google-cloud-security_center-v1 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +169 -0
- data/LICENSE.md +203 -0
- data/README.md +71 -0
- data/lib/google/cloud/common_resources_pb.rb +15 -0
- data/lib/google/cloud/security_center/v1/security_center/client.rb +2673 -0
- data/lib/google/cloud/security_center/v1/security_center/credentials.rb +51 -0
- data/lib/google/cloud/security_center/v1/security_center/operations.rb +564 -0
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +172 -0
- data/lib/google/cloud/security_center/v1/security_center.rb +50 -0
- data/lib/google/cloud/security_center/v1/version.rb +28 -0
- data/lib/google/cloud/security_center/v1.rb +35 -0
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +35 -0
- data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +27 -0
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +37 -0
- data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +32 -0
- data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +25 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +237 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +105 -0
- data/lib/google/cloud/securitycenter/v1/source_pb.rb +26 -0
- data/lib/google-cloud-security_center-v1.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/field_behavior.rb +59 -0
- data/proto_docs/google/api/resource.rb +247 -0
- data/proto_docs/google/cloud/securitycenter/v1/asset.rb +127 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +113 -0
- data/proto_docs/google/cloud/securitycenter/v1/notification_config.rb +85 -0
- data/proto_docs/google/cloud/securitycenter/v1/notification_message.rb +39 -0
- data/proto_docs/google/cloud/securitycenter/v1/organization_settings.rb +82 -0
- data/proto_docs/google/cloud/securitycenter/v1/run_asset_discovery_response.rb +54 -0
- data/proto_docs/google/cloud/securitycenter/v1/security_marks.rb +61 -0
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +1015 -0
- data/proto_docs/google/cloud/securitycenter/v1/source.rb +57 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +80 -0
- data/proto_docs/google/iam/v1/options.rb +40 -0
- data/proto_docs/google/iam/v1/policy.rb +248 -0
- data/proto_docs/google/longrunning/operations.rb +150 -0
- data/proto_docs/google/protobuf/any.rb +138 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/struct.rb +96 -0
- data/proto_docs/google/protobuf/timestamp.rb +120 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- data/proto_docs/google/type/expr.rb +52 -0
