google-cloud-security_center-v1 0.12.0 → 0.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/google/cloud/security_center/v1/security_center/client.rb +537 -29
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +52 -0
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/security_center/v1.rb +2 -0
- data/lib/google/cloud/securitycenter/v1/access_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +32 -0
- data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +6 -1
- data/lib/google/cloud/securitycenter/v1/folder_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/iam_binding_pb.rb +30 -0
- data/lib/google/cloud/securitycenter/v1/indicator_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +78 -0
- data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/resource_pb.rb +2 -3
- data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +34 -3
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +14 -0
- data/lib/google/cloud/securitycenter/v1/source_pb.rb +0 -1
- data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +1 -1
- data/proto_docs/google/cloud/securitycenter/v1/bigquery_export.rb +92 -0
- data/proto_docs/google/cloud/securitycenter/v1/external_system.rb +2 -1
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +19 -4
- data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb +56 -0
- data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +201 -0
- data/proto_docs/google/cloud/securitycenter/v1/resource.rb +7 -7
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +129 -34
- data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +3 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
- data/proto_docs/google/iam/v1/options.rb +14 -4
- data/proto_docs/google/iam/v1/policy.rb +208 -38
- metadata +12 -12
@@ -99,8 +99,9 @@ module Google
|
|
99
99
|
# finding.
|
100
100
|
# @!attribute [rw] mute
|
101
101
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
|
102
|
-
# Indicates the mute state of a finding (either
|
103
|
-
# or undefined).
|
102
|
+
# Indicates the mute state of a finding (either muted, unmuted
|
103
|
+
# or undefined). Unlike other attributes of a finding, a finding provider
|
104
|
+
# shouldn't set the value of mute.
|
104
105
|
# @!attribute [rw] finding_class
|
105
106
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding::FindingClass]
|
106
107
|
# The class of the finding.
|
@@ -123,6 +124,10 @@ module Google
|
|
123
124
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
|
124
125
|
# Output only. Third party SIEM/SOAR fields within SCC, contains external system
|
125
126
|
# information and external system finding fields.
|
127
|
+
# @!attribute [rw] mitre_attack
|
128
|
+
# @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
|
129
|
+
# MITRE ATT&CK tactics and techniques related to this finding.
|
130
|
+
# See: https://attack.mitre.org
|
126
131
|
# @!attribute [rw] access
|
127
132
|
# @return [::Google::Cloud::SecurityCenter::V1::Access]
|
128
133
|
# Access details associated to the Finding, such as more information on the
|
@@ -131,7 +136,14 @@ module Google
|
|
131
136
|
# @return [::String]
|
132
137
|
# First known as mute_annotation. Records additional information about the
|
133
138
|
# mute operation e.g. mute config that muted the finding, user who muted the
|
134
|
-
# finding, etc.
|
139
|
+
# finding, etc. Unlike other attributes of a finding, a finding provider
|
140
|
+
# shouldn't set the value of mute.
|
141
|
+
# @!attribute [rw] iam_bindings
|
142
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
|
143
|
+
# Represents IAM bindings associated with the Finding.
|
144
|
+
# @!attribute [rw] next_steps
|
145
|
+
# @return [::String]
|
146
|
+
# Next steps associate to the finding.
|
135
147
|
class Finding
|
136
148
|
include ::Google::Protobuf::MessageExts
|
137
149
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -215,7 +227,7 @@ module Google
