google-cloud-security_center-v1 0.36.0 → 0.37.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +52 -0
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/database_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/exfiltration_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/file_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +7 -1
- data/lib/google/cloud/securitycenter/v1/indicator_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/kubernetes_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/load_balancer_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v1/log_entry_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/org_policy_pb.rb +44 -0
- data/proto_docs/google/cloud/securitycenter/v1/database.rb +10 -5
- data/proto_docs/google/cloud/securitycenter/v1/exfiltration.rb +3 -0
- data/proto_docs/google/cloud/securitycenter/v1/file.rb +17 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +9 -0
- data/proto_docs/google/cloud/securitycenter/v1/indicator.rb +15 -0
- data/proto_docs/google/cloud/securitycenter/v1/kubernetes.rb +29 -0
- data/proto_docs/google/cloud/securitycenter/v1/load_balancer.rb +36 -0
- data/proto_docs/google/cloud/securitycenter/v1/log_entry.rb +58 -0
- data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +123 -53
- data/proto_docs/google/cloud/securitycenter/v1/org_policy.rb +37 -0
- data/proto_docs/google/cloud/securitycenter/v1/source.rb +2 -2
- metadata +10 -116
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 71e9ae18061bbee40a67452c46b2c87d4aa1ee79356f451f8487b2e9b17e8bd8
|
|
4
|
+
data.tar.gz: 86e576ab812f8867b26e7c53f5638a5797f6631fc247c5e8b66386490b497506
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 05c7564c8efa393092864a5eb3960d13ad28a981ecfeb7f1a275c3add9eb2e7b3644245311b1d5612f1c0b79248612e3c4334649b4506e08610ddf446cb2d76b
|
|
7
|
+
data.tar.gz: aa598257754753bdc2da9fa7816287389a4ee9bd91d96ad6087d0ce72d936d32eaf1a7246e79cc99898d7ba8b4a677ca1f806b3032bfecbf576ec1c7ef385147
|
data/README.md
CHANGED
|
@@ -76,7 +76,7 @@ To browse ready to use code samples check [Google Cloud Samples](https://cloud.g
|
|
|
76
76
|
|
|
77
77
|
## Supported Ruby Versions
|
|
78
78
|
|
|
79
|
-
This library is supported on Ruby 2.
|
|
79
|
+
This library is supported on Ruby 2.7+.
|
|
80
80
|
|
|
81
81
|
Google provides official support for Ruby versions that are actively supported
|
|
82
82
|
by Ruby Core—that is, Ruby versions that are either in normal maintenance or
|
|
@@ -437,6 +437,58 @@ module Google
|
|
|
437
437
|
"organizations/#{organization}/organizationSettings"
|
|
438
438
|
end
|
|
439
439
|
|
|
440
|
+
##
|
|
441
|
+
# Create a fully-qualified Policy resource string.
|
|
442
|
+
#
|
|
443
|
+
# @overload policy_path(organization:, constraint_name:)
|
|
444
|
+
# The resource will be in the following format:
|
|
445
|
+
#
|
|
446
|
+
# `organizations/{organization}/policies/{constraint_name}`
|
|
447
|
+
#
|
|
448
|
+
# @param organization [String]
|
|
449
|
+
# @param constraint_name [String]
|
|
450
|
+
#
|
|
451
|
+
# @overload policy_path(folder:, constraint_name:)
|
|
452
|
+
# The resource will be in the following format:
|
|
453
|
+
#
|
|
454
|
+
# `folders/{folder}/policies/{constraint_name}`
|
|
455
|
+
#
|
|
456
|
+
# @param folder [String]
|
|
457
|
+
# @param constraint_name [String]
|
|
458
|
+
#
|
|
459
|
+
# @overload policy_path(project:, constraint_name:)
|
|
460
|
+
# The resource will be in the following format:
|
|
461
|
+
#
|
|
462
|
+
# `projects/{project}/policies/{constraint_name}`
|
|
463
|
+
#
|
|
464
|
+
# @param project [String]
|
|
465
|
+
# @param constraint_name [String]
|
|
466
|
+
#
|
|
467
|
+
# @return [::String]
|
|
468
|
+
def policy_path **args
|
|
469
|
+
resources = {
|
|
470
|
+
"constraint_name:organization" => (proc do |organization:, constraint_name:|
|
|
471
|
+
raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
|
|
472
|
+
|
|
473
|
+
"organizations/#{organization}/policies/#{constraint_name}"
|
|
474
|
+
end),
|
|
475
|
+
"constraint_name:folder" => (proc do |folder:, constraint_name:|
|
|
476
|
+
raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
|
|
477
|
+
|
|
478
|
+
"folders/#{folder}/policies/#{constraint_name}"
|
|
479
|
+
end),
|
|
480
|
+
"constraint_name:project" => (proc do |project:, constraint_name:|
|
|
481
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
|
482
|
+
|
|
483
|
+
"projects/#{project}/policies/#{constraint_name}"
|
|
484
|
+
end)
|
|
485
|
+
}
|
|
486
|
+
|
|
487
|
+
resource = resources[args.keys.sort.join(":")]
|
|
488
|
+
raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
|
|
489
|
+
resource.call(**args)
|
|
490
|
+
end
|
|
491
|
+
|
|
440
492
|
##
|
|
441
493
|
# Create a fully-qualified Project resource string.
|
|
442
494
|
#
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n-google/cloud/securitycenter/v1/database.proto\x12\x1egoogle.cloud.securitycenter.v1\"
|
|
8
|
+
descriptor_data = "\n-google/cloud/securitycenter/v1/database.proto\x12\x1egoogle.cloud.securitycenter.v1\"s\n\x08\x44\x61tabase\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x02 \x01(\t\x12\x11\n\tuser_name\x18\x03 \x01(\t\x12\r\n\x05query\x18\x04 \x01(\t\x12\x10\n\x08grantees\x18\x05 \x03(\t\x12\x0f\n\x07version\x18\x06 \x01(\tB\xe7\x01\n\"com.google.cloud.securitycenter.v1B\rDatabaseProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n1google/cloud/securitycenter/v1/exfiltration.proto\x12\x1egoogle.cloud.securitycenter.v1\"\
|
|
8
|
+
descriptor_data = "\n1google/cloud/securitycenter/v1/exfiltration.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xaf\x01\n\x0c\x45xfiltration\x12>\n\x07sources\x18\x01 \x03(\x0b\x32-.google.cloud.securitycenter.v1.ExfilResource\x12>\n\x07targets\x18\x02 \x03(\x0b\x32-.google.cloud.securitycenter.v1.ExfilResource\x12\x1f\n\x17total_exfiltrated_bytes\x18\x03 \x01(\x03\"1\n\rExfilResource\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x12\n\ncomponents\x18\x02 \x03(\tB\xeb\x01\n\"com.google.cloud.securitycenter.v1B\x11\x45xfiltrationProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n)google/cloud/securitycenter/v1/file.proto\x12\x1egoogle.cloud.securitycenter.v1\"
|
|
8
|
+
descriptor_data = "\n)google/cloud/securitycenter/v1/file.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xf0\x01\n\x04\x46ile\x12\x0c\n\x04path\x18\x01 \x01(\t\x12\x0c\n\x04size\x18\x02 \x01(\x03\x12\x0e\n\x06sha256\x18\x03 \x01(\t\x12\x13\n\x0bhashed_size\x18\x04 \x01(\x03\x12\x18\n\x10partially_hashed\x18\x05 \x01(\x08\x12\x10\n\x08\x63ontents\x18\x06 \x01(\t\x12@\n\tdisk_path\x18\x07 \x01(\x0b\x32-.google.cloud.securitycenter.v1.File.DiskPath\x1a\x39\n\x08\x44iskPath\x12\x16\n\x0epartition_uuid\x18\x01 \x01(\t\x12\x15\n\rrelative_path\x18\x02 \x01(\tB\xe3\x01\n\"com.google.cloud.securitycenter.v1B\tFileProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -36,6 +36,7 @@ module Google
|
|
|
36
36
|
module SecurityCenter
|
|
37
37
|
module V1
|
|
38
38
|
File = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.File").msgclass
|
|
39
|
+
File::DiskPath = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.File.DiskPath").msgclass
|
|
39
40
|
end
|
|
40
41
|
end
|
|
41
42
|
end
|
|
@@ -23,7 +23,10 @@ require 'google/cloud/securitycenter/v1/iam_binding_pb'
|
|
|
23
23
|
require 'google/cloud/securitycenter/v1/indicator_pb'
|
|
24
24
|
require 'google/cloud/securitycenter/v1/kernel_rootkit_pb'
|
|
25
25
|
require 'google/cloud/securitycenter/v1/kubernetes_pb'
|
|
26
|
+
require 'google/cloud/securitycenter/v1/load_balancer_pb'
|
|
27
|
+
require 'google/cloud/securitycenter/v1/log_entry_pb'
|
|
26
28
|
require 'google/cloud/securitycenter/v1/mitre_attack_pb'
|
|
29
|
+
require 'google/cloud/securitycenter/v1/org_policy_pb'
|
|
27
30
|
require 'google/cloud/securitycenter/v1/process_pb'
|
|
28
31
|
require 'google/cloud/securitycenter/v1/security_marks_pb'
|
|
29
32
|
