google-cloud-os_config-v1alpha 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +169 -0
- data/LICENSE.md +201 -0
- data/README.md +139 -0
- data/lib/google-cloud-os_config-v1alpha.rb +21 -0
- data/lib/google/cloud/os_config/v1alpha.rb +38 -0
- data/lib/google/cloud/os_config/v1alpha/os_config_zonal_service.rb +53 -0
- data/lib/google/cloud/os_config/v1alpha/os_config_zonal_service/client.rb +1347 -0
- data/lib/google/cloud/os_config/v1alpha/os_config_zonal_service/credentials.rb +51 -0
- data/lib/google/cloud/os_config/v1alpha/os_config_zonal_service/operations.rb +655 -0
- data/lib/google/cloud/os_config/v1alpha/os_config_zonal_service/paths.rb +145 -0
- data/lib/google/cloud/os_config/v1alpha/version.rb +28 -0
- data/lib/google/cloud/osconfig/v1alpha/config_common_pb.rb +59 -0
- data/lib/google/cloud/osconfig/v1alpha/instance_os_policies_compliance_pb.rb +56 -0
- data/lib/google/cloud/osconfig/v1alpha/inventory_pb.rb +136 -0
- data/lib/google/cloud/osconfig/v1alpha/os_policy_assignments_pb.rb +128 -0
- data/lib/google/cloud/osconfig/v1alpha/os_policy_pb.rb +204 -0
- data/lib/google/cloud/osconfig/v1alpha/osconfig_common_pb.rb +25 -0
- data/lib/google/cloud/osconfig/v1alpha/osconfig_zonal_service_pb.rb +26 -0
- data/lib/google/cloud/osconfig/v1alpha/osconfig_zonal_service_services_pb.rb +107 -0
- data/lib/google/cloud/osconfig/v1alpha/vulnerability_pb.rb +118 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/field_behavior.rb +65 -0
- data/proto_docs/google/api/resource.rb +283 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/config_common.rb +127 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/instance_os_policies_compliance.rb +167 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/inventory.rb +377 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/os_policy.rb +585 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/os_policy_assignments.rb +367 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/osconfig_common.rb +40 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/vulnerability.rb +341 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +141 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/timestamp.rb +129 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- metadata +230 -0
@@ -0,0 +1,367 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module OsConfig
|
23
|
+
module V1alpha
|
24
|
+
# OS policy assignment is an API resource that is used to
|
25
|
+
# apply a set of OS policies to a dynamically targeted group of Compute Engine
|
26
|
+
# VM instances.
|
27
|
+
#
|
28
|
+
# An OS policy is used to define the desired state configuration for a
|
29
|
+
# Compute Engine VM instance through a set of configuration resources that
|
30
|
+
# provide capabilities such as installing or removing software packages, or
|
31
|
+
# executing a script.
|
32
|
+
#
|
33
|
+
# For more information, see [OS policy and OS policy
|
34
|
+
# assignment](https://cloud.google.com/compute/docs/os-configuration-management/working-with-os-policies).
|
35
|
+
# @!attribute [rw] name
|
36
|
+
# @return [::String]
|
37
|
+
# Resource name.
|
38
|
+
#
|
39
|
+
# Format:
|
40
|
+
# `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id}`
|
41
|
+
#
|
42
|
+
# This field is ignored when you create an OS policy assignment.
|
43
|
+
# @!attribute [rw] description
|
44
|
+
# @return [::String]
|
45
|
+
# OS policy assignment description.
|
46
|
+
# Length of the description is limited to 1024 characters.
|
47
|
+
# @!attribute [rw] os_policies
|
48
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicy>]
|
49
|
+
# Required. List of OS policies to be applied to the VMs.
|
50
|
+
# @!attribute [rw] instance_filter
|
51
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::InstanceFilter]
|
52
|
+
# Required. Filter to select VMs.
|
53
|
+
# @!attribute [rw] rollout
|
54
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::Rollout]