- metadata +222 -0
@@ -0,0 +1,247 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Api
|
22
|
+
# A simple descriptor of a resource type.
|
23
|
+
#
|
24
|
+
# ResourceDescriptor annotates a resource message (either by means of a
|
25
|
+
# protobuf annotation or use in the service config), and associates the
|
26
|
+
# resource's schema, the resource type, and the pattern of the resource name.
|
27
|
+
#
|
28
|
+
# Example:
|
29
|
+
#
|
30
|
+
# message Topic {
|
31
|
+
# // Indicates this message defines a resource schema.
|
32
|
+
# // Declares the resource type in the format of {service}/{kind}.
|
33
|
+
# // For Kubernetes resources, the format is {api group}/{kind}.
|
34
|
+
# option (google.api.resource) = {
|
35
|
+
# type: "pubsub.googleapis.com/Topic"
|
36
|
+
# name_descriptor: {
|
37
|
+
# pattern: "projects/{project}/topics/{topic}"
|
38
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
39
|
+
# parent_name_extractor: "projects/{project}"
|
40
|
+
# }
|
41
|
+
# };
|
42
|
+
# }
|
43
|
+
#
|
44
|
+
# The ResourceDescriptor Yaml config will look like:
|
45
|
+
#
|
46
|
+
# resources:
|
47
|
+
# - type: "pubsub.googleapis.com/Topic"
|
48
|
+
# name_descriptor:
|
49
|
+
# - pattern: "projects/\\{project}/topics/\\{topic}"
|
50
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
+
# parent_name_extractor: "projects/\\{project}"
|
52
|
+
#
|
53
|
+
# Sometimes, resources have multiple patterns, typically because they can
|
54
|
+
# live under multiple parents.
|
55
|
+
#
|
56
|
+
# Example:
|
57
|
+
#
|
58
|
+
# message LogEntry {
|
59
|
+
# option (google.api.resource) = {
|
60
|
+
# type: "logging.googleapis.com/LogEntry"
|
61
|
+
# name_descriptor: {
|
62
|
+
# pattern: "projects/{project}/logs/{log}"
|
63
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
64
|
+
# parent_name_extractor: "projects/{project}"
|
65
|
+
# }
|
66
|
+
# name_descriptor: {
|
67
|
+
# pattern: "folders/{folder}/logs/{log}"
|
68
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
69
|
+
# parent_name_extractor: "folders/{folder}"
|
70
|
+
# }
|
71
|
+
# name_descriptor: {
|
72
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
73
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
74
|
+
# parent_name_extractor: "organizations/{organization}"
|
75
|
+
# }
|
76
|
+
# name_descriptor: {
|
77
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
78
|
+
# parent_type: "billing.googleapis.com/BillingAccount"
|
79
|
+
# parent_name_extractor: "billingAccounts/{billing_account}"
|
80
|
+
# }
|
81
|
+
# };
|
82
|
+
# }
|
83
|
+
#
|
84
|
+
# The ResourceDescriptor Yaml config will look like:
|
85
|
+
#
|
86
|
+
# resources:
|
87
|
+
# - type: 'logging.googleapis.com/LogEntry'
|
88
|
+
# name_descriptor:
|
89
|
+
# - pattern: "projects/{project}/logs/{log}"
|
90
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
91
|
+
# parent_name_extractor: "projects/{project}"
|
92
|
+
# - pattern: "folders/{folder}/logs/{log}"
|
93
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
94
|
+
# parent_name_extractor: "folders/{folder}"
|
95
|
+
# - pattern: "organizations/{organization}/logs/{log}"
|
96
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
97
|
+
# parent_name_extractor: "organizations/{organization}"
|
98
|
+
# - pattern: "billingAccounts/{billing_account}/logs/{log}"
|
99
|
+
# parent_type: "billing.googleapis.com/BillingAccount"
|
100
|
+
# parent_name_extractor: "billingAccounts/{billing_account}"
|
101
|
+
#
|
102
|
+
# For flexible resources, the resource name doesn't contain parent names, but
|
103
|
+
# the resource itself has parents for policy evaluation.
|
104
|
+
#
|
105
|
+
# Example:
|
106
|
+
#
|
107
|
+
# message Shelf {
|
108
|
+
# option (google.api.resource) = {
|
109
|
+
# type: "library.googleapis.com/Shelf"
|
110
|
+
# name_descriptor: {
|
111
|
+
# pattern: "shelves/{shelf}"
|
112
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
113
|
+
# }
|
114