require 'google/cloud/securitycenter/v1/vulnerability_pb'
|
|
@@ -31,7 +34,7 @@ require 'google/protobuf/struct_pb'
|
|
|
31
34
|
require 'google/protobuf/timestamp_pb'
|
|
32
35
|
|
|
33
36
|
|
|
34
|
-
descriptor_data = "\n,google/cloud/securitycenter/v1/finding.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a+google/cloud/securitycenter/v1/access.proto\x1a\x30google/cloud/securitycenter/v1/application.proto\x1a=google/cloud/securitycenter/v1/backup_disaster_recovery.proto\x1a;google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto\x1a\x39google/cloud/securitycenter/v1/cloud_dlp_inspection.proto\x1a/google/cloud/securitycenter/v1/compliance.proto\x1a/google/cloud/securitycenter/v1/connection.proto\x1a\x34google/cloud/securitycenter/v1/contact_details.proto\x1a.google/cloud/securitycenter/v1/container.proto\x1a-google/cloud/securitycenter/v1/database.proto\x1a\x31google/cloud/securitycenter/v1/exfiltration.proto\x1a\x34google/cloud/securitycenter/v1/external_system.proto\x1a)google/cloud/securitycenter/v1/file.proto\x1a\x30google/cloud/securitycenter/v1/iam_binding.proto\x1a.google/cloud/securitycenter/v1/indicator.proto\x1a\x33google/cloud/securitycenter/v1/kernel_rootkit.proto\x1a/google/cloud/securitycenter/v1/kubernetes.proto\x1a\x31google/cloud/securitycenter/v1/mitre_attack.proto\x1a,google/cloud/securitycenter/v1/process.proto\x1a\x33google/cloud/securitycenter/v1/security_marks.proto\x1a\x32google/cloud/securitycenter/v1/vulnerability.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\
|
|
37
|
+
descriptor_data = "\n,google/cloud/securitycenter/v1/finding.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a+google/cloud/securitycenter/v1/access.proto\x1a\x30google/cloud/securitycenter/v1/application.proto\x1a=google/cloud/securitycenter/v1/backup_disaster_recovery.proto\x1a;google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto\x1a\x39google/cloud/securitycenter/v1/cloud_dlp_inspection.proto\x1a/google/cloud/securitycenter/v1/compliance.proto\x1a/google/cloud/securitycenter/v1/connection.proto\x1a\x34google/cloud/securitycenter/v1/contact_details.proto\x1a.google/cloud/securitycenter/v1/container.proto\x1a-google/cloud/securitycenter/v1/database.proto\x1a\x31google/cloud/securitycenter/v1/exfiltration.proto\x1a\x34google/cloud/securitycenter/v1/external_system.proto\x1a)google/cloud/securitycenter/v1/file.proto\x1a\x30google/cloud/securitycenter/v1/iam_binding.proto\x1a.google/cloud/securitycenter/v1/indicator.proto\x1a\x33google/cloud/securitycenter/v1/kernel_rootkit.proto\x1a/google/cloud/securitycenter/v1/kubernetes.proto\x1a\x32google/cloud/securitycenter/v1/load_balancer.proto\x1a.google/cloud/securitycenter/v1/log_entry.proto\x1a\x31google/cloud/securitycenter/v1/mitre_attack.proto\x1a/google/cloud/securitycenter/v1/org_policy.proto\x1a,google/cloud/securitycenter/v1/process.proto\x1a\x33google/cloud/securitycenter/v1/security_marks.proto\x1a\x32google/cloud/securitycenter/v1/vulnerability.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xc0\x19\n\x07\x46inding\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\x12\x15\n\rresource_name\x18\x03 \x01(\t\x12<\n\x05state\x18\x04 \x01(\x0e\x32-.google.cloud.securitycenter.v1.Finding.State\x12\x10\n\x08\x63\x61tegory\x18\x05 \x01(\t\x12\x14\n\x0c\x65xternal_uri\x18\x06 \x01(\t\x12X\n\x11source_properties\x18\x07 \x03(\x0b\x32=.google.cloud.securitycenter.v1.Finding.SourcePropertiesEntry\x12J\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarksB\x03\xe0\x41\x03\x12.\n\nevent_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x63reate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x42\n\x08severity\x18\x0c \x01(\x0e\x32\x30.google.cloud.securitycenter.v1.Finding.Severity\x12\x16\n\x0e\x63\x61nonical_name\x18\x0e \x01(\t\x12:\n\x04mute\x18\x0f \x01(\x0e\x32,.google.cloud.securitycenter.v1.Finding.Mute\x12K\n\rfinding_class\x18\x11 \x01(\x0e\x32\x34.google.cloud.securitycenter.v1.Finding.FindingClass\x12<\n\tindicator\x18\x12 \x01(\x0b\x32).google.cloud.securitycenter.v1.Indicator\x12\x44\n\rvulnerability\x18\x14 \x01(\x0b\x32-.google.cloud.securitycenter.v1.Vulnerability\x12\x39\n\x10mute_update_time\x18\x15 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12[\n\x10\x65xternal_systems\x18\x16 \x03(\x0b\x32<.google.cloud.securitycenter.v1.Finding.ExternalSystemsEntryB\x03\xe0\x41\x03\x12\x41\n\x0cmitre_attack\x18\x19 \x01(\x0b\x32+.google.cloud.securitycenter.v1.MitreAttack\x12\x36\n\x06\x61\x63\x63\x65ss\x18\x1a \x01(\x0b\x32&.google.cloud.securitycenter.v1.Access\x12?\n\x0b\x63onnections\x18\x1f \x03(\x0b\x32*.google.cloud.securitycenter.v1.Connection\x12\x16\n\x0emute_initiator\x18\x1c \x01(\t\x12:\n\tprocesses\x18\x1e \x03(\x0b\x32\'.google.cloud.securitycenter.v1.Process\x12L\n\x08\x63ontacts\x18! \x03(\x0b\x32\x35.google.cloud.securitycenter.v1.Finding.ContactsEntryB\x03\xe0\x41\x03\x12?\n\x0b\x63ompliances\x18\" \x03(\x0b\x32*.google.cloud.securitycenter.v1.Compliance\x12 \n\x13parent_display_name\x18$ \x01(\tB\x03\xe0\x41\x03\x12\x13\n\x0b\x64\x65scription\x18% \x01(\t\x12\x42\n\x0c\x65xfiltration\x18& \x01(\x0b\x32,.google.cloud.securitycenter.v1.Exfiltration\x12@\n\x0ciam_bindings\x18\' \x03(\x0b\x32*.google.cloud.securitycenter.v1.IamBinding\x12\x12\n\nnext_steps\x18( \x01(\t\x12\x13\n\x0bmodule_name\x18) \x01(\t\x12=\n\ncontainers\x18* \x03(\x0b\x32).google.cloud.securitycenter.v1.Container\x12>\n\nkubernetes\x18+ \x01(\x0b\x32*.google.cloud.securitycenter.v1.Kubernetes\x12:\n\x08\x64\x61tabase\x18, \x01(\x0b\x32(.google.cloud.securitycenter.v1.Database\x12\x33\n\x05\x66iles\x18. \x03(\x0b\x32$.google.cloud.securitycenter.v1.File\x12P\n\x14\x63loud_dlp_inspection\x18\x30 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1.CloudDlpInspection\x12S\n\x16\x63loud_dlp_data_profile\x18\x31 \x01(\x0b\x32\x33.google.cloud.securitycenter.v1.CloudDlpDataProfile\x12\x45\n\x0ekernel_rootkit\x18\x32 \x01(\x0b\x32-.google.cloud.securitycenter.v1.KernelRootkit\x12?\n\x0corg_policies\x18\x33 \x03(\x0b\x32).google.cloud.securitycenter.v1.OrgPolicy\x12@\n\x0b\x61pplication\x18\x35 \x01(\x0b\x32+.google.cloud.securitycenter.v1.Application\x12X\n\x18\x62\x61\x63kup_disaster_recovery\x18\x37 \x01(\x0b\x32\x36.google.cloud.securitycenter.v1.BackupDisasterRecovery\x12=\n\x0blog_entries\x18\x39 \x03(\x0b\x32(.google.cloud.securitycenter.v1.LogEntry\x12\x44\n\x0eload_balancers\x18: \x03(\x0b\x32,.google.cloud.securitycenter.v1.LoadBalancer\x1aO\n\x15SourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01\x1a\x66\n\x14\x45xternalSystemsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12=\n\x05value\x18\x02 \x01(\x0b\x32..google.cloud.securitycenter.v1.ExternalSystem:\x02\x38\x01\x1a_\n\rContactsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12=\n\x05value\x18\x02 \x01(\x0b\x32..google.cloud.securitycenter.v1.ContactDetails:\x02\x38\x01\"8\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0c\n\x08INACTIVE\x10\x02\"Q\n\x08Severity\x12\x18\n\x14SEVERITY_UNSPECIFIED\x10\x00\x12\x0c\n\x08\x43RITICAL\x10\x01\x12\x08\n\x04HIGH\x10\x02\x12\n\n\x06MEDIUM\x10\x03\x12\x07\n\x03LOW\x10\x04\"C\n\x04Mute\x12\x14\n\x10MUTE_UNSPECIFIED\x10\x00\x12\t\n\x05MUTED\x10\x01\x12\x0b\n\x07UNMUTED\x10\x02\x12\r\n\tUNDEFINED\x10\x04\"\x82\x01\n\x0c\x46indingClass\x12\x1d\n\x19\x46INDING_CLASS_UNSPECIFIED\x10\x00\x12\n\n\x06THREAT\x10\x01\x12\x11\n\rVULNERABILITY\x10\x02\x12\x14\n\x10MISCONFIGURATION\x10\x03\x12\x0f\n\x0bOBSERVATION\x10\x04\x12\r\n\tSCC_ERROR\x10\x05:\xdb\x01\xea\x41\xd7\x01\n%securitycenter.googleapis.com/Finding\x12@organizations/{organization}/sources/{source}/findings/{finding}\x12\x34\x66olders/{folder}/sources/{source}/findings/{finding}\x12\x36projects/{project}/sources/{source}/findings/{finding}B\xd8\x01\n\"com.google.cloud.securitycenter.v1P\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
35
38
|
|
|
36
39
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
37
40
|
|
|
