RubyGems - google-cloud-security_center-v1 - Versions diffs - 0.19.0 → 0.21.0 - Mend

google-cloud-security_center-v1 0.19.0 → 0.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/AUTHENTICATION.md +1 -1
data/lib/google/cloud/security_center/v1/version.rb +1 -1
data/lib/google/cloud/securitycenter/v1/access_pb.rb +8 -0
data/lib/google/cloud/securitycenter/v1/finding_pb.rb +1 -0
data/proto_docs/google/cloud/securitycenter/v1/access.rb +48 -0
data/proto_docs/google/cloud/securitycenter/v1/finding.rb +9 -5
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b57284f2932157e2212960b955b61df6c6e0b4d0f4307fea8c0a08cd111e8b58
-  data.tar.gz: 2f0ea3acaa4e3995ce721c51a679b4cf6103c51b658fcd9bc5941531c8ad25fd
+  metadata.gz: f13b0297efb3fee913255351e082c5c11fad87adcda13c90a84e45401db96b0b
+  data.tar.gz: 504b2ca3c237b00b032935e74d9effdb85bc702ef9ae61ca0b99e14dbb4b7432
 SHA512:
-  metadata.gz: 5374096b8fde6fea9c9b70a5064fa2d8b77eb606b8809793627a24631e342be74f455ca6b455fff732ab65ce1befbbb09ec85f78c809ce96e022b92db728979f
-  data.tar.gz: 80e0126fee6525b015d2a13460ace133ae325b87d74848c1209fbc9d38d712d4ca478b9b1a2f3ba199b33a22d8bd2b8417fc5f85bcf539c32815ecfc01ad99a0
+  metadata.gz: 4a1a7317a533c567e5ff404be91a480179f8b5d45e0fcb57ed03d54cffa1c7add2c51821db3724cee40db8523d123ebebe1b48b97258c3b380be446177b6d456
+  data.tar.gz: cbb8059fe743a15451bd248c70ca6a0b007067ae56e7e80875516eea61969a59fce9eaa747d40becc26fe290381791cca27b51b106b9d1aa60b7bbfbe14db44e

data/AUTHENTICATION.md CHANGED Viewed

@@ -114,7 +114,7 @@ credentials are discovered.
 To configure your system for this, simply:
 1. [Download and install the Cloud SDK](https://cloud.google.com/sdk)
-2. Authenticate using OAuth 2.0 `$ gcloud auth login`
+2. Authenticate using OAuth 2.0 `$ gcloud auth application-default login`
 3. Write code as if already authenticated.
 **NOTE:** This is _not_ recommended for running in production. The Cloud SDK

data/lib/google/cloud/security_center/v1/version.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        VERSION = "0.19.0"
+        VERSION = "0.21.0"
       end
     end
   end

data/lib/google/cloud/securitycenter/v1/access_pb.rb CHANGED Viewed

@@ -12,6 +12,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :user_agent_family, :string, 4
       optional :service_name, :string, 5
       optional :method_name, :string, 6
+      optional :principal_subject, :string, 7
+      optional :service_account_key_name, :string, 8
+      repeated :service_account_delegation_info, :message, 9, "google.cloud.securitycenter.v1.ServiceAccountDelegationInfo"
+    end
+    add_message "google.cloud.securitycenter.v1.ServiceAccountDelegationInfo" do
+      optional :principal_email, :string, 1
+      optional :principal_subject, :string, 2
     end
     add_message "google.cloud.securitycenter.v1.Geolocation" do
       optional :region_code, :string, 1
@@ -24,6 +31,7 @@ module Google
     module SecurityCenter
       module V1
         Access = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Access").msgclass
+        ServiceAccountDelegationInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ServiceAccountDelegationInfo").msgclass
         Geolocation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Geolocation").msgclass
       end
     end

data/lib/google/cloud/securitycenter/v1/finding_pb.rb CHANGED Viewed

@@ -51,6 +51,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :processes, :message, 30, "google.cloud.securitycenter.v1.Process"
       map :contacts, :string, :message, 33, "google.cloud.securitycenter.v1.ContactDetails"
       repeated :compliances, :message, 34, "google.cloud.securitycenter.v1.Compliance"
+      optional :parent_display_name, :string, 36
       optional :description, :string, 37
       optional :exfiltration, :message, 38, "google.cloud.securitycenter.v1.Exfiltration"
       repeated :iam_bindings, :message, 39, "google.cloud.securitycenter.v1.IamBinding"

