RubyGems - google-cloud-security_center-v2 - Versions diffs - 0.a → 0.1.0 - Mend

google-cloud-security_center-v2 0.a → 0.1.0

Files changed (115) hide show

data/proto_docs/google/cloud/securitycenter/v2/kubernetes.rb ADDED Viewed

@@ -0,0 +1,241 @@
+# frozen_string_literal: true
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Kubernetes-related attributes.
+        # @!attribute [rw] pods
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Pod>]
+        #     Kubernetes
+        #     [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
+        #     associated with the finding. This field contains Pod records for each
+        #     container that is owned by a Pod.
+        # @!attribute [rw] nodes
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Node>]
+        #     Provides Kubernetes
+        #     [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes)
+        #     information.
+        # @!attribute [rw] node_pools
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::NodePool>]
+        #     GKE [node
+        #     pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools)
+        #     associated with the finding. This field contains node pool information for
+        #     each node, when it is available.
+        # @!attribute [rw] roles
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Role>]
+        #     Provides Kubernetes role information for findings that involve [Roles or
+        #     ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
+        # @!attribute [rw] bindings
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Binding>]
+        #     Provides Kubernetes role binding information for findings that involve
+        #     [RoleBindings or
+        #     ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
+        # @!attribute [rw] access_reviews
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::AccessReview>]
+        #     Provides information on any Kubernetes access reviews (privilege checks)
+        #     relevant to the finding.
+        # @!attribute [rw] objects
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Object>]
+        #     Kubernetes objects related to the finding.
+        class Kubernetes
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+          # A Kubernetes Pod.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Kubernetes Pod namespace.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes Pod name.
+          # @!attribute [rw] labels
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Label>]
+          #     Pod labels.  For Kubernetes containers, these are applied to the
+          #     container.
+          # @!attribute [rw] containers
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Container>]
+          #     Pod containers associated with this finding, if any.
+          class Pod
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Kubernetes nodes associated with the finding.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
+          #     the Compute Engine VM running the cluster node.
+          class Node
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Provides GKE node pool information.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes node pool name.
+          # @!attribute [rw] nodes
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Node>]
+          #     Nodes associated with the finding.
+          class NodePool
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Kubernetes Role or ClusterRole.
+          # @!attribute [rw] kind
+          #   @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Role::Kind]
+          #     Role type.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Role namespace.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Role name.
+          class Role
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+            # Types of Kubernetes roles.
+            module Kind
+              # Role type is not specified.
+              KIND_UNSPECIFIED = 0
+              # Kubernetes Role.
+              ROLE = 1
+              # Kubernetes ClusterRole.
+              CLUSTER_ROLE = 2
+            end
+          end
+          # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace for the binding.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Name for the binding.
+          # @!attribute [rw] role
+          #   @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Role]
+          #     The Role or ClusterRole referenced by the binding.
+          # @!attribute [rw] subjects
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Subject>]
+          #     Represents one or more subjects that are bound to the role. Not always
+          #     available for PATCH requests.
+          class Binding
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Represents a Kubernetes subject.
+          # @!attribute [rw] kind
+          #   @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Subject::AuthType]
+          #     Authentication type for the subject.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace for the subject.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Name for the subject.
+          class Subject
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+            # Auth types that can be used for the subject's kind field.
+            module AuthType
+              # Authentication is not specified.
+              AUTH_TYPE_UNSPECIFIED = 0
+              # User with valid certificate.
+              USER = 1
+              # Users managed by Kubernetes API with credentials stored as secrets.
+              SERVICEACCOUNT = 2
+              # Collection of users.
+              GROUP = 3
+            end
+          end
+          # Conveys information about a Kubernetes access review (such as one returned
+          # by a [`kubectl auth
+          # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
+          # command) that was involved in a finding.
+          # @!attribute [rw] group
+          #   @return [::String]
+          #     The API group of the resource. "*" means all.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace of the action being requested. Currently, there is no
+          #     distinction between no namespace and all namespaces.  Both
+          #     are represented by "" (empty).
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     The name of the resource being requested. Empty means all.
+          # @!attribute [rw] resource
+          #   @return [::String]
+          #     The optional resource type requested. "*" means all.
+          # @!attribute [rw] subresource
+          #   @return [::String]
+          #     The optional subresource type.
+          # @!attribute [rw] verb
+          #   @return [::String]
+          #     A Kubernetes resource API verb, like get, list, watch, create, update,
+          #     delete, proxy. "*" means all.
+          # @!attribute [rw] version
+          #   @return [::String]
+          #     The API version of the resource. "*" means all.
+          class AccessReview
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Kubernetes object related to the finding, uniquely identified by GKNN.
+          # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
+          # AccessReview.
+          # @!attribute [rw] group
+          #   @return [::String]
+          #     Kubernetes object group, such as "policy.k8s.io/v1".
+          # @!attribute [rw] kind
+          #   @return [::String]
+          #     Kubernetes object kind, such as "Namespace".
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Kubernetes object namespace. Must be a valid DNS label. Named
+          #     "ns" to avoid collision with C++ namespace keyword. For details see
+          #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes object name. For details see
+          #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
+          # @!attribute [rw] containers
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Container>]
+          #     Pod containers associated with this finding, if any.
+          class Object
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/label.rb ADDED Viewed