@@ -64,8 +67,11 @@ rescue TypeError
|
|
|
64
67
|
["google.cloud.securitycenter.v1.CloudDlpInspection", "google/cloud/securitycenter/v1/cloud_dlp_inspection.proto"],
|
|
65
68
|
["google.cloud.securitycenter.v1.CloudDlpDataProfile", "google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto"],
|
|
66
69
|
["google.cloud.securitycenter.v1.KernelRootkit", "google/cloud/securitycenter/v1/kernel_rootkit.proto"],
|
|
70
|
+
["google.cloud.securitycenter.v1.OrgPolicy", "google/cloud/securitycenter/v1/org_policy.proto"],
|
|
67
71
|
["google.cloud.securitycenter.v1.Application", "google/cloud/securitycenter/v1/application.proto"],
|
|
68
72
|
["google.cloud.securitycenter.v1.BackupDisasterRecovery", "google/cloud/securitycenter/v1/backup_disaster_recovery.proto"],
|
|
73
|
+
["google.cloud.securitycenter.v1.LogEntry", "google/cloud/securitycenter/v1/log_entry.proto"],
|
|
74
|
+
["google.cloud.securitycenter.v1.LoadBalancer", "google/cloud/securitycenter/v1/load_balancer.proto"],
|
|
69
75
|
["google.protobuf.Value", "google/protobuf/struct.proto"],
|
|
70
76
|
["google.cloud.securitycenter.v1.ExternalSystem", "google/cloud/securitycenter/v1/external_system.proto"],
|
|
71
77
|
["google.cloud.securitycenter.v1.ContactDetails", "google/cloud/securitycenter/v1/contact_details.proto"],
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n.google/cloud/securitycenter/v1/indicator.proto\x12\x1egoogle.cloud.securitycenter.v1\"\
|
|
8
|
+
descriptor_data = "\n.google/cloud/securitycenter/v1/indicator.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xd9\x06\n\tIndicator\x12\x14\n\x0cip_addresses\x18\x01 \x03(\t\x12\x0f\n\x07\x64omains\x18\x02 \x03(\t\x12N\n\nsignatures\x18\x03 \x03(\x0b\x32:.google.cloud.securitycenter.v1.Indicator.ProcessSignature\x12\x0c\n\x04uris\x18\x04 \x03(\t\x1a\xc6\x05\n\x10ProcessSignature\x12o\n\x15memory_hash_signature\x18\x06 \x01(\x0b\x32N.google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignatureH\x00\x12k\n\x13yara_rule_signature\x18\x07 \x01(\x0b\x32L.google.cloud.securitycenter.v1.Indicator.ProcessSignature.YaraRuleSignatureH\x00\x12`\n\x0esignature_type\x18\x08 \x01(\x0e\x32H.google.cloud.securitycenter.v1.Indicator.ProcessSignature.SignatureType\x1a\xd6\x01\n\x13MemoryHashSignature\x12\x15\n\rbinary_family\x18\x01 \x01(\t\x12l\n\ndetections\x18\x04 \x03(\x0b\x32X.google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignature.Detection\x1a:\n\tDetection\x12\x0e\n\x06\x62inary\x18\x02 \x01(\t\x12\x1d\n\x15percent_pages_matched\x18\x03 \x01(\x01\x1a&\n\x11YaraRuleSignature\x12\x11\n\tyara_rule\x18\x05 \x01(\t\"d\n\rSignatureType\x12\x1e\n\x1aSIGNATURE_TYPE_UNSPECIFIED\x10\x00\x12\x1a\n\x16SIGNATURE_TYPE_PROCESS\x10\x01\x12\x17\n\x13SIGNATURE_TYPE_FILE\x10\x02\x42\x0b\n\tsignatureB\xe8\x01\n\"com.google.cloud.securitycenter.v1B\x0eIndicatorProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -40,6 +40,7 @@ module Google
|
|
|
40
40
|
Indicator::ProcessSignature::MemoryHashSignature = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignature").msgclass
|
|
41
41
|
Indicator::ProcessSignature::MemoryHashSignature::Detection = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignature.Detection").msgclass
|
|
42
42
|
Indicator::ProcessSignature::YaraRuleSignature = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.YaraRuleSignature").msgclass
|
|
43
|
+
Indicator::ProcessSignature::SignatureType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.SignatureType").enummodule
|
|
43
44
|
end
|
|
44
45
|
end
|
|
45
46
|
end
|
|
@@ -8,7 +8,7 @@ require 'google/cloud/securitycenter/v1/container_pb'
|
|
|
8
8
|
require 'google/cloud/securitycenter/v1/label_pb'
|
|
9
9
|
|
|
10
10
|
|
|
11
|
-
descriptor_data = "\n/google/cloud/securitycenter/v1/kubernetes.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a.google/cloud/securitycenter/v1/container.proto\x1a*google/cloud/securitycenter/v1/label.proto\"\
|
|
11
|
+
descriptor_data = "\n/google/cloud/securitycenter/v1/kubernetes.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a.google/cloud/securitycenter/v1/container.proto\x1a*google/cloud/securitycenter/v1/label.proto\"\x82\x0c\n\nKubernetes\x12<\n\x04pods\x18\x01 \x03(\x0b\x32..google.cloud.securitycenter.v1.Kubernetes.Pod\x12>\n\x05nodes\x18\x02 \x03(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Node\x12G\n\nnode_pools\x18\x03 \x03(\x0b\x32\x33.google.cloud.securitycenter.v1.Kubernetes.NodePool\x12>\n\x05roles\x18\x04 \x03(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Role\x12\x44\n\x08\x62indings\x18\x05 \x03(\x0b\x32\x32.google.cloud.securitycenter.v1.Kubernetes.Binding\x12O\n\x0e\x61\x63\x63\x65ss_reviews\x18\x06 \x03(\x0b\x32\x37.google.cloud.securitycenter.v1.Kubernetes.AccessReview\x12\x42\n\x07objects\x18\x07 \x03(\x0b\x32\x31.google.cloud.securitycenter.v1.Kubernetes.Object\x1a\x95\x01\n\x03Pod\x12\n\n\x02ns\x18\x01 \x01(\t\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x35\n\x06labels\x18\x03 \x03(\x0b\x32%.google.cloud.securitycenter.v1.Label\x12=\n\ncontainers\x18\x04 \x03(\x0b\x32).google.cloud.securitycenter.v1.Container\x1a\x14\n\x04Node\x12\x0c\n\x04name\x18\x01 \x01(\t\x1aX\n\x08NodePool\x12\x0c\n\x04name\x18\x01 \x01(\t\x12>\n\x05nodes\x18\x02 \x03(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Node\x1a\x9e\x01\n\x04Role\x12\x42\n\x04kind\x18\x01 \x01(\x0e\x32\x34.google.cloud.securitycenter.v1.Kubernetes.Role.Kind\x12\n\n\x02ns\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"8\n\x04Kind\x12\x14\n\x10KIND_UNSPECIFIED\x10\x00\x12\x08\n\x04ROLE\x10\x01\x12\x10\n\x0c\x43LUSTER_ROLE\x10\x02\x1a\xa8\x01\n\x07\x42inding\x12\n\n\x02ns\x18\x01 \x01(\t\x12\x0c\n\x04name\x18\x02 \x01(\t\x12=\n\x04role\x18\x03 \x01(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Role\x12\x44\n\x08subjects\x18\x04 \x03(\x0b\x32\x32.google.cloud.securitycenter.v1.Kubernetes.Subject\x1a\xbe\x01\n\x07Subject\x12I\n\x04kind\x18\x01 \x01(\x0e\x32;.google.cloud.securitycenter.v1.Kubernetes.Subject.AuthType\x12\n\n\x02ns\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"N\n\x08\x41uthType\x12\x19\n\x15\x41UTH_TYPE_UNSPECIFIED\x10\x00\x12\x08\n\x04USER\x10\x01\x12\x12\n\x0eSERVICEACCOUNT\x10\x02\x12\t\n\x05GROUP\x10\x03\x1a}\n\x0c\x41\x63\x63\x65ssReview\x12\r\n\x05group\x18\x01 \x01(\t\x12\n\n\x02ns\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\x12\x10\n\x08resource\x18\x04 \x01(\t\x12\x13\n\x0bsubresource\x18\x05 \x01(\t\x12\x0c\n\x04verb\x18\x06 \x01(\t\x12\x0f\n\x07version\x18\x07 \x01(\t\x1a~\n\x06Object\x12\r\n\x05group\x18\x01 \x01(\t\x12\x0c\n\x04kind\x18\x02 \x01(\t\x12\n\n\x02ns\x18\x03 \x01(\t\x12\x0c\n\x04name\x18\x04 \x01(\t\x12=\n\ncontainers\x18\x05 \x03(\x0b\x32).google.cloud.securitycenter.v1.ContainerB\xe9\x01\n\"com.google.cloud.securitycenter.v1B\x0fKubernetesProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
12
12
|
|
|
13
13
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
14
14
|
|
|
@@ -50,6 +50,7 @@ module Google
|
|
|
50
50
|
Kubernetes::Subject = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.Subject").msgclass
|
|
51
51
|
Kubernetes::Subject::AuthType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.Subject.AuthType").enummodule
|
|
52
52
|
Kubernetes::AccessReview = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.AccessReview").msgclass
|
|
53
|
+
Kubernetes::Object = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.Object").msgclass
|
|
53
54
|
end
|
|
54
55
|
end
|
|
55
56
|
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
3
|
+
# source: google/cloud/securitycenter/v1/load_balancer.proto
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
descriptor_data = "\n2google/cloud/securitycenter/v1/load_balancer.proto\x12\x1egoogle.cloud.securitycenter.v1\"\x1c\n\x0cLoadBalancer\x12\x0c\n\x04name\x18\x01 \x01(\tB\xeb\x01\n\"com.google.cloud.securitycenter.v1B\x11LoadBalancerProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