data/proto_docs/google/cloud/securitycenter/v1/access.rb CHANGED Viewed

@@ -25,6 +25,13 @@ module Google
         # @!attribute [rw] principal_email
         #   @return [::String]
         #     Associated email, such as "foo@google.com".
+        #
+        #     The email address of the authenticated user (or service account on behalf
+        #     of third party principal) making the request. For third party identity
+        #     callers, the `principal_subject` field is populated instead of this field.
+        #     For privacy reasons, the principal email address is sometimes redacted.
+        #     For more information, see [Caller identities in audit
+        #     logs](https://cloud.google.com/logging/docs/audit#user-id).
         # @!attribute [rw] caller_ip
         #   @return [::String]
         #     Caller's IP address, such as "1.1.1.1".
@@ -42,11 +49,52 @@ module Google
         # @!attribute [rw] method_name
         #   @return [::String]
         #     The method that the service account called, e.g. "SetIamPolicy".
+        # @!attribute [rw] principal_subject
+        #   @return [::String]
+        #     A string representing the principal_subject associated with the identity.
+        #     As compared to `principal_email`, supports principals that aren't
+        #     associated with email addresses, such as third party principals. For most
+        #     identities, the format will be `principal://iam.googleapis.com/{identity
+        #     pool name}/subjects/\\{subject}` except for some GKE identities
+        #     (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+        #     format `serviceAccount:{identity pool name}[{subject}]`
+        # @!attribute [rw] service_account_key_name
+        #   @return [::String]
+        #     The name of the service account key used to create or exchange
+        #     credentials for authenticating the service account making the request.
+        #     This is a scheme-less URI full resource name. For example:
+        #
+        #     "//iam.googleapis.com/projects/\\{PROJECT_ID}/serviceAccounts/\\{ACCOUNT}/keys/\\{key}"
+        # @!attribute [rw] service_account_delegation_info
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>]
+        #     Identity delegation history of an authenticated service account that makes
+        #     the request. It contains information on the real authorities that try to
+        #     access GCP resources by delegating on a service account. When multiple
+        #     authorities are present, they are guaranteed to be sorted based on the
+        #     original ordering of the identity delegation events.
         class Access
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+        # Identity delegation history of an authenticated service account.
+        # @!attribute [rw] principal_email
+        #   @return [::String]
+        #     The email address of a Google account.
+        # @!attribute [rw] principal_subject
+        #   @return [::String]
+        #     A string representing the principal_subject associated with the identity.
+        #     As compared to `principal_email`, supports principals that aren't
+        #     associated with email addresses, such as third party principals. For most
+        #     identities, the format will be `principal://iam.googleapis.com/{identity
+        #     pool name}/subjects/\\{subject}` except for some GKE identities
+        #     (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+        #     format `serviceAccount:{identity pool name}[{subject}]`
+        class ServiceAccountDelegationInfo
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
         # Represents a geographical location for a given access.
         # @!attribute [rw] region_code
         #   @return [::String]

data/proto_docs/google/cloud/securitycenter/v1/finding.rb CHANGED Viewed

@@ -122,8 +122,8 @@ module Google
         #     Output only. The most recent time this finding was muted or unmuted.
         # @!attribute [r] external_systems
         #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
-        #     Output only. Third party SIEM/SOAR fields within SCC, contains external
-        #     system information and external system finding fields.
+        #     Output only. Third party SIEM/SOAR fields within SCC, contains external system
+        #     information and external system finding fields.
         # @!attribute [rw] mitre_attack
         #   @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
         #     MITRE ATT&CK tactics and techniques related to this finding.
@@ -146,9 +146,9 @@ module Google
         #     Represents operating system processes associated with the Finding.
         # @!attribute [r] contacts
         #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}]
-        #     Output only. Map containing the point of contacts for the given finding.
-        #     The key represents the type of contact, while the value contains a list of
-        #     all the contacts that pertain. Please refer to:
+        #     Output only. Map containing the points of contact for the given finding. The key
+        #     represents the type of contact, while the value contains a list of all the
+        #     contacts that pertain. Please refer to:
         #     https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
         #
         #         {
@@ -167,6 +167,10 @@ module Google
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Compliance>]
         #     Contains compliance information for security standards associated to the
         #     finding.
+        # @!attribute [r] parent_display_name
+        #   @return [::String]
+        #     Output only. The human readable display name of the finding source such as
+        #     "Event Threat Detection" or "Security Health Analytics".
         # @!attribute [rw] description
         #   @return [::String]
         #     Contains more detail about the finding.

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-security_center-v1
 version: !ruby/object:Gem::Version
-  version: 0.19.0
+  version: 0.21.0
 platform: ruby
 authors:
 - Google LLC
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-24 00:00:00.000000000 Z
+date: 2022-09-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common