google-cloud-security_center-v1 0.12.0 → 0.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/lib/google/cloud/security_center/v1/security_center/client.rb +537 -29
  3. data/lib/google/cloud/security_center/v1/security_center/paths.rb +52 -0
  4. data/lib/google/cloud/security_center/v1/version.rb +1 -1
  5. data/lib/google/cloud/security_center/v1.rb +2 -0
  6. data/lib/google/cloud/securitycenter/v1/access_pb.rb +0 -1
  7. data/lib/google/cloud/securitycenter/v1/asset_pb.rb +0 -1
  8. data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +32 -0
  9. data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +0 -1
  10. data/lib/google/cloud/securitycenter/v1/finding_pb.rb +6 -1
  11. data/lib/google/cloud/securitycenter/v1/folder_pb.rb +0 -1
  12. data/lib/google/cloud/securitycenter/v1/iam_binding_pb.rb +30 -0
  13. data/lib/google/cloud/securitycenter/v1/indicator_pb.rb +0 -1
  14. data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +78 -0
  15. data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +0 -1
  16. data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +0 -1
  17. data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +0 -1
  18. data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +0 -1
  19. data/lib/google/cloud/securitycenter/v1/resource_pb.rb +2 -3
  20. data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +0 -1
  21. data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +0 -1
  22. data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +34 -3
  23. data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +14 -0
  24. data/lib/google/cloud/securitycenter/v1/source_pb.rb +0 -1
  25. data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +1 -1
  26. data/proto_docs/google/cloud/securitycenter/v1/bigquery_export.rb +92 -0
  27. data/proto_docs/google/cloud/securitycenter/v1/external_system.rb +2 -1
  28. data/proto_docs/google/cloud/securitycenter/v1/finding.rb +19 -4
  29. data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb +56 -0
  30. data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +201 -0
  31. data/proto_docs/google/cloud/securitycenter/v1/resource.rb +7 -7
  32. data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +129 -34
  33. data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +3 -0
  34. data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
  35. data/proto_docs/google/iam/v1/options.rb +14 -4
  36. data/proto_docs/google/iam/v1/policy.rb +208 -38
  37. metadata +12 -12
@@ -99,8 +99,9 @@ module Google
99
99
  # finding.
100
100
  # @!attribute [rw] mute
101
101
  # @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
102
- # Indicates the mute state of a finding (either unspecified, muted, unmuted
103
- # or undefined).
102
+ # Indicates the mute state of a finding (either muted, unmuted
103
+ # or undefined). Unlike other attributes of a finding, a finding provider
104
+ # shouldn't set the value of mute.
104
105
  # @!attribute [rw] finding_class
105
106
  # @return [::Google::Cloud::SecurityCenter::V1::Finding::FindingClass]
106
107
  # The class of the finding.
@@ -123,6 +124,10 @@ module Google
123
124
  # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
124
125
  # Output only. Third party SIEM/SOAR fields within SCC, contains external system
125
126
  # information and external system finding fields.
127
+ # @!attribute [rw] mitre_attack
128
+ # @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
129
+ # MITRE ATT&CK tactics and techniques related to this finding.
130
+ # See: https://attack.mitre.org
126
131
  # @!attribute [rw] access
127
132
  # @return [::Google::Cloud::SecurityCenter::V1::Access]
128
133
  # Access details associated to the Finding, such as more information on the
@@ -131,7 +136,14 @@ module Google
131
136
  # @return [::String]
132
137
  # First known as mute_annotation. Records additional information about the
133
138
  # mute operation e.g. mute config that muted the finding, user who muted the
134
- # finding, etc.
139
+ # finding, etc. Unlike other attributes of a finding, a finding provider
140
+ # shouldn't set the value of mute.
141
+ # @!attribute [rw] iam_bindings
142
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
143
+ # Represents IAM bindings associated with the Finding.
144
+ # @!attribute [rw] next_steps
145
+ # @return [::String]
146
+ # Next steps associate to the finding.