|
+
|
|
10
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
|
+
|
|
12
|
+
begin
|
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
|
14
|
+
rescue TypeError
|
|
15
|
+
# Compatibility code: will be removed in the next major version.
|
|
16
|
+
require 'google/protobuf/descriptor_pb'
|
|
17
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
18
|
+
parsed.clear_dependency
|
|
19
|
+
serialized = parsed.class.encode(parsed)
|
|
20
|
+
file = pool.add_serialized_file(serialized)
|
|
21
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
22
|
+
imports = [
|
|
23
|
+
]
|
|
24
|
+
imports.each do |type_name, expected_filename|
|
|
25
|
+
import_file = pool.lookup(type_name).file_descriptor
|
|
26
|
+
if import_file.name != expected_filename
|
|
27
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
|
31
|
+
warn "This will become an error in the next major version."
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
module Google
|
|
35
|
+
module Cloud
|
|
36
|
+
module SecurityCenter
|
|
37
|
+
module V1
|
|
38
|
+
LoadBalancer = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.LoadBalancer").msgclass
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
3
|
+
# source: google/cloud/securitycenter/v1/log_entry.proto
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
require 'google/protobuf/timestamp_pb'
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
descriptor_data = "\n.google/cloud/securitycenter/v1/log_entry.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/protobuf/timestamp.proto\"i\n\x08LogEntry\x12P\n\x13\x63loud_logging_entry\x18\x01 \x01(\x0b\x32\x31.google.cloud.securitycenter.v1.CloudLoggingEntryH\x00\x42\x0b\n\tlog_entry\"\x81\x01\n\x11\x43loudLoggingEntry\x12\x11\n\tinsert_id\x18\x01 \x01(\t\x12\x0e\n\x06log_id\x18\x02 \x01(\t\x12\x1a\n\x12resource_container\x18\x03 \x01(\t\x12-\n\ttimestamp\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\xe7\x01\n\"com.google.cloud.securitycenter.v1B\rLogEntryProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
11
|
+
|
|
12
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
+
|
|
14
|
+
begin
|
|
15
|
+
pool.add_serialized_file(descriptor_data)
|
|
16
|
+
rescue TypeError
|
|
17
|
+
# Compatibility code: will be removed in the next major version.
|
|
18
|
+
require 'google/protobuf/descriptor_pb'
|
|
19
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
+
parsed.clear_dependency
|
|
21
|
+
serialized = parsed.class.encode(parsed)
|
|
22
|
+
file = pool.add_serialized_file(serialized)
|
|
23
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
+
imports = [
|
|
25
|
+
["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"],
|
|
26
|
+
]
|
|
27
|
+
imports.each do |type_name, expected_filename|
|
|
28
|
+
import_file = pool.lookup(type_name).file_descriptor
|
|
29
|
+
if import_file.name != expected_filename
|
|
30
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
|
34
|
+
warn "This will become an error in the next major version."
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
module Google
|
|
38
|
+
module Cloud
|
|
39
|
+
module SecurityCenter
|
|
40
|
+
module V1
|
|
41
|
+
LogEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.LogEntry").msgclass
|
|
42
|
+
CloudLoggingEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CloudLoggingEntry").msgclass
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n1google/cloud/securitycenter/v1/mitre_attack.proto\x12\x1egoogle.cloud.securitycenter.v1\"\
|
|
8
|
+
descriptor_data = "\n1google/cloud/securitycenter/v1/mitre_attack.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xf6\x11\n\x0bMitreAttack\x12J\n\x0eprimary_tactic\x18\x01 \x01(\x0e\x32\x32.google.cloud.securitycenter.v1.MitreAttack.Tactic\x12Q\n\x12primary_techniques\x18\x02 \x03(\x0e\x32\x35.google.cloud.securitycenter.v1.MitreAttack.Technique\x12N\n\x12\x61\x64\x64itional_tactics\x18\x03 \x03(\x0e\x32\x32.google.cloud.securitycenter.v1.MitreAttack.Tactic\x12T\n\x15\x61\x64\x64itional_techniques\x18\x04 \x03(\x0e\x32\x35.google.cloud.securitycenter.v1.MitreAttack.Technique\x12\x0f\n\x07version\x18\x05 \x01(\t\"\xb4\x02\n\x06Tactic\x12\x16\n\x12TACTIC_UNSPECIFIED\x10\x00\x12\x12\n\x0eRECONNAISSANCE\x10\x01\x12\x18\n\x14RESOURCE_DEVELOPMENT\x10\x02\x12\x12\n\x0eINITIAL_ACCESS\x10\x05\x12\r\n\tEXECUTION\x10\x03\x12\x0f\n\x0bPERSISTENCE\x10\x06\x12\x18\n\x14PRIVILEGE_ESCALATION\x10\x08\x12\x13\n\x0f\x44\x45\x46\x45NSE_EVASION\x10\x07\x12\x15\n\x11\x43REDENTIAL_ACCESS\x10\t\x12\r\n\tDISCOVERY\x10\n\x12\x14\n\x10LATERAL_MOVEMENT\x10\x0b\x12\x0e\n\nCOLLECTION\x10\x0c\x12\x17\n\x13\x43OMMAND_AND_CONTROL\x10\x04\x12\x10\n\x0c\x45XFILTRATION\x10\r\x12\n\n\x06IMPACT\x10\x0e\"\xd9\x0c\n\tTechnique\x12\x19\n\x15TECHNIQUE_UNSPECIFIED\x10\x00\x12\x10\n\x0cMASQUERADING\x10\x31\x12%\n!MATCH_LEGITIMATE_NAME_OR_LOCATION\x10\x32\x12(\n$BOOT_OR_LOGON_INITIALIZATION_SCRIPTS\x10%\x12\x11\n\rSTARTUP_ITEMS\x10&\x12\x1d\n\x19NETWORK_SERVICE_DISCOVERY\x10 \x12\x15\n\x11PROCESS_DISCOVERY\x10\x38\x12%\n!COMMAND_AND_SCRIPTING_INTERPRETER\x10\x06\x12\x0e\n\nUNIX_SHELL\x10\x07\x12\x1f\n\x1bPERMISSION_GROUPS_DISCOVERY\x10\x12\x12\x10\n\x0c\x43LOUD_GROUPS\x10\x13\x12\x1e\n\x1a\x41PPLICATION_LAYER_PROTOCOL\x10-\x12\x07\n\x03\x44NS\x10.\x12\x1d\n\x19SOFTWARE_DEPLOYMENT_TOOLS\x10/\x12\x12\n\x0eVALID_ACCOUNTS\x10\x0e\x12\x14\n\x10\x44\x45\x46\x41ULT_ACCOUNTS\x10#\x12\x12\n\x0eLOCAL_ACCOUNTS\x10\x0f\x12\x12\n\x0e\x43LOUD_ACCOUNTS\x10\x10\x12\t\n\x05PROXY\x10\t\x12\x12\n\x0e\x45XTERNAL_PROXY\x10\n\x12\x13\n\x0fMULTI_HOP_PROXY\x10\x0b\x12\x18\n\x14\x41\x43\x43OUNT_MANIPULATION\x10\x16\x12 \n\x1c\x41\x44\x44ITIONAL_CLOUD_CREDENTIALS\x10(\x12\x17\n\x13SSH_AUTHORIZED_KEYS\x10\x17\x12&\n\"ADDITIONAL_CONTAINER_CLUSTER_ROLES\x10:\x12\x19\n\x15INGRESS_TOOL_TRANSFER\x10\x03\x12\x0e\n\nNATIVE_API\x10\x04\x12\x0f\n\x0b\x42RUTE_FORCE\x10,\x12\x12\n\x0eSHARED_MODULES\x10\x05\x12\x1d\n\x19\x41\x43\x43\x45SS_TOKEN_MANIPULATION\x10!