google-cloud-security_center-v1 0.3.4 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE.md +188 -190
- data/README.md +66 -2
- data/lib/google/cloud/security_center/v1.rb +3 -0
- data/lib/google/cloud/security_center/v1/security_center/client.rb +104 -95
- data/lib/google/cloud/security_center/v1/security_center/operations.rb +95 -10
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +1 -1
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +9 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +23 -23
- data/proto_docs/google/api/field_behavior.rb +6 -0
- data/proto_docs/google/api/resource.rb +50 -14
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +68 -3
- data/proto_docs/google/cloud/securitycenter/v1/notification_config.rb +2 -2
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +38 -35
- data/proto_docs/google/longrunning/operations.rb +17 -3
- data/proto_docs/google/protobuf/any.rb +5 -2
- data/proto_docs/google/protobuf/timestamp.rb +10 -1
- metadata +9 -7
@@ -111,7 +111,7 @@ module Google
|
|
111
111
|
# @return [::String]
|
112
112
|
def security_marks_path **args
|
113
113
|
resources = {
|
114
|
-
"asset:organization"
|
114
|
+
"asset:organization" => (proc do |organization:, asset:|
|
115
115
|
raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
|
116
116
|
|
117
117
|
"organizations/#{organization}/assets/#{asset}/securityMarks"
|
@@ -22,12 +22,20 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
22
22
|
optional :security_marks, :message, 8, "google.cloud.securitycenter.v1.SecurityMarks"
|
23
23
|
optional :event_time, :message, 9, "google.protobuf.Timestamp"
|
24
24
|
optional :create_time, :message, 10, "google.protobuf.Timestamp"
|
25
|
+
optional :severity, :enum, 12, "google.cloud.securitycenter.v1.Finding.Severity"
|
25
26
|
end
|
26
27
|
add_enum "google.cloud.securitycenter.v1.Finding.State" do
|
27
28
|
value :STATE_UNSPECIFIED, 0
|
28
29
|
value :ACTIVE, 1
|
29
30
|
value :INACTIVE, 2
|
30
31
|
end
|
32
|
+
add_enum "google.cloud.securitycenter.v1.Finding.Severity" do
|
33
|
+
value :SEVERITY_UNSPECIFIED, 0
|
34
|
+
value :CRITICAL, 1
|
35
|
+
value :HIGH, 2
|
36
|
+
value :MEDIUM, 3
|
37
|
+
value :LOW, 4
|
38
|
+
end
|
31
39
|
end
|
32
40
|
end
|
33
41
|
|
@@ -37,6 +45,7 @@ module Google
|
|
37
45
|
module V1
|
38
46
|
Finding = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding").msgclass
|
39
47
|
Finding::State = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding.State").enummodule
|
48
|
+
Finding::Severity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding.Severity").enummodule
|
40
49
|
end
|
41
50
|
end
|
42
51
|
end
|
@@ -34,67 +34,67 @@ module Google
|
|
34
34
|
self.service_name = 'google.cloud.securitycenter.v1.SecurityCenter'
|
35
35
|
|
36
36
|
# Creates a source.
|
37
|
-
rpc :CreateSource, Google::Cloud::SecurityCenter::V1::CreateSourceRequest, Google::Cloud::SecurityCenter::V1::Source
|
37
|
+
rpc :CreateSource, ::Google::Cloud::SecurityCenter::V1::CreateSourceRequest, ::Google::Cloud::SecurityCenter::V1::Source
|
38
38
|
# Creates a finding. The corresponding source must exist for finding creation
|
39
39
|
# to succeed.
|
40
|
-
rpc :CreateFinding, Google::Cloud::SecurityCenter::V1::CreateFindingRequest, Google::Cloud::SecurityCenter::V1::Finding
|
40
|
+
rpc :CreateFinding, ::Google::Cloud::SecurityCenter::V1::CreateFindingRequest, ::Google::Cloud::SecurityCenter::V1::Finding
|
41
41
|
# Creates a notification config.
|
42
|
-
rpc :CreateNotificationConfig, Google::Cloud::SecurityCenter::V1::CreateNotificationConfigRequest, Google::Cloud::SecurityCenter::V1::NotificationConfig
|
42
|
+
rpc :CreateNotificationConfig, ::Google::Cloud::SecurityCenter::V1::CreateNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1::NotificationConfig
