google-cloud-os_config-v1alpha 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/google/cloud/os_config/v1alpha/os_config_zonal_service/client.rb +237 -7
- data/lib/google/cloud/os_config/v1alpha/os_config_zonal_service/paths.rb +42 -0
- data/lib/google/cloud/os_config/v1alpha/version.rb +1 -1
- data/lib/google/cloud/osconfig/v1alpha/config_common_pb.rb +1 -0
- data/lib/google/cloud/osconfig/v1alpha/instance_os_policies_compliance_pb.rb +1 -0
- data/lib/google/cloud/osconfig/v1alpha/inventory_pb.rb +1 -0
- data/lib/google/cloud/osconfig/v1alpha/os_policy_assignment_reports_pb.rb +93 -0
- data/lib/google/cloud/osconfig/v1alpha/os_policy_assignments_pb.rb +8 -0
- data/lib/google/cloud/osconfig/v1alpha/os_policy_pb.rb +7 -0
- data/lib/google/cloud/osconfig/v1alpha/osconfig_common_pb.rb +1 -0
- data/lib/google/cloud/osconfig/v1alpha/osconfig_zonal_service_pb.rb +1 -0
- data/lib/google/cloud/osconfig/v1alpha/osconfig_zonal_service_services_pb.rb +6 -0
- data/lib/google/cloud/osconfig/v1alpha/vulnerability_pb.rb +10 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/inventory.rb +9 -14
- data/proto_docs/google/cloud/osconfig/v1alpha/os_policy.rb +44 -11
- data/proto_docs/google/cloud/osconfig/v1alpha/os_policy_assignment_reports.rb +293 -0
- data/proto_docs/google/cloud/osconfig/v1alpha/os_policy_assignments.rb +33 -5
- data/proto_docs/google/cloud/osconfig/v1alpha/vulnerability.rb +38 -5
- metadata +5 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1dab932136f9c5df0eb2edd784b359c2464bf23f363c123b708db0bc17fe3def
|
|
4
|
+
data.tar.gz: 5e45c9b0af797fa25fbde8e73d45e42aae34d374573e9b340b3ad48d5cb3bc0b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7264a5c47ad16a4b44aa471a97649799897bd3150b4ff407709b0daeb0b48ffe24e72dc941d2c5a802ab0c14f2bda4037747ef9302ed7358df59e2949f658811
|
|
7
|
+
data.tar.gz: 4078b9a721a4f341fddb2bca8d1ec8f7f7ed2a83971c28027206bd98bf313ff159a96b3919a53ca16098ebc06e6184131094ee3d3a6b973b9c8c1ed3ff0dcbdb
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ request = ::Google::Cloud::OsConfig::V1alpha::CreateOSPolicyAssignmentRequest.ne
|
|
|
37
37
|
response = client.create_os_policy_assignment request
|
|
38
38
|
```
|
|
39
39
|
|
|
40
|
-
View the [Client Library Documentation](https://
|
|
40
|
+
View the [Client Library Documentation](https://cloud.google.com/ruby/docs/reference/google-cloud-os_config-v1alpha/latest)
|
|
41
41
|
for class and method documentation.
|
|
42
42
|
|
|
43
43
|
See also the [Product Documentation](https://cloud.google.com/compute/docs/manage-os)
|
|
@@ -779,6 +779,8 @@ module Google
|
|
|
779
779
|
# Get OS policies compliance data for the specified Compute Engine VM
|
|
780
780
|
# instance.
|
|
781
781
|
#
|
|
782
|
+
# @deprecated This method is deprecated and may be removed in the next major version update.
|
|
783
|
+
#
|
|
782
784
|
# @overload get_instance_os_policies_compliance(request, options = nil)
|
|
783
785
|
# Pass arguments to `get_instance_os_policies_compliance` via a request object, either of type
|
|
784
786
|
# {::Google::Cloud::OsConfig::V1alpha::GetInstanceOSPoliciesComplianceRequest} or an equivalent Hash.
|
|
@@ -873,6 +875,8 @@ module Google
|
|
|
873
875
|
# List OS policies compliance data for all Compute Engine VM instances in the
|
|
874
876
|
# specified zone.
|
|
875
877
|
#
|
|
878
|
+
# @deprecated This method is deprecated and may be removed in the next major version update.
|
|
879
|
+
#
|
|
876
880
|
# @overload list_instance_os_policies_compliances(request, options = nil)
|
|
877
881
|
# Pass arguments to `list_instance_os_policies_compliances` via a request object, either of type
|
|
878
882
|
# {::Google::Cloud::OsConfig::V1alpha::ListInstanceOSPoliciesCompliancesRequest} or an equivalent Hash.
|
|
@@ -976,6 +980,222 @@ module Google
|
|
|
976
980
|
raise ::Google::Cloud::Error.from_error(e)
|
|
977
981
|
end
|
|
978
982
|
|
|
983
|
+
##
|
|
984
|
+
# Get the OS policy asssignment report for the specified Compute Engine VM
|
|
985
|
+
# instance.
|
|
986
|
+
#
|
|
987
|
+
# @overload get_os_policy_assignment_report(request, options = nil)
|
|
988
|
+
# Pass arguments to `get_os_policy_assignment_report` via a request object, either of type
|
|
989
|
+
# {::Google::Cloud::OsConfig::V1alpha::GetOSPolicyAssignmentReportRequest} or an equivalent Hash.
|
|
990
|
+
#
|
|
991
|
+
# @param request [::Google::Cloud::OsConfig::V1alpha::GetOSPolicyAssignmentReportRequest, ::Hash]
|
|
992
|
+
# A request object representing the call parameters. Required. To specify no
|
|
993
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
994
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
995
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
996
|
+
#
|
|
997
|
+
# @overload get_os_policy_assignment_report(name: nil)
|
|
998
|
+
# Pass arguments to `get_os_policy_assignment_report` via keyword arguments. Note that at
|
|
999
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1000
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1001
|
+
#
|
|
1002
|
+
# @param name [::String]
|
|
1003
|
+
# Required. API resource name for OS policy assignment report.
|
|
1004
|
+
#
|
|
1005
|
+
# Format:
|
|
1006
|
+
# `/projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}/report`
|
|
1007
|
+
#
|
|
1008
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
1009
|
+
# For `{instance_id}`, either Compute Engine `instance-id` or `instance-name`
|
|
1010
|
+
# can be provided.
|
|
1011
|
+
# For `{assignment_id}`, the OSPolicyAssignment id must be provided.
|
|
1012
|
+
#
|
|
1013
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
1014
|
+
# @yieldparam response [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport]
|
|
1015
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
1016
|
+
#
|
|
1017
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport]
|
|
1018
|
+
#
|
|
1019
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
1020
|
+
#
|
|
1021
|
+
# @example Basic example
|
|
1022
|
+
# require "google/cloud/os_config/v1alpha"
|
|
1023
|
+
#
|
|
1024
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1025
|
+
# client = Google::Cloud::OsConfig::V1alpha::OsConfigZonalService::Client.new
|
|
1026
|
+
#
|
|
1027
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1028
|
+
# request = Google::Cloud::OsConfig::V1alpha::GetOSPolicyAssignmentReportRequest.new
|
|
1029
|
+
#
|
|
1030
|
+
# # Call the get_os_policy_assignment_report method.
|
|
1031
|
+
# result = client.get_os_policy_assignment_report request
|
|
1032
|
+
#
|
|
1033
|
+
# # The returned object is of type Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport.
|
|
1034
|
+
# p result
|
|
1035
|
+
#
|
|
1036
|
+
def get_os_policy_assignment_report request, options = nil
|
|
1037
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1038
|
+
|
|
1039
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OsConfig::V1alpha::GetOSPolicyAssignmentReportRequest
|
|
1040
|
+
|
|
1041
|
+
# Converts hash and nil to an options object
|
|
1042
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1043
|
+
|
|
1044
|
+
# Customize the options with defaults
|
|
1045
|
+
metadata = @config.rpcs.get_os_policy_assignment_report.metadata.to_h
|
|
1046
|
+
|
|
1047
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
1048
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1049
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1050
|
+
gapic_version: ::Google::Cloud::OsConfig::V1alpha::VERSION
|
|
1051
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1052
|
+
|
|
1053
|
+
header_params = {}
|
|
1054
|
+
if request.name
|
|
1055
|
+
header_params["name"] = request.name
|
|
1056
|
+
end
|
|
1057
|
+
|
|
1058
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
1059
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
1060
|
+
|
|
1061
|
+
options.apply_defaults timeout: @config.rpcs.get_os_policy_assignment_report.timeout,
|
|
1062
|
+
metadata: metadata,
|
|
1063
|
+
retry_policy: @config.rpcs.get_os_policy_assignment_report.retry_policy
|
|
1064
|
+
|
|
1065
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1066
|
+
metadata: @config.metadata,
|
|
1067
|
+
retry_policy: @config.retry_policy
|
|
1068
|
+
|
|
1069
|
+
@os_config_zonal_service_stub.call_rpc :get_os_policy_assignment_report, request, options: options do |response, operation|
|
|
1070
|
+
yield response, operation if block_given?