\x12 \n\x1cTOKEN_IMPERSONATION_OR_THEFT\x10\'\x12%\n!EXPLOIT_PUBLIC_FACING_APPLICATION\x10\x1b\x12\x1e\n\x1a\x44OMAIN_POLICY_MODIFICATION\x10\x1e\x12\x14\n\x10\x44\x41TA_DESTRUCTION\x10\x1d\x12\x10\n\x0cSERVICE_STOP\x10\x34\x12\x1b\n\x17INHIBIT_SYSTEM_RECOVERY\x10$\x12\x16\n\x12RESOURCE_HIJACKING\x10\x08\x12\x1d\n\x19NETWORK_DENIAL_OF_SERVICE\x10\x11\x12\x1b\n\x17\x43LOUD_SERVICE_DISCOVERY\x10\x30\x12\"\n\x1eSTEAL_APPLICATION_ACCESS_TOKEN\x10*\x12\x1a\n\x16\x41\x43\x43OUNT_ACCESS_REMOVAL\x10\x33\x12\x1c\n\x18STEAL_WEB_SESSION_COOKIE\x10\x19\x12#\n\x1f\x43REATE_OR_MODIFY_SYSTEM_PROCESS\x10\x18\x12%\n!ABUSE_ELEVATION_CONTROL_MECHANISM\x10\"\x12\x19\n\x15UNSECURED_CREDENTIALS\x10\r\x12!\n\x1dMODIFY_AUTHENTICATION_PROCESS\x10\x1c\x12\x13\n\x0fIMPAIR_DEFENSES\x10\x1f\x12\x1b\n\x17\x44ISABLE_OR_MODIFY_TOOLS\x10\x37\x12!\n\x1d\x45XFILTRATION_OVER_WEB_SERVICE\x10\x14\x12!\n\x1d\x45XFILTRATION_TO_CLOUD_STORAGE\x10\x15\x12\x16\n\x12\x44YNAMIC_RESOLUTION\x10\x0c\x12\x19\n\x15LATERAL_TOOL_TRANSFER\x10)\x12\'\n#MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE\x10\x1a\x12\x13\n\x0f\x43REATE_SNAPSHOT\x10\x36\x12\"\n\x1e\x43LOUD_INFRASTRUCTURE_DISCOVERY\x10\x35\x12\x17\n\x13OBTAIN_CAPABILITIES\x10+\x12\x13\n\x0f\x41\x43TIVE_SCANNING\x10\x01\x12\x16\n\x12SCANNING_IP_BLOCKS\x10\x02\x12$\n CONTAINER_AND_RESOURCE_DISCOVERY\x10\x39\x42\xea\x01\n\"com.google.cloud.securitycenter.v1B\x10MitreAttackProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
3
|
+
# source: google/cloud/securitycenter/v1/org_policy.proto
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
require 'google/api/resource_pb'
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
descriptor_data = "\n/google/cloud/securitycenter/v1/org_policy.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\"\xd6\x01\n\tOrgPolicy\x12\x0c\n\x04name\x18\x01 \x01(\t:\xba\x01\xea\x41\xb6\x01\n\x1forgpolicy.googleapis.com/Policy\x12\x37organizations/{organization}/policies/{constraint_name}\x12+folders/{folder}/policies/{constraint_name}\x12-projects/{project}/policies/{constraint_name}B\xe8\x01\n\"com.google.cloud.securitycenter.v1B\x0eOrgPolicyProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
11
|
+
|
|
12
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
+
|
|
14
|
+
begin
|
|
15
|
+
pool.add_serialized_file(descriptor_data)
|
|
16
|
+
rescue TypeError
|
|
17
|
+
# Compatibility code: will be removed in the next major version.
|
|
18
|
+
require 'google/protobuf/descriptor_pb'
|
|
19
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
+
parsed.clear_dependency
|
|
21
|
+
serialized = parsed.class.encode(parsed)
|
|
22
|
+
file = pool.add_serialized_file(serialized)
|
|
23
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
+
imports = [
|
|
25
|
+
]
|
|
26
|
+
imports.each do |type_name, expected_filename|
|
|
27
|
+
import_file = pool.lookup(type_name).file_descriptor
|
|
28
|
+
if import_file.name != expected_filename
|
|
29
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
|
33
|
+
warn "This will become an error in the next major version."
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
module Google
|
|
37
|
+
module Cloud
|
|
38
|
+
module SecurityCenter
|
|
39
|
+
module V1
|
|
40
|
+
OrgPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrgPolicy").msgclass
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
@@ -28,13 +28,13 @@ module Google
|
|
|
28
28
|
# name](https://google.aip.dev/122#full-resource-names) populated because these
|
|
29
29
|
# resource types, such as Cloud SQL databases, are not yet supported by Cloud
|
|
30
30
|
# Asset Inventory. In these cases only the display name is provided.
|
|
31
|
-
# Some database resources may not have the [full resource
|
|
32
|
-
# name](https://google.aip.dev/122#full-resource-names) populated because
|
|
33
|
-
# these resource types are not yet supported by Cloud Asset Inventory (e.g.
|
|
34
|
-
# Cloud SQL databases). In these cases only the display name will be
|
|
35
|
-
# provided.
|
|
36
31
|
# @!attribute [rw] name
|
|
37
32
|
# @return [::String]
|
|
33
|
+
# Some database resources may not have the [full resource
|
|
34
|
+
# name](https://google.aip.dev/122#full-resource-names) populated because
|
|
35
|
+
# these resource types are not yet supported by Cloud Asset Inventory (e.g.
|
|
36
|
+
# Cloud SQL databases). In these cases only the display name will be
|
|
37
|
+
# provided.
|
|
38
38
|
# The [full resource name](https://google.aip.dev/122#full-resource-names) of
|
|
39
39
|
# the database that the user connected to, if it is supported by Cloud Asset
|
|
40
40
|
# Inventory.
|
|
@@ -52,6 +52,11 @@ module Google
|
|
|
52
52
|
# @return [::Array<::String>]
|
|
53
53
|
# The target usernames, roles, or groups of an SQL privilege grant, which is
|
|
54
54
|
# not an IAM policy change.
|
|
55
|
+
# @!attribute [rw] version
|
|
56
|
+
# @return [::String]
|
|
57
|
+
# The version of the database, for example, POSTGRES_14.
|
|
58
|
+
# See [the complete
|
|
59
|
+
# list](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
|
|
55
60
|
class Database
|
|
56
61
|
include ::Google::Protobuf::MessageExts
|
|
57
62
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -34,6 +34,9 @@ module Google
|
|
|
34
34
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::ExfilResource>]
|
|
35
35
|
# If there are multiple targets, each target would get a complete copy of the
|
|
36
36
|
# "joined" source data.
|
|
37
|
+
# @!attribute [rw] total_exfiltrated_bytes
|
|
38
|
+
# @return [::Integer]
|
|
39
|
+
# Total exfiltrated bytes processed for the entire job.
|
|
37
40
|
class Exfiltration
|
|
38
41
|
include ::Google::Protobuf::MessageExts
|
|
39
42
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -45,9 +45,26 @@ module Google