|
|
215
227
|
MEDIUM = 3
|
216
228
|
|
217
229
|
# Vulnerability:
|
218
|
-
# A low risk vulnerability hampers a security organization
|
230
|
+
# A low risk vulnerability hampers a security organization's ability to
|
219
231
|
# detect vulnerabilities or active threats in their deployment, or prevents
|
220
232
|
# the root cause investigation of security issues. An example is monitoring
|
221
233
|
# and logs being disabled for resource configurations and access.
|
@@ -259,6 +271,9 @@ module Google
|
|
259
271
|
|
260
272
|
# Describes a security observation that is for informational purposes.
|
261
273
|
OBSERVATION = 4
|
274
|
+
|
275
|
+
# Describes an error that prevents some SCC functionality.
|
276
|
+
SCC_ERROR = 5
|
262
277
|
end
|
263
278
|
end
|
264
279
|
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Represents a particular IAM binding, which captures a member's role addition,
|
25
|
+
# removal, or state.
|
26
|
+
# @!attribute [rw] action
|
27
|
+
# @return [::Google::Cloud::SecurityCenter::V1::IamBinding::Action]
|
28
|
+
# The action that was performed on a Binding.
|
29
|
+
# @!attribute [rw] role
|
30
|
+
# @return [::String]
|
31
|
+
# Role that is assigned to "members".
|
32
|
+
# For example, "roles/viewer", "roles/editor", or "roles/owner".
|
33
|
+
# @!attribute [rw] member
|
34
|
+
# @return [::String]
|
35
|
+
# A single identity requesting access for a Cloud Platform resource,
|
36
|
+
# e.g. "foo@google.com".
|
37
|
+
class IamBinding
|
38
|
+
include ::Google::Protobuf::MessageExts
|
39
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
40
|
+
|
41
|
+
# The type of action performed on a Binding in a policy.
|
42
|
+
module Action
|
43
|
+
# Unspecified.
|
44
|
+
ACTION_UNSPECIFIED = 0
|
45
|
+
|
46
|
+
# Addition of a Binding.
|
47
|
+
ADD = 1
|
48
|
+
|
49
|
+
# Removal of a Binding.
|
50
|
+
REMOVE = 2
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,201 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# MITRE ATT&CK tactics and techniques related to this finding.
|
25
|
+
# See: https://attack.mitre.org
|
26
|
+
# @!attribute [rw] primary_tactic
|
27
|
+
# @return [::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic]
|
28
|
+
# The MITRE ATT&CK tactic most closely represented by this finding, if any.
|
29
|
+
# @!attribute [rw] primary_techniques
|
30
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
|
31
|
+
# The MITRE ATT&CK technique most closely represented by this finding, if
|
32
|
+
# any. primary_techniques is a repeated field because there are multiple
|
33
|
+
# levels of MITRE ATT&CK techniques. If the technique most closely
|
34
|
+
# represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
|
35
|
+
# both the sub-technique and its parent technique(s) will be listed (e.g.
|
36
|
+
# `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
|
37
|
+
# @!attribute [rw] additional_tactics
|
38
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic>]
