google-cloud-security_center-v1 0.4.0 → 0.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE.md +188 -190
- data/README.md +66 -2
- data/lib/google/cloud/security_center/v1/security_center/client.rb +142 -105
- data/lib/google/cloud/security_center/v1/security_center/operations.rb +95 -10
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +175 -17
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +4 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/folder_pb.rb +24 -0
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/notification_message_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/resource_pb.rb +3 -0
- data/lib/google/cloud/securitycenter/v1/run_asset_discovery_response_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/security_marks_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +2 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +5 -2
- data/lib/google/cloud/securitycenter/v1/source_pb.rb +2 -1
- data/proto_docs/google/api/field_behavior.rb +6 -0
- data/proto_docs/google/cloud/securitycenter/v1/asset.rb +13 -2
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +10 -1
- data/proto_docs/google/cloud/securitycenter/v1/folder.rb +40 -0
- data/proto_docs/google/cloud/securitycenter/v1/organization_settings.rb +4 -0
- data/proto_docs/google/cloud/securitycenter/v1/resource.rb +5 -0
- data/proto_docs/google/cloud/securitycenter/v1/security_marks.rb +10 -0
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +77 -43
- data/proto_docs/google/cloud/securitycenter/v1/source.rb +8 -0
- data/proto_docs/google/longrunning/operations.rb +17 -3
- data/proto_docs/google/protobuf/any.rb +5 -2
- data/proto_docs/google/protobuf/timestamp.rb +10 -1
- metadata +23 -13
@@ -0,0 +1,24 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/cloud/securitycenter/v1/folder.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/annotations_pb'
|
7
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
8
|
+
add_file("google/cloud/securitycenter/v1/folder.proto", :syntax => :proto3) do
|
9
|
+
add_message "google.cloud.securitycenter.v1.Folder" do
|
10
|
+
optional :resource_folder, :string, 1
|
11
|
+
optional :resource_folder_display_name, :string, 2
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
module Google
|
17
|
+
module Cloud
|
18
|
+
module SecurityCenter
|
19
|
+
module V1
|
20
|
+
Folder = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Folder").msgclass
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -3,9 +3,9 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
-
require 'google/api/annotations_pb'
|
7
6
|
require 'google/api/field_behavior_pb'
|
8
7
|
require 'google/api/resource_pb'
|
8
|
+
require 'google/api/annotations_pb'
|
9
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
10
|
add_file("google/cloud/securitycenter/v1/notification_config.proto", :syntax => :proto3) do
|
11
11
|
add_message "google.cloud.securitycenter.v1.NotificationConfig" do
|
@@ -3,9 +3,9 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
-
require 'google/api/annotations_pb'
|
7
6
|
require 'google/cloud/securitycenter/v1/finding_pb'
|
8
7
|
require 'google/cloud/securitycenter/v1/resource_pb'
|
8
|
+
require 'google/api/annotations_pb'
|
9
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
10
|
add_file("google/cloud/securitycenter/v1/notification_message.proto", :syntax => :proto3) do
|
11
11
|
add_message "google.cloud.securitycenter.v1.NotificationMessage" do
|
@@ -3,8 +3,8 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
