google-cloud-security_center-v1 0.12.0 → 0.14.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/lib/google/cloud/security_center/v1/security_center/client.rb +537 -29
  3. data/lib/google/cloud/security_center/v1/security_center/paths.rb +52 -0
  4. data/lib/google/cloud/security_center/v1/version.rb +1 -1
  5. data/lib/google/cloud/security_center/v1.rb +2 -0
  6. data/lib/google/cloud/securitycenter/v1/access_pb.rb +0 -1
  7. data/lib/google/cloud/securitycenter/v1/asset_pb.rb +0 -1
  8. data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +32 -0
  9. data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +0 -1
  10. data/lib/google/cloud/securitycenter/v1/finding_pb.rb +6 -1
  11. data/lib/google/cloud/securitycenter/v1/folder_pb.rb +0 -1
  12. data/lib/google/cloud/securitycenter/v1/iam_binding_pb.rb +30 -0
  13. data/lib/google/cloud/securitycenter/v1/indicator_pb.rb +0 -1
  14. data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +78 -0
  15. data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +0 -1
  16. data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +0 -1
  17. data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +0 -1
  18. data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +0 -1
  19. data/lib/google/cloud/securitycenter/v1/resource_pb.rb +2 -3
  20. data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +0 -1
  21. data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +0 -1
  22. data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +34 -3
  23. data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +14 -0
  24. data/lib/google/cloud/securitycenter/v1/source_pb.rb +0 -1
  25. data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +1 -1
  26. data/proto_docs/google/cloud/securitycenter/v1/bigquery_export.rb +92 -0
  27. data/proto_docs/google/cloud/securitycenter/v1/external_system.rb +2 -1
  28. data/proto_docs/google/cloud/securitycenter/v1/finding.rb +19 -4
  29. data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb +56 -0
  30. data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +201 -0
  31. data/proto_docs/google/cloud/securitycenter/v1/resource.rb +7 -7
  32. data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +129 -34
  33. data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +3 -0
  34. data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
  35. data/proto_docs/google/iam/v1/options.rb +14 -4
  36. data/proto_docs/google/iam/v1/policy.rb +208 -38
  37. metadata +12 -12
@@ -99,8 +99,9 @@ module Google
99
99
  # finding.
100
100
  # @!attribute [rw] mute
101
101
  # @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
102
- # Indicates the mute state of a finding (either unspecified, muted, unmuted
103
- # or undefined).
102
+ # Indicates the mute state of a finding (either muted, unmuted
103
+ # or undefined). Unlike other attributes of a finding, a finding provider
104
+ # shouldn't set the value of mute.
104
105
  # @!attribute [rw] finding_class
105
106
  # @return [::Google::Cloud::SecurityCenter::V1::Finding::FindingClass]
106
107
  # The class of the finding.
@@ -123,6 +124,10 @@ module Google
123
124
  # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
124
125
  # Output only. Third party SIEM/SOAR fields within SCC, contains external system
125
126
  # information and external system finding fields.
127
+ # @!attribute [rw] mitre_attack
128
+ # @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
129
+ # MITRE ATT&CK tactics and techniques related to this finding.
130
+ # See: https://attack.mitre.org
126
131
  # @!attribute [rw] access
127
132
  # @return [::Google::Cloud::SecurityCenter::V1::Access]
128
133
  # Access details associated to the Finding, such as more information on the
@@ -131,7 +136,14 @@ module Google
131
136
  # @return [::String]
132
137
  # First known as mute_annotation. Records additional information about the
133
138
  # mute operation e.g. mute config that muted the finding, user who muted the
134
- # finding, etc.
139
+ # finding, etc. Unlike other attributes of a finding, a finding provider
140
+ # shouldn't set the value of mute.
141
+ # @!attribute [rw] iam_bindings
142
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
143
+ # Represents IAM bindings associated with the Finding.
144
+ # @!attribute [rw] next_steps
145
+ # @return [::String]
146
+ # Next steps associate to the finding.
