google-cloud-security_center-v1 0.12.0 → 0.14.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/google/cloud/security_center/v1/security_center/client.rb +537 -29
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +52 -0
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/security_center/v1.rb +2 -0
- data/lib/google/cloud/securitycenter/v1/access_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +32 -0
- data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +6 -1
- data/lib/google/cloud/securitycenter/v1/folder_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/iam_binding_pb.rb +30 -0
- data/lib/google/cloud/securitycenter/v1/indicator_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +78 -0
- data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/resource_pb.rb +2 -3
- data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +34 -3
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +14 -0
- data/lib/google/cloud/securitycenter/v1/source_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +1 -1
- data/proto_docs/google/cloud/securitycenter/v1/bigquery_export.rb +92 -0
- data/proto_docs/google/cloud/securitycenter/v1/external_system.rb +2 -1
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +19 -4
- data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb +56 -0
- data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +201 -0
- data/proto_docs/google/cloud/securitycenter/v1/resource.rb +7 -7
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +129 -34
- data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +3 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
- data/proto_docs/google/iam/v1/options.rb +14 -4
- data/proto_docs/google/iam/v1/policy.rb +208 -38
- metadata +12 -12
@@ -99,8 +99,9 @@ module Google
|
|
99
99
|
# finding.
|
100
100
|
# @!attribute [rw] mute
|
101
101
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
|
102
|
-
# Indicates the mute state of a finding (either
|
103
|
-
# or undefined).
|
102
|
+
# Indicates the mute state of a finding (either muted, unmuted
|
103
|
+
# or undefined). Unlike other attributes of a finding, a finding provider
|
104
|
+
# shouldn't set the value of mute.
|
104
105
|
# @!attribute [rw] finding_class
|
105
106
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding::FindingClass]
|
106
107
|
# The class of the finding.
|
@@ -123,6 +124,10 @@ module Google
|
|
123
124
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
|
124
125
|
# Output only. Third party SIEM/SOAR fields within SCC, contains external system
|
125
126
|
# information and external system finding fields.
|
127
|
+
# @!attribute [rw] mitre_attack
|
128
|
+
# @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
|
129
|
+
# MITRE ATT&CK tactics and techniques related to this finding.
|
130
|
+
# See: https://attack.mitre.org
|
126
131
|
# @!attribute [rw] access
|
127
132
|
# @return [::Google::Cloud::SecurityCenter::V1::Access]
|
128
133
|
# Access details associated to the Finding, such as more information on the
|
@@ -131,7 +136,14 @@ module Google
|
|
131
136
|
# @return [::String]
|
132
137
|
# First known as mute_annotation. Records additional information about the
|
133
138
|
# mute operation e.g. mute config that muted the finding, user who muted the
|
134
|
-
# finding, etc.
|
139
|
+
# finding, etc. Unlike other attributes of a finding, a finding provider
|
140
|
+
# shouldn't set the value of mute.
|
141
|
+
# @!attribute [rw] iam_bindings
|
142
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
|
143
|
+
# Represents IAM bindings associated with the Finding.
|
144
|
+
# @!attribute [rw] next_steps
|
145
|
+
# @return [::String]
|
146
|
+
# Next steps associate to the finding.
|
135
147
|
class Finding
|
136
148
|
include ::Google::Protobuf::MessageExts
|
137
149
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -215,7 +227,7 @@ module Google
