google-cloud-security_center-v1 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +169 -0
- data/LICENSE.md +203 -0
- data/README.md +71 -0
- data/lib/google/cloud/common_resources_pb.rb +15 -0
- data/lib/google/cloud/security_center/v1/security_center/client.rb +2673 -0
- data/lib/google/cloud/security_center/v1/security_center/credentials.rb +51 -0
- data/lib/google/cloud/security_center/v1/security_center/operations.rb +564 -0
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +172 -0
- data/lib/google/cloud/security_center/v1/security_center.rb +50 -0
- data/lib/google/cloud/security_center/v1/version.rb +28 -0
- data/lib/google/cloud/security_center/v1.rb +35 -0
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +35 -0
- data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +27 -0
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +37 -0
- data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +32 -0
- data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +25 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +237 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +105 -0
- data/lib/google/cloud/securitycenter/v1/source_pb.rb +26 -0
- data/lib/google-cloud-security_center-v1.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/field_behavior.rb +59 -0
- data/proto_docs/google/api/resource.rb +247 -0
- data/proto_docs/google/cloud/securitycenter/v1/asset.rb +127 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +113 -0
- data/proto_docs/google/cloud/securitycenter/v1/notification_config.rb +85 -0
- data/proto_docs/google/cloud/securitycenter/v1/notification_message.rb +39 -0
- data/proto_docs/google/cloud/securitycenter/v1/organization_settings.rb +82 -0
- data/proto_docs/google/cloud/securitycenter/v1/run_asset_discovery_response.rb +54 -0
- data/proto_docs/google/cloud/securitycenter/v1/security_marks.rb +61 -0
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +1015 -0
- data/proto_docs/google/cloud/securitycenter/v1/source.rb +57 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +80 -0
- data/proto_docs/google/iam/v1/options.rb +40 -0
- data/proto_docs/google/iam/v1/policy.rb +248 -0
- data/proto_docs/google/longrunning/operations.rb +150 -0
- data/proto_docs/google/protobuf/any.rb +138 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/struct.rb +96 -0
- data/proto_docs/google/protobuf/timestamp.rb +120 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- data/proto_docs/google/type/expr.rb +52 -0