135
147
  class Finding
136
148
  include ::Google::Protobuf::MessageExts
137
149
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -215,7 +227,7 @@ module Google
215
227
  MEDIUM = 3
216
228
 
217
229
  # Vulnerability:
218
- # A low risk vulnerability hampers a security organizations ability to
230
+ # A low risk vulnerability hampers a security organization's ability to
219
231
  # detect vulnerabilities or active threats in their deployment, or prevents
220
232
  # the root cause investigation of security issues. An example is monitoring
221
233
  # and logs being disabled for resource configurations and access.
@@ -259,6 +271,9 @@ module Google
259
271
 
260
272
  # Describes a security observation that is for informational purposes.
261
273
  OBSERVATION = 4
274
+
275
+ # Describes an error that prevents some SCC functionality.
276
+ SCC_ERROR = 5
262
277
  end
263
278
  end
264
279
  end
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module SecurityCenter
23
+ module V1
24
+ # Represents a particular IAM binding, which captures a member's role addition,
25
+ # removal, or state.
26
+ # @!attribute [rw] action
27
+ # @return [::Google::Cloud::SecurityCenter::V1::IamBinding::Action]
28
+ # The action that was performed on a Binding.
29
+ # @!attribute [rw] role
30
+ # @return [::String]
31
+ # Role that is assigned to "members".
32
+ # For example, "roles/viewer", "roles/editor", or "roles/owner".
33
+ # @!attribute [rw] member
34
+ # @return [::String]
35
+ # A single identity requesting access for a Cloud Platform resource,
36
+ # e.g. "foo@google.com".
37
+ class IamBinding
38
+ include ::Google::Protobuf::MessageExts
39
+ extend ::Google::Protobuf::MessageExts::ClassMethods
40
+
41
+ # The type of action performed on a Binding in a policy.
42
+ module Action
43
+ # Unspecified.
44
+ ACTION_UNSPECIFIED = 0
45
+
46
+ # Addition of a Binding.
47
+ ADD = 1
48
+
49
+ # Removal of a Binding.
50
+ REMOVE = 2
51
+ end
52
+ end
53
+ end
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,201 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module SecurityCenter
23
+ module V1
24
+ # MITRE ATT&CK tactics and techniques related to this finding.
25
+ # See: https://attack.mitre.org
26
+ # @!attribute [rw] primary_tactic
27
+ # @return [::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic]
28
+ # The MITRE ATT&CK tactic most closely represented by this finding, if any.
29
+ # @!attribute [rw] primary_techniques
30
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
31
+ # The MITRE ATT&CK technique most closely represented by this finding, if
32
+ # any. primary_techniques is a repeated field because there are multiple
33
+ # levels of MITRE ATT&CK techniques. If the technique most closely
34
+ # represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
35
+ # both the sub-technique and its parent technique(s) will be listed (e.g.
36
+ # `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
37
+ # @!attribute [rw] additional_tactics
38
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic>]
39
+ # Additional MITRE ATT&CK tactics related to this finding, if any.
40
+ # @!attribute [rw] additional_techniques
41
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
42
+ # Additional MITRE ATT&CK techniques related to this finding, if any, along
43
+ # with any of their respective parent techniques.
44
+ # @!attribute [rw] version
45
+ # @return [::String]
46
+ # The MITRE ATT&CK version referenced by the above fields. E.g. "8".
47
+ class MitreAttack
48
+ include ::Google::Protobuf::MessageExts
49
+ extend ::Google::Protobuf::MessageExts::ClassMethods
50
+
51
+ # MITRE ATT&CK tactics that can be referenced by SCC findings.
52
+ # See: https://attack.mitre.org/tactics/enterprise/
53
+ module Tactic
54
+ # Unspecified value.
55
+ TACTIC_UNSPECIFIED = 0
56
+
57
+ # TA0043
58
+ RECONNAISSANCE = 1
59
+
60
+ # TA0042
61
+ RESOURCE_DEVELOPMENT = 2
62
+
63
+ # TA0001
64
+ INITIAL_ACCESS = 5
65
+
66
+ # TA0002
67
+ EXECUTION = 3
68
+
69
+ # TA0003
70
+ PERSISTENCE = 6
71
+
72
+ # TA0004
73
+ PRIVILEGE_ESCALATION = 8
74
+
75
+ # TA0005
76
+ DEFENSE_EVASION = 7
77
+
78
+ # TA0006
79
+ CREDENTIAL_ACCESS = 9
80
+
81
+ # TA0007
82
+ DISCOVERY = 10
83
+
84
+ # TA0008
85
+ LATERAL_MOVEMENT = 11
86
+
87
+ # TA0009
88
+ COLLECTION = 12
89
+
90
+ # TA0011
91
+ COMMAND_AND_CONTROL = 4
92
+
93
+ # TA0010
94
+ EXFILTRATION = 13
95
+
96
+ # TA0040
97
+ IMPACT = 14
98
+ end
99
+
100
+ # MITRE ATT&CK techniques that can be referenced by SCC findings.
