google-cloud-security_center-v1 1.0.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +0 -1
- data/lib/google/cloud/security_center/v1/security_center/client.rb +2096 -182
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +313 -0
- data/lib/google/cloud/security_center/v1/security_center/rest/client.rb +1977 -189
- data/lib/google/cloud/security_center/v1/security_center/rest/service_stub.rb +1926 -595
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/asset_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/attack_exposure_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/attack_path_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v1/bigquery_export_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v1/event_threat_detection_custom_module_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/event_threat_detection_custom_module_validation_errors_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v1/external_system_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +6 -1
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/mute_config_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/notification_config_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/organization_settings_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/resource_pb.rb +13 -1
- data/lib/google/cloud/securitycenter/v1/resource_value_config_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb +45 -2
- data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb +54 -0
- data/lib/google/cloud/securitycenter/v1/simulation_pb.rb +50 -0
- data/lib/google/cloud/securitycenter/v1/valued_resource_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/vulnerability_pb.rb +1 -1
- data/proto_docs/google/api/client.rb +31 -10
- data/proto_docs/google/api/resource.rb +7 -2
- data/proto_docs/google/cloud/securitycenter/v1/attack_exposure.rb +73 -0
- data/proto_docs/google/cloud/securitycenter/v1/attack_path.rb +147 -0
- data/proto_docs/google/cloud/securitycenter/v1/cloud_armor.rb +6 -6
- data/proto_docs/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module.rb +77 -0
- data/proto_docs/google/cloud/securitycenter/v1/event_threat_detection_custom_module.rb +88 -0
- data/proto_docs/google/cloud/securitycenter/v1/event_threat_detection_custom_module_validation_errors.rb +69 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +50 -0
- data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +19 -1
- data/proto_docs/google/cloud/securitycenter/v1/mute_config.rb +36 -3
- data/proto_docs/google/cloud/securitycenter/v1/resource.rb +223 -0
- data/proto_docs/google/cloud/securitycenter/v1/resource_value_config.rb +125 -0