|
|
1071
|
+
return response
|
|
1072
|
+
end
|
|
1073
|
+
rescue ::GRPC::BadStatus => e
|
|
1074
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1075
|
+
end
|
|
1076
|
+
|
|
1077
|
+
##
|
|
1078
|
+
# List OS policy asssignment reports for all Compute Engine VM instances in
|
|
1079
|
+
# the specified zone.
|
|
1080
|
+
#
|
|
1081
|
+
# @overload list_os_policy_assignment_reports(request, options = nil)
|
|
1082
|
+
# Pass arguments to `list_os_policy_assignment_reports` via a request object, either of type
|
|
1083
|
+
# {::Google::Cloud::OsConfig::V1alpha::ListOSPolicyAssignmentReportsRequest} or an equivalent Hash.
|
|
1084
|
+
#
|
|
1085
|
+
# @param request [::Google::Cloud::OsConfig::V1alpha::ListOSPolicyAssignmentReportsRequest, ::Hash]
|
|
1086
|
+
# A request object representing the call parameters. Required. To specify no
|
|
1087
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
|
1088
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
|
1089
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
1090
|
+
#
|
|
1091
|
+
# @overload list_os_policy_assignment_reports(parent: nil, page_size: nil, filter: nil, page_token: nil)
|
|
1092
|
+
# Pass arguments to `list_os_policy_assignment_reports` via keyword arguments. Note that at
|
|
1093
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
1094
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
1095
|
+
#
|
|
1096
|
+
# @param parent [::String]
|
|
1097
|
+
# Required. The parent resource name.
|
|
1098
|
+
#
|
|
1099
|
+
# Format:
|
|
1100
|
+
# `projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}/reports`
|
|
1101
|
+
#
|
|
1102
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
1103
|
+
# For `{instance}`, either `instance-name`, `instance-id`, or `-` can be
|
|
1104
|
+
# provided. If '-' is provided, the response will include
|
|
1105
|
+
# OSPolicyAssignmentReports for all instances in the project/location.
|
|
1106
|
+
# For `{assignment}`, either `assignment-id` or `-` can be provided. If '-'
|
|
1107
|
+
# is provided, the response will include OSPolicyAssignmentReports for all
|
|
1108
|
+
# OSPolicyAssignments in the project/location.
|
|
1109
|
+
# Either \\{instance} or \\{assignment} must be `-`.
|
|
1110
|
+
#
|
|
1111
|
+
# For example:
|
|
1112
|
+
# `projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/-/reports`
|
|
1113
|
+
# returns all reports for the instance
|
|
1114
|
+
# `projects/{project}/locations/{location}/instances/-/osPolicyAssignments/{assignment-id}/reports`
|
|
1115
|
+
# returns all the reports for the given assignment across all instances.
|
|
1116
|
+
# `projects/{project}/locations/{location}/instances/-/osPolicyAssignments/-/reports`
|
|
1117
|
+
# returns all the reports for all assignments across all instances.
|
|
1118
|
+
# @param page_size [::Integer]
|
|
1119
|
+
# The maximum number of results to return.
|
|
1120
|
+
# @param filter [::String]
|
|
1121
|
+
# If provided, this field specifies the criteria that must be met by the
|
|
1122
|
+
# `OSPolicyAssignmentReport` API resource that is included in the response.
|
|
1123
|
+
# @param page_token [::String]
|
|
1124
|
+
# A pagination token returned from a previous call to the
|
|
1125
|
+
# `ListOSPolicyAssignmentReports` method that indicates where this listing
|
|
1126
|
+
# should continue from.
|
|
1127
|
+
#
|
|
1128
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
|
1129
|
+
# @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport>]
|
|
1130
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
|
1131
|
+
#
|
|
1132
|
+
# @return [::Gapic::PagedEnumerable<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport>]
|
|
1133
|
+
#
|
|
1134
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
|
1135
|
+
#
|
|
1136
|
+
# @example Basic example
|
|
1137
|
+
# require "google/cloud/os_config/v1alpha"
|
|
1138
|
+
#
|
|
1139
|
+
# # Create a client object. The client can be reused for multiple calls.
|
|
1140
|
+
# client = Google::Cloud::OsConfig::V1alpha::OsConfigZonalService::Client.new
|
|
1141
|
+
#
|
|
1142
|
+
# # Create a request. To set request fields, pass in keyword arguments.
|
|
1143
|
+
# request = Google::Cloud::OsConfig::V1alpha::ListOSPolicyAssignmentReportsRequest.new
|
|
1144
|
+
#
|
|
1145
|
+
# # Call the list_os_policy_assignment_reports method.
|
|
1146
|
+
# result = client.list_os_policy_assignment_reports request
|
|
1147
|
+
#
|
|
1148
|
+
# # The returned object is of type Gapic::PagedEnumerable. You can
|
|
1149
|
+
# # iterate over all elements by calling #each, and the enumerable
|
|
1150
|
+
# # will lazily make API calls to fetch subsequent pages. Other
|
|
1151
|
+
# # methods are also available for managing paging directly.
|
|
1152
|
+
# result.each do |response|
|
|
1153
|
+
# # Each element is of type ::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport.
|
|
1154
|
+
# p response
|
|
1155
|
+
# end
|
|
1156
|
+
#
|
|
1157
|
+
def list_os_policy_assignment_reports request, options = nil
|
|
1158
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
|
1159
|
+
|
|
1160
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::OsConfig::V1alpha::ListOSPolicyAssignmentReportsRequest
|
|
1161
|
+
|
|
1162
|
+
# Converts hash and nil to an options object
|
|
1163
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
|
1164
|
+
|
|
1165
|
+
# Customize the options with defaults
|
|
1166
|
+
metadata = @config.rpcs.list_os_policy_assignment_reports.metadata.to_h
|
|
1167
|
+
|
|
1168
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
|
1169
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
|
1170
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
|
1171
|
+
gapic_version: ::Google::Cloud::OsConfig::V1alpha::VERSION
|
|
1172
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
|
1173
|
+
|
|
1174
|
+
header_params = {}
|
|
1175
|
+
if request.parent
|
|
1176
|
+
header_params["parent"] = request.parent
|
|
1177
|
+
end
|
|
1178
|
+
|
|
1179
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
|
1180
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
|
1181
|
+
|
|
1182
|
+
options.apply_defaults timeout: @config.rpcs.list_os_policy_assignment_reports.timeout,
|
|
1183
|
+
metadata: metadata,
|
|
1184
|
+
retry_policy: @config.rpcs.list_os_policy_assignment_reports.retry_policy
|
|
1185
|
+
|
|
1186
|
+
options.apply_defaults timeout: @config.timeout,
|
|
1187
|
+
metadata: @config.metadata,
|
|
1188
|
+
retry_policy: @config.retry_policy
|
|
1189
|
+
|
|
1190
|
+
@os_config_zonal_service_stub.call_rpc :list_os_policy_assignment_reports, request, options: options do |response, operation|
|
|
1191
|
+
response = ::Gapic::PagedEnumerable.new @os_config_zonal_service_stub, :list_os_policy_assignment_reports, request, response, operation, options
|
|
1192
|
+
yield response, operation if block_given?
|
|
1193
|
+
return response
|
|
1194
|
+
end
|
|
1195
|
+
rescue ::GRPC::BadStatus => e
|
|
1196
|
+
raise ::Google::Cloud::Error.from_error(e)