|
39
|
+
# Additional MITRE ATT&CK tactics related to this finding, if any.
|
40
|
+
# @!attribute [rw] additional_techniques
|
41
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
|
42
|
+
# Additional MITRE ATT&CK techniques related to this finding, if any, along
|
43
|
+
# with any of their respective parent techniques.
|
44
|
+
# @!attribute [rw] version
|
45
|
+
# @return [::String]
|
46
|
+
# The MITRE ATT&CK version referenced by the above fields. E.g. "8".
|
47
|
+
class MitreAttack
|
48
|
+
include ::Google::Protobuf::MessageExts
|
49
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
50
|
+
|
51
|
+
# MITRE ATT&CK tactics that can be referenced by SCC findings.
|
52
|
+
# See: https://attack.mitre.org/tactics/enterprise/
|
53
|
+
module Tactic
|
54
|
+
# Unspecified value.
|
55
|
+
TACTIC_UNSPECIFIED = 0
|
56
|
+
|
57
|
+
# TA0043
|
58
|
+
RECONNAISSANCE = 1
|
59
|
+
|
60
|
+
# TA0042
|
61
|
+
RESOURCE_DEVELOPMENT = 2
|
62
|
+
|
63
|
+
# TA0001
|
64
|
+
INITIAL_ACCESS = 5
|
65
|
+
|
66
|
+
# TA0002
|
67
|
+
EXECUTION = 3
|
68
|
+
|
69
|
+
# TA0003
|
70
|
+
PERSISTENCE = 6
|
71
|
+
|
72
|
+
# TA0004
|
73
|
+
PRIVILEGE_ESCALATION = 8
|
74
|
+
|
75
|
+
# TA0005
|
76
|
+
DEFENSE_EVASION = 7
|
77
|
+
|
78
|
+
# TA0006
|
79
|
+
CREDENTIAL_ACCESS = 9
|
80
|
+
|
81
|
+
# TA0007
|
82
|
+
DISCOVERY = 10
|
83
|
+
|
84
|
+
# TA0008
|
85
|
+
LATERAL_MOVEMENT = 11
|
86
|
+
|
87
|
+
# TA0009
|
88
|
+
COLLECTION = 12
|
89
|
+
|
90
|
+
# TA0011
|
91
|
+
COMMAND_AND_CONTROL = 4
|
92
|
+
|
93
|
+
# TA0010
|
94
|
+
EXFILTRATION = 13
|
95
|
+
|
96
|
+
# TA0040
|
97
|
+
IMPACT = 14
|
98
|
+
end
|
99
|
+
|
100
|
+
# MITRE ATT&CK techniques that can be referenced by SCC findings.
|
101
|
+
# See: https://attack.mitre.org/techniques/enterprise/
|
102
|
+
# Next ID: 31
|
103
|
+
module Technique
|
104
|
+
# Unspecified value.
|
105
|
+
TECHNIQUE_UNSPECIFIED = 0
|
106
|
+
|
107
|
+
# T1595
|
108
|
+
ACTIVE_SCANNING = 1
|
109
|
+
|
110
|
+
# T1595.001
|
111
|
+
SCANNING_IP_BLOCKS = 2
|
112
|
+
|
113
|
+
# T1105
|
114
|
+
INGRESS_TOOL_TRANSFER = 3
|
115
|
+
|
116
|
+
# T1106
|
117
|
+
NATIVE_API = 4
|
118
|
+
|
119
|
+
# T1129
|
120
|
+
SHARED_MODULES = 5
|
121
|
+
|
122
|
+
# T1059
|
123
|
+
COMMAND_AND_SCRIPTING_INTERPRETER = 6
|
124
|
+
|
125
|
+
# T1059.004
|
126
|
+
UNIX_SHELL = 7
|
127
|
+
|
128
|
+
# T1496
|
129
|
+
RESOURCE_HIJACKING = 8
|
130
|
+
|
131
|
+
# T1090
|
132
|
+
PROXY = 9
|
133
|
+
|
134
|
+
# T1090.002
|
135
|
+
EXTERNAL_PROXY = 10
|
136
|
+
|
137
|
+
# T1090.003
|
138
|
+
MULTI_HOP_PROXY = 11
|
139
|
+
|
140
|
+
# T1568
|
141
|
+
DYNAMIC_RESOLUTION = 12
|
142
|
+
|
143
|
+
# T1552
|
144
|
+
UNSECURED_CREDENTIALS = 13
|
145
|
+
|
146
|
+
# T1078
|
147
|
+
VALID_ACCOUNTS = 14
|
148
|
+
|
149
|
+
# T1078.003
|
150
|
+
LOCAL_ACCOUNTS = 15
|
151
|
+
|
152
|
+
# T1078.004
|
153
|
+
CLOUD_ACCOUNTS = 16
|
154
|
+
|
155
|
+
# T1498
|
156
|
+
NETWORK_DENIAL_OF_SERVICE = 17
|
157
|
+
|
158
|
+
# T1069
|
159
|
+
PERMISSION_GROUPS_DISCOVERY = 18
|
160
|
+
|
161
|
+
# T1069.003
|
162
|
+
CLOUD_GROUPS = 19
|
163
|
+
|
164
|
+
# T1567
|
165
|
+
EXFILTRATION_OVER_WEB_SERVICE = 20
|
166
|
+
|
167
|
+
# T1567.002
|
168
|
+
EXFILTRATION_TO_CLOUD_STORAGE = 21
|
169
|
+
|
170
|
+
# T1098
|
171
|
+
ACCOUNT_MANIPULATION = 22
|
172
|
+
|
173
|
+
# T1098.004
|
174
|
+
SSH_AUTHORIZED_KEYS = 23
|
175
|
+
|
176
|
+
# T1543
|
177
|
+
CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
|
178
|
+
|
179
