google-cloud-security_center-v1 0.35.0 → 0.37.0

data/proto_docs/google/cloud/securitycenter/v1/file.rb

@@ -45,9 +45,26 @@ module Google
         # @!attribute [rw] contents
         #   @return [::String]
         #     Prefix of the file contents as a JSON-encoded string.
+        # @!attribute [rw] disk_path
+        #   @return [::Google::Cloud::SecurityCenter::V1::File::DiskPath]
+        #     Path of the file in terms of underlying disk/partition identifiers.
         class File
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Path of the file in terms of underlying disk/partition identifiers.
+          # @!attribute [rw] partition_uuid
+          #   @return [::String]
+          #     UUID of the partition (format
+          #     https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid)
+          # @!attribute [rw] relative_path
+          #   @return [::String]
+          #     Relative path of the file in the partition as a JSON encoded string.
+          #     Example: /home/user1/executable_file.sh
+          class DiskPath
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
         end
       end
     end

data/proto_docs/google/cloud/securitycenter/v1/finding.rb

@@ -212,9 +212,21 @@ module Google
         # @!attribute [rw] kernel_rootkit
         #   @return [::Google::Cloud::SecurityCenter::V1::KernelRootkit]
         #     Signature of the kernel rootkit.
+        # @!attribute [rw] org_policies
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::OrgPolicy>]
+        #     Contains information about the org policies associated with the finding.
         # @!attribute [rw] application
         #   @return [::Google::Cloud::SecurityCenter::V1::Application]
         #     Represents an application associated with the finding.
+        # @!attribute [rw] backup_disaster_recovery
+        #   @return [::Google::Cloud::SecurityCenter::V1::BackupDisasterRecovery]
+        #     Fields related to Backup and DR findings.
+        # @!attribute [rw] log_entries
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::LogEntry>]
+        #     Log entries that are relevant to the finding.
+        # @!attribute [rw] load_balancers
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::LoadBalancer>]
+        #     The load balancers associated with the finding.
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/indicator.rb

@@ -50,6 +50,9 @@ module Google
           # @!attribute [rw] yara_rule_signature
           #   @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::YaraRuleSignature]
           #     Signature indicating that a YARA rule was matched.
+          # @!attribute [rw] signature_type
+          #   @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::SignatureType]
+          #     Describes the type of resource associated with the signature.
           class ProcessSignature
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -89,6 +92,18 @@ module Google
               include ::Google::Protobuf::MessageExts
               extend ::Google::Protobuf::MessageExts::ClassMethods
             end
+
+            # Possible resource types to be associated with a signature.
+            module SignatureType
+              # The default signature type.
+              SIGNATURE_TYPE_UNSPECIFIED = 0
+
+              # Used for signatures concerning processes.
+              SIGNATURE_TYPE_PROCESS = 1
+
+              # Used for signatures concerning disks.
+              SIGNATURE_TYPE_FILE = 2
+            end
           end
         end
       end

data/proto_docs/google/cloud/securitycenter/v1/kubernetes.rb

@@ -52,6 +52,9 @@ module Google
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>]
         #     Provides information on any Kubernetes access reviews (privilege checks)
         #     relevant to the finding.
+        # @!attribute [rw] objects
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Object>]
+        #     Kubernetes objects related to the finding.
         class Kubernetes
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -205,6 +208,32 @@ module Google
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
+
+          # Kubernetes object related to the finding, uniquely identified by GKNN.
+          # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
+          # AccessReview.
+          # @!attribute [rw] group
+          #   @return [::String]
+          #     Kubernetes object group, such as "policy.k8s.io/v1".
+          # @!attribute [rw] kind
+          #   @return [::String]
+          #     Kubernetes object kind, such as "Namespace".
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Kubernetes object namespace. Must be a valid DNS label. Named
+          #     "ns" to avoid collision with C++ namespace keyword. For details see
+          #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes object name. For details see
+          #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
+          # @!attribute [rw] containers
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
+          #     Pod containers associated with this finding, if any.
+          class Object
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
         end
       end
     end