|
|
215
227
|
MEDIUM = 3
|
216
228
|
|
217
229
|
# Vulnerability:
|
218
|
-
# A low risk vulnerability hampers a security organization
|
230
|
+
# A low risk vulnerability hampers a security organization's ability to
|
219
231
|
# detect vulnerabilities or active threats in their deployment, or prevents
|
220
232
|
# the root cause investigation of security issues. An example is monitoring
|
221
233
|
# and logs being disabled for resource configurations and access.
|
@@ -259,6 +271,9 @@ module Google
|
|
259
271
|
|
260
272
|
# Describes a security observation that is for informational purposes.
|
261
273
|
OBSERVATION = 4
|
274
|
+
|
275
|
+
# Describes an error that prevents some SCC functionality.
|
276
|
+
SCC_ERROR = 5
|
262
277
|
end
|
263
278
|
end
|
264
279
|
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Represents a particular IAM binding, which captures a member's role addition,
|
25
|
+
# removal, or state.
|
26
|
+
# @!attribute [rw] action
|
27
|
+
# @return [::Google::Cloud::SecurityCenter::V1::IamBinding::Action]
|
28
|
+
# The action that was performed on a Binding.
|
29
|
+
# @!attribute [rw] role
|
30
|
+
# @return [::String]
|
31
|
+
# Role that is assigned to "members".
|
32
|
+
# For example, "roles/viewer", "roles/editor", or "roles/owner".
|
33
|
+
# @!attribute [rw] member
|
34
|
+
# @return [::String]
|
35
|
+
# A single identity requesting access for a Cloud Platform resource,
|
36
|
+
# e.g. "foo@google.com".
|
37
|
+
class IamBinding
|
38
|
+
include ::Google::Protobuf::MessageExts
|
39
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
40
|
+
|
41
|
+
# The type of action performed on a Binding in a policy.
|
42
|
+
module Action
|
43
|
+
# Unspecified.
|
44
|
+
ACTION_UNSPECIFIED = 0
|
45
|
+
|
46
|
+
# Addition of a Binding.
|
47
|
+
ADD = 1
|
48
|
+
|
49
|
+
# Removal of a Binding.
|
50
|
+
REMOVE = 2
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,201 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# MITRE ATT&CK tactics and techniques related to this finding.
|
25
|
+
# See: https://attack.mitre.org
|
26
|
+
# @!attribute [rw] primary_tactic
|
27
|
+
# @return [::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic]
|
28
|
+
# The MITRE ATT&CK tactic most closely represented by this finding, if any.
|
29
|
+
# @!attribute [rw] primary_techniques
|
30
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
|
31
|
+
# The MITRE ATT&CK technique most closely represented by this finding, if
|
32
|
+
# any. primary_techniques is a repeated field because there are multiple
|
33
|
+
# levels of MITRE ATT&CK techniques. If the technique most closely
|
34
|
+
# represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
|
35
|
+
# both the sub-technique and its parent technique(s) will be listed (e.g.
|
36
|
+
# `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
|
37
|
+
# @!attribute [rw] additional_tactics
|
38
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic>]
