google-cloud-security_center-v1 0.8.1 → 0.11.0

data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb

@@ -21,6 +21,54 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
+        # Request message for bulk findings update.
+        #
+        # Note:
+        # 1. If multiple bulk update requests match the same resource, the order in
+        # which they get executed is not defined.
+        # 2. Once a bulk operation is started, there is no way to stop it.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The parent, at which bulk action needs to be applied. Its format is
+        #     "organizations/[organization_id]", "folders/[folder_id]",
+        #     "projects/[project_id]".
+        # @!attribute [rw] filter
+        #   @return [::String]
+        #     Expression that identifies findings that should be updated.
+        #     The expression is a list of zero or more restrictions combined
+        #     via logical operators `AND` and `OR`. Parentheses are supported, and `OR`
+        #     has higher precedence than `AND`.
+        #
+        #     Restrictions have the form `<field> <operator> <value>` and may have a
+        #     `-` character in front of them to indicate negation. The fields map to
+        #     those defined in the corresponding resource.
+        #
+        #     The supported operators are:
+        #
+        #     * `=` for all value types.
+        #     * `>`, `<`, `>=`, `<=` for integer values.
+        #     * `:`, meaning substring matching, for strings.
+        #
+        #     The supported value types are:
+        #
+        #     * string literals in quotes.
+        #     * integer literals without quotes.
+        #     * boolean literals `true` and `false` without quotes.
+        # @!attribute [rw] mute_annotation
+        #   @return [::String]
+        #     This can be a mute configuration name or any identifier for mute/unmute
+        #     of findings based on the filter.
+        class BulkMuteFindingsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # The response to a BulkMute request. Contains the LRO information.
+        class BulkMuteFindingsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for creating a finding.
         # @!attribute [rw] parent
         #   @return [::String]
@@ -40,6 +88,26 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for creating a mute config.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Resource name of the new mute configs's parent. Its format is
+        #     "organizations/[organization_id]", "folders/[folder_id]", or
+        #     "projects/[project_id]".
+        # @!attribute [rw] mute_config
+        #   @return [::Google::Cloud::SecurityCenter::V1::MuteConfig]
+        #     Required. The mute config being created.
+        # @!attribute [rw] mute_config_id
+        #   @return [::String]
+        #     Required. Unique identifier provided by the client within the parent scope.
+        #     It must consist of lower case letters, numbers, and hyphen, with the first
+        #     character a letter, the last a letter or a number, and a 63 character
+        #     maximum.
+        class CreateMuteConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for creating a notification config.
         # @!attribute [rw] parent
         #   @return [::String]
@@ -74,6 +142,18 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for deleting a mute config.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the mute config to delete. Its format is
+        #     organizations/\\{organization}/muteConfigs/\\{config_id},
+        #     folders/\\{folder}/muteConfigs/\\{config_id}, or
+        #     projects/\\{project}/muteConfigs/\\{config_id}
+        class DeleteMuteConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for deleting a notification config.
         # @!attribute [rw] name
         #   @return [::String]
@@ -84,6 +164,18 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for retrieving a mute config.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the mute config to retrieve. Its format is
+        #     organizations/\\{organization}/muteConfigs/\\{config_id},
+        #     folders/\\{folder}/muteConfigs/\\{config_id}, or
+        #     projects/\\{project}/muteConfigs/\\{config_id}
+        class GetMuteConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for getting a notification config.
         # @!attribute [rw] name
         #   @return [::String]
@@ -458,6 +550,44 @@ module Google
           end
         end
 
+        # Request message for listing  mute configs at a given scope e.g. organization,
+        # folder or project.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The parent, which owns the collection of mute configs. Its format is
+        #     "organizations/[organization_id]", "folders/[folder_id]",
+        #     "projects/[project_id]".
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     The maximum number of configs to return. The service may return fewer than
+        #     this value.
+        #     If unspecified, at most 10 configs will be returned.
+        #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     A page token, received from a previous `ListMuteConfigs` call.
+        #     Provide this to retrieve the subsequent page.
+        #
+        #     When paginating, all other parameters provided to `ListMuteConfigs` must
+        #     match the call that provided the page token.
