessor :vulnerability
|
|
5811
|
+
|
|
5812
|
+
def initialize(**args)
|
|
5813
|
+
update!(**args)
|
|
5814
|
+
end
|
|
5815
|
+
|
|
5816
|
+
# Update properties of this object
|
|
5817
|
+
def update!(**args)
|
|
5818
|
+
@access = args[:access] if args.key?(:access)
|
|
5819
|
+
@application = args[:application] if args.key?(:application)
|
|
5820
|
+
@attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
|
|
5821
|
+
@backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
|
|
5822
|
+
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
|
5823
|
+
@category = args[:category] if args.key?(:category)
|
|
5824
|
+
@cloud_armor = args[:cloud_armor] if args.key?(:cloud_armor)
|
|
5825
|
+
@cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
|
|
5826
|
+
@cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
|
|
5827
|
+
@compliances = args[:compliances] if args.key?(:compliances)
|
|
5828
|
+
@connections = args[:connections] if args.key?(:connections)
|
|
5829
|
+
@contacts = args[:contacts] if args.key?(:contacts)
|
|
5830
|
+
@containers = args[:containers] if args.key?(:containers)
|
|
5831
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
|
5832
|
+
@data_access_events = args[:data_access_events] if args.key?(:data_access_events)
|
|
5833
|
+
@data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
|
|
5834
|
+
@data_retention_deletion_events = args[:data_retention_deletion_events] if args.key?(:data_retention_deletion_events)
|
|
5835
|
+
@database = args[:database] if args.key?(:database)
|
|
5836
|
+
@description = args[:description] if args.key?(:description)
|
|
5837
|
+
@disk = args[:disk] if args.key?(:disk)
|
|
5838
|
+
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5839
|
+
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
5840
|
+
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
5841
|
+
@external_uri = args[:external_uri] if args.key?(:external_uri)
|
|
5842
|
+
@files = args[:files] if args.key?(:files)
|
|
5843
|
+
@finding_class = args[:finding_class] if args.key?(:finding_class)
|
|
5844
|
+
@group_memberships = args[:group_memberships] if args.key?(:group_memberships)
|
|
5845
|
+
@iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
|
|
5846
|
+
@indicator = args[:indicator] if args.key?(:indicator)
|
|
5847
|
+
@kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
|
|
5848
|
+
@kubernetes = args[:kubernetes] if args.key?(:kubernetes)
|
|
5849
|
+
@load_balancers = args[:load_balancers] if args.key?(:load_balancers)
|
|
5850
|
+
@log_entries = args[:log_entries] if args.key?(:log_entries)
|
|
5851
|
+
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
5852
|
+
@module_name = args[:module_name] if args.key?(:module_name)
|
|
5853
|
+
@mute = args[:mute] if args.key?(:mute)
|
|
5854
|
+
@mute_info = args[:mute_info] if args.key?(:mute_info)
|
|
5855
|
+
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
5856
|
+
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
5857
|
+
@name = args[:name] if args.key?(:name)
|
|
5858
|
+
@next_steps = args[:next_steps] if args.key?(:next_steps)
|
|
5859
|
+
@notebook = args[:notebook] if args.key?(:notebook)
|
|
5860
|
+
@org_policies = args[:org_policies] if args.key?(:org_policies)
|
|
5861
|
+
@parent = args[:parent] if args.key?(:parent)
|
|
5862
|
+
@parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
|
|
5863
|
+
@processes = args[:processes] if args.key?(:processes)
|
|
5864
|
+
@resource_name = args[:resource_name] if args.key?(:resource_name)
|
|
5865
|
+
@security_marks = args[:security_marks] if args.key?(:security_marks)
|
|
5866
|
+
@security_posture = args[:security_posture] if args.key?(:security_posture)
|
|
5867
|
+
@severity = args[:severity] if args.key?(:severity)
|
|
5868
|
+
@source_properties = args[:source_properties] if args.key?(:source_properties)
|
|
5869
|
+
@state = args[:state] if args.key?(:state)
|
|
5870
|
+
@toxic_combination = args[:toxic_combination] if args.key?(:toxic_combination)
|
|
5871
|
+
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
|
5872
|
+
end
|
|
5873
|
+
end
|
|
5874
|
+
|
|
5875
|
+
# Message that contains the resource name and display name of a folder resource.
|
|
5876
|
+
class GoogleCloudSecuritycenterV2Folder
|
|
5877
|
+
include Google::Apis::Core::Hashable
|
|
5878
|
+
|
|
5879
|
+
# Full resource name of this folder. See: https://cloud.google.com/apis/design/
|
|
5880
|
+
# resource_names#full_resource_name
|
|
5881
|
+
# Corresponds to the JSON property `resourceFolder`
|
|
5882
|
+
# @return [String]
|
|
5883
|
+
attr_accessor :resource_folder
|
|
5884
|
+
|
|
5885
|
+
# The user defined display name for this folder.
|
|
5886
|
+
# Corresponds to the JSON property `resourceFolderDisplayName`
|
|
5887
|
+
# @return [String]
|
|
5888
|
+
attr_accessor :resource_folder_display_name
|
|
5889
|
+
|
|
5890
|
+
def initialize(**args)
|
|
5891
|
+
update!(**args)
|
|
5892
|
+
end
|
|
5893
|
+
|
|
5894
|
+
# Update properties of this object
|
|
5895
|
+
def update!(**args)
|
|
5896
|
+
@resource_folder = args[:resource_folder] if args.key?(:resource_folder)
|
|
5897
|
+
@resource_folder_display_name = args[:resource_folder_display_name] if args.key?(:resource_folder_display_name)
|
|
5898
|
+
end
|
|
5899
|
+
end
|
|
5900
|
+
|
|
5901
|
+
# Represents a geographical location for a given access.
|
|
5902
|
+
class GoogleCloudSecuritycenterV2Geolocation
|
|
5903
|
+
include Google::Apis::Core::Hashable
|
|
5904
|
+
|
|
5905
|
+
# A CLDR.
|
|
5906
|
+
# Corresponds to the JSON property `regionCode`
|
|
5907
|
+
# @return [String]
|
|
5908
|
+
attr_accessor :region_code
|
|
5909
|
+
|
|
5910
|
+
def initialize(**args)
|
|
5911
|
+
update!(**args)
|
|
5912
|
+
end
|
|
5913
|
+
|
|
5914
|
+
# Update properties of this object
|
|
5915
|
+
def update!(**args)
|
|
5916
|
+
@region_code = args[:region_code] if args.key?(:region_code)
