google-cloud-security_center-v1 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +0 -1
- data/lib/google/cloud/security_center/v1/security_center/client.rb +2096 -182
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +313 -0
- data/lib/google/cloud/security_center/v1/security_center/rest/client.rb +1977 -189
- data/lib/google/cloud/security_center/v1/security_center/rest/service_stub.rb +1926 -595
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/attack_exposure_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/attack_path_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v1/event_threat_detection_custom_module_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/event_threat_detection_custom_module_validation_errors_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +6 -1
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/resource_pb.rb +13 -1
- data/lib/google/cloud/securitycenter/v1/resource_value_config_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +45 -2
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +54 -0
- data/lib/google/cloud/securitycenter/v1/simulation_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/valued_resource_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +1 -1
- data/proto_docs/google/api/client.rb +14 -10
- data/proto_docs/google/api/resource.rb +7 -2
- data/proto_docs/google/cloud/securitycenter/v1/attack_exposure.rb +73 -0
- data/proto_docs/google/cloud/securitycenter/v1/attack_path.rb +147 -0
- data/proto_docs/google/cloud/securitycenter/v1/cloud_armor.rb +6 -6
- data/proto_docs/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module.rb +77 -0
- data/proto_docs/google/cloud/securitycenter/v1/event_threat_detection_custom_module.rb +88 -0
- data/proto_docs/google/cloud/securitycenter/v1/event_threat_detection_custom_module_validation_errors.rb +69 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +50 -0
- data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +19 -1
- data/proto_docs/google/cloud/securitycenter/v1/mute_config.rb +36 -3
- data/proto_docs/google/cloud/securitycenter/v1/resource.rb +223 -0
- data/proto_docs/google/cloud/securitycenter/v1/resource_value_config.rb +125 -0
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +626 -87
- data/proto_docs/google/cloud/securitycenter/v1/simulation.rb +46 -0
- data/proto_docs/google/cloud/securitycenter/v1/valued_resource.rb +86 -0
- data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +3 -0
- metadata +18 -2
@@ -124,8 +124,13 @@ module Google
|
|
124
124
|
# @return [::String]
|
125
125
|
# The plural name used in the resource name and permission names, such as
|
126
126
|
# 'projects' for the resource name of 'projects/\\{project}' and the permission
|
127
|
-
# name of 'cloudresourcemanager.googleapis.com/projects.get'.
|
128
|
-
#
|
127
|
+
# name of 'cloudresourcemanager.googleapis.com/projects.get'. One exception
|
128
|
+
# to this is for Nested Collections that have stuttering names, as defined
|
129
|
+
# in [AIP-122](https://google.aip.dev/122#nested-collections), where the
|
130
|
+
# collection ID in the resource name pattern does not necessarily directly
|
131
|
+
# match the `plural` value.
|
132
|
+
#
|
133
|
+
# It is the same concept of the `plural` field in k8s CRD spec
|
129
134
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
130
135
|
#
|
131
136
|
# Note: The plural form is required even for singleton resources. See
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# An attack exposure contains the results of an attack path simulation run.
|
25
|
+
# @!attribute [rw] score
|
26
|
+
# @return [::Float]
|
27
|
+
# A number between 0 (inclusive) and infinity that represents how important
|
28
|
+
# this finding is to remediate. The higher the score, the more important it
|
29
|
+
# is to remediate.
|
30
|
+
# @!attribute [rw] latest_calculation_time
|
31
|
+
# @return [::Google::Protobuf::Timestamp]
|
32
|
+
# The most recent time the attack exposure was updated on this finding.
|
33
|
+
# @!attribute [rw] attack_exposure_result
|
34
|
+
# @return [::String]
|
35
|
+
# The resource name of the attack path simulation result that contains the
|
36
|
+
# details regarding this attack exposure score.
|
37
|
+
# Example: `organizations/123/simulations/456/attackExposureResults/789`
|
38
|
+
# @!attribute [rw] state
|
39
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AttackExposure::State]