+        class ListMuteConfigsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing mute configs.
+        # @!attribute [rw] mute_configs
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MuteConfig>]
+        #     The mute configs from the specified parent.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token, which can be sent as `page_token` to retrieve the next page.
+        #     If this field is omitted, there are no subsequent pages.
+        class ListMuteConfigsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for listing notification configs.
         # @!attribute [rw] parent
         #   @return [::String]
@@ -790,6 +920,7 @@ module Google
         #       * resource.project_display_name: `=`, `:`
         #       * resource.type: `=`, `:`
         #       * resource.folders.resource_folder: `=`, `:`
+        #       * resource.display_name: `=`, `:`
         # @!attribute [rw] order_by
         #   @return [::String]
         #     Expression that defines what fields and order to use for sorting. The
@@ -916,11 +1047,17 @@ module Google
             # @!attribute [rw] parent_display_name
             #   @return [::String]
             #     The human readable name of resource's parent.
+            # @!attribute [rw] type
+            #   @return [::String]
+            #     The full resource type of the resource.
             # @!attribute [rw] folders
             #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
             #     Contains a Folder message for each folder in the assets ancestry.
             #     The first folder is the deepest nested folder, and the last folder is
             #     the folder directly under the Organization.
+            # @!attribute [rw] display_name
+            #   @return [::String]
+            #     The human readable name of the resource.
             class Resource
               include ::Google::Protobuf::MessageExts
               extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -974,6 +1111,23 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for updating a finding's mute status.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The relative resource name of the finding. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/\\{organization_id}/sources/\\{source_id}/finding/\\{finding_id}",
+        #     "folders/\\{folder_id}/sources/\\{source_id}/finding/\\{finding_id}",
+        #     "projects/\\{project_id}/sources/\\{source_id}/finding/\\{finding_id}".
+        # @!attribute [rw] mute
+        #   @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
+        #     Required. The desired state of the Mute.
+        class SetMuteRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for running asset discovery for an organization.
         # @!attribute [rw] parent
         #   @return [::String]
@@ -984,6 +1138,20 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for updating a ExternalSystem resource.
+        # @!attribute [rw] external_system
+        #   @return [::Google::Cloud::SecurityCenter::V1::ExternalSystem]
+        #     Required. The external system resource to update.
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     The FieldMask to use when updating the external system resource.
+        #
+        #     If empty all mutable fields will be updated.
+        class UpdateExternalSystemRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for updating or creating a finding.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding]
@@ -1007,6 +1175,19 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for updating a mute config.
+        # @!attribute [rw] mute_config
+        #   @return [::Google::Cloud::SecurityCenter::V1::MuteConfig]
+        #     Required. The mute config being updated.
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     The list of fields to be updated.
+        #     If empty all mutable fields will be updated.
+        class UpdateMuteConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for updating a notification config.
         # @!attribute [rw] notification_config
         #   @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]

data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb

@@ -0,0 +1,226 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
+        # @!attribute [rw] cve
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cve]
+        #     CVE stands for Common Vulnerabilities and Exposures
+        #     (https://cve.mitre.org/about/)
+        class Vulnerability
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # CVE stands for Common Vulnerabilities and Exposures.
+        # More information: https://cve.mitre.org
+        # @!attribute [rw] id
+        #   @return [::String]
+        #     The unique identifier for the vulnerability. e.g. CVE-2021-34527
+        # @!attribute [rw] references
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Reference>]
+        #     Additional information about the CVE.
+        #     e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
+        # @!attribute [rw] cvssv3
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
+        #     Describe Common Vulnerability Scoring System specified at
+        #     https://www.first.org/cvss/v3.1/specification-document
+        class Cve
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Additional Links
+        # @!attribute [rw] source
+        #   @return [::String]
+        #     Source of the reference e.g. NVD
+        # @!attribute [rw] uri
+        #   @return [::String]
+        #     Uri for the mentioned source e.g.
+        #     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
+        class Reference
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Common Vulnerability Scoring System version 3.
+        # @!attribute [rw] base_score
+        #   @return [::Float]
+        #     The base score is a function of the base metric scores.
+        # @!attribute [rw] attack_vector
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::AttackVector]
+        #     Base Metrics
+        #     Represents the intrinsic characteristics of a vulnerability that are
+        #     constant over time and across user environments.
+        #     This metric reflects the context by which vulnerability exploitation is
+        #     possible.
+        # @!attribute [rw] attack_complexity
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::AttackComplexity]
+        #     This metric describes the conditions beyond the attacker's control that
+        #     must exist in order to exploit the vulnerability.
+        # @!attribute [rw] privileges_required
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::PrivilegesRequired]
+        #     This metric describes the level of privileges an attacker must possess
+        #     before successfully exploiting the vulnerability.
+        # @!attribute [rw] user_interaction
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::UserInteraction]
+        #     This metric captures the requirement for a human user, other than the
+        #     attacker, to participate in the successful compromise of the vulnerable
+        #     component.
+        # @!attribute [rw] scope
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Scope]
+        #     The Scope metric captures whether a vulnerability in one vulnerable
+        #     component impacts resources in components beyond its security scope.
+        # @!attribute [rw] confidentiality_impact
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Impact]
+        #     This metric measures the impact to the confidentiality of the information
+        #     resources managed by a software component due to a successfully exploited
+        #     vulnerability.
+        # @!attribute [rw] integrity_impact
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Impact]
+        #     This metric measures the impact to integrity of a successfully exploited
+        #     vulnerability.
+        # @!attribute [rw] availability_impact
+        #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3::Impact]
+        #     This metric measures the impact to the availability of the impacted
+        #     component resulting from a successfully exploited vulnerability.
+        class Cvssv3
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # This metric reflects the context by which vulnerability exploitation is
+          # possible.
+          module AttackVector
+            # Invalid value.
+            ATTACK_VECTOR_UNSPECIFIED = 0
+
+            # The vulnerable component is bound to the network stack and the set of
+            # possible attackers extends beyond the other options listed below, up to
+            # and including the entire Internet.
+            ATTACK_VECTOR_NETWORK = 1
+
+            # The vulnerable component is bound to the network stack, but the attack is
+            # limited at the protocol level to a logically adjacent topology.
+            ATTACK_VECTOR_ADJACENT = 2
+
+            # The vulnerable component is not bound to the network stack and the
+            # attacker's path is via read/write/execute capabilities.
+            ATTACK_VECTOR_LOCAL = 3
+
+            # The attack requires the attacker to physically touch or manipulate the
+            # vulnerable component.
+            ATTACK_VECTOR_PHYSICAL = 4
+          end
+
+          # This metric describes the conditions beyond the attacker's control that
+          # must exist in order to exploit the vulnerability.
+          module AttackComplexity
+            # Invalid value.
+            ATTACK_COMPLEXITY_UNSPECIFIED = 0
+
+            # Specialized access conditions or extenuating circumstances do not exist.
+            # An attacker can expect repeatable success when attacking the vulnerable
+            # component.
+            ATTACK_COMPLEXITY_LOW = 1
+
+            # A successful attack depends on conditions beyond the attacker's control.
+            # That is, a successful attack cannot be accomplished at will, but requires
+            # the attacker to invest in some measurable amount of effort in preparation
+            # or execution against the vulnerable component before a successful attack
+            # can be expected.
+            ATTACK_COMPLEXITY_HIGH = 2
+          end
+
+          # This metric describes the level of privileges an attacker must possess
+          # before successfully exploiting the vulnerability.
+          module PrivilegesRequired
+            # Invalid value.
+            PRIVILEGES_REQUIRED_UNSPECIFIED = 0
+
+            # The attacker is unauthorized prior to attack, and therefore does not
+            # require any access to settings or files of the vulnerable system to
+            # carry out an attack.
+            PRIVILEGES_REQUIRED_NONE = 1
+
+            # The attacker requires privileges that provide basic user capabilities
+            # that could normally affect only settings and files owned by a user.
+            # Alternatively, an attacker with Low privileges has the ability to access
+            # only non-sensitive resources.
+            PRIVILEGES_REQUIRED_LOW = 2
+
+            # The attacker requires privileges that provide significant (e.g.,
+            # administrative) control over the vulnerable component allowing access to
+            # component-wide settings and files.
+            PRIVILEGES_REQUIRED_HIGH = 3
+          end
+
+          # This metric captures the requirement for a human user, other than the
+          # attacker, to participate in the successful compromise of the vulnerable
+          # component.
+          module UserInteraction
+            # Invalid value.
+            USER_INTERACTION_UNSPECIFIED = 0
+
+            # The vulnerable system can be exploited without interaction from any user.
+            USER_INTERACTION_NONE = 1
+
+            # Successful exploitation of this vulnerability requires a user to take
+            # some action before the vulnerability can be exploited.
+            USER_INTERACTION_REQUIRED = 2
+          end
+
+          # The Scope metric captures whether a vulnerability in one vulnerable
+          # component impacts resources in components beyond its security scope.
+          module Scope
+            # Invalid value.
+            SCOPE_UNSPECIFIED = 0
+
+            # An exploited vulnerability can only affect resources managed by the same
+            # security authority.
+            SCOPE_UNCHANGED = 1
+
+            # An exploited vulnerability can affect resources beyond the security scope
+            # managed by the security authority of the vulnerable component.
+            SCOPE_CHANGED = 2
+          end
+
+          # The Impact metrics capture the effects of a successfully exploited
+          # vulnerability on the component that suffers the worst outcome that is most
+          # directly and predictably associated with the attack.
+          module Impact
+            # Invalid value.
+            IMPACT_UNSPECIFIED = 0
+
+            # High impact.
+            IMPACT_HIGH = 1
+
+            # Low impact.
+            IMPACT_LOW = 2
+
+            # No impact.
+            IMPACT_NONE = 3
+          end
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-security_center-v1
 version: !ruby/object:Gem::Version
-  version: 0.8.1
+  version: 0.11.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-11 00:00:00.000000000 Z
+date: 2021-12-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -198,9 +198,11 @@ files:
 - lib/google/cloud/security_center/v1/security_center/paths.rb
 - lib/google/cloud/security_center/v1/version.rb
 - lib/google/cloud/securitycenter/v1/asset_pb.rb
+- lib/google/cloud/securitycenter/v1/external_system_pb.rb
 - lib/google/cloud/securitycenter/v1/finding_pb.rb
 - lib/google/cloud/securitycenter/v1/folder_pb.rb
 - lib/google/cloud/securitycenter/v1/indicator_pb.rb
+- lib/google/cloud/securitycenter/v1/mute_config_pb.rb
 - lib/google/cloud/securitycenter/v1/notification_config_pb.rb
 - lib/google/cloud/securitycenter/v1/notification_message_pb.rb
 - lib/google/cloud/securitycenter/v1/organization_settings_pb.rb
@@ -210,13 +212,16 @@ files:
 - lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb
 - lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb
 - lib/google/cloud/securitycenter/v1/source_pb.rb
+- lib/google/cloud/securitycenter/v1/vulnerability_pb.rb
 - proto_docs/README.md
 - proto_docs/google/api/field_behavior.rb
 - proto_docs/google/api/resource.rb
 - proto_docs/google/cloud/securitycenter/v1/asset.rb
+- proto_docs/google/cloud/securitycenter/v1/external_system.rb
 - proto_docs/google/cloud/securitycenter/v1/finding.rb
 - proto_docs/google/cloud/securitycenter/v1/folder.rb
 - proto_docs/google/cloud/securitycenter/v1/indicator.rb
+- proto_docs/google/cloud/securitycenter/v1/mute_config.rb
 - proto_docs/google/cloud/securitycenter/v1/notification_config.rb
 - proto_docs/google/cloud/securitycenter/v1/notification_message.rb
 - proto_docs/google/cloud/securitycenter/v1/organization_settings.rb
@@ -225,6 +230,7 @@ files:
 - proto_docs/google/cloud/securitycenter/v1/security_marks.rb
 - proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb
 - proto_docs/google/cloud/securitycenter/v1/source.rb
+- proto_docs/google/cloud/securitycenter/v1/vulnerability.rb
 - proto_docs/google/iam/v1/iam_policy.rb
 - proto_docs/google/iam/v1/options.rb
 - proto_docs/google/iam/v1/policy.rb