google-cloud-security_center-v1 0.37.0 → 0.38.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/container_pb.rb +3 -1
- data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +8 -1
- data/proto_docs/google/cloud/securitycenter/v1/container.rb +3 -0
- data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +105 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4a40fc2f2ccdd6590080165e8856a0e9c83cc5a69a054a2b0b8dfb6ac93bba8c
|
4
|
+
data.tar.gz: c436b6dcaf01c31343382ae10e8846412bef2e995999b7e45584fe7df1bdca53
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6a292ba2697b79e7716a4721f5b787e812af4d4705e6235f8bd21a87bddb671158d1a553ea72b2d50ab3b75ee61938747b9e65fff3117dfbb7cd7644c94be025
|
7
|
+
data.tar.gz: a709c15e723cdd32fd7fba7c16b08158780d2196af4afde1a388300416b7869d2be7347e9d029f44cb84ce5cbdf200732ae23fcbfe6720835b4599a502d4702c
|
@@ -5,9 +5,10 @@
|
|
5
5
|
require 'google/protobuf'
|
6
6
|
|
7
7
|
require 'google/cloud/securitycenter/v1/label_pb'
|
8
|
+
require 'google/protobuf/timestamp_pb'
|
8
9
|
|
9
10
|
|
10
|
-
descriptor_data = "\n.google/cloud/securitycenter/v1/container.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a*google/cloud/securitycenter/v1/label.proto\"
|
11
|
+
descriptor_data = "\n.google/cloud/securitycenter/v1/container.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a*google/cloud/securitycenter/v1/label.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xa0\x01\n\tContainer\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0b\n\x03uri\x18\x02 \x01(\t\x12\x10\n\x08image_id\x18\x03 \x01(\t\x12\x35\n\x06labels\x18\x04 \x03(\x0b\x32%.google.cloud.securitycenter.v1.Label\x12/\n\x0b\x63reate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\xe8\x01\n\"com.google.cloud.securitycenter.v1B\x0e\x43ontainerProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
11
12
|
|
12
13
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
13
14
|
|
@@ -23,6 +24,7 @@ rescue TypeError
|
|
23
24
|
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
24
25
|
imports = [
|
25
26
|
["google.cloud.securitycenter.v1.Label", "google/cloud/securitycenter/v1/label.proto"],
|
27
|
+
["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"],
|
26
28
|
]
|
27
29
|
imports.each do |type_name, expected_filename|
|
28
30
|
import_file = pool.lookup(type_name).file_descriptor
|
@@ -4,8 +4,10 @@
|
|
4
4
|
|
5
5
|
require 'google/protobuf'
|
6
6
|
|
7
|
+
require 'google/protobuf/timestamp_pb'
|
7
8
|
|
8
|
-
|
9
|
+
|
10
|
+
descriptor_data = "\n2google/cloud/securitycenter/v1/vulnerability.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/protobuf/timestamp.proto\"\x92\x02\n\rVulnerability\x12\x30\n\x03\x63ve\x18\x01 \x01(\x0b\x32#.google.cloud.securitycenter.v1.Cve\x12\x42\n\x11offending_package\x18\x02 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.Package\x12>\n\rfixed_package\x18\x03 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.Package\x12K\n\x11security_bulletin\x18\x04 \x01(\x0b\x32\x30.google.cloud.securitycenter.v1.SecurityBulletin\"\xd0\x04\n\x03\x43ve\x12\n\n\x02id\x18\x01 \x01(\t\x12=\n\nreferences\x18\x02 \x03(\x0b\x32).google.cloud.securitycenter.v1.Reference\x12\x36\n\x06\x63vssv3\x18\x03 \x01(\x0b\x32&.google.cloud.securitycenter.v1.Cvssv3\x12\x1e\n\x16upstream_fix_available\x18\x04 \x01(\x08\x12>\n\x06impact\x18\x05 \x01(\x0e\x32..google.cloud.securitycenter.v1.Cve.RiskRating\x12W\n\x15\x65xploitation_activity\x18\x06 \x01(\x0e\x32\x38.google.cloud.securitycenter.v1.Cve.ExploitationActivity\x12\x1c\n\x14observed_in_the_wild\x18\x07 \x01(\x08\x12\x10\n\x08zero_day\x18\x08 \x01(\x08\"V\n\nRiskRating\x12\x1b\n\x17RISK_RATING_UNSPECIFIED\x10\x00\x12\x07\n\x03LOW\x10\x01\x12\n\n\x06MEDIUM\x10\x02\x12\x08\n\x04HIGH\x10\x03\x12\x0c\n\x08\x43RITICAL\x10\x04\"\x84\x01\n\x14\x45xploitationActivity\x12%\n!EXPLOITATION_ACTIVITY_UNSPECIFIED\x10\x00\x12\x08\n\x04WIDE\x10\x01\x12\r\n\tCONFIRMED\x10\x02\x12\r\n\tAVAILABLE\x10\x03\x12\x0f\n\x0b\x41NTICIPATED\x10\x04\x12\x0c\n\x08NO_KNOWN\x10\x05\"(\n\tReference\x12\x0e\n\x06source\x18\x01 \x01(\t\x12\x0b\n\x03uri\x18\x02 \x01(\t\"\xb1\n\n\x06\x43vssv3\x12\x12\n\nbase_score\x18\x01 \x01(\x01\x12J\n\rattack_vector\x18\x05 \x01(\x0e\x32\x33.google.cloud.securitycenter.v1.Cvssv3.AttackVector\x12R\n\x11\x61ttack_complexity\x18\x06 \x01(\x0e\x32\x37.google.cloud.securitycenter.v1.Cvssv3.AttackComplexity\x12V\n\x13privileges_required\x18\x07 \x01(\x0e\x32\x39.google.cloud.securitycenter.v1.Cvssv3.PrivilegesRequired\x12P\n\x10user_interaction\x18\x08 \x01(\x0e\x32\x36.google.cloud.securitycenter.v1.Cvssv3.UserInteraction\x12;\n\x05scope\x18\t \x01(\x0e\x32,.google.cloud.securitycenter.v1.Cvssv3.Scope\x12M\n\x16\x63onfidentiality_impact\x18\n \x01(\x0e\x32-.google.cloud.securitycenter.v1.Cvssv3.Impact\x12G\n\x10integrity_impact\x18\x0b \x01(\x0e\x32-.google.cloud.securitycenter.v1.Cvssv3.Impact\x12J\n\x13\x61vailability_impact\x18\x0c \x01(\x0e\x32-.google.cloud.securitycenter.v1.Cvssv3.Impact\"\x99\x01\n\x0c\x41ttackVector\x12\x1d\n\x19\x41TTACK_VECTOR_UNSPECIFIED\x10\x00\x12\x19\n\x15\x41TTACK_VECTOR_NETWORK\x10\x01\x12\x1a\n\x16\x41TTACK_VECTOR_ADJACENT\x10\x02\x12\x17\n\x13\x41TTACK_VECTOR_LOCAL\x10\x03\x12\x1a\n\x16\x41TTACK_VECTOR_PHYSICAL\x10\x04\"l\n\x10\x41ttackComplexity\x12!\n\x1d\x41TTACK_COMPLEXITY_UNSPECIFIED\x10\x00\x12\x19\n\x15\x41TTACK_COMPLEXITY_LOW\x10\x01\x12\x1a\n\x16\x41TTACK_COMPLEXITY_HIGH\x10\x02\"\x92\x01\n\x12PrivilegesRequired\x12#\n\x1fPRIVILEGES_REQUIRED_UNSPECIFIED\x10\x00\x12\x1c\n\x18PRIVILEGES_REQUIRED_NONE\x10\x01\x12\x1b\n\x17PRIVILEGES_REQUIRED_LOW\x10\x02\x12\x1c\n\x18PRIVILEGES_REQUIRED_HIGH\x10\x03\"m\n\x0fUserInteraction\x12 \n\x1cUSER_INTERACTION_UNSPECIFIED\x10\x00\x12\x19\n\x15USER_INTERACTION_NONE\x10\x01\x12\x1d\n\x19USER_INTERACTION_REQUIRED\x10\x02\"F\n\x05Scope\x12\x15\n\x11SCOPE_UNSPECIFIED\x10\x00\x12\x13\n\x0fSCOPE_UNCHANGED\x10\x01\x12\x11\n\rSCOPE_CHANGED\x10\x02\"R\n\x06Impact\x12\x16\n\x12IMPACT_UNSPECIFIED\x10\x00\x12\x0f\n\x0bIMPACT_HIGH\x10\x01\x12\x0e\n\nIMPACT_LOW\x10\x02\x12\x0f\n\x0bIMPACT_NONE\x10\x03\"_\n\x07Package\x12\x14\n\x0cpackage_name\x18\x01 \x01(\t\x12\x0f\n\x07\x63pe_uri\x18\x02 \x01(\t\x12\x14\n\x0cpackage_type\x18\x03 \x01(\t\x12\x17\n\x0fpackage_version\x18\x04 \x01(\t\"\x7f\n\x10SecurityBulletin\x12\x13\n\x0b\x62ulletin_id\x18\x01 \x01(\t\x12\x33\n\x0fsubmission_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12!\n\x19suggested_upgrade_version\x18\x03 \x01(\tB\xec\x01\n\"com.google.cloud.securitycenter.v1B\x12VulnerabilityProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
9
11
|
|
10
12
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
11
13
|
|
@@ -20,6 +22,7 @@ rescue TypeError
|
|
20
22
|
file = pool.add_serialized_file(serialized)
|
21
23
|
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
22
24
|
imports = [
|
25
|
+
["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"],
|
23
26
|
]
|
24
27
|
imports.each do |type_name, expected_filename|
|
25
28
|
import_file = pool.lookup(type_name).file_descriptor
|
@@ -37,6 +40,8 @@ module Google
|
|
37
40
|
module V1
|
38
41
|
Vulnerability = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Vulnerability").msgclass
|
39
42
|
Cve = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cve").msgclass
|
43
|
+
Cve::RiskRating = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cve.RiskRating").enummodule
|
44
|
+
Cve::ExploitationActivity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cve.ExploitationActivity").enummodule
|
40
45
|
Reference = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Reference").msgclass
|
41
46
|
Cvssv3 = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cvssv3").msgclass
|
42
47
|
Cvssv3::AttackVector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cvssv3.AttackVector").enummodule
|
@@ -45,6 +50,8 @@ module Google
|
|
45
50
|
Cvssv3::UserInteraction = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cvssv3.UserInteraction").enummodule
|
46
51
|
Cvssv3::Scope = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cvssv3.Scope").enummodule
|
47
52
|
Cvssv3::Impact = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Cvssv3.Impact").enummodule
|
53
|
+
Package = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Package").msgclass
|
54
|
+
SecurityBulletin = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.SecurityBulletin").msgclass
|
48
55
|
end
|
49
56
|
end
|
50
57
|
end
|
@@ -36,6 +36,9 @@ module Google
|
|
36
36
|
# @!attribute [rw] labels
|
37
37
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
|
38
38
|
# Container labels, as provided by the container runtime.
|
39
|
+
# @!attribute [rw] create_time
|
40
|
+
# @return [::Google::Protobuf::Timestamp]
|
41
|
+
# The time that the container was created.
|
39
42
|
class Container
|
40
43
|
include ::Google::Protobuf::MessageExts
|
41
44
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -26,13 +26,24 @@ module Google
|
|
26
26
|
# @return [::Google::Cloud::SecurityCenter::V1::Cve]
|
27
27
|
# CVE stands for Common Vulnerabilities and Exposures
|
28
28
|
# (https://cve.mitre.org/about/)
|
29
|
+
# @!attribute [rw] offending_package
|
30
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Package]
|
31
|
+
# The offending package is relevant to the finding.
|
32
|
+
# @!attribute [rw] fixed_package
|
33
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Package]
|
34
|
+
# The fixed package is relevant to the finding.
|
35
|
+
# @!attribute [rw] security_bulletin
|
36
|
+
# @return [::Google::Cloud::SecurityCenter::V1::SecurityBulletin]
|
37
|
+
# The security bulletin is relevant to this finding.
|
29
38
|
class Vulnerability
|
30
39
|
include ::Google::Protobuf::MessageExts
|
31
40
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
32
41
|
end
|
33
42
|
|
34
43
|
# CVE stands for Common Vulnerabilities and Exposures.
|
35
|
-
#
|
44
|
+
# Information from the [CVE
|
45
|
+
# record](https://www.cve.org/ResourcesSupport/Glossary) that describes this
|
46
|
+
# vulnerability.
|
36
47
|
# @!attribute [rw] id
|
37
48
|
# @return [::String]
|
38
49
|
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
@@ -47,9 +58,68 @@ module Google
|
|
47
58
|
# @!attribute [rw] upstream_fix_available
|
48
59
|
# @return [::Boolean]
|
49
60
|
# Whether upstream fix is available for the CVE.
|
61
|
+
# @!attribute [rw] impact
|
62
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Cve::RiskRating]
|
63
|
+
# The potential impact of the vulnerability if it was to be exploited.
|
64
|
+
# @!attribute [rw] exploitation_activity
|
65
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Cve::ExploitationActivity]