|
55
|
+
# Required. Rollout to deploy the OS policy assignment.
|
56
|
+
# A rollout is triggered in the following situations:
|
57
|
+
# 1) OSPolicyAssignment is created.
|
58
|
+
# 2) OSPolicyAssignment is updated and the update contains changes to one of
|
59
|
+
# the following fields:
|
60
|
+
# - instance_filter
|
61
|
+
# - os_policies
|
62
|
+
# 3) OSPolicyAssignment is deleted.
|
63
|
+
# @!attribute [r] revision_id
|
64
|
+
# @return [::String]
|
65
|
+
# Output only. The assignment revision ID
|
66
|
+
# A new revision is committed whenever a rollout is triggered for a OS policy
|
67
|
+
# assignment
|
68
|
+
# @!attribute [r] revision_create_time
|
69
|
+
# @return [::Google::Protobuf::Timestamp]
|
70
|
+
# Output only. The timestamp that the revision was created.
|
71
|
+
# @!attribute [r] rollout_state
|
72
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::RolloutState]
|
73
|
+
# Output only. OS policy assignment rollout state
|
74
|
+
# @!attribute [r] baseline
|
75
|
+
# @return [::Boolean]
|
76
|
+
# Output only. Indicates that this revision has been successfully rolled out in this zone
|
77
|
+
# and new VMs will be assigned OS policies from this revision.
|
78
|
+
#
|
79
|
+
# For a given OS policy assignment, there is only one revision with a value
|
80
|
+
# of `true` for this field.
|
81
|
+
# @!attribute [r] deleted
|
82
|
+
# @return [::Boolean]
|
83
|
+
# Output only. Indicates that this revision deletes the OS policy assignment.
|
84
|
+
# @!attribute [r] reconciling
|
85
|
+
# @return [::Boolean]
|
86
|
+
# Output only. Indicates that reconciliation is in progress for the revision.
|
87
|
+
# This value is `true` when the `rollout_state` is one of:
|
88
|
+
# * IN_PROGRESS
|
89
|
+
# * CANCELLING
|
90
|
+
# @!attribute [r] uid
|
91
|
+
# @return [::String]
|
92
|
+
# Output only. Server generated unique id for the OS policy assignment resource.
|
93
|
+
class OSPolicyAssignment
|
94
|
+
include ::Google::Protobuf::MessageExts
|
95
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
+
|
97
|
+
# Message representing label set.
|
98
|
+
# * A label is a key value pair set for a VM.
|
99
|
+
# * A LabelSet is a set of labels.
|
100
|
+
# * Labels within a LabelSet are ANDed. In other words, a LabelSet is
|
101
|
+
# applicable for a VM only if it matches all the labels in the
|
102
|
+
# LabelSet.
|
103
|
+
# * Example: A LabelSet with 2 labels: `env=prod` and `type=webserver` will
|
104
|
+
# only be applicable for those VMs with both labels
|
105
|
+
# present.
|
106
|
+
# @!attribute [rw] labels
|
107
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
108
|
+
# Labels are identified by key/value pairs in this map.
|
109
|
+
# A VM should contain all the key/value pairs specified in this
|
110
|
+
# map to be selected.
|
111
|
+
class LabelSet
|
112
|
+
include ::Google::Protobuf::MessageExts
|
113
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
114
|
+
|
115
|
+
# @!attribute [rw] key
|
116
|
+
# @return [::String]
|
117
|
+
# @!attribute [rw] value
|
118
|
+
# @return [::String]
|
119
|
+
class LabelsEntry
|
120
|
+
include ::Google::Protobuf::MessageExts
|
121
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
122
|
+
end
|
123
|
+
end
|
124
|
+
|
125
|
+
# Message to represent the filters to select VMs for an assignment
|
126
|
+
# @!attribute [rw] all
|
127
|
+
# @return [::Boolean]
|
128
|
+
# Target all VMs in the project. If true, no other criteria is
|
129
|
+
# permitted.
|
130
|
+
# @!attribute [rw] os_short_names
|
131
|
+
# @return [::Array<::String>]
|
132
|
+
# A VM is included if it's OS short name matches with any of the
|
133
|
+
# values provided in this list.
|
134
|
+
# @!attribute [rw] inclusion_labels
|
135
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::LabelSet>]
|
136
|
+
# List of label sets used for VM inclusion.
|
137
|
+
#
|
138
|
+
# If the list has more than one `LabelSet`, the VM is included if any
|
139
|
+
# of the label sets are applicable for the VM.
|
140
|
+
# @!attribute [rw] exclusion_labels
|
141
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::LabelSet>]