101
+ # See: https://attack.mitre.org/techniques/enterprise/
102
+ # Next ID: 31
103
+ module Technique
104
+ # Unspecified value.
105
+ TECHNIQUE_UNSPECIFIED = 0
106
+
107
+ # T1595
108
+ ACTIVE_SCANNING = 1
109
+
110
+ # T1595.001
111
+ SCANNING_IP_BLOCKS = 2
112
+
113
+ # T1105
114
+ INGRESS_TOOL_TRANSFER = 3
115
+
116
+ # T1106
117
+ NATIVE_API = 4
118
+
119
+ # T1129
120
+ SHARED_MODULES = 5
121
+
122
+ # T1059
123
+ COMMAND_AND_SCRIPTING_INTERPRETER = 6
124
+
125
+ # T1059.004
126
+ UNIX_SHELL = 7
127
+
128
+ # T1496
129
+ RESOURCE_HIJACKING = 8
130
+
131
+ # T1090
132
+ PROXY = 9
133
+
134
+ # T1090.002
135
+ EXTERNAL_PROXY = 10
136
+
137
+ # T1090.003
138
+ MULTI_HOP_PROXY = 11
139
+
140
+ # T1568
141
+ DYNAMIC_RESOLUTION = 12
142
+
143
+ # T1552
144
+ UNSECURED_CREDENTIALS = 13
145
+
146
+ # T1078
147
+ VALID_ACCOUNTS = 14
148
+
149
+ # T1078.003
150
+ LOCAL_ACCOUNTS = 15
151
+
152
+ # T1078.004
153
+ CLOUD_ACCOUNTS = 16
154
+
155
+ # T1498
156
+ NETWORK_DENIAL_OF_SERVICE = 17
157
+
158
+ # T1069
159
+ PERMISSION_GROUPS_DISCOVERY = 18
160
+
161
+ # T1069.003
162
+ CLOUD_GROUPS = 19
163
+
164
+ # T1567
165
+ EXFILTRATION_OVER_WEB_SERVICE = 20
166
+
167
+ # T1567.002
168
+ EXFILTRATION_TO_CLOUD_STORAGE = 21
169
+
170
+ # T1098
171
+ ACCOUNT_MANIPULATION = 22
172
+
173
+ # T1098.004
174
+ SSH_AUTHORIZED_KEYS = 23
175
+
176
+ # T1543
177
+ CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
178
+
179
+ # T1539
180
+ STEAL_WEB_SESSION_COOKIE = 25
181
+
182
+ # T1578
183
+ MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
184
+
185
+ # T1190
186
+ EXPLOIT_PUBLIC_FACING_APPLICATION = 27
187
+
188
+ # T1556
189
+ MODIFY_AUTHENTICATION_PROCESS = 28
190
+
191
+ # T1485
192
+ DATA_DESTRUCTION = 29
193
+
194
+ # T1484
195
+ DOMAIN_POLICY_MODIFICATION = 30
196
+ end
197
+ end
198
+ end
199
+ end
200
+ end
201
+ end
@@ -26,29 +26,29 @@ module Google
26
26
  # @return [::String]
27
27
  # The full resource name of the resource. See:
28
28
  # https://cloud.google.com/apis/design/resource_names#full_resource_name
29
+ # @!attribute [rw] display_name
30
+ # @return [::String]
31
+ # The human readable name of the resource.
32
+ # @!attribute [rw] type
33
+ # @return [::String]
34
+ # The full resource type of the resource.
