google-cloud-security_center-v1 0.36.0 → 0.37.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/google/cloud/security_center/v1/security_center/paths.rb +52 -0
- data/lib/google/cloud/security_center/v1/version.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/database_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/exfiltration_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/file_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/finding_pb.rb +7 -1
- data/lib/google/cloud/securitycenter/v1/indicator_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/kubernetes_pb.rb +2 -1
- data/lib/google/cloud/securitycenter/v1/load_balancer_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v1/log_entry_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb +1 -1
- data/lib/google/cloud/securitycenter/v1/org_policy_pb.rb +44 -0
- data/proto_docs/google/cloud/securitycenter/v1/database.rb +10 -5
- data/proto_docs/google/cloud/securitycenter/v1/exfiltration.rb +3 -0
- data/proto_docs/google/cloud/securitycenter/v1/file.rb +17 -0
- data/proto_docs/google/cloud/securitycenter/v1/finding.rb +9 -0
- data/proto_docs/google/cloud/securitycenter/v1/indicator.rb +15 -0
- data/proto_docs/google/cloud/securitycenter/v1/kubernetes.rb +29 -0
- data/proto_docs/google/cloud/securitycenter/v1/load_balancer.rb +36 -0
- data/proto_docs/google/cloud/securitycenter/v1/log_entry.rb +58 -0
- data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb +123 -53
- data/proto_docs/google/cloud/securitycenter/v1/org_policy.rb +37 -0
- data/proto_docs/google/cloud/securitycenter/v1/source.rb +2 -2
- metadata +10 -116
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 71e9ae18061bbee40a67452c46b2c87d4aa1ee79356f451f8487b2e9b17e8bd8
|
|
4
|
+
data.tar.gz: 86e576ab812f8867b26e7c53f5638a5797f6631fc247c5e8b66386490b497506
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 05c7564c8efa393092864a5eb3960d13ad28a981ecfeb7f1a275c3add9eb2e7b3644245311b1d5612f1c0b79248612e3c4334649b4506e08610ddf446cb2d76b
|
|
7
|
+
data.tar.gz: aa598257754753bdc2da9fa7816287389a4ee9bd91d96ad6087d0ce72d936d32eaf1a7246e79cc99898d7ba8b4a677ca1f806b3032bfecbf576ec1c7ef385147
|
data/README.md
CHANGED
|
@@ -76,7 +76,7 @@ To browse ready to use code samples check [Google Cloud Samples](https://cloud.g
|
|
|
76
76
|
|
|
77
77
|
## Supported Ruby Versions
|
|
78
78
|
|
|
79
|
-
This library is supported on Ruby 2.
|
|
79
|
+
This library is supported on Ruby 2.7+.
|
|
80
80
|
|
|
81
81
|
Google provides official support for Ruby versions that are actively supported
|
|
82
82
|
by Ruby Core—that is, Ruby versions that are either in normal maintenance or
|
|
@@ -437,6 +437,58 @@ module Google
|
|
|
437
437
|
"organizations/#{organization}/organizationSettings"
|
|
438
438
|
end
|
|
439
439
|
|
|
440
|
+
##
|
|
441
|
+
# Create a fully-qualified Policy resource string.
|
|
442
|
+
#
|
|
443
|
+
# @overload policy_path(organization:, constraint_name:)
|
|
444
|
+
# The resource will be in the following format:
|
|
445
|
+
#
|
|
446
|
+
# `organizations/{organization}/policies/{constraint_name}`
|
|
447
|
+
#
|
|
448
|
+
# @param organization [String]
|
|
449
|
+
# @param constraint_name [String]
|
|
450
|
+
#
|
|
451
|
+
# @overload policy_path(folder:, constraint_name:)
|
|
452
|
+
# The resource will be in the following format:
|
|
453
|
+
#
|
|
454
|
+
# `folders/{folder}/policies/{constraint_name}`
|
|
455
|
+
#
|
|
456
|
+
# @param folder [String]
|
|
457
|
+
# @param constraint_name [String]
|
|
458
|
+
#
|
|
459
|
+
# @overload policy_path(project:, constraint_name:)
|
|
460
|
+
# The resource will be in the following format:
|
|
461
|
+
#
|
|
462
|
+
# `projects/{project}/policies/{constraint_name}`
|
|
463
|
+
#
|
|
464
|
+
# @param project [String]
|
|
465
|
+
# @param constraint_name [String]
|
|
466
|
+
#
|
|
467
|
+
# @return [::String]
|
|
468
|
+
def policy_path **args
|
|
469
|
+
resources = {
|
|
470
|
+
"constraint_name:organization" => (proc do |organization:, constraint_name:|
|
|
471
|
+
raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
|
|
472
|
+
|
|
473
|
+
"organizations/#{organization}/policies/#{constraint_name}"
|
|
474
|
+
end),
|
|
475
|
+
"constraint_name:folder" => (proc do |folder:, constraint_name:|
|
|
476
|
+
raise ::ArgumentError, "folder cannot contain /" if folder.to_s.include? "/"
|
|
477
|
+
|
|
478
|
+
"folders/#{folder}/policies/#{constraint_name}"
|
|
479
|
+
end),
|
|
480
|
+
"constraint_name:project" => (proc do |project:, constraint_name:|
|
|
481
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
|
482
|
+
|
|
483
|
+
"projects/#{project}/policies/#{constraint_name}"
|
|
484
|
+
end)
|
|
485
|
+
}
|
|
486
|
+
|
|
487
|
+
resource = resources[args.keys.sort.join(":")]
|
|
488
|
+
raise ::ArgumentError, "no resource found for values #{args.keys}" if resource.nil?
|
|
489
|
+
resource.call(**args)
|
|
490
|
+
end
|
|
491
|
+
|
|
440
492
|
##
|
|
441
493
|
# Create a fully-qualified Project resource string.
|
|
442
494
|
#
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n-google/cloud/securitycenter/v1/database.proto\x12\x1egoogle.cloud.securitycenter.v1\"
|
|
8
|
+
descriptor_data = "\n-google/cloud/securitycenter/v1/database.proto\x12\x1egoogle.cloud.securitycenter.v1\"s\n\x08\x44\x61tabase\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x02 \x01(\t\x12\x11\n\tuser_name\x18\x03 \x01(\t\x12\r\n\x05query\x18\x04 \x01(\t\x12\x10\n\x08grantees\x18\x05 \x03(\t\x12\x0f\n\x07version\x18\x06 \x01(\tB\xe7\x01\n\"com.google.cloud.securitycenter.v1B\rDatabaseProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n1google/cloud/securitycenter/v1/exfiltration.proto\x12\x1egoogle.cloud.securitycenter.v1\"\
|
|
8
|
+
descriptor_data = "\n1google/cloud/securitycenter/v1/exfiltration.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xaf\x01\n\x0c\x45xfiltration\x12>\n\x07sources\x18\x01 \x03(\x0b\x32-.google.cloud.securitycenter.v1.ExfilResource\x12>\n\x07targets\x18\x02 \x03(\x0b\x32-.google.cloud.securitycenter.v1.ExfilResource\x12\x1f\n\x17total_exfiltrated_bytes\x18\x03 \x01(\x03\"1\n\rExfilResource\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x12\n\ncomponents\x18\x02 \x03(\tB\xeb\x01\n\"com.google.cloud.securitycenter.v1B\x11\x45xfiltrationProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n)google/cloud/securitycenter/v1/file.proto\x12\x1egoogle.cloud.securitycenter.v1\"
|
|
8
|
+
descriptor_data = "\n)google/cloud/securitycenter/v1/file.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xf0\x01\n\x04\x46ile\x12\x0c\n\x04path\x18\x01 \x01(\t\x12\x0c\n\x04size\x18\x02 \x01(\x03\x12\x0e\n\x06sha256\x18\x03 \x01(\t\x12\x13\n\x0bhashed_size\x18\x04 \x01(\x03\x12\x18\n\x10partially_hashed\x18\x05 \x01(\x08\x12\x10\n\x08\x63ontents\x18\x06 \x01(\t\x12@\n\tdisk_path\x18\x07 \x01(\x0b\x32-.google.cloud.securitycenter.v1.File.DiskPath\x1a\x39\n\x08\x44iskPath\x12\x16\n\x0epartition_uuid\x18\x01 \x01(\t\x12\x15\n\rrelative_path\x18\x02 \x01(\tB\xe3\x01\n\"com.google.cloud.securitycenter.v1B\tFileProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -36,6 +36,7 @@ module Google
|
|
|
36
36
|
module SecurityCenter
|
|
37
37
|
module V1
|
|
38
38
|
File = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.File").msgclass
|
|
39
|
+
File::DiskPath = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.File.DiskPath").msgclass
|
|
39
40
|
end
|
|
40
41
|
end
|
|
41
42
|
end
|
|
@@ -23,7 +23,10 @@ require 'google/cloud/securitycenter/v1/iam_binding_pb'
|
|
|
23
23
|
require 'google/cloud/securitycenter/v1/indicator_pb'
|
|
24
24
|
require 'google/cloud/securitycenter/v1/kernel_rootkit_pb'
|
|
25
25
|
require 'google/cloud/securitycenter/v1/kubernetes_pb'
|
|
26
|
+
require 'google/cloud/securitycenter/v1/load_balancer_pb'
|
|
27
|
+
require 'google/cloud/securitycenter/v1/log_entry_pb'
|
|
26
28
|
require 'google/cloud/securitycenter/v1/mitre_attack_pb'
|
|
29
|
+
require 'google/cloud/securitycenter/v1/org_policy_pb'
|
|
27
30
|
