google-cloud-security_center-v1 0.19.0 → 0.21.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +1 -1
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/access_pb.rb +8 -0
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +1 -0
- data/proto_docs/google/cloud/securitycenter/v1/access.rb +48 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +9 -5
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f13b0297efb3fee913255351e082c5c11fad87adcda13c90a84e45401db96b0b
|
4
|
+
data.tar.gz: 504b2ca3c237b00b032935e74d9effdb85bc702ef9ae61ca0b99e14dbb4b7432
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4a1a7317a533c567e5ff404be91a480179f8b5d45e0fcb57ed03d54cffa1c7add2c51821db3724cee40db8523d123ebebe1b48b97258c3b380be446177b6d456
|
7
|
+
data.tar.gz: cbb8059fe743a15451bd248c70ca6a0b007067ae56e7e80875516eea61969a59fce9eaa747d40becc26fe290381791cca27b51b106b9d1aa60b7bbfbe14db44e
|
data/AUTHENTICATION.md
CHANGED
@@ -114,7 +114,7 @@ credentials are discovered.
|
|
114
114
|
To configure your system for this, simply:
|
115
115
|
|
116
116
|
1. [Download and install the Cloud SDK](https://cloud.google.com/sdk)
|
117
|
-
2. Authenticate using OAuth 2.0 `$ gcloud auth login`
|
117
|
+
2. Authenticate using OAuth 2.0 `$ gcloud auth application-default login`
|
118
118
|
3. Write code as if already authenticated.
|
119
119
|
|
120
120
|
**NOTE:** This is _not_ recommended for running in production. The Cloud SDK
|
@@ -12,6 +12,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
12
12
|
optional :user_agent_family, :string, 4
|
13
13
|
optional :service_name, :string, 5
|
14
14
|
optional :method_name, :string, 6
|
15
|
+
optional :principal_subject, :string, 7
|
16
|
+
optional :service_account_key_name, :string, 8
|
17
|
+
repeated :service_account_delegation_info, :message, 9, "google.cloud.securitycenter.v1.ServiceAccountDelegationInfo"
|
18
|
+
end
|
19
|
+
add_message "google.cloud.securitycenter.v1.ServiceAccountDelegationInfo" do
|
20
|
+
optional :principal_email, :string, 1
|
21
|
+
optional :principal_subject, :string, 2
|
15
22
|
end
|
16
23
|
add_message "google.cloud.securitycenter.v1.Geolocation" do
|
17
24
|
optional :region_code, :string, 1
|
@@ -24,6 +31,7 @@ module Google
|
|
24
31
|
module SecurityCenter
|
25
32
|
module V1
|
26
33
|
Access = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Access").msgclass
|
34
|
+
ServiceAccountDelegationInfo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ServiceAccountDelegationInfo").msgclass
|
27
35
|
Geolocation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Geolocation").msgclass
|
28
36
|
end
|
29
37
|
end
|
@@ -51,6 +51,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
51
51
|
repeated :processes, :message, 30, "google.cloud.securitycenter.v1.Process"
|
52
52
|
map :contacts, :string, :message, 33, "google.cloud.securitycenter.v1.ContactDetails"
|
53
53
|
repeated :compliances, :message, 34, "google.cloud.securitycenter.v1.Compliance"
|
54
|
+
optional :parent_display_name, :string, 36
|
54
55
|
optional :description, :string, 37
|
55
56
|
optional :exfiltration, :message, 38, "google.cloud.securitycenter.v1.Exfiltration"
|
56
57
|
repeated :iam_bindings, :message, 39, "google.cloud.securitycenter.v1.IamBinding"
