google-cloud-security_center-v1 0.13.0 → 0.16.0

data/lib/google/cloud/securitycenter/v1/source_pb.rb

@@ -1,9 +1,10 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/cloud/securitycenter/v1/source.proto
 
-require 'google/api/resource_pb'
 require 'google/protobuf'
 
+require 'google/api/resource_pb'
+
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/cloud/securitycenter/v1/source.proto", :syntax => :proto3) do
     add_message "google.cloud.securitycenter.v1.Source" do

data/proto_docs/google/cloud/securitycenter/v1/bigquery_export.rb

@@ -75,13 +75,13 @@ module Google
         #     creation or update.
         # @!attribute [r] most_recent_editor
         #   @return [::String]
-        #     Output only. Email address of the user who last edited the big query
-        #     export. This field is set by the server and will be ignored if provided on
-        #     export creation or update.
+        #     Output only. Email address of the user who last edited the big query export.
+        #     This field is set by the server and will be ignored if provided on export
+        #     creation or update.
         # @!attribute [r] principal
         #   @return [::String]
-        #     Output only. The service account that needs permission to create table,
-        #     upload data to the big query dataset.
+        #     Output only. The service account that needs permission to create table, upload data to
+        #     the big query dataset.
         class BigQueryExport
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/compliance.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Contains compliance information about a security standard indicating unmet
+        # recommendations.
+        # @!attribute [rw] standard
+        #   @return [::String]
+        #     Refers to industry wide standards or benchmarks e.g. "cis", "pci", "owasp",
+        #     etc.
+        # @!attribute [rw] version
+        #   @return [::String]
+        #     Version of the standard/benchmark e.g. 1.1
+        # @!attribute [rw] ids
+        #   @return [::Array<::String>]
+        #     Policies within the standard/benchmark e.g. A.12.4.1
+        class Compliance
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/connection.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Contains information about the IP connection associated with the finding.
+        # @!attribute [rw] destination_ip
+        #   @return [::String]
+        #     Destination IP address. Not present for sockets that are listening and not
+        #     connected.
+        # @!attribute [rw] destination_port
+        #   @return [::Integer]
+        #     Destination port. Not present for sockets that are listening and not
+        #     connected.
+        # @!attribute [rw] source_ip
+        #   @return [::String]
+        #     Source IP address.
+        # @!attribute [rw] source_port
+        #   @return [::Integer]
+        #     Source port.
+        # @!attribute [rw] protocol
+        #   @return [::Google::Cloud::SecurityCenter::V1::Connection::Protocol]
+        #     IANA Internet Protocol Number such as TCP(6) and UDP(17).
+        class Connection
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # IANA Internet Protocol Number such as TCP(6) and UDP(17).
+          module Protocol
+            # Unspecified protocol (not HOPOPT).
+            PROTOCOL_UNSPECIFIED = 0
+
+            # Internet Control Message Protocol.
+            ICMP = 1
+
+            # Transmission Control Protocol.
+            TCP = 6
+
+            # User Datagram Protocol.
+            UDP = 17
+
+            # Generic Routing Encapsulation.
+            GRE = 47
+
+            # Encap Security Payload.
+            ESP = 50
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/exfiltration.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Exfiltration represents a data exfiltration attempt of one or more
+        # sources to one or more targets.  Sources represent the source
+        # of data that is exfiltrated, and Targets represents the destination the
+        # data was copied to.
+        # @!attribute [rw] sources
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::ExfilResource>]
+        #     If there are multiple sources, then the data is considered "joined" between
+        #     them. For instance, BigQuery can join multiple tables, and each
+        #     table would be considered a source.
+        # @!attribute [rw] targets
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::ExfilResource>]
+        #     If there are multiple targets, each target would get a complete copy of the
+        #     "joined" source data.
+        class Exfiltration
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Resource that has been exfiltrated or exfiltrated_to.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Resource's URI (https://google.aip.dev/122#full-resource-names)
+        # @!attribute [rw] components
+        #   @return [::Array<::String>]
+        #     Subcomponents of the asset that is exfiltrated - these could be
+        #     URIs used during exfiltration, table names, databases, filenames, etc.
+        #     For example, multiple tables may be exfiltrated from the same CloudSQL
+        #     instance, or multiple files from the same Cloud Storage bucket.
+        class ExfilResource
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/external_system.rb