|
39
|
+
# Additional MITRE ATT&CK tactics related to this finding, if any.
|
40
|
+
# @!attribute [rw] additional_techniques
|
41
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
|
42
|
+
# Additional MITRE ATT&CK techniques related to this finding, if any, along
|
43
|
+
# with any of their respective parent techniques.
|
44
|
+
# @!attribute [rw] version
|
45
|
+
# @return [::String]
|
46
|
+
# The MITRE ATT&CK version referenced by the above fields. E.g. "8".
|
47
|
+
class MitreAttack
|
48
|
+
include ::Google::Protobuf::MessageExts
|
49
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
50
|
+
|
51
|
+
# MITRE ATT&CK tactics that can be referenced by SCC findings.
|
52
|
+
# See: https://attack.mitre.org/tactics/enterprise/
|
53
|
+
module Tactic
|
54
|
+
# Unspecified value.
|
55
|
+
TACTIC_UNSPECIFIED = 0
|
56
|
+
|
57
|
+
# TA0043
|
58
|
+
RECONNAISSANCE = 1
|
59
|
+
|
60
|
+
# TA0042
|
61
|
+
RESOURCE_DEVELOPMENT = 2
|
62
|
+
|
63
|
+
# TA0001
|
64
|
+
INITIAL_ACCESS = 5
|
65
|
+
|
66
|
+
# TA0002
|
67
|
+
EXECUTION = 3
|
68
|
+
|
69
|
+
# TA0003
|
70
|
+
PERSISTENCE = 6
|
71
|
+
|
72
|
+
# TA0004
|
73
|
+
PRIVILEGE_ESCALATION = 8
|
74
|
+
|
75
|
+
# TA0005
|
76
|
+
DEFENSE_EVASION = 7
|
77
|
+
|
78
|
+
# TA0006
|
79
|
+
CREDENTIAL_ACCESS = 9
|
80
|
+
|
81
|
+
# TA0007
|
82
|
+
DISCOVERY = 10
|
83
|
+
|
84
|
+
# TA0008
|
85
|
+
LATERAL_MOVEMENT = 11
|
86
|
+
|
87
|
+
# TA0009
|
88
|
+
COLLECTION = 12
|
89
|
+
|
90
|
+
# TA0011
|
91
|
+
COMMAND_AND_CONTROL = 4
|
92
|
+
|
93
|
+
# TA0010
|
94
|
+
EXFILTRATION = 13
|
95
|
+
|
96
|
+
# TA0040
|
97
|
+
IMPACT = 14
|
98
|
+
end
|
99
|
+
|
100
|
+
# MITRE ATT&CK techniques that can be referenced by SCC findings.
|
101
|
+
# See: https://attack.mitre.org/techniques/enterprise/
|
102
|
+
# Next ID: 31
|
103
|
+
module Technique
|
104
|
+
# Unspecified value.
|
105
|
+
TECHNIQUE_UNSPECIFIED = 0
|
106
|
+
|
107
|
+
# T1595
|
108
|
+
ACTIVE_SCANNING = 1
|
109
|
+
|
110
|
+
# T1595.001
|
111
|
+
SCANNING_IP_BLOCKS = 2
|
112
|
+
|
113
|
+
# T1105
|
114
|
+
INGRESS_TOOL_TRANSFER = 3
|
115
|
+
|
116
|
+
# T1106
|
117
|
+
NATIVE_API = 4
|
118
|
+
|
119
|
+
# T1129
|
120
|
+
SHARED_MODULES = 5
|
121
|
+
|
122
|
+
# T1059
|
123
|
+
COMMAND_AND_SCRIPTING_INTERPRETER = 6
|
124
|
+
|
125
|
+
# T1059.004
|
126
|
+
UNIX_SHELL = 7
|
127
|
+
|
128
|
+
# T1496
|
129
|
+
RESOURCE_HIJACKING = 8
|
130
|
+
|
131
|
+
# T1090
|
132
|
+
PROXY = 9
|
133
|
+
|
134
|
+
# T1090.002
|
135
|
+
EXTERNAL_PROXY = 10
|
136
|
+
|
137
|
+
# T1090.003
|
138
|
+
MULTI_HOP_PROXY = 11
|
139
|
+
|
140
|
+
# T1568
|
141
|
+
DYNAMIC_RESOLUTION = 12
|
142
|
+
|
143
|
+
# T1552
|
144
|
+
UNSECURED_CREDENTIALS = 13
|
145
|
+
|
146
|
+
# T1078
|
147
|
+
VALID_ACCOUNTS = 14
|
148
|
+
|
149
|
+
# T1078.003
|
150
|
+
LOCAL_ACCOUNTS = 15
|
151
|
+
|
152
|
+
# T1078.004
|
153
|
+
CLOUD_ACCOUNTS = 16
|
154
|
+
|
155
|
+
# T1498
|
156
|
+
NETWORK_DENIAL_OF_SERVICE = 17
|
157
|
+
|
158
|
+
# T1069
|
159
|
+
PERMISSION_GROUPS_DISCOVERY = 18
|
160
|
+
|
161
|
+
# T1069.003
|
162
|
+
CLOUD_GROUPS = 19
|
163
|
+
|
164
|
+
# T1567
|
165
|
+
EXFILTRATION_OVER_WEB_SERVICE = 20
|
166
|
+
|
167
|
+
# T1567.002
|
168
|
+
EXFILTRATION_TO_CLOUD_STORAGE = 21
|
169
|
+
|
170
|
+
# T1098
|
171
|
+
ACCOUNT_MANIPULATION = 22
|
172
|
+
|
173
|
+
# T1098.004
|
174
|
+
SSH_AUTHORIZED_KEYS = 23
|
175
|
+
|
176
|
+
# T1543
|
177
|
+
CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
|
178
|
+
|
179