- data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb +626 -87
- data/proto_docs/google/cloud/securitycenter/v1/simulation.rb +46 -0
- data/proto_docs/google/cloud/securitycenter/v1/valued_resource.rb +86 -0
- data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb +3 -0
- metadata +18 -2
@@ -196,9 +196,26 @@ module Google
|
|
196
196
|
# @!attribute [rw] common
|
197
197
|
# @return [::Google::Api::CommonLanguageSettings]
|
198
198
|
# Some settings.
|
199
|
+
# @!attribute [rw] experimental_features
|
200
|
+
# @return [::Google::Api::PythonSettings::ExperimentalFeatures]
|
201
|
+
# Experimental features to be included during client library generation.
|
199
202
|
class PythonSettings
|
200
203
|
include ::Google::Protobuf::MessageExts
|
201
204
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
205
|
+
|
206
|
+
# Experimental features to be included during client library generation.
|
207
|
+
# These fields will be deprecated once the feature graduates and is enabled
|
208
|
+
# by default.
|
209
|
+
# @!attribute [rw] rest_async_io_enabled
|
210
|
+
# @return [::Boolean]
|
211
|
+
# Enables generation of asynchronous REST clients if `rest` transport is
|
212
|
+
# enabled. By default, asynchronous REST clients will not be generated.
|
213
|
+
# This feature will be enabled by default 1 month after launching the
|
214
|
+
# feature in preview packages.
|
215
|
+
class ExperimentalFeatures
|
216
|
+
include ::Google::Protobuf::MessageExts
|
217
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
218
|
+
end
|
202
219
|
end
|
203
220
|
|
204
221
|
# Settings for Node client libraries.
|
@@ -290,6 +307,13 @@ module Google
|
|
290
307
|
# @return [::String]
|
291
308
|
# The fully qualified name of the method, for which the options below apply.
|
292
309
|
# This is used to find the method to apply the options.
|
310
|
+
#
|
311
|
+
# Example:
|
312
|
+
#
|
313
|
+
# publishing:
|
314
|
+
# method_settings:
|
315
|
+
# - selector: google.storage.control.v2.StorageControl.CreateFolder
|
316
|
+
# # method settings for CreateFolder...
|
293
317
|
# @!attribute [rw] long_running
|
294
318
|
# @return [::Google::Api::MethodSettings::LongRunning]
|
295
319
|
# Describes settings to use for long-running operations when generating
|
@@ -298,17 +322,14 @@ module Google
|
|
298
322
|
#
|
299
323
|
# Example of a YAML configuration::
|
300
324
|
#
|
301
|
-
#
|
302
|
-
#
|
325
|
+
# publishing:
|
326
|
+
# method_settings:
|
303
327
|
# - selector: google.cloud.speech.v2.Speech.BatchRecognize
|
304
328
|
# long_running:
|
305
|
-
# initial_poll_delay:
|
306
|
-
# seconds: 60 # 1 minute
|
329
|
+
# initial_poll_delay: 60s # 1 minute
|
307
330
|
# poll_delay_multiplier: 1.5
|
308
|
-
# max_poll_delay:
|
309
|
-
#
|
310
|
-
# total_poll_timeout:
|
311
|
-
# seconds: 54000 # 90 minutes
|
331
|
+
# max_poll_delay: 360s # 6 minutes
|
332
|
+
# total_poll_timeout: 54000s # 90 minutes
|
312
333
|
# @!attribute [rw] auto_populated_fields
|
313
334
|
# @return [::Array<::String>]
|
314
335
|
# List of top-level fields of the request message, that should be
|
@@ -317,8 +338,8 @@ module Google
|
|
317
338
|
#
|
318
339
|
# Example of a YAML configuration:
|
319
340
|
#
|
320
|
-
#
|
321
|
-
#
|
341
|
+
# publishing:
|
342
|
+
# method_settings:
|
322
343
|
# - selector: google.example.v1.ExampleService.CreateExample
|
323
344
|
# auto_populated_fields:
|
324
345
|
# - request_id
|
@@ -124,8 +124,13 @@ module Google
|
|
124
124
|
# @return [::String]
|
125
125
|
# The plural name used in the resource name and permission names, such as
|
126
126
|
# 'projects' for the resource name of 'projects/\\{project}' and the permission
|
127
|
-
# name of 'cloudresourcemanager.googleapis.com/projects.get'.
|
128
|
-
#
|
127
|
+
# name of 'cloudresourcemanager.googleapis.com/projects.get'. One exception
|
128
|
+
# to this is for Nested Collections that have stuttering names, as defined
|
129
|
+
# in [AIP-122](https://google.aip.dev/122#nested-collections), where the
|
130
|
+
# collection ID in the resource name pattern does not necessarily directly
|
131
|
+
# match the `plural` value.
|
132
|
+
#
|
133
|
+
# It is the same concept of the `plural` field in k8s CRD spec
|
129
134
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
130
135
|
#
|
131
136
|
# Note: The plural form is required even for singleton resources. See
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# An attack exposure contains the results of an attack path simulation run.
|
25
|
+
# @!attribute [rw] score
|
26
|
+
# @return [::Float]
|
27
|
+
# A number between 0 (inclusive) and infinity that represents how important
|
28
|
+
# this finding is to remediate. The higher the score, the more important it
|
29
|
+
# is to remediate.
|
30
|
+
# @!attribute [rw] latest_calculation_time
|
31
|
+
# @return [::Google::Protobuf::Timestamp]
|
32
|
+
# The most recent time the attack exposure was updated on this finding.
|
33
|
+
# @!attribute [rw] attack_exposure_result
|
34
|
+
# @return [::String]
|
35
|
+
# The resource name of the attack path simulation result that contains the
|
36
|
+
# details regarding this attack exposure score.
|
37
|
+
# Example: `organizations/123/simulations/456/attackExposureResults/789`
|
38
|
+
# @!attribute [rw] state
|
39
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AttackExposure::State]