29
35
  # @!attribute [rw] project
30
36
  # @return [::String]
31
37
  # The full resource name of project that the resource belongs to.
32
38
  # @!attribute [rw] project_display_name
33
39
  # @return [::String]
34
- # The human readable name of project that the resource belongs to.
40
+ # The project ID that the resource belongs to.
35
41
  # @!attribute [rw] parent
36
42
  # @return [::String]
37
43
  # The full resource name of resource's parent.
38
44
  # @!attribute [rw] parent_display_name
39
45
  # @return [::String]
40
46
  # The human readable name of resource's parent.
41
- # @!attribute [rw] type
42
- # @return [::String]
43
- # The full resource type of the resource.
44
47
  # @!attribute [r] folders
45
48
  # @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
46
49
  # Output only. Contains a Folder message for each folder in the assets ancestry.
47
50
  # The first folder is the deepest nested folder, and the last folder is the
48
51
  # folder directly under the Organization.
49
- # @!attribute [rw] display_name
50
- # @return [::String]
51
- # The human readable name of the resource.
52
52
  class Resource
53
53
  include ::Google::Protobuf::MessageExts
54
54
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -29,8 +29,8 @@ module Google
29
29
  # 2. Once a bulk operation is started, there is no way to stop it.
30
30
  # @!attribute [rw] parent
31
31
  # @return [::String]
32
- # Required. The parent, at which bulk action needs to be applied. Its format is
33
- # "organizations/[organization_id]", "folders/[folder_id]",
32
+ # Required. The parent, at which bulk action needs to be applied. Its format
33
+ # is "organizations/[organization_id]", "folders/[folder_id]",
34
34
  # "projects/[project_id]".
35
35
  # @!attribute [rw] filter
36
36
  # @return [::String]
@@ -81,8 +81,8 @@ module Google
81
81
  # greater than 0 characters in length.
82
82
  # @!attribute [rw] finding
83
83
  # @return [::Google::Cloud::SecurityCenter::V1::Finding]
84
- # Required. The Finding being created. The name and security_marks will be ignored as
85
- # they are both output only fields on this resource.
84
+ # Required. The Finding being created. The name and security_marks will be
85
+ # ignored as they are both output only fields on this resource.
86
86
  class CreateFindingRequest
87
87
  include ::Google::Protobuf::MessageExts
88
88
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -111,8 +111,8 @@ module Google
111
111
  # Request message for creating a notification config.
112
112
  # @!attribute [rw] parent
113
113
  # @return [::String]
114
- # Required. Resource name of the new notification config's parent. Its format is
115
- # "organizations/[organization_id]".
114
+ # Required. Resource name of the new notification config's parent. Its format
115
+ # is "organizations/[organization_id]".
116
116
  # @!attribute [rw] config_id
117
117
  # @return [::String]
118
118
  # Required.
@@ -121,8 +121,9 @@ module Google
121
121
  # characters, underscores or hyphens only.
122
122
  # @!attribute [rw] notification_config
123
123
  # @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
124
- # Required. The notification config being created. The name and the service account
125
- # will be ignored as they are both output only fields on this resource.
124
+ # Required. The notification config being created. The name and the service
125
+ # account will be ignored as they are both output only fields on this
126
+ # resource.
126
127
  class CreateNotificationConfigRequest
127
128
  include ::Google::Protobuf::MessageExts
128
129
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -135,8 +136,8 @@ module Google
135
136
  # "organizations/[organization_id]".
136
137
  # @!attribute [rw] source
137
138
  # @return [::Google::Cloud::SecurityCenter::V1::Source]
138
- # Required. The Source being created, only the display_name and description will be
139
- # used. All other fields will be ignored.
139
+ # Required. The Source being created, only the display_name and description
140
+ # will be used. All other fields will be ignored.
140
141
  class CreateSourceRequest
141
142
  include ::Google::Protobuf::MessageExts
142
143
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -164,6 +165,18 @@ module Google
164
165
  extend ::Google::Protobuf::MessageExts::ClassMethods
165
166
  end
166
167
 
168
+ # Request message for retrieving a big query export.