require 'google/cloud/securitycenter/v1/process_pb'
|
|
28
31
|
require 'google/cloud/securitycenter/v1/security_marks_pb'
|
|
29
32
|
require 'google/cloud/securitycenter/v1/vulnerability_pb'
|
|
@@ -31,7 +34,7 @@ require 'google/protobuf/struct_pb'
|
|
|
31
34
|
require 'google/protobuf/timestamp_pb'
|
|
32
35
|
|
|
33
36
|
|
|
34
|
-
descriptor_data = "\n,google/cloud/securitycenter/v1/finding.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a+google/cloud/securitycenter/v1/access.proto\x1a\x30google/cloud/securitycenter/v1/application.proto\x1a=google/cloud/securitycenter/v1/backup_disaster_recovery.proto\x1a;google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto\x1a\x39google/cloud/securitycenter/v1/cloud_dlp_inspection.proto\x1a/google/cloud/securitycenter/v1/compliance.proto\x1a/google/cloud/securitycenter/v1/connection.proto\x1a\x34google/cloud/securitycenter/v1/contact_details.proto\x1a.google/cloud/securitycenter/v1/container.proto\x1a-google/cloud/securitycenter/v1/database.proto\x1a\x31google/cloud/securitycenter/v1/exfiltration.proto\x1a\x34google/cloud/securitycenter/v1/external_system.proto\x1a)google/cloud/securitycenter/v1/file.proto\x1a\x30google/cloud/securitycenter/v1/iam_binding.proto\x1a.google/cloud/securitycenter/v1/indicator.proto\x1a\x33google/cloud/securitycenter/v1/kernel_rootkit.proto\x1a/google/cloud/securitycenter/v1/kubernetes.proto\x1a\x31google/cloud/securitycenter/v1/mitre_attack.proto\x1a,google/cloud/securitycenter/v1/process.proto\x1a\x33google/cloud/securitycenter/v1/security_marks.proto\x1a\x32google/cloud/securitycenter/v1/vulnerability.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\
|
|
37
|
+
descriptor_data = "\n,google/cloud/securitycenter/v1/finding.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a+google/cloud/securitycenter/v1/access.proto\x1a\x30google/cloud/securitycenter/v1/application.proto\x1a=google/cloud/securitycenter/v1/backup_disaster_recovery.proto\x1a;google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto\x1a\x39google/cloud/securitycenter/v1/cloud_dlp_inspection.proto\x1a/google/cloud/securitycenter/v1/compliance.proto\x1a/google/cloud/securitycenter/v1/connection.proto\x1a\x34google/cloud/securitycenter/v1/contact_details.proto\x1a.google/cloud/securitycenter/v1/container.proto\x1a-google/cloud/securitycenter/v1/database.proto\x1a\x31google/cloud/securitycenter/v1/exfiltration.proto\x1a\x34google/cloud/securitycenter/v1/external_system.proto\x1a)google/cloud/securitycenter/v1/file.proto\x1a\x30google/cloud/securitycenter/v1/iam_binding.proto\x1a.google/cloud/securitycenter/v1/indicator.proto\x1a\x33google/cloud/securitycenter/v1/kernel_rootkit.proto\x1a/google/cloud/securitycenter/v1/kubernetes.proto\x1a\x32google/cloud/securitycenter/v1/load_balancer.proto\x1a.google/cloud/securitycenter/v1/log_entry.proto\x1a\x31google/cloud/securitycenter/v1/mitre_attack.proto\x1a/google/cloud/securitycenter/v1/org_policy.proto\x1a,google/cloud/securitycenter/v1/process.proto\x1a\x33google/cloud/securitycenter/v1/security_marks.proto\x1a\x32google/cloud/securitycenter/v1/vulnerability.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xc0\x19\n\x07\x46inding\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\x12\x15\n\rresource_name\x18\x03 \x01(\t\x12<\n\x05state\x18\x04 \x01(\x0e\x32-.google.cloud.securitycenter.v1.Finding.State\x12\x10\n\x08\x63\x61tegory\x18\x05 \x01(\t\x12\x14\n\x0c\x65xternal_uri\x18\x06 \x01(\t\x12X\n\x11source_properties\x18\x07 \x03(\x0b\x32=.google.cloud.securitycenter.v1.Finding.SourcePropertiesEntry\x12J\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarksB\x03\xe0\x41\x03\x12.\n\nevent_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x63reate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x42\n\x08severity\x18\x0c \x01(\x0e\x32\x30.google.cloud.securitycenter.v1.Finding.Severity\x12\x16\n\x0e\x63\x61nonical_name\x18\x0e \x01(\t\x12:\n\x04mute\x18\x0f \x01(\x0e\x32,.google.cloud.securitycenter.v1.Finding.Mute\x12K\n\rfinding_class\x18\x11 \x01(\x0e\x32\x34.google.cloud.securitycenter.v1.Finding.FindingClass\x12<\n\tindicator\x18\x12 \x01(\x0b\x32).google.cloud.securitycenter.v1.Indicator\x12\x44\n\rvulnerability\x18\x14 \x01(\x0b\x32-.google.cloud.securitycenter.v1.Vulnerability\x12\x39\n\x10mute_update_time\x18\x15 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x12[\n\x10\x65xternal_systems\x18\x16 \x03(\x0b\x32<.google.cloud.securitycenter.v1.Finding.ExternalSystemsEntryB\x03\xe0\x41\x03\x12\x41\n\x0cmitre_attack\x18\x19 \x01(\x0b\x32+.google.cloud.securitycenter.v1.MitreAttack\x12\x36\n\x06\x61\x63\x63\x65ss\x18\x1a \x01(\x0b\x32&.google.cloud.securitycenter.v1.Access\x12?\n\x0b\x63onnections\x18\x1f \x03(\x0b\x32*.google.cloud.securitycenter.v1.Connection\x12\x16\n\x0emute_initiator\x18\x1c \x01(\t\x12:\n\tprocesses\x18\x1e \x03(\x0b\x32\'.google.cloud.securitycenter.v1.Process\x12L\n\x08\x63ontacts\x18! \x03(\x0b\x32\x35.google.cloud.securitycenter.v1.Finding.ContactsEntryB\x03\xe0\x41\x03\x12?\n\x0b\x63ompliances\x18\" \x03(\x0b\x32*.google.cloud.securitycenter.v1.Compliance\x12 \n\x13parent_display_name\x18$ \x01(\tB\x03\xe0\x41\x03\x12\x13\n\x0b\x64\x65scription\x18% \x01(\t\x12\x42\n\x0c\x65xfiltration\x18& \x01(\x0b\x32,.google.cloud.securitycenter.v1.Exfiltration\x12@\n\x0ciam_bindings\x18\' \x03(\x0b\x32*.google.cloud.securitycenter.v1.IamBinding\x12\x12\n\nnext_steps\x18( \x01(\t\x12\x13\n\x0bmodule_name\x18) \x01(\t\x12=\n\ncontainers\x18* \x03(\x0b\x32).google.cloud.securitycenter.v1.Container\x12>\n\nkubernetes\x18+ \x01(\x0b\x32*.google.cloud.securitycenter.v1.Kubernetes\x12:\n\x08\x64\x61tabase\x18, \x01(\x0b\x32(.google.cloud.securitycenter.v1.Database\x12\x33\n\x05\x66iles\x18. \x03(\x0b\x32$.google.cloud.securitycenter.v1.File\x12P\n\x14\x63loud_dlp_inspection\x18\x30 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1.CloudDlpInspection\x12S\n\x16\x63loud_dlp_data_profile\x18\x31 \x01(\x0b\x32\x33.google.cloud.securitycenter.v1.CloudDlpDataProfile\x12\x45\n\x0ekernel_rootkit\x18\x32 \x01(\x0b\x32-.google.cloud.securitycenter.v1.KernelRootkit\x12?\n\x0corg_policies\x18\x33 \x03(\x0b\x32).google.cloud.securitycenter.v1.OrgPolicy\x12@\n\x0b\x61pplication\x18\x35 \x01(\x0b\x32+.google.cloud.securitycenter.v1.Application\x12X\n\x18\x62\x61\x63kup_disaster_recovery\x18\x37 \x01(\x0b\x32\x36.google.cloud.securitycenter.v1.BackupDisasterRecovery\x12=\n\x0blog_entries\x18\x39 \x03(\x0b\x32(.google.cloud.securitycenter.v1.LogEntry\x12\x44\n\x0eload_balancers\x18: \x03(\x0b\x32,.google.cloud.securitycenter.v1.LoadBalancer\x1aO\n\x15SourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01\x1a\x66\n\x14\x45xternalSystemsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12=\n\x05value\x18\x02 \x01(\x0b\x32..google.cloud.securitycenter.v1.ExternalSystem:\x02\x38\x01\x1a_\n\rContactsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12=\n\x05value\x18\x02 \x01(\x0b\x32..google.cloud.securitycenter.v1.ContactDetails:\x02\x38\x01\"8\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0c\n\x08INACTIVE\x10\x02\"Q\n\x08Severity\x12\x18\n\x14SEVERITY_UNSPECIFIED\x10\x00\x12\x0c\n\x08\x43RITICAL\x10\x01\x12\x08\n\x04HIGH\x10\x02\x12\n\n\x06MEDIUM\x10\x03\x12\x07\n\x03LOW\x10\x04\"C\n\x04Mute\x12\x14\n\x10MUTE_UNSPECIFIED\x10\x00\x12\t\n\x05MUTED\x10\x01\x12\x0b\n\x07UNMUTED\x10\x02\x12\r\n\tUNDEFINED\x10\x04\"\x82\x01\n\x0c\x46indingClass\x12\x1d\n\x19\x46INDING_CLASS_UNSPECIFIED\x10\x00\x12\n\n\x06THREAT\x10\x01\x12\x11\n\rVULNERABILITY\x10\x02\x12\x14\n\x10MISCONFIGURATION\x10\x03\x12\x0f\n\x0bOBSERVATION\x10\x04\x12\r\n\tSCC_ERROR\x10\x05:\xdb\x01\xea\x41\xd7\x01\n%securitycenter.googleapis.com/Finding\x12@organizations/{organization}/sources/{source}/findings/{finding}\x12\x34\x66olders/{folder}/sources/{source}/findings/{finding}\x12\x36projects/{project}/sources/{source}/findings/{finding}B\xd8\x01\n\"com.google.cloud.securitycenter.v1P\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
35
38
|
|
|
36
39