|
142
|
+
# List of label sets used for VM exclusion.
|
143
|
+
#
|
144
|
+
# If the list has more than one label set, the VM is excluded if any
|
145
|
+
# of the label sets are applicable for the VM.
|
146
|
+
#
|
147
|
+
# This filter is applied last in the filtering chain and therefore a
|
148
|
+
# VM is guaranteed to be excluded if it satisfies one of the below
|
149
|
+
# label sets.
|
150
|
+
class InstanceFilter
|
151
|
+
include ::Google::Protobuf::MessageExts
|
152
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
153
|
+
end
|
154
|
+
|
155
|
+
# Message to configure the rollout at the zonal level for the OS policy
|
156
|
+
# assignment.
|
157
|
+
# @!attribute [rw] disruption_budget
|
158
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::FixedOrPercent]
|
159
|
+
# Required. The maximum number (or percentage) of VMs per zone to disrupt at
|
160
|
+
# any given moment.
|
161
|
+
# @!attribute [rw] min_wait_duration
|
162
|
+
# @return [::Google::Protobuf::Duration]
|
163
|
+
# Required. This determines the minimum duration of time to wait after the
|
164
|
+
# configuration changes are applied through the current rollout. A
|
165
|
+
# VM continues to count towards the `disruption_budget` at least
|
166
|
+
# until this duration of time has passed after configuration changes are
|
167
|
+
# applied.
|
168
|
+
class Rollout
|
169
|
+
include ::Google::Protobuf::MessageExts
|
170
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
171
|
+
end
|
172
|
+
|
173
|
+
# OS policy assignment rollout state
|
174
|
+
module RolloutState
|
175
|
+
# Invalid value
|
176
|
+
ROLLOUT_STATE_UNSPECIFIED = 0
|
177
|
+
|
178
|
+
# The rollout is in progress.
|
179
|
+
IN_PROGRESS = 1
|
180
|
+
|
181
|
+
# The rollout is being cancelled.
|
182
|
+
CANCELLING = 2
|
183
|
+
|
184
|
+
# The rollout is cancelled.
|
185
|
+
CANCELLED = 3
|
186
|
+
|
187
|
+
# The rollout has completed successfully.
|
188
|
+
SUCCEEDED = 4
|
189
|
+
end
|
190
|
+
end
|
191
|
+
|
192
|
+
# OS policy assignment operation metadata provided by OS policy assignment API
|
193
|
+
# methods that return long running operations.
|
194
|
+
# @!attribute [rw] os_policy_assignment
|
195
|
+
# @return [::String]
|
196
|
+
# Reference to the `OSPolicyAssignment` API resource.
|
197
|
+
#
|
198
|
+
# Format:
|
199
|
+
# `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}`
|
200
|
+
# @!attribute [rw] api_method
|
201
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentOperationMetadata::APIMethod]
|
202
|
+
# The OS policy assignment API method.
|
203
|
+
# @!attribute [rw] rollout_state
|
204
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentOperationMetadata::RolloutState]
|
205
|
+
# State of the rollout
|
206
|
+
# @!attribute [rw] rollout_start_time
|
207
|
+
# @return [::Google::Protobuf::Timestamp]
|
208
|
+
# Rollout start time
|
209
|
+
# @!attribute [rw] rollout_update_time
|
210
|
+
# @return [::Google::Protobuf::Timestamp]
|
211
|
+
# Rollout update time
|
212
|
+
class OSPolicyAssignmentOperationMetadata
|
213
|
+
include ::Google::Protobuf::MessageExts
|
214
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
215
|
+
|
216
|
+
# The OS policy assignment API method.
|
217
|
+
module APIMethod
|
218
|
+
# Invalid value
|
219
|
+
API_METHOD_UNSPECIFIED = 0
|
220
|
+
|
221
|
+
# Create OS policy assignment API method
|
222
|
+
CREATE = 1
|
223
|
+
|
224
|
+
# Update OS policy assignment API method
|
225
|
+
UPDATE = 2
|
226
|
+
|
227
|
+
# Delete OS policy assignment API method
|
228
|
+
DELETE = 3
|
229
|
+
end
|
230
|
+
|
231
|
+
# State of the rollout
|
232
|
+
module RolloutState
|
233
|
+
# Invalid value
|
234
|
+
ROLLOUT_STATE_UNSPECIFIED = 0
|
235
|
+
|
236
|
+
# The rollout is in progress.
|
237
|
+
IN_PROGRESS = 1
|
238
|
+
|
239
|
+
# The rollout is being cancelled.
|
240
|
+
CANCELLING = 2
|
241
|
+
|
242
|
+
# The rollout is cancelled.
|
243
|
+
CANCELLED = 3
|
244
|
+
|
245
|
+
# The rollout has completed successfully.
|
246
|
+
SUCCEEDED = 4
|
247
|
+
end
|
248
|
+
end
|
249
|
+
|
250
|
+
# A request message to create an OS policy assignment
|
251
|
+
# @!attribute [rw] parent
|
252
|
+
# @return [::String]
|
253
|
+
# Required. The parent resource name in the form:
|
254
|
+
# projects/\\{project}/locations/\\{location}
|
255
|
+
# @!attribute [rw] os_policy_assignment
|
256
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment]