169
+ # @!attribute [rw] name
170
+ # @return [::String]
171
+ # Required. Name of the big query export to retrieve. Its format is
172
+ # organizations/\\{organization}/bigQueryExports/\\{export_id},
173
+ # folders/\\{folder}/bigQueryExports/\\{export_id}, or
174
+ # projects/\\{project}/bigQueryExports/\\{export_id}
175
+ class GetBigQueryExportRequest
176
+ include ::Google::Protobuf::MessageExts
177
+ extend ::Google::Protobuf::MessageExts::ClassMethods
178
+ end
179
+
167
180
  # Request message for retrieving a mute config.
168
181
  # @!attribute [rw] name
169
182
  # @return [::String]
@@ -189,8 +202,8 @@ module Google
189
202
  # Request message for getting organization settings.
190
203
  # @!attribute [rw] name
191
204
  # @return [::String]
192
- # Required. Name of the organization to get organization settings for. Its format is
193
- # "organizations/[organization_id]/organizationSettings".
205
+ # Required. Name of the organization to get organization settings for. Its
206
+ # format is "organizations/[organization_id]/organizationSettings".
194
207
  class GetOrganizationSettingsRequest
195
208
  include ::Google::Protobuf::MessageExts
196
209
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -278,9 +291,9 @@ module Google
278
291
  # property not existing: `-resource_properties.my_property : ""`
279
292
  # @!attribute [rw] group_by
280
293
  # @return [::String]
281
- # Required. Expression that defines what assets fields to use for grouping. The string
282
- # value should follow SQL syntax: comma separated list of fields. For
283
- # example:
294
+ # Required. Expression that defines what assets fields to use for grouping.
295
+ # The string value should follow SQL syntax: comma separated list of fields.
296
+ # For example:
284
297
  # "security_center_properties.resource_project,security_center_properties.project".
285
298
  #
286
299
  # The following fields are supported when compare_duration is not set:
@@ -439,9 +452,9 @@ module Google
439
452
  # * resource.type: `=`, `:`
440
453
  # @!attribute [rw] group_by
441
454
  # @return [::String]
442
- # Required. Expression that defines what assets fields to use for grouping (including
443
- # `state_change`). The string value should follow SQL syntax: comma separated
444
- # list of fields. For example: "parent,resource_name".
455
+ # Required. Expression that defines what assets fields to use for grouping
456
+ # (including `state_change`). The string value should follow SQL syntax:
457
+ # comma separated list of fields. For example: "parent,resource_name".
445
458
  #
446
459
  # The following fields are supported:
447
460
  #
@@ -554,8 +567,8 @@ module Google
554
567
  # folder or project.
555
568
  # @!attribute [rw] parent
556
569
  # @return [::String]
557
- # Required. The parent, which owns the collection of mute configs. Its format is
558
- # "organizations/[organization_id]", "folders/[folder_id]",
570
+ # Required. The parent, which owns the collection of mute configs. Its format
571
+ # is "organizations/[organization_id]", "folders/[folder_id]",
559
572
  # "projects/[project_id]".
560
573
  # @!attribute [rw] page_size
561
574
  # @return [::Integer]
@@ -623,8 +636,8 @@ module Google
623
636
  # Request message for listing sources.
624
637
  # @!attribute [rw] parent
625
638
  # @return [::String]
626
- # Required. Resource name of the parent of sources to list. Its format should be
627
- # "organizations/[organization_id], folders/[folder_id], or
639
+ # Required. Resource name of the parent of sources to list. Its format should
640
+ # be "organizations/[organization_id], folders/[folder_id], or
628
641
  # projects/[project_id]".
629
642
  # @!attribute [rw] page_token
630
643
  # @return [::String]
@@ -1035,29 +1048,29 @@ module Google
1035
1048
  # @return [::String]
1036
1049
  # The full resource name of the resource. See:
1037
1050
  # https://cloud.google.com/apis/design/resource_names#full_resource_name
1051
+ # @!attribute [rw] display_name
1052
+ # @return [::String]
1053
+ # The human readable name of the resource.
1054
+ # @!attribute [rw] type
1055
+ # @return [::String]
1056
+ # The full resource type of the resource.
1038
1057
  # @!attribute [rw] project_name
1039
1058
  # @return [::String]
1040
1059
  # The full resource name of project that the resource belongs to.
1041
1060
  # @!attribute [rw] project_display_name
1042
1061
  # @return [::String]
1043
- # The human readable name of project that the resource belongs to.