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
37
40
|
|
|
@@ -64,8 +67,11 @@ rescue TypeError
|
|
|
64
67
|
["google.cloud.securitycenter.v1.CloudDlpInspection", "google/cloud/securitycenter/v1/cloud_dlp_inspection.proto"],
|
|
65
68
|
["google.cloud.securitycenter.v1.CloudDlpDataProfile", "google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto"],
|
|
66
69
|
["google.cloud.securitycenter.v1.KernelRootkit", "google/cloud/securitycenter/v1/kernel_rootkit.proto"],
|
|
70
|
+
["google.cloud.securitycenter.v1.OrgPolicy", "google/cloud/securitycenter/v1/org_policy.proto"],
|
|
67
71
|
["google.cloud.securitycenter.v1.Application", "google/cloud/securitycenter/v1/application.proto"],
|
|
68
72
|
["google.cloud.securitycenter.v1.BackupDisasterRecovery", "google/cloud/securitycenter/v1/backup_disaster_recovery.proto"],
|
|
73
|
+
["google.cloud.securitycenter.v1.LogEntry", "google/cloud/securitycenter/v1/log_entry.proto"],
|
|
74
|
+
["google.cloud.securitycenter.v1.LoadBalancer", "google/cloud/securitycenter/v1/load_balancer.proto"],
|
|
69
75
|
["google.protobuf.Value", "google/protobuf/struct.proto"],
|
|
70
76
|
["google.cloud.securitycenter.v1.ExternalSystem", "google/cloud/securitycenter/v1/external_system.proto"],
|
|
71
77
|
["google.cloud.securitycenter.v1.ContactDetails", "google/cloud/securitycenter/v1/contact_details.proto"],
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n.google/cloud/securitycenter/v1/indicator.proto\x12\x1egoogle.cloud.securitycenter.v1\"\
|
|
8
|
+
descriptor_data = "\n.google/cloud/securitycenter/v1/indicator.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xd9\x06\n\tIndicator\x12\x14\n\x0cip_addresses\x18\x01 \x03(\t\x12\x0f\n\x07\x64omains\x18\x02 \x03(\t\x12N\n\nsignatures\x18\x03 \x03(\x0b\x32:.google.cloud.securitycenter.v1.Indicator.ProcessSignature\x12\x0c\n\x04uris\x18\x04 \x03(\t\x1a\xc6\x05\n\x10ProcessSignature\x12o\n\x15memory_hash_signature\x18\x06 \x01(\x0b\x32N.google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignatureH\x00\x12k\n\x13yara_rule_signature\x18\x07 \x01(\x0b\x32L.google.cloud.securitycenter.v1.Indicator.ProcessSignature.YaraRuleSignatureH\x00\x12`\n\x0esignature_type\x18\x08 \x01(\x0e\x32H.google.cloud.securitycenter.v1.Indicator.ProcessSignature.SignatureType\x1a\xd6\x01\n\x13MemoryHashSignature\x12\x15\n\rbinary_family\x18\x01 \x01(\t\x12l\n\ndetections\x18\x04 \x03(\x0b\x32X.google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignature.Detection\x1a:\n\tDetection\x12\x0e\n\x06\x62inary\x18\x02 \x01(\t\x12\x1d\n\x15percent_pages_matched\x18\x03 \x01(\x01\x1a&\n\x11YaraRuleSignature\x12\x11\n\tyara_rule\x18\x05 \x01(\t\"d\n\rSignatureType\x12\x1e\n\x1aSIGNATURE_TYPE_UNSPECIFIED\x10\x00\x12\x1a\n\x16SIGNATURE_TYPE_PROCESS\x10\x01\x12\x17\n\x13SIGNATURE_TYPE_FILE\x10\x02\x42\x0b\n\tsignatureB\xe8\x01\n\"com.google.cloud.securitycenter.v1B\x0eIndicatorProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -40,6 +40,7 @@ module Google
|
|
|
40
40
|
Indicator::ProcessSignature::MemoryHashSignature = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignature").msgclass
|
|
41
41
|
Indicator::ProcessSignature::MemoryHashSignature::Detection = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.MemoryHashSignature.Detection").msgclass
|
|
42
42
|
Indicator::ProcessSignature::YaraRuleSignature = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.YaraRuleSignature").msgclass
|
|
43
|
+
Indicator::ProcessSignature::SignatureType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Indicator.ProcessSignature.SignatureType").enummodule
|
|
43
44
|
end
|
|
44
45
|
end
|
|
45
46
|
end
|
|
@@ -8,7 +8,7 @@ require 'google/cloud/securitycenter/v1/container_pb'
|
|
|
8
8
|
require 'google/cloud/securitycenter/v1/label_pb'
|
|
9
9
|
|
|
10
10
|
|
|
11
|
-
descriptor_data = "\n/google/cloud/securitycenter/v1/kubernetes.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a.google/cloud/securitycenter/v1/container.proto\x1a*google/cloud/securitycenter/v1/label.proto\"\
|
|
11
|
+
descriptor_data = "\n/google/cloud/securitycenter/v1/kubernetes.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a.google/cloud/securitycenter/v1/container.proto\x1a*google/cloud/securitycenter/v1/label.proto\"\x82\x0c\n\nKubernetes\x12<\n\x04pods\x18\x01 \x03(\x0b\x32..google.cloud.securitycenter.v1.Kubernetes.Pod\x12>\n\x05nodes\x18\x02 \x03(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Node\x12G\n\nnode_pools\x18\x03 \x03(\x0b\x32\x33.google.cloud.securitycenter.v1.Kubernetes.NodePool\x12>\n\x05roles\x18\x04 \x03(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Role\x12\x44\n\x08\x62indings\x18\x05 \x03(\x0b\x32\x32.google.cloud.securitycenter.v1.Kubernetes.Binding\x12O\n\x0e\x61\x63\x63\x65ss_reviews\x18\x06 \x03(\x0b\x32\x37.google.cloud.securitycenter.v1.Kubernetes.AccessReview\x12\x42\n\x07objects\x18\x07 \x03(\x0b\x32\x31.google.cloud.securitycenter.v1.Kubernetes.Object\x1a\x95\x01\n\x03Pod\x12\n\n\x02ns\x18\x01 \x01(\t\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x35\n\x06labels\x18\x03 \x03(\x0b\x32%.google.cloud.securitycenter.v1.Label\x12=\n\ncontainers\x18\x04 \x03(\x0b\x32).google.cloud.securitycenter.v1.Container\x1a\x14\n\x04Node\x12\x0c\n\x04name\x18\x01 \x01(\t\x1aX\n\x08NodePool\x12\x0c\n\x04name\x18\x01 \x01(\t\x12>\n\x05nodes\x18\x02 \x03(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Node\x1a\x9e\x01\n\x04Role\x12\x42\n\x04kind\x18\x01 \x01(\x0e\x32\x34.google.cloud.securitycenter.v1.Kubernetes.Role.Kind\x12\n\n\x02ns\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"8\n\x04Kind\x12\x14\n\x10KIND_UNSPECIFIED\x10\x00\x12\x08\n\x04ROLE\x10\x01\x12\x10\n\x0c\x43LUSTER_ROLE\x10\x02\x1a\xa8\x01\n\x07\x42inding\x12\n\n\x02ns\x18\x01 \x01(\t\x12\x0c\n\x04name\x18\x02 \x01(\t\x12=\n\x04role\x18\x03 \x01(\x0b\x32/.google.cloud.securitycenter.v1.Kubernetes.Role\x12\x44\n\x08subjects\x18\x04 \x03(\x0b\x32\x32.google.cloud.securitycenter.v1.Kubernetes.Subject\x1a\xbe\x01\n\x07Subject\x12I\n\x04kind\x18\x01 \x01(\x0e\x32;.google.cloud.securitycenter.v1.Kubernetes.Subject.AuthType\x12\n\n\x02ns\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\"N\n\x08\x41uthType\x12\x19\n\x15\x41UTH_TYPE_UNSPECIFIED\x10\x00\x12\x08\n\x04USER\x10\x01\x12\x12\n\x0eSERVICEACCOUNT\x10\x02\x12\t\n\x05GROUP\x10\x03\x1a}\n\x0c\x41\x63\x63\x65ssReview\x12\r\n\x05group\x18\x01 \x01(\t\x12\n\n\x02ns\x18\x02 \x01(\t\x12\x0c\n\x04name\x18\x03 \x01(\t\x12\x10\n\x08resource\x18\x04 \x01(\t\x12\x13\n\x0bsubresource\x18\x05 \x01(\t\x12\x0c\n\x04verb\x18\x06 \x01(\t\x12\x0f\n\x07version\x18\x07 \x01(\t\x1a~\n\x06Object\x12\r\n\x05group\x18\x01 \x01(\t\x12\x0c\n\x04kind\x18\x02 \x01(\t\x12\n\n\x02ns\x18\x03 \x01(\t\x12\x0c\n\x04name\x18\x04 \x01(\t\x12=\n\ncontainers\x18\x05 \x03(\x0b\x32).google.cloud.securitycenter.v1.ContainerB\xe9\x01\n\"com.google.cloud.securitycenter.v1B\x0fKubernetesProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
12
12
|
|
|
13
13
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
14
14
|
|
|
@@ -50,6 +50,7 @@ module Google
|
|
|
50
50
|
Kubernetes::Subject = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.Subject").msgclass
|
|
51
51
|
Kubernetes::Subject::AuthType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.Subject.AuthType").enummodule
|
|
52
52
|
Kubernetes::AccessReview = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.AccessReview").msgclass
|
|
53
|
+
Kubernetes::Object = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Kubernetes.Object").msgclass
|
|
53
54
|
end
|
|
54
55
|
end
|
|
55
56
|
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
3
|
+
# source: google/cloud/securitycenter/v1/load_balancer.proto
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
descriptor_data = "\n2google/cloud/securitycenter/v1/load_balancer.proto\x12\x1egoogle.cloud.securitycenter.v1\"\x1c\n\x0cLoadBalancer\x12\x0c\n\x04name\x18\x01 \x01(\tB\xeb\x01\n\"com.google.cloud.securitycenter.v1B\x11LoadBalancerProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
