google-cloud-security_center-v1 0.12.1 → 0.15.0

data/proto_docs/google/cloud/securitycenter/v1/external_system.rb

@@ -25,7 +25,8 @@ module Google
         # @!attribute [rw] name
         #   @return [::String]
         #     External System Name e.g. jira, demisto, etc.
-        #      e.g.: `organizations/1234/sources/5678/findings/123456/externalSystems/jira`
+        #      e.g.:
+        #      `organizations/1234/sources/5678/findings/123456/externalSystems/jira`
         #     `folders/1234/sources/5678/findings/123456/externalSystems/jira`
         #     `projects/1234/sources/5678/findings/123456/externalSystems/jira`
         # @!attribute [rw] assignees

data/proto_docs/google/cloud/securitycenter/v1/finding.rb

@@ -99,7 +99,7 @@ module Google
         #     finding.
         # @!attribute [rw] mute
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
-        #     Indicates the mute state of a finding (either unspecified, muted, unmuted
+        #     Indicates the mute state of a finding (either muted, unmuted
         #     or undefined). Unlike other attributes of a finding, a finding provider
         #     shouldn't set the value of mute.
         # @!attribute [rw] finding_class
@@ -124,16 +124,32 @@ module Google
         #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
         #     Output only. Third party SIEM/SOAR fields within SCC, contains external system
         #     information and external system finding fields.
+        # @!attribute [rw] mitre_attack
+        #   @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
+        #     MITRE ATT&CK tactics and techniques related to this finding.
+        #     See: https://attack.mitre.org
         # @!attribute [rw] access
         #   @return [::Google::Cloud::SecurityCenter::V1::Access]
         #     Access details associated to the Finding, such as more information on the
         #     caller, which method was accessed, from where, etc.
+        # @!attribute [rw] connections
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Connection>]
+        #     Contains information about the IP connection associated with the finding.
         # @!attribute [rw] mute_initiator
         #   @return [::String]
         #     First known as mute_annotation. Records additional information about the
         #     mute operation e.g. mute config that muted the finding, user who muted the
         #     finding, etc. Unlike other attributes of a finding, a finding provider
         #     shouldn't set the value of mute.
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     Contains more detail about the finding.
+        # @!attribute [rw] iam_bindings
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
+        #     Represents IAM bindings associated with the Finding.
+        # @!attribute [rw] next_steps
+        #   @return [::String]
+        #     Next steps associate to the finding.
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -217,7 +233,7 @@ module Google
             MEDIUM = 3
 
             # Vulnerability:
-            # A low risk vulnerability hampers a security organization’s ability to
+            # A low risk vulnerability hampers a security organization's ability to
             # detect vulnerabilities or active threats in their deployment, or prevents
             # the root cause investigation of security issues. An example is monitoring
             # and logs being disabled for resource configurations and access.
@@ -261,6 +277,9 @@ module Google
 
             # Describes a security observation that is for informational purposes.
             OBSERVATION = 4
+
+            # Describes an error that prevents some SCC functionality.
+            SCC_ERROR = 5
           end
         end
       end

data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Represents a particular IAM binding, which captures a member's role addition,
+        # removal, or state.
+        # @!attribute [rw] action
+        #   @return [::Google::Cloud::SecurityCenter::V1::IamBinding::Action]
+        #     The action that was performed on a Binding.
+        # @!attribute [rw] role
+        #   @return [::String]
+        #     Role that is assigned to "members".
+        #     For example, "roles/viewer", "roles/editor", or "roles/owner".
+        # @!attribute [rw] member
+        #   @return [::String]
+        #     A single identity requesting access for a Cloud Platform resource,
+        #     e.g. "foo@google.com".
+        class IamBinding
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The type of action performed on a Binding in a policy.
+          module Action
+            # Unspecified.
+            ACTION_UNSPECIFIED = 0
+
+            # Addition of a Binding.
+            ADD = 1
+
+            # Removal of a Binding.
+            REMOVE = 2
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb

@@ -0,0 +1,201 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # MITRE ATT&CK tactics and techniques related to this finding.
+        # See: https://attack.mitre.org
+        # @!attribute [rw] primary_tactic
+        #   @return [::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic]
+        #     The MITRE ATT&CK tactic most closely represented by this finding, if any.
+        # @!attribute [rw] primary_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
+        #     The MITRE ATT&CK technique most closely represented by this finding, if
+        #     any. primary_techniques is a repeated field because there are multiple
+        #     levels of MITRE ATT&CK techniques.  If the technique most closely
+        #     represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
+        #     both the sub-technique and its parent technique(s) will be listed (e.g.
+        #     `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
+        # @!attribute [rw] additional_tactics
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic>]
+        #     Additional MITRE ATT&CK tactics related to this finding, if any.
+        # @!attribute [rw] additional_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
+        #     Additional MITRE ATT&CK techniques related to this finding, if any, along
+        #     with any of their respective parent techniques.
+        # @!attribute [rw] version
+        #   @return [::String]
+        #     The MITRE ATT&CK version referenced by the above fields. E.g. "8".
+        class MitreAttack
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # MITRE ATT&CK tactics that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/tactics/enterprise/
+          module Tactic
+            # Unspecified value.
+            TACTIC_UNSPECIFIED = 0
+
+            # TA0043
+            RECONNAISSANCE = 1
+
+            # TA0042
+            RESOURCE_DEVELOPMENT = 2
+
+            # TA0001
+            INITIAL_ACCESS = 5
+
+            # TA0002
+            EXECUTION = 3
+
+            # TA0003
+            PERSISTENCE = 6
+
+            # TA0004
+            PRIVILEGE_ESCALATION = 8
+
+            # TA0005
+            DEFENSE_EVASION = 7
+
+            # TA0006
+            CREDENTIAL_ACCESS = 9
+
+            # TA0007
+            DISCOVERY = 10
+
+            # TA0008
+            LATERAL_MOVEMENT = 11
+
+            # TA0009
+            COLLECTION = 12
+
+            # TA0011
+            COMMAND_AND_CONTROL = 4
+
+            # TA0010
+            EXFILTRATION = 13
+
+            # TA0040
+            IMPACT = 14
+          end
+
+          # MITRE ATT&CK techniques that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/techniques/enterprise/
+          # Next ID: 31
+          module Technique
+            # Unspecified value.
+            TECHNIQUE_UNSPECIFIED = 0
+
+            # T1595
+            ACTIVE_SCANNING = 1
+
+            # T1595.001
+            SCANNING_IP_BLOCKS = 2
+
+            # T1105
+            INGRESS_TOOL_TRANSFER = 3
+
+            # T1106
+            NATIVE_API = 4
+
+            # T1129
+            SHARED_MODULES = 5
+
+            # T1059
+            COMMAND_AND_SCRIPTING_INTERPRETER = 6
+
+            # T1059.004
+            UNIX_SHELL = 7
+
+            # T1496
+            RESOURCE_HIJACKING = 8
+
+            # T1090
+            PROXY = 9
+
+            # T1090.002
+            EXTERNAL_PROXY = 10
+
+            # T1090.003
+            MULTI_HOP_PROXY = 11
+
+            # T1568
+            DYNAMIC_RESOLUTION = 12
+
+            # T1552
+            UNSECURED_CREDENTIALS = 13
+
+            # T1078
+            VALID_ACCOUNTS = 14
+
+            # T1078.003
+            LOCAL_ACCOUNTS = 15
+
+            # T1078.004
+            CLOUD_ACCOUNTS = 16
+
+            # T1498
+            NETWORK_DENIAL_OF_SERVICE = 17
+
+            # T1069
+            PERMISSION_GROUPS_DISCOVERY = 18
+
+            # T1069.003
+            CLOUD_GROUPS = 19
+
+            # T1567
+            EXFILTRATION_OVER_WEB_SERVICE = 20
+
+            # T1567.002
+            EXFILTRATION_TO_CLOUD_STORAGE = 21
+
+            # T1098
+            ACCOUNT_MANIPULATION = 22
+
+            # T1098.004
+            SSH_AUTHORIZED_KEYS = 23
+
+            # T1543
+            CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
+
+            # T1539
+            STEAL_WEB_SESSION_COOKIE = 25
+
+            # T1578
+            MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
+
+            # T1190
+            EXPLOIT_PUBLIC_FACING_APPLICATION = 27
+
+            # T1556
+            MODIFY_AUTHENTICATION_PROCESS = 28
+
+            # T1485
+            DATA_DESTRUCTION = 29
+
+            # T1484
+            DOMAIN_POLICY_MODIFICATION = 30
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/resource.rb