|
40
|
+
# What state this AttackExposure is in. This captures whether or not an
|
41
|
+
# attack exposure has been calculated or not.
|
42
|
+
# @!attribute [rw] exposed_high_value_resources_count
|
43
|
+
# @return [::Integer]
|
44
|
+
# The number of high value resources that are exposed as a result of this
|
45
|
+
# finding.
|
46
|
+
# @!attribute [rw] exposed_medium_value_resources_count
|
47
|
+
# @return [::Integer]
|
48
|
+
# The number of medium value resources that are exposed as a result of this
|
49
|
+
# finding.
|
50
|
+
# @!attribute [rw] exposed_low_value_resources_count
|
51
|
+
# @return [::Integer]
|
52
|
+
# The number of high value resources that are exposed as a result of this
|
53
|
+
# finding.
|
54
|
+
class AttackExposure
|
55
|
+
include ::Google::Protobuf::MessageExts
|
56
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
57
|
+
|
58
|
+
# This enum defines the various states an AttackExposure can be in.
|
59
|
+
module State
|
60
|
+
# The state is not specified.
|
61
|
+
STATE_UNSPECIFIED = 0
|
62
|
+
|
63
|
+
# The attack exposure has been calculated.
|
64
|
+
CALCULATED = 1
|
65
|
+
|
66
|
+
# The attack exposure has not been calculated.
|
67
|
+
NOT_CALCULATED = 2
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,147 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# A path that an attacker could take to reach an exposed resource.
|
25
|
+
# @!attribute [rw] name
|
26
|
+
# @return [::String]
|
27
|
+
# The attack path name, for example,
|
28
|
+
# `organizations/12/simulation/34/valuedResources/56/attackPaths/78`
|
29
|
+
# @!attribute [rw] path_nodes
|
30
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode>]
|
31
|
+
# A list of nodes that exist in this attack path.
|
32
|
+
# @!attribute [rw] edges
|
33
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathEdge>]
|
34
|
+
# A list of the edges between nodes in this attack path.
|
35
|
+
class AttackPath
|
36
|
+
include ::Google::Protobuf::MessageExts
|
37
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
38
|
+
|
39
|
+
# Represents one point that an attacker passes through in this attack path.
|
40
|
+
# @!attribute [rw] resource
|
41
|
+
# @return [::String]
|
42
|
+
# The name of the resource at this point in the attack path.
|
43
|
+
# The format of the name follows the Cloud Asset Inventory [resource
|
44
|
+
# name
|
45
|
+
# format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
|
46
|
+
# @!attribute [rw] resource_type
|
47
|
+
# @return [::String]
|
48
|
+
# The [supported resource
|
49
|
+
# type](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
50
|
+
# @!attribute [rw] display_name
|
51
|
+
# @return [::String]
|
52
|
+
# Human-readable name of this resource.
|
53
|
+
# @!attribute [rw] associated_findings
|
54
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::PathNodeAssociatedFinding>]
|
55
|
+
# The findings associated with this node in the attack path.
|
56
|
+
# @!attribute [rw] uuid
|
57
|
+
# @return [::String]
|
58
|
+
# Unique id of the attack path node.
|
59
|
+
# @!attribute [rw] attack_steps
|
60
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::AttackStepNode>]