|
+
|
|
10
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
|
+
|
|
12
|
+
begin
|
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
|
14
|
+
rescue TypeError
|
|
15
|
+
# Compatibility code: will be removed in the next major version.
|
|
16
|
+
require 'google/protobuf/descriptor_pb'
|
|
17
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
18
|
+
parsed.clear_dependency
|
|
19
|
+
serialized = parsed.class.encode(parsed)
|
|
20
|
+
file = pool.add_serialized_file(serialized)
|
|
21
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
22
|
+
imports = [
|
|
23
|
+
]
|
|
24
|
+
imports.each do |type_name, expected_filename|
|
|
25
|
+
import_file = pool.lookup(type_name).file_descriptor
|
|
26
|
+
if import_file.name != expected_filename
|
|
27
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
|
31
|
+
warn "This will become an error in the next major version."
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
module Google
|
|
35
|
+
module Cloud
|
|
36
|
+
module SecurityCenter
|
|
37
|
+
module V1
|
|
38
|
+
LoadBalancer = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.LoadBalancer").msgclass
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
3
|
+
# source: google/cloud/securitycenter/v1/log_entry.proto
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
require 'google/protobuf/timestamp_pb'
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
descriptor_data = "\n.google/cloud/securitycenter/v1/log_entry.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/protobuf/timestamp.proto\"i\n\x08LogEntry\x12P\n\x13\x63loud_logging_entry\x18\x01 \x01(\x0b\x32\x31.google.cloud.securitycenter.v1.CloudLoggingEntryH\x00\x42\x0b\n\tlog_entry\"\x81\x01\n\x11\x43loudLoggingEntry\x12\x11\n\tinsert_id\x18\x01 \x01(\t\x12\x0e\n\x06log_id\x18\x02 \x01(\t\x12\x1a\n\x12resource_container\x18\x03 \x01(\t\x12-\n\ttimestamp\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\xe7\x01\n\"com.google.cloud.securitycenter.v1B\rLogEntryProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
11
|
+
|
|
12
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
+
|
|
14
|
+
begin
|
|
15
|
+
pool.add_serialized_file(descriptor_data)
|
|
16
|
+
rescue TypeError
|
|
17
|
+
# Compatibility code: will be removed in the next major version.
|
|
18
|
+
require 'google/protobuf/descriptor_pb'
|
|
19
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
+
parsed.clear_dependency
|
|
21
|
+
serialized = parsed.class.encode(parsed)
|
|
22
|
+
file = pool.add_serialized_file(serialized)
|
|
23
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
+
imports = [
|
|
25
|
+
["google.protobuf.Timestamp", "google/protobuf/timestamp.proto"],
|
|
26
|
+
]
|
|
27
|
+
imports.each do |type_name, expected_filename|
|
|
28
|
+
import_file = pool.lookup(type_name).file_descriptor
|
|
29
|
+
if import_file.name != expected_filename
|
|
30
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
|
34
|
+
warn "This will become an error in the next major version."
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
module Google
|
|
38
|
+
module Cloud
|
|
39
|
+
module SecurityCenter
|
|
40
|
+
module V1
|
|
41
|
+
LogEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.LogEntry").msgclass
|
|
42
|
+
CloudLoggingEntry = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CloudLoggingEntry").msgclass
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
require 'google/protobuf'
|
|
6
6
|
|
|
7
7
|
|
|
8
|
-
descriptor_data = "\n1google/cloud/securitycenter/v1/mitre_attack.proto\x12\x1egoogle.cloud.securitycenter.v1\"\
|
|
8
|
+
descriptor_data = "\n1google/cloud/securitycenter/v1/mitre_attack.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xf6\x11\n\x0bMitreAttack\x12J\n\x0eprimary_tactic\x18\x01 \x01(\x0e\x32\x32.google.cloud.securitycenter.v1.MitreAttack.Tactic\x12Q\n\x12primary_techniques\x18\x02 \x03(\x0e\x32\x35.google.cloud.securitycenter.v1.MitreAttack.Technique\x12N\n\x12\x61\x64\x64itional_tactics\x18\x03 \x03(\x0e\x32\x32.google.cloud.securitycenter.v1.MitreAttack.Tactic\x12T\n\x15\x61\x64\x64itional_techniques\x18\x04 \x03(\x0e\x32\x35.google.cloud.securitycenter.v1.MitreAttack.Technique\x12\x0f\n\x07version\x18\x05 \x01(\t\"\xb4\x02\n\x06Tactic\x12\x16\n\x12TACTIC_UNSPECIFIED\x10\x00\x12\x12\n\x0eRECONNAISSANCE\x10\x01\x12\x18\n\x14RESOURCE_DEVELOPMENT\x10\x02\x12\x12\n\x0eINITIAL_ACCESS\x10\x05\x12\r\n\tEXECUTION\x10\x03\x12\x0f\n\x0bPERSISTENCE\x10\x06\x12\x18\n\x14PRIVILEGE_ESCALATION\x10\x08\x12\x13\n\x0f\x44\x45\x46\x45NSE_EVASION\x10\x07\x12\x15\n\x11\x43REDENTIAL_ACCESS\x10\t\x12\r\n\tDISCOVERY\x10\n\x12\x14\n\x10LATERAL_MOVEMENT\x10\x0b\x12\x0e\n\nCOLLECTION\x10\x0c\x12\x17\n\x13\x43OMMAND_AND_CONTROL\x10\x04\x12\x10\n\x0c\x45XFILTRATION\x10\r\x12\n\n\x06IMPACT\x10\x0e\"\xd9\x0c\n\tTechnique\x12\x19\n\x15TECHNIQUE_UNSPECIFIED\x10\x00\x12\x10\n\x0cMASQUERADING\x10\x31\x12%\n!MATCH_LEGITIMATE_NAME_OR_LOCATION\x10\x32\x12(\n$BOOT_OR_LOGON_INITIALIZATION_SCRIPTS\x10%\x12\x11\n\rSTARTUP_ITEMS\x10&\x12\x1d\n\x19NETWORK_SERVICE_DISCOVERY\x10 \x12\x15\n\x11PROCESS_DISCOVERY\x10\x38\x12%\n!COMMAND_AND_SCRIPTING_INTERPRETER\x10\x06\x12\x0e\n\nUNIX_SHELL\x10\x07\x12\x1f\n\x1bPERMISSION_GROUPS_DISCOVERY\x10\x12\x12\x10\n\x0c\x43LOUD_GROUPS\x10\x13\x12\x1e\n\x1a\x41PPLICATION_LAYER_PROTOCOL\x10-\x12\x07\n\x03\x44NS\x10.\x12\x1d\n\x19SOFTWARE_DEPLOYMENT_TOOLS\x10/\x12\x12\n\x0eVALID_ACCOUNTS\x10\x0e\x12\x14\n\x10\x44\x45\x46\x41ULT_ACCOUNTS\x10#\x12\x12\n\x0eLOCAL_ACCOUNTS\x10\x0f\x12\x12\n\x0e\x43LOUD_ACCOUNTS\x10\x10\x12\t\n\x05PROXY\x10\t\x12\x12\n\x0e\x45XTERNAL_PROXY\x10\n\x12\x13\n\x0fMULTI_HOP_PROXY\x10\x0b\x12\x18\n\x14\x41\x43\x43OUNT_MANIPULATION\x10\x16\x12 \n\x1c\x41\x44\x44ITIONAL_CLOUD_CREDENTIALS\x10(\x12\x17\n\x13SSH_AUTHORIZED_KEYS\x10\x17\x12&\n\"ADDITIONAL_CONTAINER_CLUSTER_ROLES\x10:\x12\x19\n\x15INGRESS_TOOL_TRANSFER\x10\x03\x12\x0e\n\nNATIVE_API\x10\x04\x12\x0f\n\x0b\x42RUTE_FORCE\x10,\x12\x12\n\x0eSHARED_MODULES\x10\x05\x12\x1d\n\x19\x41\x43\x43\x45SS_TOKEN_MANIPULATION\x10!\x12 \n\x1cTOKEN_IMPERSONATION_OR_THEFT\x10\'\x12%\n!EXPLOIT_PUBLIC_FACING_APPLICATION\x10\x1b\x12\x1e\n\x1a\x44OMAIN_POLICY_MODIFICATION\x10\x1e\x12\x14\n\x10\x44\x41TA_DESTRUCTION\x10\x1d\x12\x10\n\x0cSERVICE_STOP\x10\x34\x12\x1b\n\x17INHIBIT_SYSTEM_RECOVERY\x10$\x12\x16\n\x12RESOURCE_HIJACKING\x10\x08\x12\x1d\n\x19NETWORK_DENIAL_OF_SERVICE\x10\x11\x12\x1b\n\x17\x43LOUD_SERVICE_DISCOVERY\x10\x30\x12\"\n\x1eSTEAL_APPLICATION_ACCESS_TOKEN\x10*\x12\x1a\n\x16\x41\x43\x43OUNT_ACCESS_REMOVAL\x10\x33\x12\x1c\n\x18STEAL_WEB_SESSION_COOKIE\x10\x19\x12#\n\x1f\x43REATE_OR_MODIFY_SYSTEM_PROCESS\x10\x18\x12%\n!ABUSE_ELEVATION_CONTROL_MECHANISM\x10\"\x12\x19\n\x15UNSECURED_CREDENTIALS\x10\r\x12!\n\x1dMODIFY_AUTHENTICATION_PROCESS\x10\x1c\x12\x13\n\x0fIMPAIR_DEFENSES\x10\x1f\x12\x1b\n\x17\x44ISABLE_OR_MODIFY_TOOLS\x10\x37\x12!\n\x1d\x45XFILTRATION_OVER_WEB_SERVICE\x10\x14\x12!\n\x1d\x45XFILTRATION_TO_CLOUD_STORAGE\x10\x15\x12\x16\n\x12\x44YNAMIC_RESOLUTION\x10\x0c\x12\x19\n\x15LATERAL_TOOL_TRANSFER\x10)\x12\'\n#MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE\x10\x1a\x12\x13\n\x0f\x43REATE_SNAPSHOT\x10\x36\x12\"\n\x1e\x43LOUD_INFRASTRUCTURE_DISCOVERY\x10\x35\x12\x17\n\x13OBTAIN_CAPABILITIES\x10+\x12\x13\n\x0f\x41\x43TIVE_SCANNING\x10\x01\x12\x16\n\x12SCANNING_IP_BLOCKS\x10\x02\x12$\n CONTAINER_AND_RESOURCE_DISCOVERY\x10\x39\x42\xea\x01\n\"com.google.cloud.securitycenter.v1B\x10MitreAttackProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
9
9
|
|
|
10
10
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
11
11
|
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
3
|
+
# source: google/cloud/securitycenter/v1/org_policy.proto
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
require 'google/api/resource_pb'
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
descriptor_data = "\n/google/cloud/securitycenter/v1/org_policy.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\"\xd6\x01\n\tOrgPolicy\x12\x0c\n\x04name\x18\x01 \x01(\t:\xba\x01\xea\x41\xb6\x01\n\x1forgpolicy.googleapis.com/Policy\x12\x37organizations/{organization}/policies/{constraint_name}\x12+folders/{folder}/policies/{constraint_name}\x12-projects/{project}/policies/{constraint_name}B\xe8\x01\n\"com.google.cloud.securitycenter.v1B\x0eOrgPolicyProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
|
|
11
|
+
|
|
12
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
13
|
+
|
|
14
|
+
begin
|
|
15
|
+
pool.add_serialized_file(descriptor_data)
|
|
16
|
+
rescue TypeError
|
|
17
|
+
# Compatibility code: will be removed in the next major version.
|
|
18
|
+
require 'google/protobuf/descriptor_pb'
|
|
19
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
|
20
|
+
parsed.clear_dependency
|
|
21
|
+
serialized = parsed.class.encode(parsed)
|
|
22
|
+
file = pool.add_serialized_file(serialized)
|
|
23
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
|
24
|
+
imports = [
|
|
25
|
+
]
|
|
26
|
+
imports.each do |type_name, expected_filename|
|
|
27
|
+
import_file = pool.lookup(type_name).file_descriptor
|
|
28
|
+
if import_file.name != expected_filename
|
|
29
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
|
33
|
+
warn "This will become an error in the next major version."
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
module Google
|
|
37
|
+
module Cloud
|
|
38
|
+
module SecurityCenter
|
|
39
|
+
module V1
|
|
40
|
+
OrgPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrgPolicy").msgclass
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
@@ -28,13 +28,13 @@ module Google
|
|
|
28
28
|
# name](https://google.aip.dev/122#full-resource-names) populated because these
|
|
29
29
|
# resource types, such as Cloud SQL databases, are not yet supported by Cloud
|
|
30
30
|
# Asset Inventory. In these cases only the display name is provided.
|
|
31
|
-
# Some database resources may not have the [full resource
|
|
32
|
-
# name](https://google.aip.dev/122#full-resource-names) populated because
|
|
33
|
-
# these resource types are not yet supported by Cloud Asset Inventory (e.g.
|
|
34
|
-
# Cloud SQL databases). In these cases only the display name will be
|
|
35
|
-
# provided.
|
|
36
31
|
# @!attribute [rw] name
|
|
37
32
|
# @return [::String]
|
|
33
|
+
# Some database resources may not have the [full resource
|
|
34
|
+
# name](https://google.aip.dev/122#full-resource-names) populated because
|
|
35
|
+
# these resource types are not yet supported by Cloud Asset Inventory (e.g.
|
|
36
|
+
# Cloud SQL databases). In these cases only the display name will be
|
|
37
|
+
# provided.
|
|
38
38
|
# The [full resource name](https://google.aip.dev/122#full-resource-names) of
|
|
39
39
|
# the database that the user connected to, if it is supported by Cloud Asset
|
|
40
40
|
# Inventory.
|
|
@@ -52,6 +52,11 @@ module Google
|
|
|
52
52
|
# @return [::Array<::String>]
|
|
53
53
|
# The target usernames, roles, or groups of an SQL privilege grant, which is
|
|
54
54
|
# not an IAM policy change.
|
|
55
|
+
# @!attribute [rw] version
|
|
56
|
+
# @return [::String]
|
|
57
|
+
# The version of the database, for example, POSTGRES_14.
|
|
58
|
+
# See [the complete
|
|
59
|
+
# list](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
|
|
55
60
|
class Database
|
|
56
61
|
include ::Google::Protobuf::MessageExts
|
|
57
62
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -34,6 +34,9 @@ module Google
|
|
|
34
34
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::ExfilResource>]
|
|
35
35
|
# If there are multiple targets, each target would get a complete copy of the
|
|
36
36
|
# "joined" source data.
|
|
37
|
+
# @!attribute [rw] total_exfiltrated_bytes
|
|
38
|
+
# @return [::Integer]
|
|
39
|
+
# Total exfiltrated bytes processed for the entire job.
|
|
37
40
|
class Exfiltration
|
|
38
41
|
include ::Google::Protobuf::MessageExts
|
|
39
42
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -45,9 +45,26 @@ module Google