135
147
  class Finding
136
148
  include ::Google::Protobuf::MessageExts
137
149
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -215,7 +227,7 @@ module Google
215
227
  MEDIUM = 3
216
228
 
217
229
  # Vulnerability:
218
- # A low risk vulnerability hampers a security organizations ability to
230
+ # A low risk vulnerability hampers a security organization's ability to
219
231
  # detect vulnerabilities or active threats in their deployment, or prevents
220
232
  # the root cause investigation of security issues. An example is monitoring
221
233
  # and logs being disabled for resource configurations and access.
@@ -259,6 +271,9 @@ module Google
259
271
 
260
272
  # Describes a security observation that is for informational purposes.
261
273
  OBSERVATION = 4
274
+
275
+ # Describes an error that prevents some SCC functionality.
276
+ SCC_ERROR = 5
262
277
  end
263
278
  end
264
279
  end
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module SecurityCenter
23
+ module V1
24
+ # Represents a particular IAM binding, which captures a member's role addition,
25
+ # removal, or state.
26
+ # @!attribute [rw] action
27
+ # @return [::Google::Cloud::SecurityCenter::V1::IamBinding::Action]
28
+ # The action that was performed on a Binding.
29
+ # @!attribute [rw] role
30
+ # @return [::String]
31
+ # Role that is assigned to "members".
32
+ # For example, "roles/viewer", "roles/editor", or "roles/owner".
33
+ # @!attribute [rw] member
34
+ # @return [::String]
35
+ # A single identity requesting access for a Cloud Platform resource,
36
+ # e.g. "foo@google.com".
37
+ class IamBinding
38
+ include ::Google::Protobuf::MessageExts
39
+ extend ::Google::Protobuf::MessageExts::ClassMethods
40
+
41
+ # The type of action performed on a Binding in a policy.
42
+ module Action
43
+ # Unspecified.
44
+ ACTION_UNSPECIFIED = 0
45
+
46
+ # Addition of a Binding.
47
+ ADD = 1
48
+
49
+ # Removal of a Binding.
50
+ REMOVE = 2
51
+ end
52
+ end
53
+ end
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,201 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module SecurityCenter
23
+ module V1
24
+ # MITRE ATT&CK tactics and techniques related to this finding.
25
+ # See: https://attack.mitre.org
26
+ # @!attribute [rw] primary_tactic
27
+ # @return [::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic]
28
+ # The MITRE ATT&CK tactic most closely represented by this finding, if any.
29
+ # @!attribute [rw] primary_techniques
30
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
31
+ # The MITRE ATT&CK technique most closely represented by this finding, if
32
+ # any. primary_techniques is a repeated field because there are multiple
33
+ # levels of MITRE ATT&CK techniques. If the technique most closely
34
+ # represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
35
+ # both the sub-technique and its parent technique(s) will be listed (e.g.
36
+ # `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
37
+ # @!attribute [rw] additional_tactics
38
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic>]
39
+ # Additional MITRE ATT&CK tactics related to this finding, if any.
40
+ # @!attribute [rw] additional_techniques
41
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
42
+ # Additional MITRE ATT&CK techniques related to this finding, if any, along
43
+ # with any of their respective parent techniques.
44
+ # @!attribute [rw] version
45
+ # @return [::String]
46
+ # The MITRE ATT&CK version referenced by the above fields. E.g. "8".
47
+ class MitreAttack
48
+ include ::Google::Protobuf::MessageExts
49
+ extend ::Google::Protobuf::MessageExts::ClassMethods
50
+
51
+ # MITRE ATT&CK tactics that can be referenced by SCC findings.
52
+ # See: https://attack.mitre.org/tactics/enterprise/
53
+ module Tactic
54
+ # Unspecified value.
55
+ TACTIC_UNSPECIFIED = 0
56
+
57
+ # TA0043
58
+ RECONNAISSANCE = 1
59
+
60
+ # TA0042
61
+ RESOURCE_DEVELOPMENT = 2
62
+
63
+ # TA0001
64
+ INITIAL_ACCESS = 5
65
+
66
+ # TA0002
67
+ EXECUTION = 3
68
+
69
+ # TA0003
70
+ PERSISTENCE = 6
71
+
72
+ # TA0004
73
+ PRIVILEGE_ESCALATION = 8
74
+
75
+ # TA0005
76
+ DEFENSE_EVASION = 7
77
+
78
+ # TA0006
79
+ CREDENTIAL_ACCESS = 9
80
+
81
+ # TA0007
82
+ DISCOVERY = 10
83
+
84
+ # TA0008
85
+ LATERAL_MOVEMENT = 11
86
+
87
+ # TA0009
88
+ COLLECTION = 12
89
+
90
+ # TA0011
91
+ COMMAND_AND_CONTROL = 4
92
+
93
+ # TA0010
94
+ EXFILTRATION = 13
95
+
96
+ # TA0040
97
+ IMPACT = 14
98
+ end
99
+
100
+ # MITRE ATT&CK techniques that can be referenced by SCC findings.