|
+
# T1539
|
180
|
+
STEAL_WEB_SESSION_COOKIE = 25
|
181
|
+
|
182
|
+
# T1578
|
183
|
+
MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
|
184
|
+
|
185
|
+
# T1190
|
186
|
+
EXPLOIT_PUBLIC_FACING_APPLICATION = 27
|
187
|
+
|
188
|
+
# T1556
|
189
|
+
MODIFY_AUTHENTICATION_PROCESS = 28
|
190
|
+
|
191
|
+
# T1485
|
192
|
+
DATA_DESTRUCTION = 29
|
193
|
+
|
194
|
+
# T1484
|
195
|
+
DOMAIN_POLICY_MODIFICATION = 30
|
196
|
+
end
|
197
|
+
end
|
198
|
+
end
|
199
|
+
end
|
200
|
+
end
|
201
|
+
end
|
@@ -26,29 +26,29 @@ module Google
|
|
26
26
|
# @return [::String]
|
27
27
|
# The full resource name of the resource. See:
|
28
28
|
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
29
|
+
# @!attribute [rw] display_name
|
30
|
+
# @return [::String]
|
31
|
+
# The human readable name of the resource.
|
32
|
+
# @!attribute [rw] type
|
33
|
+
# @return [::String]
|
34
|
+
# The full resource type of the resource.
|
29
35
|
# @!attribute [rw] project
|
30
36
|
# @return [::String]
|
31
37
|
# The full resource name of project that the resource belongs to.
|
32
38
|
# @!attribute [rw] project_display_name
|
33
39
|
# @return [::String]
|
34
|
-
# The
|
40
|
+
# The project ID that the resource belongs to.
|
35
41
|
# @!attribute [rw] parent
|
36
42
|
# @return [::String]
|
37
43
|
# The full resource name of resource's parent.
|
38
44
|
# @!attribute [rw] parent_display_name
|
39
45
|
# @return [::String]
|
40
46
|
# The human readable name of resource's parent.
|
41
|
-
# @!attribute [rw] type
|
42
|
-
# @return [::String]
|
43
|
-
# The full resource type of the resource.
|
44
47
|
# @!attribute [r] folders
|
45
48
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
|
46
49
|
# Output only. Contains a Folder message for each folder in the assets ancestry.
|
47
50
|
# The first folder is the deepest nested folder, and the last folder is the
|
48
51
|
# folder directly under the Organization.
|
49
|
-
# @!attribute [rw] display_name
|
50
|
-
# @return [::String]
|
51
|
-
# The human readable name of the resource.
|
52
52
|
class Resource
|
53
53
|
include ::Google::Protobuf::MessageExts
|
54
54
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -29,8 +29,8 @@ module Google
|
|
29
29
|
# 2. Once a bulk operation is started, there is no way to stop it.
|
30
30
|
# @!attribute [rw] parent
|
31
31
|
# @return [::String]
|
32
|
-
# Required. The parent, at which bulk action needs to be applied. Its format
|
33
|
-
# "organizations/[organization_id]", "folders/[folder_id]",
|
32
|
+
# Required. The parent, at which bulk action needs to be applied. Its format
|
33
|
+
# is "organizations/[organization_id]", "folders/[folder_id]",
|
34
34
|
# "projects/[project_id]".
|
35
35
|
# @!attribute [rw] filter
|
36
36
|
# @return [::String]
|
@@ -81,8 +81,8 @@ module Google
|
|
81
81
|
# greater than 0 characters in length.
|
82
82
|
# @!attribute [rw] finding
|
83
83
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
84
|
-
# Required. The Finding being created. The name and security_marks will be
|
85
|
-
# they are both output only fields on this resource.
|
84
|
+
# Required. The Finding being created. The name and security_marks will be
|
85
|
+
# ignored as they are both output only fields on this resource.
|
86
86
|
class CreateFindingRequest
|
87
87
|
include ::Google::Protobuf::MessageExts
|
88
88
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -111,8 +111,8 @@ module Google