1062
+ # The project ID that the resource belongs to.
1044
1063
  # @!attribute [rw] parent_name
1045
1064
  # @return [::String]
1046
1065
  # The full resource name of resource's parent.
1047
1066
  # @!attribute [rw] parent_display_name
1048
1067
  # @return [::String]
1049
1068
  # The human readable name of resource's parent.
1050
- # @!attribute [rw] type
1051
- # @return [::String]
1052
- # The full resource type of the resource.
1053
1069
  # @!attribute [rw] folders
1054
1070
  # @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
1055
1071
  # Contains a Folder message for each folder in the assets ancestry.
1056
1072
  # The first folder is the deepest nested folder, and the last folder is
1057
1073
  # the folder directly under the Organization.
1058
- # @!attribute [rw] display_name
1059
- # @return [::String]
1060
- # The human readable name of the resource.
1061
1074
  class Resource
1062
1075
  include ::Google::Protobuf::MessageExts
1063
1076
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1131,8 +1144,8 @@ module Google
1131
1144
  # Request message for running asset discovery for an organization.
1132
1145
  # @!attribute [rw] parent
1133
1146
  # @return [::String]
1134
- # Required. Name of the organization to run asset discovery for. Its format is
1135
- # "organizations/[organization_id]".
1147
+ # Required. Name of the organization to run asset discovery for. Its format
1148
+ # is "organizations/[organization_id]".
1136
1149
  class RunAssetDiscoveryRequest
1137
1150
  include ::Google::Protobuf::MessageExts
1138
1151
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1155,8 +1168,8 @@ module Google
1155
1168
  # Request message for updating or creating a finding.
1156
1169
  # @!attribute [rw] finding
1157
1170
  # @return [::Google::Cloud::SecurityCenter::V1::Finding]
1158
- # Required. The finding resource to update or create if it does not already exist.
1159
- # parent, security_marks, and update_time will be ignored.
1171
+ # Required. The finding resource to update or create if it does not already
1172
+ # exist. parent, security_marks, and update_time will be ignored.
1160
1173
  #
1161
1174
  # In the case of creation, the finding id portion of the name must be
1162
1175
  # alphanumeric and less than or equal to 32 characters and greater than 0
@@ -1246,11 +1259,93 @@ module Google
1246
1259
  # The time at which the updated SecurityMarks take effect.
1247
1260
  # If not set uses current server time. Updates will be applied to the
1248
1261
  # SecurityMarks that are active immediately preceding this time. Must be
1249
- # smaller or equal to the server time.
1262
+ # earlier or equal to the server time.
1250
1263
  class UpdateSecurityMarksRequest
1251
1264
  include ::Google::Protobuf::MessageExts
1252
1265
  extend ::Google::Protobuf::MessageExts::ClassMethods
1253
1266
  end
1267
+
1268
+ # Request message for creating a big query export.
1269
+ # @!attribute [rw] parent
1270
+ # @return [::String]
1271
+ # Required. Resource name of the new big query export's parent. Its format is
1272
+ # "organizations/[organization_id]", "folders/[folder_id]", or
1273
+ # "projects/[project_id]".
1274
+ # @!attribute [rw] big_query_export
1275
+ # @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
1276
+ # Required. The big query export being created.
1277
+ # @!attribute [rw] big_query_export_id
1278
+ # @return [::String]
1279
+ # Required. Unique identifier provided by the client within the parent scope.
1280
+ # It must consist of lower case letters, numbers, and hyphen, with the first
1281
+ # character a letter, the last a letter or a number, and a 63 character
1282
+ # maximum.
1283
+ class CreateBigQueryExportRequest
1284
+ include ::Google::Protobuf::MessageExts
1285
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1286
+ end
1287
+
1288
+ # Request message for updating a BigQuery export.
1289
+ # @!attribute [rw] big_query_export
1290
+ # @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
1291
+ # Required. The BigQuery export being updated.
1292
+ # @!attribute [rw] update_mask
1293
+ # @return [::Google::Protobuf::FieldMask]
1294
+ # The list of fields to be updated.
1295
+ # If empty all mutable fields will be updated.