101
+ # See: https://attack.mitre.org/techniques/enterprise/
102
+ # Next ID: 31
103
+ module Technique
104
+ # Unspecified value.
105
+ TECHNIQUE_UNSPECIFIED = 0
106
+
107
+ # T1595
108
+ ACTIVE_SCANNING = 1
109
+
110
+ # T1595.001
111
+ SCANNING_IP_BLOCKS = 2
112
+
113
+ # T1105
114
+ INGRESS_TOOL_TRANSFER = 3
115
+
116
+ # T1106
117
+ NATIVE_API = 4
118
+
119
+ # T1129
120
+ SHARED_MODULES = 5
121
+
122
+ # T1059
123
+ COMMAND_AND_SCRIPTING_INTERPRETER = 6
124
+
125
+ # T1059.004
126
+ UNIX_SHELL = 7
127
+
128
+ # T1496
129
+ RESOURCE_HIJACKING = 8
130
+
131
+ # T1090
132
+ PROXY = 9
133
+
134
+ # T1090.002
135
+ EXTERNAL_PROXY = 10
136
+
137
+ # T1090.003
138
+ MULTI_HOP_PROXY = 11
139
+
140
+ # T1568
141
+ DYNAMIC_RESOLUTION = 12
142
+
143
+ # T1552
144
+ UNSECURED_CREDENTIALS = 13
145
+
146
+ # T1078
147
+ VALID_ACCOUNTS = 14
148
+
149
+ # T1078.003
150
+ LOCAL_ACCOUNTS = 15
151
+
152
+ # T1078.004
153
+ CLOUD_ACCOUNTS = 16
154
+
155
+ # T1498
156
+ NETWORK_DENIAL_OF_SERVICE = 17
157
+
158
+ # T1069
159
+ PERMISSION_GROUPS_DISCOVERY = 18
160
+
161
+ # T1069.003
162
+ CLOUD_GROUPS = 19
163
+
164
+ # T1567
165
+ EXFILTRATION_OVER_WEB_SERVICE = 20
166
+
167
+ # T1567.002
168
+ EXFILTRATION_TO_CLOUD_STORAGE = 21
169
+
170
+ # T1098
171
+ ACCOUNT_MANIPULATION = 22
172
+
173
+ # T1098.004
174
+ SSH_AUTHORIZED_KEYS = 23
175
+
176
+ # T1543
177
+ CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
178
+
179
+ # T1539
180
+ STEAL_WEB_SESSION_COOKIE = 25
181
+
182
+ # T1578
183
+ MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
184
+
185
+ # T1190
186
+ EXPLOIT_PUBLIC_FACING_APPLICATION = 27
187
+
188
+ # T1556
189
+ MODIFY_AUTHENTICATION_PROCESS = 28
190
+
191
+ # T1485
192
+ DATA_DESTRUCTION = 29
193
+
194
+ # T1484
195
+ DOMAIN_POLICY_MODIFICATION = 30
196
+ end
197
+ end
198
+ end
199
+ end
200
+ end
201
+ end
@@ -26,29 +26,29 @@ module Google
26
26
  # @return [::String]
27
27
  # The full resource name of the resource. See:
28
28
  # https://cloud.google.com/apis/design/resource_names#full_resource_name
29
+ # @!attribute [rw] display_name
30
+ # @return [::String]
31
+ # The human readable name of the resource.
32
+ # @!attribute [rw] type
33
+ # @return [::String]
34
+ # The full resource type of the resource.
29
35
  # @!attribute [rw] project
30
36
  # @return [::String]
31
37
  # The full resource name of project that the resource belongs to.
32
38
  # @!attribute [rw] project_display_name
33
39
  # @return [::String]
34
- # The human readable name of project that the resource belongs to.
