google-cloud-security_center-v1 0.27.0 → 0.29.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/google/cloud/security_center/v1/security_center/client.rb +1 -1
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +82 -0
- data/lib/google/cloud/security_center/v1/security_center/rest/client.rb +1 -1
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/access_pb.rb +24 -20
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +28 -25
- data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +25 -11
- data/lib/google/cloud/securitycenter/v1/cloud_dlp_data_profile_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v1/cloud_dlp_inspection_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v1/compliance_pb.rb +24 -6
- data/lib/google/cloud/securitycenter/v1/connection_pb.rb +24 -16
- data/lib/google/cloud/securitycenter/v1/contact_details_pb.rb +24 -7
- data/lib/google/cloud/securitycenter/v1/container_pb.rb +25 -7
- data/lib/google/cloud/securitycenter/v1/database_pb.rb +24 -8
- data/lib/google/cloud/securitycenter/v1/effective_security_health_analytics_custom_module_pb.rb +25 -12
- data/lib/google/cloud/securitycenter/v1/exfiltration_pb.rb +24 -9
- data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +25 -8
- data/lib/google/cloud/securitycenter/v1/file_pb.rb +24 -9
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +47 -65
- data/lib/google/cloud/securitycenter/v1/folder_pb.rb +24 -5
- data/lib/google/cloud/securitycenter/v1/iam_binding_pb.rb +24 -11
- data/lib/google/cloud/securitycenter/v1/indicator_pb.rb +24 -24
- data/lib/google/cloud/securitycenter/v1/kernel_rootkit_pb.rb +24 -12
- data/lib/google/cloud/securitycenter/v1/kubernetes_pb.rb +26 -58
- data/lib/google/cloud/securitycenter/v1/label_pb.rb +24 -5
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +24 -63
- data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +25 -10
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +24 -13
- data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +26 -8
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +24 -16
- data/lib/google/cloud/securitycenter/v1/process_pb.rb +25 -17
- data/lib/google/cloud/securitycenter/v1/resource_pb.rb +25 -11
- data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +25 -11
- data/lib/google/cloud/securitycenter/v1/security_health_analytics_custom_config_pb.rb +25 -26
- data/lib/google/cloud/securitycenter/v1/security_health_analytics_custom_module_pb.rb +26 -16
- data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +24 -6
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +40 -279
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/source_pb.rb +24 -7
- data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +24 -59
- data/proto_docs/google/api/client.rb +10 -1
- data/proto_docs/google/cloud/securitycenter/v1/access.rb +28 -29
- data/proto_docs/google/cloud/securitycenter/v1/cloud_dlp_data_profile.rb +37 -0
- data/proto_docs/google/cloud/securitycenter/v1/cloud_dlp_inspection.rb +50 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +30 -21
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +11 -11
- data/proto_docs/google/protobuf/any.rb +7 -4
- data/proto_docs/google/protobuf/struct.rb +1 -1
- data/proto_docs/google/protobuf/timestamp.rb +1 -3
- metadata +8 -4
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: google/cloud/securitycenter/v1/source.proto
|
3
4
|
|
@@ -5,15 +6,31 @@ require 'google/protobuf'
|
|
5
6
|
|
6
7
|
require 'google/api/resource_pb'
|
7
8
|
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
9
|
+
|
10
|
+
descriptor_data = "\n+google/cloud/securitycenter/v1/source.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\"\xfd\x01\n\x06Source\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x02 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t\x12\x16\n\x0e\x63\x61nonical_name\x18\x0e \x01(\t:\xa1\x01\xea\x41\x9d\x01\n$securitycenter.googleapis.com/Source\x12-organizations/{organization}/sources/{source}\x12!folders/{folder}/sources/{source}\x12#projects/{project}/sources/{source}B\xd8\x01\n\"com.google.cloud.securitycenter.v1P\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
11
|
+
|
12
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
13
|
+
|
14
|
+
begin
|
15
|
+
pool.add_serialized_file(descriptor_data)
|
16
|
+
rescue TypeError => e
|
17
|
+
# Compatibility code: will be removed in the next major version.
|
18
|
+
require 'google/protobuf/descriptor_pb'
|
19
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
20
|
+
parsed.clear_dependency
|
21
|
+
serialized = parsed.class.encode(parsed)
|
22
|
+
file = pool.add_serialized_file(serialized)
|
23
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
24
|
+
imports = [
|
25
|
+
]
|
26
|
+
imports.each do |type_name, expected_filename|
|
27
|
+
import_file = pool.lookup(type_name).file_descriptor
|
28
|
+
if import_file.name != expected_filename
|
29
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
15
30
|
end
|
16
31
|
end
|
32
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
33
|
+
warn "This will become an error in the next major version."