|
40
|
+
# What state this AttackExposure is in. This captures whether or not an
|
41
|
+
# attack exposure has been calculated or not.
|
42
|
+
# @!attribute [rw] exposed_high_value_resources_count
|
43
|
+
# @return [::Integer]
|
44
|
+
# The number of high value resources that are exposed as a result of this
|
45
|
+
# finding.
|
46
|
+
# @!attribute [rw] exposed_medium_value_resources_count
|
47
|
+
# @return [::Integer]
|
48
|
+
# The number of medium value resources that are exposed as a result of this
|
49
|
+
# finding.
|
50
|
+
# @!attribute [rw] exposed_low_value_resources_count
|
51
|
+
# @return [::Integer]
|
52
|
+
# The number of high value resources that are exposed as a result of this
|
53
|
+
# finding.
|
54
|
+
class AttackExposure
|
55
|
+
include ::Google::Protobuf::MessageExts
|
56
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
57
|
+
|
58
|
+
# This enum defines the various states an AttackExposure can be in.
|
59
|
+
module State
|
60
|
+
# The state is not specified.
|
61
|
+
STATE_UNSPECIFIED = 0
|
62
|
+
|
63
|
+
# The attack exposure has been calculated.
|
64
|
+
CALCULATED = 1
|
65
|
+
|
66
|
+
# The attack exposure has not been calculated.
|
67
|
+
NOT_CALCULATED = 2
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,147 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# A path that an attacker could take to reach an exposed resource.
|
25
|
+
# @!attribute [rw] name
|
26
|
+
# @return [::String]
|
27
|
+
# The attack path name, for example,
|
28
|
+
# `organizations/12/simulation/34/valuedResources/56/attackPaths/78`
|
29
|
+
# @!attribute [rw] path_nodes
|
30
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode>]
|
31
|
+
# A list of nodes that exist in this attack path.
|
32
|
+
# @!attribute [rw] edges
|
33
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathEdge>]
|
34
|
+
# A list of the edges between nodes in this attack path.
|
35
|
+
class AttackPath
|
36
|
+
include ::Google::Protobuf::MessageExts
|
37
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
38
|
+
|
39
|
+
# Represents one point that an attacker passes through in this attack path.
|
40
|
+
# @!attribute [rw] resource
|
41
|
+
# @return [::String]
|
42
|
+
# The name of the resource at this point in the attack path.
|
43
|
+
# The format of the name follows the Cloud Asset Inventory [resource
|
44
|
+
# name
|
45
|
+
# format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
46
|
+
# @!attribute [rw] resource_type
|
47
|
+
# @return [::String]
|
48
|
+
# The [supported resource
|
49
|
+
# type](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
50
|
+
# @!attribute [rw] display_name
|
51
|
+
# @return [::String]
|
52
|
+
# Human-readable name of this resource.
|
53
|
+
# @!attribute [rw] associated_findings
|
54
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::PathNodeAssociatedFinding>]
|
55
|
+
# The findings associated with this node in the attack path.
|
56
|
+
# @!attribute [rw] uuid
|
57
|
+
# @return [::String]
|
58
|
+
# Unique id of the attack path node.
|
59
|
+
# @!attribute [rw] attack_steps
|
60
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::AttackStepNode>]
|
61
|
+
# A list of attack step nodes that exist in this attack path node.
|
62
|
+
class AttackPathNode
|
63
|
+
include ::Google::Protobuf::MessageExts
|
64
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
65
|
+
|
66
|
+
# A finding that is associated with this node in the attack path.
|
67
|
+
# @!attribute [rw] canonical_finding
|
68
|
+
# @return [::String]
|
69
|
+
# Canonical name of the associated findings. Example:
|
70
|
+
# `organizations/123/sources/456/findings/789`
|
71
|
+
# @!attribute [rw] finding_category
|
72
|
+
# @return [::String]
|
73
|
+
# The additional taxonomy group within findings from a given source.
|
74
|
+
# @!attribute [rw] name
|
75
|
+
# @return [::String]
|
76
|
+
# Full resource name of the finding.
|
77
|
+
class PathNodeAssociatedFinding
|
78
|
+
include ::Google::Protobuf::MessageExts
|
79
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
80
|
+
end
|
81
|
+
|
82
|
+
# Detailed steps the attack can take between path nodes.
|
83
|
+
# @!attribute [rw] uuid
|
84
|
+
# @return [::String]
|
85
|
+
# Unique ID for one Node
|
86
|
+
# @!attribute [rw] type
|
87
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::NodeType]