|
43
43
|
# Deletes a notification config.
|
44
|
-
rpc :DeleteNotificationConfig, Google::Cloud::SecurityCenter::V1::DeleteNotificationConfigRequest, Google::Protobuf::Empty
|
44
|
+
rpc :DeleteNotificationConfig, ::Google::Cloud::SecurityCenter::V1::DeleteNotificationConfigRequest, ::Google::Protobuf::Empty
|
45
45
|
# Gets the access control policy on the specified Source.
|
46
|
-
rpc :GetIamPolicy, Google::Iam::V1::GetIamPolicyRequest, Google::Iam::V1::Policy
|
46
|
+
rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
|
47
47
|
# Gets a notification config.
|
48
|
-
rpc :GetNotificationConfig, Google::Cloud::SecurityCenter::V1::GetNotificationConfigRequest, Google::Cloud::SecurityCenter::V1::NotificationConfig
|
48
|
+
rpc :GetNotificationConfig, ::Google::Cloud::SecurityCenter::V1::GetNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1::NotificationConfig
|
49
49
|
# Gets the settings for an organization.
|
50
|
-
rpc :GetOrganizationSettings, Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest, Google::Cloud::SecurityCenter::V1::OrganizationSettings
|
50
|
+
rpc :GetOrganizationSettings, ::Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest, ::Google::Cloud::SecurityCenter::V1::OrganizationSettings
|
51
51
|
# Gets a source.
|
52
|
-
rpc :GetSource, Google::Cloud::SecurityCenter::V1::GetSourceRequest, Google::Cloud::SecurityCenter::V1::Source
|
52
|
+
rpc :GetSource, ::Google::Cloud::SecurityCenter::V1::GetSourceRequest, ::Google::Cloud::SecurityCenter::V1::Source
|
53
53
|
# Filters an organization's assets and groups them by their specified
|
54
54
|
# properties.
|
55
|
-
rpc :GroupAssets, Google::Cloud::SecurityCenter::V1::GroupAssetsRequest, Google::Cloud::SecurityCenter::V1::GroupAssetsResponse
|
55
|
+
rpc :GroupAssets, ::Google::Cloud::SecurityCenter::V1::GroupAssetsRequest, ::Google::Cloud::SecurityCenter::V1::GroupAssetsResponse
|
56
56
|
# Filters an organization or source's findings and groups them by their
|
57
57
|
# specified properties.
|
58
58
|
#
|
59
59
|
# To group across all sources provide a `-` as the source id.
|
60
60
|
# Example: /v1/organizations/{organization_id}/sources/-/findings
|
61
|
-
rpc :GroupFindings, Google::Cloud::SecurityCenter::V1::GroupFindingsRequest, Google::Cloud::SecurityCenter::V1::GroupFindingsResponse
|
61
|
+
rpc :GroupFindings, ::Google::Cloud::SecurityCenter::V1::GroupFindingsRequest, ::Google::Cloud::SecurityCenter::V1::GroupFindingsResponse
|
62
62
|
# Lists an organization's assets.
|
63
|
-
rpc :ListAssets, Google::Cloud::SecurityCenter::V1::ListAssetsRequest, Google::Cloud::SecurityCenter::V1::ListAssetsResponse
|
63
|
+
rpc :ListAssets, ::Google::Cloud::SecurityCenter::V1::ListAssetsRequest, ::Google::Cloud::SecurityCenter::V1::ListAssetsResponse
|
64
64
|
# Lists an organization or source's findings.
|
65
65
|
#
|
66
66
|
# To list across all sources provide a `-` as the source id.
|
67
67
|
# Example: /v1/organizations/{organization_id}/sources/-/findings
|
68
|
-
rpc :ListFindings, Google::Cloud::SecurityCenter::V1::ListFindingsRequest, Google::Cloud::SecurityCenter::V1::ListFindingsResponse
|
68
|
+
rpc :ListFindings, ::Google::Cloud::SecurityCenter::V1::ListFindingsRequest, ::Google::Cloud::SecurityCenter::V1::ListFindingsResponse