1296
+ class UpdateBigQueryExportRequest
1297
+ include ::Google::Protobuf::MessageExts
1298
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1299
+ end
1300
+
1301
+ # Request message for listing BigQuery exports at a given scope e.g.
1302
+ # organization, folder or project.
1303
+ # @!attribute [rw] parent
1304
+ # @return [::String]
1305
+ # Required. The parent, which owns the collection of BigQuery exports. Its
1306
+ # format is "organizations/[organization_id]", "folders/[folder_id]",
1307
+ # "projects/[project_id]".
1308
+ # @!attribute [rw] page_size
1309
+ # @return [::Integer]
1310
+ # The maximum number of configs to return. The service may return fewer than
1311
+ # this value.
1312
+ # If unspecified, at most 10 configs will be returned.
1313
+ # The maximum value is 1000; values above 1000 will be coerced to 1000.
1314
+ # @!attribute [rw] page_token
1315
+ # @return [::String]
1316
+ # A page token, received from a previous `ListBigQueryExports` call.
1317
+ # Provide this to retrieve the subsequent page.
1318
+ # When paginating, all other parameters provided to `ListBigQueryExports`
1319
+ # must match the call that provided the page token.
1320
+ class ListBigQueryExportsRequest
1321
+ include ::Google::Protobuf::MessageExts
1322
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1323
+ end
1324
+
1325
+ # Response message for listing BigQuery exports.
1326
+ # @!attribute [rw] big_query_exports
1327
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::BigQueryExport>]
1328
+ # The BigQuery exports from the specified parent.
1329
+ # @!attribute [rw] next_page_token
1330
+ # @return [::String]
1331
+ # A token, which can be sent as `page_token` to retrieve the next page.
1332
+ # If this field is omitted, there are no subsequent pages.
1333
+ class ListBigQueryExportsResponse
1334
+ include ::Google::Protobuf::MessageExts
1335
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1336
+ end
1337
+
1338
+ # Request message for deleting a big query export.
1339
+ # @!attribute [rw] name
1340
+ # @return [::String]
1341
+ # Required. Name of the big query export to delete. Its format is
1342
+ # organizations/\\{organization}/bigQueryExports/\\{export_id},
1343
+ # folders/\\{folder}/bigQueryExports/\\{export_id}, or
1344
+ # projects/\\{project}/bigQueryExports/\\{export_id}
1345
+ class DeleteBigQueryExportRequest
1346
+ include ::Google::Protobuf::MessageExts
1347
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1348
+ end
1254
1349
  end
1255
1350
  end
1256
1351
  end
@@ -44,6 +44,9 @@ module Google
44
44
  # @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
45
45
  # Describe Common Vulnerability Scoring System specified at
46
46
  # https://www.first.org/cvss/v3.1/specification-document
47
+ # @!attribute [rw] upstream_fix_available
48
+ # @return [::Boolean]
49
+ # Whether upstream fix is available for the CVE.
47
50
  class Cve
48
51
  include ::Google::Protobuf::MessageExts
49
52
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -31,6 +31,13 @@ module Google
31
31
  # the policy is limited to a few 10s of KB. An empty policy is a
32
32
  # valid policy but certain Cloud Platform services (such as Projects)
33
33
  # might reject them.
34
+ # @!attribute [rw] update_mask
35
+ # @return [::Google::Protobuf::FieldMask]
36
+ # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
37
+ # the fields in the mask will be modified. If no mask is provided, the
38
+ # following default mask is used:
39
+ #
40
+ # `paths: "bindings, etag"`
34
41
  class SetIamPolicyRequest
35
42
  include ::Google::Protobuf::MessageExts
36
43
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -44,7 +51,7 @@ module Google
44
51
  # @!attribute [rw] options
45
52
  # @return [::Google::Iam::V1::GetPolicyOptions]
46
53
  # OPTIONAL: A `GetPolicyOptions` object for specifying options to
47
- # `GetIamPolicy`. This field is only used by Cloud IAM.
54
+ # `GetIamPolicy`.
48
55
  class GetIamPolicyRequest
49
56
  include ::Google::Protobuf::MessageExts
50
57
  extend ::Google::Protobuf::MessageExts::ClassMethods