|
257
|
+
# Required. The OS policy assignment to be created.
|
258
|
+
# @!attribute [rw] os_policy_assignment_id
|
259
|
+
# @return [::String]
|
260
|
+
# Required. The logical name of the OS policy assignment in the project
|
261
|
+
# with the following restrictions:
|
262
|
+
#
|
263
|
+
# * Must contain only lowercase letters, numbers, and hyphens.
|
264
|
+
# * Must start with a letter.
|
265
|
+
# * Must be between 1-63 characters.
|
266
|
+
# * Must end with a number or a letter.
|
267
|
+
# * Must be unique within the project.
|
268
|
+
class CreateOSPolicyAssignmentRequest
|
269
|
+
include ::Google::Protobuf::MessageExts
|
270
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
271
|
+
end
|
272
|
+
|
273
|
+
# A request message to update an OS policy assignment
|
274
|
+
# @!attribute [rw] os_policy_assignment
|
275
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment]
|
276
|
+
# Required. The updated OS policy assignment.
|
277
|
+
# @!attribute [rw] update_mask
|
278
|
+
# @return [::Google::Protobuf::FieldMask]
|
279
|
+
# Optional. Field mask that controls which fields of the assignment should be updated.
|
280
|
+
class UpdateOSPolicyAssignmentRequest
|
281
|
+
include ::Google::Protobuf::MessageExts
|
282
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
283
|
+
end
|
284
|
+
|
285
|
+
# A request message to get an OS policy assignment
|
286
|
+
# @!attribute [rw] name
|
287
|
+
# @return [::String]
|
288
|
+
# Required. The resource name of OS policy assignment.
|
289
|
+
#
|
290
|
+
# Format:
|
291
|
+
# `projects/{project}/locations/{location}/osPolicyAssignments/{os_policy_assignment}@{revisionId}`
|
292
|
+
class GetOSPolicyAssignmentRequest
|
293
|
+
include ::Google::Protobuf::MessageExts
|
294
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
295
|
+
end
|
296
|
+
|
297
|
+
# A request message to list OS policy assignments for a parent resource
|
298
|
+
# @!attribute [rw] parent
|
299
|
+
# @return [::String]
|
300
|
+
# Required. The parent resource name.
|
301
|
+
# @!attribute [rw] page_size
|
302
|
+
# @return [::Integer]
|
303
|
+
# The maximum number of assignments to return.
|
304
|
+
# @!attribute [rw] page_token
|
305
|
+
# @return [::String]
|
306
|
+
# A pagination token returned from a previous call to
|
307
|
+
# `ListOSPolicyAssignments` that indicates where this listing should continue
|
308
|
+
# from.
|
309
|
+
class ListOSPolicyAssignmentsRequest
|
310
|
+
include ::Google::Protobuf::MessageExts
|
311
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
312
|
+
end
|
313
|
+
|
314
|
+
# A response message for listing all assignments under given parent.
|
315
|
+
# @!attribute [rw] os_policy_assignments
|
316
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment>]
|
317
|
+
# The list of assignments
|
318
|
+
# @!attribute [rw] next_page_token
|
319
|
+
# @return [::String]
|
320
|
+
# The pagination token to retrieve the next page of OS policy assignments.
|
321
|
+
class ListOSPolicyAssignmentsResponse
|
322
|
+
include ::Google::Protobuf::MessageExts
|
323
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
324
|
+
end
|
325
|
+
|
326
|
+
# A request message to list revisions for a OS policy assignment
|
327
|
+
# @!attribute [rw] name
|
328
|
+
# @return [::String]
|
329
|
+
# Required. The name of the OS policy assignment to list revisions for.
|
330
|
+
# @!attribute [rw] page_size
|
331
|
+
# @return [::Integer]
|
332
|
+
# The maximum number of revisions to return.
|
333
|
+
# @!attribute [rw] page_token
|
334
|
+
# @return [::String]
|
335
|
+
# A pagination token returned from a previous call to
|
336
|
+
# `ListOSPolicyAssignmentRevisions` that indicates where this listing should
|
337
|
+
# continue from.
|
338
|
+
class ListOSPolicyAssignmentRevisionsRequest
|
339
|
+
include ::Google::Protobuf::MessageExts
|
340
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
341
|
+
end
|
342
|
+
|
343
|
+
# A response message for listing all revisions for a OS policy assignment.
|
344
|
+
# @!attribute [rw] os_policy_assignments
|
345
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment>]