|
|
1197
|
+
end
|
|
1198
|
+
|
|
979
1199
|
##
|
|
980
1200
|
# Get inventory data for the specified VM instance. If the VM has no
|
|
981
1201
|
# associated inventory, the message `NOT_FOUND` is returned.
|
|
@@ -1093,11 +1313,9 @@ module Google
|
|
|
1093
1313
|
# @param parent [::String]
|
|
1094
1314
|
# Required. The parent resource name.
|
|
1095
1315
|
#
|
|
1096
|
-
# Format: `projects/{project}/locations/{location}/instances
|
|
1316
|
+
# Format: `projects/{project}/locations/{location}/instances/-`
|
|
1097
1317
|
#
|
|
1098
|
-
# For `{project}`, either `project-number` or `project-id` can be
|
|
1099
|
-
# provided. For `{instance}`, only hyphen or dash character is supported to
|
|
1100
|
-
# list inventories across VMs.
|
|
1318
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
1101
1319
|
# @param view [::Google::Cloud::OsConfig::V1alpha::InventoryView]
|
|
1102
1320
|
# Inventory view indicating what information should be included in the
|
|
1103
1321
|
# inventory resource. If unspecified, the default view is BASIC.
|
|
@@ -1296,11 +1514,9 @@ module Google
|
|
|
1296
1514
|
# @param parent [::String]
|
|
1297
1515
|
# Required. The parent resource name.
|
|
1298
1516
|
#
|
|
1299
|
-
# Format: `projects/{project}/locations/{location}/instances
|
|
1517
|
+
# Format: `projects/{project}/locations/{location}/instances/-`
|
|
1300
1518
|
#
|
|
1301
1519
|
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
1302
|
-
# For `{instance}`, only `-` character is supported to list vulnerability
|
|
1303
|
-
# reports across VMs.
|
|
1304
1520
|
# @param page_size [::Integer]
|
|
1305
1521
|
# The maximum number of results to return.
|
|
1306
1522
|
# @param page_token [::String]
|
|
@@ -1558,6 +1774,16 @@ module Google
|
|
|
1558
1774
|
#
|
|
1559
1775
|
attr_reader :list_instance_os_policies_compliances
|
|
1560
1776
|
##
|
|
1777
|
+
# RPC-specific configuration for `get_os_policy_assignment_report`
|
|
1778
|
+
# @return [::Gapic::Config::Method]
|
|
1779
|
+
#
|
|
1780
|
+
attr_reader :get_os_policy_assignment_report
|
|
1781
|
+
##
|
|
1782
|
+
# RPC-specific configuration for `list_os_policy_assignment_reports`
|
|
1783
|
+
# @return [::Gapic::Config::Method]
|
|
1784
|
+
#
|
|
1785
|
+
attr_reader :list_os_policy_assignment_reports
|
|
1786
|
+
##
|
|
1561
1787
|
# RPC-specific configuration for `get_inventory`
|
|
1562
1788
|
# @return [::Gapic::Config::Method]
|
|
1563
1789
|
#
|
|
@@ -1596,6 +1822,10 @@ module Google
|
|
|
1596
1822
|
@get_instance_os_policies_compliance = ::Gapic::Config::Method.new get_instance_os_policies_compliance_config
|
|
1597
1823
|
list_instance_os_policies_compliances_config = parent_rpcs.list_instance_os_policies_compliances if parent_rpcs.respond_to? :list_instance_os_policies_compliances
|
|
1598
1824
|
@list_instance_os_policies_compliances = ::Gapic::Config::Method.new list_instance_os_policies_compliances_config
|
|
1825
|
+
get_os_policy_assignment_report_config = parent_rpcs.get_os_policy_assignment_report if parent_rpcs.respond_to? :get_os_policy_assignment_report
|
|
1826
|
+
@get_os_policy_assignment_report = ::Gapic::Config::Method.new get_os_policy_assignment_report_config
|
|
1827
|
+
list_os_policy_assignment_reports_config = parent_rpcs.list_os_policy_assignment_reports if parent_rpcs.respond_to? :list_os_policy_assignment_reports
|
|
1828
|
+
@list_os_policy_assignment_reports = ::Gapic::Config::Method.new list_os_policy_assignment_reports_config
|
|
1599
1829
|
get_inventory_config = parent_rpcs.get_inventory if parent_rpcs.respond_to? :get_inventory
|
|
1600
1830
|
@get_inventory = ::Gapic::Config::Method.new get_inventory_config
|
|
1601
1831
|
list_inventories_config = parent_rpcs.list_inventories if parent_rpcs.respond_to? :list_inventories
|
|
@@ -62,6 +62,27 @@ module Google
|
|
|
62
62
|
"projects/#{project}/locations/#{location}/instanceOSPoliciesCompliances/#{instance}"
|
|
63
63
|
end
|
|
64
64
|
|
|
65
|
+
##
|
|
66
|
+
# Create a fully-qualified InstanceOSPolicyAssignment resource string.
|
|
67
|
+
#
|
|
68
|
+
# The resource will be in the following format:
|
|
69
|
+
#
|
|
70
|
+
# `projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}`
|
|
71
|
+
#
|
|
72
|
+
# @param project [String]
|
|
73
|
+
# @param location [String]
|
|
74
|
+
# @param instance [String]
|
|
75
|
+
# @param assignment [String]
|
|
76
|
+
#
|
|
77
|
+
# @return [::String]
|
|
78
|
+
def instance_os_policy_assignment_path project:, location:, instance:, assignment:
|
|
79
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
|
80
|
+
raise ::ArgumentError, "location cannot contain /" if location.to_s.include? "/"
|
|
81
|
+
raise ::ArgumentError, "instance cannot contain /" if instance.to_s.include? "/"
|
|
82
|
+
|
|
83
|
+
"projects/#{project}/locations/#{location}/instances/#{instance}/osPolicyAssignments/#{assignment}"
|
|
84
|
+
end
|
|
85
|
+
|
|
65
86
|
##
|
|
66
87
|
# Create a fully-qualified Inventory resource string.
|
|
67
88
|
#
|
|
@@ -117,6 +138,27 @@ module Google
|
|
|
117
138
|
"projects/#{project}/locations/#{location}/osPolicyAssignments/#{os_policy_assignment}"
|
|
118
139
|
end
|
|
119
140
|
|
|
141
|
+
##
|
|
142
|
+
# Create a fully-qualified OSPolicyAssignmentReport resource string.
|
|
143
|
+
#
|
|
144
|
+
# The resource will be in the following format:
|
|
145
|
+
#
|
|
146
|
+
# `projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}/report`
|
|
147
|
+
#
|
|
148
|
+
# @param project [String]
|
|
149
|
+
# @param location [String]
|
|
150
|
+
# @param instance [String]
|
|
151
|
+
# @param assignment [String]
|
|
152
|
+
#
|
|
153
|
+
# @return [::String]
|
|
154
|
+
def os_policy_assignment_report_path project:, location:, instance:, assignment:
|
|
155
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
|
156
|
+
raise ::ArgumentError, "location cannot contain /" if location.to_s.include? "/"
|
|
157
|
+
raise ::ArgumentError, "instance cannot contain /" if instance.to_s.include? "/"
|
|
158
|
+
|
|
159
|
+
"projects/#{project}/locations/#{location}/instances/#{instance}/osPolicyAssignments/#{assignment}/report"
|
|
160
|
+
end
|
|
161
|
+
|
|
120
162
|
##
|
|
121
163
|
# Create a fully-qualified VulnerabilityReport resource string.
|
|
122
164
|
#
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# source: google/cloud/osconfig/v1alpha/instance_os_policies_compliance.proto
|
|
3
3
|
|
|
4
|
+
require 'google/api/annotations_pb'
|
|
4
5
|
require 'google/api/field_behavior_pb'
|
|
5
6
|
require 'google/api/resource_pb'
|
|
6
7
|
require 'google/cloud/osconfig/v1alpha/config_common_pb'
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# source: google/cloud/osconfig/v1alpha/inventory.proto
|
|
3
3
|
|
|
4
|
+
require 'google/api/annotations_pb'
|
|
4
5
|
require 'google/api/field_behavior_pb'
|
|
5
6
|
require 'google/api/resource_pb'
|
|
6
7
|
require 'google/protobuf/timestamp_pb'
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
|
+
# source: google/cloud/osconfig/v1alpha/os_policy_assignment_reports.proto
|
|
3
|
+
|
|
4
|
+
require 'google/api/annotations_pb'
|
|
5
|
+
require 'google/api/field_behavior_pb'
|
|
6
|
+
require 'google/api/resource_pb'
|
|
7
|
+
require 'google/protobuf/timestamp_pb'
|
|
8
|
+
require 'google/protobuf'
|
|
9
|
+
|
|
10
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
11
|
+
add_file("google/cloud/osconfig/v1alpha/os_policy_assignment_reports.proto", :syntax => :proto3) do
|
|
12
|
+
add_message "google.cloud.osconfig.v1alpha.GetOSPolicyAssignmentReportRequest" do
|
|
13
|
+
optional :name, :string, 1
|
|
14
|
+
end
|
|
15
|
+
add_message "google.cloud.osconfig.v1alpha.ListOSPolicyAssignmentReportsRequest" do
|
|
16
|
+
optional :parent, :string, 1
|
|
17
|
+
optional :page_size, :int32, 2
|
|
18
|
+
optional :filter, :string, 3
|
|
19
|
+
optional :page_token, :string, 4
|
|
20
|
+
end
|
|
21
|
+
add_message "google.cloud.osconfig.v1alpha.ListOSPolicyAssignmentReportsResponse" do
|
|
22
|
+
repeated :os_policy_assignment_reports, :message, 1, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport"
|
|
23
|
+
optional :next_page_token, :string, 2
|
|
24
|
+
end
|
|
25
|
+
add_message "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport" do
|
|
26
|
+
optional :name, :string, 1
|
|
27
|
+
optional :instance, :string, 2
|
|
28
|
+
optional :os_policy_assignment, :string, 3
|
|
29
|
+
repeated :os_policy_compliances, :message, 4, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance"
|
|
30
|
+
optional :update_time, :message, 5, "google.protobuf.Timestamp"
|
|
31
|
+
optional :last_run_id, :string, 6
|
|
32
|
+
end
|
|
33
|
+
add_message "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance" do
|
|
34
|
+
optional :os_policy_id, :string, 1
|
|
35
|
+
optional :compliance_state, :enum, 2, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.ComplianceState"
|
|
36
|
+
optional :compliance_state_reason, :string, 3
|
|
37
|
+
repeated :os_policy_resource_compliances, :message, 4, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance"