|
|
111
111
|
# Request message for creating a notification config.
|
112
112
|
# @!attribute [rw] parent
|
113
113
|
# @return [::String]
|
114
|
-
# Required. Resource name of the new notification config's parent. Its format
|
115
|
-
# "organizations/[organization_id]".
|
114
|
+
# Required. Resource name of the new notification config's parent. Its format
|
115
|
+
# is "organizations/[organization_id]".
|
116
116
|
# @!attribute [rw] config_id
|
117
117
|
# @return [::String]
|
118
118
|
# Required.
|
@@ -121,8 +121,9 @@ module Google
|
|
121
121
|
# characters, underscores or hyphens only.
|
122
122
|
# @!attribute [rw] notification_config
|
123
123
|
# @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
|
124
|
-
# Required. The notification config being created. The name and the service
|
125
|
-
# will be ignored as they are both output only fields on this
|
124
|
+
# Required. The notification config being created. The name and the service
|
125
|
+
# account will be ignored as they are both output only fields on this
|
126
|
+
# resource.
|
126
127
|
class CreateNotificationConfigRequest
|
127
128
|
include ::Google::Protobuf::MessageExts
|
128
129
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -135,8 +136,8 @@ module Google
|
|
135
136
|
# "organizations/[organization_id]".
|
136
137
|
# @!attribute [rw] source
|
137
138
|
# @return [::Google::Cloud::SecurityCenter::V1::Source]
|
138
|
-
# Required. The Source being created, only the display_name and description
|
139
|
-
# used. All other fields will be ignored.
|
139
|
+
# Required. The Source being created, only the display_name and description
|
140
|
+
# will be used. All other fields will be ignored.
|
140
141
|
class CreateSourceRequest
|
141
142
|
include ::Google::Protobuf::MessageExts
|
142
143
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -164,6 +165,18 @@ module Google
|
|
164
165
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
165
166
|
end
|
166
167
|
|
168
|
+
# Request message for retrieving a big query export.
|
169
|
+
# @!attribute [rw] name
|
170
|
+
# @return [::String]
|
171
|
+
# Required. Name of the big query export to retrieve. Its format is
|
172
|
+
# organizations/\\{organization}/bigQueryExports/\\{export_id},
|
173
|
+
# folders/\\{folder}/bigQueryExports/\\{export_id}, or
|
174
|
+
# projects/\\{project}/bigQueryExports/\\{export_id}
|
175
|
+
class GetBigQueryExportRequest
|
176
|
+
include ::Google::Protobuf::MessageExts
|
177
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
178
|
+
end
|
179
|
+
|
167
180
|
# Request message for retrieving a mute config.
|
168
181
|
# @!attribute [rw] name
|
169
182
|
# @return [::String]
|
@@ -189,8 +202,8 @@ module Google
|
|
189
202
|
# Request message for getting organization settings.
|
190
203
|
# @!attribute [rw] name
|
191
204
|
# @return [::String]
|
192
|
-
# Required. Name of the organization to get organization settings for. Its
|
193
|
-
# "organizations/[organization_id]/organizationSettings".
|
205
|
+
# Required. Name of the organization to get organization settings for. Its
|
206
|
+
# format is "organizations/[organization_id]/organizationSettings".
|
194
207
|
class GetOrganizationSettingsRequest
|
195
208
|
include ::Google::Protobuf::MessageExts
|
196
209
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -278,9 +291,9 @@ module Google
