google-cloud-security_center-v1 0.15.0 → 0.18.0

data/proto_docs/google/cloud/securitycenter/v1/contact_details.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # The details pertaining to specific contacts
+        # @!attribute [rw] contacts
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Contact>]
+        #     A list of contacts
+        class ContactDetails
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Representa a single contact's email address
+        # @!attribute [rw] email
+        #   @return [::String]
+        #     An email address e.g. "person123@company.com"
+        class Contact
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/container.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Container associated with the finding.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Container name.
+        # @!attribute [rw] uri
+        #   @return [::String]
+        #     Container image URI provided when configuring a pod/container.
+        #     May identify a container image version using mutable tags.
+        # @!attribute [rw] image_id
+        #   @return [::String]
+        #     Optional container image id, when provided by the container runtime.
+        #     Uniquely identifies the container image launched using a container image
+        #     digest.
+        # @!attribute [rw] labels
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
+        #     Container labels, as provided by the container runtime.
+        class Container
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/exfiltration.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Exfiltration represents a data exfiltration attempt of one or more
+        # sources to one or more targets.  Sources represent the source
+        # of data that is exfiltrated, and Targets represents the destination the
+        # data was copied to.
+        # @!attribute [rw] sources
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::ExfilResource>]
+        #     If there are multiple sources, then the data is considered "joined" between
+        #     them. For instance, BigQuery can join multiple tables, and each
+        #     table would be considered a source.
+        # @!attribute [rw] targets
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::ExfilResource>]
+        #     If there are multiple targets, each target would get a complete copy of the
+        #     "joined" source data.
+        class Exfiltration
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Resource that has been exfiltrated or exfiltrated_to.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Resource's URI (https://google.aip.dev/122#full-resource-names)
+        # @!attribute [rw] components
+        #   @return [::Array<::String>]
+        #     Subcomponents of the asset that is exfiltrated - these could be
+        #     URIs used during exfiltration, table names, databases, filenames, etc.
+        #     For example, multiple tables may be exfiltrated from the same CloudSQL
+        #     instance, or multiple files from the same Cloud Storage bucket.
+        class ExfilResource
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/file.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # File information about the related binary/library used by an executable, or
+        # the script used by a script interpreter
+        # @!attribute [rw] path
+        #   @return [::String]
+        #     Absolute path of the file as a JSON encoded string.
+        # @!attribute [rw] size
+        #   @return [::Integer]
+        #     Size of the file in bytes.
+        # @!attribute [rw] sha256
+        #   @return [::String]
+        #     SHA256 hash of the first hashed_size bytes of the file encoded as a
+        #     hex string.  If hashed_size == size, sha256 represents the SHA256 hash
+        #     of the entire file.
+        # @!attribute [rw] hashed_size
+        #   @return [::Integer]
+        #     The length in bytes of the file prefix that was hashed.  If
+        #     hashed_size == size, any hashes reported represent the entire
+        #     file.
+        # @!attribute [rw] partially_hashed
+        #   @return [::Boolean]
+        #     True when the hash covers only a prefix of the file.
+        # @!attribute [rw] contents
+        #   @return [::String]
+        #     Prefix of the file contents as a JSON encoded string.
+        #     (Currently only populated for Malicious Script Executed findings.)
+        class File
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/finding.rb

@@ -141,15 +141,51 @@ module Google
         #     mute operation e.g. mute config that muted the finding, user who muted the
         #     finding, etc. Unlike other attributes of a finding, a finding provider
         #     shouldn't set the value of mute.
+        # @!attribute [rw] processes
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Process>]
+        #     Represents operating system processes associated with the Finding.
+        # @!attribute [r] contacts
+        #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}]
+        #     Output only. Map containing the point of contacts for the given finding. The key
+        #     represents the type of contact, while the value contains a list of all the
+        #     contacts that pertain. Please refer to:
+        #     https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
+        #
+        #         {
+        #           "security": {
+        #             "contacts": [
+        #               {
+        #                 "email": "person1@company.com"
+        #               },
+        #               {
+        #                 "email": "person2@company.com"
+        #               }
+        #             ]
+        #           }
+        #         }
+        # @!attribute [rw] compliances
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Compliance>]
+        #     Contains compliance information for security standards associated to the
+        #     finding.
         # @!attribute [rw] description
         #   @return [::String]
         #     Contains more detail about the finding.
+        # @!attribute [rw] exfiltration
+        #   @return [::Google::Cloud::SecurityCenter::V1::Exfiltration]
+        #     Represents exfiltration associated with the Finding.
         # @!attribute [rw] iam_bindings
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
         #     Represents IAM bindings associated with the Finding.
         # @!attribute [rw] next_steps
         #   @return [::String]
         #     Next steps associate to the finding.
+        # @!attribute [rw] containers
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
+        #     Containers associated with the finding. containers provides information
+        #     for both Kubernetes and non-Kubernetes containers.
+        # @!attribute [rw] kubernetes
+        #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes]
+        #     Kubernetes resources associated with the finding.
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -172,6 +208,15 @@ module Google
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
 