|
|
38
|
+
end
|
|
39
|
+
add_message "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance" do
|
|
40
|
+
optional :os_policy_resource_id, :string, 1
|
|
41
|
+
repeated :config_steps, :message, 2, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.OSPolicyResourceConfigStep"
|
|
42
|
+
optional :compliance_state, :enum, 3, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.ComplianceState"
|
|
43
|
+
optional :compliance_state_reason, :string, 4
|
|
44
|
+
oneof :output do
|
|
45
|
+
optional :exec_resource_output, :message, 5, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.ExecResourceOutput"
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
add_message "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.OSPolicyResourceConfigStep" do
|
|
49
|
+
optional :type, :enum, 1, "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.OSPolicyResourceConfigStep.Type"
|
|
50
|
+
optional :error_message, :string, 2
|
|
51
|
+
end
|
|
52
|
+
add_enum "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.OSPolicyResourceConfigStep.Type" do
|
|
53
|
+
value :TYPE_UNSPECIFIED, 0
|
|
54
|
+
value :VALIDATION, 1
|
|
55
|
+
value :DESIRED_STATE_CHECK, 2
|
|
56
|
+
value :DESIRED_STATE_ENFORCEMENT, 3
|
|
57
|
+
value :DESIRED_STATE_CHECK_POST_ENFORCEMENT, 4
|
|
58
|
+
end
|
|
59
|
+
add_message "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.ExecResourceOutput" do
|
|
60
|
+
optional :enforcement_output, :bytes, 2
|
|
61
|
+
end
|
|
62
|
+
add_enum "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.ComplianceState" do
|
|
63
|
+
value :UNKNOWN, 0
|
|
64
|
+
value :COMPLIANT, 1
|
|
65
|
+
value :NON_COMPLIANT, 2
|
|
66
|
+
end
|
|
67
|
+
add_enum "google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.ComplianceState" do
|
|
68
|
+
value :UNKNOWN, 0
|
|
69
|
+
value :COMPLIANT, 1
|
|
70
|
+
value :NON_COMPLIANT, 2
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
module Google
|
|
76
|
+
module Cloud
|
|
77
|
+
module OsConfig
|
|
78
|
+
module V1alpha
|
|
79
|
+
GetOSPolicyAssignmentReportRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.GetOSPolicyAssignmentReportRequest").msgclass
|
|
80
|
+
ListOSPolicyAssignmentReportsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.ListOSPolicyAssignmentReportsRequest").msgclass
|
|
81
|
+
ListOSPolicyAssignmentReportsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.ListOSPolicyAssignmentReportsResponse").msgclass
|
|
82
|
+
OSPolicyAssignmentReport = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport").msgclass
|
|
83
|
+
OSPolicyAssignmentReport::OSPolicyCompliance = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance").msgclass
|
|
84
|
+
OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance").msgclass
|
|
85
|
+
OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.OSPolicyResourceConfigStep").msgclass
|
|
86
|
+
OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep::Type = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.OSPolicyResourceConfigStep.Type").enummodule
|
|
87
|
+
OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ExecResourceOutput = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.ExecResourceOutput").msgclass
|
|
88
|
+
OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ComplianceState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.OSPolicyResourceCompliance.ComplianceState").enummodule
|
|
89
|
+
OSPolicyAssignmentReport::OSPolicyCompliance::ComplianceState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentReport.OSPolicyCompliance.ComplianceState").enummodule
|
|
90
|
+
end
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
end
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# source: google/cloud/osconfig/v1alpha/os_policy_assignments.proto
|
|
3
3
|
|
|
4
|
+
require 'google/api/annotations_pb'
|
|
4
5
|
require 'google/api/field_behavior_pb'
|
|
5
6
|
require 'google/api/resource_pb'
|
|
6
7
|
require 'google/cloud/osconfig/v1alpha/os_policy_pb'
|
|
@@ -20,6 +21,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
20
21
|
optional :rollout, :message, 5, "google.cloud.osconfig.v1alpha.OSPolicyAssignment.Rollout"
|
|
21
22
|
optional :revision_id, :string, 6
|
|
22
23
|
optional :revision_create_time, :message, 7, "google.protobuf.Timestamp"
|
|
24
|
+
optional :etag, :string, 8
|
|
23
25
|
optional :rollout_state, :enum, 9, "google.cloud.osconfig.v1alpha.OSPolicyAssignment.RolloutState"
|
|
24
26
|
optional :baseline, :bool, 10
|
|
25
27
|
optional :deleted, :bool, 11
|
|
@@ -34,6 +36,11 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
34
36
|
repeated :os_short_names, :string, 2
|
|
35
37
|
repeated :inclusion_labels, :message, 3, "google.cloud.osconfig.v1alpha.OSPolicyAssignment.LabelSet"
|
|
36
38
|
repeated :exclusion_labels, :message, 4, "google.cloud.osconfig.v1alpha.OSPolicyAssignment.LabelSet"
|
|
39
|
+
repeated :inventories, :message, 5, "google.cloud.osconfig.v1alpha.OSPolicyAssignment.InstanceFilter.Inventory"
|
|
40
|
+
end
|
|
41
|
+
add_message "google.cloud.osconfig.v1alpha.OSPolicyAssignment.InstanceFilter.Inventory" do
|
|
42
|
+
optional :os_short_name, :string, 1
|
|
43
|
+
optional :os_version, :string, 2
|
|
37
44
|
end
|
|
38
45
|
add_message "google.cloud.osconfig.v1alpha.OSPolicyAssignment.Rollout" do
|
|
39
46
|
optional :disruption_budget, :message, 1, "google.cloud.osconfig.v1alpha.FixedOrPercent"
|
|
@@ -109,6 +116,7 @@ module Google
|
|
|
109
116
|
OSPolicyAssignment = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignment").msgclass
|
|
110
117
|
OSPolicyAssignment::LabelSet = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignment.LabelSet").msgclass
|
|
111
118
|
OSPolicyAssignment::InstanceFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignment.InstanceFilter").msgclass
|
|
119
|
+
OSPolicyAssignment::InstanceFilter::Inventory = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignment.InstanceFilter.Inventory").msgclass
|
|
112
120
|
OSPolicyAssignment::Rollout = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignment.Rollout").msgclass
|
|
113
121
|
OSPolicyAssignment::RolloutState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignment.RolloutState").enummodule
|
|
114
122
|
OSPolicyAssignmentOperationMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicyAssignmentOperationMetadata").msgclass
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# source: google/cloud/osconfig/v1alpha/os_policy.proto
|
|
3
3
|
|
|
4
|
+
require 'google/api/annotations_pb'
|
|
4
5
|
require 'google/api/field_behavior_pb'
|
|
5
6
|
require 'google/protobuf'
|
|
6
7
|
|
|
@@ -17,6 +18,10 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
17
18
|
optional :os_short_name, :string, 1
|
|
18
19
|
optional :os_version, :string, 2
|
|
19
20
|
end
|
|
21
|
+
add_message "google.cloud.osconfig.v1alpha.OSPolicy.InventoryFilter" do
|
|
22
|
+
optional :os_short_name, :string, 1
|
|
23
|
+
optional :os_version, :string, 2
|
|
24
|
+
end
|
|
20
25
|
add_message "google.cloud.osconfig.v1alpha.OSPolicy.Resource" do
|
|
21
26
|
optional :id, :string, 1
|
|
22
27
|
oneof :resource_type do
|
|
@@ -156,6 +161,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
156
161
|
end
|
|
157
162
|
add_message "google.cloud.osconfig.v1alpha.OSPolicy.ResourceGroup" do
|
|
158
163
|
optional :os_filter, :message, 1, "google.cloud.osconfig.v1alpha.OSPolicy.OSFilter"
|
|
164
|
+
repeated :inventory_filters, :message, 3, "google.cloud.osconfig.v1alpha.OSPolicy.InventoryFilter"
|
|
159
165
|
repeated :resources, :message, 2, "google.cloud.osconfig.v1alpha.OSPolicy.Resource"
|
|
160
166
|
end
|
|
161
167
|
add_enum "google.cloud.osconfig.v1alpha.OSPolicy.Mode" do
|
|
@@ -172,6 +178,7 @@ module Google
|
|
|
172
178
|
module V1alpha
|
|
173
179
|
OSPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicy").msgclass
|
|
174
180
|
OSPolicy::OSFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicy.OSFilter").msgclass
|
|
181
|
+
OSPolicy::InventoryFilter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicy.InventoryFilter").msgclass
|
|
175
182
|
OSPolicy::Resource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicy.Resource").msgclass
|
|
176
183
|
OSPolicy::Resource::File = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicy.Resource.File").msgclass
|
|
177
184
|
OSPolicy::Resource::File::Remote = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.OSPolicy.Resource.File.Remote").msgclass
|
|
@@ -6,6 +6,7 @@ require 'google/api/client_pb'
|
|
|
6
6
|
require 'google/api/resource_pb'
|
|
7
7
|
require 'google/cloud/osconfig/v1alpha/instance_os_policies_compliance_pb'
|
|
8
8
|
require 'google/cloud/osconfig/v1alpha/inventory_pb'
|
|
9
|
+
require 'google/cloud/osconfig/v1alpha/os_policy_assignment_reports_pb'
|
|
9
10
|
require 'google/cloud/osconfig/v1alpha/os_policy_assignments_pb'
|
|
10
11
|
require 'google/cloud/osconfig/v1alpha/vulnerability_pb'
|
|
11
12
|
require 'google/longrunning/operations_pb'