|
|
278
291
|
# property not existing: `-resource_properties.my_property : ""`
|
279
292
|
# @!attribute [rw] group_by
|
280
293
|
# @return [::String]
|
281
|
-
# Required. Expression that defines what assets fields to use for grouping.
|
282
|
-
# value should follow SQL syntax: comma separated list of fields.
|
283
|
-
# example:
|
294
|
+
# Required. Expression that defines what assets fields to use for grouping.
|
295
|
+
# The string value should follow SQL syntax: comma separated list of fields.
|
296
|
+
# For example:
|
284
297
|
# "security_center_properties.resource_project,security_center_properties.project".
|
285
298
|
#
|
286
299
|
# The following fields are supported when compare_duration is not set:
|
@@ -439,9 +452,9 @@ module Google
|
|
439
452
|
# * resource.type: `=`, `:`
|
440
453
|
# @!attribute [rw] group_by
|
441
454
|
# @return [::String]
|
442
|
-
# Required. Expression that defines what assets fields to use for grouping
|
443
|
-
# `state_change`). The string value should follow SQL syntax:
|
444
|
-
# list of fields. For example: "parent,resource_name".
|
455
|
+
# Required. Expression that defines what assets fields to use for grouping
|
456
|
+
# (including `state_change`). The string value should follow SQL syntax:
|
457
|
+
# comma separated list of fields. For example: "parent,resource_name".
|
445
458
|
#
|
446
459
|
# The following fields are supported:
|
447
460
|
#
|
@@ -554,8 +567,8 @@ module Google
|
|
554
567
|
# folder or project.
|
555
568
|
# @!attribute [rw] parent
|
556
569
|
# @return [::String]
|
557
|
-
# Required. The parent, which owns the collection of mute configs. Its format
|
558
|
-
# "organizations/[organization_id]", "folders/[folder_id]",
|
570
|
+
# Required. The parent, which owns the collection of mute configs. Its format
|
571
|
+
# is "organizations/[organization_id]", "folders/[folder_id]",
|
559
572
|
# "projects/[project_id]".
|
560
573
|
# @!attribute [rw] page_size
|
561
574
|
# @return [::Integer]
|
@@ -623,8 +636,8 @@ module Google
|
|
623
636
|
# Request message for listing sources.
|
624
637
|
# @!attribute [rw] parent
|
625
638
|
# @return [::String]
|
626
|
-
# Required. Resource name of the parent of sources to list. Its format should
|
627
|
-
# "organizations/[organization_id], folders/[folder_id], or
|
639
|
+
# Required. Resource name of the parent of sources to list. Its format should
|
640
|
+
# be "organizations/[organization_id], folders/[folder_id], or
|
628
641
|
# projects/[project_id]".
|
629
642
|
# @!attribute [rw] page_token
|
630
643
|
# @return [::String]
|
@@ -1035,29 +1048,29 @@ module Google
|
|
1035
1048
|
# @return [::String]
|
1036
1049
|
# The full resource name of the resource. See:
|
1037
1050
|
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
1051
|
+
# @!attribute [rw] display_name
|
1052
|
+
# @return [::String]
|
1053
|
+
# The human readable name of the resource.
|
1054
|
+
# @!attribute [rw] type
|
1055
|
+
# @return [::String]
|
1056
|
+
# The full resource type of the resource.
|
1038
1057
|
# @!attribute [rw] project_name
|
1039
1058
|
# @return [::String]
|
1040
1059
|
# The full resource name of project that the resource belongs to.
|
1041
1060
|
# @!attribute [rw] project_display_name
|
1042
1061
|
# @return [::String]
|
1043
|
-
# The
|
1062
|
+
# The project ID that the resource belongs to.
|
1044
1063
|
# @!attribute [rw] parent_name
|
1045
1064
|
# @return [::String]
|
1046
1065
|
# The full resource name of resource's parent.
|
1047
1066
|
# @!attribute [rw] parent_display_name
|
1048
1067
|
# @return [::String]
|
1049
1068
|
# The human readable name of resource's parent.
|
1050
|
-
# @!attribute [rw] type
|
1051
|
-
# @return [::String]
|
1052
|
-
# The full resource type of the resource.
|
1053
1069
|
# @!attribute [rw] folders
|
1054
1070
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
|
1055
1071
|
# Contains a Folder message for each folder in the assets ancestry.
|
1056
1072
|
# The first folder is the deepest nested folder, and the last folder is
|
1057
1073
|
# the folder directly under the Organization.
|
1058
|
-
# @!attribute [rw] display_name
|
1059
|
-
# @return [::String]
|
1060
|
-
# The human readable name of the resource.
|
1061
1074
|
class Resource
|
1062
1075
|
include ::Google::Protobuf::MessageExts
|
1063
1076
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1131,8 +1144,8 @@ module Google