|
|
5917
|
+
end
|
|
5918
|
+
end
|
|
5919
|
+
|
|
5920
|
+
# Contains details about groups of which this finding is a member. A group is a
|
|
5921
|
+
# collection of findings that are related in some way.
|
|
5922
|
+
class GoogleCloudSecuritycenterV2GroupMembership
|
|
5923
|
+
include Google::Apis::Core::Hashable
|
|
5924
|
+
|
|
5925
|
+
# ID of the group.
|
|
5926
|
+
# Corresponds to the JSON property `groupId`
|
|
5927
|
+
# @return [String]
|
|
5928
|
+
attr_accessor :group_id
|
|
5929
|
+
|
|
5930
|
+
# Type of group.
|
|
5931
|
+
# Corresponds to the JSON property `groupType`
|
|
5932
|
+
# @return [String]
|
|
5933
|
+
attr_accessor :group_type
|
|
5934
|
+
|
|
5935
|
+
def initialize(**args)
|
|
5936
|
+
update!(**args)
|
|
5937
|
+
end
|
|
5938
|
+
|
|
5939
|
+
# Update properties of this object
|
|
5940
|
+
def update!(**args)
|
|
5941
|
+
@group_id = args[:group_id] if args.key?(:group_id)
|
|
5942
|
+
@group_type = args[:group_type] if args.key?(:group_type)
|
|
5943
|
+
end
|
|
5944
|
+
end
|
|
5945
|
+
|
|
5946
|
+
# Represents a particular IAM binding, which captures a member's role addition,
|
|
5947
|
+
# removal, or state.
|
|
5948
|
+
class GoogleCloudSecuritycenterV2IamBinding
|
|
5949
|
+
include Google::Apis::Core::Hashable
|
|
5950
|
+
|
|
5951
|
+
# The action that was performed on a Binding.
|
|
5952
|
+
# Corresponds to the JSON property `action`
|
|
5953
|
+
# @return [String]
|
|
5954
|
+
attr_accessor :action
|
|
5955
|
+
|
|
5956
|
+
# A single identity requesting access for a Cloud Platform resource, for example,
|
|
5957
|
+
# "foo@google.com".
|
|
5958
|
+
# Corresponds to the JSON property `member`
|
|
5959
|
+
# @return [String]
|
|
5960
|
+
attr_accessor :member
|
|
5961
|
+
|
|
5962
|
+
# Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
|
|
5963
|
+
# , or "roles/owner".
|
|
5964
|
+
# Corresponds to the JSON property `role`
|
|
5965
|
+
# @return [String]
|
|
5966
|
+
attr_accessor :role
|
|
5967
|
+
|
|
5968
|
+
def initialize(**args)
|
|
5969
|
+
update!(**args)
|
|
5970
|
+
end
|
|
5971
|
+
|
|
5972
|
+
# Update properties of this object
|
|
5973
|
+
def update!(**args)
|
|
5974
|
+
@action = args[:action] if args.key?(:action)
|
|
5975
|
+
@member = args[:member] if args.key?(:member)
|
|
5976
|
+
@role = args[:role] if args.key?(:role)
|
|
5977
|
+
end
|
|
5978
|
+
end
|
|
5979
|
+
|
|
5980
|
+
# Represents what's commonly known as an _indicator of compromise_ (IoC) in
|
|
5981
|
+
# computer forensics. This is an artifact observed on a network or in an
|
|
5982
|
+
# operating system that, with high confidence, indicates a computer intrusion.
|
|
5983
|
+
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
|
5984
|
+
# wiki/Indicator_of_compromise).
|
|
5985
|
+
class GoogleCloudSecuritycenterV2Indicator
|
|
5986
|
+
include Google::Apis::Core::Hashable
|
|
5987
|
+
|
|
5988
|
+
# List of domains associated to the Finding.
|
|
5989
|
+
# Corresponds to the JSON property `domains`
|
|
5990
|
+
# @return [Array<String>]
|
|
5991
|
+
attr_accessor :domains
|
|
5992
|
+
|
|
5993
|
+
# The list of IP addresses that are associated with the finding.
|
|
5994
|
+
# Corresponds to the JSON property `ipAddresses`
|
|
5995
|
+
# @return [Array<String>]
|
|
5996
|
+
attr_accessor :ip_addresses
|
|
5997
|
+
|
|
5998
|
+
# The list of matched signatures indicating that the given process is present in
|
|
5999
|
+
# the environment.
|
|
6000
|
+
# Corresponds to the JSON property `signatures`
|
|
6001
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ProcessSignature>]
|
|
6002
|
+
attr_accessor :signatures
|
|
6003
|
+
|
|
6004
|
+
# The list of URIs associated to the Findings.
|
|
6005
|
+
# Corresponds to the JSON property `uris`
|
|
6006
|
+
# @return [Array<String>]
|
|
6007
|
+
attr_accessor :uris
|
|
6008
|
+
|
|
6009
|
+
def initialize(**args)
|
|
6010
|
+
update!(**args)
|
|
6011
|
+
end
|
|
6012
|
+
|
|
6013
|
+
# Update properties of this object
|
|
6014
|
+
def update!(**args)
|
|
6015
|
+
@domains = args[:domains] if args.key?(:domains)
|
|
6016
|
+
@ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
|
|
6017
|
+
@signatures = args[:signatures] if args.key?(:signatures)
|
|
6018
|
+
@uris = args[:uris] if args.key?(:uris)
|
|
6019
|
+
end
|
|
6020
|
+
end
|
|
6021
|
+
|
|
6022
|
+
# Security Command Center Issue.
|
|
6023
|
+
class GoogleCloudSecuritycenterV2Issue
|
|
6024
|
+
include Google::Apis::Core::Hashable
|
|
6025
|
+
|
|
6026
|
+
# Output only. The time the issue was created.
|
|
6027
|
+
# Corresponds to the JSON property `createTime`
|
|
6028
|
+
# @return [String]
|
|
6029
|
+
attr_accessor :create_time
|
|
6030
|
+
|
|
6031
|
+
# The description of the issue in Markdown format.
|
|
6032
|
+
# Corresponds to the JSON property `description`
|
|
6033
|
+
# @return [String]
|
|
6034
|
+
attr_accessor :description
|
|
6035
|
+
|
|
6036
|
+
# The finding category or rule name that generated the issue.
|
|
6037
|
+
# Corresponds to the JSON property `detection`
|
|
6038
|
+
# @return [String]
|
|
6039
|
+
attr_accessor :detection
|
|
6040
|
+
|
|
6041
|
+
# The domains of the issue.
|
|
6042
|
+
# Corresponds to the JSON property `domains`
|
|
6043
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueDomain>]