|
+
# T1539
|
180
|
+
STEAL_WEB_SESSION_COOKIE = 25
|
181
|
+
|
182
|
+
# T1578
|
183
|
+
MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
|
184
|
+
|
185
|
+
# T1190
|
186
|
+
EXPLOIT_PUBLIC_FACING_APPLICATION = 27
|
187
|
+
|
188
|
+
# T1556
|
189
|
+
MODIFY_AUTHENTICATION_PROCESS = 28
|
190
|
+
|
191
|
+
# T1485
|
192
|
+
DATA_DESTRUCTION = 29
|
193
|
+
|
194
|
+
# T1484
|
195
|
+
DOMAIN_POLICY_MODIFICATION = 30
|
196
|
+
end
|
197
|
+
end
|
198
|
+
end
|
199
|
+
end
|
200
|
+
end
|
201
|
+
end
|
@@ -26,29 +26,29 @@ module Google
|
|
26
26
|
# @return [::String]
|
27
27
|
# The full resource name of the resource. See:
|
28
28
|
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
29
|
+
# @!attribute [rw] display_name
|
30
|
+
# @return [::String]
|
31
|
+
# The human readable name of the resource.
|
32
|
+
# @!attribute [rw] type
|
33
|
+
# @return [::String]
|
34
|
+
# The full resource type of the resource.
|
29
35
|
# @!attribute [rw] project
|
30
36
|
# @return [::String]
|
31
37
|
# The full resource name of project that the resource belongs to.
|
32
38
|
# @!attribute [rw] project_display_name
|
33
39
|
# @return [::String]
|
34
|
-
# The
|
40
|
+
# The project ID that the resource belongs to.
|
35
41
|
# @!attribute [rw] parent
|
36
42
|
# @return [::String]
|
37
43
|
# The full resource name of resource's parent.
|
38
44
|
# @!attribute [rw] parent_display_name
|
39
45
|
# @return [::String]
|
40
46
|
# The human readable name of resource's parent.
|
41
|
-
# @!attribute [rw] type
|
42
|
-
# @return [::String]
|
43
|
-
# The full resource type of the resource.
|
44
47
|
# @!attribute [r] folders
|
45
48
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
|
46
49
|
# Output only. Contains a Folder message for each folder in the assets ancestry.
|
47
50
|
# The first folder is the deepest nested folder, and the last folder is the
|
48
51
|
# folder directly under the Organization.
|
49
|
-
# @!attribute [rw] display_name
|
50
|
-
# @return [::String]
|
51
|
-
# The human readable name of the resource.
|
52
52
|
class Resource
|
53
53
|
include ::Google::Protobuf::MessageExts
|
54
54
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -29,8 +29,8 @@ module Google
|
|
29
29
|
# 2. Once a bulk operation is started, there is no way to stop it.
|
30
30
|
# @!attribute [rw] parent
|
31
31
|
# @return [::String]
|
32
|
-
# Required. The parent, at which bulk action needs to be applied. Its format
|
33
|
-
# "organizations/[organization_id]", "folders/[folder_id]",
|
32
|
+
# Required. The parent, at which bulk action needs to be applied. Its format
|
33
|
+
# is "organizations/[organization_id]", "folders/[folder_id]",
|
34
34
|
# "projects/[project_id]".
|
35
35
|
# @!attribute [rw] filter
|
36
36
|
# @return [::String]
|
@@ -81,8 +81,8 @@ module Google
|
|
81
81
|
# greater than 0 characters in length.
|
82
82
|
# @!attribute [rw] finding
|
83
83
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
84
|
-
# Required. The Finding being created. The name and security_marks will be
|
85
|
-
# they are both output only fields on this resource.
|
84
|
+
# Required. The Finding being created. The name and security_marks will be
|
85
|
+
# ignored as they are both output only fields on this resource.
|
86
86
|
class CreateFindingRequest
|
87
87
|
include ::Google::Protobuf::MessageExts
|
88
88
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -111,8 +111,8 @@ module Google