|
69
69
|
# Lists notification configs.
|
70
|
-
rpc :ListNotificationConfigs, Google::Cloud::SecurityCenter::V1::ListNotificationConfigsRequest, Google::Cloud::SecurityCenter::V1::ListNotificationConfigsResponse
|
70
|
+
rpc :ListNotificationConfigs, ::Google::Cloud::SecurityCenter::V1::ListNotificationConfigsRequest, ::Google::Cloud::SecurityCenter::V1::ListNotificationConfigsResponse
|
71
71
|
# Lists all sources belonging to an organization.
|
72
|
-
rpc :ListSources, Google::Cloud::SecurityCenter::V1::ListSourcesRequest, Google::Cloud::SecurityCenter::V1::ListSourcesResponse
|
72
|
+
rpc :ListSources, ::Google::Cloud::SecurityCenter::V1::ListSourcesRequest, ::Google::Cloud::SecurityCenter::V1::ListSourcesResponse
|
73
73
|
# Runs asset discovery. The discovery is tracked with a long-running
|
74
74
|
# operation.
|
75
75
|
#
|
76
76
|
# This API can only be called with limited frequency for an organization. If
|
77
77
|
# it is called too frequently the caller will receive a TOO_MANY_REQUESTS
|
78
78
|
# error.
|
79
|
-
rpc :RunAssetDiscovery, Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest, Google::Longrunning::Operation
|
79
|
+
rpc :RunAssetDiscovery, ::Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest, ::Google::Longrunning::Operation
|
80
80
|
# Updates the state of a finding.
|
81
|
-
rpc :SetFindingState, Google::Cloud::SecurityCenter::V1::SetFindingStateRequest, Google::Cloud::SecurityCenter::V1::Finding
|
81
|
+
rpc :SetFindingState, ::Google::Cloud::SecurityCenter::V1::SetFindingStateRequest, ::Google::Cloud::SecurityCenter::V1::Finding
|
82
82
|
# Sets the access control policy on the specified Source.
|
83
|
-
rpc :SetIamPolicy, Google::Iam::V1::SetIamPolicyRequest, Google::Iam::V1::Policy
|
83
|
+
rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
|
84
84
|
# Returns the permissions that a caller has on the specified source.
|
85
|
-
rpc :TestIamPermissions, Google::Iam::V1::TestIamPermissionsRequest, Google::Iam::V1::TestIamPermissionsResponse
|
85
|
+
rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
|
86
86
|
# Creates or updates a finding. The corresponding source must exist for a
|
87
87
|
# finding creation to succeed.
|
88
|
-
rpc :UpdateFinding, Google::Cloud::SecurityCenter::V1::UpdateFindingRequest, Google::Cloud::SecurityCenter::V1::Finding
|
88
|
+
rpc :UpdateFinding, ::Google::Cloud::SecurityCenter::V1::UpdateFindingRequest, ::Google::Cloud::SecurityCenter::V1::Finding
|
89
89
|
# Updates a notification config. The following update
|
90
90
|
# fields are allowed: description, pubsub_topic, streaming_config.filter
|
91
|
-
rpc :UpdateNotificationConfig, Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest, Google::Cloud::SecurityCenter::V1::NotificationConfig
|
91
|
+
rpc :UpdateNotificationConfig, ::Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1::NotificationConfig
|
92
92
|
# Updates an organization's settings.
|
93
|
-
rpc :UpdateOrganizationSettings, Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest, Google::Cloud::SecurityCenter::V1::OrganizationSettings
|
93
|
+
rpc :UpdateOrganizationSettings, ::Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest, ::Google::Cloud::SecurityCenter::V1::OrganizationSettings
|
94
94
|
# Updates a source.
|
95
|
-
rpc :UpdateSource, Google::Cloud::SecurityCenter::V1::UpdateSourceRequest, Google::Cloud::SecurityCenter::V1::Source
|
95
|
+
rpc :UpdateSource, ::Google::Cloud::SecurityCenter::V1::UpdateSourceRequest, ::Google::Cloud::SecurityCenter::V1::Source