|
61
|
+
# A list of attack step nodes that exist in this attack path node.
|
62
|
+
class AttackPathNode
|
63
|
+
include ::Google::Protobuf::MessageExts
|
64
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
65
|
+
|
66
|
+
# A finding that is associated with this node in the attack path.
|
67
|
+
# @!attribute [rw] canonical_finding
|
68
|
+
# @return [::String]
|
69
|
+
# Canonical name of the associated findings. Example:
|
70
|
+
# `organizations/123/sources/456/findings/789`
|
71
|
+
# @!attribute [rw] finding_category
|
72
|
+
# @return [::String]
|
73
|
+
# The additional taxonomy group within findings from a given source.
|
74
|
+
# @!attribute [rw] name
|
75
|
+
# @return [::String]
|
76
|
+
# Full resource name of the finding.
|
77
|
+
class PathNodeAssociatedFinding
|
78
|
+
include ::Google::Protobuf::MessageExts
|
79
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
80
|
+
end
|
81
|
+
|
82
|
+
# Detailed steps the attack can take between path nodes.
|
83
|
+
# @!attribute [rw] uuid
|
84
|
+
# @return [::String]
|
85
|
+
# Unique ID for one Node
|
86
|
+
# @!attribute [rw] type
|
87
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::NodeType]