|
|
@@ -87,6 +87,12 @@ module Google
|
|
|
87
87
|
# List OS policies compliance data for all Compute Engine VM instances in the
|
|
88
88
|
# specified zone.
|
|
89
89
|
rpc :ListInstanceOSPoliciesCompliances, ::Google::Cloud::OsConfig::V1alpha::ListInstanceOSPoliciesCompliancesRequest, ::Google::Cloud::OsConfig::V1alpha::ListInstanceOSPoliciesCompliancesResponse
|
|
90
|
+
# Get the OS policy asssignment report for the specified Compute Engine VM
|
|
91
|
+
# instance.
|
|
92
|
+
rpc :GetOSPolicyAssignmentReport, ::Google::Cloud::OsConfig::V1alpha::GetOSPolicyAssignmentReportRequest, ::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport
|
|
93
|
+
# List OS policy asssignment reports for all Compute Engine VM instances in
|
|
94
|
+
# the specified zone.
|
|
95
|
+
rpc :ListOSPolicyAssignmentReports, ::Google::Cloud::OsConfig::V1alpha::ListOSPolicyAssignmentReportsRequest, ::Google::Cloud::OsConfig::V1alpha::ListOSPolicyAssignmentReportsResponse
|
|
90
96
|
# Get inventory data for the specified VM instance. If the VM has no
|
|
91
97
|
# associated inventory, the message `NOT_FOUND` is returned.
|
|
92
98
|
rpc :GetInventory, ::Google::Cloud::OsConfig::V1alpha::GetInventoryRequest, ::Google::Cloud::OsConfig::V1alpha::Inventory
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
2
|
# source: google/cloud/osconfig/v1alpha/vulnerability.proto
|
|
3
3
|
|
|
4
|
+
require 'google/api/annotations_pb'
|
|
4
5
|
require 'google/api/field_behavior_pb'
|
|
5
6
|
require 'google/api/resource_pb'
|
|
6
7
|
require 'google/protobuf/timestamp_pb'
|
|
@@ -19,6 +20,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
19
20
|
repeated :available_inventory_item_ids, :string, 3
|
|
20
21
|
optional :create_time, :message, 4, "google.protobuf.Timestamp"
|
|
21
22
|
optional :update_time, :message, 5, "google.protobuf.Timestamp"
|
|
23
|
+
repeated :items, :message, 6, "google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability.Item"
|
|
22
24
|
end
|
|
23
25
|
add_message "google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability.Details" do
|
|
24
26
|
optional :cve, :string, 1
|
|
@@ -30,6 +32,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
|
30
32
|
end
|
|
31
33
|
add_message "google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability.Details.Reference" do
|
|
32
34
|
optional :url, :string, 1
|
|
35
|
+
optional :source, :string, 2
|
|
36
|
+
end
|
|
37
|
+
add_message "google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability.Item" do
|
|
38
|
+
optional :installed_inventory_item_id, :string, 1
|
|
39
|
+
optional :available_inventory_item_id, :string, 2
|
|
40
|
+
optional :fixed_cpe_uri, :string, 3
|
|
41
|
+
optional :upstream_fix, :string, 4
|
|
33
42
|
end
|
|
34
43
|
add_message "google.cloud.osconfig.v1alpha.GetVulnerabilityReportRequest" do
|
|
35
44
|
optional :name, :string, 1
|
|
@@ -102,6 +111,7 @@ module Google
|
|
|
102
111
|
VulnerabilityReport::Vulnerability = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability").msgclass
|
|
103
112
|
VulnerabilityReport::Vulnerability::Details = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability.Details").msgclass
|
|
104
113
|
VulnerabilityReport::Vulnerability::Details::Reference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability.Details.Reference").msgclass
|
|
114
|
+
VulnerabilityReport::Vulnerability::Item = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.VulnerabilityReport.Vulnerability.Item").msgclass
|
|
105
115
|
GetVulnerabilityReportRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.GetVulnerabilityReportRequest").msgclass
|
|
106
116
|
ListVulnerabilityReportsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.ListVulnerabilityReportsRequest").msgclass
|
|
107
117
|
ListVulnerabilityReportsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.osconfig.v1alpha.ListVulnerabilityReportsResponse").msgclass
|
|
@@ -39,10 +39,10 @@ module Google
|
|
|
39
39
|
# Output only. Base level operating system information for the VM.
|
|
40
40
|
# @!attribute [r] items
|
|
41
41
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::OsConfig::V1alpha::Inventory::Item}]