|
17
34
|
end
|
18
35
|
|
19
36
|
module Google
|
@@ -1,69 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: google/cloud/securitycenter/v1/vulnerability.proto
|
3
4
|
|
4
5
|
require 'google/protobuf'
|
5
6
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
optional :scope, :enum, 9, "google.cloud.securitycenter.v1.Cvssv3.Scope"
|
28
|
-
optional :confidentiality_impact, :enum, 10, "google.cloud.securitycenter.v1.Cvssv3.Impact"
|
29
|
-
optional :integrity_impact, :enum, 11, "google.cloud.securitycenter.v1.Cvssv3.Impact"
|
30
|
-
optional :availability_impact, :enum, 12, "google.cloud.securitycenter.v1.Cvssv3.Impact"
|
31
|
-
end
|
32
|
-
add_enum "google.cloud.securitycenter.v1.Cvssv3.AttackVector" do
|
33
|
-
value :ATTACK_VECTOR_UNSPECIFIED, 0
|
34
|
-
value :ATTACK_VECTOR_NETWORK, 1
|
35
|
-
value :ATTACK_VECTOR_ADJACENT, 2
|
36
|
-
value :ATTACK_VECTOR_LOCAL, 3
|
37
|
-
value :ATTACK_VECTOR_PHYSICAL, 4
|
38
|
-
end
|
39
|
-
add_enum "google.cloud.securitycenter.v1.Cvssv3.AttackComplexity" do
|
40
|
-
value :ATTACK_COMPLEXITY_UNSPECIFIED, 0
|
41
|
-
value :ATTACK_COMPLEXITY_LOW, 1
|
42
|
-
value :ATTACK_COMPLEXITY_HIGH, 2
|
43
|
-
end
|
44
|
-
add_enum "google.cloud.securitycenter.v1.Cvssv3.PrivilegesRequired" do
|
45
|
-
value :PRIVILEGES_REQUIRED_UNSPECIFIED, 0
|
46
|
-
value :PRIVILEGES_REQUIRED_NONE, 1
|
47
|
-
value :PRIVILEGES_REQUIRED_LOW, 2
|
48
|
-
value :PRIVILEGES_REQUIRED_HIGH, 3
|
49
|
-
end
|
50
|
-
add_enum "google.cloud.securitycenter.v1.Cvssv3.UserInteraction" do
|
51
|
-
value :USER_INTERACTION_UNSPECIFIED, 0
|
52
|
-
value :USER_INTERACTION_NONE, 1
|
53
|
-
value :USER_INTERACTION_REQUIRED, 2
|
54
|
-
end
|
55
|
-
add_enum "google.cloud.securitycenter.v1.Cvssv3.Scope" do
|
56
|
-
value :SCOPE_UNSPECIFIED, 0
|
57
|
-
value :SCOPE_UNCHANGED, 1
|
58
|
-
value :SCOPE_CHANGED, 2
|
59
|
-
end
|
60
|
-
add_enum "google.cloud.securitycenter.v1.Cvssv3.Impact" do
|
61
|
-
value :IMPACT_UNSPECIFIED, 0
|
62
|
-
value :IMPACT_HIGH, 1
|
63
|
-
value :IMPACT_LOW, 2
|
64
|
-
value :IMPACT_NONE, 3
|
7
|
+
|
8
|
+
descriptor_data = "\n2google/cloud/securitycenter/v1/vulnerability.proto\x12\x1egoogle.cloud.securitycenter.v1\"A\n\rVulnerability\x12\x30\n\x03\x63ve\x18\x01 \x01(\x0b\x32#.google.cloud.securitycenter.v1.Cve\"\xa8\x01\n\x03\x43ve\x12\n\n\x02id\x18\x01 \x01(\t\x12=\n\nreferences\x18\x02 \x03(\x0b\x32).google.cloud.securitycenter.v1.Reference\x12\x36\n\x06\x63vssv3\x18\x03 \x01(\x0b\x32&.google.cloud.securitycenter.v1.Cvssv3\x12\x1e\n\x16upstream_fix_available\x18\x04 \x01(\x08\"(\n\tReference\x12\x0e\n\x06source\x18\x01 \x01(\t\x12\x0b\n\x03uri\x18\x02 \x01(\t\"\xb1\n\n\x06\x43vssv3\x12\x12\n\nbase_score\x18\x01 \x01(\x01\x12J\n\rattack_vector\x18\x05 \x01(\x0e\x32\x33.google.cloud.securitycenter.v1.Cvssv3.AttackVector\x12R\n\x11\x61ttack_complexity\x18\x06 \x01(\x0e\x32\x37.google.cloud.securitycenter.v1.Cvssv3.AttackComplexity\x12V\n\x13privileges_required\x18\x07 \x01(\x0e\x32\x39.google.cloud.securitycenter.v1.Cvssv3.PrivilegesRequired\x12P\n\x10user_interaction\x18\x08 \x01(\x0e\x32\x36.google.cloud.securitycenter.v1.Cvssv3.UserInteraction\x12;\n\x05scope\x18\t \x01(\x0e\x32,.google.cloud.securitycenter.v1.Cvssv3.Scope\x12M\n\x16\x63onfidentiality_impact\x18\n \x01(\x0e\x32-.google.cloud.securitycenter.v1.Cvssv3.Impact\x12G\n\x10integrity_impact\x18\x0b \x01(\x0e\x32-.google.cloud.securitycenter.v1.Cvssv3.Impact\x12J\n\x13\x61vailability_impact\x18\x0c \x01(\x0e\x32-.google.cloud.securitycenter.v1.Cvssv3.Impact\"\x99\x01\n\x0c\x41ttackVector\x12\x1d\n\x19\x41TTACK_VECTOR_UNSPECIFIED\x10\x00\x12\x19\n\x15\x41TTACK_VECTOR_NETWORK\x10\x01\x12\x1a\n\x16\x41TTACK_VECTOR_ADJACENT\x10\x02\x12\x17\n\x13\x41TTACK_VECTOR_LOCAL\x10\x03\x12\x1a\n\x16\x41TTACK_VECTOR_PHYSICAL\x10\x04\"l\n\x10\x41ttackComplexity\x12!\n\x1d\x41TTACK_COMPLEXITY_UNSPECIFIED\x10\x00\x12\x19\n\x15\x41TTACK_COMPLEXITY_LOW\x10\x01\x12\x1a\n\x16\x41TTACK_COMPLEXITY_HIGH\x10\x02\"\x92\x01\n\x12PrivilegesRequired\x12#\n\x1fPRIVILEGES_REQUIRED_UNSPECIFIED\x10\x00\x12\x1c\n\x18PRIVILEGES_REQUIRED_NONE\x10\x01\x12\x1b\n\x17PRIVILEGES_REQUIRED_LOW\x10\x02\x12\x1c\n\x18PRIVILEGES_REQUIRED_HIGH\x10\x03\"m\n\x0fUserInteraction\x12 \n\x1cUSER_INTERACTION_UNSPECIFIED\x10\x00\x12\x19\n\x15USER_INTERACTION_NONE\x10\x01\x12\x1d\n\x19USER_INTERACTION_REQUIRED\x10\x02\"F\n\x05Scope\x12\x15\n\x11SCOPE_UNSPECIFIED\x10\x00\x12\x13\n\x0fSCOPE_UNCHANGED\x10\x01\x12\x11\n\rSCOPE_CHANGED\x10\x02\"R\n\x06Impact\x12\x16\n\x12IMPACT_UNSPECIFIED\x10\x00\x12\x0f\n\x0bIMPACT_HIGH\x10\x01\x12\x0e\n\nIMPACT_LOW\x10\x02\x12\x0f\n\x0bIMPACT_NONE\x10\x03\x42\xec\x01\n\"com.google.cloud.securitycenter.v1B\x12VulnerabilityProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
9
|
+
|
10
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
11
|
+
|
12
|
+
begin
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
14
|
+
rescue TypeError => e
|
15
|
+
# Compatibility code: will be removed in the next major version.
|
16
|
+
require 'google/protobuf/descriptor_pb'
|
17
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
18
|
+
parsed.clear_dependency
|
19
|
+
serialized = parsed.class.encode(parsed)
|
20
|
+
file = pool.add_serialized_file(serialized)
|
21
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
22
|
+
imports = [
|
23
|
+
]
|
24
|
+
imports.each do |type_name, expected_filename|
|
25
|
+
import_file = pool.lookup(type_name).file_descriptor
|
26
|
+
if import_file.name != expected_filename
|
27
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
65
28
|
end
|
66
29
|
end
|
30
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
31
|
+
warn "This will become an error in the next major version."