|
|
111
111
|
# Request message for creating a notification config.
|
112
112
|
# @!attribute [rw] parent
|
113
113
|
# @return [::String]
|
114
|
-
# Required. Resource name of the new notification config's parent. Its format
|
115
|
-
# "organizations/[organization_id]".
|
114
|
+
# Required. Resource name of the new notification config's parent. Its format
|
115
|
+
# is "organizations/[organization_id]".
|
116
116
|
# @!attribute [rw] config_id
|
117
117
|
# @return [::String]
|
118
118
|
# Required.
|
@@ -121,8 +121,9 @@ module Google
|
|
121
121
|
# characters, underscores or hyphens only.
|
122
122
|
# @!attribute [rw] notification_config
|
123
123
|
# @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
|
124
|
-
# Required. The notification config being created. The name and the service
|
125
|
-
# will be ignored as they are both output only fields on this
|
124
|
+
# Required. The notification config being created. The name and the service
|
125
|
+
# account will be ignored as they are both output only fields on this
|
126
|
+
# resource.
|
126
127
|
class CreateNotificationConfigRequest
|
127
128
|
include ::Google::Protobuf::MessageExts
|
128
129
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -135,8 +136,8 @@ module Google
|
|
135
136
|
# "organizations/[organization_id]".
|
136
137
|
# @!attribute [rw] source
|
137
138
|
# @return [::Google::Cloud::SecurityCenter::V1::Source]
|
138
|
-
# Required. The Source being created, only the display_name and description
|
139
|
-
# used. All other fields will be ignored.
|
139
|
+
# Required. The Source being created, only the display_name and description
|
140
|
+
# will be used. All other fields will be ignored.
|
140
141
|
class CreateSourceRequest
|
141
142
|
include ::Google::Protobuf::MessageExts
|
142
143
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -164,6 +165,18 @@ module Google
|
|
164
165
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
165
166
|
end
|
166
167
|
|
168
|
+
# Request message for retrieving a big query export.
|
169
|
+
# @!attribute [rw] name
|
170
|
+
# @return [::String]
|
171
|
+
# Required. Name of the big query export to retrieve. Its format is
|
172
|
+
# organizations/\\{organization}/bigQueryExports/\\{export_id},
|
173
|
+
# folders/\\{folder}/bigQueryExports/\\{export_id}, or
|
174
|
+
# projects/\\{project}/bigQueryExports/\\{export_id}
|
175
|
+
class GetBigQueryExportRequest
|
176
|
+
include ::Google::Protobuf::MessageExts
|
177
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
178
|
+
end
|
179
|
+
|
167
180
|
# Request message for retrieving a mute config.
|
168
181
|
# @!attribute [rw] name
|
169
182
|
# @return [::String]
|
@@ -189,8 +202,8 @@ module Google
|
|
189
202
|
# Request message for getting organization settings.
|
190
203
|
# @!attribute [rw] name
|
191
204
|
# @return [::String]
|
192
|
-
# Required. Name of the organization to get organization settings for. Its
|
193
|
-
# "organizations/[organization_id]/organizationSettings".
|
205
|
+
# Required. Name of the organization to get organization settings for. Its
|
206
|
+
# format is "organizations/[organization_id]/organizationSettings".
|
194
207
|
class GetOrganizationSettingsRequest
|
195
208
|
include ::Google::Protobuf::MessageExts
|
196
209
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -278,9 +291,9 @@ module Google