|
|
42
|
-
# Output only. Inventory items related to the VM keyed by an opaque unique
|
|
43
|
-
#
|
|
44
|
-
#
|
|
45
|
-
#
|
|
42
|
+
# Output only. Inventory items related to the VM keyed by an opaque unique identifier for
|
|
43
|
+
# each inventory item. The identifier is unique to each distinct and
|
|
44
|
+
# addressable inventory item and will change, when there is a new package
|
|
45
|
+
# version.
|
|
46
46
|
# @!attribute [r] update_time
|
|
47
47
|
# @return [::Google::Protobuf::Timestamp]
|
|
48
48
|
# Output only. Timestamp of the last reported inventory for the VM.
|
|
@@ -287,12 +287,9 @@ module Google
|
|
|
287
287
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
288
288
|
end
|
|
289
289
|
|
|
290
|
-
# Contains information about a Windows application
|
|
291
|
-
# Windows Registry. For more information about these fields, see
|
|
292
|
-
#
|
|
293
|
-
# [Windows Installer Properties for the Uninstall
|
|
294
|
-
# Registry](https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key){:
|
|
295
|
-
# class="external" }
|
|
290
|
+
# Contains information about a Windows application that is retrieved from the
|
|
291
|
+
# Windows Registry. For more information about these fields, see:
|
|
292
|
+
# https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key
|
|
296
293
|
# @!attribute [rw] display_name
|
|
297
294
|
# @return [::String]
|
|
298
295
|
# The name of the application or product.
|
|
@@ -351,11 +348,9 @@ module Google
|
|
|
351
348
|
# @return [::String]
|
|
352
349
|
# Required. The parent resource name.
|
|
353
350
|
#
|
|
354
|
-
# Format: `projects/{project}/locations/{location}/instances
|
|
351
|
+
# Format: `projects/{project}/locations/{location}/instances/-`
|
|
355
352
|
#
|
|
356
|
-
# For `{project}`, either `project-number` or `project-id` can be
|
|
357
|
-
# provided. For `{instance}`, only hyphen or dash character is supported to
|
|
358
|
-
# list inventories across VMs.
|
|
353
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
359
354
|
# @!attribute [rw] view
|
|
360
355
|
# @return [::Google::Cloud::OsConfig::V1alpha::InventoryView]
|
|
361
356
|
# Inventory view indicating what information should be included in the
|
|
@@ -58,8 +58,7 @@ module Google
|
|
|
58
58
|
include ::Google::Protobuf::MessageExts
|
|
59
59
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
60
60
|
|
|
61
|
-
#
|
|
62
|
-
# resource group.
|
|
61
|
+
# Filtering criteria to select VMs based on OS details.
|
|
63
62
|
# @!attribute [rw] os_short_name
|
|
64
63
|
# @return [::String]
|
|
65
64
|
# This should match OS short name emitted by the OS inventory agent.
|
|
@@ -76,6 +75,24 @@ module Google
|
|
|
76
75
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
77
76
|
end
|
|
78
77
|
|
|
78
|
+
# Filtering criteria to select VMs based on inventory details.
|
|
79
|
+
# @!attribute [rw] os_short_name
|
|
80
|
+
# @return [::String]
|
|
81
|
+
# Required. The OS short name
|
|
82
|
+
# @!attribute [rw] os_version
|
|
83
|
+
# @return [::String]
|
|
84
|
+
# The OS version
|
|
85
|
+
#
|
|
86
|
+
# Prefix matches are supported if asterisk(*) is provided as the
|
|
87
|
+
# last character. For example, to match all versions with a major
|
|
88
|
+
# version of `7`, specify the following value for this field `7.*`
|
|
89
|
+
#
|
|
90
|
+
# An empty string matches all OS versions.
|
|
91
|
+
class InventoryFilter
|
|
92
|
+
include ::Google::Protobuf::MessageExts
|
|
93
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
94
|
+
end
|
|
95
|
+
|
|
79
96
|
# An OS policy resource is used to define the desired state configuration
|
|
80
97
|
# and provides a specific functionality like installing/removing packages,
|
|
81
98
|
# executing a script etc.
|
|
@@ -473,21 +490,21 @@ module Google
|
|
|
473
490
|
|
|
474
491
|
# The interpreter to use.
|
|
475
492
|
module Interpreter
|
|
476
|
-
#
|
|
493
|
+
# Invalid value, the request will return validation error.
|
|
477
494
|
INTERPRETER_UNSPECIFIED = 0
|
|
478
495
|
|
|
479
|
-
# If
|
|
480
|
-
# source
|
|
481
|
-
#
|
|
482
|
-
#
|
|
483
|
-
# shebang
|
|
496
|
+
# If an interpreter is not specified, the
|
|
497
|
+
# source is executed directly. This execution, without an
|
|
498
|
+
# interpreter, only succeeds for executables and scripts that have <a
|
|
499
|
+
# href="https://en.wikipedia.org/wiki/Shebang_(Unix)"
|
|
500
|
+
# class="external">shebang lines</a>.
|
|
484
501
|
NONE = 1
|
|
485
502
|
|
|
486
|
-
# Indicates that the script
|
|
487
|
-
# cmd.exe on
|
|
503
|
+
# Indicates that the script runs with `/bin/sh` on Linux and
|
|
504
|
+
# `cmd.exe` on Windows.
|
|
488
505
|
SHELL = 2
|
|
489
506
|
|
|
490
|
-
# Indicates that the script
|
|
507
|
+
# Indicates that the script runs with PowerShell.
|
|
491
508
|
POWERSHELL = 3
|
|
492
509
|
end
|
|
493
510
|
end
|
|
@@ -554,7 +571,23 @@ module Google
|
|
|
554
571
|
# within the resource group.
|
|
555
572
|
# @!attribute [rw] os_filter
|
|
556
573
|
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicy::OSFilter]
|
|
574
|
+
# Deprecated. Use the `inventory_filters` field instead.
|
|
557
575
|
# Used to specify the OS filter for a resource group
|
|
576
|
+
# @!attribute [rw] inventory_filters
|
|
577
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicy::InventoryFilter>]
|
|
578
|
+
# List of inventory filters for the resource group.
|
|
579
|
+
#
|
|
580
|
+
# The resources in this resource group are applied to the target VM if it
|
|
581
|
+
# satisfies at least one of the following inventory filters.
|
|
582
|
+
#
|
|
583
|
+
# For example, to apply this resource group to VMs running either `RHEL` or
|
|
584
|
+
# `CentOS` operating systems, specify 2 items for the list with following
|
|
585
|
+
# values:
|
|
586
|
+
# inventory_filters[0].os_short_name='rhel' and
|
|
587
|
+
# inventory_filters[1].os_short_name='centos'
|
|
588
|
+
#
|
|
589
|
+
# If the list is empty, this resource group will be applied to the target
|
|
590
|
+
# VM unconditionally.
|
|
558
591
|
# @!attribute [rw] resources
|
|
559
592
|
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource>]
|
|
560
593
|
# Required. List of resources configured for this resource group.
|
|
@@ -0,0 +1,293 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2022 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module OsConfig
|
|
23
|
+
module V1alpha
|
|
24
|
+
# Get a report of the OS policy assignment for a VM instance.
|
|
25
|
+
# @!attribute [rw] name
|
|
26
|
+
# @return [::String]
|
|
27
|
+
# Required. API resource name for OS policy assignment report.
|
|
28
|
+
#
|
|
29
|
+
# Format:
|
|
30
|
+
# `/projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}/report`
|
|
31
|
+
#
|
|
32
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
33
|
+
# For `{instance_id}`, either Compute Engine `instance-id` or `instance-name`
|
|
34
|
+
# can be provided.
|
|
35
|
+
# For `{assignment_id}`, the OSPolicyAssignment id must be provided.
|
|
36
|
+
class GetOSPolicyAssignmentReportRequest
|
|
37
|
+
include ::Google::Protobuf::MessageExts
|
|
38
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
# List the OS policy assignment reports for VM instances.
|
|
42
|
+
# @!attribute [rw] parent
|
|
43
|
+
# @return [::String]
|
|
44
|
+
# Required. The parent resource name.
|
|
45
|
+
#
|
|
46
|
+
# Format:
|
|
47
|
+
# `projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/{assignment}/reports`
|
|
48
|
+
#
|
|
49
|
+
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
50
|
+
# For `{instance}`, either `instance-name`, `instance-id`, or `-` can be
|
|
51
|
+
# provided. If '-' is provided, the response will include
|
|
52
|
+
# OSPolicyAssignmentReports for all instances in the project/location.
|
|
53
|
+
# For `{assignment}`, either `assignment-id` or `-` can be provided. If '-'
|
|
54
|
+
# is provided, the response will include OSPolicyAssignmentReports for all
|
|
55
|
+
# OSPolicyAssignments in the project/location.
|
|
56
|
+
# Either \\{instance} or \\{assignment} must be `-`.
|
|
57
|
+
#
|
|
58
|
+
# For example:
|
|
59
|
+
# `projects/{project}/locations/{location}/instances/{instance}/osPolicyAssignments/-/reports`
|
|
60
|
+
# returns all reports for the instance
|
|
61
|
+
# `projects/{project}/locations/{location}/instances/-/osPolicyAssignments/{assignment-id}/reports`
|
|
62
|
+
# returns all the reports for the given assignment across all instances.
|
|
63
|
+
# `projects/{project}/locations/{location}/instances/-/osPolicyAssignments/-/reports`
|
|
64
|
+
# returns all the reports for all assignments across all instances.
|
|
65
|
+
# @!attribute [rw] page_size
|
|
66
|
+
# @return [::Integer]
|
|
67
|
+
# The maximum number of results to return.
|
|
68
|
+
# @!attribute [rw] filter
|
|
69
|
+
# @return [::String]
|
|
70
|
+
# If provided, this field specifies the criteria that must be met by the
|
|
71
|
+
# `OSPolicyAssignmentReport` API resource that is included in the response.
|
|
72
|
+
# @!attribute [rw] page_token
|
|
73
|
+
# @return [::String]
|
|
74
|
+
# A pagination token returned from a previous call to the
|
|
75
|
+
# `ListOSPolicyAssignmentReports` method that indicates where this listing
|
|
76
|
+
# should continue from.
|
|
77
|
+
class ListOSPolicyAssignmentReportsRequest
|
|
78
|
+
include ::Google::Protobuf::MessageExts
|
|
79
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
# A response message for listing OS Policy assignment reports including the
|
|
83
|
+
# page of results and page token.
|
|
84
|
+
# @!attribute [rw] os_policy_assignment_reports
|
|
85
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport>]
|
|
86
|
+
# List of OS policy assignment reports.
|
|
87
|
+
# @!attribute [rw] next_page_token
|
|
88
|
+
# @return [::String]
|
|
89
|
+
# The pagination token to retrieve the next page of OS policy assignment
|
|
90
|
+
# report objects.
|
|
91
|
+
class ListOSPolicyAssignmentReportsResponse
|
|
92
|
+
include ::Google::Protobuf::MessageExts
|
|
93
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
# A report of the OS policy assignment status for a given instance.
|
|
97
|
+
# @!attribute [rw] name
|
|
98
|
+
# @return [::String]
|
|
99
|
+
# The `OSPolicyAssignmentReport` API resource name.
|
|
100
|
+
#
|
|
101
|
+
# Format:
|
|
102
|
+
# `projects/{project_number}/locations/{location}/instances/{instance_id}/osPolicyAssignments/{os_policy_assignment_id}/report`
|
|
103
|
+
# @!attribute [rw] instance
|
|
104
|
+
# @return [::String]
|
|
105
|
+
# The Compute Engine VM instance name.
|
|
106
|
+
# @!attribute [rw] os_policy_assignment
|
|
107
|
+
# @return [::String]
|
|
108
|
+
# Reference to the `OSPolicyAssignment` API resource that the `OSPolicy`
|
|
109
|
+
# belongs to.
|
|
110
|
+
#
|
|
111
|
+
# Format:
|
|
112
|
+
# `projects/{project_number}/locations/{location}/osPolicyAssignments/{os_policy_assignment_id@revision_id}`
|
|
113
|
+
# @!attribute [rw] os_policy_compliances
|
|
114
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport::OSPolicyCompliance>]
|
|
115
|
+
# Compliance data for each `OSPolicy` that is applied to the VM.
|
|
116
|
+
# @!attribute [rw] update_time
|
|
117
|
+
# @return [::Google::Protobuf::Timestamp]
|
|
118
|
+
# Timestamp for when the report was last generated.
|
|
119
|
+
# @!attribute [rw] last_run_id
|
|
120
|
+
# @return [::String]
|
|
121
|
+
# Unique identifier of the last attempted run to apply the OS policies
|
|
122
|
+
# associated with this assignment on the VM.
|
|
123
|
+
#
|
|
124
|
+
# This ID is logged by the OS Config agent while applying the OS
|
|
125
|
+
# policies associated with this assignment on the VM.
|
|
126
|
+
# NOTE: If the service is unable to successfully connect to the agent for
|
|
127
|
+
# this run, then this id will not be available in the agent logs.
|
|
128
|
+
class OSPolicyAssignmentReport
|
|
129
|
+
include ::Google::Protobuf::MessageExts
|
|
130
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
131
|
+
|
|
132
|
+
# Compliance data for an OS policy
|
|
133
|
+
# @!attribute [rw] os_policy_id
|
|
134
|
+
# @return [::String]
|
|
135
|
+
# The OS policy id
|
|
136
|
+
# @!attribute [rw] compliance_state
|
|
137
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport::OSPolicyCompliance::ComplianceState]