-
require 'google/api/annotations_pb'
|
7
6
|
require 'google/api/resource_pb'
|
7
|
+
require 'google/api/annotations_pb'
|
8
8
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
9
9
|
add_file("google/cloud/securitycenter/v1/organization_settings.proto", :syntax => :proto3) do
|
10
10
|
add_message "google.cloud.securitycenter.v1.OrganizationSettings" do
|
@@ -15,6 +15,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
15
15
|
add_message "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig" do
|
16
16
|
repeated :project_ids, :string, 1
|
17
17
|
optional :inclusion_mode, :enum, 2, "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"
|
18
|
+
repeated :folder_ids, :string, 3
|
18
19
|
end
|
19
20
|
add_enum "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode" do
|
20
21
|
value :INCLUSION_MODE_UNSPECIFIED, 0
|
@@ -3,6 +3,8 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
+
require 'google/api/field_behavior_pb'
|
7
|
+
require 'google/cloud/securitycenter/v1/folder_pb'
|
6
8
|
require 'google/api/annotations_pb'
|
7
9
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
8
10
|
add_file("google/cloud/securitycenter/v1/resource.proto", :syntax => :proto3) do
|
@@ -12,6 +14,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
12
14
|
optional :project_display_name, :string, 3
|
13
15
|
optional :parent, :string, 4
|
14
16
|
optional :parent_display_name, :string, 5
|
17
|
+
repeated :folders, :message, 7, "google.cloud.securitycenter.v1.Folder"
|
15
18
|
end
|
16
19
|
end
|
17
20
|
end
|
@@ -3,8 +3,8 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
-
require 'google/api/annotations_pb'
|
7
6
|
require 'google/protobuf/duration_pb'
|
7
|
+
require 'google/api/annotations_pb'
|
8
8
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
9
9
|
add_file("google/cloud/securitycenter/v1/run_asset_discovery_response.proto", :syntax => :proto3) do
|
10
10
|
add_message "google.cloud.securitycenter.v1.RunAssetDiscoveryResponse" do
|
@@ -3,13 +3,14 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
-
require 'google/api/annotations_pb'
|
7
6
|
require 'google/api/resource_pb'
|
7
|
+
require 'google/api/annotations_pb'
|
8
8
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
9
9
|
add_file("google/cloud/securitycenter/v1/security_marks.proto", :syntax => :proto3) do
|
10
10
|
add_message "google.cloud.securitycenter.v1.SecurityMarks" do
|
11
11
|
optional :name, :string, 1
|
12
12
|
map :marks, :string, :string, 2
|
13
|
+
optional :canonical_name, :string, 3
|
13
14
|
end
|
14
15
|
end
|
15
16
|
end
|
@@ -10,6 +10,7 @@ require 'google/api/field_behavior_pb'
|
|
10
10
|
require 'google/api/resource_pb'
|
11
11
|
require 'google/cloud/securitycenter/v1/asset_pb'
|
12
12
|
require 'google/cloud/securitycenter/v1/finding_pb'
|
13
|
+
require 'google/cloud/securitycenter/v1/folder_pb'
|
13
14
|
require 'google/cloud/securitycenter/v1/notification_config_pb'
|
14
15
|
require 'google/cloud/securitycenter/v1/organization_settings_pb'
|
15
16
|
require 'google/cloud/securitycenter/v1/security_marks_pb'
|
@@ -155,6 +156,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
155
156
|
optional :project_display_name, :string, 3
|
156
157
|
optional :parent_name, :string, 4
|
157
158
|
optional :parent_display_name, :string, 5
|
159
|
+
repeated :folders, :message, 7, "google.cloud.securitycenter.v1.Folder"
|
158
160
|
end
|
159
161
|
add_enum "google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.StateChange" do