- metadata +222 -0
@@ -0,0 +1,247 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Api
|
22
|
+
# A simple descriptor of a resource type.
|
23
|
+
#
|
24
|
+
# ResourceDescriptor annotates a resource message (either by means of a
|
25
|
+
# protobuf annotation or use in the service config), and associates the
|
26
|
+
# resource's schema, the resource type, and the pattern of the resource name.
|
27
|
+
#
|
28
|
+
# Example:
|
29
|
+
#
|
30
|
+
# message Topic {
|
31
|
+
# // Indicates this message defines a resource schema.
|
32
|
+
# // Declares the resource type in the format of {service}/{kind}.
|
33
|
+
# // For Kubernetes resources, the format is {api group}/{kind}.
|
34
|
+
# option (google.api.resource) = {
|
35
|
+
# type: "pubsub.googleapis.com/Topic"
|
36
|
+
# name_descriptor: {
|
37
|
+
# pattern: "projects/{project}/topics/{topic}"
|
38
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
39
|
+
# parent_name_extractor: "projects/{project}"
|
40
|
+
# }
|
41
|
+
# };
|
42
|
+
# }
|
43
|
+
#
|
44
|
+
# The ResourceDescriptor Yaml config will look like:
|
45
|
+
#
|
46
|
+
# resources:
|
47
|
+
# - type: "pubsub.googleapis.com/Topic"
|
48
|
+
# name_descriptor:
|
49
|
+
# - pattern: "projects/\\{project}/topics/\\{topic}"
|
50
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
+
# parent_name_extractor: "projects/\\{project}"
|
52
|
+
#
|
53
|
+
# Sometimes, resources have multiple patterns, typically because they can
|
54
|
+
# live under multiple parents.
|
55
|
+
#
|
56
|
+
# Example:
|
57
|
+
#
|
58
|
+
# message LogEntry {
|
59
|
+
# option (google.api.resource) = {
|
60
|
+
# type: "logging.googleapis.com/LogEntry"
|
61
|
+
# name_descriptor: {
|
62
|
+
# pattern: "projects/{project}/logs/{log}"
|
63
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
64
|
+
# parent_name_extractor: "projects/{project}"
|
65
|
+
# }
|
66
|
+
# name_descriptor: {
|
67
|
+
# pattern: "folders/{folder}/logs/{log}"
|
68
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
69
|
+
# parent_name_extractor: "folders/{folder}"
|
70
|
+
# }
|
71
|
+
# name_descriptor: {
|
72
|
+
# pattern: "organizations/{organization}/logs/{log}"
|
73
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
74
|
+
# parent_name_extractor: "organizations/{organization}"
|
75
|
+
# }
|
76
|
+
# name_descriptor: {
|
77
|
+
# pattern: "billingAccounts/{billing_account}/logs/{log}"
|
78
|
+
# parent_type: "billing.googleapis.com/BillingAccount"
|
79
|
+
# parent_name_extractor: "billingAccounts/{billing_account}"
|
80
|
+
# }
|
81
|
+
# };
|
82
|
+
# }
|
83
|
+
#
|
84
|
+
# The ResourceDescriptor Yaml config will look like:
|
85
|
+
#
|
86
|
+
# resources:
|
87
|
+
# - type: 'logging.googleapis.com/LogEntry'
|
88
|
+
# name_descriptor:
|
89
|
+
# - pattern: "projects/{project}/logs/{log}"
|
90
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
91
|
+
# parent_name_extractor: "projects/{project}"
|
92
|
+
# - pattern: "folders/{folder}/logs/{log}"
|
93
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
94
|
+
# parent_name_extractor: "folders/{folder}"
|
95
|
+
# - pattern: "organizations/{organization}/logs/{log}"
|
96
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Organization"
|
97
|
+
# parent_name_extractor: "organizations/{organization}"
|
98
|
+
# - pattern: "billingAccounts/{billing_account}/logs/{log}"
|
99
|
+
# parent_type: "billing.googleapis.com/BillingAccount"
|
100
|
+
# parent_name_extractor: "billingAccounts/{billing_account}"
|
101
|
+
#
|
102
|
+
# For flexible resources, the resource name doesn't contain parent names, but
|
103
|
+
# the resource itself has parents for policy evaluation.
|
104
|
+
#
|
105
|
+
# Example:
|
106
|
+
#
|
107
|
+
# message Shelf {
|
108
|
+
# option (google.api.resource) = {
|
109
|
+
# type: "library.googleapis.com/Shelf"
|
110
|
+
# name_descriptor: {
|
111
|
+
# pattern: "shelves/{shelf}"
|
112
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
113
|
+
# }
|
114
|
+
# name_descriptor: {
|
115
|
+
# pattern: "shelves/{shelf}"
|
116
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
117
|
+
# }
|
118
|
+
# };
|
119
|
+
# }
|
120
|
+
#
|
121
|
+
# The ResourceDescriptor Yaml config will look like:
|
122
|
+
#
|
123
|
+
# resources:
|
124
|
+
# - type: 'library.googleapis.com/Shelf'
|
125
|
+
# name_descriptor:
|
126
|
+
# - pattern: "shelves/{shelf}"
|
127
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
128
|
+
# - pattern: "shelves/{shelf}"
|
129
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Folder"