@@ -25,7 +25,8 @@ module Google
         # @!attribute [rw] name
         #   @return [::String]
         #     External System Name e.g. jira, demisto, etc.
-        #      e.g.: `organizations/1234/sources/5678/findings/123456/externalSystems/jira`
+        #      e.g.:
+        #      `organizations/1234/sources/5678/findings/123456/externalSystems/jira`
         #     `folders/1234/sources/5678/findings/123456/externalSystems/jira`
         #     `projects/1234/sources/5678/findings/123456/externalSystems/jira`
         # @!attribute [rw] assignees

data/proto_docs/google/cloud/securitycenter/v1/file.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # File information about the related binary/library used by an executable, or
+        # the script used by a script interpreter
+        # @!attribute [rw] path
+        #   @return [::String]
+        #     Absolute path of the file as a JSON encoded string.
+        # @!attribute [rw] size
+        #   @return [::Integer]
+        #     Size of the file in bytes.
+        # @!attribute [rw] sha256
+        #   @return [::String]
+        #     SHA256 hash of the first hashed_size bytes of the file encoded as a
+        #     hex string.  If hashed_size == size, hash_sha256 represents the SHA256 hash
+        #     of the entire file.
+        # @!attribute [rw] hashed_size
+        #   @return [::Integer]
+        #     The length in bytes of the file prefix that was hashed.  If
+        #     hashed_size == size, any hashes reported represent the entire
+        #     file.
+        # @!attribute [rw] partially_hashed
+        #   @return [::Boolean]
+        #     True when the hash covers only a prefix of the file.
+        # @!attribute [rw] contents
+        #   @return [::String]
+        #     Prefix of the file contents as a JSON encoded string.
+        #     (Currently only populated for Malicious Script Executed findings.)
+        class File
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/finding.rb

@@ -99,7 +99,7 @@ module Google
         #     finding.
         # @!attribute [rw] mute
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
-        #     Indicates the mute state of a finding (either unspecified, muted, unmuted
+        #     Indicates the mute state of a finding (either muted, unmuted
         #     or undefined). Unlike other attributes of a finding, a finding provider
         #     shouldn't set the value of mute.
         # @!attribute [rw] finding_class
@@ -132,12 +132,34 @@ module Google
         #   @return [::Google::Cloud::SecurityCenter::V1::Access]
         #     Access details associated to the Finding, such as more information on the
         #     caller, which method was accessed, from where, etc.
+        # @!attribute [rw] connections
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Connection>]
+        #     Contains information about the IP connection associated with the finding.
         # @!attribute [rw] mute_initiator
         #   @return [::String]
         #     First known as mute_annotation. Records additional information about the
         #     mute operation e.g. mute config that muted the finding, user who muted the
         #     finding, etc. Unlike other attributes of a finding, a finding provider
         #     shouldn't set the value of mute.
+        # @!attribute [rw] processes
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Process>]
+        #     Represents operating system processes associated with the Finding.
+        # @!attribute [rw] compliances
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Compliance>]
+        #     Contains compliance information for security standards associated to the
+        #     finding.
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     Contains more detail about the finding.
+        # @!attribute [rw] exfiltration
+        #   @return [::Google::Cloud::SecurityCenter::V1::Exfiltration]
+        #     Represents exfiltration associated with the Finding.
+        # @!attribute [rw] iam_bindings
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
+        #     Represents IAM bindings associated with the Finding.
+        # @!attribute [rw] next_steps
+        #   @return [::String]
+        #     Next steps associate to the finding.
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -221,7 +243,7 @@ module Google
             MEDIUM = 3
 
             # Vulnerability:
-            # A low risk vulnerability hampers a security organization’s ability to
+            # A low risk vulnerability hampers a security organization's ability to
             # detect vulnerabilities or active threats in their deployment, or prevents
             # the root cause investigation of security issues. An example is monitoring
             # and logs being disabled for resource configurations and access.