|
88
|
+
# Attack step type. Can be either AND, OR or DEFENSE
|
89
|
+
# @!attribute [rw] display_name
|
90
|
+
# @return [::String]
|
91
|
+
# User friendly name of the attack step
|
92
|
+
# @!attribute [rw] labels
|
93
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
94
|
+
# Attack step labels for metadata
|
95
|
+
# @!attribute [rw] description
|
96
|
+
# @return [::String]
|
97
|
+
# Attack step description
|
98
|
+
class AttackStepNode
|
99
|
+
include ::Google::Protobuf::MessageExts
|
100
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
101
|
+
|
102
|
+
# @!attribute [rw] key
|
103
|
+
# @return [::String]
|
104
|
+
# @!attribute [rw] value
|
105
|
+
# @return [::String]
|
106
|
+
class LabelsEntry
|
107
|
+
include ::Google::Protobuf::MessageExts
|
108
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
# The type of the incoming attack step node.
|
113
|
+
module NodeType
|
114
|
+
# Type not specified
|
115
|
+
NODE_TYPE_UNSPECIFIED = 0
|
116
|
+
|
117
|
+
# Incoming edge joined with AND
|
118
|
+
NODE_TYPE_AND = 1
|
119
|
+
|
120
|
+
# Incoming edge joined with OR
|
121
|
+
NODE_TYPE_OR = 2
|
122
|
+
|
123
|
+
# Incoming edge is defense
|
124
|
+
NODE_TYPE_DEFENSE = 3
|
125
|
+
|
126
|
+
# Incoming edge is attacker
|
127
|
+
NODE_TYPE_ATTACKER = 4
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
# Represents a connection between a source node and a destination node in
|
132
|
+
# this attack path.
|
133
|
+
# @!attribute [rw] source
|
134
|
+
# @return [::String]
|
135
|
+
# The attack node uuid of the source node.
|
136
|
+
# @!attribute [rw] destination
|
137
|
+
# @return [::String]
|
138
|
+
# The attack node uuid of the destination node.
|
139
|
+
class AttackPathEdge
|
140
|
+
include ::Google::Protobuf::MessageExts
|
141
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
142
|
+
end
|
143
|
+
end
|
144
|
+
end
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
@@ -43,8 +43,8 @@ module Google
|
|
43
43
|
# @!attribute [rw] threat_vector
|
44
44
|
# @return [::String]
|
45
45
|
# Distinguish between volumetric & protocol DDoS attack and
|
46
|
-
# application layer attacks. For example,
|
47
|
-
# attacks, or
|
46
|
+
# application layer attacks. For example, "L3_4" for Layer 3 and Layer 4 DDoS
|
47
|
+
# attacks, or "L_7" for Layer 7 DDoS attacks.
|
48
48
|
# @!attribute [rw] duration
|
49
49
|
# @return [::Google::Protobuf::Duration]
|
50
50
|
# Duration of attack from the start until the current moment (updated every 5
|
@@ -63,9 +63,9 @@ module Google
|
|
63
63
|
# "my-security-policy".
|
64
64
|
# @!attribute [rw] type
|
65
65
|
# @return [::String]
|
66
|
-
# The type of Google Cloud Armor security policy for example,
|
67
|
-
# security policy
|
68
|
-
# or
|
66
|
+
# The type of Google Cloud Armor security policy for example, 'backend
|
67
|
+
# security policy', 'edge security policy', 'network edge security policy',
|
68
|
+
# or 'always-on DDoS protection'.
|
69
69
|
# @!attribute [rw] preview
|
70
70
|
# @return [::Boolean]
|
71
71
|
# Whether or not the associated rule or policy is in preview mode.
|
@@ -117,7 +117,7 @@ module Google
|
|
117
117
|
# Total BPS (bytes per second) volume of attack.
|
118
118
|
# @!attribute [rw] classification
|
119
119
|
# @return [::String]
|
120
|
-
# Type of attack, for example,
|
120
|
+
# Type of attack, for example, 'SYN-flood', 'NTP-udp', or 'CHARGEN-udp'.
|
121
121
|
class Attack
|
122
122
|
include ::Google::Protobuf::MessageExts
|
123
123
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
data/proto_docs/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module.rb
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# An EffectiveEventThreatDetectionCustomModule is the representation of
|
25
|
+
# an Event Threat Detection custom module at a specified level of the
|
26
|
+
# resource hierarchy: organization, folder, or project. If a custom module is
|
27
|
+
# inherited from a parent organization or folder, the value of the
|
28
|
+
# `enablement_state` property in EffectiveEventThreatDetectionCustomModule is
|
29
|
+
# set to the value that is effective in the parent, instead of `INHERITED`.
|
30
|
+
# For example, if the module is enabled in a parent organization or folder, the
|
31
|
+
# effective `enablement_state` for the module in all child folders or projects
|
32
|
+
# is also `enabled`. EffectiveEventThreatDetectionCustomModule is read-only.
|
33
|
+
# @!attribute [r] name
|
34
|
+
# @return [::String]
|
35
|
+
# Output only. The resource name of the effective ETD custom module.
|
36
|
+
#
|
37
|
+
# Its format is:
|
38
|
+
#
|
39
|
+
# * `organizations/{organization}/eventThreatDetectionSettings/effectiveCustomModules/{module}`.
|
40
|
+
# * `folders/{folder}/eventThreatDetectionSettings/effectiveCustomModules/{module}`.
|
41
|
+
# * `projects/{project}/eventThreatDetectionSettings/effectiveCustomModules/{module}`.
|
42
|
+
# @!attribute [r] config
|
43
|
+
# @return [::Google::Protobuf::Struct]
|
44
|
+
# Output only. Config for the effective module.
|
45
|
+
# @!attribute [r] enablement_state
|
46
|
+
# @return [::Google::Cloud::SecurityCenter::V1::EffectiveEventThreatDetectionCustomModule::EnablementState]
|
47
|
+
# Output only. The effective state of enablement for the module at the given
|
48
|
+
# level of the hierarchy.
|
49
|
+
# @!attribute [r] type
|
50
|
+
# @return [::String]
|
51
|
+
# Output only. Type for the module. e.g. CONFIGURABLE_BAD_IP.
|
52
|
+
# @!attribute [r] display_name
|
53
|
+
# @return [::String]
|
54
|
+
# Output only. The human readable name to be displayed for the module.
|
55
|
+
# @!attribute [r] description
|
56
|
+
# @return [::String]
|
57
|
+
# Output only. The description for the module.
|
58
|
+
class EffectiveEventThreatDetectionCustomModule
|
59
|
+
include ::Google::Protobuf::MessageExts
|
60
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
61
|
+
|
62
|
+
# The enablement state of the module.
|
63
|
+
module EnablementState
|
64
|
+
# Unspecified enablement state.
|
65
|
+
ENABLEMENT_STATE_UNSPECIFIED = 0
|
66
|
+
|
67
|
+
# The module is enabled at the given level.
|
68
|
+
ENABLED = 1
|
69
|
+
|
70
|
+
# The module is disabled at the given level.
|
71
|
+
DISABLED = 2
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
@@ -0,0 +1,88 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Represents an instance of an Event Threat Detection custom module,