|
346
|
+
# The OS policy assignment revisions
|
347
|
+
# @!attribute [rw] next_page_token
|
348
|
+
# @return [::String]
|
349
|
+
# The pagination token to retrieve the next page of OS policy assignment
|
350
|
+
# revisions.
|
351
|
+
class ListOSPolicyAssignmentRevisionsResponse
|
352
|
+
include ::Google::Protobuf::MessageExts
|
353
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
354
|
+
end
|
355
|
+
|
356
|
+
# A request message for deleting a OS policy assignment.
|
357
|
+
# @!attribute [rw] name
|
358
|
+
# @return [::String]
|
359
|
+
# Required. The name of the OS policy assignment to be deleted
|
360
|
+
class DeleteOSPolicyAssignmentRequest
|
361
|
+
include ::Google::Protobuf::MessageExts
|
362
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
363
|
+
end
|
364
|
+
end
|
365
|
+
end
|
366
|
+
end
|
367
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module OsConfig
|
23
|
+
module V1alpha
|
24
|
+
# Message encapsulating a value that can be either absolute ("fixed") or
|
25
|
+
# relative ("percent") to a value.
|
26
|
+
# @!attribute [rw] fixed
|
27
|
+
# @return [::Integer]
|
28
|
+
# Specifies a fixed value.
|
29
|
+
# @!attribute [rw] percent
|
30
|
+
# @return [::Integer]
|
31
|
+
# Specifies the relative value defined as a percentage, which will be
|
32
|
+
# multiplied by a reference value.
|
33
|
+
class FixedOrPercent
|
34
|
+
include ::Google::Protobuf::MessageExts
|
35
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,341 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module OsConfig
|
23
|
+
module V1alpha
|
24
|
+
# This API resource represents the vulnerability report for a specified
|
25
|
+
# Compute Engine virtual machine (VM) instance at a given point in time.
|
26
|
+
#
|
27
|
+
# For more information, see [Vulnerability
|
28
|
+
# reports](https://cloud.google.com/compute/docs/instances/os-inventory-management#vulnerability-reports).
|
29
|
+
# @!attribute [r] name
|
30
|
+
# @return [::String]
|
31
|
+
# Output only. The `vulnerabilityReport` API resource name.
|
32
|
+
#
|
33
|
+
# Format:
|
34
|
+
# `projects/{project_number}/locations/{location}/instances/{instance_id}/vulnerabilityReport`
|
35
|
+
# @!attribute [r] vulnerabilities
|
36
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::VulnerabilityReport::Vulnerability>]
|
37
|
+
# Output only. List of vulnerabilities affecting the VM.
|
38
|
+
# @!attribute [r] update_time
|
39
|
+
# @return [::Google::Protobuf::Timestamp]
|
40
|
+
# Output only. The timestamp for when the last vulnerability report was
|
41
|
+
# generated for the VM.
|
42
|
+
class VulnerabilityReport
|
43
|
+
include ::Google::Protobuf::MessageExts
|
44
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
45
|
+
|
46
|
+
# A vulnerability affecting the VM instance.
|
47
|
+
# @!attribute [rw] details
|
48
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::VulnerabilityReport::Vulnerability::Details]