|
|
278
291
|
# property not existing: `-resource_properties.my_property : ""`
|
279
292
|
# @!attribute [rw] group_by
|
280
293
|
# @return [::String]
|
281
|
-
# Required. Expression that defines what assets fields to use for grouping.
|
282
|
-
# value should follow SQL syntax: comma separated list of fields.
|
283
|
-
# example:
|
294
|
+
# Required. Expression that defines what assets fields to use for grouping.
|
295
|
+
# The string value should follow SQL syntax: comma separated list of fields.
|
296
|
+
# For example:
|
284
297
|
# "security_center_properties.resource_project,security_center_properties.project".
|
285
298
|
#
|
286
299
|
# The following fields are supported when compare_duration is not set:
|
@@ -439,9 +452,9 @@ module Google
|
|
439
452
|
# * resource.type: `=`, `:`
|
440
453
|
# @!attribute [rw] group_by
|
441
454
|
# @return [::String]
|
442
|
-
# Required. Expression that defines what assets fields to use for grouping
|
443
|
-
# `state_change`). The string value should follow SQL syntax:
|
444
|
-
# list of fields. For example: "parent,resource_name".
|
455
|
+
# Required. Expression that defines what assets fields to use for grouping
|
456
|
+
# (including `state_change`). The string value should follow SQL syntax:
|
457
|
+
# comma separated list of fields. For example: "parent,resource_name".
|
445
458
|
#
|
446
459
|
# The following fields are supported:
|
447
460
|
#
|
@@ -554,8 +567,8 @@ module Google
|
|
554
567
|
# folder or project.
|
555
568
|
# @!attribute [rw] parent
|
556
569
|
# @return [::String]
|
557
|
-
# Required. The parent, which owns the collection of mute configs. Its format
|
558
|
-
# "organizations/[organization_id]", "folders/[folder_id]",
|
570
|
+
# Required. The parent, which owns the collection of mute configs. Its format
|
571
|
+
# is "organizations/[organization_id]", "folders/[folder_id]",
|
559
572
|
# "projects/[project_id]".
|
560
573
|
# @!attribute [rw] page_size
|
561
574
|
# @return [::Integer]
|
@@ -623,8 +636,8 @@ module Google
|
|
623
636
|
# Request message for listing sources.
|
624
637
|
# @!attribute [rw] parent
|
625
638
|
# @return [::String]
|
626
|
-
# Required. Resource name of the parent of sources to list. Its format should
|
627
|
-
# "organizations/[organization_id], folders/[folder_id], or
|
639
|
+
# Required. Resource name of the parent of sources to list. Its format should
|
640
|
+
# be "organizations/[organization_id], folders/[folder_id], or
|
628
641
|
# projects/[project_id]".
|
629
642
|
# @!attribute [rw] page_token
|
630
643
|
# @return [::String]
|
@@ -1035,29 +1048,29 @@ module Google
|
|
1035
1048
|
# @return [::String]
|
1036
1049
|
# The full resource name of the resource. See:
|
1037
1050
|
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
1051
|
+
# @!attribute [rw] display_name
|
1052
|
+
# @return [::String]
|
1053
|
+
# The human readable name of the resource.
|
1054
|
+
# @!attribute [rw] type
|
1055
|
+
# @return [::String]
|
1056
|
+
# The full resource type of the resource.
|
1038
1057
|
# @!attribute [rw] project_name
|
1039
1058
|
# @return [::String]
|
1040
1059
|
# The full resource name of project that the resource belongs to.
|
1041
1060
|
# @!attribute [rw] project_display_name
|
1042
1061
|
# @return [::String]
|
1043
|
-
# The
|
1062
|
+
# The project ID that the resource belongs to.
|
1044
1063
|
# @!attribute [rw] parent_name
|
1045
1064
|
# @return [::String]
|
1046
1065
|
# The full resource name of resource's parent.
|
1047
1066
|
# @!attribute [rw] parent_display_name
|
1048
1067
|
# @return [::String]
|
1049
1068
|
# The human readable name of resource's parent.
|
1050
|
-
# @!attribute [rw] type
|
1051
|
-
# @return [::String]
|
1052
|
-
# The full resource type of the resource.
|
1053
1069
|
# @!attribute [rw] folders
|
1054
1070
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
|
1055
1071
|
# Contains a Folder message for each folder in the assets ancestry.
|
1056
1072
|
# The first folder is the deepest nested folder, and the last folder is
|
1057
1073
|
# the folder directly under the Organization.
|
1058
|
-
# @!attribute [rw] display_name
|
1059
|
-
# @return [::String]
|
1060
|
-
# The human readable name of the resource.
|
1061
1074
|
class Resource
|
1062
1075
|
include ::Google::Protobuf::MessageExts
|
1063
1076
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1131,8 +1144,8 @@ module Google