|
|
|
45
45
|
# @!attribute [rw] contents
|
|
46
46
|
# @return [::String]
|
|
47
47
|
# Prefix of the file contents as a JSON-encoded string.
|
|
48
|
+
# @!attribute [rw] disk_path
|
|
49
|
+
# @return [::Google::Cloud::SecurityCenter::V1::File::DiskPath]
|
|
50
|
+
# Path of the file in terms of underlying disk/partition identifiers.
|
|
48
51
|
class File
|
|
49
52
|
include ::Google::Protobuf::MessageExts
|
|
50
53
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
54
|
+
|
|
55
|
+
# Path of the file in terms of underlying disk/partition identifiers.
|
|
56
|
+
# @!attribute [rw] partition_uuid
|
|
57
|
+
# @return [::String]
|
|
58
|
+
# UUID of the partition (format
|
|
59
|
+
# https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid)
|
|
60
|
+
# @!attribute [rw] relative_path
|
|
61
|
+
# @return [::String]
|
|
62
|
+
# Relative path of the file in the partition as a JSON encoded string.
|
|
63
|
+
# Example: /home/user1/executable_file.sh
|
|
64
|
+
class DiskPath
|
|
65
|
+
include ::Google::Protobuf::MessageExts
|
|
66
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
67
|
+
end
|
|
51
68
|
end
|
|
52
69
|
end
|
|
53
70
|
end
|
|
@@ -212,12 +212,21 @@ module Google
|
|
|
212
212
|
# @!attribute [rw] kernel_rootkit
|
|
213
213
|
# @return [::Google::Cloud::SecurityCenter::V1::KernelRootkit]
|
|
214
214
|
# Signature of the kernel rootkit.
|
|
215
|
+
# @!attribute [rw] org_policies
|
|
216
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::OrgPolicy>]
|
|
217
|
+
# Contains information about the org policies associated with the finding.
|
|
215
218
|
# @!attribute [rw] application
|
|
216
219
|
# @return [::Google::Cloud::SecurityCenter::V1::Application]
|
|
217
220
|
# Represents an application associated with the finding.
|
|
218
221
|
# @!attribute [rw] backup_disaster_recovery
|
|
219
222
|
# @return [::Google::Cloud::SecurityCenter::V1::BackupDisasterRecovery]
|
|
220
223
|
# Fields related to Backup and DR findings.
|
|
224
|
+
# @!attribute [rw] log_entries
|
|
225
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::LogEntry>]
|
|
226
|
+
# Log entries that are relevant to the finding.
|
|
227
|
+
# @!attribute [rw] load_balancers
|
|
228
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::LoadBalancer>]
|
|
229
|
+
# The load balancers associated with the finding.
|
|
221
230
|
class Finding
|
|
222
231
|
include ::Google::Protobuf::MessageExts
|
|
223
232
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -50,6 +50,9 @@ module Google
|
|
|
50
50
|
# @!attribute [rw] yara_rule_signature
|
|
51
51
|
# @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::YaraRuleSignature]
|
|
52
52
|
# Signature indicating that a YARA rule was matched.
|
|
53
|
+
# @!attribute [rw] signature_type
|
|
54
|
+
# @return [::Google::Cloud::SecurityCenter::V1::Indicator::ProcessSignature::SignatureType]
|
|
55
|
+
# Describes the type of resource associated with the signature.
|
|
53
56
|
class ProcessSignature
|
|
54
57
|
include ::Google::Protobuf::MessageExts
|
|
55
58
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -89,6 +92,18 @@ module Google
|
|
|
89
92
|
include ::Google::Protobuf::MessageExts
|
|
90
93
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
91
94
|
end
|
|
95
|
+
|
|
96
|
+
# Possible resource types to be associated with a signature.
|
|
97
|
+
module SignatureType
|
|
98
|
+
# The default signature type.
|
|
99
|
+
SIGNATURE_TYPE_UNSPECIFIED = 0
|
|
100
|
+
|
|
101
|
+
# Used for signatures concerning processes.
|
|
102
|
+
SIGNATURE_TYPE_PROCESS = 1
|
|
103
|
+
|
|
104
|
+
# Used for signatures concerning disks.
|
|
105
|
+
SIGNATURE_TYPE_FILE = 2
|
|
106
|
+
end
|
|
92
107
|
end
|
|
93
108
|
end
|
|
94
109
|
end
|
|
@@ -52,6 +52,9 @@ module Google
|
|
|
52
52
|
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>]
|
|
53
53
|
# Provides information on any Kubernetes access reviews (privilege checks)
|
|
54
54
|
# relevant to the finding.
|
|
55
|
+
# @!attribute [rw] objects
|
|
56
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Object>]
|
|
57
|
+
# Kubernetes objects related to the finding.
|
|
55
58
|
class Kubernetes
|
|
56
59
|
include ::Google::Protobuf::MessageExts
|
|
57
60
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -205,6 +208,32 @@ module Google
|
|
|
205
208
|
include ::Google::Protobuf::MessageExts
|
|
206
209
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
207
210
|
end
|
|
211
|
+
|
|
212
|
+
# Kubernetes object related to the finding, uniquely identified by GKNN.
|
|
213
|
+
# Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
|
|
214
|
+
# AccessReview.
|
|
215
|
+
# @!attribute [rw] group
|
|
216
|
+
# @return [::String]
|
|
217
|
+
# Kubernetes object group, such as "policy.k8s.io/v1".
|
|
218
|
+
# @!attribute [rw] kind
|
|
219
|
+
# @return [::String]
|
|
220
|
+
# Kubernetes object kind, such as "Namespace".
|
|
221
|
+
# @!attribute [rw] ns
|
|
222
|
+
# @return [::String]
|
|
223
|
+
# Kubernetes object namespace. Must be a valid DNS label. Named
|
|
224
|
+
# "ns" to avoid collision with C++ namespace keyword. For details see
|
|
225
|
+
# https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
|
|
226
|
+
# @!attribute [rw] name
|
|
227
|
+
# @return [::String]
|
|
228
|
+
# Kubernetes object name. For details see
|
|
229
|
+
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
|
|
230
|
+
# @!attribute [rw] containers
|
|
231
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
|
|
232
|
+
# Pod containers associated with this finding, if any.
|
|
233
|
+
class Object
|
|
234
|
+
include ::Google::Protobuf::MessageExts
|
|
235
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
236
|
+
end
|
|
208
237
|
end
|
|
209
238
|
end
|
|
210
239
|
end
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2024 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module SecurityCenter
|
|
23
|
+
module V1
|
|
24
|
+
# Contains information related to the load balancer associated with the
|
|
25
|
+
# finding.
|
|
26
|
+
# @!attribute [rw] name
|
|
27
|
+
# @return [::String]
|
|
28
|
+
# The name of the load balancer associated with the finding.
|
|
29
|
+
class LoadBalancer
|
|
30
|
+
include ::Google::Protobuf::MessageExts
|
|
31
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2024 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module SecurityCenter