|
+
# name_descriptor: {
|
115
|
+
# pattern: "shelves/{shelf}"
|
116
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
117
|
+
# }
|
118
|
+
# };
|
119
|
+
# }
|
120
|
+
#
|
121
|
+
# The ResourceDescriptor Yaml config will look like:
|
122
|
+
#
|
123
|
+
# resources:
|
124
|
+
# - type: 'library.googleapis.com/Shelf'
|
125
|
+
# name_descriptor:
|
126
|
+
# - pattern: "shelves/{shelf}"
|
127
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
128
|
+
# - pattern: "shelves/{shelf}"
|
129
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
130
|
+
# @!attribute [rw] type
|
131
|
+
# @return [String]
|
132
|
+
# The resource type. It must be in the format of
|
133
|
+
# \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
|
134
|
+
# singular and must not include version numbers.
|
135
|
+
#
|
136
|
+
# Example: `storage.googleapis.com/Bucket`
|
137
|
+
#
|
138
|
+
# The value of the resource_type_kind must follow the regular expression
|
139
|
+
# /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
|
140
|
+
# should use PascalCase (UpperCamelCase). The maximum number of
|
141
|
+
# characters allowed for the `resource_type_kind` is 100.
|
142
|
+
# @!attribute [rw] pattern
|
143
|
+
# @return [Array<String>]
|
144
|
+
# Optional. The relative resource name pattern associated with this resource
|
145
|
+
# type. The DNS prefix of the full resource name shouldn't be specified here.
|
146
|
+
#
|
147
|
+
# The path pattern must follow the syntax, which aligns with HTTP binding
|
148
|
+
# syntax:
|
149
|
+
#
|
150
|
+
# Template = Segment { "/" Segment } ;
|
151
|
+
# Segment = LITERAL | Variable ;
|
152
|
+
# Variable = "{" LITERAL "}" ;
|
153
|
+
#
|
154
|
+
# Examples:
|
155
|
+
#
|
156
|
+
# - "projects/\\{project}/topics/\\{topic}"
|
157
|
+
# - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
|
158
|
+
#
|
159
|
+
# The components in braces correspond to the IDs for each resource in the
|
160
|
+
# hierarchy. It is expected that, if multiple patterns are provided,
|
161
|
+
# the same component name (e.g. "project") refers to IDs of the same
|
162
|
+
# type of resource.
|
163
|
+
# @!attribute [rw] name_field
|
164
|
+
# @return [String]
|
165
|
+
# Optional. The field on the resource that designates the resource name
|
166
|
+
# field. If omitted, this is assumed to be "name".
|
167
|
+
# @!attribute [rw] history
|
168
|
+
# @return [Google::Api::ResourceDescriptor::History]
|
169
|
+
# Optional. The historical or future-looking state of the resource pattern.
|
170
|
+
#
|
171
|
+
# Example:
|
172
|
+
#
|
173
|
+
# // The InspectTemplate message originally only supported resource
|
174
|
+
# // names with organization, and project was added later.
|
175
|
+
# message InspectTemplate {
|
176
|
+
# option (google.api.resource) = {
|
177
|
+
# type: "dlp.googleapis.com/InspectTemplate"
|
178
|
+
# pattern:
|
179
|
+
# "organizations/{organization}/inspectTemplates/{inspect_template}"
|
180
|
+
# pattern: "projects/{project}/inspectTemplates/{inspect_template}"
|
181
|
+
# history: ORIGINALLY_SINGLE_PATTERN
|
182
|
+
# };
|
183
|
+
# }
|
184
|
+
# @!attribute [rw] plural
|
185
|
+
# @return [String]
|
186
|
+
# The plural name used in the resource name, such as 'projects' for
|
187
|
+
# the name of 'projects/\\{project}'. It is the same concept of the `plural`
|
188
|
+
# field in k8s CRD spec
|
189
|
+
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
190
|
+
# @!attribute [rw] singular
|
191
|
+
# @return [String]
|
192
|
+
# The same concept of the `singular` field in k8s CRD spec
|
193
|
+
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
194
|
+
# Such as "project" for the `resourcemanager.googleapis.com/Project` type.
|
195
|
+
class ResourceDescriptor
|
196
|
+
include Google::Protobuf::MessageExts
|
197
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
198
|
+
|
199
|
+
# A description of the historical or future-looking state of the
|