@@ -26,29 +26,29 @@ module Google
         #   @return [::String]
         #     The full resource name of the resource. See:
         #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     The human readable name of the resource.
+        # @!attribute [rw] type
+        #   @return [::String]
+        #     The full resource type of the resource.
         # @!attribute [rw] project
         #   @return [::String]
         #     The full resource name of project that the resource belongs to.
         # @!attribute [rw] project_display_name
         #   @return [::String]
-        #     The project id that the resource belongs to.
+        #     The project ID that the resource belongs to.
         # @!attribute [rw] parent
         #   @return [::String]
         #     The full resource name of resource's parent.
         # @!attribute [rw] parent_display_name
         #   @return [::String]
         #     The human readable name of resource's parent.
-        # @!attribute [rw] type
-        #   @return [::String]
-        #     The full resource type of the resource.
         # @!attribute [r] folders
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
         #     Output only. Contains a Folder message for each folder in the assets ancestry.
         #     The first folder is the deepest nested folder, and the last folder is the
         #     folder directly under the Organization.
-        # @!attribute [rw] display_name
-        #   @return [::String]
-        #     The human readable name of the resource.
         class Resource
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb

@@ -164,6 +164,18 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for retrieving a big query export.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the big query export to retrieve. Its format is
+        #     organizations/\\{organization}/bigQueryExports/\\{export_id},
+        #     folders/\\{folder}/bigQueryExports/\\{export_id}, or
+        #     projects/\\{project}/bigQueryExports/\\{export_id}
+        class GetBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for retrieving a mute config.
         # @!attribute [rw] name
         #   @return [::String]
@@ -1035,29 +1047,29 @@ module Google
             #   @return [::String]
             #     The full resource name of the resource. See:
             #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+            # @!attribute [rw] display_name
+            #   @return [::String]
+            #     The human readable name of the resource.
+            # @!attribute [rw] type
+            #   @return [::String]
+            #     The full resource type of the resource.
             # @!attribute [rw] project_name
             #   @return [::String]
             #     The full resource name of project that the resource belongs to.
             # @!attribute [rw] project_display_name
             #   @return [::String]
-            #     The project id that the resource belongs to.
+            #     The project ID that the resource belongs to.
             # @!attribute [rw] parent_name
             #   @return [::String]
             #     The full resource name of resource's parent.
             # @!attribute [rw] parent_display_name
             #   @return [::String]
             #     The human readable name of resource's parent.
-            # @!attribute [rw] type
-            #   @return [::String]
-            #     The full resource type of the resource.
             # @!attribute [rw] folders
             #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
             #     Contains a Folder message for each folder in the assets ancestry.
             #     The first folder is the deepest nested folder, and the last folder is
             #     the folder directly under the Organization.
-            # @!attribute [rw] display_name
-            #   @return [::String]
-            #     The human readable name of the resource.
             class Resource
               include ::Google::Protobuf::MessageExts
               extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1246,11 +1258,93 @@ module Google
         #     The time at which the updated SecurityMarks take effect.
         #     If not set uses current server time.  Updates will be applied to the
         #     SecurityMarks that are active immediately preceding this time. Must be
-        #     smaller or equal to the server time.
+        #     earlier or equal to the server time.
         class UpdateSecurityMarksRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+
+        # Request message for creating a big query export.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Resource name of the new big query export's parent. Its format is
+        #     "organizations/[organization_id]", "folders/[folder_id]", or
+        #     "projects/[project_id]".
+        # @!attribute [rw] big_query_export
+        #   @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
+        #     Required. The big query export being created.
+        # @!attribute [rw] big_query_export_id
+        #   @return [::String]
+        #     Required. Unique identifier provided by the client within the parent scope.
+        #     It must consist of lower case letters, numbers, and hyphen, with the first
+        #     character a letter, the last a letter or a number, and a 63 character
+        #     maximum.
+        class CreateBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for updating a BigQuery export.
+        # @!attribute [rw] big_query_export
+        #   @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
+        #     Required. The BigQuery export being updated.
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     The list of fields to be updated.
+        #     If empty all mutable fields will be updated.
+        class UpdateBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for listing  BigQuery exports at a given scope e.g.
+        # organization, folder or project.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The parent, which owns the collection of BigQuery exports. Its format is
+        #     "organizations/[organization_id]", "folders/[folder_id]",
+        #     "projects/[project_id]".
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     The maximum number of configs to return. The service may return fewer than
+        #     this value.
+        #     If unspecified, at most 10 configs will be returned.
+        #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     A page token, received from a previous `ListBigQueryExports` call.
+        #     Provide this to retrieve the subsequent page.
+        #     When paginating, all other parameters provided to `ListBigQueryExports`
+        #     must match the call that provided the page token.
+        class ListBigQueryExportsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing BigQuery exports.
+        # @!attribute [rw] big_query_exports
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::BigQueryExport>]
+        #     The BigQuery exports from the specified parent.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token, which can be sent as `page_token` to retrieve the next page.
+        #     If this field is omitted, there are no subsequent pages.
+        class ListBigQueryExportsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for deleting a big query export.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the big query export to delete. Its format is
+        #     organizations/\\{organization}/bigQueryExports/\\{export_id},
+        #     folders/\\{folder}/bigQueryExports/\\{export_id}, or
+        #     projects/\\{project}/bigQueryExports/\\{export_id}
+        class DeleteBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
       end
     end
   end