|
|
6044
|
+
attr_accessor :domains
|
|
6045
|
+
|
|
6046
|
+
# The exposure score of the issue.
|
|
6047
|
+
# Corresponds to the JSON property `exposureScore`
|
|
6048
|
+
# @return [Float]
|
|
6049
|
+
attr_accessor :exposure_score
|
|
6050
|
+
|
|
6051
|
+
# The type of the issue.
|
|
6052
|
+
# Corresponds to the JSON property `issueType`
|
|
6053
|
+
# @return [String]
|
|
6054
|
+
attr_accessor :issue_type
|
|
6055
|
+
|
|
6056
|
+
# The time the issue was last observed.
|
|
6057
|
+
# Corresponds to the JSON property `lastObservationTime`
|
|
6058
|
+
# @return [String]
|
|
6059
|
+
attr_accessor :last_observation_time
|
|
6060
|
+
|
|
6061
|
+
# The mute information of the issue.
|
|
6062
|
+
# Corresponds to the JSON property `mute`
|
|
6063
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueMute]
|
|
6064
|
+
attr_accessor :mute
|
|
6065
|
+
|
|
6066
|
+
# Identifier. The name of the issue. Format: organizations/`organization`/
|
|
6067
|
+
# locations/`location`/issues/`issue`
|
|
6068
|
+
# Corresponds to the JSON property `name`
|
|
6069
|
+
# @return [String]
|
|
6070
|
+
attr_accessor :name
|
|
6071
|
+
|
|
6072
|
+
# A resource associated with the an issue.
|
|
6073
|
+
# Corresponds to the JSON property `primaryResource`
|
|
6074
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueResource]
|
|
6075
|
+
attr_accessor :primary_resource
|
|
6076
|
+
|
|
6077
|
+
# The findings related to the issue.
|
|
6078
|
+
# Corresponds to the JSON property `relatedFindings`
|
|
6079
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueFinding>]
|
|
6080
|
+
attr_accessor :related_findings
|
|
6081
|
+
|
|
6082
|
+
# Approaches to remediate the issue in Markdown format.
|
|
6083
|
+
# Corresponds to the JSON property `remediations`
|
|
6084
|
+
# @return [Array<String>]
|
|
6085
|
+
attr_accessor :remediations
|
|
6086
|
+
|
|
6087
|
+
# Additional resources associated with the issue.
|
|
6088
|
+
# Corresponds to the JSON property `secondaryResources`
|
|
6089
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueResource>]
|
|
6090
|
+
attr_accessor :secondary_resources
|
|
6091
|
+
|
|
6092
|
+
# The security context of the issue.
|
|
6093
|
+
# Corresponds to the JSON property `securityContexts`
|
|
6094
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueSecurityContext>]
|
|
6095
|
+
attr_accessor :security_contexts
|
|
6096
|
+
|
|
6097
|
+
# The severity of the issue.
|
|
6098
|
+
# Corresponds to the JSON property `severity`
|
|
6099
|
+
# @return [String]
|
|
6100
|
+
attr_accessor :severity
|
|
6101
|
+
|
|
6102
|
+
# Output only. The state of the issue.
|
|
6103
|
+
# Corresponds to the JSON property `state`
|
|
6104
|
+
# @return [String]
|
|
6105
|
+
attr_accessor :state
|
|
6106
|
+
|
|
6107
|
+
# Output only. The time the issue was last updated.
|
|
6108
|
+
# Corresponds to the JSON property `updateTime`
|
|
6109
|
+
# @return [String]
|
|
6110
|
+
attr_accessor :update_time
|
|
6111
|
+
|
|
6112
|
+
def initialize(**args)
|
|
6113
|
+
update!(**args)
|
|
6114
|
+
end
|
|
6115
|
+
|
|
6116
|
+
# Update properties of this object
|
|
6117
|
+
def update!(**args)
|
|
6118
|
+
@create_time = args[:create_time] if args.key?(:create_time)
|
|
6119
|
+
@description = args[:description] if args.key?(:description)
|
|
6120
|
+
@detection = args[:detection] if args.key?(:detection)
|
|
6121
|
+
@domains = args[:domains] if args.key?(:domains)
|
|
6122
|
+
@exposure_score = args[:exposure_score] if args.key?(:exposure_score)
|
|
6123
|
+
@issue_type = args[:issue_type] if args.key?(:issue_type)
|
|
6124
|
+
@last_observation_time = args[:last_observation_time] if args.key?(:last_observation_time)
|
|
6125
|
+
@mute = args[:mute] if args.key?(:mute)
|
|
6126
|
+
@name = args[:name] if args.key?(:name)
|
|
6127
|
+
@primary_resource = args[:primary_resource] if args.key?(:primary_resource)
|
|
6128
|
+
@related_findings = args[:related_findings] if args.key?(:related_findings)
|
|
6129
|
+
@remediations = args[:remediations] if args.key?(:remediations)
|
|
6130
|
+
@secondary_resources = args[:secondary_resources] if args.key?(:secondary_resources)
|
|
6131
|
+
@security_contexts = args[:security_contexts] if args.key?(:security_contexts)
|
|
6132
|
+
@severity = args[:severity] if args.key?(:severity)
|
|
6133
|
+
@state = args[:state] if args.key?(:state)
|
|
6134
|
+
@update_time = args[:update_time] if args.key?(:update_time)
|
|
6135
|
+
end
|
|
6136
|
+
end
|
|
6137
|
+
|
|
6138
|
+
# The domains of an issue.
|
|
6139
|
+
class GoogleCloudSecuritycenterV2IssueDomain
|
|
6140
|
+
include Google::Apis::Core::Hashable
|
|
6141
|
+
|
|
6142
|
+
# The domain category of the issue.
|
|
6143
|
+
# Corresponds to the JSON property `domainCategory`
|
|
6144
|
+
# @return [String]
|
|
6145
|
+
attr_accessor :domain_category
|
|
6146
|
+
|
|
6147
|
+
def initialize(**args)
|
|
6148
|
+
update!(**args)
|
|
6149
|
+
end
|
|
6150
|
+
|
|
6151
|
+
# Update properties of this object
|
|
6152
|
+
def update!(**args)
|
|
6153
|
+
@domain_category = args[:domain_category] if args.key?(:domain_category)
|
|
6154
|
+
end
|
|
6155
|
+
end
|
|
6156
|
+
|
|
6157
|
+
# Finding related to an issue.
|
|
6158
|
+
class GoogleCloudSecuritycenterV2IssueFinding
|
|
6159
|
+
include Google::Apis::Core::Hashable
|
|
6160
|
+
|
|
6161
|
+
# The CVE of the finding.
|
|
6162
|
+
# Corresponds to the JSON property `cve`
|
|
6163
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueFindingCve]
|
|
6164
|
+
attr_accessor :cve
|
|
6165
|
+
|
|
6166
|
+
# The name of the finding.
|
|
6167
|
+
# Corresponds to the JSON property `name`
|
|
6168
|
+
# @return [String]
|
|
6169
|
+
attr_accessor :name
|
|
6170
|
+
|
|
6171
|
+
# The security bulletin of the finding.
|
|
6172
|
+
# Corresponds to the JSON property `securityBulletin`
|
|
6173
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin]
|
|
6174
|
+
attr_accessor :security_bulletin
|
|
6175
|
+
|
|
6176
|
+
def initialize(**args)
|
|
6177
|
+
update!(**args)
|
|
6178
|
+
end
|
|
6179
|
+
|
|
6180
|
+
# Update properties of this object
|
|
6181
|
+
def update!(**args)
|
|
6182
|
+
@cve = args[:cve] if args.key?(:cve)
|
|
6183
|
+
@name = args[:name] if args.key?(:name)
|
|
6184
|
+
@security_bulletin = args[:security_bulletin] if args.key?(:security_bulletin)