data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Represents a particular IAM binding, which captures a member's role addition,
+        # removal, or state.
+        # @!attribute [rw] action
+        #   @return [::Google::Cloud::SecurityCenter::V1::IamBinding::Action]
+        #     The action that was performed on a Binding.
+        # @!attribute [rw] role
+        #   @return [::String]
+        #     Role that is assigned to "members".
+        #     For example, "roles/viewer", "roles/editor", or "roles/owner".
+        # @!attribute [rw] member
+        #   @return [::String]
+        #     A single identity requesting access for a Cloud Platform resource,
+        #     e.g. "foo@google.com".
+        class IamBinding
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The type of action performed on a Binding in a policy.
+          module Action
+            # Unspecified.
+            ACTION_UNSPECIFIED = 0
+
+            # Addition of a Binding.
+            ADD = 1
+
+            # Removal of a Binding.
+            REMOVE = 2
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb

@@ -186,6 +186,15 @@ module Google
 
             # T1556
             MODIFY_AUTHENTICATION_PROCESS = 28
+
+            # T1485
+            DATA_DESTRUCTION = 29
+
+            # T1484
+            DOMAIN_POLICY_MODIFICATION = 30
+
+            # T1562
+            IMPAIR_DEFENSES = 31
           end
         end
       end

data/proto_docs/google/cloud/securitycenter/v1/process.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Represents an operating system process.
+        # @!attribute [rw] binary
+        #   @return [::Google::Cloud::SecurityCenter::V1::File]
+        #     File information for the process executable.
+        # @!attribute [rw] libraries
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::File>]
+        #     File information for libraries loaded by the process.
+        # @!attribute [rw] script
+        #   @return [::Google::Cloud::SecurityCenter::V1::File]
+        #     When the process represents the invocation of a script,
+        #     `binary` provides information about the interpreter while `script`
+        #     provides information about the script file provided to the
+        #     interpreter.
+        # @!attribute [rw] args
+        #   @return [::Array<::String>]
+        #     Process arguments as JSON encoded strings.
+        # @!attribute [rw] arguments_truncated
+        #   @return [::Boolean]
+        #     True if `args` is incomplete.
+        # @!attribute [rw] env_variables
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::EnvironmentVariable>]
+        #     Process environment variables.
+        # @!attribute [rw] env_variables_truncated
+        #   @return [::Boolean]
+        #     True if `env_variables` is incomplete.
+        # @!attribute [rw] pid
+        #   @return [::Integer]
+        #     The process id.
+        # @!attribute [rw] parent_pid
+        #   @return [::Integer]
+        #     The parent process id.
+        class Process
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # EnvironmentVariable is a name-value pair to store environment variables for
+        # Process.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Environment variable name as a JSON encoded string.
+        # @!attribute [rw] val
+        #   @return [::String]
+        #     Environment variable value as a JSON encoded string.
+        class EnvironmentVariable
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/resource.rb

@@ -26,29 +26,29 @@ module Google
         #   @return [::String]
         #     The full resource name of the resource. See:
         #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     The human readable name of the resource.
+        # @!attribute [rw] type
+        #   @return [::String]
+        #     The full resource type of the resource.
         # @!attribute [rw] project
         #   @return [::String]
         #     The full resource name of project that the resource belongs to.
         # @!attribute [rw] project_display_name
         #   @return [::String]
-        #     The project id that the resource belongs to.
+        #     The project ID that the resource belongs to.
         # @!attribute [rw] parent
         #   @return [::String]
         #     The full resource name of resource's parent.
         # @!attribute [rw] parent_display_name
         #   @return [::String]
         #     The human readable name of resource's parent.
-        # @!attribute [rw] type
-        #   @return [::String]
-        #     The full resource type of the resource.
         # @!attribute [r] folders
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
         #     Output only. Contains a Folder message for each folder in the assets ancestry.
         #     The first folder is the deepest nested folder, and the last folder is the
         #     folder directly under the Organization.
-        # @!attribute [rw] display_name
-        #   @return [::String]
-        #     The human readable name of the resource.
         class Resource
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods