google-cloud-security_center-v1 0.7.2 → 0.9.1

data/proto_docs/google/cloud/securitycenter/v1/finding.rb

@@ -96,6 +96,21 @@ module Google
         #     "projects/\\{project_number}/sources/\\{source_id}/findings/\\{finding_id}",
         #     depending on the closest CRM ancestor of the resource associated with the
         #     finding.
+        # @!attribute [rw] finding_class
+        #   @return [::Google::Cloud::SecurityCenter::V1::Finding::FindingClass]
+        #     The class of the finding.
+        # @!attribute [rw] indicator
+        #   @return [::Google::Cloud::SecurityCenter::V1::Indicator]
+        #     Represents what's commonly known as an Indicator of compromise (IoC) in
+        #     computer forensics. This is an artifact observed on a network or in an
+        #     operating system that, with high confidence, indicates a computer
+        #     intrusion.
+        #     Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+        # @!attribute [rw] vulnerability
+        #   @return [::Google::Cloud::SecurityCenter::V1::Vulnerability]
+        #     Represents vulnerability specific fields like cve, cvss scores etc.
+        #     CVE stands for Common Vulnerabilities and Exposures
+        #     (https://cve.mitre.org/about/)
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -180,6 +195,26 @@ module Google
             # is not able to access data, execute code, or create resources.
             LOW = 4
           end
+
+          # Represents what kind of Finding it is.
+          module FindingClass
+            # Unspecified finding class.
+            FINDING_CLASS_UNSPECIFIED = 0
+
+            # Describes unwanted or malicious activity.
+            THREAT = 1
+
+            # Describes a potential weakness in software that increases risk to
+            # Confidentiality & Integrity & Availability.
+            VULNERABILITY = 2
+
+            # Describes a potential weakness in cloud resource/asset configuration that
+            # increases risk.
+            MISCONFIGURATION = 3
+
+            # Describes a security observation that is for informational purposes.
+            OBSERVATION = 4
+          end
         end
       end
     end

data/proto_docs/google/cloud/securitycenter/v1/indicator.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Represents what's commonly known as an Indicator of compromise (IoC) in
+        # computer forensics. This is an artifact observed on a network or in an
+        # operating system that, with high confidence, indicates a computer intrusion.
+        # Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+        # @!attribute [rw] ip_addresses
+        #   @return [::Array<::String>]
+        #     List of ip addresses associated to the Finding.
+        # @!attribute [rw] domains
+        #   @return [::Array<::String>]
+        #     List of domains associated to the Finding.
+        class Indicator
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/resource.rb

@@ -38,6 +38,9 @@ module Google
         # @!attribute [rw] parent_display_name
         #   @return [::String]
         #     The human readable name of resource's parent.
+        # @!attribute [rw] type
+        #   @return [::String]
+        #     The full resource type of the resource.
         # @!attribute [r] folders
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
         #     Output only. Contains a Folder message for each folder in the assets ancestry.

data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb

@@ -33,8 +33,8 @@ module Google
         #     greater than 0 characters in length.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The Finding being created. The name and security_marks will be
-        #     ignored as they are both output only fields on this resource.
+        #     Required. The Finding being created. The name and security_marks will be ignored as
+        #     they are both output only fields on this resource.
         class CreateFindingRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -43,8 +43,8 @@ module Google
         # Request message for creating a notification config.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the new notification config's parent. Its format
-        #     is "organizations/[organization_id]".
+        #     Required. Resource name of the new notification config's parent. Its format is
+        #     "organizations/[organization_id]".
         # @!attribute [rw] config_id
         #   @return [::String]
         #     Required.
@@ -53,9 +53,8 @@ module Google
         #     characters, underscores or hyphens only.
         # @!attribute [rw] notification_config
         #   @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
-        #     Required. The notification config being created. The name and the service
-        #     account will be ignored as they are both output only fields on this
-        #     resource.
+        #     Required. The notification config being created. The name and the service account
+        #     will be ignored as they are both output only fields on this resource.
         class CreateNotificationConfigRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -68,8 +67,8 @@ module Google
         #     "organizations/[organization_id]".
         # @!attribute [rw] source
         #   @return [::Google::Cloud::SecurityCenter::V1::Source]
-        #     Required. The Source being created, only the display_name and description
-        #     will be used. All other fields will be ignored.
+        #     Required. The Source being created, only the display_name and description will be
+        #     used. All other fields will be ignored.
         class CreateSourceRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -98,8 +97,8 @@ module Google
         # Request message for getting organization settings.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. Name of the organization to get organization settings for. Its
-        #     format is "organizations/[organization_id]/organizationSettings".
+        #     Required. Name of the organization to get organization settings for. Its format is
+        #     "organizations/[organization_id]/organizationSettings".
         class GetOrganizationSettingsRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -187,9 +186,9 @@ module Google
         #     property not existing: `-resource_properties.my_property : ""`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping.
-        #     The string value should follow SQL syntax: comma separated list of fields.
-        #     For example:
+        #     Required. Expression that defines what assets fields to use for grouping. The string
+        #     value should follow SQL syntax: comma separated list of fields. For
+        #     example:
         #     "security_center_properties.resource_project,security_center_properties.project".
         #
         #     The following fields are supported when compare_duration is not set:
@@ -348,9 +347,9 @@ module Google
         #       * resource.type: `=`, `:`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping
-        #     (including `state_change`). The string value should follow SQL syntax:
-        #     comma separated list of fields. For example: "parent,resource_name".
+        #     Required. Expression that defines what assets fields to use for grouping (including
+        #     `state_change`). The string value should follow SQL syntax: comma separated
+        #     list of fields. For example: "parent,resource_name".
         #
         #     The following fields are supported:
         #
@@ -494,8 +493,8 @@ module Google
         # Request message for listing sources.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the parent of sources to list. Its format should
-        #     be "organizations/[organization_id], folders/[folder_id], or
+        #     Required. Resource name of the parent of sources to list. Its format should be
+        #     "organizations/[organization_id], folders/[folder_id], or
         #     projects/[project_id]".
         # @!attribute [rw] page_token
         #   @return [::String]
@@ -978,8 +977,8 @@ module Google
         # Request message for running asset discovery for an organization.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Name of the organization to run asset discovery for. Its format
-        #     is "organizations/[organization_id]".
+        #     Required. Name of the organization to run asset discovery for. Its format is
+        #     "organizations/[organization_id]".
         class RunAssetDiscoveryRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -988,8 +987,8 @@ module Google
         # Request message for updating or creating a finding.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The finding resource to update or create if it does not already
-        #     exist. parent, security_marks, and update_time will be ignored.
+        #     Required. The finding resource to update or create if it does not already exist.
+        #     parent, security_marks, and update_time will be ignored.
         #
         #     In the case of creation, the finding id portion of the name must be
         #     alphanumeric and less than or equal to 32 characters and greater than 0