|
|
1131
1144
|
# Request message for running asset discovery for an organization.
|
1132
1145
|
# @!attribute [rw] parent
|
1133
1146
|
# @return [::String]
|
1134
|
-
# Required. Name of the organization to run asset discovery for. Its format
|
1135
|
-
# "organizations/[organization_id]".
|
1147
|
+
# Required. Name of the organization to run asset discovery for. Its format
|
1148
|
+
# is "organizations/[organization_id]".
|
1136
1149
|
class RunAssetDiscoveryRequest
|
1137
1150
|
include ::Google::Protobuf::MessageExts
|
1138
1151
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1155,8 +1168,8 @@ module Google
|
|
1155
1168
|
# Request message for updating or creating a finding.
|
1156
1169
|
# @!attribute [rw] finding
|
1157
1170
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
1158
|
-
# Required. The finding resource to update or create if it does not already
|
1159
|
-
# parent, security_marks, and update_time will be ignored.
|
1171
|
+
# Required. The finding resource to update or create if it does not already
|
1172
|
+
# exist. parent, security_marks, and update_time will be ignored.
|
1160
1173
|
#
|
1161
1174
|
# In the case of creation, the finding id portion of the name must be
|
1162
1175
|
# alphanumeric and less than or equal to 32 characters and greater than 0
|
@@ -1246,11 +1259,93 @@ module Google
|
|
1246
1259
|
# The time at which the updated SecurityMarks take effect.
|
1247
1260
|
# If not set uses current server time. Updates will be applied to the
|
1248
1261
|
# SecurityMarks that are active immediately preceding this time. Must be
|
1249
|
-
#
|
1262
|
+
# earlier or equal to the server time.
|
1250
1263
|
class UpdateSecurityMarksRequest
|
1251
1264
|
include ::Google::Protobuf::MessageExts
|
1252
1265
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1253
1266
|
end
|
1267
|
+
|
1268
|
+
# Request message for creating a big query export.
|
1269
|
+
# @!attribute [rw] parent
|
1270
|
+
# @return [::String]
|
1271
|
+
# Required. Resource name of the new big query export's parent. Its format is
|
1272
|
+
# "organizations/[organization_id]", "folders/[folder_id]", or
|
1273
|
+
# "projects/[project_id]".
|
1274
|
+
# @!attribute [rw] big_query_export
|
1275
|
+
# @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
|
1276
|
+
# Required. The big query export being created.
|
1277
|
+
# @!attribute [rw] big_query_export_id
|
1278
|
+
# @return [::String]
|
1279
|
+
# Required. Unique identifier provided by the client within the parent scope.
|
1280
|
+
# It must consist of lower case letters, numbers, and hyphen, with the first
|
1281
|
+
# character a letter, the last a letter or a number, and a 63 character
|
1282
|
+
# maximum.
|
1283
|
+
class CreateBigQueryExportRequest
|
1284
|
+
include ::Google::Protobuf::MessageExts
|
1285
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1286
|
+
end
|
1287
|
+
|
1288
|
+
# Request message for updating a BigQuery export.
|
1289
|
+
# @!attribute [rw] big_query_export
|
1290
|
+
# @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
|
1291
|
+
# Required. The BigQuery export being updated.
|
1292
|
+
# @!attribute [rw] update_mask
|
1293
|
+
# @return [::Google::Protobuf::FieldMask]
|
1294
|
+
# The list of fields to be updated.
|
1295
|
+
# If empty all mutable fields will be updated.
|
1296
|
+
class UpdateBigQueryExportRequest
|
1297
|
+
include ::Google::Protobuf::MessageExts
|
1298
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1299
|
+
end
|
1300
|
+
|
1301
|
+
# Request message for listing BigQuery exports at a given scope e.g.
|
1302
|
+
# organization, folder or project.
|
1303
|
+
# @!attribute [rw] parent
|
1304
|
+
# @return [::String]
|
1305
|
+
# Required. The parent, which owns the collection of BigQuery exports. Its
|
1306
|
+