|
|
6185
|
+
end
|
|
6186
|
+
end
|
|
6187
|
+
|
|
6188
|
+
# The CVE of the finding.
|
|
6189
|
+
class GoogleCloudSecuritycenterV2IssueFindingCve
|
|
6190
|
+
include Google::Apis::Core::Hashable
|
|
6191
|
+
|
|
6192
|
+
# The CVE name.
|
|
6193
|
+
# Corresponds to the JSON property `name`
|
|
6194
|
+
# @return [String]
|
|
6195
|
+
attr_accessor :name
|
|
6196
|
+
|
|
6197
|
+
def initialize(**args)
|
|
6198
|
+
update!(**args)
|
|
6199
|
+
end
|
|
6200
|
+
|
|
6201
|
+
# Update properties of this object
|
|
6202
|
+
def update!(**args)
|
|
6203
|
+
@name = args[:name] if args.key?(:name)
|
|
6204
|
+
end
|
|
6205
|
+
end
|
|
6206
|
+
|
|
6207
|
+
# The security bulletin of the finding.
|
|
6208
|
+
class GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin
|
|
6209
|
+
include Google::Apis::Core::Hashable
|
|
6210
|
+
|
|
6211
|
+
# The security bulletin name.
|
|
6212
|
+
# Corresponds to the JSON property `name`
|
|
6213
|
+
# @return [String]
|
|
6214
|
+
attr_accessor :name
|
|
6215
|
+
|
|
6216
|
+
def initialize(**args)
|
|
6217
|
+
update!(**args)
|
|
6218
|
+
end
|
|
6219
|
+
|
|
6220
|
+
# Update properties of this object
|
|
6221
|
+
def update!(**args)
|
|
6222
|
+
@name = args[:name] if args.key?(:name)
|
|
6223
|
+
end
|
|
6224
|
+
end
|
|
6225
|
+
|
|
6226
|
+
# The mute information of the issue.
|
|
6227
|
+
class GoogleCloudSecuritycenterV2IssueMute
|
|
6228
|
+
include Google::Apis::Core::Hashable
|
|
6229
|
+
|
|
6230
|
+
# The email address of the user who last changed the mute state of the issue.
|
|
6231
|
+
# Corresponds to the JSON property `muteInitiator`
|
|
6232
|
+
# @return [String]
|
|
6233
|
+
attr_accessor :mute_initiator
|
|
6234
|
+
|
|
6235
|
+
# The user-provided reason for muting the issue.
|
|
6236
|
+
# Corresponds to the JSON property `muteReason`
|
|
6237
|
+
# @return [String]
|
|
6238
|
+
attr_accessor :mute_reason
|
|
6239
|
+
|
|
6240
|
+
# Output only. The mute state of the issue.
|
|
6241
|
+
# Corresponds to the JSON property `muteState`
|
|
6242
|
+
# @return [String]
|
|
6243
|
+
attr_accessor :mute_state
|
|
6244
|
+
|
|
6245
|
+
# The time the issue was muted.
|
|
6246
|
+
# Corresponds to the JSON property `muteUpdateTime`
|
|
6247
|
+
# @return [String]
|
|
6248
|
+
attr_accessor :mute_update_time
|
|
6249
|
+
|
|
6250
|
+
def initialize(**args)
|
|
6251
|
+
update!(**args)
|
|
6252
|
+
end
|
|
6253
|
+
|
|
6254
|
+
# Update properties of this object
|
|
6255
|
+
def update!(**args)
|
|
6256
|
+
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
6257
|
+
@mute_reason = args[:mute_reason] if args.key?(:mute_reason)
|
|
6258
|
+
@mute_state = args[:mute_state] if args.key?(:mute_state)
|
|
6259
|
+
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
6260
|
+
end
|
|
6261
|
+
end
|
|
6262
|
+
|
|
6263
|
+
# A resource associated with the an issue.
|
|
6264
|
+
class GoogleCloudSecuritycenterV2IssueResource
|
|
6265
|
+
include Google::Apis::Core::Hashable
|
|
6266
|
+
|
|
6267
|
+
# The AWS metadata of a resource associated with an issue.
|
|
6268
|
+
# Corresponds to the JSON property `awsMetadata`
|
|
6269
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueResourceAwsMetadata]
|
|
6270
|
+
attr_accessor :aws_metadata
|
|
6271
|
+
|
|
6272
|
+
# The Azure metadata of a resource associated with an issue.
|
|
6273
|
+
# Corresponds to the JSON property `azureMetadata`
|
|
6274
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueResourceAzureMetadata]
|
|
6275
|
+
attr_accessor :azure_metadata
|
|
6276
|
+
|
|
6277
|
+
# The cloud provider of the resource associated with the issue.
|
|
6278
|
+
# Corresponds to the JSON property `cloudProvider`
|
|
6279
|
+
# @return [String]
|
|
6280
|
+
attr_accessor :cloud_provider
|
|
6281
|
+
|
|
6282
|
+
# The resource-type specific display name of the resource associated with the
|
|
6283
|
+
# issue.
|
|
6284
|
+
# Corresponds to the JSON property `displayName`
|
|
6285
|
+
# @return [String]
|
|
6286
|
+
attr_accessor :display_name
|
|
6287
|
+
|
|
6288
|
+
# Google Cloud metadata of a resource associated with an issue.
|
|
6289
|
+
# Corresponds to the JSON property `googleCloudMetadata`
|
|
6290
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata]
|
|
6291
|
+
attr_accessor :google_cloud_metadata
|
|
6292
|
+
|
|
6293
|
+
# The full resource name of the resource associated with the issue.
|
|
6294
|
+
# Corresponds to the JSON property `name`
|
|
6295
|
+
# @return [String]
|
|
6296
|
+
attr_accessor :name
|
|
6297
|
+
|
|
6298
|
+
# The type of the resource associated with the issue.
|
|
6299
|
+
# Corresponds to the JSON property `type`
|
|
6300
|
+
# @return [String]
|
|
6301
|
+
attr_accessor :type
|
|
6302
|
+
|
|
6303
|
+
def initialize(**args)
|
|
6304
|
+
update!(**args)
|
|
6305
|
+
end
|
|
6306
|
+
|
|
6307
|
+
# Update properties of this object
|
|
6308
|
+
def update!(**args)
|
|
6309
|
+
@aws_metadata = args[:aws_metadata] if args.key?(:aws_metadata)
|
|
6310
|
+
@azure_metadata = args[:azure_metadata] if args.key?(:azure_metadata)
|
|
6311
|
+
@cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
|
|
6312
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
6313
|
+
@google_cloud_metadata = args[:google_cloud_metadata] if args.key?(:google_cloud_metadata)
|
|
6314
|
+
@name = args[:name] if args.key?(:name)
|
|
6315
|
+
@type = args[:type] if args.key?(:type)
