google-cloud-security_center-v1 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +0 -1
- data/lib/google/cloud/security_center/v1/security_center/client.rb +2096 -182
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +313 -0
- data/lib/google/cloud/security_center/v1/security_center/rest/client.rb +1977 -189
- data/lib/google/cloud/security_center/v1/security_center/rest/service_stub.rb +1926 -595
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/attack_exposure_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/attack_path_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v1/event_threat_detection_custom_module_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/event_threat_detection_custom_module_validation_errors_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +6 -1
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/resource_pb.rb +13 -1
- data/lib/google/cloud/securitycenter/v1/resource_value_config_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +45 -2
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +54 -0
- data/lib/google/cloud/securitycenter/v1/simulation_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/valued_resource_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +1 -1
- data/proto_docs/google/api/client.rb +14 -10
- data/proto_docs/google/api/resource.rb +7 -2
- data/proto_docs/google/cloud/securitycenter/v1/attack_exposure.rb +73 -0
- data/proto_docs/google/cloud/securitycenter/v1/attack_path.rb +147 -0
- data/proto_docs/google/cloud/securitycenter/v1/cloud_armor.rb +6 -6
- data/proto_docs/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module.rb +77 -0
- data/proto_docs/google/cloud/securitycenter/v1/event_threat_detection_custom_module.rb +88 -0
- data/proto_docs/google/cloud/securitycenter/v1/event_threat_detection_custom_module_validation_errors.rb +69 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +50 -0
- data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +19 -1
- data/proto_docs/google/cloud/securitycenter/v1/mute_config.rb +36 -3
- data/proto_docs/google/cloud/securitycenter/v1/resource.rb +223 -0
- data/proto_docs/google/cloud/securitycenter/v1/resource_value_config.rb +125 -0
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +626 -87
- data/proto_docs/google/cloud/securitycenter/v1/simulation.rb +46 -0
- data/proto_docs/google/cloud/securitycenter/v1/valued_resource.rb +86 -0
- data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +3 -0
- metadata +18 -2
@@ -26,9 +26,12 @@ module Google
|
|
26
26
|
# @!attribute [rw] name
|
27
27
|
# @return [::String]
|
28
28
|
# This field will be ignored if provided on config creation. Format
|
29
|
-
#
|
30
|
-
#
|
31
|
-
#
|
29
|
+
# `organizations/{organization}/muteConfigs/{mute_config}`
|
30
|
+
# `folders/{folder}/muteConfigs/{mute_config}`
|
31
|
+
# `projects/{project}/muteConfigs/{mute_config}`
|
32
|
+
# `organizations/{organization}/locations/global/muteConfigs/{mute_config}`
|
33
|
+
# `folders/{folder}/locations/global/muteConfigs/{mute_config}`
|
34
|
+
# `projects/{project}/locations/global/muteConfigs/{mute_config}`
|
32
35
|
# @!attribute [rw] display_name
|
33
36
|
# @deprecated This field is deprecated and may be removed in the next major version update.
|
34
37
|
# @return [::String]
|
@@ -73,9 +76,39 @@ module Google
|
|
73
76
|
# Output only. Email address of the user who last edited the mute config.
|
74
77
|
# This field is set by the server and will be ignored if provided on config
|
75
78
|
# creation or update.
|
79
|
+
# @!attribute [rw] type
|
80
|
+
# @return [::Google::Cloud::SecurityCenter::V1::MuteConfig::MuteConfigType]
|
81
|
+
# Optional. The type of the mute config, which determines what type of mute
|
82
|
+
# state the config affects. The static mute state takes precedence over the
|
83
|
+
# dynamic mute state. Immutable after creation. STATIC by default if not set
|
84
|
+
# during creation.
|
85
|
+
# @!attribute [rw] expiry_time
|
86
|
+
# @return [::Google::Protobuf::Timestamp]
|
87
|
+
# Optional. The expiry of the mute config. Only applicable for dynamic
|
88
|
+
# configs. If the expiry is set, when the config expires, it is removed from
|
89
|
+
# all findings.
|
76
90
|
class MuteConfig
|
77
91
|
include ::Google::Protobuf::MessageExts
|
78
92
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
93
|
+
|
94
|
+
# The type of MuteConfig.
|
95
|
+
module MuteConfigType
|
96
|
+
# Unused.
|
97
|
+
MUTE_CONFIG_TYPE_UNSPECIFIED = 0
|
98
|
+
|
99
|
+
# A static mute config, which sets the static mute state of future matching
|
100
|
+
# findings to muted. Once the static mute state has been set, finding or
|
101
|
+
# config modifications will not affect the state.
|
102
|
+
STATIC = 1
|
103
|
+
|
104
|
+
# A dynamic mute config, which is applied to existing and future matching
|
105
|
+
# findings, setting their dynamic mute state to "muted". If the config is
|
106
|
+
# updated or deleted, or a matching finding is updated, such that the
|
107
|
+
# finding doesn't match the config, the config will be removed from the
|
108
|
+
# finding, and the finding's dynamic mute state may become "unmuted"
|
109
|
+
# (unless other configs still match).
|
110
|
+
DYNAMIC = 2
|
111
|
+
end
|
79
112
|
end
|
80
113
|
end
|
81
114
|
end
|
@@ -49,10 +49,233 @@ module Google
|
|
49
49
|
# Output only. Contains a Folder message for each folder in the assets
|
50
50
|
# ancestry. The first folder is the deepest nested folder, and the last
|
51
51
|
# folder is the folder directly under the Organization.
|
52
|
+
# @!attribute [rw] cloud_provider
|
53
|
+
# @return [::Google::Cloud::SecurityCenter::V1::CloudProvider]
|
54
|
+
# Indicates which cloud provider the resource resides in.
|
55
|
+
# @!attribute [rw] organization
|
56
|
+
# @return [::String]
|
57
|
+
# Indicates which organization or tenant in the cloud provider the finding
|
58
|
+
# applies to.
|
59
|
+
# @!attribute [rw] service
|
60
|
+
# @return [::String]
|
61
|
+
# The parent service or product from which the resource is provided, for
|
62
|
+
# example, GKE or SNS.
|
63
|
+
# @!attribute [rw] location
|
64
|
+
# @return [::String]
|
65
|
+
# The region or location of the service (if applicable).
|
66
|
+
# @!attribute [rw] aws_metadata
|
67
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AwsMetadata]
|
68
|
+
# The AWS metadata associated with the finding.
|
69
|
+
# @!attribute [rw] azure_metadata
|
70
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AzureMetadata]
|
71
|
+
# The Azure metadata associated with the finding.
|
72
|
+
# @!attribute [rw] resource_path
|
73
|
+
# @return [::Google::Cloud::SecurityCenter::V1::ResourcePath]
|
74
|
+
# Provides the path to the resource within the resource hierarchy.
|
75
|
+
# @!attribute [rw] resource_path_string
|
76
|
+
# @return [::String]
|
77
|
+
# A string representation of the resource path.
|
78
|
+
# For Google Cloud, it has the format of
|
79
|
+
# `organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id}`
|
80
|
+
# where there can be any number of folders.
|
81
|
+
# For AWS, it has the format of
|
82
|
+
# `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}`
|
83
|
+
# where there can be any number of organizational units.
|
84
|
+
# For Azure, it has the format of
|
85
|
+
# `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}`
|
86
|
+
# where there can be any number of management groups.
|
52
87
|
class Resource
|
53
88
|
include ::Google::Protobuf::MessageExts
|
54
89
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
55
90
|
end
|
91
|
+
|
92
|
+
# AWS metadata associated with the resource, only applicable if the finding's
|
93
|
+
# cloud provider is Amazon Web Services.
|
94
|
+
# @!attribute [rw] organization
|
95
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AwsMetadata::AwsOrganization]
|
96
|
+
# The AWS organization associated with the resource.
|
97
|
+
# @!attribute [rw] organizational_units
|
98
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AwsMetadata::AwsOrganizationalUnit>]
|
99
|
+
# A list of AWS organizational units associated with the resource, ordered
|
100
|
+
# from lowest level (closest to the account) to highest level.
|
101
|
+
# @!attribute [rw] account
|
102
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AwsMetadata::AwsAccount]
|
103
|
+
# The AWS account associated with the resource.
|
104
|
+
class AwsMetadata
|
105
|
+
include ::Google::Protobuf::MessageExts
|
106
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
107
|
+
|
108
|
+
# An organization is a collection of accounts that are centrally managed
|
109
|
+
# together using consolidated billing, organized hierarchically with
|
110
|
+
# organizational units (OUs), and controlled with policies.
|
111
|
+
# @!attribute [rw] id
|
112
|
+
# @return [::String]
|
113
|
+
# The unique identifier (ID) for the organization. The regex pattern for an
|
114
|
+
# organization ID string requires "o-" followed by from 10 to 32 lowercase
|
115
|
+
# letters or digits.
|
116
|
+
class AwsOrganization
|
117
|
+
include ::Google::Protobuf::MessageExts
|
118
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
119
|
+
end
|
120
|
+
|
121
|
+
# An Organizational Unit (OU) is a container of AWS accounts within a root of
|
122
|
+
# an organization. Policies that are attached to an OU apply to all accounts
|
123
|
+
# contained in that OU and in any child OUs.
|
124
|
+
# @!attribute [rw] id
|
125
|
+
# @return [::String]
|
126
|
+
# The unique identifier (ID) associated with this OU. The regex pattern for
|
127
|
+
# an organizational unit ID string requires "ou-" followed by from 4 to 32
|
128
|
+
# lowercase letters or digits (the ID of the root that contains the OU).
|
129
|
+
# This string is followed by a second "-" dash and from 8 to 32 additional
|
130
|
+
# lowercase letters or digits. For example, "ou-ab12-cd34ef56".
|
131
|
+
# @!attribute [rw] name
|
132
|
+
# @return [::String]
|
133
|
+
# The friendly name of the OU.
|
134
|
+
class AwsOrganizationalUnit
|
135
|
+
include ::Google::Protobuf::MessageExts
|
136
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
137
|
+
end
|
138
|
+
|
139
|
+
# An AWS account that is a member of an organization.
|
140
|
+
# @!attribute [rw] id
|
141
|
+
# @return [::String]
|
142
|
+
# The unique identifier (ID) of the account, containing exactly 12 digits.
|
143
|
+
# @!attribute [rw] name
|
144
|
+
# @return [::String]
|
145
|
+
# The friendly name of this account.
|
146
|
+
class AwsAccount
|
147
|
+
include ::Google::Protobuf::MessageExts
|
148
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
149
|
+
end
|
150
|
+
end
|
151
|
+
|
152
|
+
# Azure metadata associated with the resource, only applicable if the finding's
|
153
|
+
# cloud provider is Microsoft Azure.
|
154
|
+
# @!attribute [rw] management_groups
|
155
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AzureMetadata::AzureManagementGroup>]
|
156
|
+
# A list of Azure management groups associated with the resource, ordered
|
157
|
+
# from lowest level (closest to the subscription) to highest level.
|
158
|
+
# @!attribute [rw] subscription
|
159
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AzureMetadata::AzureSubscription]
|
160
|
+
# The Azure subscription associated with the resource.
|
161
|
+
# @!attribute [rw] resource_group
|
162
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AzureMetadata::AzureResourceGroup]