+          # @!attribute [rw] key
+          #   @return [::String]
+          # @!attribute [rw] value
+          #   @return [::Google::Cloud::SecurityCenter::V1::ContactDetails]
+          class ContactsEntry
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
           # The state of the finding.
           module State
             # Unspecified state.

data/proto_docs/google/cloud/securitycenter/v1/indicator.rb

@@ -31,9 +31,61 @@ module Google
         # @!attribute [rw] domains
         #   @return [::Array<::String>]
         #     List of domains associated to the Finding.
+        # @!attribute [rw] signatures
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature>]
+        #     The list of matched signatures indicating that the given
+        #     process is present in the environment.
         class Indicator
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Indicates what signature matched this process.
+          # @!attribute [rw] memory_hash_signature
+          #   @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::MemoryHashSignature]
+          #     Signature indicating that a binary family was matched.
+          # @!attribute [rw] yara_rule_signature
+          #   @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::YaraRuleSignature]
+          #     Signature indicating that a YARA rule was matched.
+          class ProcessSignature
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # A signature corresponding to memory page hashes.
+            # @!attribute [rw] binary_family
+            #   @return [::String]
+            #     The binary family.
+            # @!attribute [rw] detections
+            #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::MemoryHashSignature::Detection>]
+            #     The list of memory hash detections contributing to the binary family
+            #     match.
+            class MemoryHashSignature
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+
+              # Memory hash detection contributing to the binary family match.
+              # @!attribute [rw] binary
+              #   @return [::String]
+              #     The name of the binary associated with the memory hash
+              #     signature detection.
+              # @!attribute [rw] percent_pages_matched
+              #   @return [::Float]
+              #     The percentage of memory page hashes in the signature
+              #     that were matched.
+              class Detection
+                include ::Google::Protobuf::MessageExts
+                extend ::Google::Protobuf::MessageExts::ClassMethods
+              end
+            end
+
+            # A signature corresponding to a YARA rule.
+            # @!attribute [rw] yara_rule
+            #   @return [::String]
+            #     The name of the YARA rule.
+            class YaraRuleSignature
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
+          end
         end
       end
     end