|
|
6316
|
+
end
|
|
6317
|
+
end
|
|
6318
|
+
|
|
6319
|
+
# The AWS metadata of a resource associated with an issue.
|
|
6320
|
+
class GoogleCloudSecuritycenterV2IssueResourceAwsMetadata
|
|
6321
|
+
include Google::Apis::Core::Hashable
|
|
6322
|
+
|
|
6323
|
+
# The AWS account of the resource associated with the issue.
|
|
6324
|
+
# Corresponds to the JSON property `account`
|
|
6325
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount]
|
|
6326
|
+
attr_accessor :account
|
|
6327
|
+
|
|
6328
|
+
def initialize(**args)
|
|
6329
|
+
update!(**args)
|
|
6330
|
+
end
|
|
6331
|
+
|
|
6332
|
+
# Update properties of this object
|
|
6333
|
+
def update!(**args)
|
|
6334
|
+
@account = args[:account] if args.key?(:account)
|
|
6335
|
+
end
|
|
6336
|
+
end
|
|
6337
|
+
|
|
6338
|
+
# The AWS account of the resource associated with the issue.
|
|
6339
|
+
class GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount
|
|
6340
|
+
include Google::Apis::Core::Hashable
|
|
6341
|
+
|
|
6342
|
+
# The AWS account ID of the resource associated with the issue.
|
|
6343
|
+
# Corresponds to the JSON property `id`
|
|
6344
|
+
# @return [String]
|
|
6345
|
+
attr_accessor :id
|
|
5225
6346
|
|
|
5226
|
-
# The
|
|
5227
|
-
# the
|
|
5228
|
-
# Corresponds to the JSON property `severity`
|
|
6347
|
+
# The AWS account name of the resource associated with the issue.
|
|
6348
|
+
# Corresponds to the JSON property `name`
|
|
5229
6349
|
# @return [String]
|
|
5230
|
-
attr_accessor :
|
|
6350
|
+
attr_accessor :name
|
|
5231
6351
|
|
|
5232
|
-
|
|
5233
|
-
|
|
5234
|
-
|
|
5235
|
-
# characters or underscores only.
|
|
5236
|
-
# Corresponds to the JSON property `sourceProperties`
|
|
5237
|
-
# @return [Hash<String,Object>]
|
|
5238
|
-
attr_accessor :source_properties
|
|
6352
|
+
def initialize(**args)
|
|
6353
|
+
update!(**args)
|
|
6354
|
+
end
|
|
5239
6355
|
|
|
5240
|
-
#
|
|
5241
|
-
|
|
5242
|
-
|
|
5243
|
-
|
|
6356
|
+
# Update properties of this object
|
|
6357
|
+
def update!(**args)
|
|
6358
|
+
@id = args[:id] if args.key?(:id)
|
|
6359
|
+
@name = args[:name] if args.key?(:name)
|
|
6360
|
+
end
|
|
6361
|
+
end
|
|
5244
6362
|
|
|
5245
|
-
|
|
5246
|
-
|
|
5247
|
-
|
|
5248
|
-
# Corresponds to the JSON property `toxicCombination`
|
|
5249
|
-
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ToxicCombination]
|
|
5250
|
-
attr_accessor :toxic_combination
|
|
6363
|
+
# The Azure metadata of a resource associated with an issue.
|
|
6364
|
+
class GoogleCloudSecuritycenterV2IssueResourceAzureMetadata
|
|
6365
|
+
include Google::Apis::Core::Hashable
|
|
5251
6366
|
|
|
5252
|
-
#
|
|
5253
|
-
# Corresponds to the JSON property `
|
|
5254
|
-
# @return [Google::Apis::SecuritycenterV1beta2::
|
|
5255
|
-
attr_accessor :
|
|
6367
|
+
# The Azure subscription of the resource associated with the issue.
|
|
6368
|
+
# Corresponds to the JSON property `subscription`
|
|
6369
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription]
|
|
6370
|
+
attr_accessor :subscription
|
|
5256
6371
|
|
|
5257
6372
|
def initialize(**args)
|
|
5258
6373
|
update!(**args)
|
|
@@ -5260,72 +6375,23 @@ module Google
|
|
|
5260
6375
|
|
|
5261
6376
|
# Update properties of this object
|
|
5262
6377
|
def update!(**args)
|
|
5263
|
-
@
|
|
5264
|
-
@application = args[:application] if args.key?(:application)
|
|
5265
|
-
@attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
|
|
5266
|
-
@backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
|
|
5267
|
-
@canonical_name = args[:canonical_name] if args.key?(:canonical_name)
|
|
5268
|
-
@category = args[:category] if args.key?(:category)
|
|
5269
|
-
@cloud_armor = args[:cloud_armor] if args.key?(:cloud_armor)
|
|
5270
|
-
@cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
|
|
5271
|
-
@cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
|
|
5272
|
-
@compliances = args[:compliances] if args.key?(:compliances)
|
|
5273
|
-
@connections = args[:connections] if args.key?(:connections)
|
|
5274
|
-
@contacts = args[:contacts] if args.key?(:contacts)
|
|
5275
|
-
@containers = args[:containers] if args.key?(:containers)
|
|
5276
|
-
@create_time = args[:create_time] if args.key?(:create_time)
|
|
5277
|
-
@database = args[:database] if args.key?(:database)
|
|
5278
|
-
@description = args[:description] if args.key?(:description)
|
|
5279
|
-
@event_time = args[:event_time] if args.key?(:event_time)
|
|
5280
|
-
@exfiltration = args[:exfiltration] if args.key?(:exfiltration)
|
|
5281
|
-
@external_systems = args[:external_systems] if args.key?(:external_systems)
|
|
5282
|
-
@external_uri = args[:external_uri] if args.key?(:external_uri)
|
|
5283
|
-
@files = args[:files] if args.key?(:files)
|
|
5284
|
-
@finding_class = args[:finding_class] if args.key?(:finding_class)
|
|
5285
|
-
@group_memberships = args[:group_memberships] if args.key?(:group_memberships)
|
|
5286
|
-
@iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
|
|
5287
|
-
@indicator = args[:indicator] if args.key?(:indicator)
|
|
5288
|
-
@kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
|
|
5289
|
-
@kubernetes = args[:kubernetes] if args.key?(:kubernetes)
|
|
5290
|
-
@load_balancers = args[:load_balancers] if args.key?(:load_balancers)
|
|
5291
|
-
@log_entries = args[:log_entries] if args.key?(:log_entries)
|
|
5292
|
-
@mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
|
|
5293
|
-
@module_name = args[:module_name] if args.key?(:module_name)
|
|
5294
|
-
@mute = args[:mute] if args.key?(:mute)
|
|
5295
|
-
@mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
|
|
5296
|
-
@mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
|
|
5297
|
-
@name = args[:name] if args.key?(:name)
|
|
5298
|
-
@next_steps = args[:next_steps] if args.key?(:next_steps)
|
|
5299
|
-
@notebook = args[:notebook] if args.key?(:notebook)
|
|
5300
|
-
@org_policies = args[:org_policies] if args.key?(:org_policies)
|
|
5301
|
-
@parent = args[:parent] if args.key?(:parent)
|
|
5302
|
-
@parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
|
|
5303
|
-
@processes = args[:processes] if args.key?(:processes)
|
|
5304
|
-
@resource_name = args[:resource_name] if args.key?(:resource_name)
|
|
5305
|
-
@security_marks = args[:security_marks] if args.key?(:security_marks)
|
|
5306
|
-
@security_posture = args[:security_posture] if args.key?(:security_posture)
|
|
5307
|
-
@severity = args[:severity] if args.key?(:severity)
|
|
5308
|
-
@source_properties = args[:source_properties] if args.key?(:source_properties)
|
|
5309
|
-
@state = args[:state] if args.key?(:state)
|
|
5310
|
-
@toxic_combination = args[:toxic_combination] if args.key?(:toxic_combination)
|
|
5311
|
-
@vulnerability = args[:vulnerability] if args.key?(:vulnerability)
|
|
6378
|
+
@subscription = args[:subscription] if args.key?(:subscription)