|
88
|
+
# Attack step type. Can be either AND, OR or DEFENSE
|
89
|
+
# @!attribute [rw] display_name
|
90
|
+
# @return [::String]
|
91
|
+
# User friendly name of the attack step
|
92
|
+
# @!attribute [rw] labels
|
93
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
94
|
+
# Attack step labels for metadata
|
95
|
+
# @!attribute [rw] description
|
96
|
+
# @return [::String]
|
97
|
+
# Attack step description
|
98
|
+
class AttackStepNode
|
99
|
+
include ::Google::Protobuf::MessageExts
|
100
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
101
|
+
|
102
|
+
# @!attribute [rw] key
|
103
|
+
# @return [::String]
|
104
|
+
# @!attribute [rw] value
|
105
|
+
# @return [::String]
|
106
|
+
class LabelsEntry
|
107
|
+
include ::Google::Protobuf::MessageExts
|
108
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
# The type of the incoming attack step node.
|
113
|
+
module NodeType
|
114
|
+
# Type not specified
|
115
|
+
NODE_TYPE_UNSPECIFIED = 0
|
116
|
+
|
117
|
+
# Incoming edge joined with AND
|
118
|
+
NODE_TYPE_AND = 1
|
119
|
+
|
120
|
+
# Incoming edge joined with OR
|
121
|
+
NODE_TYPE_OR = 2
|
122
|
+
|
123
|
+
# Incoming edge is defense
|
124
|
+
NODE_TYPE_DEFENSE = 3
|
125
|
+
|
126
|
+
# Incoming edge is attacker
|
127
|
+
NODE_TYPE_ATTACKER = 4
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
# Represents a connection between a source node and a destination node in
|
132
|
+
# this attack path.
|
133
|
+
# @!attribute [rw] source
|
134
|
+
# @return [::String]
|
135
|
+
# The attack node uuid of the source node.
|
136
|
+
# @!attribute [rw] destination
|
137
|
+
# @return [::String]
|
138
|
+
# The attack node uuid of the destination node.
|
139
|
+
class AttackPathEdge
|
140
|
+
include ::Google::Protobuf::MessageExts
|
141
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
142
|
+
end
|
143
|
+
end
|
144
|
+
end
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
@@ -43,8 +43,8 @@ module Google
|
|
43
43
|
# @!attribute [rw] threat_vector
|
44
44
|
# @return [::String]
|
45
45
|
# Distinguish between volumetric & protocol DDoS attack and
|
46
|
-
# application layer attacks. For example,
|
47
|
-
# attacks, or
|
46
|
+
# application layer attacks. For example, "L3_4" for Layer 3 and Layer 4 DDoS
|
47
|
+
# attacks, or "L_7" for Layer 7 DDoS attacks.
|
48
48
|
# @!attribute [rw] duration
|
49
49
|
# @return [::Google::Protobuf::Duration]
|
50
50
|
# Duration of attack from the start until the current moment (updated every 5
|
@@ -63,9 +63,9 @@ module Google
|
|
63
63
|
# "my-security-policy".
|
64
64
|
# @!attribute [rw] type
|
65
65
|
# @return [::String]
|
66
|
-
# The type of Google Cloud Armor security policy for example,
|
67
|
-
# security policy
|
68
|
-
# or
|
66
|
+
# The type of Google Cloud Armor security policy for example, 'backend
|
67
|
+
# security policy', 'edge security policy', 'network edge security policy',
|
68
|
+
# or 'always-on DDoS protection'.
|
69
69
|
# @!attribute [rw] preview
|
70
70
|
# @return [::Boolean]
|
71
71
|
# Whether or not the associated rule or policy is in preview mode.
|
@@ -117,7 +117,7 @@ module Google
|
|
117
117
|
# Total BPS (bytes per second) volume of attack.
|
118
118
|
# @!attribute [rw] classification
|
119
119
|
# @return [::String]
|
120
|
-
# Type of attack, for example,
|
120
|
+
# Type of attack, for example, 'SYN-flood', 'NTP-udp', or 'CHARGEN-udp'.
|
121
121
|
class Attack
|
122
122
|
include ::Google::Protobuf::MessageExts
|
123
123
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
data/proto_docs/google/cloud/securitycenter/v1/effective_event_threat_detection_custom_module.rb
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# An EffectiveEventThreatDetectionCustomModule is the representation of
|
25
|
+
# an Event Threat Detection custom module at a specified level of the
|
26
|
+
# resource hierarchy: organization, folder, or project. If a custom module is
|
27
|
+
# inherited from a parent organization or folder, the value of the
|
28
|
+
# `enablement_state` property in EffectiveEventThreatDetectionCustomModule is
|
29
|
+
# set to the value that is effective in the parent, instead of `INHERITED`.
|
30
|
+
# For example, if the module is enabled in a parent organization or folder, the
|
31
|
+
# effective `enablement_state` for the module in all child folders or projects
|
32
|
+
# is also `enabled`. EffectiveEventThreatDetectionCustomModule is read-only.
|
33
|
+
# @!attribute [r] name
|
34
|
+
# @return [::String]
|
35
|
+
# Output only. The resource name of the effective ETD custom module.
|
36
|
+
#
|
37
|
+
# Its format is:
|
38
|
+
#
|
39
|
+
# * `organizations/{organization}/eventThreatDetectionSettings/effectiveCustomModules/{module}`.
|
40
|
+
# * `folders/{folder}/eventThreatDetectionSettings/effectiveCustomModules/{module}`.
|
41
|
+
# * `projects/{project}/eventThreatDetectionSettings/effectiveCustomModules/{module}`.
|
42
|
+
# @!attribute [r] config
|
43
|
+
# @return [::Google::Protobuf::Struct]
|
44
|
+
# Output only. Config for the effective module.
|
45
|
+
# @!attribute [r] enablement_state
|
46
|
+
# @return [::Google::Cloud::SecurityCenter::V1::EffectiveEventThreatDetectionCustomModule::EnablementState]
|
47
|
+
# Output only. The effective state of enablement for the module at the given
|
48
|
+
# level of the hierarchy.
|
49
|
+
# @!attribute [r] type
|
50
|
+
# @return [::String]
|
51
|
+
# Output only. Type for the module. e.g. CONFIGURABLE_BAD_IP.
|
52
|
+
# @!attribute [r] display_name
|
53
|
+
# @return [::String]
|
54
|
+
# Output only. The human readable name to be displayed for the module.
|
55
|
+
# @!attribute [r] description
|
56
|
+
# @return [::String]
|
57
|
+
# Output only. The description for the module.
|
58
|
+
class EffectiveEventThreatDetectionCustomModule
|
59
|
+
include ::Google::Protobuf::MessageExts
|
60
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
61
|
+
|
62
|
+
# The enablement state of the module.
|
63
|
+
module EnablementState
|
64
|
+
# Unspecified enablement state.
|
65
|
+
ENABLEMENT_STATE_UNSPECIFIED = 0
|
66
|
+
|
67
|
+
# The module is enabled at the given level.
|
68
|
+
ENABLED = 1
|
69
|
+
|
70
|
+
# The module is disabled at the given level.
|
71
|
+
DISABLED = 2
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
@@ -0,0 +1,88 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# Represents an instance of an Event Threat Detection custom module,