|
163
|
+
# The Azure resource group associated with the resource.
|
164
|
+
class AzureMetadata
|
165
|
+
include ::Google::Protobuf::MessageExts
|
166
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
167
|
+
|
168
|
+
# Represents an Azure management group.
|
169
|
+
# @!attribute [rw] id
|
170
|
+
# @return [::String]
|
171
|
+
# The UUID of the Azure management group, for example,
|
172
|
+
# `20000000-0001-0000-0000-000000000000`.
|
173
|
+
# @!attribute [rw] display_name
|
174
|
+
# @return [::String]
|
175
|
+
# The display name of the Azure management group.
|
176
|
+
class AzureManagementGroup
|
177
|
+
include ::Google::Protobuf::MessageExts
|
178
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
179
|
+
end
|
180
|
+
|
181
|
+
# Represents an Azure subscription.
|
182
|
+
# @!attribute [rw] id
|
183
|
+
# @return [::String]
|
184
|
+
# The UUID of the Azure subscription, for example,
|
185
|
+
# `291bba3f-e0a5-47bc-a099-3bdcb2a50a05`.
|
186
|
+
# @!attribute [rw] display_name
|
187
|
+
# @return [::String]
|
188
|
+
# The display name of the Azure subscription.
|
189
|
+
class AzureSubscription
|
190
|
+
include ::Google::Protobuf::MessageExts
|
191
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
192
|
+
end
|
193
|
+
|
194
|
+
# Represents an Azure resource group.
|
195
|
+
# @!attribute [rw] name
|
196
|
+
# @return [::String]
|
197
|
+
# The name of the Azure resource group. This is not a UUID.
|
198
|
+
class AzureResourceGroup
|
199
|
+
include ::Google::Protobuf::MessageExts
|
200
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
201
|
+
end
|
202
|
+
end
|
203
|
+
|
204
|
+
# Represents the path of resources leading up to the resource this finding is
|
205
|
+
# about.
|
206
|
+
# @!attribute [rw] nodes
|
207
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::ResourcePath::ResourcePathNode>]
|
208
|
+
# The list of nodes that make the up resource path, ordered from lowest
|
209
|
+
# level to highest level.
|
210
|
+
class ResourcePath
|
211
|
+
include ::Google::Protobuf::MessageExts
|
212
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
213
|
+
|
214
|
+
# A node within the resource path. Each node represents a resource within the
|
215
|
+
# resource hierarchy.
|
216
|
+
# @!attribute [rw] node_type
|
217
|
+
# @return [::Google::Cloud::SecurityCenter::V1::ResourcePath::ResourcePathNodeType]
|
218
|
+
# The type of resource this node represents.
|
219
|
+
# @!attribute [rw] id
|
220
|
+
# @return [::String]
|
221
|
+
# The ID of the resource this node represents.
|
222
|
+
# @!attribute [rw] display_name
|
223
|
+
# @return [::String]
|
224
|
+
# The display name of the resource this node represents.
|
225
|
+
class ResourcePathNode
|
226
|
+
include ::Google::Protobuf::MessageExts
|
227
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
228
|
+
end
|
229
|
+
|
230
|
+
# The type of resource the node represents.
|
231
|
+
module ResourcePathNodeType
|
232
|
+
# Node type is unspecified.
|
233
|
+
RESOURCE_PATH_NODE_TYPE_UNSPECIFIED = 0
|
234
|
+
|
235
|
+
# The node represents a Google Cloud organization.
|
236
|
+
GCP_ORGANIZATION = 1
|
237
|
+
|
238
|
+
# The node represents a Google Cloud folder.
|
239
|
+
GCP_FOLDER = 2
|
240
|
+
|
241
|
+
# The node represents a Google Cloud project.
|
242
|
+
GCP_PROJECT = 3
|
243
|
+
|
244
|
+
# The node represents an AWS organization.
|
245
|
+
AWS_ORGANIZATION = 4
|
246
|
+
|
247
|
+
# The node represents an AWS organizational unit.
|
248
|
+
AWS_ORGANIZATIONAL_UNIT = 5
|
249
|
+
|
250
|
+
# The node represents an AWS account.
|
251
|
+
AWS_ACCOUNT = 6
|
252
|
+
|
253
|
+
# The node represents an Azure management group.
|
254
|
+
AZURE_MANAGEMENT_GROUP = 7
|
255
|
+
|
256
|
+
# The node represents an Azure subscription.
|
257
|
+
AZURE_SUBSCRIPTION = 8
|
258
|
+
|
259
|
+
# The node represents an Azure resource group.
|
260
|
+
AZURE_RESOURCE_GROUP = 9
|
261
|
+
end
|
262
|
+
end
|
263
|
+
|
264
|
+
# Enumeration representing the various cloud providers a finding's resource
|
265
|
+
# could reside in.
|
266
|
+
module CloudProvider
|
267
|
+
# The cloud provider is unspecified.
|
268
|
+
CLOUD_PROVIDER_UNSPECIFIED = 0
|
269
|
+
|
270
|
+
# The cloud provider is Google Cloud Platform.
|
271
|
+
GOOGLE_CLOUD_PLATFORM = 1
|
272
|
+
|
273
|
+
# The cloud provider is Amazon Web Services.
|
274
|
+
AMAZON_WEB_SERVICES = 2
|
275
|
+
|
276
|
+
# The cloud provider is Microsoft Azure.
|
277
|
+
MICROSOFT_AZURE = 3
|
278
|
+
end
|
56
279
|
end
|
57
280
|
end
|
58
281
|
end
|
@@ -0,0 +1,125 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# A resource value configuration (RVC) is a mapping configuration of user's
|
25
|
+
# resources to resource values. Used in Attack path simulations.
|
26
|
+
# @!attribute [rw] name
|
27
|
+
# @return [::String]
|
28
|
+
# Name for the resource value configuration
|
29
|
+
# @!attribute [rw] resource_value
|
30
|
+
# @return [::Google::Cloud::SecurityCenter::V1::ResourceValue]
|
31
|
+
# Required. Resource value level this expression represents
|
32
|
+
# @!attribute [rw] tag_values
|
33
|
+
# @return [::Array<::String>]
|
34
|
+
# Required. Tag values combined with `AND` to check against.
|
35
|
+
# Values in the form "tagValues/123"
|
36
|
+
# Example: `[ "tagValues/123", "tagValues/456", "tagValues/789" ]`
|
37
|
+
# https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
|
38
|
+
# @!attribute [rw] resource_type
|
39
|
+
# @return [::String]
|
40
|
+
# Apply resource_value only to resources that match resource_type.
|
41
|
+
# resource_type will be checked with `AND` of other resources.
|
42
|
+
# For example, "storage.googleapis.com/Bucket" with resource_value "HIGH"
|
43
|
+
# will apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.
|
44
|
+
# @!attribute [rw] scope
|
45
|
+
# @return [::String]
|
46
|
+
# Project or folder to scope this configuration to.
|
47
|
+
# For example, "project/456" would apply this configuration only to resources
|
48
|
+
# in "project/456" scope will be checked with `AND` of other
|
49
|
+
# resources.
|
50
|
+
# @!attribute [rw] resource_labels_selector
|
51
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
52
|
+
# List of resource labels to search for, evaluated with `AND`.
|
53
|
+
# For example, `"resource_labels_selector": {"key": "value", "env": "prod"}`
|
54
|
+
# will match resources with labels "key": "value" `AND` "env":
|
55
|
+
# "prod"
|
56
|
+
# https://cloud.google.com/resource-manager/docs/creating-managing-labels
|
57
|
+
# @!attribute [rw] description
|
58
|
+
# @return [::String]
|
59
|
+
# Description of the resource value configuration.
|
60
|
+
# @!attribute [r] create_time
|
61
|
+
# @return [::Google::Protobuf::Timestamp]
|
62
|
+
# Output only. Timestamp this resource value configuration was created.
|
63
|
+
# @!attribute [r] update_time
|
64
|
+
# @return [::Google::Protobuf::Timestamp]
|
65
|
+
# Output only. Timestamp this resource value configuration was last updated.
|
66
|
+
# @!attribute [rw] cloud_provider
|
67
|
+
# @return [::Google::Cloud::SecurityCenter::V1::CloudProvider]
|
68
|
+
# Cloud provider this configuration applies to
|
69
|
+
# @!attribute [rw] sensitive_data_protection_mapping
|
70
|
+
# @return [::Google::Cloud::SecurityCenter::V1::ResourceValueConfig::SensitiveDataProtectionMapping]
|
71
|
+
# A mapping of the sensitivity on Sensitive Data Protection finding to
|
72
|
+
# resource values. This mapping can only be used in combination with a
|
73
|
+
# resource_type that is related to BigQuery, e.g.
|
74
|
+
# "bigquery.googleapis.com/Dataset".
|
75
|
+
class ResourceValueConfig
|
76
|
+
include ::Google::Protobuf::MessageExts
|
77
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
78
|
+
|
79
|
+
# Resource value mapping for Sensitive Data Protection findings.
|
80
|
+
# If any of these mappings have a resource value that is not unspecified,
|
81
|
+
# the resource_value field will be ignored when reading this configuration.
|
82
|
+
# @!attribute [rw] high_sensitivity_mapping
|
83
|
+
# @return [::Google::Cloud::SecurityCenter::V1::ResourceValue]
|
84
|
+
# Resource value mapping for high-sensitivity Sensitive Data Protection
|
85
|
+
# findings
|
86
|
+
# @!attribute [rw] medium_sensitivity_mapping
|
87
|
+
# @return [::Google::Cloud::SecurityCenter::V1::ResourceValue]
|
88
|
+
# Resource value mapping for medium-sensitivity Sensitive Data Protection
|
89
|
+
# findings
|
90
|
+
class SensitiveDataProtectionMapping
|
91
|
+
include ::Google::Protobuf::MessageExts
|
92
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
93
|
+
end
|
94
|
+
|
95
|
+
# @!attribute [rw] key
|
96
|
+
# @return [::String]
|
97
|
+
# @!attribute [rw] value
|
98
|
+
# @return [::String]
|
99
|
+
class ResourceLabelsSelectorEntry
|
100
|
+
include ::Google::Protobuf::MessageExts
|
101
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
# Value enum to map to a resource
|
106
|
+
module ResourceValue
|
107
|
+
# Unspecific value
|
108
|
+
RESOURCE_VALUE_UNSPECIFIED = 0
|
109
|
+
|
110
|
+
# High resource value
|
111
|
+
HIGH = 1
|
112
|
+
|
113
|
+
# Medium resource value
|
114
|
+
MEDIUM = 2
|
115
|
+
|
116
|
+
# Low resource value
|
117
|
+
LOW = 3
|
118
|
+
|
119
|
+
# No resource value, e.g. ignore these resources
|
120
|
+
NONE = 4
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|