200
|
+
# resource pattern.
|
201
|
+
module History
|
202
|
+
# The "unset" value.
|
203
|
+
HISTORY_UNSPECIFIED = 0
|
204
|
+
|
205
|
+
# The resource originally had one pattern and launched as such, and
|
206
|
+
# additional patterns were added later.
|
207
|
+
ORIGINALLY_SINGLE_PATTERN = 1
|
208
|
+
|
209
|
+
# The resource has one pattern, but the API owner expects to add more
|
210
|
+
# later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
|
211
|
+
# that from being necessary once there are multiple patterns.)
|
212
|
+
FUTURE_MULTI_PATTERN = 2
|
213
|
+
end
|
214
|
+
end
|
215
|
+
|
216
|
+
# Defines a proto annotation that describes a string field that refers to
|
217
|
+
# an API resource.
|
218
|
+
# @!attribute [rw] type
|
219
|
+
# @return [String]
|
220
|
+
# The resource type that the annotated field references.
|
221
|
+
#
|
222
|
+
# Example:
|
223
|
+
#
|
224
|
+
# message Subscription {
|
225
|
+
# string topic = 2 [(google.api.resource_reference) = {
|
226
|
+
# type: "pubsub.googleapis.com/Topic"
|
227
|
+
# }];
|
228
|
+
# }
|
229
|
+
# @!attribute [rw] child_type
|
230
|
+
# @return [String]
|
231
|
+
# The resource type of a child collection that the annotated field
|
232
|
+
# references. This is useful for annotating the `parent` field that
|
233
|
+
# doesn't have a fixed resource type.
|
234
|
+
#
|
235
|
+
# Example:
|
236
|
+
#
|
237
|
+
# message ListLogEntriesRequest {
|
238
|
+
# string parent = 1 [(google.api.resource_reference) = {
|
239
|
+
# child_type: "logging.googleapis.com/LogEntry"
|
240
|
+
# };
|
241
|
+
# }
|
242
|
+
class ResourceReference
|
243
|
+
include Google::Protobuf::MessageExts
|
244
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
245
|
+
end
|
246
|
+
end
|
247
|
+
end
|
@@ -0,0 +1,127 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud
|
25
|
+
# Platform (GCP) resource.
|
26
|
+
#
|
27
|
+
# The Asset is a Cloud SCC resource that captures information about a single
|
28
|
+
# GCP resource. All modifications to an Asset are only within the context of
|
29
|
+
# Cloud SCC and don't affect the referenced GCP resource.
|
30
|
+
# @!attribute [rw] name
|
31
|
+
# @return [String]
|
32
|
+
# The relative resource name of this asset. See:
|
33
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
34
|
+
# Example:
|
35
|
+
# "organizations/\\{organization_id}/assets/\\{asset_id}".
|
36
|
+
# @!attribute [rw] security_center_properties
|
37
|
+
# @return [Google::Cloud::SecurityCenter::V1::Asset::SecurityCenterProperties]
|
38
|
+
# Cloud SCC managed properties. These properties are managed by
|
39
|
+
# Cloud SCC and cannot be modified by the user.
|
40
|
+
# @!attribute [rw] resource_properties
|
41
|
+
# @return [Google::Protobuf::Map{String => Google::Protobuf::Value}]
|
42
|
+
# Resource managed properties. These properties are managed and defined by
|
43
|
+
# the GCP resource and cannot be modified by the user.
|
44
|
+
# @!attribute [rw] security_marks
|
45
|
+
# @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
|
46
|
+
# User specified security marks. These marks are entirely managed by the user
|
47
|
+
# and come from the SecurityMarks resource that belongs to the asset.
|
48
|
+
# @!attribute [rw] create_time
|
49
|
+
# @return [Google::Protobuf::Timestamp]
|
50
|
+
# The time at which the asset was created in Cloud SCC.
|
51
|
+
# @!attribute [rw] update_time
|
52
|
+
# @return [Google::Protobuf::Timestamp]
|
53
|
+
# The time at which the asset was last updated, added, or deleted in Cloud
|
54
|
+
# SCC.
|
55
|
+
# @!attribute [rw] iam_policy
|
56
|
+
# @return [Google::Cloud::SecurityCenter::V1::Asset::IamPolicy]
|
57
|
+
# IAM Policy information associated with the GCP resource described by the
|
58
|
+
# Cloud SCC asset. This information is managed and defined by the GCP
|
59
|
+
# resource and cannot be modified by the user.
|
60
|
+
class Asset
|
61
|
+
include Google::Protobuf::MessageExts
|
62
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
63
|
+
|
64
|
+
# Cloud SCC managed properties. These properties are managed by Cloud SCC and
|
65
|
+
# cannot be modified by the user.
|
66
|
+
# @!attribute [rw] resource_name
|
67
|
+
# @return [String]
|
68
|
+
# The full resource name of the GCP resource this asset
|
69
|
+
# represents. This field is immutable after create time. See:
|
70
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
71
|
+
# @!attribute [rw] resource_type
|
72
|
+
# @return [String]
|
73
|
+
# The type of the GCP resource. Examples include: APPLICATION,
|
74
|
+
# PROJECT, and ORGANIZATION. This is a case insensitive field defined by
|
75
|
+
# Cloud SCC and/or the producer of the resource and is immutable
|
76
|
+
# after create time.
|
77
|
+
# @!attribute [rw] resource_parent
|
78
|
+
# @return [String]
|
79
|
+
# The full resource name of the immediate parent of the resource. See:
|
80
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
81
|
+
# @!attribute [rw] resource_project
|
82
|
+
# @return [String]
|
83
|
+
# The full resource name of the project the resource belongs to. See:
|
84
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
85
|
+
# @!attribute [rw] resource_owners
|
86
|
+
# @return [Array<String>]
|
87
|
+
# Owners of the Google Cloud resource.
|
88
|
+
# @!attribute [rw] resource_display_name
|
89
|
+
# @return [String]
|
90
|
+
# The user defined display name for this resource.
|
91
|
+
# @!attribute [rw] resource_parent_display_name
|
92
|
+
# @return [String]
|
93
|
+
# The user defined display name for the parent of this resource.
|
94
|
+
# @!attribute [rw] resource_project_display_name
|
95
|
+
# @return [String]
|
96
|
+
# The user defined display name for the project of this resource.
|
97
|
+
class SecurityCenterProperties
|
98
|
+
include Google::Protobuf::MessageExts
|
99
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
100
|
+
end
|
101
|
+
|
102
|
+
# IAM Policy information associated with the GCP resource described by the
|
103
|
+
# Cloud SCC asset. This information is managed and defined by the GCP
|
104
|
+
# resource and cannot be modified by the user.
|
105
|
+
# @!attribute [rw] policy_blob
|
106
|
+
# @return [String]
|
107
|
+
# The JSON representation of the Policy associated with the asset.
|
108
|
+
# See https://cloud.google.com/iam/reference/rest/v1/Policy for format
|
109
|
+
# details.
|
110
|
+
class IamPolicy
|
111
|
+
include Google::Protobuf::MessageExts
|
112
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
113
|
+
end
|
114
|
+
|
115
|
+
# @!attribute [rw] key
|
116
|
+
# @return [String]
|
117
|
+
# @!attribute [rw] value
|
118
|
+
# @return [Google::Protobuf::Value]
|
119
|
+
class ResourcePropertiesEntry
|
120
|
+
include Google::Protobuf::MessageExts
|
121
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
@@ -0,0 +1,113 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud Security Command Center (Cloud SCC) finding.
|
25
|
+
#
|
26
|
+
# A finding is a record of assessment data like security, risk, health, or
|
27
|
+
# privacy, that is ingested into Cloud SCC for presentation, notification,
|
28
|
+
# analysis, policy testing, and enforcement. For example, a
|
29
|
+
# cross-site scripting (XSS) vulnerability in an App Engine application is a
|
30
|
+
# finding.
|
31
|
+
# @!attribute [rw] name
|
32
|
+
# @return [String]
|
33
|
+
# The relative resource name of this finding. See:
|
34
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
35
|
+
# Example:
|
36
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}"
|
37
|
+
# @!attribute [rw] parent
|
38
|
+
# @return [String]
|
39
|
+
# The relative resource name of the source the finding belongs to. See:
|
40
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
41
|
+
# This field is immutable after creation time.
|
42
|
+
# For example:
|
43
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}"