|
49
|
+
# Contains metadata as per the upstream feed of the operating system and
|
50
|
+
# NVD.
|
51
|
+
# @!attribute [rw] installed_inventory_item_ids
|
52
|
+
# @return [::Array<::String>]
|
53
|
+
# Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
|
54
|
+
# This field displays the inventory items affected by this vulnerability.
|
55
|
+
# If the vulnerability report was not updated after the VM inventory
|
56
|
+
# update, these values might not display in VM inventory. For some distros,
|
57
|
+
# this field may be empty.
|
58
|
+
# @!attribute [rw] available_inventory_item_ids
|
59
|
+
# @return [::Array<::String>]
|
60
|
+
# Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
|
61
|
+
# If the vulnerability report was not updated after the VM inventory
|
62
|
+
# update, these values might not display in VM inventory. If there is no
|
63
|
+
# available fix, the field is empty. The `inventory_item` value specifies
|
64
|
+
# the latest `SoftwarePackage` available to the VM that fixes the
|
65
|
+
# vulnerability.
|
66
|
+
# @!attribute [rw] create_time
|
67
|
+
# @return [::Google::Protobuf::Timestamp]
|
68
|
+
# The timestamp for when the vulnerability was first detected.
|
69
|
+
# @!attribute [rw] update_time
|
70
|
+
# @return [::Google::Protobuf::Timestamp]
|
71
|
+
# The timestamp for when the vulnerability was last modified.
|
72
|
+
class Vulnerability
|
73
|
+
include ::Google::Protobuf::MessageExts
|
74
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
75
|
+
|
76
|
+
# Contains metadata information for the vulnerability. This information is
|
77
|
+
# collected from the upstream feed of the operating system.
|
78
|
+
# @!attribute [rw] cve
|
79
|
+
# @return [::String]
|
80
|
+
# The CVE of the vulnerability. CVE cannot be
|
81
|
+
# empty and the combination of <cve, classification> should be unique
|
82
|
+
# across vulnerabilities for a VM.
|
83
|
+
# @!attribute [rw] cvss_v2_score
|
84
|
+
# @return [::Float]
|
85
|
+
# The CVSS V2 score of this vulnerability. CVSS V2 score is on a scale of
|
86
|
+
# 0 - 10 where 0 indicates low severity and 10 indicates high severity.
|
87
|
+
# @!attribute [rw] cvss_v3
|
88
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3]
|
89
|
+
# The full description of the CVSSv3 for this vulnerability from NVD.
|
90
|
+
# @!attribute [rw] severity
|
91
|
+
# @return [::String]
|
92
|
+
# Assigned severity/impact ranking from the distro.
|
93
|
+
# @!attribute [rw] description
|
94
|
+
# @return [::String]
|
95
|
+
# The note or description describing the vulnerability from the distro.
|
96
|
+
# @!attribute [rw] references
|
97
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::VulnerabilityReport::Vulnerability::Details::Reference>]
|
98
|
+
# Corresponds to the references attached to the `VulnerabilityDetails`.
|
99
|
+
class Details
|
100
|
+
include ::Google::Protobuf::MessageExts
|
101
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
102
|
+
|
103
|
+
# A reference for this vulnerability.
|
104
|
+
# @!attribute [rw] url
|
105
|
+
# @return [::String]
|
106
|
+
# The url of the reference.
|
107
|
+
class Reference
|
108
|
+
include ::Google::Protobuf::MessageExts
|
109
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
114
|
+
|
115
|
+
# A request message for getting the vulnerability report for the specified VM.
|
116
|
+
# @!attribute [rw] name
|
117
|
+
# @return [::String]
|
118
|
+
# Required. API resource name for vulnerability resource.
|
119
|
+
#
|
120
|
+
# Format:
|
121
|
+
# `projects/{project}/locations/{location}/instances/{instance}/vulnerabilityReport`
|
122
|
+
#
|
123
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
124
|
+
# For `{instance}`, either Compute Engine `instance-id` or `instance-name`
|
125
|
+
# can be provided.
|
126
|
+
class GetVulnerabilityReportRequest
|
127
|
+
include ::Google::Protobuf::MessageExts
|
128
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
129
|
+
end
|
130
|
+
|
131
|
+
# A request message for listing vulnerability reports for all VM instances in
|
132
|
+
# the specified location.
|
133
|
+
# @!attribute [rw] parent
|
134
|
+
# @return [::String]
|
135
|
+
# Required. The parent resource name.
|
136
|
+
#
|
137
|
+
# Format: `projects/{project}/locations/{location}/instances/{instance}`
|
138
|
+
#
|
139
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
140
|
+
# For `{instance}`, only `-` character is supported to list vulnerability
|
141
|
+
# reports across VMs.
|
142
|
+
# @!attribute [rw] page_size
|
143
|
+
# @return [::Integer]
|
144
|
+
# The maximum number of results to return.
|
145
|
+
# @!attribute [rw] page_token
|
146
|
+
# @return [::String]
|
147
|
+
# A pagination token returned from a previous call to
|
148
|
+
# `ListVulnerabilityReports` that indicates where this listing
|
149
|
+
# should continue from.
|
150
|
+
# @!attribute [rw] filter
|
151
|
+
# @return [::String]
|
152
|
+
# If provided, this field specifies the criteria that must be met by a
|
153
|
+
# `vulnerabilityReport` API resource to be included in the response.
|
154
|
+
class ListVulnerabilityReportsRequest
|
155
|
+
include ::Google::Protobuf::MessageExts
|
156
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
157
|
+
end
|
158
|
+
|
159
|
+
# A response message for listing vulnerability reports for all VM instances in
|
160
|
+
# the specified location.
|
161
|
+
# @!attribute [rw] vulnerability_reports
|
162
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::VulnerabilityReport>]