|
|
23
|
+
module V1
|
|
24
|
+
# An individual entry in a log.
|
|
25
|
+
# @!attribute [rw] cloud_logging_entry
|
|
26
|
+
# @return [::Google::Cloud::SecurityCenter::V1::CloudLoggingEntry]
|
|
27
|
+
# An individual entry in a log stored in Cloud Logging.
|
|
28
|
+
class LogEntry
|
|
29
|
+
include ::Google::Protobuf::MessageExts
|
|
30
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
# Metadata taken from a [Cloud Logging
|
|
34
|
+
# LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry)
|
|
35
|
+
# @!attribute [rw] insert_id
|
|
36
|
+
# @return [::String]
|
|
37
|
+
# A unique identifier for the log entry.
|
|
38
|
+
# @!attribute [rw] log_id
|
|
39
|
+
# @return [::String]
|
|
40
|
+
# The type of the log (part of `log_name`. `log_name` is the resource name of
|
|
41
|
+
# the log to which this log entry belongs). For example:
|
|
42
|
+
# `cloudresourcemanager.googleapis.com/activity`. Note that this field is not
|
|
43
|
+
# URL-encoded, unlike the `LOG_ID` field in `LogEntry`.
|
|
44
|
+
# @!attribute [rw] resource_container
|
|
45
|
+
# @return [::String]
|
|
46
|
+
# The organization, folder, or project of the monitored resource that
|
|
47
|
+
# produced this log entry.
|
|
48
|
+
# @!attribute [rw] timestamp
|
|
49
|
+
# @return [::Google::Protobuf::Timestamp]
|
|
50
|
+
# The time the event described by the log entry occurred.
|
|
51
|
+
class CloudLoggingEntry
|
|
52
|
+
include ::Google::Protobuf::MessageExts
|
|
53
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
end
|
|
@@ -99,24 +99,28 @@ module Google
|
|
|
99
99
|
|
|
100
100
|
# MITRE ATT&CK techniques that can be referenced by SCC findings.
|
|
101
101
|
# See: https://attack.mitre.org/techniques/enterprise/
|
|
102
|
+
# Next ID: 59
|
|
102
103
|
module Technique
|
|
103
104
|
# Unspecified value.
|
|
104
105
|
TECHNIQUE_UNSPECIFIED = 0
|
|
105
106
|
|
|
106
|
-
#
|
|
107
|
-
|
|
107
|
+
# T1036
|
|
108
|
+
MASQUERADING = 49
|
|
108
109
|
|
|
109
|
-
#
|
|
110
|
-
|
|
110
|
+
# T1036.005
|
|
111
|
+
MATCH_LEGITIMATE_NAME_OR_LOCATION = 50
|
|
111
112
|
|
|
112
|
-
#
|
|
113
|
-
|
|
113
|
+
# T1037
|
|
114
|
+
BOOT_OR_LOGON_INITIALIZATION_SCRIPTS = 37
|
|
114
115
|
|
|
115
|
-
#
|
|
116
|
-
|
|
116
|
+
# T1037.005
|
|
117
|
+
STARTUP_ITEMS = 38
|
|
117
118
|
|
|
118
|
-
#
|
|
119
|
-
|
|
119
|
+
# T1046
|
|
120
|
+
NETWORK_SERVICE_DISCOVERY = 32
|
|
121
|
+
|
|
122
|
+
# T1057
|
|
123
|
+
PROCESS_DISCOVERY = 56
|
|
120
124
|
|
|
121
125
|
# T1059
|
|
122
126
|
COMMAND_AND_SCRIPTING_INTERPRETER = 6
|
|
@@ -124,89 +128,155 @@ module Google
|
|
|
124
128
|
# T1059.004
|
|
125
129
|
UNIX_SHELL = 7
|
|
126
130
|
|
|
127
|
-
#
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
# T1090
|
|
131
|
-
PROXY = 9
|
|
131
|
+
# T1069
|
|
132
|
+
PERMISSION_GROUPS_DISCOVERY = 18
|
|
132
133
|
|
|
133
|
-
#
|
|
134
|
-
|
|
134
|
+
# T1069.003
|
|
135
|
+
CLOUD_GROUPS = 19
|
|
135
136
|
|
|
136
|
-
#
|
|
137
|
-
|
|
137
|
+
# T1071
|
|
138
|
+
APPLICATION_LAYER_PROTOCOL = 45
|
|
138
139
|
|
|
139
|
-
#
|
|
140
|
-
|
|
140
|
+
# T1071.004
|
|
141
|
+
DNS = 46
|
|
141
142
|
|
|
142
|
-
#
|
|
143
|
-
|
|
143
|
+
# T1072
|
|
144
|
+
SOFTWARE_DEPLOYMENT_TOOLS = 47
|
|
144
145
|
|
|
145
146
|
# T1078
|
|
146
147
|
VALID_ACCOUNTS = 14
|
|
147
148
|
|
|
149
|
+
# T1078.001
|
|
150
|
+
DEFAULT_ACCOUNTS = 35
|
|
151
|
+
|
|
148
152
|
# T1078.003
|
|
149
153
|
LOCAL_ACCOUNTS = 15
|
|
150
154
|
|
|
151
155
|
# T1078.004
|
|
152
156
|
CLOUD_ACCOUNTS = 16
|
|
153
157
|
|
|
154
|
-
#
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
# T1069
|
|
158
|
-
PERMISSION_GROUPS_DISCOVERY = 18
|
|
159
|
-
|
|
160
|
-
# T1069.003
|
|
161
|
-
CLOUD_GROUPS = 19
|
|
158
|
+
# T1090
|
|
159
|
+
PROXY = 9
|
|
162
160
|
|
|
163
|
-
#
|
|
164
|
-
|
|
161
|
+
# T1090.002
|
|
162
|
+
EXTERNAL_PROXY = 10
|
|
165
163
|
|
|
166
|
-
#
|
|
167
|
-
|
|
164
|
+
# T1090.003
|
|
165
|
+
MULTI_HOP_PROXY = 11
|
|
168
166
|
|
|
169
167
|
# T1098
|
|
170
168
|
ACCOUNT_MANIPULATION = 22
|
|
171
169
|
|
|
170
|
+
# T1098.001
|
|
171
|
+
ADDITIONAL_CLOUD_CREDENTIALS = 40
|
|
172
|
+
|
|
172
173
|
# T1098.004
|
|
173
174
|
SSH_AUTHORIZED_KEYS = 23
|
|
174
175
|
|
|
175
|
-
#
|
|
176
|
-
|
|
176
|
+
# T1098.006
|
|
177
|
+
ADDITIONAL_CONTAINER_CLUSTER_ROLES = 58
|
|
177
178
|
|
|
178
|
-
#
|
|
179
|
-
|
|
179
|
+
# T1105
|
|
180
|
+
INGRESS_TOOL_TRANSFER = 3
|
|
180
181
|
|
|
181
|
-
#
|
|
182
|
-
|
|
182
|
+
# T1106
|
|
183
|
+
NATIVE_API = 4
|
|
184
|
+
|
|
185
|
+
# T1110
|
|
186
|
+
BRUTE_FORCE = 44
|
|
187
|
+
|
|
188
|
+
# T1129
|
|
189
|
+
SHARED_MODULES = 5
|
|
190
|
+
|
|
191
|
+
# T1134
|
|
192
|
+
ACCESS_TOKEN_MANIPULATION = 33
|
|
193
|
+
|
|
194
|
+
# T1134.001
|
|
195
|
+
TOKEN_IMPERSONATION_OR_THEFT = 39
|
|
183
196
|
|
|
184
197
|
# T1190
|
|
185
198
|
EXPLOIT_PUBLIC_FACING_APPLICATION = 27
|
|
186
199
|
|
|
187
|
-
#
|
|
188
|
-
|
|
200
|
+
# T1484
|
|
201
|
+
DOMAIN_POLICY_MODIFICATION = 30
|
|
189
202
|
|
|
190
203
|
# T1485
|
|
191
204
|
DATA_DESTRUCTION = 29
|
|
192
205
|
|
|
193
|
-
#
|
|
194
|
-
|
|
206
|
+
# T1489
|
|
207
|
+
SERVICE_STOP = 52
|
|
195
208
|
|
|
196
|
-
#
|
|
197
|
-
|
|
209
|
+
# T1490
|
|
210
|
+
INHIBIT_SYSTEM_RECOVERY = 36
|
|
198
211
|
|
|
199
|
-
#
|
|
200
|
-
|
|
212
|
+
# T1496
|
|
213
|
+
RESOURCE_HIJACKING = 8
|
|
201
214
|
|
|
202
|
-
#
|
|
203
|
-
|
|
215
|
+
# T1498
|
|
216
|
+
NETWORK_DENIAL_OF_SERVICE = 17
|
|
217
|
+
|
|
218
|
+
# T1526
|
|
219
|
+
CLOUD_SERVICE_DISCOVERY = 48
|
|
220
|
+
|
|
221
|
+
# T1528
|
|
222
|
+
STEAL_APPLICATION_ACCESS_TOKEN = 42
|
|
223
|
+
|
|
224
|
+
# T1531
|
|
225
|
+
ACCOUNT_ACCESS_REMOVAL = 51
|
|
226
|
+
|
|
227
|
+
# T1539
|
|
228
|
+
STEAL_WEB_SESSION_COOKIE = 25
|
|
229
|
+
|
|
230
|
+
# T1543
|
|
231
|
+
CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
|
|
204
232
|
|
|
205
233
|
# T1548
|
|
206
234
|
ABUSE_ELEVATION_CONTROL_MECHANISM = 34
|
|
207
235
|
|
|
208
|
-
#
|
|
209
|
-
|
|
236
|
+
# T1552
|
|
237
|
+
UNSECURED_CREDENTIALS = 13
|
|
238
|
+
|
|
239
|
+
# T1556
|
|
240
|
+
MODIFY_AUTHENTICATION_PROCESS = 28
|
|
241
|
+
|
|
242
|
+
# T1562
|
|
243
|
+
IMPAIR_DEFENSES = 31
|
|
244
|
+
|
|
245
|
+
# T1562.001
|
|
246
|
+
DISABLE_OR_MODIFY_TOOLS = 55
|
|
247
|
+
|
|
248
|
+
# T1567
|
|
249
|
+
EXFILTRATION_OVER_WEB_SERVICE = 20
|
|
250
|
+
|
|
251
|
+
# T1567.002
|
|
252
|
+
EXFILTRATION_TO_CLOUD_STORAGE = 21
|
|
253
|
+
|
|
254
|
+
# T1568
|
|
255
|
+
DYNAMIC_RESOLUTION = 12
|
|
256
|
+
|
|
257
|
+
# T1570
|
|
258
|
+
LATERAL_TOOL_TRANSFER = 41
|
|
259
|
+
|
|
260
|
+
# T1578
|
|
261
|
+
MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
|
|
262
|
+
|
|
263
|
+
# T1578.001
|
|
264
|
+
CREATE_SNAPSHOT = 54
|
|
265
|
+
|
|
266
|
+
# T1580
|
|
267
|
+
CLOUD_INFRASTRUCTURE_DISCOVERY = 53
|
|
268
|
+
|
|
269
|
+
# T1588
|
|
270
|
+
OBTAIN_CAPABILITIES = 43
|
|
271
|
+
|
|
272
|
+
# T1595
|
|
273
|
+
ACTIVE_SCANNING = 1
|
|
274
|
+
|
|
275
|
+
# T1595.001
|
|
276
|
+
SCANNING_IP_BLOCKS = 2
|
|
277
|
+
|
|
278
|
+
# T1613
|
|
279
|
+
CONTAINER_AND_RESOURCE_DISCOVERY = 57
|
|
210
280
|
end
|
|
211
281
|
end
|
|
212
282
|
end
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# Copyright 2024 Google LLC
|
|
4
|
+
#
|
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
# you may not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
# See the License for the specific language governing permissions and
|
|
15
|
+
# limitations under the License.
|
|
16
|
+
|
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
module Google
|
|
21
|
+
module Cloud
|
|
22
|
+
module SecurityCenter
|
|
23
|
+
module V1
|
|
24
|
+
# Contains information about the org policies associated with the finding.
|
|
25
|
+
# @!attribute [rw] name
|
|
26
|
+
# @return [::String]
|
|
27
|
+
# The resource name of the org policy.
|
|
28
|
+
# Example:
|
|
29
|
+
# "organizations/\\{organization_id}/policies/\\{constraint_name}"
|
|
30
|
+
class OrgPolicy