|
|
|
45
45
|
# @!attribute [rw] contents
|
|
46
46
|
# @return [::String]
|
|
47
47
|
# Prefix of the file contents as a JSON-encoded string.
|
|
48
|
+
# @!attribute [rw] disk_path
|
|
49
|
+
# @return [::Google::Cloud::SecurityCenter::V1::File::DiskPath]
|
|
50
|
+
# Path of the file in terms of underlying disk/partition identifiers.
|
|
48
51
|
class File
|
|
49
52
|
include ::Google::Protobuf::MessageExts
|
|
50
53
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
54
|
+
|
|
55
|
+
# Path of the file in terms of underlying disk/partition identifiers.
|
|
56
|
+
# @!attribute [rw] partition_uuid
|
|
57
|
+
# @return [::String]
|
|
58
|
+
# UUID of the partition (format
|
|
59
|
+
# https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid)
|
|
60
|
+
# @!attribute [rw] relative_path
|
|
61
|
+
# @return [::String]
|
|
62
|
+
# Relative path of the file in the partition as a JSON encoded string.
|
|
63
|
+
# Example: /home/user1/executable_file.sh
|
|
64
|
+
class DiskPath
|
|
65
|
+
include ::Google::Protobuf::MessageExts
|
|
66
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
67
|
+
end
|
|
51
68
|
end
|
|
52
69
|
end
|
|
53
70
|
end
|
|
@@ -212,12 +212,21 @@ module Google
|
|
|
212
212
|
# @!attribute [rw] kernel_rootkit
|
|
213
213
|
# @return [::Google::Cloud::SecurityCenter::V1::KernelRootkit]
|
|
214
214
|
# Signature of the kernel rootkit.
|
|
215
|
+
# @!attribute [rw] org_policies
|
|
216
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::OrgPolicy>]
|
|
217
|
+
# Contains information about the org policies associated with the finding.
|
|
215
218
|
# @!attribute [rw] application
|
|
216
219
|
# @return [::Google::Cloud::SecurityCenter::V1::Application]
|
|
217
220
|
# Represents an application associated with the finding.
|
|
218
221
|
# @!attribute [rw] backup_disaster_recovery
|
|
219
222
|
# @return [::Google::Cloud::SecurityCenter::V1::BackupDisasterRecovery]
|
|
220
223
|
# Fields related to Backup and DR findings.
|
|
224
|
+
# @!attribute [rw] log_entries
|
|
225
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::LogEntry>]
|
|
226
|
+
# Log entries that are relevant to the finding.
|
|
227
|
+
# @!attribute [rw] load_balancers
|
|
228
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::LoadBalancer>]
|
|
229
|
+
# The load balancers associated with the finding.
|
|
221
230
|
class Finding
|
|
222
231
|
include ::Google::Protobuf::MessageExts
|
|
223
232
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -50,6 +50,9 @@ module Google
|
|
|
50
50
|
# @!attribute [rw] yara_rule_signature
|
|
51
51
|
# @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::YaraRuleSignature]
|
|
52
52
|
# Signature indicating that a YARA rule was matched.
|
|
53
|
+
# @!attribute [rw] signature_type
|
|
54
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::SignatureType]
|
|
55
|
+
# Describes the type of resource associated with the signature.
|
|
53
56
|
class ProcessSignature
|
|
54
57
|
include ::Google::Protobuf::MessageExts
|
|
55
58
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -89,6 +92,18 @@ module Google
|
|
|
89
92
|
include ::Google::Protobuf::MessageExts
|
|
90
93
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
91
94
|
end
|
|
95
|
+
|
|
96
|
+
# Possible resource types to be associated with a signature.
|
|
97
|
+
module SignatureType
|
|
98
|
+
# The default signature type.
|
|
99
|
+
SIGNATURE_TYPE_UNSPECIFIED = 0
|
|
100
|
+
|
|
101
|
+
# Used for signatures concerning processes.
|
|
102
|
+
SIGNATURE_TYPE_PROCESS = 1
|
|
103
|
+
|
|
104
|
+
# Used for signatures concerning disks.
|
|
105
|
+
SIGNATURE_TYPE_FILE = 2
|
|
106
|
+
end
|
|
92
107
|
end
|
|
93
108
|
end
|
|
94
109
|
end
|
|
@@ -52,6 +52,9 @@ module Google
|
|
|
52
52
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>]
|
|
53
53
|
# Provides information on any Kubernetes access reviews (privilege checks)
|
|
54
54
|
# relevant to the finding.
|
|
55
|
+
# @!attribute [rw] objects
|
|
56
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Object>]
|
|
57
|
+
# Kubernetes objects related to the finding.
|
|
55
58
|
class Kubernetes
|
|
56
59
|
include ::Google::Protobuf::MessageExts
|
|
57
60
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -205,6 +208,32 @@ module Google
|
|
|
205
208
|
include ::Google::Protobuf::MessageExts
|
|
206
209
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
207
210
|
end
|
|
211
|
+
|
|
212
|
+
# Kubernetes object related to the finding, uniquely identified by GKNN.
|
|
213
|
+
# Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
|
|
214
|
+
# AccessReview.
|
|
215
|
+
# @!attribute [rw] group
|
|
216
|
+
# @return [::String]
|
|
217
|
+
# Kubernetes object group, such as "policy.k8s.io/v1".
|
|
218
|
+
# @!attribute [rw] kind
|
|
219
|
+
# @return [::String]
|
|
220
|
+
# Kubernetes object kind, such as "Namespace".
|
|
221
|
+
# @!attribute [rw] ns
|
|
222
|
+
# @return [::String]
|
|
223
|
+
# Kubernetes object namespace. Must be a valid DNS label. Named
|
|
224
|
+
# "ns" to avoid collision with C++ namespace keyword. For details see
|
|
225
|
+
# https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
|
|
226
|
+
# @!attribute [rw] name
|
|
227
|
+
# @return [::String]
|
|
228
|
+
# Kubernetes object name. For details see
|
|
229
|
+
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
|
|
230
|
+
# @!attribute [rw] containers
|
|
231
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
|
|
232
|
+
# Pod containers associated with this finding, if any.
|
|
233
|
+
class Object
|
|
234
|
+
include ::Google::Protobuf::MessageExts
|
|
235
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
236
|
+
end
|
|
208
237
|
end
|
|
209
238
|
end
|
|
210
239
|
end
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2024 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module SecurityCenter
|
|
23
|
+
module V1
|
|
24
|
+
# Contains information related to the load balancer associated with the
|
|
25
|
+
# finding.
|
|
26
|
+
# @!attribute [rw] name
|
|
27
|
+
# @return [::String]
|
|
28
|
+
# The name of the load balancer associated with the finding.
|
|
29
|
+
class LoadBalancer
|
|
30
|
+
include ::Google::Protobuf::MessageExts
|
|
31
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2024 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module SecurityCenter