|
@@ -25,6 +25,13 @@ module Google
|
|
25
25
|
# @!attribute [rw] principal_email
|
26
26
|
# @return [::String]
|
27
27
|
# Associated email, such as "foo@google.com".
|
28
|
+
#
|
29
|
+
# The email address of the authenticated user (or service account on behalf
|
30
|
+
# of third party principal) making the request. For third party identity
|
31
|
+
# callers, the `principal_subject` field is populated instead of this field.
|
32
|
+
# For privacy reasons, the principal email address is sometimes redacted.
|
33
|
+
# For more information, see [Caller identities in audit
|
34
|
+
# logs](https://cloud.google.com/logging/docs/audit#user-id).
|
28
35
|
# @!attribute [rw] caller_ip
|
29
36
|
# @return [::String]
|
30
37
|
# Caller's IP address, such as "1.1.1.1".
|
@@ -42,11 +49,52 @@ module Google
|
|
42
49
|
# @!attribute [rw] method_name
|
43
50
|
# @return [::String]
|
44
51
|
# The method that the service account called, e.g. "SetIamPolicy".
|
52
|
+
# @!attribute [rw] principal_subject
|
53
|
+
# @return [::String]
|
54
|
+
# A string representing the principal_subject associated with the identity.
|
55
|
+
# As compared to `principal_email`, supports principals that aren't
|
56
|
+
# associated with email addresses, such as third party principals. For most
|
57
|
+
# identities, the format will be `principal://iam.googleapis.com/{identity
|
58
|
+
# pool name}/subjects/\\{subject}` except for some GKE identities
|
59
|
+
# (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
|
60
|
+
# format `serviceAccount:{identity pool name}[{subject}]`
|
61
|
+
# @!attribute [rw] service_account_key_name
|
62
|
+
# @return [::String]
|
63
|
+
# The name of the service account key used to create or exchange
|
64
|
+
# credentials for authenticating the service account making the request.
|
65
|
+
# This is a scheme-less URI full resource name. For example:
|
66
|
+
#
|
67
|
+
# "//iam.googleapis.com/projects/\\{PROJECT_ID}/serviceAccounts/\\{ACCOUNT}/keys/\\{key}"
|
68
|
+
# @!attribute [rw] service_account_delegation_info
|
69
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>]
|
70
|
+
# Identity delegation history of an authenticated service account that makes
|
71
|
+
# the request. It contains information on the real authorities that try to
|
72
|
+
# access GCP resources by delegating on a service account. When multiple
|
73
|
+
# authorities are present, they are guaranteed to be sorted based on the
|
74
|
+
# original ordering of the identity delegation events.
|
45
75
|
class Access
|
46
76
|
include ::Google::Protobuf::MessageExts
|
47
77
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
48
78
|
end
|
49
79
|
|
80
|
+
# Identity delegation history of an authenticated service account.
|
81
|
+
# @!attribute [rw] principal_email
|
82
|
+
# @return [::String]
|
83
|
+
# The email address of a Google account.
|
84
|
+
# @!attribute [rw] principal_subject
|
85
|
+
# @return [::String]
|
86
|
+
# A string representing the principal_subject associated with the identity.
|
87
|
+
# As compared to `principal_email`, supports principals that aren't
|
88
|
+
# associated with email addresses, such as third party principals. For most
|
89
|
+
# identities, the format will be `principal://iam.googleapis.com/{identity
|
90
|
+
# pool name}/subjects/\\{subject}` except for some GKE identities
|
91
|
+
# (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
|
92
|
+
# format `serviceAccount:{identity pool name}[{subject}]`
|
93
|
+
class ServiceAccountDelegationInfo
|
94
|
+
include ::Google::Protobuf::MessageExts
|
95
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
+
end
|
97
|
+
|
50
98
|
# Represents a geographical location for a given access.
|
51
99
|
# @!attribute [rw] region_code
|
52
100
|
# @return [::String]
|
@@ -122,8 +122,8 @@ module Google
|
|
122
122
|
# Output only. The most recent time this finding was muted or unmuted.
|
123
123
|
# @!attribute [r] external_systems
|
124
124
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
|
125
|
-
# Output only. Third party SIEM/SOAR fields within SCC, contains external
|
126
|
-
#
|
125
|
+
# Output only. Third party SIEM/SOAR fields within SCC, contains external system
|
126
|
+
# information and external system finding fields.
|
127
127
|
# @!attribute [rw] mitre_attack
|
128
128
|
# @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
|
129
129
|
# MITRE ATT&CK tactics and techniques related to this finding.
|
@@ -146,9 +146,9 @@ module Google
|
|
146
146
|
# Represents operating system processes associated with the Finding.
|
147
147
|
# @!attribute [r] contacts
|
148
148
|
# @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}]
|
149
|
-
# Output only. Map containing the
|
150
|
-
#
|
151
|
-
#
|
149
|
+
# Output only. Map containing the points of contact for the given finding. The key
|
150
|
+
# represents the type of contact, while the value contains a list of all the
|
151
|
+
# contacts that pertain. Please refer to:
|
152
152
|
# https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
|
153
153
|
#
|
154
154
|
# {
|
@@ -167,6 +167,10 @@ module Google
|
|
167
167
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Compliance>]
|
168
168
|
# Contains compliance information for security standards associated to the
|
169
169
|
# finding.
|
170
|
+
# @!attribute [r] parent_display_name
|
171
|
+
# @return [::String]
|
172
|
+
# Output only. The human readable display name of the finding source such as
|
173
|
+
# "Event Threat Detection" or "Security Health Analytics".
|
170
174
|
# @!attribute [rw] description
|
171
175
|
# @return [::String]
|
172
176
|
# Contains more detail about the finding.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-security_center-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.21.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-09-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|