|
25
|
+
# including its full module name, display name, enablement state, and last
|
26
|
+
# updated time. You can create a custom module at the organization, folder, or
|
27
|
+
# project level. Custom modules that you create at the organization or folder
|
28
|
+
# level are inherited by child folders and projects.
|
29
|
+
# @!attribute [rw] name
|
30
|
+
# @return [::String]
|
31
|
+
# Immutable. The resource name of the Event Threat Detection custom module.
|
32
|
+
#
|
33
|
+
# Its format is:
|
34
|
+
#
|
35
|
+
# * `organizations/{organization}/eventThreatDetectionSettings/customModules/{module}`.
|
36
|
+
# * `folders/{folder}/eventThreatDetectionSettings/customModules/{module}`.
|
37
|
+
# * `projects/{project}/eventThreatDetectionSettings/customModules/{module}`.
|
38
|
+
# @!attribute [rw] config
|
39
|
+
# @return [::Google::Protobuf::Struct]
|
40
|
+
# Config for the module. For the resident module, its config value is defined
|
41
|
+
# at this level. For the inherited module, its config value is inherited from
|
42
|
+
# the ancestor module.
|
43
|
+
# @!attribute [r] ancestor_module
|
44
|
+
# @return [::String]
|
45
|
+
# Output only. The closest ancestor module that this module inherits the
|
46
|
+
# enablement state from. The format is the same as the
|
47
|
+
# EventThreatDetectionCustomModule resource name.
|
48
|
+
# @!attribute [rw] enablement_state
|
49
|
+
# @return [::Google::Cloud::SecurityCenter::V1::EventThreatDetectionCustomModule::EnablementState]
|
50
|
+
# The state of enablement for the module at the given level of the hierarchy.
|
51
|
+
# @!attribute [rw] type
|
52
|
+
# @return [::String]
|
53
|
+
# Type for the module. e.g. CONFIGURABLE_BAD_IP.
|
54
|
+
# @!attribute [rw] display_name
|
55
|
+
# @return [::String]
|
56
|
+
# The human readable name to be displayed for the module.
|
57
|
+
# @!attribute [rw] description
|
58
|
+
# @return [::String]
|
59
|
+
# The description for the module.
|
60
|
+
# @!attribute [r] update_time
|
61
|
+
# @return [::Google::Protobuf::Timestamp]
|
62
|
+
# Output only. The time the module was last updated.
|
63
|
+
# @!attribute [r] last_editor
|
64
|
+
# @return [::String]
|
65
|
+
# Output only. The editor the module was last updated by.
|
66
|
+
class EventThreatDetectionCustomModule
|
67
|
+
include ::Google::Protobuf::MessageExts
|
68
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
69
|
+
|
70
|
+
# The enablement state of the module.
|
71
|
+
module EnablementState
|
72
|
+
# Unspecified enablement state.
|
73
|
+
ENABLEMENT_STATE_UNSPECIFIED = 0
|
74
|
+
|
75
|
+
# The module is enabled at the given level.
|
76
|
+
ENABLED = 1
|
77
|
+
|
78
|
+
# The module is disabled at the given level.
|
79
|
+
DISABLED = 2
|
80
|
+
|
81
|
+
# When the enablement state is inherited.
|
82
|
+
INHERITED = 3
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
@@ -0,0 +1,69 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V1
|
24
|
+
# A list of zero or more errors encountered while validating the uploaded
|
25
|
+
# configuration of an Event Threat Detection Custom Module.
|
26
|
+
# @!attribute [rw] errors
|
27
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::CustomModuleValidationError>]
|
28
|
+
class CustomModuleValidationErrors
|
29
|
+
include ::Google::Protobuf::MessageExts
|
30
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
31
|
+
end
|
32
|
+
|
33
|
+
# An error encountered while validating the uploaded configuration of an
|
34
|
+
# Event Threat Detection Custom Module.
|
35
|
+
# @!attribute [rw] description
|
36
|
+
# @return [::String]
|
37
|
+
# A description of the error, suitable for human consumption. Required.
|
38
|
+
# @!attribute [rw] field_path
|
39
|
+
# @return [::String]
|
40
|
+
# The path, in RFC 8901 JSON Pointer format, to the field that failed
|
41
|
+
# validation. This may be left empty if no specific field is affected.
|
42
|
+
# @!attribute [rw] start
|
43
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Position]
|
44
|
+
# The initial position of the error in the uploaded text version of the
|
45
|
+
# module. This field may be omitted if no specific position applies, or if
|
46
|
+
# one could not be computed.
|
47
|
+
# @!attribute [rw] end
|
48
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Position]