|
96
96
|
# Updates security marks.
|
97
|
-
rpc :UpdateSecurityMarks, Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest, Google::Cloud::SecurityCenter::V1::SecurityMarks
|
97
|
+
rpc :UpdateSecurityMarks, ::Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest, ::Google::Cloud::SecurityCenter::V1::SecurityMarks
|
98
98
|
end
|
99
99
|
|
100
100
|
Stub = Service.rpc_stub_class
|
@@ -54,6 +54,12 @@ module Google
|
|
54
54
|
# This indicates that the field may be set once in a request to create a
|
55
55
|
# resource, but may not be changed thereafter.
|
56
56
|
IMMUTABLE = 5
|
57
|
+
|
58
|
+
# Denotes that a (repeated) field is an unordered list.
|
59
|
+
# This indicates that the service may provide the elements of the list
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
61
|
+
# provided. Additionally, the list's order may or may not be stable.
|
62
|
+
UNORDERED_LIST = 6
|
57
63
|
end
|
58
64
|
end
|
59
65
|
end
|
@@ -43,12 +43,12 @@ module Google
|
|
43
43
|
#
|
44
44
|
# The ResourceDescriptor Yaml config will look like:
|
45
45
|
#
|
46
|
-
#
|
47
|
-
#
|
48
|
-
#
|
49
|
-
#
|
50
|
-
#
|
51
|
-
#
|
46
|
+
# resources:
|
47
|
+
# - type: "pubsub.googleapis.com/Topic"
|
48
|
+
# name_descriptor:
|
49
|
+
# - pattern: "projects/{project}/topics/{topic}"
|
50
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
+
# parent_name_extractor: "projects/{project}"
|
52
52
|
#
|
53
53
|
# Sometimes, resources have multiple patterns, typically because they can
|
54
54
|
# live under multiple parents.
|
@@ -183,15 +183,24 @@ module Google
|
|
183
183
|
# }
|
184
184
|
# @!attribute [rw] plural
|
185
185
|
# @return [::String]
|
186
|
-
# The plural name used in the resource name, such as
|
187
|
-
# the name of 'projects/\\{project}'
|
188
|
-
#
|
186
|
+
# The plural name used in the resource name and permission names, such as
|
187
|
+
# 'projects' for the resource name of 'projects/\\{project}' and the permission
|
188
|
+
# name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
|
189
|
+
# concept of the `plural` field in k8s CRD spec
|
189
190
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
191
|
+
#
|
192
|
+
# Note: The plural form is required even for singleton resources. See
|
193
|
+
# https://aip.dev/156
|
190
194
|
# @!attribute [rw] singular
|
191
195
|
# @return [::String]
|
192
196
|
# The same concept of the `singular` field in k8s CRD spec
|
193
197
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
194
198
|
# Such as "project" for the `resourcemanager.googleapis.com/Project` type.
|
199
|
+
# @!attribute [rw] style
|
200
|
+
# @return [::Array<::Google::Api::ResourceDescriptor::Style>]
|
201
|
+
# Style flag(s) for this resource.
|
202
|
+
# These indicate that a resource is expected to conform to a given
|
203
|
+
# style. See the specific style flags for additional information.
|
195
204
|
class ResourceDescriptor
|
196
205
|
include ::Google::Protobuf::MessageExts
|
197
206
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -211,6 +220,22 @@ module Google