|
25
|
+
# including its full module name, display name, enablement state, and last
|
26
|
+
# updated time. You can create a custom module at the organization, folder, or
|
27
|
+
# project level. Custom modules that you create at the organization or folder
|
28
|
+
# level are inherited by child folders and projects.
|
29
|
+
# @!attribute [rw] name
|
30
|
+
# @return [::String]
|
31
|
+
# Immutable. The resource name of the Event Threat Detection custom module.
|
32
|
+
#
|
33
|
+
# Its format is:
|
34
|
+
#
|
35
|
+
# * `organizations/{organization}/eventThreatDetectionSettings/customModules/{module}`.
|
36
|
+
# * `folders/{folder}/eventThreatDetectionSettings/customModules/{module}`.
|
37
|
+
# * `projects/{project}/eventThreatDetectionSettings/customModules/{module}`.
|
38
|
+
# @!attribute [rw] config
|
39
|
+
# @return [::Google::Protobuf::Struct]
|
40
|
+
# Config for the module. For the resident module, its config value is defined
|
41
|
+
# at this level. For the inherited module, its config value is inherited from
|
42
|
+
# the ancestor module.
|
43
|
+
# @!attribute [r] ancestor_module
|
44
|
+
# @return [::String]
|
45
|
+
# Output only. The closest ancestor module that this module inherits the
|
46
|
+
# enablement state from. The format is the same as the
|
47
|
+
# EventThreatDetectionCustomModule resource name.
|
48
|
+
# @!attribute [rw] enablement_state
|
49
|
+
# @return [::Google::Cloud::SecurityCenter::V1::EventThreatDetectionCustomModule::EnablementState]
|
50
|
+
# The state of enablement for the module at the given level of the hierarchy.
|
51
|
+
# @!attribute [rw] type
|
52
|
+
# @return [::String]
|
53
|
+
# Type for the module. e.g. CONFIGURABLE_BAD_IP.
|
54
|
+
# @!attribute [rw] display_name
|
55
|
+
# @return [::String]
|
56
|
+
# The human readable name to be displayed for the module.
|
57
|
+
# @!attribute [rw] description
|
58
|
+
# @return [::String]
|
59
|
+
# The description for the module.
|
60
|
+
# @!attribute [r] update_time
|
61
|
+
# @return [::Google::Protobuf::Timestamp]
|
62
|
+
# Output only. The time the module was last updated.
|
63
|
+
# @!attribute [r] last_editor
|
64
|
+
# @return [::String]
|
65
|
+
# Output only. The editor the module was last updated by.
|
66
|
+
class EventThreatDetectionCustomModule
|
67
|
+
include ::Google::Protobuf::MessageExts
|
68
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
69
|
+
|
70
|
+
# The enablement state of the module.
|
71
|
+
module EnablementState
|
72
|
+
# Unspecified enablement state.
|
73
|
+
ENABLEMENT_STATE_UNSPECIFIED = 0
|
74
|
+
|
75
|
+
# The module is enabled at the given level.
|
76
|
+
ENABLED = 1
|
77
|
+
|
78
|
+
# The module is disabled at the given level.
|
79
|
+
DISABLED = 2
|
80
|
+
|
81
|
+
# When the enablement state is inherited.
|
82
|
+
INHERITED = 3
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
@@ -0,0 +1,69 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# A list of zero or more errors encountered while validating the uploaded
|
25
|
+
# configuration of an Event Threat Detection Custom Module.
|
26
|
+
# @!attribute [rw] errors
|
27
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::CustomModuleValidationError>]
|
28
|
+
class CustomModuleValidationErrors
|
29
|
+
include ::Google::Protobuf::MessageExts
|
30
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
31
|
+
end
|
32
|
+
|
33
|
+
# An error encountered while validating the uploaded configuration of an
|
34
|
+
# Event Threat Detection Custom Module.
|
35
|
+
# @!attribute [rw] description
|
36
|
+
# @return [::String]
|
37
|
+
# A description of the error, suitable for human consumption. Required.
|
38
|
+
# @!attribute [rw] field_path
|
39
|
+
# @return [::String]
|
40
|
+
# The path, in RFC 8901 JSON Pointer format, to the field that failed
|
41
|
+
# validation. This may be left empty if no specific field is affected.
|
42
|
+
# @!attribute [rw] start
|
43
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Position]
|
44
|
+
# The initial position of the error in the uploaded text version of the
|
45
|
+
# module. This field may be omitted if no specific position applies, or if
|
46
|
+
# one could not be computed.
|
47
|
+
# @!attribute [rw] end
|
48
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Position]
|
49
|
+
# The end position of the error in the uploaded text version of the
|
50
|
+
# module. This field may be omitted if no specific position applies, or if
|
51
|
+
# one could not be computed..
|
52
|
+
class CustomModuleValidationError
|
53
|
+
include ::Google::Protobuf::MessageExts
|
54
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
55
|
+
end
|
56
|
+
|
57
|
+
# A position in the uploaded text version of a module.
|
58
|
+
# @!attribute [rw] line_number
|
59
|
+
# @return [::Integer]
|
60
|
+
# @!attribute [rw] column_number
|
61
|
+
# @return [::Integer]
|
62
|
+
class Position
|
63
|
+
include ::Google::Protobuf::MessageExts
|
64
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
@@ -142,6 +142,9 @@ module Google
|
|
142
142
|
# Records additional information about the mute operation, for example, the
|
143
143
|
# [mute configuration](/security-command-center/docs/how-to-mute-findings)
|
144
144
|
# that muted the finding and the user who muted the finding.
|
145
|
+
# @!attribute [r] mute_info
|
146
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Finding::MuteInfo]
|
147
|
+
# Output only. The mute information regarding this finding.
|
145
148
|
# @!attribute [rw] processes
|
146
149
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Process>]
|
147
150
|
# Represents operating system processes associated with the Finding.
|
@@ -199,6 +202,9 @@ module Google
|
|
199
202
|
# @!attribute [rw] database
|
200
203
|
# @return [::Google::Cloud::SecurityCenter::V1::Database]
|
201
204
|
# Database associated with the finding.
|
205
|
+
# @!attribute [rw] attack_exposure
|
206
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AttackExposure]
|
207
|
+
# The results of an attack path simulation relevant to this finding.
|
202
208
|
# @!attribute [rw] files
|
203
209
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::File>]