data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb

@@ -0,0 +1,226 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
+        # @!attribute [rw] cve
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cve]
+        #     CVE stands for Common Vulnerabilities and Exposures
+        #     (https://cve.mitre.org/about/)
+        class Vulnerability
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # CVE stands for Common Vulnerabilities and Exposures.
+        # More information: https://cve.mitre.org
+        # @!attribute [rw] id
+        #   @return [::String]
+        #     The unique identifier for the vulnerability. e.g. CVE-2021-34527
+        # @!attribute [rw] references
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Reference>]
+        #     Additional information about the CVE.
+        #     e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
+        # @!attribute [rw] cvssv3
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
+        #     Describe Common Vulnerability Scoring System specified at
+        #     https://www.first.org/cvss/v3.1/specification-document
+        class Cve
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Additional Links
+        # @!attribute [rw] source
+        #   @return [::String]
+        #     Source of the reference e.g. NVD
+        # @!attribute [rw] uri
+        #   @return [::String]
+        #     Uri for the mentioned source e.g.
+        #     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
+        class Reference
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Common Vulnerability Scoring System version 3.
+        # @!attribute [rw] base_score
+        #   @return [::Float]
+        #     The base score is a function of the base metric scores.
+        # @!attribute [rw] attack_vector
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::AttackVector]
+        #     Base Metrics
+        #     Represents the intrinsic characteristics of a vulnerability that are
+        #     constant over time and across user environments.
+        #     This metric reflects the context by which vulnerability exploitation is
+        #     possible.
+        # @!attribute [rw] attack_complexity
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::AttackComplexity]
+        #     This metric describes the conditions beyond the attacker's control that
+        #     must exist in order to exploit the vulnerability.
+        # @!attribute [rw] privileges_required
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::PrivilegesRequired]
+        #     This metric describes the level of privileges an attacker must possess
+        #     before successfully exploiting the vulnerability.
+        # @!attribute [rw] user_interaction
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::UserInteraction]
+        #     This metric captures the requirement for a human user, other than the
+        #     attacker, to participate in the successful compromise of the vulnerable
+        #     component.
+        # @!attribute [rw] scope
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Scope]
+        #     The Scope metric captures whether a vulnerability in one vulnerable
+        #     component impacts resources in components beyond its security scope.
+        # @!attribute [rw] confidentiality_impact
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Impact]
+        #     This metric measures the impact to the confidentiality of the information
+        #     resources managed by a software component due to a successfully exploited
+        #     vulnerability.
+        # @!attribute [rw] integrity_impact
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Impact]
+        #     This metric measures the impact to integrity of a successfully exploited
+        #     vulnerability.
+        # @!attribute [rw] availability_impact
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Impact]
+        #     This metric measures the impact to the availability of the impacted
+        #     component resulting from a successfully exploited vulnerability.
+        class Cvssv3
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # This metric reflects the context by which vulnerability exploitation is
+          # possible.
+          module AttackVector
+            # Invalid value.
+            ATTACK_VECTOR_UNSPECIFIED = 0
+
+            # The vulnerable component is bound to the network stack and the set of
+            # possible attackers extends beyond the other options listed below, up to
+            # and including the entire Internet.
+            ATTACK_VECTOR_NETWORK = 1
+
+            # The vulnerable component is bound to the network stack, but the attack is
+            # limited at the protocol level to a logically adjacent topology.
+            ATTACK_VECTOR_ADJACENT = 2
+
+            # The vulnerable component is not bound to the network stack and the
+            # attacker's path is via read/write/execute capabilities.
+            ATTACK_VECTOR_LOCAL = 3
+
+            # The attack requires the attacker to physically touch or manipulate the
+            # vulnerable component.
+            ATTACK_VECTOR_PHYSICAL = 4
+          end
+
+          # This metric describes the conditions beyond the attacker's control that
+          # must exist in order to exploit the vulnerability.
+          module AttackComplexity
+            # Invalid value.
+            ATTACK_COMPLEXITY_UNSPECIFIED = 0
+
+            # Specialized access conditions or extenuating circumstances do not exist.