|
|
1131
1144
|
# Request message for running asset discovery for an organization.
|
1132
1145
|
# @!attribute [rw] parent
|
1133
1146
|
# @return [::String]
|
1134
|
-
# Required. Name of the organization to run asset discovery for. Its format
|
1135
|
-
# "organizations/[organization_id]".
|
1147
|
+
# Required. Name of the organization to run asset discovery for. Its format
|
1148
|
+
# is "organizations/[organization_id]".
|
1136
1149
|
class RunAssetDiscoveryRequest
|
1137
1150
|
include ::Google::Protobuf::MessageExts
|
1138
1151
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1155,8 +1168,8 @@ module Google
|
|
1155
1168
|
# Request message for updating or creating a finding.
|
1156
1169
|
# @!attribute [rw] finding
|
1157
1170
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
1158
|
-
# Required. The finding resource to update or create if it does not already
|
1159
|
-
# parent, security_marks, and update_time will be ignored.
|
1171
|
+
# Required. The finding resource to update or create if it does not already
|
1172
|
+
# exist. parent, security_marks, and update_time will be ignored.
|
1160
1173
|
#
|
1161
1174
|
# In the case of creation, the finding id portion of the name must be
|
1162
1175
|
# alphanumeric and less than or equal to 32 characters and greater than 0
|
@@ -1246,11 +1259,93 @@ module Google
|
|
1246
1259
|
# The time at which the updated SecurityMarks take effect.
|
1247
1260
|
# If not set uses current server time. Updates will be applied to the
|
1248
1261
|
# SecurityMarks that are active immediately preceding this time. Must be
|
1249
|
-
#
|
1262
|
+
# earlier or equal to the server time.
|
1250
1263
|
class UpdateSecurityMarksRequest
|
1251
1264
|
include ::Google::Protobuf::MessageExts
|
1252
1265
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1253
1266
|
end
|
1267
|
+
|
1268
|
+
# Request message for creating a big query export.
|
1269
|
+
# @!attribute [rw] parent
|
1270
|
+
# @return [::String]
|
1271
|
+
# Required. Resource name of the new big query export's parent. Its format is
|
1272
|
+
# "organizations/[organization_id]", "folders/[folder_id]", or
|
1273
|
+
# "projects/[project_id]".
|
1274
|
+
# @!attribute [rw] big_query_export
|
1275
|
+
# @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
|
1276
|
+
# Required. The big query export being created.
|
1277
|
+
# @!attribute [rw] big_query_export_id
|
1278
|
+
# @return [::String]
|
1279
|
+
# Required. Unique identifier provided by the client within the parent scope.
|
1280
|
+
# It must consist of lower case letters, numbers, and hyphen, with the first
|
1281
|
+
# character a letter, the last a letter or a number, and a 63 character
|
1282
|
+
# maximum.
|
1283
|
+
class CreateBigQueryExportRequest
|
1284
|
+
include ::Google::Protobuf::MessageExts
|
1285
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1286
|
+
end
|
1287
|
+
|
1288
|
+
# Request message for updating a BigQuery export.
|
1289
|
+
# @!attribute [rw] big_query_export
|
1290
|
+
# @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
|
1291
|
+
# Required. The BigQuery export being updated.
|
1292
|
+
# @!attribute [rw] update_mask
|
1293
|
+
# @return [::Google::Protobuf::FieldMask]
|
1294
|
+
# The list of fields to be updated.
|
1295
|
+
# If empty all mutable fields will be updated.
|
1296
|
+
class UpdateBigQueryExportRequest
|
1297
|
+
include ::Google::Protobuf::MessageExts
|
1298
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1299
|
+
end
|
1300
|
+
|
1301
|
+
# Request message for listing BigQuery exports at a given scope e.g.
|
1302
|
+
# organization, folder or project.
|
1303
|
+
# @!attribute [rw] parent
|
1304
|
+
# @return [::String]
|
1305
|
+
# Required. The parent, which owns the collection of BigQuery exports. Its
|
1306
|
+