|
|
211
220
|
# that from being necessary once there are multiple patterns.)
|
212
221
|
FUTURE_MULTI_PATTERN = 2
|
213
222
|
end
|
223
|
+
|
224
|
+
# A flag representing a specific style that a resource claims to conform to.
|
225
|
+
module Style
|
226
|
+
# The unspecified value. Do not use.
|
227
|
+
STYLE_UNSPECIFIED = 0
|
228
|
+
|
229
|
+
# This resource is intended to be "declarative-friendly".
|
230
|
+
#
|
231
|
+
# Declarative-friendly resources must be more strictly consistent, and
|
232
|
+
# setting this to true communicates to tools that this resource should
|
233
|
+
# adhere to declarative-friendly expectations.
|
234
|
+
#
|
235
|
+
# Note: This is used by the API linter (linter.aip.dev) to enable
|
236
|
+
# additional checks.
|
237
|
+
DECLARATIVE_FRIENDLY = 1
|
238
|
+
end
|
214
239
|
end
|
215
240
|
|
216
241
|
# Defines a proto annotation that describes a string field that refers to
|
@@ -226,6 +251,17 @@ module Google
|
|
226
251
|
# type: "pubsub.googleapis.com/Topic"
|
227
252
|
# }];
|
228
253
|
# }
|
254
|
+
#
|
255
|
+
# Occasionally, a field may reference an arbitrary resource. In this case,
|
256
|
+
# APIs use the special value * in their resource reference.
|
257
|
+
#
|
258
|
+
# Example:
|
259
|
+
#
|
260
|
+
# message GetIamPolicyRequest {
|
261
|
+
# string resource = 2 [(google.api.resource_reference) = {
|
262
|
+
# type: "*"
|
263
|
+
# }];
|
264
|
+
# }
|
229
265
|
# @!attribute [rw] child_type
|
230
266
|
# @return [::String]
|
231
267
|
# The resource type of a child collection that the annotated field
|
@@ -234,11 +270,11 @@ module Google
|
|
234
270
|
#
|
235
271
|
# Example:
|
236
272
|
#
|
237
|
-
#
|
238
|
-
#
|
239
|
-
#
|
240
|
-
#
|
241
|
-
#
|
273
|
+
# message ListLogEntriesRequest {
|
274
|
+
# string parent = 1 [(google.api.resource_reference) = {
|
275
|
+
# child_type: "logging.googleapis.com/LogEntry"
|
276
|
+
# };
|
277
|
+
# }
|
242
278
|
class ResourceReference
|
243
279
|
include ::Google::Protobuf::MessageExts
|
244
280
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -75,12 +75,18 @@ module Google
|
|
75
75
|
# to the finding.
|
76
76
|
# @!attribute [rw] event_time
|
77
77
|
# @return [::Google::Protobuf::Timestamp]
|
78
|
-
# The time at which the event took place
|
79
|
-
# represents an open firewall it would
|
80
|
-
# the firewall became open. The
|
78
|
+
# The time at which the event took place, or when an update to the finding
|
79
|
+
# occurred. For example, if the finding represents an open firewall it would
|
80
|
+
# capture the time the detector believes the firewall became open. The
|
81
|
+
# accuracy is determined by the detector. If the finding were to be resolved
|
82
|
+
# afterward, this time would reflect when the finding was resolved.
|
81
83
|
# @!attribute [rw] create_time
|
82
84
|
# @return [::Google::Protobuf::Timestamp]
|
83
85
|
# The time at which the finding was created in Security Command Center.
|
86
|
+
# @!attribute [rw] severity
|
87
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Finding::Severity]
|
88
|
+
# The severity of the finding. This field is managed by the source that
|
89
|
+
# writes the finding.
|
84
90
|
class Finding
|
85
91
|
include ::Google::Protobuf::MessageExts
|
86
92
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -106,6 +112,65 @@ module Google