|
130
|
+
# @!attribute [rw] type
|
131
|
+
# @return [String]
|
132
|
+
# The resource type. It must be in the format of
|
133
|
+
# \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
|
134
|
+
# singular and must not include version numbers.
|
135
|
+
#
|
136
|
+
# Example: `storage.googleapis.com/Bucket`
|
137
|
+
#
|
138
|
+
# The value of the resource_type_kind must follow the regular expression
|
139
|
+
# /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
|
140
|
+
# should use PascalCase (UpperCamelCase). The maximum number of
|
141
|
+
# characters allowed for the `resource_type_kind` is 100.
|
142
|
+
# @!attribute [rw] pattern
|
143
|
+
# @return [Array<String>]
|
144
|
+
# Optional. The relative resource name pattern associated with this resource
|
145
|
+
# type. The DNS prefix of the full resource name shouldn't be specified here.
|
146
|
+
#
|
147
|
+
# The path pattern must follow the syntax, which aligns with HTTP binding
|
148
|
+
# syntax:
|
149
|
+
#
|
150
|
+
# Template = Segment { "/" Segment } ;
|
151
|
+
# Segment = LITERAL | Variable ;
|
152
|
+
# Variable = "{" LITERAL "}" ;
|
153
|
+
#
|
154
|
+
# Examples:
|
155
|
+
#
|
156
|
+
# - "projects/\\{project}/topics/\\{topic}"
|
157
|
+
# - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
|
158
|
+
#
|
159
|
+
# The components in braces correspond to the IDs for each resource in the
|
160
|
+
# hierarchy. It is expected that, if multiple patterns are provided,
|
161
|
+
# the same component name (e.g. "project") refers to IDs of the same
|
162
|
+
# type of resource.
|
163
|
+
# @!attribute [rw] name_field
|
164
|
+
# @return [String]
|
165
|
+
# Optional. The field on the resource that designates the resource name
|
166
|
+
# field. If omitted, this is assumed to be "name".
|
167
|
+
# @!attribute [rw] history
|
168
|
+
# @return [Google::Api::ResourceDescriptor::History]
|
169
|
+
# Optional. The historical or future-looking state of the resource pattern.
|
170
|
+
#
|
171
|
+
# Example:
|
172
|
+
#
|
173
|
+
# // The InspectTemplate message originally only supported resource
|
174
|
+
# // names with organization, and project was added later.
|
175
|
+
# message InspectTemplate {
|
176
|
+
# option (google.api.resource) = {
|
177
|
+
# type: "dlp.googleapis.com/InspectTemplate"
|
178
|
+
# pattern:
|
179
|
+
# "organizations/{organization}/inspectTemplates/{inspect_template}"
|
180
|
+
# pattern: "projects/{project}/inspectTemplates/{inspect_template}"
|
181
|
+
# history: ORIGINALLY_SINGLE_PATTERN
|
182
|
+
# };
|
183
|
+
# }
|
184
|
+
# @!attribute [rw] plural
|
185
|
+
# @return [String]
|
186
|
+
# The plural name used in the resource name, such as 'projects' for
|
187
|
+
# the name of 'projects/\\{project}'. It is the same concept of the `plural`
|
188
|
+
# field in k8s CRD spec
|
189
|
+
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
190
|
+
# @!attribute [rw] singular
|
191
|
+
# @return [String]
|
192
|
+
# The same concept of the `singular` field in k8s CRD spec
|
193
|
+
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
194
|
+
# Such as "project" for the `resourcemanager.googleapis.com/Project` type.
|
195
|
+
class ResourceDescriptor
|
196
|
+
include Google::Protobuf::MessageExts
|
197
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
198
|
+
|
199
|
+
# A description of the historical or future-looking state of the
|
200
|
+
# resource pattern.
|
201
|
+
module History
|
202
|
+
# The "unset" value.
|
203
|
+
HISTORY_UNSPECIFIED = 0
|
204
|
+
|
205
|
+
# The resource originally had one pattern and launched as such, and
|
206
|
+
# additional patterns were added later.
|
207
|
+
ORIGINALLY_SINGLE_PATTERN = 1
|
208
|
+
|
209
|
+
# The resource has one pattern, but the API owner expects to add more
|