data/proto_docs/google/cloud/securitycenter/v1/kubernetes.rb

@@ -0,0 +1,203 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Kubernetes related attributes.
+        # @!attribute [rw] pods
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Pod>]
+        #     Kubernetes Pods associated with the finding. This field will contain Pod
+        #     records for each container that is owned by a Pod.
+        # @!attribute [rw] nodes
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
+        #     Provides Kubernetes Node information.
+        # @!attribute [rw] node_pools
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::NodePool>]
+        #     GKE Node Pools associated with the finding. This field will
+        #     contain NodePool information for each Node, when it is available.
+        # @!attribute [rw] roles
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Role>]
+        #     Provides Kubernetes role information for findings that involve
+        #     Roles or ClusterRoles.
+        # @!attribute [rw] bindings
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Binding>]
+        #     Provides Kubernetes role binding information for findings that involve
+        #     RoleBindings or ClusterRoleBindings.
+        # @!attribute [rw] access_reviews
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>]
+        #     Provides information on any Kubernetes access reviews (i.e. privilege
+        #     checks) relevant to the finding.
+        class Kubernetes
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Kubernetes Pod.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Kubernetes Pod namespace.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes Pod name.
+          # @!attribute [rw] labels
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
+          #     Pod labels.  For Kubernetes containers, these are applied to the
+          #     container.
+          # @!attribute [rw] containers
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
+          #     Pod containers associated with this finding, if any.
+          class Pod
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Kubernetes Nodes associated with the finding.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Full Resource name of the Compute Engine VM running the
+          #     cluster node.
+          class Node
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Provides GKE Node Pool information.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes Node pool name.
+          # @!attribute [rw] nodes
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
+          #     Nodes associated with the finding.
+          class NodePool
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Kubernetes Role or ClusterRole.
+          # @!attribute [rw] kind
+          #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
+          #     Role type.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Role namespace.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Role name.
+          class Role
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Types of Kubernetes roles.
+            module Kind
+              # Role type is not specified.
+              KIND_UNSPECIFIED = 0
+
+              # Kubernetes Role.
+              ROLE = 1
+
+              # Kubernetes ClusterRole.
+              CLUSTER_ROLE = 2
+            end
+          end
+
+          # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace for binding.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Name for binding.
+          # @!attribute [rw] role
+          #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
+          #     The Role or ClusterRole referenced by the binding.
+          # @!attribute [rw] subjects
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
+          #     Represents the subjects(s) bound to the role. Not always available
+          #     for PATCH requests.
+          class Binding
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Represents a Kubernetes Subject.
+          # @!attribute [rw] kind
+          #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
+          #     Authentication type for subject.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace for subject.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Name for subject.
+          class Subject
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Auth types that can be used for Subject's kind field.
+            module AuthType
+              # Authentication is not specified.
+              AUTH_TYPE_UNSPECIFIED = 0
+
+              # User with valid certificate.
+              USER = 1
+
+              # Users managed by Kubernetes API with credentials stored as Secrets.
+              SERVICEACCOUNT = 2
+
+              # Collection of users.
+              GROUP = 3
+            end
+          end
+
+          # Conveys information about a Kubernetes access review (e.g. kubectl auth
+          # can-i ...) that was involved in a finding.
+          # @!attribute [rw] group
+          #   @return [::String]
+          #     Group is the API Group of the Resource. "*" means all.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace of the action being requested. Currently, there is no
+          #     distinction between no namespace and all namespaces.  Both
+          #     are represented by "" (empty).
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Name is the name of the resource being requested. Empty means all.
+          # @!attribute [rw] resource
+          #   @return [::String]
+          #     Resource is the optional resource type requested. "*" means all.
+          # @!attribute [rw] subresource
+          #   @return [::String]
+          #     Subresource is the optional subresource type.
+          # @!attribute [rw] verb
+          #   @return [::String]
+          #     Verb is a Kubernetes resource API verb, like: get, list, watch, create,
+          #     update, delete, proxy. "*" means all.
+          # @!attribute [rw] version
+          #   @return [::String]
+          #     Version is the API Version of the Resource. "*" means all.
+          class AccessReview
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/label.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Label represents a generic name=value label. Label has separate name and
+        # value fields to support filtering with contains().
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Label name.
+        # @!attribute [rw] value
+        #   @return [::String]
+        #     Label value.
+        class Label
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb

@@ -99,7 +99,6 @@ module Google
 
           # MITRE ATT&CK techniques that can be referenced by SCC findings.
           # See: https://attack.mitre.org/techniques/enterprise/
-          # Next ID: 31
           module Technique
             # Unspecified value.
             TECHNIQUE_UNSPECIFIED = 0
@@ -193,6 +192,12 @@ module Google
 
             # T1484
             DOMAIN_POLICY_MODIFICATION = 30
+
+            # T1562
+            IMPAIR_DEFENSES = 31
+
+            # T1046
+            NETWORK_SERVICE_DISCOVERY = 32
           end
         end
       end

data/proto_docs/google/cloud/securitycenter/v1/process.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Represents an operating system process.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The process name visible in utilities like `top` and `ps`; it can
+        #     be accessed via `/proc/[pid]/comm` and changed with `prctl(PR_SET_NAME)`.
+        # @!attribute [rw] binary
+        #   @return [::Google::Cloud::SecurityCenter::V1::File]
+        #     File information for the process executable.
+        # @!attribute [rw] libraries
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::File>]
+        #     File information for libraries loaded by the process.
+        # @!attribute [rw] script
+        #   @return [::Google::Cloud::SecurityCenter::V1::File]
+        #     When the process represents the invocation of a script,
+        #     `binary` provides information about the interpreter while `script`
+        #     provides information about the script file provided to the
+        #     interpreter.
+        # @!attribute [rw] args
+        #   @return [::Array<::String>]
+        #     Process arguments as JSON encoded strings.
+        # @!attribute [rw] arguments_truncated
+        #   @return [::Boolean]
+        #     True if `args` is incomplete.
+        # @!attribute [rw] env_variables
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::EnvironmentVariable>]
+        #     Process environment variables.
+        # @!attribute [rw] env_variables_truncated
+        #   @return [::Boolean]
+        #     True if `env_variables` is incomplete.
+        # @!attribute [rw] pid
+        #   @return [::Integer]
+        #     The process id.
+        # @!attribute [rw] parent_pid
+        #   @return [::Integer]
+        #     The parent process id.
+        class Process
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # EnvironmentVariable is a name-value pair to store environment variables for
+        # Process.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Environment variable name as a JSON encoded string.
+        # @!attribute [rw] val
+        #   @return [::String]
+        #     Environment variable value as a JSON encoded string.
+        class EnvironmentVariable
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end