+            # An attacker can expect repeatable success when attacking the vulnerable
+            # component.
+            ATTACK_COMPLEXITY_LOW = 1
+
+            # A successful attack depends on conditions beyond the attacker's control.
+            # That is, a successful attack cannot be accomplished at will, but requires
+            # the attacker to invest in some measurable amount of effort in preparation
+            # or execution against the vulnerable component before a successful attack
+            # can be expected.
+            ATTACK_COMPLEXITY_HIGH = 2
+          end
+
+          # This metric describes the level of privileges an attacker must possess
+          # before successfully exploiting the vulnerability.
+          module PrivilegesRequired
+            # Invalid value.
+            PRIVILEGES_REQUIRED_UNSPECIFIED = 0
+
+            # The attacker is unauthorized prior to attack, and therefore does not
+            # require any access to settings or files of the vulnerable system to
+            # carry out an attack.
+            PRIVILEGES_REQUIRED_NONE = 1
+
+            # The attacker requires privileges that provide basic user capabilities
+            # that could normally affect only settings and files owned by a user.
+            # Alternatively, an attacker with Low privileges has the ability to access
+            # only non-sensitive resources.
+            PRIVILEGES_REQUIRED_LOW = 2
+
+            # The attacker requires privileges that provide significant (e.g.,
+            # administrative) control over the vulnerable component allowing access to
+            # component-wide settings and files.
+            PRIVILEGES_REQUIRED_HIGH = 3
+          end
+
+          # This metric captures the requirement for a human user, other than the
+          # attacker, to participate in the successful compromise of the vulnerable
+          # component.
+          module UserInteraction
+            # Invalid value.
+            USER_INTERACTION_UNSPECIFIED = 0
+
+            # The vulnerable system can be exploited without interaction from any user.
+            USER_INTERACTION_NONE = 1
+
+            # Successful exploitation of this vulnerability requires a user to take
+            # some action before the vulnerability can be exploited.
+            USER_INTERACTION_REQUIRED = 2
+          end
+
+          # The Scope metric captures whether a vulnerability in one vulnerable
+          # component impacts resources in components beyond its security scope.
+          module Scope
+            # Invalid value.
+            SCOPE_UNSPECIFIED = 0
+
+            # An exploited vulnerability can only affect resources managed by the same
+            # security authority.
+            SCOPE_UNCHANGED = 1
+
+            # An exploited vulnerability can affect resources beyond the security scope
+            # managed by the security authority of the vulnerable component.
+            SCOPE_CHANGED = 2
+          end
+
+          # The Impact metrics capture the effects of a successfully exploited
+          # vulnerability on the component that suffers the worst outcome that is most
+          # directly and predictably associated with the attack.
+          module Impact
+            # Invalid value.
+            IMPACT_UNSPECIFIED = 0
+
+            # High impact.
+            IMPACT_HIGH = 1
+
+            # Low impact.
+            IMPACT_LOW = 2
+
+            # No impact.
+            IMPACT_NONE = 3
+          end
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-security_center-v1
 version: !ruby/object:Gem::Version
-  version: 0.7.2
+  version: 0.9.1
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-07-12 00:00:00.000000000 Z
+date: 2021-11-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.7'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.7'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -200,6 +200,7 @@ files:
 - lib/google/cloud/securitycenter/v1/asset_pb.rb
 - lib/google/cloud/securitycenter/v1/finding_pb.rb
 - lib/google/cloud/securitycenter/v1/folder_pb.rb
+- lib/google/cloud/securitycenter/v1/indicator_pb.rb
 - lib/google/cloud/securitycenter/v1/notification_config_pb.rb
 - lib/google/cloud/securitycenter/v1/notification_message_pb.rb
 - lib/google/cloud/securitycenter/v1/organization_settings_pb.rb
@@ -209,12 +210,14 @@ files:
 - lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb
 - lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb
 - lib/google/cloud/securitycenter/v1/source_pb.rb
+- lib/google/cloud/securitycenter/v1/vulnerability_pb.rb
 - proto_docs/README.md
 - proto_docs/google/api/field_behavior.rb
 - proto_docs/google/api/resource.rb
 - proto_docs/google/cloud/securitycenter/v1/asset.rb
 - proto_docs/google/cloud/securitycenter/v1/finding.rb
 - proto_docs/google/cloud/securitycenter/v1/folder.rb
+- proto_docs/google/cloud/securitycenter/v1/indicator.rb
 - proto_docs/google/cloud/securitycenter/v1/notification_config.rb
 - proto_docs/google/cloud/securitycenter/v1/notification_message.rb
 - proto_docs/google/cloud/securitycenter/v1/organization_settings.rb
@@ -223,6 +226,7 @@ files:
 - proto_docs/google/cloud/securitycenter/v1/security_marks.rb
 - proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb
 - proto_docs/google/cloud/securitycenter/v1/source.rb
+- proto_docs/google/cloud/securitycenter/v1/vulnerability.rb
 - proto_docs/google/iam/v1/iam_policy.rb
 - proto_docs/google/iam/v1/options.rb
 - proto_docs/google/iam/v1/policy.rb