# format is "organizations/[organization_id]", "folders/[folder_id]",
|
1307
|
+
# "projects/[project_id]".
|
1308
|
+
# @!attribute [rw] page_size
|
1309
|
+
# @return [::Integer]
|
1310
|
+
# The maximum number of configs to return. The service may return fewer than
|
1311
|
+
# this value.
|
1312
|
+
# If unspecified, at most 10 configs will be returned.
|
1313
|
+
# The maximum value is 1000; values above 1000 will be coerced to 1000.
|
1314
|
+
# @!attribute [rw] page_token
|
1315
|
+
# @return [::String]
|
1316
|
+
# A page token, received from a previous `ListBigQueryExports` call.
|
1317
|
+
# Provide this to retrieve the subsequent page.
|
1318
|
+
# When paginating, all other parameters provided to `ListBigQueryExports`
|
1319
|
+
# must match the call that provided the page token.
|
1320
|
+
class ListBigQueryExportsRequest
|
1321
|
+
include ::Google::Protobuf::MessageExts
|
1322
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1323
|
+
end
|
1324
|
+
|
1325
|
+
# Response message for listing BigQuery exports.
|
1326
|
+
# @!attribute [rw] big_query_exports
|
1327
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::BigQueryExport>]
|
1328
|
+
# The BigQuery exports from the specified parent.
|
1329
|
+
# @!attribute [rw] next_page_token
|
1330
|
+
# @return [::String]
|
1331
|
+
# A token, which can be sent as `page_token` to retrieve the next page.
|
1332
|
+
# If this field is omitted, there are no subsequent pages.
|
1333
|
+
class ListBigQueryExportsResponse
|
1334
|
+
include ::Google::Protobuf::MessageExts
|
1335
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1336
|
+
end
|
1337
|
+
|
1338
|
+
# Request message for deleting a big query export.
|
1339
|
+
# @!attribute [rw] name
|
1340
|
+
# @return [::String]
|
1341
|
+
# Required. Name of the big query export to delete. Its format is
|
1342
|
+
# organizations/\\{organization}/bigQueryExports/\\{export_id},
|
1343
|
+
# folders/\\{folder}/bigQueryExports/\\{export_id}, or
|
1344
|
+
# projects/\\{project}/bigQueryExports/\\{export_id}
|
1345
|
+
class DeleteBigQueryExportRequest
|
1346
|
+
include ::Google::Protobuf::MessageExts
|
1347
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1348
|
+
end
|
1254
1349
|
end
|
1255
1350
|
end
|
1256
1351
|
end
|
@@ -44,6 +44,9 @@ module Google
|
|
44
44
|
# @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
|
45
45
|
# Describe Common Vulnerability Scoring System specified at
|
46
46
|
# https://www.first.org/cvss/v3.1/specification-document
|
47
|
+
# @!attribute [rw] upstream_fix_available
|
48
|
+
# @return [::Boolean]
|
49
|
+
# Whether upstream fix is available for the CVE.
|
47
50
|
class Cve
|
48
51
|
include ::Google::Protobuf::MessageExts
|
49
52
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -31,6 +31,13 @@ module Google
|
|
31
31
|
# the policy is limited to a few 10s of KB. An empty policy is a
|
32
32
|
# valid policy but certain Cloud Platform services (such as Projects)
|
33
33
|
# might reject them.
|
34
|
+
# @!attribute [rw] update_mask
|
35
|
+
# @return [::Google::Protobuf::FieldMask]
|
36
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
37
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
38
|
+
# following default mask is used:
|
39
|
+
#
|
40
|
+
# `paths: "bindings, etag"`
|
34
41
|
class SetIamPolicyRequest
|
35
42
|
include ::Google::Protobuf::MessageExts
|
36
43
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -44,7 +51,7 @@ module Google
|
|
44
51
|
# @!attribute [rw] options
|
45
52
|
# @return [::Google::Iam::V1::GetPolicyOptions]
|
46
53
|
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
47
|
-
# `GetIamPolicy`.
|
54
|
+
# `GetIamPolicy`.
|
48
55
|
class GetIamPolicyRequest
|
49
56
|
include ::Google::Protobuf::MessageExts
|
50
57
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|