|
|
138
|
+
# The compliance state of the OS policy.
|
|
139
|
+
# @!attribute [rw] compliance_state_reason
|
|
140
|
+
# @return [::String]
|
|
141
|
+
# The reason for the OS policy to be in an unknown compliance state.
|
|
142
|
+
# This field is always populated when `compliance_state` is `UNKNOWN`.
|
|
143
|
+
#
|
|
144
|
+
# If populated, the field can contain one of the following values:
|
|
145
|
+
#
|
|
146
|
+
# * `vm-not-running`: The VM was not running.
|
|
147
|
+
# * `os-policies-not-supported-by-agent`: The version of the OS Config
|
|
148
|
+
# agent running on the VM does not support running OS policies.
|
|
149
|
+
# * `no-agent-detected`: The OS Config agent is not detected for the VM.
|
|
150
|
+
# * `resource-execution-errors`: The OS Config agent encountered errors
|
|
151
|
+
# while executing one or more resources in the policy. See
|
|
152
|
+
# `os_policy_resource_compliances` for details.
|
|
153
|
+
# * `task-timeout`: The task sent to the agent to apply the policy timed
|
|
154
|
+
# out.
|
|
155
|
+
# * `unexpected-agent-state`: The OS Config agent did not report the final
|
|
156
|
+
# status of the task that attempted to apply the policy. Instead, the agent
|
|
157
|
+
# unexpectedly started working on a different task. This mostly happens
|
|
158
|
+
# when the agent or VM unexpectedly restarts while applying OS policies.
|
|
159
|
+
# * `internal-service-errors`: Internal service errors were encountered
|
|
160
|
+
# while attempting to apply the policy.
|
|
161
|
+
# @!attribute [rw] os_policy_resource_compliances
|
|
162
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance>]
|
|
163
|
+
# Compliance data for each resource within the policy that is applied to
|
|
164
|
+
# the VM.
|
|
165
|
+
class OSPolicyCompliance
|
|
166
|
+
include ::Google::Protobuf::MessageExts
|
|
167
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
168
|
+
|
|
169
|
+
# Compliance data for an OS policy resource.
|
|
170
|
+
# @!attribute [rw] os_policy_resource_id
|
|
171
|
+
# @return [::String]
|
|
172
|
+
# The ID of the OS policy resource.
|
|
173
|
+
# @!attribute [rw] config_steps
|
|
174
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep>]
|
|
175
|
+
# Ordered list of configuration completed by the agent for the OS policy
|
|
176
|
+
# resource.
|
|
177
|
+
# @!attribute [rw] compliance_state
|
|
178
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ComplianceState]
|
|
179
|
+
# The compliance state of the resource.
|
|
180
|
+
# @!attribute [rw] compliance_state_reason
|
|
181
|
+
# @return [::String]
|
|
182
|
+
# A reason for the resource to be in the given compliance state.
|
|
183
|
+
# This field is always populated when `compliance_state` is `UNKNOWN`.
|
|
184
|
+
#
|
|
185
|
+
# The following values are supported when `compliance_state == UNKNOWN`
|
|
186
|
+
#
|
|
187
|
+
# * `execution-errors`: Errors were encountered by the agent while
|
|
188
|
+
# executing the resource and the compliance state couldn't be
|
|
189
|
+
# determined.
|
|
190
|
+
# * `execution-skipped-by-agent`: Resource execution was skipped by the
|
|
191
|
+
# agent because errors were encountered while executing prior resources
|
|
192
|
+
# in the OS policy.
|
|
193
|
+
# * `os-policy-execution-attempt-failed`: The execution of the OS policy
|
|
194
|
+
# containing this resource failed and the compliance state couldn't be
|
|
195
|
+
# determined.
|
|
196
|
+
# @!attribute [rw] exec_resource_output
|
|
197
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::ExecResourceOutput]
|
|
198
|
+
# ExecResource specific output.
|
|
199
|
+
class OSPolicyResourceCompliance
|
|
200
|
+
include ::Google::Protobuf::MessageExts
|
|
201
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
202
|
+
|
|
203
|
+
# Step performed by the OS Config agent for configuring an
|
|
204
|
+
# `OSPolicy` resource to its desired state.
|
|
205
|
+
# @!attribute [rw] type
|
|
206
|
+
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignmentReport::OSPolicyCompliance::OSPolicyResourceCompliance::OSPolicyResourceConfigStep::Type]