210
|
+
# later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
|
211
|
+
# that from being necessary once there are multiple patterns.)
|
212
|
+
FUTURE_MULTI_PATTERN = 2
|
213
|
+
end
|
214
|
+
end
|
215
|
+
|
216
|
+
# Defines a proto annotation that describes a string field that refers to
|
217
|
+
# an API resource.
|
218
|
+
# @!attribute [rw] type
|
219
|
+
# @return [String]
|
220
|
+
# The resource type that the annotated field references.
|
221
|
+
#
|
222
|
+
# Example:
|
223
|
+
#
|
224
|
+
# message Subscription {
|
225
|
+
# string topic = 2 [(google.api.resource_reference) = {
|
226
|
+
# type: "pubsub.googleapis.com/Topic"
|
227
|
+
# }];
|
228
|
+
# }
|
229
|
+
# @!attribute [rw] child_type
|
230
|
+
# @return [String]
|
231
|
+
# The resource type of a child collection that the annotated field
|
232
|
+
# references. This is useful for annotating the `parent` field that
|
233
|
+
# doesn't have a fixed resource type.
|
234
|
+
#
|
235
|
+
# Example:
|
236
|
+
#
|
237
|
+
# message ListLogEntriesRequest {
|
238
|
+
# string parent = 1 [(google.api.resource_reference) = {
|
239
|
+
# child_type: "logging.googleapis.com/LogEntry"
|
240
|
+
# };
|
241
|
+
# }
|
242
|
+
class ResourceReference
|
243
|
+
include Google::Protobuf::MessageExts
|
244
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
245
|
+
end
|
246
|
+
end
|
247
|
+
end
|
@@ -0,0 +1,127 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud
|
25
|
+
# Platform (GCP) resource.
|
26
|
+
#
|
27
|
+
# The Asset is a Cloud SCC resource that captures information about a single
|
28
|
+
# GCP resource. All modifications to an Asset are only within the context of
|
29
|
+
# Cloud SCC and don't affect the referenced GCP resource.
|
30
|
+
# @!attribute [rw] name
|
31
|
+
# @return [String]
|
32
|
+
# The relative resource name of this asset. See:
|
33
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
34
|
+
# Example:
|
35
|
+
# "organizations/\\{organization_id}/assets/\\{asset_id}".
|
36
|
+
# @!attribute [rw] security_center_properties
|
37
|
+
# @return [Google::Cloud::SecurityCenter::V1::Asset::SecurityCenterProperties]
|
38
|
+
# Cloud SCC managed properties. These properties are managed by
|
39
|
+
# Cloud SCC and cannot be modified by the user.
|
40
|
+
# @!attribute [rw] resource_properties
|
41
|
+
# @return [Google::Protobuf::Map{String => Google::Protobuf::Value}]
|
42
|
+
# Resource managed properties. These properties are managed and defined by
|
43
|
+
# the GCP resource and cannot be modified by the user.
|
44
|
+
# @!attribute [rw] security_marks
|
45
|
+
# @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
|
46
|
+
# User specified security marks. These marks are entirely managed by the user
|
47
|
+
# and come from the SecurityMarks resource that belongs to the asset.
|
48
|
+
# @!attribute [rw] create_time
|
49
|
+
# @return [Google::Protobuf::Timestamp]
|
50
|
+
# The time at which the asset was created in Cloud SCC.
|
51
|
+
# @!attribute [rw] update_time
|
52
|
+
# @return [Google::Protobuf::Timestamp]
|
53
|
+
# The time at which the asset was last updated, added, or deleted in Cloud
|
54
|
+
# SCC.
|
55
|
+
# @!attribute [rw] iam_policy
|
56
|
+
# @return [Google::Cloud::SecurityCenter::V1::Asset::IamPolicy]
|
57
|
+
# IAM Policy information associated with the GCP resource described by the
|
58
|
+
# Cloud SCC asset. This information is managed and defined by the GCP
|
59
|
+
# resource and cannot be modified by the user.
|
60
|
+
class Asset
|
61
|
+
include Google::Protobuf::MessageExts
|
62
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
63
|
+
|
64
|
+
# Cloud SCC managed properties. These properties are managed by Cloud SCC and
|
65
|
+
# cannot be modified by the user.
|