40
+ # The project ID that the resource belongs to.
35
41
  # @!attribute [rw] parent
36
42
  # @return [::String]
37
43
  # The full resource name of resource's parent.
38
44
  # @!attribute [rw] parent_display_name
39
45
  # @return [::String]
40
46
  # The human readable name of resource's parent.
41
- # @!attribute [rw] type
42
- # @return [::String]
43
- # The full resource type of the resource.
44
47
  # @!attribute [r] folders
45
48
  # @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
46
49
  # Output only. Contains a Folder message for each folder in the assets ancestry.
47
50
  # The first folder is the deepest nested folder, and the last folder is the
48
51
  # folder directly under the Organization.
49
- # @!attribute [rw] display_name
50
- # @return [::String]
51
- # The human readable name of the resource.
52
52
  class Resource
53
53
  include ::Google::Protobuf::MessageExts
54
54
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -29,8 +29,8 @@ module Google
29
29
  # 2. Once a bulk operation is started, there is no way to stop it.
30
30
  # @!attribute [rw] parent
31
31
  # @return [::String]
32
- # Required. The parent, at which bulk action needs to be applied. Its format is
33
- # "organizations/[organization_id]", "folders/[folder_id]",
32
+ # Required. The parent, at which bulk action needs to be applied. Its format
33
+ # is "organizations/[organization_id]", "folders/[folder_id]",
34
34
  # "projects/[project_id]".
35
35
  # @!attribute [rw] filter
36
36
  # @return [::String]
@@ -81,8 +81,8 @@ module Google
81
81
  # greater than 0 characters in length.
82
82
  # @!attribute [rw] finding
83
83
  # @return [::Google::Cloud::SecurityCenter::V1::Finding]
84
- # Required. The Finding being created. The name and security_marks will be ignored as
85
- # they are both output only fields on this resource.
84
+ # Required. The Finding being created. The name and security_marks will be
85
+ # ignored as they are both output only fields on this resource.
86
86
  class CreateFindingRequest
87
87
  include ::Google::Protobuf::MessageExts
88
88
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -111,8 +111,8 @@ module Google
111
111
  # Request message for creating a notification config.
112
112
  # @!attribute [rw] parent
113
113
  # @return [::String]
114
- # Required. Resource name of the new notification config's parent. Its format is
115
- # "organizations/[organization_id]".
114
+ # Required. Resource name of the new notification config's parent. Its format
115
+ # is "organizations/[organization_id]".
116
116
  # @!attribute [rw] config_id
117
117
  # @return [::String]
118
118
  # Required.
@@ -121,8 +121,9 @@ module Google
121
121
  # characters, underscores or hyphens only.
122
122
  # @!attribute [rw] notification_config
123
123
  # @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
124
- # Required. The notification config being created. The name and the service account
125
- # will be ignored as they are both output only fields on this resource.
124
+ # Required. The notification config being created. The name and the service
125
+ # account will be ignored as they are both output only fields on this
126
+ # resource.
126
127
  class CreateNotificationConfigRequest
127
128
  include ::Google::Protobuf::MessageExts
128
129
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -135,8 +136,8 @@ module Google
135
136
  # "organizations/[organization_id]".
136
137
  # @!attribute [rw] source
137
138
  # @return [::Google::Cloud::SecurityCenter::V1::Source]
138
- # Required. The Source being created, only the display_name and description will be
139
- # used. All other fields will be ignored.
139
+ # Required. The Source being created, only the display_name and description
140
+ # will be used. All other fields will be ignored.
140
141
  class CreateSourceRequest
141
142
  include ::Google::Protobuf::MessageExts
142
143
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -164,6 +165,18 @@ module Google
164
165
  extend ::Google::Protobuf::MessageExts::ClassMethods
165
166
  end
166
167
 
168
+ # Request message for retrieving a big query export.