|
160
162
|
value :UNUSED, 0
|
@@ -27,7 +27,7 @@ module Google
|
|
27
27
|
# V1 APIs for Security Center service.
|
28
28
|
class Service
|
29
29
|
|
30
|
-
include GRPC::GenericService
|
30
|
+
include ::GRPC::GenericService
|
31
31
|
|
32
32
|
self.marshal_class_method = :encode
|
33
33
|
self.unmarshal_class_method = :decode
|
@@ -57,7 +57,9 @@ module Google
|
|
57
57
|
# specified properties.
|
58
58
|
#
|
59
59
|
# To group across all sources provide a `-` as the source id.
|
60
|
-
# Example: /v1/organizations/{organization_id}/sources/-/findings
|
60
|
+
# Example: /v1/organizations/{organization_id}/sources/-/findings,
|
61
|
+
# /v1/folders/{folder_id}/sources/-/findings,
|
62
|
+
# /v1/projects/{project_id}/sources/-/findings
|
61
63
|
rpc :GroupFindings, ::Google::Cloud::SecurityCenter::V1::GroupFindingsRequest, ::Google::Cloud::SecurityCenter::V1::GroupFindingsResponse
|
62
64
|
# Lists an organization's assets.
|
63
65
|
rpc :ListAssets, ::Google::Cloud::SecurityCenter::V1::ListAssetsRequest, ::Google::Cloud::SecurityCenter::V1::ListAssetsResponse
|
@@ -86,6 +88,7 @@ module Google
|
|
86
88
|
# Creates or updates a finding. The corresponding source must exist for a
|
87
89
|
# finding creation to succeed.
|
88
90
|
rpc :UpdateFinding, ::Google::Cloud::SecurityCenter::V1::UpdateFindingRequest, ::Google::Cloud::SecurityCenter::V1::Finding
|
91
|
+
#
|
89
92
|
# Updates a notification config. The following update
|
90
93
|
# fields are allowed: description, pubsub_topic, streaming_config.filter
|
91
94
|
rpc :UpdateNotificationConfig, ::Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1::NotificationConfig
|
@@ -3,14 +3,15 @@
|
|
3
3
|
|
4
4
|
require 'google/protobuf'
|
5
5
|
|
6
|
-
require 'google/api/annotations_pb'
|
7
6
|
require 'google/api/resource_pb'
|
7
|
+
require 'google/api/annotations_pb'