|
67
32
|
end
|
68
33
|
|
69
34
|
module Google
|
@@ -83,7 +83,7 @@ module Google
|
|
83
83
|
# long-running operation pattern.
|
84
84
|
# @!attribute [rw] new_issue_uri
|
85
85
|
# @return [::String]
|
86
|
-
# Link to a
|
86
|
+
# Link to a *public* URI where users can report issues. Example:
|
87
87
|
# https://issuetracker.google.com/issues/new?component=190865&template=1161103
|
88
88
|
# @!attribute [rw] documentation_uri
|
89
89
|
# @return [::String]
|
@@ -353,6 +353,15 @@ module Google
|
|
353
353
|
|
354
354
|
# Street View Org.
|
355
355
|
STREET_VIEW = 4
|
356
|
+
|
357
|
+
# Shopping Org.
|
358
|
+
SHOPPING = 5
|
359
|
+
|
360
|
+
# Geo Org.
|
361
|
+
GEO = 6
|
362
|
+
|
363
|
+
# Generative AI - https://developers.generativeai.google
|
364
|
+
GENERATIVE_AI = 7
|
356
365
|
end
|
357
366
|
|
358
367
|
# To where should client libraries be published?
|
@@ -26,11 +26,11 @@ module Google
|
|
26
26
|
# @return [::String]
|
27
27
|
# Associated email, such as "foo@google.com".
|
28
28
|
#
|
29
|
-
# The email address of the authenticated user
|
30
|
-
# of third party principal
|
31
|
-
# callers, the `principal_subject` field is populated instead of
|
32
|
-
# For privacy reasons, the principal email address is sometimes
|
33
|
-
# For more information, see [Caller identities in audit
|
29
|
+
# The email address of the authenticated user or a service account acting on
|
30
|
+
# behalf of a third party principal making the request. For third party
|
31
|
+
# identity callers, the `principal_subject` field is populated instead of
|
32
|
+
# this field. For privacy reasons, the principal email address is sometimes
|
33
|
+
# redacted. For more information, see [Caller identities in audit
|
34
34
|
# logs](https://cloud.google.com/logging/docs/audit#user-id).
|
35
35
|
# @!attribute [rw] caller_ip
|
36
36
|
# @return [::String]
|
@@ -40,8 +40,8 @@ module Google
|
|
40
40
|
# The caller IP's geolocation, which identifies where the call came from.
|
41
41
|
# @!attribute [rw] user_agent_family
|
42
42
|
# @return [::String]
|
43
|
-
#
|
44
|
-
# embedded or
|
43
|
+
# Type of user agent associated with the finding. For example, an operating
|
44
|
+
# system shell or an embedded or standalone application.
|
45
45
|
# @!attribute [rw] service_name
|
46
46
|
# @return [::String]
|
47
47
|
# This is the API service that the service account made a call to, e.g.
|
@@ -51,36 +51,35 @@ module Google
|
|
51
51
|
# The method that the service account called, e.g. "SetIamPolicy".
|
52
52
|
# @!attribute [rw] principal_subject
|
53
53
|
# @return [::String]
|
54
|
-
# A string
|
55
|
-
#
|
56
|
-
# associated with email addresses, such as third party
|
57
|
-
# identities, the format
|
58
|
-
# pool name}/
|
59
|
-
#
|
60
|
-
# format `serviceAccount:{identity pool
|
54
|
+
# A string that represents the principal_subject that is associated with the
|
55
|
+
# identity. Unlike `principal_email`, `principal_subject` supports principals
|
56
|
+
# that aren't associated with email addresses, such as third party
|