66
|
+
# @!attribute [rw] resource_name
|
67
|
+
# @return [String]
|
68
|
+
# The full resource name of the GCP resource this asset
|
69
|
+
# represents. This field is immutable after create time. See:
|
70
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
71
|
+
# @!attribute [rw] resource_type
|
72
|
+
# @return [String]
|
73
|
+
# The type of the GCP resource. Examples include: APPLICATION,
|
74
|
+
# PROJECT, and ORGANIZATION. This is a case insensitive field defined by
|
75
|
+
# Cloud SCC and/or the producer of the resource and is immutable
|
76
|
+
# after create time.
|
77
|
+
# @!attribute [rw] resource_parent
|
78
|
+
# @return [String]
|
79
|
+
# The full resource name of the immediate parent of the resource. See:
|
80
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
81
|
+
# @!attribute [rw] resource_project
|
82
|
+
# @return [String]
|
83
|
+
# The full resource name of the project the resource belongs to. See:
|
84
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
85
|
+
# @!attribute [rw] resource_owners
|
86
|
+
# @return [Array<String>]
|
87
|
+
# Owners of the Google Cloud resource.
|
88
|
+
# @!attribute [rw] resource_display_name
|
89
|
+
# @return [String]
|
90
|
+
# The user defined display name for this resource.
|
91
|
+
# @!attribute [rw] resource_parent_display_name
|
92
|
+
# @return [String]
|
93
|
+
# The user defined display name for the parent of this resource.
|
94
|
+
# @!attribute [rw] resource_project_display_name
|
95
|
+
# @return [String]
|
96
|
+
# The user defined display name for the project of this resource.
|
97
|
+
class SecurityCenterProperties
|
98
|
+
include Google::Protobuf::MessageExts
|
99
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
100
|
+
end
|
101
|
+
|
102
|
+
# IAM Policy information associated with the GCP resource described by the
|
103
|
+
# Cloud SCC asset. This information is managed and defined by the GCP
|
104
|
+
# resource and cannot be modified by the user.
|
105
|
+
# @!attribute [rw] policy_blob
|
106
|
+
# @return [String]
|
107
|
+
# The JSON representation of the Policy associated with the asset.
|
108
|
+
# See https://cloud.google.com/iam/reference/rest/v1/Policy for format
|
109
|
+
# details.
|
110
|
+
class IamPolicy
|
111
|
+
include Google::Protobuf::MessageExts
|
112
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
113
|
+
end
|
114
|
+
|
115
|
+
# @!attribute [rw] key
|
116
|
+
# @return [String]
|
117
|
+
# @!attribute [rw] value
|
118
|
+
# @return [Google::Protobuf::Value]
|
119
|
+
class ResourcePropertiesEntry
|
120
|
+
include Google::Protobuf::MessageExts
|
121
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
@@ -0,0 +1,113 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud Security Command Center (Cloud SCC) finding.
|
25
|
+
#
|
26
|
+
# A finding is a record of assessment data like security, risk, health, or
|
27
|
+
# privacy, that is ingested into Cloud SCC for presentation, notification,
|
28
|
+
# analysis, policy testing, and enforcement. For example, a
|
29
|
+
# cross-site scripting (XSS) vulnerability in an App Engine application is a
|
30
|
+
# finding.
|
31
|
+
# @!attribute [rw] name
|
32
|
+
# @return [String]
|
33
|
+
# The relative resource name of this finding. See:
|
34
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
35
|
+
# Example:
|
36
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}"
|
37
|
+
# @!attribute [rw] parent
|
38
|
+
# @return [String]
|
39
|
+
# The relative resource name of the source the finding belongs to. See:
|
40
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
41
|
+
# This field is immutable after creation time.
|
42
|
+
# For example:
|
43
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}"