|
8
8
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
9
9
|
add_file("google/cloud/securitycenter/v1/source.proto", :syntax => :proto3) do
|
10
10
|
add_message "google.cloud.securitycenter.v1.Source" do
|
11
11
|
optional :name, :string, 1
|
12
12
|
optional :display_name, :string, 2
|
13
13
|
optional :description, :string, 3
|
14
|
+
optional :canonical_name, :string, 14
|
14
15
|
end
|
15
16
|
end
|
16
17
|
end
|
@@ -54,6 +54,12 @@ module Google
|
|
54
54
|
# This indicates that the field may be set once in a request to create a
|
55
55
|
# resource, but may not be changed thereafter.
|
56
56
|
IMMUTABLE = 5
|
57
|
+
|
58
|
+
# Denotes that a (repeated) field is an unordered list.
|
59
|
+
# This indicates that the service may provide the elements of the list
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
61
|
+
# provided. Additionally, the list's order may or may not be stable.
|
62
|
+
UNORDERED_LIST = 6
|
57
63
|
end
|
58
64
|
end
|
59
65
|
end
|
@@ -51,14 +51,20 @@ module Google
|
|
51
51
|
# The time at which the asset was created in Security Command Center.
|
52
52
|
# @!attribute [rw] update_time
|
53
53
|
# @return [::Google::Protobuf::Timestamp]
|
54
|
-
# The time at which the asset was last updated
|
55
|
-
# Command Center.
|
54
|
+
# The time at which the asset was last updated or added in Cloud SCC.
|
56
55
|
# @!attribute [rw] iam_policy
|
57
56
|
# @return [::Google::Cloud::SecurityCenter::V1::Asset::IamPolicy]
|
58
57
|
# Cloud IAM Policy information associated with the Google Cloud resource
|
59
58
|
# described by the Security Command Center asset. This information is managed
|
60
59
|
# and defined by the Google Cloud resource and cannot be modified by the
|
61
60
|
# user.
|
61
|
+
# @!attribute [rw] canonical_name
|
62
|
+
# @return [::String]
|
63
|
+
# The canonical name of the resource. It's either
|
64
|
+
# "organizations/\\{organization_id}/assets/\\{asset_id}",
|
65
|
+
# "folders/\\{folder_id}/assets/\\{asset_id}" or
|
66
|
+
# "projects/\\{project_number}/assets/\\{asset_id}", depending on the closest CRM
|
67
|
+
# ancestor of the resource.
|
62
68
|
class Asset
|
63
69
|
include ::Google::Protobuf::MessageExts
|
64
70
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -96,6 +102,11 @@ module Google
|
|
96
102
|
# @!attribute [rw] resource_project_display_name
|
97
103
|
# @return [::String]
|
98
104
|
# The user defined display name for the project of this resource.
|
105
|
+
# @!attribute [rw] folders
|
106
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
|
107
|
+
# Contains a Folder message for each folder in the assets ancestry.
|
108
|
+
# The first folder is the deepest nested folder, and the last folder is the
|
109
|
+
# folder directly under the Organization.
|
99
110
|
class SecurityCenterProperties
|
100
111
|
include ::Google::Protobuf::MessageExts
|
101
112
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -79,7 +79,8 @@ module Google
|
|
79
79
|
# occurred. For example, if the finding represents an open firewall it would
|
80
80
|
# capture the time the detector believes the firewall became open. The
|
81
81
|
# accuracy is determined by the detector. If the finding were to be resolved
|
82
|
-
# afterward, this time would reflect when the finding was resolved.
|
82
|
+
# afterward, this time would reflect when the finding was resolved. Must not
|
83
|
+
# be set to a value greater than the current timestamp.
|
83
84
|
# @!attribute [rw] create_time
|
84
85
|
# @return [::Google::Protobuf::Timestamp]
|
85
86
|
# The time at which the finding was created in Security Command Center.
|
@@ -87,6 +88,14 @@ module Google
|
|
87
88
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding::Severity]
|
88
89
|
# The severity of the finding. This field is managed by the source that
|
89
90
|
# writes the finding.
|
91
|
+
# @!attribute [rw] canonical_name
|
92
|
+
# @return [::String]
|
93
|
+
# The canonical name of the finding. It's either
|
94
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}",
|
95
|
+
# "folders/\\{folder_id}/sources/\\{source_id}/findings/\\{finding_id}" or
|
96
|
+
# "projects/\\{project_number}/sources/\\{source_id}/findings/\\{finding_id}",
|
97
|
+
# depending on the closest CRM ancestor of the resource associated with the
|
98
|
+
# finding.
|
90
99
|
class Finding
|
91
100
|
include ::Google::Protobuf::MessageExts
|
92
101
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Message that contains the resource name and display name of a folder
|
25
|
+
# resource.
|
26
|
+
# @!attribute [rw] resource_folder
|
27
|
+
# @return [::String]
|
28
|
+
# Full resource name of this folder. See:
|
29
|
+
# https://cloud.google.com/apis/design/resource_names#full_resource_name
|
30
|
+
# @!attribute [rw] resource_folder_display_name
|
31
|
+
# @return [::String]
|
32
|
+
# The user defined display name for this folder.
|
33
|
+
class Folder
|
34
|
+
include ::Google::Protobuf::MessageExts
|
35
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -49,6 +49,10 @@ module Google
|
|
49
49
|
# @!attribute [rw] inclusion_mode
|
50
50
|
# @return [::Google::Cloud::SecurityCenter::V1::OrganizationSettings::AssetDiscoveryConfig::InclusionMode]
|
51
51
|
# The mode to use for filtering asset discovery.
|
52
|
+
# @!attribute [rw] folder_ids
|
53
|
+
# @return [::Array<::String>]
|
54
|
+
# The folder ids to use for filtering asset discovery.
|
55
|
+
# It consists of only digits, e.g., 756619654966.
|
52
56
|
class AssetDiscoveryConfig
|
53
57
|
include ::Google::Protobuf::MessageExts
|
54
58
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -38,6 +38,11 @@ module Google