|
|
23
|
+
module V1
|
|
24
|
+
# An individual entry in a log.
|
|
25
|
+
# @!attribute [rw] cloud_logging_entry
|
|
26
|
+
# @return [::Google::Cloud::SecurityCenter::V1::CloudLoggingEntry]
|
|
27
|
+
# An individual entry in a log stored in Cloud Logging.
|
|
28
|
+
class LogEntry
|
|
29
|
+
include ::Google::Protobuf::MessageExts
|
|
30
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
# Metadata taken from a [Cloud Logging
|
|
34
|
+
# LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry)
|
|
35
|
+
# @!attribute [rw] insert_id
|
|
36
|
+
# @return [::String]
|
|
37
|
+
# A unique identifier for the log entry.
|
|
38
|
+
# @!attribute [rw] log_id
|
|
39
|
+
# @return [::String]
|
|
40
|
+
# The type of the log (part of `log_name`. `log_name` is the resource name of
|
|
41
|
+
# the log to which this log entry belongs). For example:
|
|
42
|
+
# `cloudresourcemanager.googleapis.com/activity`. Note that this field is not
|
|
43
|
+
# URL-encoded, unlike the `LOG_ID` field in `LogEntry`.
|
|
44
|
+
# @!attribute [rw] resource_container
|
|
45
|
+
# @return [::String]
|
|
46
|
+
# The organization, folder, or project of the monitored resource that
|
|
47
|
+
# produced this log entry.
|
|
48
|
+
# @!attribute [rw] timestamp
|
|
49
|
+
# @return [::Google::Protobuf::Timestamp]
|
|
50
|
+
# The time the event described by the log entry occurred.
|
|
51
|
+
class CloudLoggingEntry
|
|
52
|
+
include ::Google::Protobuf::MessageExts
|
|
53
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
end
|
|
@@ -99,24 +99,28 @@ module Google
|
|
|
99
99
|
|
|
100
100
|
# MITRE ATT&CK techniques that can be referenced by SCC findings.
|
|
101
101
|
# See: https://attack.mitre.org/techniques/enterprise/
|
|
102
|
+
# Next ID: 59
|
|
102
103
|
module Technique
|
|
103
104
|
# Unspecified value.
|
|
104
105
|
TECHNIQUE_UNSPECIFIED = 0
|
|
105
106
|
|
|
106
|
-
#
|
|
107
|
-
|
|
107
|
+
# T1036
|
|
108
|
+
MASQUERADING = 49
|
|
108
109
|
|
|
109
|
-
#
|
|
110
|
-
|
|
110
|
+
# T1036.005
|
|
111
|
+
MATCH_LEGITIMATE_NAME_OR_LOCATION = 50
|
|
111
112
|
|
|
112
|
-
#
|
|
113
|
-
|
|
113
|
+
# T1037
|
|
114
|
+
BOOT_OR_LOGON_INITIALIZATION_SCRIPTS = 37
|
|
114
115
|
|
|
115
|
-
#
|
|
116
|
-
|
|
116
|
+
# T1037.005
|
|
117
|
+
STARTUP_ITEMS = 38
|
|
117
118
|
|
|
118
|
-
#
|
|
119
|
-
|
|
119
|
+
# T1046
|
|
120
|
+
NETWORK_SERVICE_DISCOVERY = 32
|
|
121
|
+
|
|
122
|
+
# T1057
|
|
123
|
+
PROCESS_DISCOVERY = 56
|
|
120
124
|
|
|
121
125
|
# T1059
|
|
122
126
|
COMMAND_AND_SCRIPTING_INTERPRETER = 6
|
|
@@ -124,89 +128,155 @@ module Google
|
|
|
124
128
|
# T1059.004
|
|
125
129
|
UNIX_SHELL = 7
|
|
126
130
|
|
|
127
|
-
#
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
# T1090
|
|
131
|
-
PROXY = 9
|
|
131
|
+
# T1069
|
|
132
|
+
PERMISSION_GROUPS_DISCOVERY = 18
|
|
132
133
|
|
|
133
|
-
#
|
|
134
|
-
|
|
134
|
+
# T1069.003
|
|
135
|
+
CLOUD_GROUPS = 19
|
|
135
136
|
|
|
136
|
-
#
|
|
137
|
-
|
|
137
|
+
# T1071
|
|
138
|
+
APPLICATION_LAYER_PROTOCOL = 45
|
|
138
139
|
|
|
139
|
-
#
|
|
140
|
-
|
|
140
|
+
# T1071.004
|
|
141
|
+
DNS = 46
|
|
141
142
|
|
|
142
|
-
#
|
|
143
|
-
|
|
143
|
+
# T1072
|
|
144
|
+
SOFTWARE_DEPLOYMENT_TOOLS = 47
|
|
144
145
|
|
|
145
146
|
# T1078
|
|
146
147
|
VALID_ACCOUNTS = 14
|
|
147
148
|
|
|
149
|
+
# T1078.001
|
|
150
|
+
DEFAULT_ACCOUNTS = 35
|
|
151
|
+
|
|
148
152
|
# T1078.003
|
|
149
153
|
LOCAL_ACCOUNTS = 15
|
|
150
154
|
|
|
151
155
|
# T1078.004
|
|
152
156
|
CLOUD_ACCOUNTS = 16
|
|
153
157
|
|
|
154
|
-
#
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
# T1069
|
|
158
|
-
PERMISSION_GROUPS_DISCOVERY = 18
|
|
159
|
-
|
|
160
|
-
# T1069.003
|
|
161
|
-
CLOUD_GROUPS = 19
|
|
158
|
+
# T1090
|
|
159
|
+
PROXY = 9
|
|
162
160
|
|
|
163
|
-
#
|
|
164
|
-
|
|
161
|
+
# T1090.002
|
|
162
|
+
EXTERNAL_PROXY = 10
|
|
165
163
|
|
|
166
|
-
#
|
|
167
|
-
|
|
164
|
+
# T1090.003
|
|
165
|
+
MULTI_HOP_PROXY = 11
|
|
168
166
|
|
|
169
167
|
# T1098
|
|
170
168
|
ACCOUNT_MANIPULATION = 22
|
|
171
169
|
|
|
170
|
+
# T1098.001
|
|
171
|
+
ADDITIONAL_CLOUD_CREDENTIALS = 40
|
|
172
|
+
|
|
172
173
|
# T1098.004
|
|
173
174
|
SSH_AUTHORIZED_KEYS = 23
|
|
174
175
|
|
|
175
|
-
#
|
|
176
|
-
|
|
176
|
+
# T1098.006
|
|
177
|
+
ADDITIONAL_CONTAINER_CLUSTER_ROLES = 58
|
|
177
178
|
|
|
178
|
-
#
|
|
179
|
-
|
|
179
|
+
# T1105
|
|
180
|
+
INGRESS_TOOL_TRANSFER = 3
|
|
180
181
|
|
|
181
|
-
#
|
|
182
|
-
|
|
182
|
+
# T1106
|
|
183
|
+
NATIVE_API = 4
|
|
184
|
+
|
|
185
|
+
# T1110
|
|
186
|
+
BRUTE_FORCE = 44
|
|
187
|
+
|
|
188
|
+
# T1129
|
|
189
|
+
SHARED_MODULES = 5
|
|
190
|
+
|
|
191
|
+
# T1134
|
|
192
|
+
ACCESS_TOKEN_MANIPULATION = 33
|
|
193
|
+
|
|
194
|
+
# T1134.001
|
|
195
|
+
TOKEN_IMPERSONATION_OR_THEFT = 39
|
|
183
196
|
|
|
184
197
|
# T1190
|
|
185
198
|
EXPLOIT_PUBLIC_FACING_APPLICATION = 27
|
|
186
199
|
|
|
187
|
-
#
|
|
188
|
-
|
|
200
|
+
# T1484
|
|
201
|
+
DOMAIN_POLICY_MODIFICATION = 30
|
|
189
202
|
|
|
190
203
|
# T1485
|
|
191
204
|
DATA_DESTRUCTION = 29
|
|
192
205
|
|
|
193
|
-
#
|
|
194
|
-
|
|
206
|
+
# T1489
|
|
207
|
+
SERVICE_STOP = 52
|
|
195
208
|
|
|
196
|
-
#
|
|
197
|
-
|
|
209
|
+
# T1490
|
|
210
|
+
INHIBIT_SYSTEM_RECOVERY = 36
|
|
198
211
|
|
|
199
|
-
#
|
|
200
|
-
|
|
212
|
+
# T1496
|
|
213
|
+
RESOURCE_HIJACKING = 8
|
|
201
214
|
|
|
202
|
-
#
|
|
203
|
-
|
|
215
|
+
# T1498
|
|
216
|
+
NETWORK_DENIAL_OF_SERVICE = 17
|
|
217
|
+
|
|
218
|
+
# T1526
|
|
219
|
+
CLOUD_SERVICE_DISCOVERY = 48
|
|
220
|
+
|
|
221
|
+
# T1528
|
|
222
|
+
STEAL_APPLICATION_ACCESS_TOKEN = 42
|
|
223
|
+
|
|
224
|
+
# T1531
|
|
225
|
+
ACCOUNT_ACCESS_REMOVAL = 51
|
|
226
|
+
|
|
227
|
+
# T1539
|
|
228
|
+
STEAL_WEB_SESSION_COOKIE = 25
|
|
229
|
+
|
|
230
|
+
# T1543
|
|
231
|
+
CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
|
|
204
232
|
|
|
205
233
|
# T1548
|
|
206
234
|
ABUSE_ELEVATION_CONTROL_MECHANISM = 34
|
|
207
235
|
|
|
208
|
-
#
|
|
209
|
-
|
|
236
|
+
# T1552
|
|
237
|
+
UNSECURED_CREDENTIALS = 13
|
|
238
|
+
|
|
239
|
+
# T1556
|
|
240
|
+
MODIFY_AUTHENTICATION_PROCESS = 28
|
|
241
|
+
|
|
242
|
+
# T1562
|
|
243
|
+
IMPAIR_DEFENSES = 31
|
|
244
|
+
|
|
245
|
+
# T1562.001
|
|
246
|
+
DISABLE_OR_MODIFY_TOOLS = 55
|
|
247
|
+
|
|
248
|
+
# T1567
|
|
249
|
+
EXFILTRATION_OVER_WEB_SERVICE = 20
|
|
250
|
+
|
|
251
|
+
# T1567.002
|
|
252
|
+
EXFILTRATION_TO_CLOUD_STORAGE = 21
|
|
253
|
+
|
|
254
|
+
# T1568
|
|
255
|
+
DYNAMIC_RESOLUTION = 12
|
|
256
|
+
|
|
257
|
+
# T1570
|
|
258
|
+
LATERAL_TOOL_TRANSFER = 41
|
|
259
|
+
|
|
260
|
+
# T1578
|
|
261
|
+
MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
|
|
262
|
+
|
|
263
|
+
# T1578.001
|
|
264
|
+
CREATE_SNAPSHOT = 54
|
|
265
|
+
|
|
266
|
+
# T1580
|
|
267
|
+
CLOUD_INFRASTRUCTURE_DISCOVERY = 53
|
|
268
|
+
|
|
269
|
+
# T1588
|
|
270
|
+
OBTAIN_CAPABILITIES = 43
|
|
271
|
+
|
|
272
|
+
# T1595
|
|
273
|
+
ACTIVE_SCANNING = 1
|
|
274
|
+
|
|
275
|
+
# T1595.001
|
|
276
|
+
SCANNING_IP_BLOCKS = 2
|
|
277
|
+
|
|
278
|
+
# T1613
|
|
279
|
+
CONTAINER_AND_RESOURCE_DISCOVERY = 57
|
|
210
280
|
end
|
|
211
281
|
end
|
|
212
282
|
end
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2024 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module SecurityCenter