|
|
5312
6379
|
end
|
|
5313
6380
|
end
|
|
5314
6381
|
|
|
5315
|
-
#
|
|
5316
|
-
class
|
|
6382
|
+
# The Azure subscription of the resource associated with the issue.
|
|
6383
|
+
class GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription
|
|
5317
6384
|
include Google::Apis::Core::Hashable
|
|
5318
6385
|
|
|
5319
|
-
#
|
|
5320
|
-
#
|
|
5321
|
-
# Corresponds to the JSON property `resourceFolder`
|
|
6386
|
+
# The Azure subscription display name of the resource associated with the issue.
|
|
6387
|
+
# Corresponds to the JSON property `displayName`
|
|
5322
6388
|
# @return [String]
|
|
5323
|
-
attr_accessor :
|
|
6389
|
+
attr_accessor :display_name
|
|
5324
6390
|
|
|
5325
|
-
# The
|
|
5326
|
-
# Corresponds to the JSON property `
|
|
6391
|
+
# The Azure subscription ID of the resource associated with the issue.
|
|
6392
|
+
# Corresponds to the JSON property `id`
|
|
5327
6393
|
# @return [String]
|
|
5328
|
-
attr_accessor :
|
|
6394
|
+
attr_accessor :id
|
|
5329
6395
|
|
|
5330
6396
|
def initialize(**args)
|
|
5331
6397
|
update!(**args)
|
|
@@ -5333,19 +6399,19 @@ module Google
|
|
|
5333
6399
|
|
|
5334
6400
|
# Update properties of this object
|
|
5335
6401
|
def update!(**args)
|
|
5336
|
-
@
|
|
5337
|
-
@
|
|
6402
|
+
@display_name = args[:display_name] if args.key?(:display_name)
|
|
6403
|
+
@id = args[:id] if args.key?(:id)
|
|
5338
6404
|
end
|
|
5339
6405
|
end
|
|
5340
6406
|
|
|
5341
|
-
#
|
|
5342
|
-
class
|
|
6407
|
+
# Google Cloud metadata of a resource associated with an issue.
|
|
6408
|
+
class GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata
|
|
5343
6409
|
include Google::Apis::Core::Hashable
|
|
5344
6410
|
|
|
5345
|
-
#
|
|
5346
|
-
# Corresponds to the JSON property `
|
|
6411
|
+
# The project ID that the resource associated with the issue belongs to.
|
|
6412
|
+
# Corresponds to the JSON property `projectId`
|
|
5347
6413
|
# @return [String]
|
|
5348
|
-
attr_accessor :
|
|
6414
|
+
attr_accessor :project_id
|
|
5349
6415
|
|
|
5350
6416
|
def initialize(**args)
|
|
5351
6417
|
update!(**args)
|
|
@@ -5353,24 +6419,23 @@ module Google
|
|
|
5353
6419
|
|
|
5354
6420
|
# Update properties of this object
|
|
5355
6421
|
def update!(**args)
|
|
5356
|
-
@
|
|
6422
|
+
@project_id = args[:project_id] if args.key?(:project_id)
|
|
5357
6423
|
end
|
|
5358
6424
|
end
|
|
5359
6425
|
|
|
5360
|
-
#
|
|
5361
|
-
|
|
5362
|
-
class GoogleCloudSecuritycenterV2GroupMembership
|
|
6426
|
+
# Security context associated with an issue.
|
|
6427
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContext
|
|
5363
6428
|
include Google::Apis::Core::Hashable
|
|
5364
6429
|
|
|
5365
|
-
#
|
|
5366
|
-
# Corresponds to the JSON property `
|
|
5367
|
-
# @return [
|
|
5368
|
-
attr_accessor :
|
|
6430
|
+
# Aggregated count of a security context.
|
|
6431
|
+
# Corresponds to the JSON property `aggregatedCount`
|
|
6432
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount]
|
|
6433
|
+
attr_accessor :aggregated_count
|
|
5369
6434
|
|
|
5370
|
-
#
|
|
5371
|
-
# Corresponds to the JSON property `
|
|
5372
|
-
# @return [
|
|
5373
|
-
attr_accessor :
|
|
6435
|
+
# Context of a security context.
|
|
6436
|
+
# Corresponds to the JSON property `context`
|
|
6437
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IssueSecurityContextContext]
|
|
6438
|
+
attr_accessor :context
|
|
5374
6439
|
|
|
5375
6440
|
def initialize(**args)
|
|
5376
6441
|
update!(**args)
|
|
@@ -5378,32 +6443,24 @@ module Google
|
|
|
5378
6443
|
|
|
5379
6444
|
# Update properties of this object
|
|
5380
6445
|
def update!(**args)
|
|
5381
|
-
@
|
|
5382
|
-
@
|
|
6446
|
+
@aggregated_count = args[:aggregated_count] if args.key?(:aggregated_count)
|
|
6447
|
+
@context = args[:context] if args.key?(:context)