|
|
106
112
|
# and is no longer active.
|
107
113
|
INACTIVE = 2
|
108
114
|
end
|
115
|
+
|
116
|
+
# The severity of the finding.
|
117
|
+
module Severity
|
118
|
+
# This value is used for findings when a source doesn't write a severity
|
119
|
+
# value.
|
120
|
+
SEVERITY_UNSPECIFIED = 0
|
121
|
+
|
122
|
+
# Vulnerability:
|
123
|
+
# A critical vulnerability is easily discoverable by an external actor,
|
124
|
+
# exploitable, and results in the direct ability to execute arbitrary code,
|
125
|
+
# exfiltrate data, and otherwise gain additional access and privileges to
|
126
|
+
# cloud resources and workloads. Examples include publicly accessible
|
127
|
+
# unprotected user data, public SSH access with weak or no passwords, etc.
|
128
|
+
#
|
129
|
+
# Threat:
|
130
|
+
# Indicates a threat that is able to access, modify, or delete data or
|
131
|
+
# execute unauthorized code within existing resources.
|
132
|
+
CRITICAL = 1
|
133
|
+
|
134
|
+
# Vulnerability:
|
135
|
+
# A high risk vulnerability can be easily discovered and exploited in
|
136
|
+
# combination with other vulnerabilities in order to gain direct access and
|
137
|
+
# the ability to execute arbitrary code, exfiltrate data, and otherwise
|
138
|
+
# gain additional access and privileges to cloud resources and workloads.
|
139
|
+
# An example is a database with weak or no passwords that is only
|
140
|
+
# accessible internally. This database could easily be compromised by an
|
141
|
+
# actor that had access to the internal network.
|
142
|
+
#
|
143
|
+
# Threat:
|
144
|
+
# Indicates a threat that is able to create new computational resources in
|
145
|
+
# an environment but not able to access data or execute code in existing
|
146
|
+
# resources.
|
147
|
+
HIGH = 2
|
148
|
+
|
149
|
+
# Vulnerability:
|
150
|
+
# A medium risk vulnerability could be used by an actor to gain access to
|
151
|
+
# resources or privileges that enable them to eventually (through multiple
|
152
|
+
# steps or a complex exploit) gain access and the ability to execute
|
153
|
+
# arbitrary code or exfiltrate data. An example is a service account with
|
154
|
+
# access to more projects than it should have. If an actor gains access to
|
155
|
+
# the service account, they could potentially use that access to manipulate
|
156
|
+
# a project the service account was not intended to.
|
157
|
+
#
|
158
|
+
# Threat:
|
159
|
+
# Indicates a threat that is able to cause operational impact but may not
|
160
|
+
# access data or execute unauthorized code.
|
161
|
+
MEDIUM = 3
|
162
|
+
|
163
|
+
# Vulnerability:
|
164
|
+
# A low risk vulnerability hampers a security organization’s ability to
|
165
|
+
# detect vulnerabilities or active threats in their deployment, or prevents
|
166
|
+
# the root cause investigation of security issues. An example is monitoring
|
167
|
+
# and logs being disabled for resource configurations and access.
|
168
|
+
#
|
169
|
+
# Threat:
|
170
|
+
# Indicates a threat that has obtained minimal access to an environment but
|
171
|
+
# is not able to access data, execute code, or create resources.
|
172
|
+
LOW = 4
|
173
|
+
end
|
109
174
|
end
|
110
175
|
end
|
111
176
|
end
|
@@ -36,12 +36,12 @@ module Google
|
|
36
36
|
# The description of the notification config (max of 1024 characters).
|
37
37
|
# @!attribute [rw] pubsub_topic
|
38
38
|
# @return [::String]
|
39
|
-
# The
|
39
|
+
# The Pub/Sub topic to send notifications to. Its format is
|
40
40
|
# "projects/[project_id]/topics/[topic]".
|
41
41
|
# @!attribute [r] service_account
|
42
42
|
# @return [::String]
|
43
43
|
# Output only. The service account that needs "pubsub.topics.publish"
|
44
|
-
# permission to publish to the
|
44
|
+
# permission to publish to the Pub/Sub topic.
|
45
45
|
# @!attribute [rw] streaming_config
|
46
46
|
# @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig::StreamingConfig]
|
47
47
|
# The config for triggering streaming-based notifications.
|
@@ -33,8 +33,8 @@ module Google
|
|
33
33
|
# greater than 0 characters in length.
|
34
34
|
# @!attribute [rw] finding
|
35
35
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
36
|
-
# Required. The Finding being created. The name and security_marks will be
|
37
|
-
#
|
36
|
+
# Required. The Finding being created. The name and security_marks will be ignored as
|
37
|
+
# they are both output only fields on this resource.
|
38
38
|
class CreateFindingRequest
|
39
39
|
include ::Google::Protobuf::MessageExts
|
40
40
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -43,8 +43,8 @@ module Google