|
163
|
+
# List of vulnerabilityReport objects.
|
164
|
+
# @!attribute [rw] next_page_token
|
165
|
+
# @return [::String]
|
166
|
+
# The pagination token to retrieve the next page of vulnerabilityReports
|
167
|
+
# object.
|
168
|
+
class ListVulnerabilityReportsResponse
|
169
|
+
include ::Google::Protobuf::MessageExts
|
170
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
171
|
+
end
|
172
|
+
|
173
|
+
# Common Vulnerability Scoring System version 3.
|
174
|
+
# For details, see https://www.first.org/cvss/specification-document
|
175
|
+
# @!attribute [rw] base_score
|
176
|
+
# @return [::Float]
|
177
|
+
# The base score is a function of the base metric scores.
|
178
|
+
# https://www.first.org/cvss/specification-document#Base-Metrics
|
179
|
+
# @!attribute [rw] exploitability_score
|
180
|
+
# @return [::Float]
|
181
|
+
# The Exploitability sub-score equation is derived from the Base
|
182
|
+
# Exploitability metrics.
|
183
|
+
# https://www.first.org/cvss/specification-document#2-1-Exploitability-Metrics
|
184
|
+
# @!attribute [rw] impact_score
|
185
|
+
# @return [::Float]
|
186
|
+
# The Impact sub-score equation is derived from the Base Impact metrics.
|
187
|
+
# @!attribute [rw] attack_vector
|
188
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::AttackVector]
|
189
|
+
# This metric reflects the context by which vulnerability exploitation is
|
190
|
+
# possible.
|
191
|
+
# @!attribute [rw] attack_complexity
|
192
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::AttackComplexity]
|
193
|
+
# This metric describes the conditions beyond the attacker's control that
|
194
|
+
# must exist in order to exploit the vulnerability.
|
195
|
+
# @!attribute [rw] privileges_required
|
196
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::PrivilegesRequired]
|
197
|
+
# This metric describes the level of privileges an attacker must possess
|
198
|
+
# before successfully exploiting the vulnerability.
|
199
|
+
# @!attribute [rw] user_interaction
|
200
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::UserInteraction]
|
201
|
+
# This metric captures the requirement for a human user, other than the
|
202
|
+
# attacker, to participate in the successful compromise of the vulnerable
|
203
|
+
# component.
|
204
|
+
# @!attribute [rw] scope
|
205
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::Scope]
|
206
|
+
# The Scope metric captures whether a vulnerability in one vulnerable
|
207
|
+
# component impacts resources in components beyond its security scope.
|
208
|
+
# @!attribute [rw] confidentiality_impact
|
209
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::Impact]
|
210
|
+
# This metric measures the impact to the confidentiality of the information
|
211
|
+
# resources managed by a software component due to a successfully exploited
|
212
|
+
# vulnerability.
|
213
|
+
# @!attribute [rw] integrity_impact
|
214
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::Impact]
|
215
|
+
# This metric measures the impact to integrity of a successfully exploited
|
216
|
+
# vulnerability.
|
217
|
+
# @!attribute [rw] availability_impact
|
218
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::CVSSv3::Impact]