57
|
+
# principals. For most identities, the format is
|
58
|
+
# `principal://iam.googleapis.com/{identity pool name}/subject/{subject}`.
|
59
|
+
# Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD,
|
60
|
+
# still use the legacy format `serviceAccount:{identity pool
|
61
|
+
# name}[\\{subject}]`.
|
61
62
|
# @!attribute [rw] service_account_key_name
|
62
63
|
# @return [::String]
|
63
|
-
# The name of the service account key used to create or exchange
|
64
|
-
# credentials
|
64
|
+
# The name of the service account key that was used to create or exchange
|
65
|
+
# credentials when authenticating the service account that made the request.
|
65
66
|
# This is a scheme-less URI full resource name. For example:
|
66
67
|
#
|
67
|
-
# "//iam.googleapis.com/projects/\\{PROJECT_ID}/serviceAccounts/\\{ACCOUNT}/keys/\\{key}"
|
68
|
+
# "//iam.googleapis.com/projects/\\{PROJECT_ID}/serviceAccounts/\\{ACCOUNT}/keys/\\{key}".
|
68
69
|
# @!attribute [rw] service_account_delegation_info
|
69
70
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>]
|
70
|
-
#
|
71
|
-
# the request.
|
72
|
-
#
|
73
|
-
#
|
74
|
-
#
|
71
|
+
# The identity delegation history of an authenticated service account that
|
72
|
+
# made the request. The `serviceAccountDelegationInfo[]` object contains
|
73
|
+
# information about the real authorities that try to access Google Cloud
|
74
|
+
# resources by delegating on a service account. When multiple authorities are
|
75
|
+
# present, they are guaranteed to be sorted based on the original ordering of
|
76
|
+
# the identity delegation events.
|
75
77
|
# @!attribute [rw] user_name
|
76
78
|
# @return [::String]
|
77
|
-
# A string that represents
|
78
|
-
#
|
79
|
-
#
|
80
|
-
#
|
81
|
-
# logged into an operating system, if the finding is VM-related, or a user
|
82
|
-
# that is logged into some type of application that is involved in the
|
83
|
-
# access event.
|
79
|
+
# A string that represents a username. The username provided depends on the
|
80
|
+
# type of the finding and is likely not an IAM principal. For example, this
|
81
|
+
# can be a system username if the finding is related to a virtual machine, or
|
82
|
+
# it can be an application login username.
|
84
83
|
class Access
|
85
84
|
include ::Google::Protobuf::MessageExts
|
86
85
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -0,0 +1,37 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2023 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# The [data profile](https://cloud.google.com/dlp/docs/data-profiles)
|
25
|
+
# associated with the finding.
|
26
|
+
# @!attribute [rw] data_profile
|
27
|
+
# @return [::String]
|
28
|
+
# Name of the data profile, for example,
|
29
|
+
# `projects/123/locations/europe/tableProfiles/8383929`.
|
30
|
+
class CloudDlpDataProfile
|
31
|
+
include ::Google::Protobuf::MessageExts
|
32
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2023 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection
|
25
|
+
# job](https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced
|
26
|
+
# the finding.
|
27
|
+
# @!attribute [rw] inspect_job
|
28
|
+
# @return [::String]
|
29
|
+
# Name of the inspection job, for example,
|
30
|
+
# `projects/123/locations/europe/dlpJobs/i-8383929`.
|
31
|
+
# @!attribute [rw] info_type
|
32
|
+
# @return [::String]
|
33
|
+
# The [type of
|
34
|
+
# information](https://cloud.google.com/dlp/docs/infotypes-reference) found,
|
35
|
+
# for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
|
36
|
+
# @!attribute [rw] info_type_count
|
37
|
+
# @return [::Integer]
|
38
|
+
# The number of times Cloud DLP found this infoType within this job
|
39
|
+
# and resource.
|
40
|
+
# @!attribute [rw] full_scan
|
41
|
+
# @return [::Boolean]
|
42
|
+
# Whether Cloud DLP scanned the complete resource or a sampled subset.
|
43
|
+
class CloudDlpInspection
|
44
|
+
include ::Google::Protobuf::MessageExts
|
45
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
@@ -30,10 +30,12 @@ module Google
|
|
30
30
|
# finding.
|
31
31
|
# @!attribute [rw] name
|
32
32
|
# @return [::String]
|
33
|
-
# The relative resource
|
34
|
-
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
35
|
-
# Example:
|
36
|
-
# "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}"
|
33
|
+
# The [relative resource
|
34
|
+
# name](https://cloud.google.com/apis/design/resource_names#relative_resource_name)
|
35
|
+
# of the finding. Example:
|
36
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}",
|
37
|
+
# "folders/\\{folder_id}/sources/\\{source_id}/findings/\\{finding_id}",
|
38
|
+
# "projects/\\{project_id}/sources/\\{source_id}/findings/\\{finding_id}".
|
37
39
|
# @!attribute [rw] parent
|
38
40
|
# @return [::String]
|
39
41
|
# The relative resource name of the source the finding belongs to. See:
|
@@ -107,11 +109,11 @@ module Google
|
|
107
109
|
# The class of the finding.
|
108
110
|
# @!attribute [rw] indicator
|
109
111
|
# @return [::Google::Cloud::SecurityCenter::V1::Indicator]
|
110
|
-
# Represents what's commonly known as an
|
112
|
+
# Represents what's commonly known as an *indicator of compromise* (IoC) in
|
111
113
|
# computer forensics. This is an artifact observed on a network or in an
|
112
114
|
# operating system that, with high confidence, indicates a computer
|
113
|
-
# intrusion.
|
114
|
-
#
|
115
|
+
# intrusion. For more information, see [Indicator of
|
116
|
+
# compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise).
|
115
117
|
# @!attribute [rw] vulnerability
|
116
118
|
# @return [::Google::Cloud::SecurityCenter::V1::Vulnerability]
|
117
119
|
# Represents vulnerability-specific fields like CVE and CVSS scores.
|
@@ -130,17 +132,16 @@ module Google
|
|
130
132
|
# See: https://attack.mitre.org
|
131
133
|
# @!attribute [rw] access
|
132
134
|
# @return [::Google::Cloud::SecurityCenter::V1::Access]
|
133
|
-
# Access details associated
|
134
|
-
# caller, which method was accessed, from where
|
135
|
+
# Access details associated with the finding, such as more information on the
|
136
|
+
# caller, which method was accessed, and from where.
|
135
137
|
# @!attribute [rw] connections
|
136
138
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Connection>]
|
137
139
|
# Contains information about the IP connection associated with the finding.
|
138
140
|
# @!attribute [rw] mute_initiator
|
139
141
|
# @return [::String]
|
140
|
-
#
|
141
|
-
# mute
|
142
|
-
#
|
143
|
-
# shouldn't set the value of mute.
|
142
|
+
# Records additional information about the mute operation, for example, the
|
143
|
+
# [mute configuration](/security-command-center/docs/how-to-mute-findings)
|
144
|
+
# that muted the finding and the user who muted the finding.
|
144
145
|
# @!attribute [rw] processes
|
145
146
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Process>]
|
146
147
|
# Represents operating system processes associated with the Finding.
|
@@ -173,16 +174,16 @@ module Google
|
|
173
174
|
# "Event Threat Detection" or "Security Health Analytics".
|
174
175
|
# @!attribute [rw] description
|
175
176
|
# @return [::String]
|
176
|
-
# Contains more
|
177
|
+
# Contains more details about the finding.
|
177
178
|
# @!attribute [rw] exfiltration
|
178
179
|
# @return [::Google::Cloud::SecurityCenter::V1::Exfiltration]
|
179
|
-
# Represents
|
180
|
+
# Represents exfiltrations associated with the finding.
|
180
181
|
# @!attribute [rw] iam_bindings
|
181
182
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
|
182
|
-
# Represents IAM bindings associated with the
|
183
|
+
# Represents IAM bindings associated with the finding.
|
183
184
|
# @!attribute [rw] next_steps
|
184
185
|
# @return [::String]
|
185
|
-
#
|
186
|
+
# Steps to address the finding.
|
186
187
|
# @!attribute [rw] module_name
|
187
188
|
# @return [::String]
|
188
189
|
# Unique identifier of the module which generated the finding.
|
@@ -190,8 +191,8 @@ module Google
|
|
190
191
|
# folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
|
191
192
|
# @!attribute [rw] containers
|
192
193
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
|
193
|
-
# Containers associated with the finding.
|
194
|
-
#
|
194
|
+
# Containers associated with the finding. This field provides information for
|
195
|
+
# both Kubernetes and non-Kubernetes containers.
|
195
196
|
# @!attribute [rw] kubernetes
|
196
197
|
# @return [::Google::Cloud::SecurityCenter::V1::Kubernetes]
|
197
198
|
# Kubernetes resources associated with the finding.
|
@@ -201,9 +202,16 @@ module Google
|
|
201
202
|
# @!attribute [rw] files
|
202
203
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::File>]