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Represents a generic name-value label. A label has separate name and value
+        # fields to support filtering with the `contains()` function. For more
+        # information, see [Filtering on array-type
+        # fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering).
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Name of the label.
+        # @!attribute [rw] value
+        #   @return [::String]
+        #     Value that corresponds to the label's name.
+        class Label
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/load_balancer.rb ADDED Viewed

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Contains information related to the load balancer associated with the
+        # finding.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The name of the load balancer associated with the finding.
+        class LoadBalancer
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/log_entry.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # An individual entry in a log.
+        # @!attribute [rw] cloud_logging_entry
+        #   @return [::Google::Cloud::SecurityCenter::V2::CloudLoggingEntry]
+        #     An individual entry in a log stored in Cloud Logging.
+        class LogEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Metadata taken from a [Cloud Logging
+        # LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry)
+        # @!attribute [rw] insert_id
+        #   @return [::String]
+        #     A unique identifier for the log entry.
+        # @!attribute [rw] log_id
+        #   @return [::String]
+        #     The type of the log (part of `log_name`. `log_name` is the resource name of
+        #     the log to which this log entry belongs). For example:
+        #     `cloudresourcemanager.googleapis.com/activity` Note that this field is not
+        #     URL-encoded, unlike in `LogEntry`.
+        # @!attribute [rw] resource_container
+        #   @return [::String]
+        #     The organization, folder, or project of the monitored resource that
+        #     produced this log entry.
+        # @!attribute [rw] timestamp
+        #   @return [::Google::Protobuf::Timestamp]
+        #     The time the event described by the log entry occurred.
+        class CloudLoggingEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/mitre_attack.rb ADDED Viewed