|
44
|
+
# @!attribute [rw] resource_name
|
45
|
+
# @return [String]
|
46
|
+
# For findings on Google Cloud Platform (GCP) resources, the full resource
|
47
|
+
# name of the GCP resource this finding is for. See:
|
48
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
49
|
+
# When the finding is for a non-GCP resource, the resourceName can be a
|
50
|
+
# customer or partner defined string.
|
51
|
+
# This field is immutable after creation time.
|
52
|
+
# @!attribute [rw] state
|
53
|
+
# @return [Google::Cloud::SecurityCenter::V1::Finding::State]
|
54
|
+
# The state of the finding.
|
55
|
+
# @!attribute [rw] category
|
56
|
+
# @return [String]
|
57
|
+
# The additional taxonomy group within findings from a given source.
|
58
|
+
# This field is immutable after creation time.
|
59
|
+
# Example: "XSS_FLASH_INJECTION"
|
60
|
+
# @!attribute [rw] external_uri
|
61
|
+
# @return [String]
|
62
|
+
# The URI that, if available, points to a web page outside of Cloud SCC
|
63
|
+
# where additional information about the finding can be found. This field is
|
64
|
+
# guaranteed to be either empty or a well formed URL.
|
65
|
+
# @!attribute [rw] source_properties
|
66
|
+
# @return [Google::Protobuf::Map{String => Google::Protobuf::Value}]
|
67
|
+
# Source specific properties. These properties are managed by the source
|
68
|
+
# that writes the finding. The key names in the source_properties map must be
|
69
|
+
# between 1 and 255 characters, and must start with a letter and contain
|
70
|
+
# alphanumeric characters or underscores only.
|
71
|
+
# @!attribute [r] security_marks
|
72
|
+
# @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
|
73
|
+
# Output only. User specified security marks. These marks are entirely
|
74
|
+
# managed by the user and come from the SecurityMarks resource that belongs
|
75
|
+
# to the finding.
|
76
|
+
# @!attribute [rw] event_time
|
77
|
+
# @return [Google::Protobuf::Timestamp]
|
78
|
+
# The time at which the event took place. For example, if the finding
|
79
|
+
# represents an open firewall it would capture the time the detector believes
|
80
|
+
# the firewall became open. The accuracy is determined by the detector.
|
81
|
+
# @!attribute [rw] create_time
|
82
|
+
# @return [Google::Protobuf::Timestamp]
|
83
|
+
# The time at which the finding was created in Cloud SCC.
|
84
|
+
class Finding
|
85
|
+
include Google::Protobuf::MessageExts
|
86
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
87
|
+
|
88
|
+
# @!attribute [rw] key
|
89
|
+
# @return [String]
|
90
|
+
# @!attribute [rw] value
|
91
|
+
# @return [Google::Protobuf::Value]
|
92
|
+
class SourcePropertiesEntry
|
93
|
+
include Google::Protobuf::MessageExts
|
94
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
95
|
+
end
|
96
|
+
|
97
|
+
# The state of the finding.
|
98
|
+
module State
|
99
|
+
# Unspecified state.
|
100
|
+
STATE_UNSPECIFIED = 0
|
101
|
+
|
102
|
+
# The finding requires attention and has not been addressed yet.
|
103
|
+
ACTIVE = 1
|
104
|
+
|
105
|
+
# The finding has been fixed, triaged as a non-issue or otherwise addressed
|
106
|
+
# and is no longer active.
|
107
|
+
INACTIVE = 2
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
@@ -0,0 +1,85 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud Security Command Center (Cloud SCC) notification configs.
|
25
|
+
#
|
26
|
+
# A notification config is a Cloud SCC resource that contains the configuration
|
27
|
+
# to send notifications for create/update events of findings, assets and etc.
|
28
|
+
# @!attribute [rw] name
|
29
|
+
# @return [String]
|
30
|
+
# The relative resource name of this notification config. See:
|
31
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
32
|
+
# Example:
|
33
|
+
# "organizations/\\{organization_id}/notificationConfigs/notify_public_bucket".
|
34
|
+
# @!attribute [rw] description
|
35
|
+
# @return [String]
|
36
|
+
# The description of the notification config (max of 1024 characters).
|
37
|
+
# @!attribute [rw] pubsub_topic
|
38
|
+
# @return [String]
|
39
|
+
# The PubSub topic to send notifications to. Its format is
|
40
|
+
# "projects/[project_id]/topics/[topic]".
|
41
|
+
# @!attribute [r] service_account
|
42
|
+
# @return [String]
|
43
|
+
# Output only. The service account that needs "pubsub.topics.publish"
|
44
|
+
# permission to publish to the PubSub topic.
|
45
|
+
# @!attribute [rw] streaming_config
|
46
|
+
# @return [Google::Cloud::SecurityCenter::V1::NotificationConfig::StreamingConfig]
|
47
|
+
# The config for triggering streaming-based notifications.
|
48
|
+
class NotificationConfig
|
49
|
+
include Google::Protobuf::MessageExts
|
50
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
51
|
+
|
52
|
+
# The config for streaming-based notifications, which send each event as soon
|
53
|
+
# as it is detected.
|
54
|
+
# @!attribute [rw] filter
|
55
|
+
# @return [String]
|
56
|
+
# Expression that defines the filter to apply across create/update events
|
57
|
+
# of assets or findings as specified by the event type. The expression is a
|
58
|
+
# list of zero or more restrictions combined via logical operators `AND`
|
59
|
+
# and `OR`. Parentheses are supported, and `OR` has higher precedence than
|
60
|
+
# `AND`.
|
61
|
+
#
|
62
|
+
# Restrictions have the form `<field> <operator> <value>` and may have a
|
63
|
+
# `-` character in front of them to indicate negation. The fields map to
|
64
|
+
# those defined in the corresponding resource.
|
65
|
+
#
|
66
|
+
# The supported operators are:
|
67
|
+
#
|
68
|
+
# * `=` for all value types.
|
69
|
+
# * `>`, `<`, `>=`, `<=` for integer values.
|
70
|
+
# * `:`, meaning substring matching, for strings.
|
71
|
+
#
|
72
|
+
# The supported value types are:
|
73
|
+
#
|
74
|
+
# * string literals in quotes.
|
75
|
+
# * integer literals without quotes.
|
76
|
+
# * boolean literals `true` and `false` without quotes.
|
77
|
+
class StreamingConfig
|
78
|
+
include Google::Protobuf::MessageExts
|
79
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud SCC's Notification
|
25
|
+
# @!attribute [rw] notification_config_name
|
26
|
+
# @return [String]
|
27
|
+
# Name of the notification config that generated current notification.
|
28
|
+
# @!attribute [rw] finding
|
29
|
+
# @return [Google::Cloud::SecurityCenter::V1::Finding]
|
30
|
+
# If it's a Finding based notification config, this field will be
|
31
|
+
# populated.
|
32
|
+
class NotificationMessage
|
33
|
+
include Google::Protobuf::MessageExts
|
34
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|