|
|
38
38
|
# @!attribute [rw] parent_display_name
|
39
39
|
# @return [::String]
|
40
40
|
# The human readable name of resource's parent.
|
41
|
+
# @!attribute [r] folders
|
42
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
|
43
|
+
# Output only. Contains a Folder message for each folder in the assets ancestry.
|
44
|
+
# The first folder is the deepest nested folder, and the last folder is the
|
45
|
+
# folder directly under the Organization.
|
41
46
|
class Resource
|
42
47
|
include ::Google::Protobuf::MessageExts
|
43
48
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -42,6 +42,16 @@ module Google
|
|
42
42
|
# * Keys must be letters, numbers, underscores, or dashes
|
43
43
|
# * Values have leading and trailing whitespace trimmed, remaining
|
44
44
|
# characters must be between 1 - 4096 characters (inclusive)
|
45
|
+
# @!attribute [rw] canonical_name
|
46
|
+
# @return [::String]
|
47
|
+
# The canonical name of the marks.
|
48
|
+
# Examples:
|
49
|
+
# "organizations/\\{organization_id}/assets/\\{asset_id}/securityMarks"
|
50
|
+
# "folders/\\{folder_id}/assets/\\{asset_id}/securityMarks"
|
51
|
+
# "projects/\\{project_number}/assets/\\{asset_id}/securityMarks"
|
52
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}/securityMarks"
|
53
|
+
# "folders/\\{folder_id}/sources/\\{source_id}/findings/\\{finding_id}/securityMarks"
|
54
|
+
# "projects/\\{project_number}/sources/\\{source_id}/findings/\\{finding_id}/securityMarks"
|
45
55
|
class SecurityMarks
|
46
56
|
include ::Google::Protobuf::MessageExts
|
47
57
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -33,8 +33,8 @@ module Google
|
|
33
33
|
# greater than 0 characters in length.
|
34
34
|
# @!attribute [rw] finding
|
35
35
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
36
|
-
# Required. The Finding being created. The name and security_marks will be
|
37
|
-
# they are both output only fields on this resource.
|
36
|
+
# Required. The Finding being created. The name and security_marks will be
|
37
|
+
# ignored as they are both output only fields on this resource.
|
38
38
|
class CreateFindingRequest
|
39
39
|
include ::Google::Protobuf::MessageExts
|
40
40
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -43,8 +43,8 @@ module Google
|
|
43
43
|
# Request message for creating a notification config.
|
44
44
|
# @!attribute [rw] parent
|
45
45
|
# @return [::String]
|
46
|
-
# Required. Resource name of the new notification config's parent. Its format
|
47
|
-
# "organizations/[organization_id]".
|
46
|
+
# Required. Resource name of the new notification config's parent. Its format
|
47
|
+
# is "organizations/[organization_id]".
|
48
48
|
# @!attribute [rw] config_id
|
49
49
|
# @return [::String]
|
50
50
|
# Required.
|
@@ -53,8 +53,9 @@ module Google
|
|
53
53
|
# characters, underscores or hyphens only.
|
54
54
|
# @!attribute [rw] notification_config
|
55
55
|
# @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
|
56
|
-
# Required. The notification config being created. The name and the service
|
57
|
-
# will be ignored as they are both output only fields on this
|
56
|
+
# Required. The notification config being created. The name and the service
|
57
|
+
# account will be ignored as they are both output only fields on this
|
58
|
+
# resource.
|
58
59
|
class CreateNotificationConfigRequest
|
59
60
|
include ::Google::Protobuf::MessageExts
|
60
61
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -67,8 +68,8 @@ module Google