data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb

@@ -44,6 +44,9 @@ module Google
         #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
         #     Describe Common Vulnerability Scoring System specified at
         #     https://www.first.org/cvss/v3.1/specification-document
+        # @!attribute [rw] upstream_fix_available
+        #   @return [::Boolean]
+        #     Whether upstream fix is available for the CVE.
         class Cve
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/iam/v1/iam_policy.rb

@@ -31,6 +31,13 @@ module Google
       #     the policy is limited to a few 10s of KB. An empty policy is a
       #     valid policy but certain Cloud Platform services (such as Projects)
       #     might reject them.
+      # @!attribute [rw] update_mask
+      #   @return [::Google::Protobuf::FieldMask]
+      #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+      #     the fields in the mask will be modified. If no mask is provided, the
+      #     following default mask is used:
+      #
+      #     `paths: "bindings, etag"`
       class SetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -44,7 +51,7 @@ module Google
       # @!attribute [rw] options
       #   @return [::Google::Iam::V1::GetPolicyOptions]
       #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
-      #     `GetIamPolicy`. This field is only used by Cloud IAM.
+      #     `GetIamPolicy`.
       class GetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/iam/v1/options.rb

@@ -23,14 +23,24 @@ module Google
       # Encapsulates settings provided to GetIamPolicy.
       # @!attribute [rw] requested_policy_version
       #   @return [::Integer]
-      #     Optional. The policy format version to be returned.
+      #     Optional. The maximum policy version that will be used to format the
+      #     policy.
       #
       #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
       #     rejected.
       #
-      #     Requests for policies with any conditional bindings must specify version 3.
-      #     Policies without any conditional bindings may specify any valid value or
-      #     leave the field unset.
+      #     Requests for policies with any conditional role bindings must specify
+      #     version 3. Policies with no conditional role bindings may specify any valid
+      #     value or leave the field unset.
+      #
+      #     The policy in the response might use the policy version that you specified,
+      #     or it might use a lower policy version. For example, if you specify version
+      #     3, but the policy has no conditional role bindings, the response uses
+      #     version 1.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM
+      #     documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       class GetPolicyOptions
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods