google-cloud-security_center-v1 0.12.1 → 0.13.0

data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb

@@ -0,0 +1,194 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # MITRE ATT&CK tactics and techniques related to this finding.
+        # See: https://attack.mitre.org
+        # @!attribute [rw] primary_tactic
+        #   @return [::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic]
+        #     The MITRE ATT&CK tactic most closely represented by this finding, if any.
+        # @!attribute [rw] primary_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
+        #     The MITRE ATT&CK technique most closely represented by this finding, if
+        #     any. primary_techniques is a repeated field because there are multiple
+        #     levels of MITRE ATT&CK techniques.  If the technique most closely
+        #     represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
+        #     both the sub-technique and its parent technique(s) will be listed (e.g.
+        #     `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
+        # @!attribute [rw] additional_tactics
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic>]
+        #     Additional MITRE ATT&CK tactics related to this finding, if any.
+        # @!attribute [rw] additional_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
+        #     Additional MITRE ATT&CK techniques related to this finding, if any, along
+        #     with any of their respective parent techniques.
+        # @!attribute [rw] version
+        #   @return [::String]
+        #     The MITRE ATT&CK version referenced by the above fields. E.g. "8".
+        class MitreAttack
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # MITRE ATT&CK tactics that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/tactics/enterprise/
+          module Tactic
+            # Unspecified value.
+            TACTIC_UNSPECIFIED = 0
+
+            # TA0043
+            RECONNAISSANCE = 1
+
+            # TA0042
+            RESOURCE_DEVELOPMENT = 2
+
+            # TA0001
+            INITIAL_ACCESS = 5
+
+            # TA0002
+            EXECUTION = 3
+
+            # TA0003
+            PERSISTENCE = 6
+
+            # TA0004
+            PRIVILEGE_ESCALATION = 8
+
+            # TA0005
+            DEFENSE_EVASION = 7
+
+            # TA0006
+            CREDENTIAL_ACCESS = 9
+
+            # TA0007
+            DISCOVERY = 10
+
+            # TA0008
+            LATERAL_MOVEMENT = 11
+
+            # TA0009
+            COLLECTION = 12
+
+            # TA0011
+            COMMAND_AND_CONTROL = 4
+
+            # TA0010
+            EXFILTRATION = 13
+
+            # TA0040
+            IMPACT = 14
+          end
+
+          # MITRE ATT&CK techniques that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/techniques/enterprise/
+          module Technique
+            # Unspecified value.
+            TECHNIQUE_UNSPECIFIED = 0
+
+            # T1595
+            ACTIVE_SCANNING = 1
+
+            # T1595.001
+            SCANNING_IP_BLOCKS = 2
+
+            # T1105
+            INGRESS_TOOL_TRANSFER = 3
+
+            # T1106
+            NATIVE_API = 4
+
+            # T1129
+            SHARED_MODULES = 5
+
+            # T1059
+            COMMAND_AND_SCRIPTING_INTERPRETER = 6
+
+            # T1059.004
+            UNIX_SHELL = 7
+
+            # T1496
+            RESOURCE_HIJACKING = 8
+
+            # T1090
+            PROXY = 9
+
+            # T1090.002
+            EXTERNAL_PROXY = 10
+
+            # T1090.003
+            MULTI_HOP_PROXY = 11
+
+            # T1568
+            DYNAMIC_RESOLUTION = 12
+
+            # T1552
+            UNSECURED_CREDENTIALS = 13
+
+            # T1078
+            VALID_ACCOUNTS = 14
+
+            # T1078.003
+            LOCAL_ACCOUNTS = 15
+
+            # T1078.004
+            CLOUD_ACCOUNTS = 16
+
+            # T1498
+            NETWORK_DENIAL_OF_SERVICE = 17
+
+            # T1069
+            PERMISSION_GROUPS_DISCOVERY = 18
+
+            # T1069.003
+            CLOUD_GROUPS = 19
+
+            # T1567
+            EXFILTRATION_OVER_WEB_SERVICE = 20
+
+            # T1567.002
+            EXFILTRATION_TO_CLOUD_STORAGE = 21
+
+            # T1098
+            ACCOUNT_MANIPULATION = 22
+
+            # T1098.004
+            SSH_AUTHORIZED_KEYS = 23
+
+            # T1543
+            CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
+
+            # T1539
+            STEAL_WEB_SESSION_COOKIE = 25
+
+            # T1578
+            MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
+
+            # T1190
+            EXPLOIT_PUBLIC_FACING_APPLICATION = 27
+
+            # T1556
+            MODIFY_AUTHENTICATION_PROCESS = 28
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb

@@ -29,8 +29,8 @@ module Google
         # 2. Once a bulk operation is started, there is no way to stop it.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. The parent, at which bulk action needs to be applied. Its format is
-        #     "organizations/[organization_id]", "folders/[folder_id]",
+        #     Required. The parent, at which bulk action needs to be applied. Its format
+        #     is "organizations/[organization_id]", "folders/[folder_id]",
         #     "projects/[project_id]".
         # @!attribute [rw] filter
         #   @return [::String]
@@ -81,8 +81,8 @@ module Google
         #     greater than 0 characters in length.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The Finding being created. The name and security_marks will be ignored as
-        #     they are both output only fields on this resource.
+        #     Required. The Finding being created. The name and security_marks will be
+        #     ignored as they are both output only fields on this resource.
         class CreateFindingRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -111,8 +111,8 @@ module Google
         # Request message for creating a notification config.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the new notification config's parent. Its format is
-        #     "organizations/[organization_id]".
+        #     Required. Resource name of the new notification config's parent. Its format
+        #     is "organizations/[organization_id]".
         # @!attribute [rw] config_id
         #   @return [::String]
         #     Required.
@@ -121,8 +121,9 @@ module Google
         #     characters, underscores or hyphens only.
         # @!attribute [rw] notification_config
         #   @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
-        #     Required. The notification config being created. The name and the service account
-        #     will be ignored as they are both output only fields on this resource.
+        #     Required. The notification config being created. The name and the service
+        #     account will be ignored as they are both output only fields on this
+        #     resource.
         class CreateNotificationConfigRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -135,8 +136,8 @@ module Google
         #     "organizations/[organization_id]".
         # @!attribute [rw] source
         #   @return [::Google::Cloud::SecurityCenter::V1::Source]
-        #     Required. The Source being created, only the display_name and description will be
-        #     used. All other fields will be ignored.
+        #     Required. The Source being created, only the display_name and description
+        #     will be used. All other fields will be ignored.
         class CreateSourceRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -164,6 +165,18 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for retrieving a big query export.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the big query export to retrieve. Its format is
+        #     organizations/\\{organization}/bigQueryExports/\\{export_id},
+        #     folders/\\{folder}/bigQueryExports/\\{export_id}, or
+        #     projects/\\{project}/bigQueryExports/\\{export_id}
+        class GetBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for retrieving a mute config.
         # @!attribute [rw] name
         #   @return [::String]
@@ -189,8 +202,8 @@ module Google
         # Request message for getting organization settings.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. Name of the organization to get organization settings for. Its format is
-        #     "organizations/[organization_id]/organizationSettings".
+        #     Required. Name of the organization to get organization settings for. Its
+        #     format is "organizations/[organization_id]/organizationSettings".
         class GetOrganizationSettingsRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -278,9 +291,9 @@ module Google
         #     property not existing: `-resource_properties.my_property : ""`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping. The string
-        #     value should follow SQL syntax: comma separated list of fields. For
-        #     example:
+        #     Required. Expression that defines what assets fields to use for grouping.
+        #     The string value should follow SQL syntax: comma separated list of fields.
+        #     For example:
         #     "security_center_properties.resource_project,security_center_properties.project".
         #
         #     The following fields are supported when compare_duration is not set:
@@ -439,9 +452,9 @@ module Google
         #       * resource.type: `=`, `:`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping (including
-        #     `state_change`). The string value should follow SQL syntax: comma separated
-        #     list of fields. For example: "parent,resource_name".
+        #     Required. Expression that defines what assets fields to use for grouping
+        #     (including `state_change`). The string value should follow SQL syntax:
+        #     comma separated list of fields. For example: "parent,resource_name".
         #
         #     The following fields are supported:
         #
@@ -554,8 +567,8 @@ module Google
         # folder or project.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. The parent, which owns the collection of mute configs. Its format is
-        #     "organizations/[organization_id]", "folders/[folder_id]",
+        #     Required. The parent, which owns the collection of mute configs. Its format
+        #     is "organizations/[organization_id]", "folders/[folder_id]",
         #     "projects/[project_id]".
         # @!attribute [rw] page_size
         #   @return [::Integer]
@@ -623,8 +636,8 @@ module Google
         # Request message for listing sources.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the parent of sources to list. Its format should be
-        #     "organizations/[organization_id], folders/[folder_id], or
+        #     Required. Resource name of the parent of sources to list. Its format should
+        #     be "organizations/[organization_id], folders/[folder_id], or
         #     projects/[project_id]".
         # @!attribute [rw] page_token
         #   @return [::String]
@@ -1131,8 +1144,8 @@ module Google
         # Request message for running asset discovery for an organization.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Name of the organization to run asset discovery for. Its format is
-        #     "organizations/[organization_id]".
+        #     Required. Name of the organization to run asset discovery for. Its format
+        #     is "organizations/[organization_id]".
         class RunAssetDiscoveryRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1155,8 +1168,8 @@ module Google
         # Request message for updating or creating a finding.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The finding resource to update or create if it does not already exist.
-        #     parent, security_marks, and update_time will be ignored.
+        #     Required. The finding resource to update or create if it does not already
+        #     exist. parent, security_marks, and update_time will be ignored.
         #
         #     In the case of creation, the finding id portion of the name must be
         #     alphanumeric and less than or equal to 32 characters and greater than 0
@@ -1251,6 +1264,88 @@ module Google
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+
+        # Request message for creating a big query export.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Resource name of the new big query export's parent. Its format is
+        #     "organizations/[organization_id]", "folders/[folder_id]", or
+        #     "projects/[project_id]".
+        # @!attribute [rw] big_query_export
+        #   @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
+        #     Required. The big query export being created.
+        # @!attribute [rw] big_query_export_id
+        #   @return [::String]
+        #     Required. Unique identifier provided by the client within the parent scope.
+        #     It must consist of lower case letters, numbers, and hyphen, with the first
+        #     character a letter, the last a letter or a number, and a 63 character
+        #     maximum.
+        class CreateBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for updating a BigQuery export.
+        # @!attribute [rw] big_query_export
+        #   @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
+        #     Required. The BigQuery export being updated.
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     The list of fields to be updated.
+        #     If empty all mutable fields will be updated.
+        class UpdateBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for listing  BigQuery exports at a given scope e.g.
+        # organization, folder or project.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The parent, which owns the collection of BigQuery exports. Its
+        #     format is "organizations/[organization_id]", "folders/[folder_id]",
+        #     "projects/[project_id]".
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     The maximum number of configs to return. The service may return fewer than
+        #     this value.
+        #     If unspecified, at most 10 configs will be returned.
+        #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     A page token, received from a previous `ListBigQueryExports` call.
+        #     Provide this to retrieve the subsequent page.
+        #     When paginating, all other parameters provided to `ListBigQueryExports`
+        #     must match the call that provided the page token.
+        class ListBigQueryExportsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing BigQuery exports.
+        # @!attribute [rw] big_query_exports
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::BigQueryExport>]
+        #     The BigQuery exports from the specified parent.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token, which can be sent as `page_token` to retrieve the next page.
+        #     If this field is omitted, there are no subsequent pages.
+        class ListBigQueryExportsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for deleting a big query export.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the big query export to delete. Its format is
+        #     organizations/\\{organization}/bigQueryExports/\\{export_id},
+        #     folders/\\{folder}/bigQueryExports/\\{export_id}, or
+        #     projects/\\{project}/bigQueryExports/\\{export_id}
+        class DeleteBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
       end
     end
   end

data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb

@@ -44,6 +44,9 @@ module Google
         #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
         #     Describe Common Vulnerability Scoring System specified at
         #     https://www.first.org/cvss/v3.1/specification-document
+        # @!attribute [rw] upstream_fix_available
+        #   @return [::Boolean]
+        #     Whether upstream fix is available for the CVE.
         class Cve
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-security_center-v1
 version: !ruby/object:Gem::Version
-  version: 0.12.1
+  version: 0.13.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-21 00:00:00.000000000 Z
+date: 2022-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -199,10 +199,12 @@ files:
 - lib/google/cloud/security_center/v1/version.rb
 - lib/google/cloud/securitycenter/v1/access_pb.rb
 - lib/google/cloud/securitycenter/v1/asset_pb.rb
+- lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb
 - lib/google/cloud/securitycenter/v1/external_system_pb.rb
 - lib/google/cloud/securitycenter/v1/finding_pb.rb
 - lib/google/cloud/securitycenter/v1/folder_pb.rb
 - lib/google/cloud/securitycenter/v1/indicator_pb.rb
+- lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb
 - lib/google/cloud/securitycenter/v1/mute_config_pb.rb
 - lib/google/cloud/securitycenter/v1/notification_config_pb.rb
 - lib/google/cloud/securitycenter/v1/notification_message_pb.rb
@@ -219,10 +221,12 @@ files:
 - proto_docs/google/api/resource.rb
 - proto_docs/google/cloud/securitycenter/v1/access.rb
 - proto_docs/google/cloud/securitycenter/v1/asset.rb
+- proto_docs/google/cloud/securitycenter/v1/bigquery_export.rb
 - proto_docs/google/cloud/securitycenter/v1/external_system.rb
 - proto_docs/google/cloud/securitycenter/v1/finding.rb
 - proto_docs/google/cloud/securitycenter/v1/folder.rb
 - proto_docs/google/cloud/securitycenter/v1/indicator.rb
+- proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb
 - proto_docs/google/cloud/securitycenter/v1/mute_config.rb
 - proto_docs/google/cloud/securitycenter/v1/notification_config.rb
 - proto_docs/google/cloud/securitycenter/v1/notification_message.rb