169
+ # @!attribute [rw] name
170
+ # @return [::String]
171
+ # Required. Name of the big query export to retrieve. Its format is
172
+ # organizations/\\{organization}/bigQueryExports/\\{export_id},
173
+ # folders/\\{folder}/bigQueryExports/\\{export_id}, or
174
+ # projects/\\{project}/bigQueryExports/\\{export_id}
175
+ class GetBigQueryExportRequest
176
+ include ::Google::Protobuf::MessageExts
177
+ extend ::Google::Protobuf::MessageExts::ClassMethods
178
+ end
179
+
167
180
  # Request message for retrieving a mute config.
168
181
  # @!attribute [rw] name
169
182
  # @return [::String]
@@ -189,8 +202,8 @@ module Google
189
202
  # Request message for getting organization settings.
190
203
  # @!attribute [rw] name
191
204
  # @return [::String]
192
- # Required. Name of the organization to get organization settings for. Its format is
193
- # "organizations/[organization_id]/organizationSettings".
205
+ # Required. Name of the organization to get organization settings for. Its
206
+ # format is "organizations/[organization_id]/organizationSettings".
194
207
  class GetOrganizationSettingsRequest
195
208
  include ::Google::Protobuf::MessageExts
196
209
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -278,9 +291,9 @@ module Google
278
291
  # property not existing: `-resource_properties.my_property : ""`
279
292
  # @!attribute [rw] group_by
280
293
  # @return [::String]
281
- # Required. Expression that defines what assets fields to use for grouping. The string
282
- # value should follow SQL syntax: comma separated list of fields. For
283
- # example:
294
+ # Required. Expression that defines what assets fields to use for grouping.
295
+ # The string value should follow SQL syntax: comma separated list of fields.
296
+ # For example:
284
297
  # "security_center_properties.resource_project,security_center_properties.project".
285
298
  #
286
299
  # The following fields are supported when compare_duration is not set:
@@ -439,9 +452,9 @@ module Google
439
452
  # * resource.type: `=`, `:`
440
453
  # @!attribute [rw] group_by
441
454
  # @return [::String]
442
- # Required. Expression that defines what assets fields to use for grouping (including
443
- # `state_change`). The string value should follow SQL syntax: comma separated
444
- # list of fields. For example: "parent,resource_name".
455
+ # Required. Expression that defines what assets fields to use for grouping
456
+ # (including `state_change`). The string value should follow SQL syntax:
457
+ # comma separated list of fields. For example: "parent,resource_name".
445
458
  #
446
459
  # The following fields are supported:
447
460
  #
@@ -554,8 +567,8 @@ module Google
554
567
  # folder or project.
555
568
  # @!attribute [rw] parent
556
569
  # @return [::String]
557
- # Required. The parent, which owns the collection of mute configs. Its format is
558
- # "organizations/[organization_id]", "folders/[folder_id]",
570
+ # Required. The parent, which owns the collection of mute configs. Its format
571
+ # is "organizations/[organization_id]", "folders/[folder_id]",
559
572
  # "projects/[project_id]".
560
573
  # @!attribute [rw] page_size
561
574
  # @return [::Integer]
@@ -623,8 +636,8 @@ module Google
623
636
  # Request message for listing sources.
624
637
  # @!attribute [rw] parent
625
638
  # @return [::String]
626
- # Required. Resource name of the parent of sources to list. Its format should be
627
- # "organizations/[organization_id], folders/[folder_id], or
639
+ # Required. Resource name of the parent of sources to list. Its format should
640
+ # be "organizations/[organization_id], folders/[folder_id], or
628
641
  # projects/[project_id]".
629
642
  # @!attribute [rw] page_token
630
643
  # @return [::String]
@@ -1035,29 +1048,29 @@ module Google
1035
1048
  # @return [::String]
1036
1049
  # The full resource name of the resource. See:
1037
1050
  # https://cloud.google.com/apis/design/resource_names#full_resource_name
1051
+ # @!attribute [rw] display_name
1052
+ # @return [::String]
1053
+ # The human readable name of the resource.
1054
+ # @!attribute [rw] type
1055
+ # @return [::String]
1056
+ # The full resource type of the resource.
1038
1057
  # @!attribute [rw] project_name
1039
1058
  # @return [::String]
1040
1059
  # The full resource name of project that the resource belongs to.
1041
1060
  # @!attribute [rw] project_display_name
1042
1061
  # @return [::String]
1043
- # The human readable name of project that the resource belongs to.
1062
+ # The project ID that the resource belongs to.
1044
1063
  # @!attribute [rw] parent_name
1045
1064
  # @return [::String]
1046
1065
  # The full resource name of resource's parent.
1047
1066
  # @!attribute [rw] parent_display_name
1048
1067
  # @return [::String]
1049
1068
  # The human readable name of resource's parent.
1050
- # @!attribute [rw] type
1051
- # @return [::String]
1052
- # The full resource type of the resource.
1053
1069
  # @!attribute [rw] folders
1054
1070
  # @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
1055
1071
  # Contains a Folder message for each folder in the assets ancestry.
1056
1072
  # The first folder is the deepest nested folder, and the last folder is
1057
1073
  # the folder directly under the Organization.
1058
- # @!attribute [rw] display_name
1059
- # @return [::String]
1060
- # The human readable name of the resource.
1061
1074
  class Resource
1062
1075
  include ::Google::Protobuf::MessageExts
1063
1076
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1131,8 +1144,8 @@ module Google
1131
1144
  # Request message for running asset discovery for an organization.
1132
1145
  # @!attribute [rw] parent
1133
1146
  # @return [::String]
1134
- # Required. Name of the organization to run asset discovery for. Its format is
1135
- # "organizations/[organization_id]".
1147
+ # Required. Name of the organization to run asset discovery for. Its format
1148
+ # is "organizations/[organization_id]".
1136
1149
  class RunAssetDiscoveryRequest
1137
1150
  include ::Google::Protobuf::MessageExts
1138
1151
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1155,8 +1168,8 @@ module Google
1155
1168
  # Request message for updating or creating a finding.
1156
1169
  # @!attribute [rw] finding
1157
1170
  # @return [::Google::Cloud::SecurityCenter::V1::Finding]
1158
- # Required. The finding resource to update or create if it does not already exist.
1159
- # parent, security_marks, and update_time will be ignored.
1171
+ # Required. The finding resource to update or create if it does not already
1172
+ # exist. parent, security_marks, and update_time will be ignored.
1160
1173
  #
1161
1174
  # In the case of creation, the finding id portion of the name must be
1162
1175
  # alphanumeric and less than or equal to 32 characters and greater than 0
@@ -1246,11 +1259,93 @@ module Google
1246
1259
  # The time at which the updated SecurityMarks take effect.
1247
1260
  # If not set uses current server time. Updates will be applied to the
1248
1261
  # SecurityMarks that are active immediately preceding this time. Must be
1249
- # smaller or equal to the server time.
1262
+ # earlier or equal to the server time.
1250
1263
  class UpdateSecurityMarksRequest
1251
1264
  include ::Google::Protobuf::MessageExts
1252
1265
  extend ::Google::Protobuf::MessageExts::ClassMethods
1253
1266
  end
1267
+
1268
+ # Request message for creating a big query export.
1269
+ # @!attribute [rw] parent
1270
+ # @return [::String]
1271
+ # Required. Resource name of the new big query export's parent. Its format is
1272
+ # "organizations/[organization_id]", "folders/[folder_id]", or
1273
+ # "projects/[project_id]".
1274
+ # @!attribute [rw] big_query_export
1275
+ # @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
1276
+ # Required. The big query export being created.
1277
+ # @!attribute [rw] big_query_export_id
1278
+ # @return [::String]
1279
+ # Required. Unique identifier provided by the client within the parent scope.
1280
+ # It must consist of lower case letters, numbers, and hyphen, with the first
1281
+ # character a letter, the last a letter or a number, and a 63 character
1282
+ # maximum.
1283
+ class CreateBigQueryExportRequest
1284
+ include ::Google::Protobuf::MessageExts
1285
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1286
+ end
1287
+
1288
+ # Request message for updating a BigQuery export.
1289
+ # @!attribute [rw] big_query_export
1290
+ # @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
1291
+ # Required. The BigQuery export being updated.
1292
+ # @!attribute [rw] update_mask
1293
+ # @return [::Google::Protobuf::FieldMask]
1294
+ # The list of fields to be updated.
1295
+ # If empty all mutable fields will be updated.
1296
+ class UpdateBigQueryExportRequest
1297
+ include ::Google::Protobuf::MessageExts
1298
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1299
+ end
1300
+
1301
+ # Request message for listing BigQuery exports at a given scope e.g.
1302
+ # organization, folder or project.
1303
+ # @!attribute [rw] parent
1304
+ # @return [::String]
1305
+ # Required. The parent, which owns the collection of BigQuery exports. Its
1306
+ # format is "organizations/[organization_id]", "folders/[folder_id]",
1307
+ # "projects/[project_id]".
1308
+ # @!attribute [rw] page_size
1309
+ # @return [::Integer]
1310
+ # The maximum number of configs to return. The service may return fewer than
1311
+ # this value.
1312
+ # If unspecified, at most 10 configs will be returned.
1313
+ # The maximum value is 1000; values above 1000 will be coerced to 1000.
1314
+ # @!attribute [rw] page_token
1315
+ # @return [::String]
1316
+ # A page token, received from a previous `ListBigQueryExports` call.
1317
+ # Provide this to retrieve the subsequent page.
1318
+ # When paginating, all other parameters provided to `ListBigQueryExports`
1319
+ # must match the call that provided the page token.
1320
+ class ListBigQueryExportsRequest
1321
+ include ::Google::Protobuf::MessageExts
1322
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1323
+ end
1324
+
1325
+ # Response message for listing BigQuery exports.
1326
+ # @!attribute [rw] big_query_exports
1327
+ # @return [::Array<::Google::Cloud::SecurityCenter::V1::BigQueryExport>]
1328
+ # The BigQuery exports from the specified parent.
1329
+ # @!attribute [rw] next_page_token
1330
+ # @return [::String]
1331
+ # A token, which can be sent as `page_token` to retrieve the next page.
1332
+ # If this field is omitted, there are no subsequent pages.
1333
+ class ListBigQueryExportsResponse
1334
+ include ::Google::Protobuf::MessageExts
1335
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1336
+ end
1337
+
1338
+ # Request message for deleting a big query export.
1339
+ # @!attribute [rw] name
1340
+ # @return [::String]
1341
+ # Required. Name of the big query export to delete. Its format is
1342
+ # organizations/\\{organization}/bigQueryExports/\\{export_id},
1343
+ # folders/\\{folder}/bigQueryExports/\\{export_id}, or
1344
+ # projects/\\{project}/bigQueryExports/\\{export_id}
1345
+ class DeleteBigQueryExportRequest
1346
+ include ::Google::Protobuf::MessageExts
1347
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1348
+ end
1254
1349
  end
1255
1350
  end
1256
1351
  end
@@ -44,6 +44,9 @@ module Google
44
44
  # @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
45
45
  # Describe Common Vulnerability Scoring System specified at
46
46
  # https://www.first.org/cvss/v3.1/specification-document
47
+ # @!attribute [rw] upstream_fix_available
48
+ # @return [::Boolean]
49
+ # Whether upstream fix is available for the CVE.
47
50
  class Cve
48
51
  include ::Google::Protobuf::MessageExts
49
52
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -31,6 +31,13 @@ module Google
31
31
  # the policy is limited to a few 10s of KB. An empty policy is a
32
32
  # valid policy but certain Cloud Platform services (such as Projects)
33
33
  # might reject them.
34
+ # @!attribute [rw] update_mask
35
+ # @return [::Google::Protobuf::FieldMask]
36
+ # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
37
+ # the fields in the mask will be modified. If no mask is provided, the
38
+ # following default mask is used:
39
+ #
40
+ # `paths: "bindings, etag"`
34
41
  class SetIamPolicyRequest
35
42
  include ::Google::Protobuf::MessageExts
36
43
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -44,7 +51,7 @@ module Google
44
51
  # @!attribute [rw] options
45
52
  # @return [::Google::Iam::V1::GetPolicyOptions]
46
53
  # OPTIONAL: A `GetPolicyOptions` object for specifying options to
47
- # `GetIamPolicy`. This field is only used by Cloud IAM.
54
+ # `GetIamPolicy`.
48
55
  class GetIamPolicyRequest
49
56
  include ::Google::Protobuf::MessageExts
50
57
  extend ::Google::Protobuf::MessageExts::ClassMethods