|
219
|
+
# This metric measures the impact to the availability of the impacted
|
220
|
+
# component resulting from a successfully exploited vulnerability.
|
221
|
+
class CVSSv3
|
222
|
+
include ::Google::Protobuf::MessageExts
|
223
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
224
|
+
|
225
|
+
# This metric reflects the context by which vulnerability exploitation is
|
226
|
+
# possible.
|
227
|
+
module AttackVector
|
228
|
+
# Invalid value.
|
229
|
+
ATTACK_VECTOR_UNSPECIFIED = 0
|
230
|
+
|
231
|
+
# The vulnerable component is bound to the network stack and the set of
|
232
|
+
# possible attackers extends beyond the other options listed below, up to
|
233
|
+
# and including the entire Internet.
|
234
|
+
ATTACK_VECTOR_NETWORK = 1
|
235
|
+
|
236
|
+
# The vulnerable component is bound to the network stack, but the attack is
|
237
|
+
# limited at the protocol level to a logically adjacent topology.
|
238
|
+
ATTACK_VECTOR_ADJACENT = 2
|
239
|
+
|
240
|
+
# The vulnerable component is not bound to the network stack and the
|
241
|
+
# attacker's path is via read/write/execute capabilities.
|
242
|
+
ATTACK_VECTOR_LOCAL = 3
|
243
|
+
|
244
|
+
# The attack requires the attacker to physically touch or manipulate the
|
245
|
+
# vulnerable component.
|
246
|
+
ATTACK_VECTOR_PHYSICAL = 4
|
247
|
+
end
|
248
|
+
|
249
|
+
# This metric describes the conditions beyond the attacker's control that
|
250
|
+
# must exist in order to exploit the vulnerability.
|
251
|
+
module AttackComplexity
|
252
|
+
# Invalid value.
|
253
|
+
ATTACK_COMPLEXITY_UNSPECIFIED = 0
|
254
|
+
|
255
|
+
# Specialized access conditions or extenuating circumstances do not exist.
|
256
|
+
# An attacker can expect repeatable success when attacking the vulnerable
|
257
|
+
# component.
|
258
|
+
ATTACK_COMPLEXITY_LOW = 1
|
259
|
+
|
260
|
+
# A successful attack depends on conditions beyond the attacker's control.
|
261
|
+
# That is, a successful attack cannot be accomplished at will, but requires
|
262
|
+
# the attacker to invest in some measurable amount of effort in preparation
|
263
|
+
# or execution against the vulnerable component before a successful attack
|
264
|
+
# can be expected.
|
265
|
+
ATTACK_COMPLEXITY_HIGH = 2
|
266
|
+
end
|
267
|
+
|
268
|
+
# This metric describes the level of privileges an attacker must possess
|
269
|
+
# before successfully exploiting the vulnerability.
|
270
|
+
module PrivilegesRequired
|
271
|
+
# Invalid value.
|
272
|
+
PRIVILEGES_REQUIRED_UNSPECIFIED = 0
|
273
|
+
|
274
|
+
# The attacker is unauthorized prior to attack, and therefore does not
|
275
|
+
# require any access to settings or files of the vulnerable system to
|
276
|
+
# carry out an attack.
|
277
|
+
PRIVILEGES_REQUIRED_NONE = 1
|
278
|
+
|
279
|
+
# The attacker requires privileges that provide basic user capabilities
|
280
|
+
# that could normally affect only settings and files owned by a user.
|
281
|
+
# Alternatively, an attacker with Low privileges has the ability to access
|
282
|
+
# only non-sensitive resources.
|
283
|
+
PRIVILEGES_REQUIRED_LOW = 2
|
284
|
+
|
285
|
+
# The attacker requires privileges that provide significant (e.g.,
|
286
|
+
# administrative) control over the vulnerable component allowing access to
|
287
|
+
# component-wide settings and files.
|
288
|
+
PRIVILEGES_REQUIRED_HIGH = 3
|
289
|
+
end
|
290
|
+
|
291
|
+
# This metric captures the requirement for a human user, other than the
|
292
|
+
# attacker, to participate in the successful compromise of the vulnerable
|
293
|
+
# component.
|
294
|
+
module UserInteraction
|
295
|
+
# Invalid value.
|
296
|
+
USER_INTERACTION_UNSPECIFIED = 0
|
297
|
+
|
298
|
+
# The vulnerable system can be exploited without interaction from any user.
|
299
|
+
USER_INTERACTION_NONE = 1
|
300
|
+
|
301
|
+
# Successful exploitation of this vulnerability requires a user to take
|
302
|
+
# some action before the vulnerability can be exploited.
|
303
|
+
USER_INTERACTION_REQUIRED = 2
|
304
|
+
end
|
305
|
+
|
306
|
+
# The Scope metric captures whether a vulnerability in one vulnerable
|
307
|
+
# component impacts resources in components beyond its security scope.
|
308
|
+
module Scope
|
309
|
+
# Invalid value.
|
310
|
+
SCOPE_UNSPECIFIED = 0
|
311
|
+
|
312
|
+
# An exploited vulnerability can only affect resources managed by the same
|
313
|
+
# security authority.
|
314
|
+
SCOPE_UNCHANGED = 1
|
315
|
+
|
316
|
+
# An exploited vulnerability can affect resources beyond the security scope
|
317
|
+
# managed by the security authority of the vulnerable component.
|
318
|
+
SCOPE_CHANGED = 2
|
319
|
+
end
|
320
|
+
|
321
|
+
# The Impact metrics capture the effects of a successfully exploited
|
322
|
+
# vulnerability on the component that suffers the worst outcome that is most
|
323
|
+
# directly and predictably associated with the attack.
|
324
|
+
module Impact
|
325
|
+
# Invalid value.
|
326
|
+
IMPACT_UNSPECIFIED = 0
|
327
|
+
|
328
|
+
# High impact.
|
329
|
+
IMPACT_HIGH = 1
|
330
|
+
|
331
|
+
# Low impact.
|
332
|
+
IMPACT_LOW = 2
|
333
|
+
|
334
|
+
# No impact.
|
335
|
+
IMPACT_NONE = 3
|
336
|
+
end
|
337
|
+
end
|
338
|
+
end
|
339
|
+
end
|
340
|
+
end
|
341
|
+
end
|