|
|
207
|
+
# Configuration step type.
|
|
208
|
+
# @!attribute [rw] error_message
|
|
209
|
+
# @return [::String]
|
|
210
|
+
# An error message recorded during the execution of this step.
|
|
211
|
+
# Only populated if errors were encountered during this step execution.
|
|
212
|
+
class OSPolicyResourceConfigStep
|
|
213
|
+
include ::Google::Protobuf::MessageExts
|
|
214
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
215
|
+
|
|
216
|
+
# Supported configuration step types
|
|
217
|
+
module Type
|
|
218
|
+
# Default value. This value is unused.
|
|
219
|
+
TYPE_UNSPECIFIED = 0
|
|
220
|
+
|
|
221
|
+
# Checks for resource conflicts such as schema errors.
|
|
222
|
+
VALIDATION = 1
|
|
223
|
+
|
|
224
|
+
# Checks the current status of the desired state for a resource.
|
|
225
|
+
DESIRED_STATE_CHECK = 2
|
|
226
|
+
|
|
227
|
+
# Enforces the desired state for a resource that is not in desired
|
|
228
|
+
# state.
|
|
229
|
+
DESIRED_STATE_ENFORCEMENT = 3
|
|
230
|
+
|
|
231
|
+
# Re-checks the status of the desired state. This check is done
|
|
232
|
+
# for a resource after the enforcement of all OS policies.
|
|
233
|
+
#
|
|
234
|
+
# This step is used to determine the final desired state status for
|
|
235
|
+
# the resource. It accounts for any resources that might have drifted
|
|
236
|
+
# from their desired state due to side effects from executing other
|
|
237
|
+
# resources.
|
|
238
|
+
DESIRED_STATE_CHECK_POST_ENFORCEMENT = 4
|
|
239
|
+
end
|
|
240
|
+
end
|
|
241
|
+
|
|
242
|
+
# ExecResource specific output.
|
|
243
|
+
# @!attribute [rw] enforcement_output
|
|
244
|
+
# @return [::String]
|
|
245
|
+
# Output from enforcement phase output file (if run).
|
|
246
|
+
# Output size is limited to 100K bytes.
|
|
247
|
+
class ExecResourceOutput
|
|
248
|
+
include ::Google::Protobuf::MessageExts
|
|
249
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
250
|
+
end
|
|
251
|
+
|
|
252
|
+
# Possible compliance states for a resource.
|
|
253
|
+
module ComplianceState
|
|
254
|
+
# The resource is in an unknown compliance state.
|
|
255
|
+
#
|
|
256
|
+
# To get more details about why the policy is in this state, review
|
|
257
|
+
# the output of the `compliance_state_reason` field.
|
|
258
|
+
UNKNOWN = 0
|
|
259
|
+
|
|
260
|
+
# Resource is compliant.
|
|
261
|
+
COMPLIANT = 1
|
|
262
|
+
|
|
263
|
+
# Resource is non-compliant.
|
|
264
|
+
NON_COMPLIANT = 2
|
|
265
|
+
end
|
|
266
|
+
end
|
|
267
|
+
|
|
268
|
+
# Possible compliance states for an os policy.
|
|
269
|
+
module ComplianceState
|
|
270
|
+
# The policy is in an unknown compliance state.
|
|
271
|
+
#
|
|
272
|
+
# Refer to the field `compliance_state_reason` to learn the exact reason
|
|
273
|
+
# for the policy to be in this compliance state.
|
|
274
|
+
UNKNOWN = 0
|
|
275
|
+
|
|
276
|
+
# Policy is compliant.
|
|
277
|
+
#
|
|
278
|
+
# The policy is compliant if all the underlying resources are also
|
|
279
|
+
# compliant.
|
|
280
|
+
COMPLIANT = 1
|
|
281
|
+
|
|
282
|
+
# Policy is non-compliant.
|
|
283
|
+
#
|
|
284
|
+
# The policy is non-compliant if one or more underlying resources are
|
|
285
|
+
# non-compliant.
|
|
286
|
+
NON_COMPLIANT = 2
|
|
287
|
+
end
|
|
288
|
+
end
|
|
289
|
+
end
|
|
290
|
+
end
|
|
291
|
+
end
|
|
292
|
+
end
|
|
293
|
+
end
|
|
@@ -68,6 +68,10 @@ module Google
|
|
|
68
68
|
# @!attribute [r] revision_create_time
|
|
69
69
|
# @return [::Google::Protobuf::Timestamp]
|
|
70
70
|
# Output only. The timestamp that the revision was created.
|
|
71
|
+
# @!attribute [rw] etag
|
|
72
|
+
# @return [::String]
|
|
73
|
+
# The etag for this OS policy assignment.
|
|
74
|
+
# If this is provided on update, it must match the server's etag.
|
|
71
75
|
# @!attribute [r] rollout_state
|
|
72
76
|
# @return [::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::RolloutState]
|
|
73
77
|
# Output only. OS policy assignment rollout state
|
|
@@ -122,14 +126,18 @@ module Google
|
|
|
122
126
|
end
|
|
123
127
|
end
|
|
124
128
|
|
|
125
|
-
#
|
|
129
|
+
# Filters to select target VMs for an assignment.
|
|
130
|
+
#
|
|
131
|
+
# If more than one filter criteria is specified below, a VM will be selected
|
|
132
|
+
# if and only if it satisfies all of them.
|
|
126
133
|
# @!attribute [rw] all
|
|
127
134
|
# @return [::Boolean]
|
|
128
135
|
# Target all VMs in the project. If true, no other criteria is
|
|
129
136
|
# permitted.
|
|
130
137
|
# @!attribute [rw] os_short_names
|
|
131
138
|
# @return [::Array<::String>]
|
|
132
|
-
#
|
|
139
|
+
# Deprecated. Use the `inventories` field instead.
|
|
140
|
+
# A VM is selected if it's OS short name matches with any of the
|
|
133
141
|
# values provided in this list.
|
|
134
142
|
# @!attribute [rw] inclusion_labels
|
|
135
143
|
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::LabelSet>]
|
|
@@ -143,13 +151,33 @@ module Google
|
|
|
143
151
|
#
|
|
144
152
|
# If the list has more than one label set, the VM is excluded if any
|
|
145
153
|
# of the label sets are applicable for the VM.
|
|
154
|
+
# @!attribute [rw] inventories
|
|
155
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::OSPolicyAssignment::InstanceFilter::Inventory>]
|
|
156
|
+
# List of inventories to select VMs.
|
|
146
157
|
#
|
|
147
|
-
#
|
|
148
|
-
#
|
|
149
|
-
# label sets.
|
|
158
|
+
# A VM is selected if its inventory data matches at least one of the
|
|
159
|
+
# following inventories.
|
|
150
160
|
class InstanceFilter
|
|
151
161
|
include ::Google::Protobuf::MessageExts
|
|
152
162
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
163
|
+
|
|
164
|
+
# VM inventory details.
|
|
165
|
+
# @!attribute [rw] os_short_name
|
|
166
|
+
# @return [::String]
|
|
167
|
+
# Required. The OS short name
|
|
168
|
+
# @!attribute [rw] os_version
|
|
169
|
+
# @return [::String]
|
|
170
|
+
# The OS version
|
|
171
|
+
#
|
|
172
|
+
# Prefix matches are supported if asterisk(*) is provided as the
|
|
173
|
+
# last character. For example, to match all versions with a major
|
|
174
|
+
# version of `7`, specify the following value for this field `7.*`
|
|
175
|
+
#
|
|
176
|
+
# An empty string matches all OS versions.
|
|
177
|
+
class Inventory
|
|
178
|
+
include ::Google::Protobuf::MessageExts
|
|
179
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
180
|
+
end
|
|
153
181
|
end
|
|
154
182
|
|
|
155
183
|
# Message to configure the rollout at the zonal level for the OS policy
|
|
@@ -37,8 +37,8 @@ module Google
|
|
|
37
37
|
# Output only. List of vulnerabilities affecting the VM.
|
|
38
38
|
# @!attribute [r] update_time
|
|
39
39
|
# @return [::Google::Protobuf::Timestamp]
|
|
40
|
-
# Output only. The timestamp for when the last vulnerability report was
|
|
41
|
-
#
|
|
40
|
+
# Output only. The timestamp for when the last vulnerability report was generated for the
|
|
41
|
+
# VM.
|
|
42
42
|
class VulnerabilityReport
|
|
43
43
|
include ::Google::Protobuf::MessageExts
|
|
44
44
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -69,6 +69,9 @@ module Google
|
|
|
69
69
|
# @!attribute [rw] update_time
|
|
70
70
|
# @return [::Google::Protobuf::Timestamp]
|
|
71
71
|
# The timestamp for when the vulnerability was last modified.
|
|
72
|
+
# @!attribute [rw] items
|
|
73
|
+
# @return [::Array<::Google::Cloud::OsConfig::V1alpha::VulnerabilityReport::Vulnerability::Item>]
|
|
74
|
+
# List of items affected by the vulnerability.
|
|
72
75
|
class Vulnerability
|
|
73
76
|
include ::Google::Protobuf::MessageExts
|
|
74
77
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -104,11 +107,43 @@ module Google
|
|
|
104
107
|
# @!attribute [rw] url
|
|
105
108
|
# @return [::String]
|
|
106
109
|
# The url of the reference.
|
|
110
|
+
# @!attribute [rw] source
|
|
111
|
+
# @return [::String]
|
|
112
|
+
# The source of the reference e.g. NVD.
|
|
107
113
|
class Reference
|
|
108
114
|
include ::Google::Protobuf::MessageExts
|
|
109
115
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
110
116
|
end
|
|
111
117
|
end
|
|
118
|
+
|
|
119
|
+
# OS inventory item that is affected by a vulnerability or fixed as a
|
|
120
|
+
# result of a vulnerability.
|
|
121
|
+
# @!attribute [rw] installed_inventory_item_id
|
|
122
|
+
# @return [::String]
|
|
123
|
+
# Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
|
|
124
|
+
# This field displays the inventory items affected by this vulnerability.
|
|
125
|
+
# If the vulnerability report was not updated after the VM inventory
|
|
126
|
+
# update, these values might not display in VM inventory. For some
|
|
127
|
+
# operating systems, this field might be empty.
|
|
128
|
+
# @!attribute [rw] available_inventory_item_id
|
|
129
|
+
# @return [::String]
|
|
130
|
+
# Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
|
|
131
|
+
# If the vulnerability report was not updated after the VM inventory
|
|
132
|
+
# update, these values might not display in VM inventory. If there is no
|
|
133
|
+
# available fix, the field is empty. The `inventory_item` value specifies
|
|
134
|
+
# the latest `SoftwarePackage` available to the VM that fixes the
|
|
135
|
+
# vulnerability.
|
|
136
|
+
# @!attribute [rw] fixed_cpe_uri
|
|
137
|
+
# @return [::String]
|
|
138
|
+
# The recommended [CPE URI](https://cpe.mitre.org/specification/) update
|
|
139
|
+
# that contains a fix for this vulnerability.
|
|
140
|
+
# @!attribute [rw] upstream_fix
|
|
141
|
+
# @return [::String]
|
|
142
|
+
# The upstream OS patch, packages or KB that fixes the vulnerability.
|
|
143
|
+
class Item
|
|
144
|
+
include ::Google::Protobuf::MessageExts
|
|
145
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
146
|
+
end
|
|
112
147
|
end
|
|
113
148
|
end
|
|
114
149
|
|
|
@@ -134,11 +169,9 @@ module Google
|
|
|
134
169
|
# @return [::String]
|
|
135
170
|
# Required. The parent resource name.
|
|
136
171
|
#
|
|
137
|
-
# Format: `projects/{project}/locations/{location}/instances
|
|
172
|
+
# Format: `projects/{project}/locations/{location}/instances/-`
|
|
138
173
|
#
|
|
139
174
|
# For `{project}`, either `project-number` or `project-id` can be provided.
|
|
140
|
-
# For `{instance}`, only `-` character is supported to list vulnerability
|
|
141
|
-
# reports across VMs.
|
|
142
175
|
# @!attribute [rw] page_size
|
|
143
176
|
# @return [::Integer]
|
|
144
177
|
# The maximum number of results to return.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-cloud-os_config-v1alpha
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Google LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-02-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gapic-common
|
|
@@ -181,6 +181,7 @@ files:
|
|
|
181
181
|
- lib/google/cloud/osconfig/v1alpha/config_common_pb.rb
|
|
182
182
|
- lib/google/cloud/osconfig/v1alpha/instance_os_policies_compliance_pb.rb
|
|
183
183
|
- lib/google/cloud/osconfig/v1alpha/inventory_pb.rb
|
|
184
|
+
- lib/google/cloud/osconfig/v1alpha/os_policy_assignment_reports_pb.rb
|
|
184
185
|
- lib/google/cloud/osconfig/v1alpha/os_policy_assignments_pb.rb
|
|
185
186
|
- lib/google/cloud/osconfig/v1alpha/os_policy_pb.rb
|
|
186
187
|
- lib/google/cloud/osconfig/v1alpha/osconfig_common_pb.rb
|
|
@@ -194,6 +195,7 @@ files:
|
|
|
194
195
|
- proto_docs/google/cloud/osconfig/v1alpha/instance_os_policies_compliance.rb
|
|
195
196
|
- proto_docs/google/cloud/osconfig/v1alpha/inventory.rb
|
|
196
197
|
- proto_docs/google/cloud/osconfig/v1alpha/os_policy.rb
|
|
198
|
+
- proto_docs/google/cloud/osconfig/v1alpha/os_policy_assignment_reports.rb
|
|
197
199
|
- proto_docs/google/cloud/osconfig/v1alpha/os_policy_assignments.rb
|
|
198
200
|
- proto_docs/google/cloud/osconfig/v1alpha/osconfig_common.rb
|
|
199
201
|
- proto_docs/google/cloud/osconfig/v1alpha/vulnerability.rb
|
|
@@ -224,7 +226,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
224
226
|
- !ruby/object:Gem::Version
|
|
225
227
|
version: '0'
|
|
226
228
|
requirements: []
|
|
227
|
-
rubygems_version: 3.3.
|
|
229
|
+
rubygems_version: 3.3.5
|
|
228
230
|
signing_key:
|
|
229
231
|
specification_version: 4
|
|
230
232
|
summary: API Client library for the Cloud OS Config V1alpha API
|