data/proto_docs/google/cloud/securitycenter/v1/load_balancer.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Contains information related to the load balancer associated with the
+        # finding.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The name of the load balancer associated with the finding.
+        class LoadBalancer
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/log_entry.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # An individual entry in a log.
+        # @!attribute [rw] cloud_logging_entry
+        #   @return [::Google::Cloud::SecurityCenter::V1::CloudLoggingEntry]
+        #     An individual entry in a log stored in Cloud Logging.
+        class LogEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Metadata taken from a [Cloud Logging
+        # LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry)
+        # @!attribute [rw] insert_id
+        #   @return [::String]
+        #     A unique identifier for the log entry.
+        # @!attribute [rw] log_id
+        #   @return [::String]
+        #     The type of the log (part of `log_name`. `log_name` is the resource name of
+        #     the log to which this log entry belongs). For example:
+        #     `cloudresourcemanager.googleapis.com/activity`. Note that this field is not
+        #     URL-encoded, unlike the `LOG_ID` field in `LogEntry`.
+        # @!attribute [rw] resource_container
+        #   @return [::String]
+        #     The organization, folder, or project of the monitored resource that
+        #     produced this log entry.
+        # @!attribute [rw] timestamp
+        #   @return [::Google::Protobuf::Timestamp]
+        #     The time the event described by the log entry occurred.
+        class CloudLoggingEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb

@@ -99,24 +99,28 @@ module Google
 
           # MITRE ATT&CK techniques that can be referenced by SCC findings.
           # See: https://attack.mitre.org/techniques/enterprise/
+          # Next ID: 59
           module Technique
             # Unspecified value.
             TECHNIQUE_UNSPECIFIED = 0
 
-            # T1595
-            ACTIVE_SCANNING = 1
+            # T1036
+            MASQUERADING = 49
 
-            # T1595.001
-            SCANNING_IP_BLOCKS = 2
+            # T1036.005
+            MATCH_LEGITIMATE_NAME_OR_LOCATION = 50
 
-            # T1105
-            INGRESS_TOOL_TRANSFER = 3
+            # T1037
+            BOOT_OR_LOGON_INITIALIZATION_SCRIPTS = 37
 
-            # T1106
-            NATIVE_API = 4
+            # T1037.005
+            STARTUP_ITEMS = 38
 
-            # T1129
-            SHARED_MODULES = 5
+            # T1046
+            NETWORK_SERVICE_DISCOVERY = 32
+
+            # T1057
+            PROCESS_DISCOVERY = 56
 
             # T1059
             COMMAND_AND_SCRIPTING_INTERPRETER = 6
@@ -124,89 +128,155 @@ module Google
             # T1059.004
             UNIX_SHELL = 7
 
-            # T1496
-            RESOURCE_HIJACKING = 8
-
-            # T1090
-            PROXY = 9
+            # T1069
+            PERMISSION_GROUPS_DISCOVERY = 18
 
-            # T1090.002
-            EXTERNAL_PROXY = 10
+            # T1069.003
+            CLOUD_GROUPS = 19
 
-            # T1090.003
-            MULTI_HOP_PROXY = 11
+            # T1071
+            APPLICATION_LAYER_PROTOCOL = 45
 
-            # T1568
-            DYNAMIC_RESOLUTION = 12
+            # T1071.004
+            DNS = 46
 
-            # T1552
-            UNSECURED_CREDENTIALS = 13
+            # T1072
+            SOFTWARE_DEPLOYMENT_TOOLS = 47
 
             # T1078
             VALID_ACCOUNTS = 14
 
+            # T1078.001
+            DEFAULT_ACCOUNTS = 35
+
             # T1078.003
             LOCAL_ACCOUNTS = 15
 
             # T1078.004
             CLOUD_ACCOUNTS = 16
 
-            # T1498
-            NETWORK_DENIAL_OF_SERVICE = 17
-
-            # T1069
-            PERMISSION_GROUPS_DISCOVERY = 18
-
-            # T1069.003
-            CLOUD_GROUPS = 19
+            # T1090
+            PROXY = 9
 
-            # T1567
-            EXFILTRATION_OVER_WEB_SERVICE = 20
+            # T1090.002
+            EXTERNAL_PROXY = 10
 
-            # T1567.002
-            EXFILTRATION_TO_CLOUD_STORAGE = 21
+            # T1090.003
+            MULTI_HOP_PROXY = 11
 
             # T1098
             ACCOUNT_MANIPULATION = 22
 
+            # T1098.001
+            ADDITIONAL_CLOUD_CREDENTIALS = 40
+
             # T1098.004
             SSH_AUTHORIZED_KEYS = 23
 