|
|
67
68
|
# "organizations/[organization_id]".
|
68
69
|
# @!attribute [rw] source
|
69
70
|
# @return [::Google::Cloud::SecurityCenter::V1::Source]
|
70
|
-
# Required. The Source being created, only the display_name and description
|
71
|
-
# used. All other fields will be ignored.
|
71
|
+
# Required. The Source being created, only the display_name and description
|
72
|
+
# will be used. All other fields will be ignored.
|
72
73
|
class CreateSourceRequest
|
73
74
|
include ::Google::Protobuf::MessageExts
|
74
75
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -97,8 +98,8 @@ module Google
|
|
97
98
|
# Request message for getting organization settings.
|
98
99
|
# @!attribute [rw] name
|
99
100
|
# @return [::String]
|
100
|
-
# Required. Name of the organization to get organization settings for. Its
|
101
|
-
# "organizations/[organization_id]/organizationSettings".
|
101
|
+
# Required. Name of the organization to get organization settings for. Its
|
102
|
+
# format is "organizations/[organization_id]/organizationSettings".
|
102
103
|
class GetOrganizationSettingsRequest
|
103
104
|
include ::Google::Protobuf::MessageExts
|
104
105
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -118,7 +119,8 @@ module Google
|
|
118
119
|
# @!attribute [rw] parent
|
119
120
|
# @return [::String]
|
120
121
|
# Required. Name of the organization to groupBy. Its format is
|
121
|
-
# "organizations/[organization_id]
|
122
|
+
# "organizations/[organization_id], folders/[folder_id], or
|
123
|
+
# projects/[project_id]".
|
122
124
|
# @!attribute [rw] filter
|
123
125
|
# @return [::String]
|
124
126
|
# Expression that defines the filter to apply across assets.
|
@@ -185,9 +187,9 @@ module Google
|
|
185
187
|
# property not existing: `-resource_properties.my_property : ""`
|
186
188
|
# @!attribute [rw] group_by
|
187
189
|
# @return [::String]
|
188
|
-
# Required. Expression that defines what assets fields to use for grouping.
|
189
|
-
# value should follow SQL syntax: comma separated list of fields.
|
190
|
-
# example:
|
190
|
+
# Required. Expression that defines what assets fields to use for grouping.
|
191
|
+
# The string value should follow SQL syntax: comma separated list of fields.
|
192
|
+
# For example:
|
191
193
|
# "security_center_properties.resource_project,security_center_properties.project".
|
192
194
|
#
|
193
195
|
# The following fields are supported when compare_duration is not set:
|
@@ -277,9 +279,12 @@ module Google
|
|
277
279
|
# @!attribute [rw] parent
|
278
280
|
# @return [::String]
|
279
281
|
# Required. Name of the source to groupBy. Its format is
|
280
|
-
# "organizations/[organization_id]/sources/[source_id]"
|
281
|
-
#
|
282
|
-
#
|
282
|
+
# "organizations/[organization_id]/sources/[source_id]",
|
283
|
+
# folders/[folder_id]/sources/[source_id], or
|
284
|
+
# projects/[project_id]/sources/[source_id]. To groupBy across all sources
|
285
|
+
# provide a source_id of `-`. For example:
|
286
|
+
# organizations/\\{organization_id}/sources/-, folders/\\{folder_id}/sources/-,
|
287
|
+
# or projects/\\{project_id}/sources/-
|
283
288
|
# @!attribute [rw] filter
|
284
289
|
# @return [::String]
|
285
290
|
# Expression that defines the filter to apply across findings.
|
@@ -315,28 +320,37 @@ module Google
|
|
315
320
|
# * category: `=`, `:`
|
316
321
|
# * external_uri: `=`, `:`
|
317
322
|
# * event_time: `=`, `>`, `<`, `>=`, `<=`
|
318
|
-
# * severity: `=`, `:`
|
319
323
|
#
|
320
324
|
# Usage: This should be milliseconds since epoch or an RFC3339 string.
|
321
325
|