|
|
5383
6448
|
end
|
|
5384
6449
|
end
|
|
5385
6450
|
|
|
5386
|
-
#
|
|
5387
|
-
|
|
5388
|
-
class GoogleCloudSecuritycenterV2IamBinding
|
|
6451
|
+
# Aggregated count of a security context.
|
|
6452
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount
|
|
5389
6453
|
include Google::Apis::Core::Hashable
|
|
5390
6454
|
|
|
5391
|
-
#
|
|
5392
|
-
# Corresponds to the JSON property `
|
|
5393
|
-
# @return [String]
|
|
5394
|
-
attr_accessor :action
|
|
5395
|
-
|
|
5396
|
-
# A single identity requesting access for a Cloud Platform resource, for example,
|
|
5397
|
-
# "foo@google.com".
|
|
5398
|
-
# Corresponds to the JSON property `member`
|
|
6455
|
+
# Aggregation key.
|
|
6456
|
+
# Corresponds to the JSON property `key`
|
|
5399
6457
|
# @return [String]
|
|
5400
|
-
attr_accessor :
|
|
6458
|
+
attr_accessor :key
|
|
5401
6459
|
|
|
5402
|
-
#
|
|
5403
|
-
#
|
|
5404
|
-
#
|
|
5405
|
-
|
|
5406
|
-
attr_accessor :role
|
|
6460
|
+
# Aggregation value.
|
|
6461
|
+
# Corresponds to the JSON property `value`
|
|
6462
|
+
# @return [Fixnum]
|
|
6463
|
+
attr_accessor :value
|
|
5407
6464
|
|
|
5408
6465
|
def initialize(**args)
|
|
5409
6466
|
update!(**args)
|
|
@@ -5411,40 +6468,24 @@ module Google
|
|
|
5411
6468
|
|
|
5412
6469
|
# Update properties of this object
|
|
5413
6470
|
def update!(**args)
|
|
5414
|
-
@
|
|
5415
|
-
@
|
|
5416
|
-
@role = args[:role] if args.key?(:role)
|
|
6471
|
+
@key = args[:key] if args.key?(:key)
|
|
6472
|
+
@value = args[:value] if args.key?(:value)
|
|
5417
6473
|
end
|
|
5418
6474
|
end
|
|
5419
6475
|
|
|
5420
|
-
#
|
|
5421
|
-
|
|
5422
|
-
# operating system that, with high confidence, indicates a computer intrusion.
|
|
5423
|
-
# For more information, see [Indicator of compromise](https://en.wikipedia.org/
|
|
5424
|
-
# wiki/Indicator_of_compromise).
|
|
5425
|
-
class GoogleCloudSecuritycenterV2Indicator
|
|
6476
|
+
# Context of a security context.
|
|
6477
|
+
class GoogleCloudSecuritycenterV2IssueSecurityContextContext
|
|
5426
6478
|
include Google::Apis::Core::Hashable
|
|
5427
6479
|
|
|
5428
|
-
#
|
|
5429
|
-
# Corresponds to the JSON property `
|
|
5430
|
-
# @return [
|
|
5431
|
-
attr_accessor :
|
|
5432
|
-
|
|
5433
|
-
# The list of IP addresses that are associated with the finding.
|
|
5434
|
-
# Corresponds to the JSON property `ipAddresses`
|
|
5435
|
-
# @return [Array<String>]
|
|
5436
|
-
attr_accessor :ip_addresses
|
|
5437
|
-
|
|
5438
|
-
# The list of matched signatures indicating that the given process is present in
|
|
5439
|
-
# the environment.
|
|
5440
|
-
# Corresponds to the JSON property `signatures`
|
|
5441
|
-
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ProcessSignature>]
|
|
5442
|
-
attr_accessor :signatures
|
|
6480
|
+
# Context type.
|
|
6481
|
+
# Corresponds to the JSON property `type`
|
|
6482
|
+
# @return [String]
|
|
6483
|
+
attr_accessor :type
|
|
5443
6484
|
|
|
5444
|
-
#
|
|
5445
|
-
# Corresponds to the JSON property `
|
|
6485
|
+
# Context values.
|
|
6486
|
+
# Corresponds to the JSON property `values`
|
|
5446
6487
|
# @return [Array<String>]
|
|
5447
|
-
attr_accessor :
|
|
6488
|
+
attr_accessor :values
|
|
5448
6489
|
|
|
5449
6490
|
def initialize(**args)
|
|
5450
6491
|
update!(**args)
|
|
@@ -5452,10 +6493,8 @@ module Google
|
|
|
5452
6493
|
|
|
5453
6494
|
# Update properties of this object
|
|
5454
6495
|
def update!(**args)
|
|
5455
|
-
@
|
|
5456
|
-
@
|
|
5457
|
-
@signatures = args[:signatures] if args.key?(:signatures)
|
|
5458
|
-
@uris = args[:uris] if args.key?(:uris)
|
|
6496
|
+
@type = args[:type] if args.key?(:type)
|
|
6497
|
+
@values = args[:values] if args.key?(:values)
|
|
5459
6498
|
end
|
|
5460
6499
|
end
|
|
5461
6500
|
|
|
@@ -5764,6 +6803,12 @@ module Google
|
|
|
5764
6803
|
# @return [String]
|
|
5765
6804
|
attr_accessor :description
|
|
5766
6805
|
|
|
6806
|
+
# Optional. The expiry of the mute config. Only applicable for dynamic configs.
|
|
6807
|
+
# If the expiry is set, when the config expires, it is removed from all findings.
|
|
6808
|
+
# Corresponds to the JSON property `expiryTime`
|
|
6809
|
+
# @return [String]
|
|
6810
|
+
attr_accessor :expiry_time
|
|
6811
|
+
|
|
5767
6812
|
# Required. An expression that defines the filter to apply across create/update
|
|
5768
6813
|
# events of findings. While creating a filter string, be mindful of the scope in
|
|
5769
6814
|
# which the mute configuration is being created. E.g., If a filter contains
|
|
@@ -5817,6 +6862,7 @@ module Google
|
|
|
5817
6862
|
def update!(**args)
|
|
5818
6863
|
@create_time = args[:create_time] if args.key?(:create_time)
|
|
5819
6864
|
@description = args[:description] if args.key?(:description)
|
|
6865
|
+
@expiry_time = args[:expiry_time] if args.key?(:expiry_time)
|
|
5820
6866
|
@filter = args[:filter] if args.key?(:filter)
|
|
5821
6867
|
@most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
|
|
5822
6868
|
@name = args[:name] if args.key?(:name)
|
|
@@ -5825,6 +6871,34 @@ module Google
|
|
|
5825
6871
|
end
|
|
5826
6872
|
end
|
|
5827
6873
|
|
|
6874
|
+
# Mute information about the finding, including whether the finding has a static
|
|
6875
|
+
# mute or any matching dynamic mute rules.
|
|
6876
|
+
class GoogleCloudSecuritycenterV2MuteInfo
|
|
6877
|
+
include Google::Apis::Core::Hashable
|
|
6878
|
+
|
|
6879
|
+
# The list of dynamic mute rules that currently match the finding.
|
|
6880
|
+
# Corresponds to the JSON property `dynamicMuteRecords`
|
|
6881
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DynamicMuteRecord>]