|
|
23
|
+
module V1
|
|
24
|
+
# Contains information about the org policies associated with the finding.
|
|
25
|
+
# @!attribute [rw] name
|
|
26
|
+
# @return [::String]
|
|
27
|
+
# The resource name of the org policy.
|
|
28
|
+
# Example:
|
|
29
|
+
# "organizations/\\{organization_id}/policies/\\{constraint_name}"
|
|
30
|
+
class OrgPolicy
|
|
31
|
+
include ::Google::Protobuf::MessageExts
|
|
32
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
@@ -49,9 +49,9 @@ module Google
|
|
|
49
49
|
# outdated or insecure libraries."
|
|
50
50
|
# @!attribute [rw] canonical_name
|
|
51
51
|
# @return [::String]
|
|
52
|
-
# The canonical name of the finding. It's either
|
|
52
|
+
# The canonical name of the finding source. It's either
|
|
53
53
|
# "organizations/\\{organization_id}/sources/\\{source_id}",
|
|
54
|
-
# "folders/\\{folder_id}/sources/\\{source_id}" or
|
|
54
|
+
# "folders/\\{folder_id}/sources/\\{source_id}", or
|
|
55
55
|
# "projects/\\{project_number}/sources/\\{source_id}",
|
|
56
56
|
# depending on the closest CRM ancestor of the resource associated with the
|
|
57
57
|
# finding.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-cloud-security_center-v1
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.37.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Google LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-02-
|
|
11
|
+
date: 2024-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gapic-common
|
|
@@ -58,118 +58,6 @@ dependencies:
|
|
|
58
58
|
- - "~>"
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
60
|
version: '1.1'
|
|
61
|
-
- !ruby/object:Gem::Dependency
|
|
62
|
-
name: google-style
|
|
63
|
-
requirement: !ruby/object:Gem::Requirement
|
|
64
|
-
requirements:
|
|
65
|
-
- - "~>"
|
|
66
|
-
- !ruby/object:Gem::Version
|
|
67
|
-
version: 1.26.3
|
|
68
|
-
type: :development
|
|
69
|
-
prerelease: false
|
|
70
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
71
|
-
requirements:
|
|
72
|
-
- - "~>"
|
|
73
|
-
- !ruby/object:Gem::Version
|
|
74
|
-
version: 1.26.3
|
|
75
|
-
- !ruby/object:Gem::Dependency
|
|
76
|
-
name: minitest
|
|
77
|
-
requirement: !ruby/object:Gem::Requirement
|
|
78
|
-
requirements:
|
|
79
|
-
- - "~>"
|
|
80
|
-
- !ruby/object:Gem::Version
|
|
81
|
-
version: '5.16'
|
|
82
|
-
type: :development
|
|
83
|
-
prerelease: false
|
|
84
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
85
|
-
requirements:
|
|
86
|
-
- - "~>"
|
|
87
|
-
- !ruby/object:Gem::Version
|
|
88
|
-
version: '5.16'
|
|
89
|
-
- !ruby/object:Gem::Dependency
|
|
90
|
-
name: minitest-focus
|
|
91
|
-
requirement: !ruby/object:Gem::Requirement
|
|
92
|
-
requirements:
|
|
93
|
-
- - "~>"
|
|
94
|
-
- !ruby/object:Gem::Version
|
|
95
|
-
version: '1.1'
|
|
96
|
-
type: :development
|
|
97
|
-
prerelease: false
|
|
98
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
99
|
-
requirements:
|
|
100
|
-
- - "~>"
|
|
101
|
-
- !ruby/object:Gem::Version
|
|
102
|
-
version: '1.1'
|
|
103
|
-
- !ruby/object:Gem::Dependency
|
|
104
|
-
name: minitest-rg
|
|
105
|
-
requirement: !ruby/object:Gem::Requirement
|
|
106
|
-
requirements:
|
|
107
|
-
- - "~>"
|
|
108
|
-
- !ruby/object:Gem::Version
|
|
109
|
-
version: '5.2'
|
|
110
|
-
type: :development
|
|
111
|
-
prerelease: false
|
|
112
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
113
|
-
requirements:
|
|
114
|
-
- - "~>"
|
|
115
|
-
- !ruby/object:Gem::Version
|
|
116
|
-
version: '5.2'
|
|
117
|
-
- !ruby/object:Gem::Dependency
|
|
118
|
-
name: rake
|
|
119
|
-
requirement: !ruby/object:Gem::Requirement
|
|
120
|
-
requirements:
|
|
121
|
-
- - ">="
|
|
122
|
-
- !ruby/object:Gem::Version
|
|
123
|
-
version: '13.0'
|
|
124
|
-
type: :development
|
|
125
|
-
prerelease: false
|
|
126
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
127
|
-
requirements:
|
|
128
|
-
- - ">="
|
|
129
|
-
- !ruby/object:Gem::Version
|
|
130
|
-
version: '13.0'
|
|
131
|
-
- !ruby/object:Gem::Dependency
|
|
132
|
-
name: redcarpet
|
|
133
|
-
requirement: !ruby/object:Gem::Requirement
|
|
134
|
-
requirements:
|
|
135
|
-
- - "~>"
|
|
136
|
-
- !ruby/object:Gem::Version
|
|
137
|
-
version: '3.0'
|
|
138
|
-
type: :development
|
|
139
|
-
prerelease: false
|
|
140
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
141
|
-
requirements:
|
|
142
|
-
- - "~>"
|
|
143
|
-
- !ruby/object:Gem::Version
|
|
144
|
-
version: '3.0'
|
|
145
|
-
- !ruby/object:Gem::Dependency
|
|
146
|
-
name: simplecov
|
|
147
|
-
requirement: !ruby/object:Gem::Requirement
|
|
148
|
-
requirements:
|
|
149
|
-
- - "~>"
|
|
150
|
-
- !ruby/object:Gem::Version
|
|
151
|
-
version: '0.18'
|
|
152
|
-
type: :development
|
|
153
|
-
prerelease: false
|
|
154
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
155
|
-
requirements:
|
|
156
|
-
- - "~>"
|
|
157
|
-
- !ruby/object:Gem::Version
|
|
158
|
-
version: '0.18'
|
|
159
|
-
- !ruby/object:Gem::Dependency
|
|
160
|
-
name: yard
|
|
161
|
-
requirement: !ruby/object:Gem::Requirement
|
|
162
|
-
requirements:
|
|
163
|
-
- - "~>"
|
|
164
|
-
- !ruby/object:Gem::Version
|
|
165
|
-
version: '0.9'
|
|
166
|
-
type: :development
|
|
167
|
-
prerelease: false
|
|
168
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
169
|
-
requirements:
|
|
170
|
-
- - "~>"
|
|
171
|
-
- !ruby/object:Gem::Version
|
|
172
|
-
version: '0.9'
|
|
173
61
|
description: Security Command Center API provides access to temporal views of assets
|
|
174
62
|
and findings within an organization. Note that google-cloud-security_center-v1 is
|
|
175
63
|
a version-specific client library. For most uses, we recommend installing the main
|
|
@@ -219,10 +107,13 @@ files:
|
|
|
219
107
|
- lib/google/cloud/securitycenter/v1/kernel_rootkit_pb.rb
|
|
220
108
|
- lib/google/cloud/securitycenter/v1/kubernetes_pb.rb
|
|
221
109
|
- lib/google/cloud/securitycenter/v1/label_pb.rb
|
|
110
|
+
- lib/google/cloud/securitycenter/v1/load_balancer_pb.rb
|
|
111
|
+
- lib/google/cloud/securitycenter/v1/log_entry_pb.rb
|
|
222
112
|
- lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb
|
|
223
113
|
- lib/google/cloud/securitycenter/v1/mute_config_pb.rb
|
|
224
114
|
- lib/google/cloud/securitycenter/v1/notification_config_pb.rb
|
|
225
115
|
- lib/google/cloud/securitycenter/v1/notification_message_pb.rb
|
|
116
|
+
- lib/google/cloud/securitycenter/v1/org_policy_pb.rb
|
|
226
117
|
- lib/google/cloud/securitycenter/v1/organization_settings_pb.rb
|
|
227
118
|
- lib/google/cloud/securitycenter/v1/process_pb.rb
|
|
228
119
|
- lib/google/cloud/securitycenter/v1/resource_pb.rb
|
|
@@ -262,10 +153,13 @@ files:
|
|
|
262
153
|
- proto_docs/google/cloud/securitycenter/v1/kernel_rootkit.rb
|
|
263
154
|
- proto_docs/google/cloud/securitycenter/v1/kubernetes.rb
|
|
264
155
|
- proto_docs/google/cloud/securitycenter/v1/label.rb
|
|
156
|
+
- proto_docs/google/cloud/securitycenter/v1/load_balancer.rb
|
|
157
|
+
- proto_docs/google/cloud/securitycenter/v1/log_entry.rb
|
|
265
158
|
- proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb
|
|
266
159
|
- proto_docs/google/cloud/securitycenter/v1/mute_config.rb
|
|
267
160
|
- proto_docs/google/cloud/securitycenter/v1/notification_config.rb
|
|
268
161
|
- proto_docs/google/cloud/securitycenter/v1/notification_message.rb
|
|
162
|
+
- proto_docs/google/cloud/securitycenter/v1/org_policy.rb
|
|
269
163
|
- proto_docs/google/cloud/securitycenter/v1/organization_settings.rb
|
|
270
164
|
- proto_docs/google/cloud/securitycenter/v1/process.rb
|
|
271
165
|
- proto_docs/google/cloud/securitycenter/v1/resource.rb
|
|
@@ -300,14 +194,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
300
194
|
requirements:
|
|
301
195
|
- - ">="
|
|
302
196
|
- !ruby/object:Gem::Version
|
|
303
|
-
version: '2.
|
|
197
|
+
version: '2.7'
|
|
304
198
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
305
199
|
requirements:
|
|
306
200
|
- - ">="
|
|
307
201
|
- !ruby/object:Gem::Version
|
|
308
202
|
version: '0'
|
|
309
203
|
requirements: []
|
|
310
|
-
rubygems_version: 3.5.
|
|
204
|
+
rubygems_version: 3.5.6
|
|
311
205
|
signing_key:
|
|
312
206
|
specification_version: 4
|
|
313
207
|
summary: Security Command Center API provides access to temporal views of assets and
|