# Examples:
|
322
326
|
# `event_time = "2019-06-10T16:07:18-07:00"`
|
323
327
|
# `event_time = 1560208038000`
|
324
328
|
#
|
329
|
+
# * severity: `=`, `:`
|
330
|
+
# * workflow_state: `=`, `:`
|
325
331
|
# * security_marks.marks: `=`, `:`
|
326
332
|
# * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
|
327
333
|
#
|
328
|
-
#
|
334
|
+
# For example, `source_properties.size = 100` is a valid filter string.
|
329
335
|
#
|
330
|
-
#
|
331
|
-
#
|
336
|
+
# Use a partial match on the empty string to filter based on a property
|
337
|
+
# existing: `source_properties.my_property : ""`
|
332
338
|
#
|
333
|
-
#
|
334
|
-
#
|
339
|
+
# Use a negated partial match on the empty string to filter based on a
|
340
|
+
# property not existing: `-source_properties.my_property : ""`
|
341
|
+
#
|
342
|
+
# * resource:
|
343
|
+
# * resource.name: `=`, `:`
|
344
|
+
# * resource.parent_name: `=`, `:`
|
345
|
+
# * resource.parent_display_name: `=`, `:`
|
346
|
+
# * resource.project_name: `=`, `:`
|
347
|
+
# * resource.project_display_name: `=`, `:`
|
348
|
+
# * resource.type: `=`, `:`
|
335
349
|
# @!attribute [rw] group_by
|
336
350
|
# @return [::String]
|
337
|
-
# Required. Expression that defines what assets fields to use for grouping
|
338
|
-
# `state_change`). The string value should follow SQL syntax:
|
339
|
-
# list of fields. For example: "parent,resource_name".
|
351
|
+
# Required. Expression that defines what assets fields to use for grouping
|
352
|
+
# (including `state_change`). The string value should follow SQL syntax:
|
353
|
+
# comma separated list of fields. For example: "parent,resource_name".
|
340
354
|
#
|
341
355
|
# The following fields are supported:
|
342
356
|
#
|
@@ -481,7 +495,8 @@ module Google
|
|
481
495
|
# @!attribute [rw] parent
|
482
496
|
# @return [::String]
|
483
497
|
# Required. Resource name of the parent of sources to list. Its format should
|
484
|
-
# be "organizations/[organization_id]
|
498
|
+
# be "organizations/[organization_id], folders/[folder_id], or
|
499
|
+
# projects/[project_id]".
|
485
500
|
# @!attribute [rw] page_token
|
486
501
|
# @return [::String]
|
487
502
|
# The value returned by the last `ListSourcesResponse`; indicates
|
@@ -513,7 +528,8 @@ module Google
|
|
513
528
|
# @!attribute [rw] parent
|
514
529
|
# @return [::String]
|
515
530
|
# Required. Name of the organization assets should belong to. Its format is
|
516
|
-
# "organizations/[organization_id]
|
531
|
+
# "organizations/[organization_id], folders/[folder_id], or
|
532
|
+
# projects/[project_id]".
|
517
533
|
# @!attribute [rw] filter
|
518
534
|
# @return [::String]
|
519
535
|
# Expression that defines the filter to apply across assets.
|
@@ -707,9 +723,12 @@ module Google
|
|
707
723
|
# @!attribute [rw] parent
|
708
724
|
# @return [::String]
|
709
725
|
# Required. Name of the source the findings belong to. Its format is
|
710
|
-
# "organizations/[organization_id]/sources/[source_id]
|
711
|
-
# sources
|
712
|
-
#
|
726
|
+
# "organizations/[organization_id]/sources/[source_id],
|
727
|
+
# folders/[folder_id]/sources/[source_id], or
|
728
|
+
# projects/[project_id]/sources/[source_id]". To list across all sources
|
729
|
+
# provide a source_id of `-`. For example:
|
730
|
+
# organizations/\\{organization_id}/sources/-, folders/\\{folder_id}/sources/- or
|
731
|
+
# projects/\\{projects_id}/sources/-
|
713
732
|
# @!attribute [rw] filter
|
714
733
|
# @return [::String]
|
715
734
|
# Expression that defines the filter to apply across findings.
|
@@ -745,23 +764,33 @@ module Google
|
|
745
764
|
# * category: `=`, `:`
|
746
765
|
# * external_uri: `=`, `:`
|
747
766
|
# * event_time: `=`, `>`, `<`, `>=`, `<=`
|
748
|
-
# * severity: `=`, `:`
|
749
767
|
#
|
750
768
|
# Usage: This should be milliseconds since epoch or an RFC3339 string.
|
751
769
|
# Examples:
|
752
770
|
# `event_time = "2019-06-10T16:07:18-07:00"`
|
753
771
|
# `event_time = 1560208038000`
|
754
772
|
#
|
755
|
-
#
|
756
|
-
#
|
773
|
+
# * severity: `=`, `:`
|
774
|
+
# * workflow_state: `=`, `:`
|
775
|
+
# * security_marks.marks: `=`, `:`
|
776
|
+
# * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
|
777
|
+
#
|
778
|
+
# For example, `source_properties.size = 100` is a valid filter string.
|
757
779
|
#
|
758
|
-
#
|
780
|
+
# Use a partial match on the empty string to filter based on a property
|
781
|
+
# existing: `source_properties.my_property : ""`
|
759
782
|
#
|
760
|
-
#
|
761
|
-
#
|
783
|
+
# Use a negated partial match on the empty string to filter based on a
|
784
|
+
# property not existing: `-source_properties.my_property : ""`
|
762
785
|
#
|
763
|
-
#
|
764
|
-
#
|
786
|
+
# * resource:
|
787
|
+
# * resource.name: `=`, `:`
|
788
|
+
# * resource.parent_name: `=`, `:`
|
789
|
+
# * resource.parent_display_name: `=`, `:`
|
790
|
+
# * resource.project_name: `=`, `:`
|
791
|
+
# * resource.project_display_name: `=`, `:`
|
792
|
+
# * resource.type: `=`, `:`
|
793
|
+
# * resource.folders.resource_folder: `=`, `:`
|
765
794
|
# @!attribute [rw] order_by
|
766
795
|
# @return [::String]
|
767
796
|
# Expression that defines what fields and order to use for sorting. The
|
@@ -888,6 +917,11 @@ module Google
|
|
888
917
|
# @!attribute [rw] parent_display_name
|
889
918
|
# @return [::String]
|
890
919
|
# The human readable name of resource's parent.
|
920
|
+
# @!attribute [rw] folders
|
921
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
|
922
|
+
# Contains a Folder message for each folder in the assets ancestry.
|
923
|
+
# The first folder is the deepest nested folder, and the last folder is
|
924
|
+
# the folder directly under the Organization.
|
891
925
|
class Resource
|
892
926
|
include ::Google::Protobuf::MessageExts
|
893
927
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -944,8 +978,8 @@ module Google
|
|
944
978
|
# Request message for running asset discovery for an organization.
|
945
979
|
# @!attribute [rw] parent
|
946
980
|
# @return [::String]
|
947
|
-
# Required. Name of the organization to run asset discovery for. Its format
|
948
|
-
# "organizations/[organization_id]".
|
981
|
+
# Required. Name of the organization to run asset discovery for. Its format
|
982
|
+
# is "organizations/[organization_id]".
|
949
983
|
class RunAssetDiscoveryRequest
|
950
984
|
include ::Google::Protobuf::MessageExts
|
951
985
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -954,8 +988,8 @@ module Google
|
|
954
988
|
# Request message for updating or creating a finding.
|
955
989
|
# @!attribute [rw] finding
|
956
990
|
# @return [::Google::Cloud::SecurityCenter::V1::Finding]
|
957
|
-
# Required. The finding resource to update or create if it does not already
|
958
|
-
# parent, security_marks, and update_time will be ignored.
|
991
|
+
# Required. The finding resource to update or create if it does not already
|
992
|
+
# exist. parent, security_marks, and update_time will be ignored.
|
959
993
|
#
|
960
994
|
# In the case of creation, the finding id portion of the name must be
|
961
995
|
# alphanumeric and less than or equal to 32 characters and greater than 0
|