# format is "organizations/[organization_id]", "folders/[folder_id]",
|
1307
|
+
# "projects/[project_id]".
|
1308
|
+
# @!attribute [rw] page_size
|
1309
|
+
# @return [::Integer]
|
1310
|
+
# The maximum number of configs to return. The service may return fewer than
|
1311
|
+
# this value.
|
1312
|
+
# If unspecified, at most 10 configs will be returned.
|
1313
|
+
# The maximum value is 1000; values above 1000 will be coerced to 1000.
|
1314
|
+
# @!attribute [rw] page_token
|
1315
|
+
# @return [::String]
|
1316
|
+
# A page token, received from a previous `ListBigQueryExports` call.
|
1317
|
+
# Provide this to retrieve the subsequent page.
|
1318
|
+
# When paginating, all other parameters provided to `ListBigQueryExports`
|
1319
|
+
# must match the call that provided the page token.
|
1320
|
+
class ListBigQueryExportsRequest
|
1321
|
+
include ::Google::Protobuf::MessageExts
|
1322
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1323
|
+
end
|
1324
|
+
|
1325
|
+
# Response message for listing BigQuery exports.
|
1326
|
+
# @!attribute [rw] big_query_exports
|
1327
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::BigQueryExport>]
|
1328
|
+
# The BigQuery exports from the specified parent.
|
1329
|
+
# @!attribute [rw] next_page_token
|
1330
|
+
# @return [::String]
|
1331
|
+
# A token, which can be sent as `page_token` to retrieve the next page.
|
1332
|
+
# If this field is omitted, there are no subsequent pages.
|
1333
|
+
class ListBigQueryExportsResponse
|
1334
|
+
include ::Google::Protobuf::MessageExts
|
1335
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1336
|
+
end
|
1337
|
+
|
1338
|
+
# Request message for deleting a big query export.
|
1339
|
+
# @!attribute [rw] name
|
1340
|
+
# @return [::String]
|
1341
|
+
# Required. Name of the big query export to delete. Its format is
|
1342
|
+
# organizations/\\{organization}/bigQueryExports/\\{export_id},
|
1343
|
+
# folders/\\{folder}/bigQueryExports/\\{export_id}, or
|
1344
|
+
# projects/\\{project}/bigQueryExports/\\{export_id}
|
1345
|
+
class DeleteBigQueryExportRequest
|
1346
|
+
include ::Google::Protobuf::MessageExts
|
1347
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1348
|
+
end
|
1254
1349
|
end
|
1255
1350
|
end
|
1256
1351
|
end
|
@@ -44,6 +44,9 @@ module Google
|
|
44
44
|
# @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
|
45
45
|
# Describe Common Vulnerability Scoring System specified at
|
46
46
|
# https://www.first.org/cvss/v3.1/specification-document
|
47
|
+
# @!attribute [rw] upstream_fix_available
|
48
|
+
# @return [::Boolean]
|
49
|
+
# Whether upstream fix is available for the CVE.
|
47
50
|
class Cve
|
48
51
|
include ::Google::Protobuf::MessageExts
|
49
52
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -31,6 +31,13 @@ module Google
|
|
31
31
|
# the policy is limited to a few 10s of KB. An empty policy is a
|
32
32
|
# valid policy but certain Cloud Platform services (such as Projects)
|
33
33
|
# might reject them.
|
34
|
+
# @!attribute [rw] update_mask
|
35
|
+
# @return [::Google::Protobuf::FieldMask]
|
36
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
37
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
38
|
+
# following default mask is used:
|
39
|
+
#
|
40
|
+
# `paths: "bindings, etag"`
|
34
41
|
class SetIamPolicyRequest
|
35
42
|
include ::Google::Protobuf::MessageExts
|
36
43
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -44,7 +51,7 @@ module Google
|
|
44
51
|
# @!attribute [rw] options
|
45
52
|
# @return [::Google::Iam::V1::GetPolicyOptions]
|
46
53
|
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
47
|
-
# `GetIamPolicy`.
|
54
|
+
# `GetIamPolicy`.
|
48
55
|
class GetIamPolicyRequest
|
49
56
|
include ::Google::Protobuf::MessageExts
|
50
57
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|