|
|
43
43
|
# Request message for creating a notification config.
|
44
44
|
# @!attribute [rw] parent
|
45
45
|
# @return [::String]
|
46
|
-
# Required. Resource name of the new notification config's parent. Its format
|
47
|
-
#
|
46
|
+
# Required. Resource name of the new notification config's parent. Its format is
|
47
|
+
# "organizations/[organization_id]".
|
48
48
|
# @!attribute [rw] config_id
|
49
49
|
# @return [::String]
|
50
50
|
# Required.
|
@@ -53,9 +53,8 @@ module Google
|
|
53
53
|
# characters, underscores or hyphens only.
|
54
54
|
# @!attribute [rw] notification_config
|
55
55
|
# @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
|
56
|
-
# Required. The notification config being created. The name and the service
|
57
|
-
#
|
58
|
-
# resource.
|
56
|
+
# Required. The notification config being created. The name and the service account
|
57
|
+
# will be ignored as they are both output only fields on this resource.
|
59
58
|
class CreateNotificationConfigRequest
|
60
59
|
include ::Google::Protobuf::MessageExts
|
61
60
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -68,8 +67,8 @@ module Google
|
|
68
67
|
# "organizations/[organization_id]".
|
69
68
|
# @!attribute [rw] source
|
70
69
|
# @return [::Google::Cloud::SecurityCenter::V1::Source]
|
71
|
-
# Required. The Source being created, only the display_name and description
|
72
|
-
#
|
70
|
+
# Required. The Source being created, only the display_name and description will be
|
71
|
+
# used. All other fields will be ignored.
|
73
72
|
class CreateSourceRequest
|
74
73
|
include ::Google::Protobuf::MessageExts
|
75
74
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -98,8 +97,8 @@ module Google
|
|
98
97
|
# Request message for getting organization settings.
|
99
98
|
# @!attribute [rw] name
|
100
99
|
# @return [::String]
|
101
|
-
# Required. Name of the organization to get organization settings for. Its
|
102
|
-
#
|
100
|
+
# Required. Name of the organization to get organization settings for. Its format is
|
101
|
+
# "organizations/[organization_id]/organizationSettings".
|
103
102
|
class GetOrganizationSettingsRequest
|
104
103
|
include ::Google::Protobuf::MessageExts
|
105
104
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -180,15 +179,15 @@ module Google