|
|
6882
|
+
attr_accessor :dynamic_mute_records
|
|
6883
|
+
|
|
6884
|
+
# Information about the static mute state. A static mute state overrides any
|
|
6885
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
6886
|
+
# set by a static mute rule or by muting the finding directly.
|
|
6887
|
+
# Corresponds to the JSON property `staticMute`
|
|
6888
|
+
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2StaticMute]
|
|
6889
|
+
attr_accessor :static_mute
|
|
6890
|
+
|
|
6891
|
+
def initialize(**args)
|
|
6892
|
+
update!(**args)
|
|
6893
|
+
end
|
|
6894
|
+
|
|
6895
|
+
# Update properties of this object
|
|
6896
|
+
def update!(**args)
|
|
6897
|
+
@dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
|
|
6898
|
+
@static_mute = args[:static_mute] if args.key?(:static_mute)
|
|
6899
|
+
end
|
|
6900
|
+
end
|
|
6901
|
+
|
|
5828
6902
|
# Kubernetes nodes associated with the finding.
|
|
5829
6903
|
class GoogleCloudSecuritycenterV2Node
|
|
5830
6904
|
include Google::Apis::Core::Hashable
|
|
@@ -6500,9 +7574,10 @@ module Google
|
|
|
6500
7574
|
# @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping]
|
|
6501
7575
|
attr_accessor :sensitive_data_protection_mapping
|
|
6502
7576
|
|
|
6503
|
-
# Tag values combined with `AND` to check against.
|
|
6504
|
-
#
|
|
6505
|
-
# cloud.google.com/resource-
|
|
7577
|
+
# Tag values combined with `AND` to check against. For Google Cloud resources,
|
|
7578
|
+
# they are tag value IDs in the form of "tagValues/123". Example: `[ "tagValues/
|
|
7579
|
+
# 123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/resource-
|
|
7580
|
+
# manager/docs/tags/tags-creating-and-managing
|
|
6506
7581
|
# Corresponds to the JSON property `tagValues`
|
|
6507
7582
|
# @return [Array<String>]
|
|
6508
7583
|
attr_accessor :tag_values
|
|
@@ -6812,6 +7887,34 @@ module Google
|
|
|
6812
7887
|
end
|
|
6813
7888
|
end
|
|
6814
7889
|
|
|
7890
|
+
# Information about the static mute state. A static mute state overrides any
|
|
7891
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
7892
|
+
# set by a static mute rule or by muting the finding directly.
|
|
7893
|
+
class GoogleCloudSecuritycenterV2StaticMute
|
|
7894
|
+
include Google::Apis::Core::Hashable
|
|
7895
|
+
|
|
7896
|
+
# When the static mute was applied.
|
|
7897
|
+
# Corresponds to the JSON property `applyTime`
|
|
7898
|
+
# @return [String]
|
|
7899
|
+
attr_accessor :apply_time
|
|
7900
|
+
|
|
7901
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
|
|
7902
|
+
# s overall mute state will have the same value.
|
|
7903
|
+
# Corresponds to the JSON property `state`
|
|
7904
|
+
# @return [String]
|
|
7905
|
+
attr_accessor :state
|
|
7906
|
+
|
|
7907
|
+
def initialize(**args)
|
|
7908
|
+
update!(**args)
|
|
7909
|
+
end
|
|
7910
|
+
|
|
7911
|
+
# Update properties of this object
|
|
7912
|
+
def update!(**args)
|
|
7913
|
+
@apply_time = args[:apply_time] if args.key?(:apply_time)
|
|
7914
|
+
@state = args[:state] if args.key?(:state)
|
|
7915
|
+
end
|
|
7916
|
+
end
|
|
7917
|
+
|
|
6815
7918
|
# Represents a Kubernetes subject.
|
|
6816
7919
|
class GoogleCloudSecuritycenterV2Subject
|
|
6817
7920
|
include Google::Apis::Core::Hashable
|
|
@@ -7373,6 +8476,34 @@ module Google
|
|
|
7373
8476
|
end
|
|
7374
8477
|
end
|
|
7375
8478
|
|
|
8479
|
+
# Mute information about the finding, including whether the finding has a static
|
|
8480
|
+
# mute or any matching dynamic mute rules.
|
|
8481
|
+
class MuteInfo
|
|
8482
|
+
include Google::Apis::Core::Hashable
|
|
8483
|
+
|
|
8484
|
+
# The list of dynamic mute rules that currently match the finding.
|
|
8485
|
+
# Corresponds to the JSON property `dynamicMuteRecords`
|
|
8486
|
+
# @return [Array<Google::Apis::SecuritycenterV1beta2::DynamicMuteRecord>]
|
|
8487
|
+
attr_accessor :dynamic_mute_records
|
|
8488
|
+
|
|
8489
|
+
# Information about the static mute state. A static mute state overrides any
|
|
8490
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
8491
|
+
# set by a static mute rule or by muting the finding directly.
|
|
8492
|
+
# Corresponds to the JSON property `staticMute`
|
|
8493
|
+
# @return [Google::Apis::SecuritycenterV1beta2::StaticMute]
|
|
8494
|
+
attr_accessor :static_mute
|
|
8495
|
+
|
|
8496
|
+
def initialize(**args)
|
|
8497
|
+
update!(**args)
|
|
8498
|
+
end
|
|
8499
|
+
|
|
8500
|
+
# Update properties of this object
|
|
8501
|
+
def update!(**args)
|
|
8502
|
+
@dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
|
|
8503
|
+
@static_mute = args[:static_mute] if args.key?(:static_mute)
|
|
8504
|
+
end
|
|
8505
|
+
end
|
|
8506
|
+
|
|
7376
8507
|
# Kubernetes nodes associated with the finding.
|
|
7377
8508
|
class Node
|
|
7378
8509
|
include Google::Apis::Core::Hashable
|
|
@@ -8242,6 +9373,34 @@ module Google
|
|
|
8242
9373
|
end
|
|
8243
9374
|
end
|
|
8244
9375
|
|
|
9376
|
+
# Information about the static mute state. A static mute state overrides any
|
|
9377
|
+
# dynamic mute rules that apply to this finding. The static mute state can be
|
|
9378
|
+
# set by a static mute rule or by muting the finding directly.
|
|
9379
|
+
class StaticMute
|
|
9380
|
+
include Google::Apis::Core::Hashable
|
|
9381
|
+
|
|
9382
|
+
# When the static mute was applied.
|
|
9383
|
+
# Corresponds to the JSON property `applyTime`
|
|
9384
|
+
# @return [String]
|
|
9385
|
+
attr_accessor :apply_time
|
|
9386
|
+
|
|
9387
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
|
|
9388
|
+
# s overall mute state will have the same value.
|
|
9389
|
+
# Corresponds to the JSON property `state`
|
|
9390
|
+
# @return [String]
|
|
9391
|
+
attr_accessor :state
|
|
9392
|
+
|
|
9393
|
+
def initialize(**args)
|
|
9394
|
+
update!(**args)
|
|
9395
|
+
end
|
|
9396
|
+
|
|
9397
|
+
# Update properties of this object
|
|
9398
|
+
def update!(**args)
|
|
9399
|
+
@apply_time = args[:apply_time] if args.key?(:apply_time)
|
|
9400
|
+
@state = args[:state] if args.key?(:state)
|
|
9401
|
+
end
|
|
9402
|
+
end
|
|
9403
|
+
|
|
8245
9404
|
# Represents a Kubernetes subject.
|
|
8246
9405
|
class Subject
|
|
8247
9406
|
include Google::Apis::Core::Hashable
|