|
|
31
|
+
include ::Google::Protobuf::MessageExts
|
|
32
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
@@ -49,9 +49,9 @@ module Google
|
|
|
49
49
|
# outdated or insecure libraries."
|
|
50
50
|
# @!attribute [rw] canonical_name
|
|
51
51
|
# @return [::String]
|
|
52
|
-
# The canonical name of the finding. It's either
|
|
52
|
+
# The canonical name of the finding source. It's either
|
|
53
53
|
# "organizations/\\{organization_id}/sources/\\{source_id}",
|
|
54
|
-
# "folders/\\{folder_id}/sources/\\{source_id}" or
|
|
54
|
+
# "folders/\\{folder_id}/sources/\\{source_id}", or
|
|
55
55
|
# "projects/\\{project_number}/sources/\\{source_id}",
|
|
56
56
|
# depending on the closest CRM ancestor of the resource associated with the
|
|
57
57
|
# finding.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-cloud-security_center-v1
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.37.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Google LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-02-
|
|
11
|
+
date: 2024-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gapic-common
|
|
@@ -58,118 +58,6 @@ dependencies:
|
|
|
58
58
|
- - "~>"
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
60
|
version: '1.1'
|
|
61
|
-
- !ruby/object:Gem::Dependency
|
|
62
|
-
name: google-style
|
|
63
|
-
requirement: !ruby/object:Gem::Requirement
|
|
64
|
-
requirements:
|
|
65
|
-
- - "~>"
|
|
66
|
-
- !ruby/object:Gem::Version
|
|
67
|
-
version: 1.26.3
|
|
68
|
-
type: :development
|
|
69
|
-
prerelease: false
|
|
70
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
71
|
-
requirements:
|
|
72
|
-
- - "~>"
|
|
73
|
-
- !ruby/object:Gem::Version
|
|
74
|
-
version: 1.26.3
|
|
75
|
-
- !ruby/object:Gem::Dependency
|
|
76
|
-
name: minitest
|
|
77
|
-
requirement: !ruby/object:Gem::Requirement
|
|
78
|
-
requirements:
|
|
79
|
-
- - "~>"
|
|
80
|
-
- !ruby/object:Gem::Version
|
|
81
|
-
version: '5.16'
|
|
82
|
-
type: :development
|
|
83
|
-
prerelease: false
|
|
84
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
85
|
-
requirements:
|
|
86
|
-
- - "~>"
|
|
87
|
-
- !ruby/object:Gem::Version
|
|
88
|
-
version: '5.16'
|
|
89
|
-
- !ruby/object:Gem::Dependency
|
|
90
|
-
name: minitest-focus
|
|
91
|
-
requirement: !ruby/object:Gem::Requirement
|
|
92
|
-
requirements:
|
|
93
|
-
- - "~>"
|
|
94
|
-
- !ruby/object:Gem::Version
|
|
95
|
-
version: '1.1'
|
|
96
|
-
type: :development
|
|
97
|
-
prerelease: false
|
|
98
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
99
|
-
requirements:
|
|
100
|
-
- - "~>"
|
|
101
|
-
- !ruby/object:Gem::Version
|
|
102
|
-
version: '1.1'
|
|
103
|
-
- !ruby/object:Gem::Dependency
|
|
104
|
-
name: minitest-rg
|
|
105
|
-
requirement: !ruby/object:Gem::Requirement
|
|
106
|
-
requirements:
|
|
107
|
-
- - "~>"
|
|
108
|
-
- !ruby/object:Gem::Version
|
|
109
|
-
version: '5.2'
|
|
110
|
-
type: :development
|
|
111
|
-
prerelease: false
|
|
112
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
113
|
-
requirements:
|
|
114
|
-
- - "~>"
|
|
115
|
-
- !ruby/object:Gem::Version
|
|
116
|
-
version: '5.2'
|
|
117
|
-
- !ruby/object:Gem::Dependency
|
|
118
|
-
name: rake
|
|
119
|
-
requirement: !ruby/object:Gem::Requirement
|
|
120
|
-
requirements:
|
|
121
|
-
- - ">="
|
|
122
|
-
- !ruby/object:Gem::Version
|
|
123
|
-
version: '13.0'
|
|
124
|
-
type: :development
|
|
125
|
-
prerelease: false
|
|
126
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
127
|
-
requirements:
|
|
128
|
-
- - ">="
|
|
129
|
-
- !ruby/object:Gem::Version
|
|
130
|
-
version: '13.0'
|
|
131
|
-
- !ruby/object:Gem::Dependency
|
|
132
|
-
name: redcarpet
|
|
133
|
-
requirement: !ruby/object:Gem::Requirement
|
|
134
|
-
requirements:
|
|
135
|
-
- - "~>"
|
|
136
|
-
- !ruby/object:Gem::Version
|
|
137
|
-
version: '3.0'
|
|
138
|
-
type: :development
|
|
139
|
-
prerelease: false
|
|
140
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
141
|
-
requirements:
|
|
142
|
-
- - "~>"
|
|
143
|
-
- !ruby/object:Gem::Version
|
|
144
|
-
version: '3.0'
|
|
145
|
-
- !ruby/object:Gem::Dependency
|
|
146
|
-
name: simplecov
|
|
147
|
-
requirement: !ruby/object:Gem::Requirement
|
|
148
|
-
requirements:
|
|
149
|
-
- - "~>"
|
|
150
|
-
- !ruby/object:Gem::Version
|
|
151
|
-
version: '0.18'
|
|
152
|
-
type: :development
|
|
153
|
-
prerelease: false
|
|
154
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
155
|
-
requirements:
|
|
156
|
-
- - "~>"
|
|
157
|
-
- !ruby/object:Gem::Version
|
|
158
|
-
version: '0.18'
|
|
159
|
-
- !ruby/object:Gem::Dependency
|
|
160
|
-
name: yard
|
|
161
|
-
requirement: !ruby/object:Gem::Requirement
|
|
162
|
-
requirements:
|
|
163
|
-
- - "~>"
|
|
164
|
-
- !ruby/object:Gem::Version
|
|
165
|
-
version: '0.9'
|
|
166
|
-
type: :development
|
|
167
|
-
prerelease: false
|
|
168
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
169
|
-
requirements:
|
|
170
|
-
- - "~>"
|
|
171
|
-
- !ruby/object:Gem::Version
|
|
172
|
-
version: '0.9'
|
|
173
61
|
description: Security Command Center API provides access to temporal views of assets
|
|
174
62
|
and findings within an organization. Note that google-cloud-security_center-v1 is
|
|
175
63
|
a version-specific client library. For most uses, we recommend installing the main
|
|
@@ -219,10 +107,13 @@ files:
|
|
|
219
107
|
- lib/google/cloud/securitycenter/v1/kernel_rootkit_pb.rb
|
|
220
108
|
- lib/google/cloud/securitycenter/v1/kubernetes_pb.rb
|
|
221
109
|
- lib/google/cloud/securitycenter/v1/label_pb.rb
|
|
110
|
+
- lib/google/cloud/securitycenter/v1/load_balancer_pb.rb
|
|
111
|
+
- lib/google/cloud/securitycenter/v1/log_entry_pb.rb
|
|
222
112
|
- lib/google/cloud/securitycenter/v1/mitre_attack_pb.rb
|
|
223
113
|
- lib/google/cloud/securitycenter/v1/mute_config_pb.rb
|
|
224
114
|
- lib/google/cloud/securitycenter/v1/notification_config_pb.rb
|
|
225
115
|
- lib/google/cloud/securitycenter/v1/notification_message_pb.rb
|
|
116
|
+
- lib/google/cloud/securitycenter/v1/org_policy_pb.rb
|
|
226
117
|
- lib/google/cloud/securitycenter/v1/organization_settings_pb.rb
|
|
227
118
|
- lib/google/cloud/securitycenter/v1/process_pb.rb
|
|
228
119
|
- lib/google/cloud/securitycenter/v1/resource_pb.rb
|
|
@@ -262,10 +153,13 @@ files:
|
|
|
262
153
|
- proto_docs/google/cloud/securitycenter/v1/kernel_rootkit.rb
|
|
263
154
|
- proto_docs/google/cloud/securitycenter/v1/kubernetes.rb
|
|
264
155
|
- proto_docs/google/cloud/securitycenter/v1/label.rb
|
|
156
|
+
- proto_docs/google/cloud/securitycenter/v1/load_balancer.rb
|
|
157
|
+
- proto_docs/google/cloud/securitycenter/v1/log_entry.rb
|
|
265
158
|
- proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb
|
|
266
159
|
- proto_docs/google/cloud/securitycenter/v1/mute_config.rb
|
|
267
160
|
- proto_docs/google/cloud/securitycenter/v1/notification_config.rb
|
|
268
161
|
- proto_docs/google/cloud/securitycenter/v1/notification_message.rb
|
|
162
|
+
- proto_docs/google/cloud/securitycenter/v1/org_policy.rb
|
|
269
163
|
- proto_docs/google/cloud/securitycenter/v1/organization_settings.rb
|
|
270
164
|
- proto_docs/google/cloud/securitycenter/v1/process.rb
|
|
271
165
|
- proto_docs/google/cloud/securitycenter/v1/resource.rb
|
|
@@ -300,14 +194,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
300
194
|
requirements:
|
|
301
195
|
- - ">="
|
|
302
196
|
- !ruby/object:Gem::Version
|
|
303
|
-
version: '2.
|
|
197
|
+
version: '2.7'
|
|
304
198
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
305
199
|
requirements:
|
|
306
200
|
- - ">="
|
|
307
201
|
- !ruby/object:Gem::Version
|
|
308
202
|
version: '0'
|
|
309
203
|
requirements: []
|
|
310
|
-
rubygems_version: 3.5.
|
|
204
|
+
rubygems_version: 3.5.6
|
|
311
205
|
signing_key:
|
|
312
206
|
specification_version: 4
|
|
313
207
|
summary: Security Command Center API provides access to temporal views of assets and
|