|
49
|
+
# The end position of the error in the uploaded text version of the
|
50
|
+
# module. This field may be omitted if no specific position applies, or if
|
51
|
+
# one could not be computed..
|
52
|
+
class CustomModuleValidationError
|
53
|
+
include ::Google::Protobuf::MessageExts
|
54
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
55
|
+
end
|
56
|
+
|
57
|
+
# A position in the uploaded text version of a module.
|
58
|
+
# @!attribute [rw] line_number
|
59
|
+
# @return [::Integer]
|
60
|
+
# @!attribute [rw] column_number
|
61
|
+
# @return [::Integer]
|
62
|
+
class Position
|
63
|
+
include ::Google::Protobuf::MessageExts
|
64
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
@@ -142,6 +142,9 @@ module Google
|
|
142
142
|
# Records additional information about the mute operation, for example, the
|
143
143
|
# [mute configuration](/security-command-center/docs/how-to-mute-findings)
|
144
144
|
# that muted the finding and the user who muted the finding.
|
145
|
+
# @!attribute [r] mute_info
|
146
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Finding::MuteInfo]
|
147
|
+
# Output only. The mute information regarding this finding.
|
145
148
|
# @!attribute [rw] processes
|
146
149
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Process>]
|
147
150
|
# Represents operating system processes associated with the Finding.
|
@@ -199,6 +202,9 @@ module Google
|
|
199
202
|
# @!attribute [rw] database
|
200
203
|
# @return [::Google::Cloud::SecurityCenter::V1::Database]
|
201
204
|
# Database associated with the finding.
|
205
|
+
# @!attribute [rw] attack_exposure
|
206
|
+
# @return [::Google::Cloud::SecurityCenter::V1::AttackExposure]
|
207
|
+
# The results of an attack path simulation relevant to this finding.
|
202
208
|
# @!attribute [rw] files
|
203
209
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::File>]
|
204
210
|
# File associated with the finding.
|
@@ -252,6 +258,50 @@ module Google
|
|
252
258
|
include ::Google::Protobuf::MessageExts
|
253
259
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
254
260
|
|
261
|
+
# Mute information about the finding, including whether the finding has a
|
262
|
+
# static mute or any matching dynamic mute rules.
|
263
|
+
# @!attribute [rw] static_mute
|
264
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Finding::MuteInfo::StaticMute]
|
265
|
+
# If set, the static mute applied to this finding. Static mutes override
|
266
|
+
# dynamic mutes. If unset, there is no static mute.
|
267
|
+
# @!attribute [rw] dynamic_mute_records
|
268
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Finding::MuteInfo::DynamicMuteRecord>]
|
269
|
+
# The list of dynamic mute rules that currently match the finding.
|
270
|
+
class MuteInfo
|
271
|
+
include ::Google::Protobuf::MessageExts
|
272
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
273
|
+
|
274
|
+
# Information about the static mute state. A static mute state overrides
|
275
|
+
# any dynamic mute rules that apply to this finding. The static mute state
|
276
|
+
# can be set by a static mute rule or by muting the finding directly.
|
277
|
+
# @!attribute [rw] state
|
278
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
|
279
|
+
# The static mute state. If the value is `MUTED` or `UNMUTED`, then the
|
280
|
+
# finding's overall mute state will have the same value.
|
281
|
+
# @!attribute [rw] apply_time
|
282
|
+
# @return [::Google::Protobuf::Timestamp]
|
283
|
+
# When the static mute was applied.
|
284
|
+
class StaticMute
|
285
|
+
include ::Google::Protobuf::MessageExts
|
286
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
287
|
+
end
|
288
|
+
|
289
|
+
# The record of a dynamic mute rule that matches the finding.
|
290
|
+
# @!attribute [rw] mute_config
|
291
|
+
# @return [::String]
|
292
|
+
# The relative resource name of the mute rule, represented by a mute
|
293
|
+
# config, that created this record, for example
|
294
|
+
# `organizations/123/muteConfigs/mymuteconfig` or
|
295
|
+
# `organizations/123/locations/global/muteConfigs/mymuteconfig`.
|
296
|
+
# @!attribute [rw] match_time
|
297
|
+
# @return [::Google::Protobuf::Timestamp]
|
298
|
+
# When the dynamic mute rule first matched the finding.
|
299
|
+
class DynamicMuteRecord
|
300
|
+
include ::Google::Protobuf::MessageExts
|
301
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
302
|
+
end
|
303
|
+
end
|
304
|
+
|
255
305
|
# @!attribute [rw] key
|
256
306
|
# @return [::String]
|
257
307
|
# @!attribute [rw] value
|