@@ -0,0 +1,285 @@
+# frozen_string_literal: true
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # MITRE ATT&CK tactics and techniques related to this finding.
+        # See: https://attack.mitre.org
+        # @!attribute [rw] primary_tactic
+        #   @return [::Google::Cloud::SecurityCenter::V2::MitreAttack::Tactic]
+        #     The MITRE ATT&CK tactic most closely represented by this finding, if any.
+        # @!attribute [rw] primary_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::MitreAttack::Technique>]
+        #     The MITRE ATT&CK technique most closely represented by this finding, if
+        #     any. primary_techniques is a repeated field because there are multiple
+        #     levels of MITRE ATT&CK techniques.  If the technique most closely
+        #     represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
+        #     both the sub-technique and its parent technique(s) will be listed (e.g.
+        #     `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
+        # @!attribute [rw] additional_tactics
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::MitreAttack::Tactic>]
+        #     Additional MITRE ATT&CK tactics related to this finding, if any.
+        # @!attribute [rw] additional_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::MitreAttack::Technique>]
+        #     Additional MITRE ATT&CK techniques related to this finding, if any, along
+        #     with any of their respective parent techniques.
+        # @!attribute [rw] version
+        #   @return [::String]
+        #     The MITRE ATT&CK version referenced by the above fields. E.g. "8".
+        class MitreAttack
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+          # MITRE ATT&CK tactics that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/tactics/enterprise/
+          module Tactic
+            # Unspecified value.
+            TACTIC_UNSPECIFIED = 0
+            # TA0043
+            RECONNAISSANCE = 1
+            # TA0042
+            RESOURCE_DEVELOPMENT = 2
+            # TA0001
+            INITIAL_ACCESS = 5
+            # TA0002
+            EXECUTION = 3
+            # TA0003
+            PERSISTENCE = 6
+            # TA0004
+            PRIVILEGE_ESCALATION = 8
+            # TA0005
+            DEFENSE_EVASION = 7
+            # TA0006
+            CREDENTIAL_ACCESS = 9
+            # TA0007
+            DISCOVERY = 10
+            # TA0008
+            LATERAL_MOVEMENT = 11
+            # TA0009
+            COLLECTION = 12
+            # TA0011
+            COMMAND_AND_CONTROL = 4
+            # TA0010
+            EXFILTRATION = 13
+            # TA0040
+            IMPACT = 14
+          end
+          # MITRE ATT&CK techniques that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/techniques/enterprise/
+          # Next ID: 59
+          module Technique
+            # Unspecified value.
+            TECHNIQUE_UNSPECIFIED = 0
+            # T1036
+            MASQUERADING = 49
+            # T1036.005
+            MATCH_LEGITIMATE_NAME_OR_LOCATION = 50
+            # T1037
+            BOOT_OR_LOGON_INITIALIZATION_SCRIPTS = 37
+            # T1037.005
+            STARTUP_ITEMS = 38
+            # T1046
+            NETWORK_SERVICE_DISCOVERY = 32
+            # T1057
+            PROCESS_DISCOVERY = 56
+            # T1059
+            COMMAND_AND_SCRIPTING_INTERPRETER = 6
+            # T1059.004
+            UNIX_SHELL = 7
+            # T1069
+            PERMISSION_GROUPS_DISCOVERY = 18
+            # T1069.003
+            CLOUD_GROUPS = 19
+            # T1071
+            APPLICATION_LAYER_PROTOCOL = 45
+            # T1071.004
+            DNS = 46
+            # T1072
+            SOFTWARE_DEPLOYMENT_TOOLS = 47
+            # T1078
+            VALID_ACCOUNTS = 14
+            # T1078.001
+            DEFAULT_ACCOUNTS = 35
+            # T1078.003
+            LOCAL_ACCOUNTS = 15
+            # T1078.004
+            CLOUD_ACCOUNTS = 16
+            # T1090
+            PROXY = 9
+            # T1090.002
+            EXTERNAL_PROXY = 10
+            # T1090.003
+            MULTI_HOP_PROXY = 11
+            # T1098
+            ACCOUNT_MANIPULATION = 22
+            # T1098.001
+            ADDITIONAL_CLOUD_CREDENTIALS = 40
+            # T1098.004
+            SSH_AUTHORIZED_KEYS = 23
+            # T1098.006
+            ADDITIONAL_CONTAINER_CLUSTER_ROLES = 58
+            # T1105
+            INGRESS_TOOL_TRANSFER = 3
+            # T1106
+            NATIVE_API = 4
+            # T1110
+            BRUTE_FORCE = 44
+            # T1129
+            SHARED_MODULES = 5
+            # T1134
+            ACCESS_TOKEN_MANIPULATION = 33
+            # T1134.001
+            TOKEN_IMPERSONATION_OR_THEFT = 39
+            # T1190
+            EXPLOIT_PUBLIC_FACING_APPLICATION = 27
+            # T1484
+            DOMAIN_POLICY_MODIFICATION = 30
+            # T1485
+            DATA_DESTRUCTION = 29
+            # T1489
+            SERVICE_STOP = 52
+            # T1490
+            INHIBIT_SYSTEM_RECOVERY = 36
+            # T1496
+            RESOURCE_HIJACKING = 8
+            # T1498
+            NETWORK_DENIAL_OF_SERVICE = 17
+            # T1526
+            CLOUD_SERVICE_DISCOVERY = 48
+            # T1528
+            STEAL_APPLICATION_ACCESS_TOKEN = 42
+            # T1531
+            ACCOUNT_ACCESS_REMOVAL = 51
+            # T1539
+            STEAL_WEB_SESSION_COOKIE = 25
+            # T1543
+            CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
+            # T1548
+            ABUSE_ELEVATION_CONTROL_MECHANISM = 34
+            # T1552
+            UNSECURED_CREDENTIALS = 13
+            # T1556
+            MODIFY_AUTHENTICATION_PROCESS = 28
+            # T1562
+            IMPAIR_DEFENSES = 31
+            # T1562.001
+            DISABLE_OR_MODIFY_TOOLS = 55
+            # T1567
+            EXFILTRATION_OVER_WEB_SERVICE = 20
+            # T1567.002
+            EXFILTRATION_TO_CLOUD_STORAGE = 21
+            # T1568
+            DYNAMIC_RESOLUTION = 12
+            # T1570
+            LATERAL_TOOL_TRANSFER = 41
+            # T1578
+            MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
+            # T1578.001
+            CREATE_SNAPSHOT = 54
+            # T1580
+            CLOUD_INFRASTRUCTURE_DISCOVERY = 53
+            # T1588
+            OBTAIN_CAPABILITIES = 43
+            # T1595
+            ACTIVE_SCANNING = 1
+            # T1595.001
+            SCANNING_IP_BLOCKS = 2
+            # T1613
+            CONTAINER_AND_RESOURCE_DISCOVERY = 57
+          end
+        end
+      end
+    end
+  end
+end