|
204
210
|
# File associated with the finding.
|
@@ -252,6 +258,50 @@ module Google
|
|
252
258
|
include ::Google::Protobuf::MessageExts
|
253
259
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
254
260
|
|
261
|
+
# Mute information about the finding, including whether the finding has a
|
262
|
+
# static mute or any matching dynamic mute rules.
|
263
|
+
# @!attribute [rw] static_mute
|
264
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Finding::MuteInfo::StaticMute]
|
265
|
+
# If set, the static mute applied to this finding. Static mutes override
|
266
|
+
# dynamic mutes. If unset, there is no static mute.
|
267
|
+
# @!attribute [rw] dynamic_mute_records
|
268
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Finding::MuteInfo::DynamicMuteRecord>]
|
269
|
+
# The list of dynamic mute rules that currently match the finding.
|
270
|
+
class MuteInfo
|
271
|
+
include ::Google::Protobuf::MessageExts
|
272
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
273
|
+
|
274
|
+
# Information about the static mute state. A static mute state overrides
|
275
|
+
# any dynamic mute rules that apply to this finding. The static mute state
|
276
|
+
# can be set by a static mute rule or by muting the finding directly.
|
277
|
+
# @!attribute [rw] state
|
278
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
|
279
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the
|
280
|
+
# finding's overall mute state will have the same value.
|
281
|
+
# @!attribute [rw] apply_time
|
282
|
+
# @return [::Google::Protobuf::Timestamp]
|
283
|
+
# When the static mute was applied.
|
284
|
+
class StaticMute
|
285
|
+
include ::Google::Protobuf::MessageExts
|
286
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
287
|
+
end
|
288
|
+
|
289
|
+
# The record of a dynamic mute rule that matches the finding.
|
290
|
+
# @!attribute [rw] mute_config
|
291
|
+
# @return [::String]
|
292
|
+
# The relative resource name of the mute rule, represented by a mute
|
293
|
+
# config, that created this record, for example
|
294
|
+
# `organizations/123/muteConfigs/mymuteconfig` or
|
295
|
+
# `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
296
|
+
# @!attribute [rw] match_time
|
297
|
+
# @return [::Google::Protobuf::Timestamp]
|
298
|
+
# When the dynamic mute rule first matched the finding.
|
299
|
+
class DynamicMuteRecord
|
300
|
+
include ::Google::Protobuf::MessageExts
|
301
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
302
|
+
end
|
303
|
+
end
|
304
|
+
|
255
305
|
# @!attribute [rw] key
|
256
306
|
# @return [::String]
|
257
307
|
# @!attribute [rw] value
|
@@ -99,7 +99,7 @@ module Google
|
|
99
99
|
|
100
100
|
# MITRE ATT&CK techniques that can be referenced by SCC findings.
|
101
101
|
# See: https://attack.mitre.org/techniques/enterprise/
|
102
|
-
# Next ID:
|
102
|
+
# Next ID: 65
|
103
103
|
module Technique
|
104
104
|
# Unspecified value.
|
105
105
|
TECHNIQUE_UNSPECIFIED = 0
|
@@ -128,12 +128,21 @@ module Google
|
|
128
128
|
# T1059.004
|
129
129
|
UNIX_SHELL = 7
|
130
130
|
|
131
|
+
# T1059.006
|
132
|
+
PYTHON = 59
|
133
|
+
|
134
|
+
# T1068
|
135
|
+
EXPLOITATION_FOR_PRIVILEGE_ESCALATION = 63
|
136
|
+
|
131
137
|
# T1069
|
132
138
|
PERMISSION_GROUPS_DISCOVERY = 18
|
133
139
|
|
134
140
|
# T1069.003
|
135
141
|
CLOUD_GROUPS = 19
|
136
142
|
|
143
|
+
# T1070.004
|
144
|
+
INDICATOR_REMOVAL_FILE_DELETION = 64
|
145
|
+
|
137
146
|
# T1071
|
138
147
|
APPLICATION_LAYER_PROTOCOL = 45
|
139
148
|
|
@@ -275,8 +284,17 @@ module Google
|
|
275
284
|
# T1595.001
|
276
285
|
SCANNING_IP_BLOCKS = 2
|
277
286
|
|
287
|
+
# T1609
|
288
|
+
CONTAINER_ADMINISTRATION_COMMAND = 60
|
289
|
+
|
290
|
+
# T1611
|
291
|
+
ESCAPE_TO_HOST = 61
|
292
|
+
|
278
293
|
# T1613
|
279
294
|
CONTAINER_AND_RESOURCE_DISCOVERY = 57
|
295
|
+
|
296
|
+
# T1649
|
297
|
+
STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES = 62
|
280
298
|
end
|
281
299
|
end
|
282
300
|
end
|