|
66
|
+
# The exploitation activity of the vulnerability in the wild.
|
67
|
+
# @!attribute [rw] observed_in_the_wild
|
68
|
+
# @return [::Boolean]
|
69
|
+
# Whether or not the vulnerability has been observed in the wild.
|
70
|
+
# @!attribute [rw] zero_day
|
71
|
+
# @return [::Boolean]
|
72
|
+
# Whether or not the vulnerability was zero day when the finding was
|
73
|
+
# published.
|
50
74
|
class Cve
|
51
75
|
include ::Google::Protobuf::MessageExts
|
52
76
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
77
|
+
|
78
|
+
# The possible values of impact of the vulnerability if it was to be
|
79
|
+
# exploited.
|
80
|
+
module RiskRating
|
81
|
+
# Invalid or empty value.
|
82
|
+
RISK_RATING_UNSPECIFIED = 0
|
83
|
+
|
84
|
+
# Exploitation would have little to no security impact.
|
85
|
+
LOW = 1
|
86
|
+
|
87
|
+
# Exploitation would enable attackers to perform activities, or could allow
|
88
|
+
# attackers to have a direct impact, but would require additional steps.
|
89
|
+
MEDIUM = 2
|
90
|
+
|
91
|
+
# Exploitation would enable attackers to have a notable direct impact
|
92
|
+
# without needing to overcome any major mitigating factors.
|
93
|
+
HIGH = 3
|
94
|
+
|
95
|
+
# Exploitation would fundamentally undermine the security of affected
|
96
|
+
# systems, enable actors to perform significant attacks with minimal
|
97
|
+
# effort, with little to no mitigating factors to overcome.
|
98
|
+
CRITICAL = 4
|
99
|
+
end
|
100
|
+
|
101
|
+
# The possible values of exploitation activity of the vulnerability in the
|
102
|
+
# wild.
|
103
|
+
module ExploitationActivity
|
104
|
+
# Invalid or empty value.
|
105
|
+
EXPLOITATION_ACTIVITY_UNSPECIFIED = 0
|
106
|
+
|
107
|
+
# Exploitation has been reported or confirmed to widely occur.
|
108
|
+
WIDE = 1
|
109
|
+
|
110
|
+
# Limited reported or confirmed exploitation activities.
|
111
|
+
CONFIRMED = 2
|
112
|
+
|
113
|
+
# Exploit is publicly available.
|
114
|
+
AVAILABLE = 3
|
115
|
+
|
116
|
+
# No known exploitation activity, but has a high potential for
|
117
|
+
# exploitation.
|
118
|
+
ANTICIPATED = 4
|
119
|
+
|
120
|
+
# No known exploitation activity.
|
121
|
+
NO_KNOWN = 5
|
122
|
+
end
|
53
123
|
end
|
54
124
|
|
55
125
|
# Additional Links
|
@@ -223,6 +293,40 @@ module Google
|
|
223
293
|
IMPACT_NONE = 3
|
224
294
|
end
|
225
295
|
end
|
296
|
+
|
297
|
+
# Package is a generic definition of a package.
|
298
|
+
# @!attribute [rw] package_name
|
299
|
+
# @return [::String]
|
300
|
+
# The name of the package where the vulnerability was detected.
|
301
|
+
# @!attribute [rw] cpe_uri
|
302
|
+
# @return [::String]
|
303
|
+
# The CPE URI where the vulnerability was detected.
|
304
|
+
# @!attribute [rw] package_type
|
305
|
+
# @return [::String]
|
306
|
+
# Type of package, for example, os, maven, or go.
|
307
|
+
# @!attribute [rw] package_version
|
308
|
+
# @return [::String]
|
309
|
+
# The version of the package.
|
310
|
+
class Package
|
311
|
+
include ::Google::Protobuf::MessageExts
|
312
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
313
|
+
end
|
314
|
+
|
315
|
+
# SecurityBulletin are notifications of vulnerabilities of Google products.
|
316
|
+
# @!attribute [rw] bulletin_id
|
317
|
+
# @return [::String]
|
318
|
+
# ID of the bulletin corresponding to the vulnerability.
|
319
|
+
# @!attribute [rw] submission_time
|
320
|
+
# @return [::Google::Protobuf::Timestamp]
|
321
|
+
# Submission time of this Security Bulletin.
|
322
|
+
# @!attribute [rw] suggested_upgrade_version
|
323
|
+
# @return [::String]
|
324
|
+
# This represents a version that the cluster receiving this notification
|
325
|
+
# should be upgraded to, based on its current version. For example, 1.15.0
|
326
|
+
class SecurityBulletin
|
327
|
+
include ::Google::Protobuf::MessageExts
|
328
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
329
|
+
end
|
226
330
|
end
|
227
331
|
end
|
228
332
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-security_center-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.38.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-03-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|