|
203
204
|
# File associated with the finding.
|
205
|
+
# @!attribute [rw] cloud_dlp_inspection
|
206
|
+
# @return [::Google::Cloud::SecurityCenter::V1::CloudDlpInspection]
|
207
|
+
# Cloud Data Loss Prevention (Cloud DLP) inspection results that are
|
208
|
+
# associated with the finding.
|
209
|
+
# @!attribute [rw] cloud_dlp_data_profile
|
210
|
+
# @return [::Google::Cloud::SecurityCenter::V1::CloudDlpDataProfile]
|
211
|
+
# Cloud DLP data profile that is associated with the finding.
|
204
212
|
# @!attribute [rw] kernel_rootkit
|
205
213
|
# @return [::Google::Cloud::SecurityCenter::V1::KernelRootkit]
|
206
|
-
#
|
214
|
+
# Signature of the kernel rootkit.
|
207
215
|
class Finding
|
208
216
|
include ::Google::Protobuf::MessageExts
|
209
217
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -259,7 +267,8 @@ module Google
|
|
259
267
|
# exploitable, and results in the direct ability to execute arbitrary code,
|
260
268
|
# exfiltrate data, and otherwise gain additional access and privileges to
|
261
269
|
# cloud resources and workloads. Examples include publicly accessible
|
262
|
-
# unprotected user data
|
270
|
+
# unprotected user data and public SSH access with weak or no
|
271
|
+
# passwords.
|
263
272
|
#
|
264
273
|
# Threat:
|
265
274
|
# Indicates a threat that is able to access, modify, or delete data or
|
@@ -130,7 +130,7 @@ module Google
|
|
130
130
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
131
131
|
end
|
132
132
|
|
133
|
-
# Request message for creating
|
133
|
+
# Request message for creating Security Health Analytics custom modules.
|
134
134
|
# @!attribute [rw] parent
|
135
135
|
# @return [::String]
|
136
136
|
# Required. Resource name of the new custom module's parent. Its format is
|
@@ -185,7 +185,7 @@ module Google
|
|
185
185
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
186
186
|
end
|
187
187
|
|
188
|
-
# Request message for deleting
|
188
|
+
# Request message for deleting Security Health Analytics custom modules.
|
189
189
|
# @!attribute [rw] name
|
190
190
|
# @return [::String]
|
191
191
|
# Required. Name of the custom module to delete. Its format is
|
@@ -244,7 +244,7 @@ module Google
|
|
244
244
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
245
245
|
end
|
246
246
|
|
247
|
-
# Request message for getting effective
|
247
|
+
# Request message for getting effective Security Health Analytics custom
|
248
248
|
# modules.
|
249
249
|
# @!attribute [rw] name
|
250
250
|
# @return [::String]
|
@@ -258,7 +258,7 @@ module Google
|
|
258
258
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
259
259
|
end
|
260
260
|
|
261
|
-
# Request message for getting
|
261
|
+
# Request message for getting Security Health Analytics custom modules.
|
262
262
|
# @!attribute [rw] name
|
263
263
|
# @return [::String]
|
264
264
|
# Required. Name of the custom module to get. Its format is
|
@@ -625,7 +625,7 @@ module Google
|
|
625
625
|
end
|
626
626
|
end
|
627
627
|
|
628
|
-
# Request message for listing descendant
|
628
|
+
# Request message for listing descendant Security Health Analytics custom
|
629
629
|
# modules.
|
630
630
|
# @!attribute [rw] parent
|
631
631
|
# @return [::String]
|
@@ -645,7 +645,7 @@ module Google
|
|
645
645
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
646
646
|
end
|
647
647
|
|
648
|
-
# Response message for listing descendant
|
648
|
+
# Response message for listing descendant Security Health Analytics custom
|
649
649
|
# modules.
|
650
650
|
# @!attribute [rw] security_health_analytics_custom_modules
|
651
651
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::SecurityHealthAnalyticsCustomModule>]
|
@@ -730,7 +730,7 @@ module Google
|
|
730
730
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
731
731
|
end
|
732
732
|
|
733
|
-
# Request message for listing effective
|
733
|
+
# Request message for listing effective Security Health Analytics custom
|
734
734
|
# modules.
|
735
735
|
# @!attribute [rw] parent
|
736
736
|
# @return [::String]
|
@@ -750,7 +750,7 @@ module Google
|
|
750
750
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
751
751
|
end
|
752
752
|
|
753
|
-
# Response message for listing effective
|
753
|
+
# Response message for listing effective Security Health Analytics custom
|
754
754
|
# modules.
|
755
755
|
# @!attribute [rw] effective_security_health_analytics_custom_modules
|
756
756
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::EffectiveSecurityHealthAnalyticsCustomModule>]