|
|
180
179
|
# For example, `resource_properties.size = 100` is a valid filter string.
|
181
180
|
#
|
182
181
|
# Use a partial match on the empty string to filter based on a property
|
183
|
-
# existing
|
182
|
+
# existing: `resource_properties.my_property : ""`
|
184
183
|
#
|
185
184
|
# Use a negated partial match on the empty string to filter based on a
|
186
185
|
# property not existing: `-resource_properties.my_property : ""`
|
187
186
|
# @!attribute [rw] group_by
|
188
187
|
# @return [::String]
|
189
|
-
# Required. Expression that defines what assets fields to use for grouping.
|
190
|
-
#
|
191
|
-
#
|
188
|
+
# Required. Expression that defines what assets fields to use for grouping. The string
|
189
|
+
# value should follow SQL syntax: comma separated list of fields. For
|
190
|
+
# example:
|
192
191
|
# "security_center_properties.resource_project,security_center_properties.project".
|
193
192
|
#
|
194
193
|
# The following fields are supported when compare_duration is not set:
|
@@ -316,6 +315,7 @@ module Google
|
|
316
315
|
# * category: `=`, `:`
|
317
316
|
# * external_uri: `=`, `:`
|
318
317
|
# * event_time: `=`, `>`, `<`, `>=`, `<=`
|
318
|
+
# * severity: `=`, `:`
|
319
319
|
#
|
320
320
|
# Usage: This should be milliseconds since epoch or an RFC3339 string.
|
321
321
|
# Examples:
|
@@ -334,9 +334,9 @@ module Google
|
|
334
334
|
# property not existing: `-source_properties.my_property : ""`
|
335
335
|
# @!attribute [rw] group_by
|
336
336
|
# @return [::String]
|
337
|
-
# Required. Expression that defines what assets fields to use for grouping
|
338
|
-
#
|
339
|
-
#
|
337
|
+
# Required. Expression that defines what assets fields to use for grouping (including
|
338
|
+
# `state_change`). The string value should follow SQL syntax: comma separated
|
339
|
+
# list of fields. For example: "parent,resource_name".
|
340
340
|
#
|
341
341
|
# The following fields are supported:
|
342
342
|
#
|
@@ -344,6 +344,7 @@ module Google
|
|
344
344
|
# * category
|
345
345
|
# * state
|
346
346
|
# * parent
|
347
|
+
# * severity
|
347
348
|
#
|
348
349
|
# The following fields are supported when compare_duration is set:
|
349
350
|
#
|
@@ -634,8 +635,9 @@ module Google
|
|
634
635
|
# read_time.
|
635
636
|
# @!attribute [rw] field_mask
|
636
637
|
# @return [::Google::Protobuf::FieldMask]
|
637
|
-
#
|
638
|
-
#
|
638
|
+
# A field mask to specify the ListAssetsResult fields to be listed in the
|
639
|
+
# response.
|
640
|
+
# An empty field mask will list all fields.
|
639
641
|
# @!attribute [rw] page_token
|
640
642
|
# @return [::String]
|
641
643
|
# The value returned by the last `ListAssetsResponse`; indicates
|
@@ -736,13 +738,14 @@ module Google
|
|
736
738
|
#
|
737
739
|
# The following field and operator combinations are supported:
|
738
740
|
#
|
739
|
-
# name: `=`
|
740
|
-
# parent: `=`, `:`
|
741
|
-
# resource_name: `=`, `:`
|
742
|
-
# state: `=`, `:`
|
743
|
-
# category: `=`, `:`
|
744
|
-
# external_uri: `=`, `:`
|
745
|
-
# event_time: `=`, `>`, `<`, `>=`, `<=`
|
741
|
+
# * name: `=`
|
742
|
+
# * parent: `=`, `:`
|
743
|
+
# * resource_name: `=`, `:`
|
744
|
+
# * state: `=`, `:`
|
745
|
+
# * category: `=`, `:`
|
746
|
+
# * external_uri: `=`, `:`
|
747
|
+
# * event_time: `=`, `>`, `<`, `>=`, `<=`
|
748
|
+
# * severity: `=`, `:`
|
746
749
|
#
|
747
750
|
# Usage: This should be milliseconds since epoch or an RFC3339 string.
|
748
751
|
# Examples:
|
@@ -819,8 +822,8 @@ module Google
|
|
819
822
|
# read_time.
|
820
823
|
# @!attribute [rw] field_mask
|
821
824
|
# @return [::Google::Protobuf::FieldMask]
|
822
|
-
#
|
823
|
-
#
|
825
|
+
# A field mask to specify the Finding fields to be listed in the response.
|
826
|
+
# An empty field mask will list all fields.
|
824
827
|
# @!attribute [rw] page_token
|
825
828
|
# @return [::String]
|
826
829
|
# The value returned by the last `ListFindingsResponse`; indicates
|
@@ -860,7 +863,7 @@ module Google
|
|
860
863
|
# @!attribute [rw] state_change
|
861
864
|
# @return [::Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult::StateChange]
|
862
865
|
# State change of the finding between the points in time.
|
863
|
-
# @!attribute [
|
866
|
+
# @!attribute [r] resource
|
864
867
|
# @return [::Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult::Resource]
|
865
868
|
# Output only. Resource that is associated with this finding.
|
866
869
|
class ListFindingsResult
|
@@ -941,8 +944,8 @@ module Google
|
|
941
944
|
# Request message for running asset discovery for an organization.
|
942
945
|
# @!attribute [rw] parent
|
943
946
|
# @return [::String]
|
944
|
-
# Required. Name of the organization to run asset discovery for. Its format
|
945
|
-
#
|
947
|
+
# Required. Name of the organization to run asset discovery for. Its format is
|
948
|
+
# "organizations/[organization_id]".
|
946
949
|
class RunAssetDiscoveryRequest
|
947
950
|
include ::Google::Protobuf::MessageExts
|
948
951
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -951,8 +954,8 @@ module Google
|
|
951
954
|
# Request message for updating or creating a finding.
|
952
955
|
# @!attribute [rw] finding
|
953
956
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
954
|
-
# Required. The finding resource to update or create if it does not already
|
955
|
-
#
|
957
|
+
# Required. The finding resource to update or create if it does not already exist.
|
958
|
+
# parent, security_marks, and update_time will be ignored.
|
956
959
|
#
|
957
960
|
# In the case of creation, the finding id portion of the name must be
|
958
961
|
# alphanumeric and less than or equal to 32 characters and greater than 0
|
@@ -993,7 +996,7 @@ module Google
|
|
993
996
|
# @return [::Google::Protobuf::FieldMask]
|
994
997
|
# The FieldMask to use when updating the settings resource.
|
995
998
|
#
|
996
|
-
#
|
999
|
+
# If empty all mutable fields will be updated.
|
997
1000
|
class UpdateOrganizationSettingsRequest
|
998
1001
|
include ::Google::Protobuf::MessageExts
|
999
1002
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|