-            # T1543
-            CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
+            # T1098.006
+            ADDITIONAL_CONTAINER_CLUSTER_ROLES = 58
 
-            # T1539
-            STEAL_WEB_SESSION_COOKIE = 25
+            # T1105
+            INGRESS_TOOL_TRANSFER = 3
 
-            # T1578
-            MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
+            # T1106
+            NATIVE_API = 4
+
+            # T1110
+            BRUTE_FORCE = 44
+
+            # T1129
+            SHARED_MODULES = 5
+
+            # T1134
+            ACCESS_TOKEN_MANIPULATION = 33
+
+            # T1134.001
+            TOKEN_IMPERSONATION_OR_THEFT = 39
 
             # T1190
             EXPLOIT_PUBLIC_FACING_APPLICATION = 27
 
-            # T1556
-            MODIFY_AUTHENTICATION_PROCESS = 28
+            # T1484
+            DOMAIN_POLICY_MODIFICATION = 30
 
             # T1485
             DATA_DESTRUCTION = 29
 
-            # T1484
-            DOMAIN_POLICY_MODIFICATION = 30
+            # T1489
+            SERVICE_STOP = 52
 
-            # T1562
-            IMPAIR_DEFENSES = 31
+            # T1490
+            INHIBIT_SYSTEM_RECOVERY = 36
 
-            # T1046
-            NETWORK_SERVICE_DISCOVERY = 32
+            # T1496
+            RESOURCE_HIJACKING = 8
 
-            # T1134
-            ACCESS_TOKEN_MANIPULATION = 33
+            # T1498
+            NETWORK_DENIAL_OF_SERVICE = 17
+
+            # T1526
+            CLOUD_SERVICE_DISCOVERY = 48
+
+            # T1528
+            STEAL_APPLICATION_ACCESS_TOKEN = 42
+
+            # T1531
+            ACCOUNT_ACCESS_REMOVAL = 51
+
+            # T1539
+            STEAL_WEB_SESSION_COOKIE = 25
+
+            # T1543
+            CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
 
             # T1548
             ABUSE_ELEVATION_CONTROL_MECHANISM = 34
 
-            # T1078.001
-            DEFAULT_ACCOUNTS = 35
+            # T1552
+            UNSECURED_CREDENTIALS = 13
+
+            # T1556
+            MODIFY_AUTHENTICATION_PROCESS = 28
+
+            # T1562
+            IMPAIR_DEFENSES = 31
+
+            # T1562.001
+            DISABLE_OR_MODIFY_TOOLS = 55
+
+            # T1567
+            EXFILTRATION_OVER_WEB_SERVICE = 20
+
+            # T1567.002
+            EXFILTRATION_TO_CLOUD_STORAGE = 21
+
+            # T1568
+            DYNAMIC_RESOLUTION = 12
+
+            # T1570
+            LATERAL_TOOL_TRANSFER = 41
+
+            # T1578
+            MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
+
+            # T1578.001
+            CREATE_SNAPSHOT = 54
+
+            # T1580
+            CLOUD_INFRASTRUCTURE_DISCOVERY = 53
+
+            # T1588
+            OBTAIN_CAPABILITIES = 43
+
+            # T1595
+            ACTIVE_SCANNING = 1
+
+            # T1595.001
+            SCANNING_IP_BLOCKS = 2
+
+            # T1613
+            CONTAINER_AND_RESOURCE_DISCOVERY = 57
           end
         end
       end

data/proto_docs/google/cloud/securitycenter/v1/org_policy.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Contains information about the org policies associated with the finding.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The resource name of the org policy.
+        #     Example:
+        #     "organizations/\\{organization_id}/policies/\\{constraint_name}"
+        class OrgPolicy
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/source.rb

@@ -49,9 +49,9 @@ module Google
         #     outdated or insecure libraries."
         # @!attribute [rw] canonical_name
         #   @return [::String]
-        #     The canonical name of the finding. It's either
+        #     The canonical name of the finding source. It's either
         #     "organizations/\\{organization_id}/sources/\\{source_id}",
-        #     "folders/\\{folder_id}/sources/\\{source_id}" or
+        #     "folders/\\{folder_id}/sources/\\{source_id}", or
         #     "projects/\\{project_number}/sources/\\{source_id}",
         #     depending on the closest CRM ancestor of the resource associated with the
         #     finding.