|
44
|
+
# @!attribute [rw] resource_name
|
45
|
+
# @return [String]
|
46
|
+
# For findings on Google Cloud Platform (GCP) resources, the full resource
|
47
|
+
# name of the GCP resource this finding is for. See:
|
48
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
49
|
+
# When the finding is for a non-GCP resource, the resourceName can be a
|
50
|
+
# customer or partner defined string.
|
51
|
+
# This field is immutable after creation time.
|
52
|
+
# @!attribute [rw] state
|
53
|
+
# @return [Google::Cloud::SecurityCenter::V1::Finding::State]
|
54
|
+
# The state of the finding.
|
55
|
+
# @!attribute [rw] category
|
56
|
+
# @return [String]
|
57
|
+
# The additional taxonomy group within findings from a given source.
|
58
|
+
# This field is immutable after creation time.
|
59
|
+
# Example: "XSS_FLASH_INJECTION"
|
60
|
+
# @!attribute [rw] external_uri
|
61
|
+
# @return [String]
|
62
|
+
# The URI that, if available, points to a web page outside of Cloud SCC
|
63
|
+
# where additional information about the finding can be found. This field is
|
64
|
+
# guaranteed to be either empty or a well formed URL.
|
65
|
+
# @!attribute [rw] source_properties
|
66
|
+
# @return [Google::Protobuf::Map{String => Google::Protobuf::Value}]
|
67
|
+
# Source specific properties. These properties are managed by the source
|
68
|
+
# that writes the finding. The key names in the source_properties map must be
|
69
|
+
# between 1 and 255 characters, and must start with a letter and contain
|
70
|
+
# alphanumeric characters or underscores only.
|
71
|
+
# @!attribute [r] security_marks
|
72
|
+
# @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
|
73
|
+
# Output only. User specified security marks. These marks are entirely
|
74
|
+
# managed by the user and come from the SecurityMarks resource that belongs
|
75
|
+
# to the finding.
|
76
|
+
# @!attribute [rw] event_time
|
77
|
+
# @return [Google::Protobuf::Timestamp]
|
78
|
+
# The time at which the event took place. For example, if the finding
|
79
|
+
# represents an open firewall it would capture the time the detector believes
|
80
|
+
# the firewall became open. The accuracy is determined by the detector.
|
81
|
+
# @!attribute [rw] create_time
|
82
|
+
# @return [Google::Protobuf::Timestamp]
|
83
|
+
# The time at which the finding was created in Cloud SCC.
|
84
|
+
class Finding
|
85
|
+
include Google::Protobuf::MessageExts
|
86
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
87
|
+
|
88
|
+
# @!attribute [rw] key
|
89
|
+
# @return [String]
|
90
|
+
# @!attribute [rw] value
|
91
|
+
# @return [Google::Protobuf::Value]
|
92
|
+
class SourcePropertiesEntry
|
93
|
+
include Google::Protobuf::MessageExts
|
94
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
95
|
+
end
|
96
|
+
|
97
|
+
# The state of the finding.
|
98
|
+
module State
|
99
|
+
# Unspecified state.
|
100
|
+
STATE_UNSPECIFIED = 0
|
101
|
+
|
102
|
+
# The finding requires attention and has not been addressed yet.
|
103
|
+
ACTIVE = 1
|
104
|
+
|
105
|
+
# The finding has been fixed, triaged as a non-issue or otherwise addressed
|
106
|
+
# and is no longer active.
|
107
|
+
INACTIVE = 2
|
108
|
+
end
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
@@ -0,0 +1,85 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud Security Command Center (Cloud SCC) notification configs.
|
25
|
+
#
|
26
|
+
# A notification config is a Cloud SCC resource that contains the configuration
|
27
|
+
# to send notifications for create/update events of findings, assets and etc.
|
28
|
+
# @!attribute [rw] name
|
29
|
+
# @return [String]
|
30
|
+
# The relative resource name of this notification config. See:
|
31
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
32
|
+
# Example:
|
33
|
+
# "organizations/\\{organization_id}/notificationConfigs/notify_public_bucket".
|
34
|
+
# @!attribute [rw] description
|
35
|
+
# @return [String]
|
36
|
+
# The description of the notification config (max of 1024 characters).
|
37
|
+
# @!attribute [rw] pubsub_topic
|
38
|
+
# @return [String]
|
39
|
+
# The PubSub topic to send notifications to. Its format is
|
40
|
+
# "projects/[project_id]/topics/[topic]".
|
41
|
+
# @!attribute [r] service_account
|
42
|
+
# @return [String]
|
43
|
+
# Output only. The service account that needs "pubsub.topics.publish"
|
44
|
+
# permission to publish to the PubSub topic.
|
45
|
+
# @!attribute [rw] streaming_config
|
46
|
+
# @return [Google::Cloud::SecurityCenter::V1::NotificationConfig::StreamingConfig]
|
47
|
+
# The config for triggering streaming-based notifications.
|
48
|
+
class NotificationConfig
|
49
|
+
include Google::Protobuf::MessageExts
|
50
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
51
|
+
|
52
|
+
# The config for streaming-based notifications, which send each event as soon
|
53
|
+
# as it is detected.
|
54
|
+
# @!attribute [rw] filter
|
55
|
+
# @return [String]
|
56
|
+
# Expression that defines the filter to apply across create/update events
|
57
|
+
# of assets or findings as specified by the event type. The expression is a
|
58
|
+
# list of zero or more restrictions combined via logical operators `AND`
|
59
|
+
# and `OR`. Parentheses are supported, and `OR` has higher precedence than
|
60
|
+
# `AND`.
|
61
|
+
#
|
62
|
+
# Restrictions have the form `<field> <operator> <value>` and may have a
|
63
|
+
# `-` character in front of them to indicate negation. The fields map to
|
64
|
+
# those defined in the corresponding resource.
|
65
|
+
#
|
66
|
+
# The supported operators are:
|
67
|
+
#
|
68
|
+
# * `=` for all value types.
|
69
|
+
# * `>`, `<`, `>=`, `<=` for integer values.
|
70
|
+
# * `:`, meaning substring matching, for strings.
|
71
|
+
#
|
72
|
+
# The supported value types are:
|
73
|
+
#
|
74
|
+
# * string literals in quotes.
|
75
|
+
# * integer literals without quotes.
|
76
|
+
# * boolean literals `true` and `false` without quotes.
|
77
|
+
class StreamingConfig
|
78
|
+
include Google::Protobuf::MessageExts
|
79
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Cloud SCC's Notification
|
25
|
+
# @!attribute [rw] notification_config_name
|
26
|
+
# @return [String]
|
27
|
+
# Name of the notification config that generated current notification.
|
28
|
+
# @!attribute [rw] finding
|
29
|
+
# @return [Google::Cloud::SecurityCenter::V1::Finding]
|
30
|
+
# If it's a Finding based notification config, this field will be
|
31
|
+
# populated.
|
32
|
+
class NotificationMessage
|
33
|
+
include Google::Protobuf::MessageExts
|
34
|
+
extend Google::Protobuf::MessageExts::ClassMethods
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|