|
@@ -764,7 +764,7 @@ module Google
|
|
764
764
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
765
765
|
end
|
766
766
|
|
767
|
-
# Request message for listing
|
767
|
+
# Request message for listing Security Health Analytics custom modules.
|
768
768
|
# @!attribute [rw] parent
|
769
769
|
# @return [::String]
|
770
770
|
# Required. Name of parent to list custom modules. Its format is
|
@@ -783,7 +783,7 @@ module Google
|
|
783
783
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
784
784
|
end
|
785
785
|
|
786
|
-
# Response message for listing
|
786
|
+
# Response message for listing Security Health Analytics custom modules.
|
787
787
|
# @!attribute [rw] security_health_analytics_custom_modules
|
788
788
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::SecurityHealthAnalyticsCustomModule>]
|
789
789
|
# Custom modules belonging to the requested parent.
|
@@ -1396,7 +1396,7 @@ module Google
|
|
1396
1396
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1397
1397
|
end
|
1398
1398
|
|
1399
|
-
# Request message for updating
|
1399
|
+
# Request message for updating Security Health Analytics custom modules.
|
1400
1400
|
# @!attribute [rw] security_health_analytics_custom_module
|
1401
1401
|
# @return [::Google::Cloud::SecurityCenter::V1::SecurityHealthAnalyticsCustomModule]
|
1402
1402
|
# Required. The SecurityHealthAnalytics custom module to update.
|
@@ -43,8 +43,12 @@ module Google
|
|
43
43
|
# if (any.is(Foo.class)) {
|
44
44
|
# foo = any.unpack(Foo.class);
|
45
45
|
# }
|
46
|
+
# // or ...
|
47
|
+
# if (any.isSameTypeAs(Foo.getDefaultInstance())) {
|
48
|
+
# foo = any.unpack(Foo.getDefaultInstance());
|
49
|
+
# }
|
46
50
|
#
|
47
|
-
#
|
51
|
+
# Example 3: Pack and unpack a message in Python.
|
48
52
|
#
|
49
53
|
# foo = Foo(...)
|
50
54
|
# any = Any()
|
@@ -54,7 +58,7 @@ module Google
|
|
54
58
|
# any.Unpack(foo)
|
55
59
|
# ...
|
56
60
|
#
|
57
|
-
#
|
61
|
+
# Example 4: Pack and unpack a message in Go
|
58
62
|
#
|
59
63
|
# foo := &pb.Foo{...}
|
60
64
|
# any, err := anypb.New(foo)
|
@@ -73,9 +77,8 @@ module Google
|
|
73
77
|
# in the type URL, for example "foo.bar.com/x/y.z" will yield type
|
74
78
|
# name "y.z".
|
75
79
|
#
|
76
|
-
#
|
77
80
|
# JSON
|
78
|
-
#
|
81
|
+
# ====
|
79
82
|
# The JSON representation of an `Any` value uses the regular
|
80
83
|
# representation of the deserialized, embedded message, with an
|
81
84
|
# additional field `@type` which contains the type URL. Example:
|
@@ -87,7 +87,7 @@ module Google
|
|
87
87
|
# `NullValue` is a singleton enumeration to represent the null value for the
|
88
88
|
# `Value` type union.
|
89
89
|
#
|
90
|
-
#
|
90
|
+
# The JSON representation for `NullValue` is JSON `null`.
|
91
91
|
module NullValue
|
92
92
|
# Null value.
|
93
93
|
NULL_VALUE = 0
|
@@ -69,7 +69,6 @@ module Google
|
|
69
69
|
# Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000)
|
70
70
|
# .setNanos((int) ((millis % 1000) * 1000000)).build();
|
71
71
|
#
|
72
|
-
#
|
73
72
|
# Example 5: Compute Timestamp from Java `Instant.now()`.
|
74
73
|
#
|
75
74
|
# Instant now = Instant.now();
|
@@ -78,7 +77,6 @@ module Google
|
|
78
77
|
# Timestamp.newBuilder().setSeconds(now.getEpochSecond())
|
79
78
|
# .setNanos(now.getNano()).build();
|
80
79
|
#
|
81
|
-
#
|
82
80
|
# Example 6: Compute Timestamp from current time in Python.
|
83
81
|
#
|
84
82
|
# timestamp = Timestamp()
|
@@ -108,7 +106,7 @@ module Google
|
|
108
106
|
# [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with
|
109
107
|
# the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use
|
110
108
|
# the Joda Time's [`ISODateTimeFormat.dateTime()`](
|
111
|
-
# http://
|
109
|
+
# http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime()
|
112
110
|
# ) to obtain a formatter capable of generating timestamps in this format.
|
113
111
|
# @!attribute [rw] seconds
|
114
112
|
# @return [::Integer]
|