google-cloud-security_center-v2 0.a → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +122 -0
- data/README.md +144 -8
- data/lib/google/cloud/security_center/v2/rest.rb +37 -0
- data/lib/google/cloud/security_center/v2/security_center/client.rb +4728 -0
- data/lib/google/cloud/security_center/v2/security_center/credentials.rb +51 -0
- data/lib/google/cloud/security_center/v2/security_center/operations.rb +801 -0
- data/lib/google/cloud/security_center/v2/security_center/paths.rb +973 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/client.rb +4347 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/operations.rb +894 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/service_stub.rb +3165 -0
- data/lib/google/cloud/security_center/v2/security_center/rest.rb +53 -0
- data/lib/google/cloud/security_center/v2/security_center.rb +56 -0
- data/lib/google/cloud/security_center/v2/version.rb +7 -2
- data/lib/google/cloud/security_center/v2.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/access_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/application_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/attack_exposure_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/attack_path_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/backup_disaster_recovery_pb.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/bigquery_export_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/cloud_dlp_data_profile_pb.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/cloud_dlp_inspection_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/compliance_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/connection_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/contact_details_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/container_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/database_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/exfiltration_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/external_system_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/file_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/finding_pb.rb +105 -0
- data/lib/google/cloud/securitycenter/v2/iam_binding_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/indicator_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/kernel_rootkit_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/kubernetes_pb.rb +57 -0
- data/lib/google/cloud/securitycenter/v2/label_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/load_balancer_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/log_entry_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/mitre_attack_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/mute_config_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v2/notification_config_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/notification_message_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/org_policy_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/process_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/resource_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/resource_value_config_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/security_marks_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/security_posture_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/securitycenter_service_pb.rb +128 -0
- data/lib/google/cloud/securitycenter/v2/securitycenter_service_services_pb.rb +167 -0
- data/lib/google/cloud/securitycenter/v2/simulation_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/source_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/valued_resource_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/vulnerability_pb.rb +58 -0
- data/lib/google-cloud-security_center-v2.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/client.rb +399 -0
- data/proto_docs/google/api/field_behavior.rb +85 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/api/resource.rb +222 -0
- data/proto_docs/google/api/routing.rb +459 -0
- data/proto_docs/google/cloud/securitycenter/v2/access.rb +120 -0
- data/proto_docs/google/cloud/securitycenter/v2/application.rb +40 -0
- data/proto_docs/google/cloud/securitycenter/v2/attack_exposure.rb +73 -0
- data/proto_docs/google/cloud/securitycenter/v2/attack_path.rb +147 -0
- data/proto_docs/google/cloud/securitycenter/v2/backup_disaster_recovery.rb +90 -0
- data/proto_docs/google/cloud/securitycenter/v2/bigquery_export.rb +96 -0
- data/proto_docs/google/cloud/securitycenter/v2/cloud_dlp_data_profile.rb +52 -0
- data/proto_docs/google/cloud/securitycenter/v2/cloud_dlp_inspection.rb +50 -0
- data/proto_docs/google/cloud/securitycenter/v2/compliance.rb +43 -0
- data/proto_docs/google/cloud/securitycenter/v2/connection.rb +70 -0
- data/proto_docs/google/cloud/securitycenter/v2/contact_details.rb +44 -0
- data/proto_docs/google/cloud/securitycenter/v2/container.rb +49 -0
- data/proto_docs/google/cloud/securitycenter/v2/database.rb +67 -0
- data/proto_docs/google/cloud/securitycenter/v2/exfiltration.rb +64 -0
- data/proto_docs/google/cloud/securitycenter/v2/external_system.rb +106 -0
- data/proto_docs/google/cloud/securitycenter/v2/file.rb +72 -0
- data/proto_docs/google/cloud/securitycenter/v2/finding.rb +411 -0
- data/proto_docs/google/cloud/securitycenter/v2/iam_binding.rb +56 -0
- data/proto_docs/google/cloud/securitycenter/v2/indicator.rb +112 -0
- data/proto_docs/google/cloud/securitycenter/v2/kernel_rootkit.rb +66 -0
- data/proto_docs/google/cloud/securitycenter/v2/kubernetes.rb +241 -0
- data/proto_docs/google/cloud/securitycenter/v2/label.rb +41 -0
- data/proto_docs/google/cloud/securitycenter/v2/load_balancer.rb +36 -0
- data/proto_docs/google/cloud/securitycenter/v2/log_entry.rb +58 -0
- data/proto_docs/google/cloud/securitycenter/v2/mitre_attack.rb +285 -0
- data/proto_docs/google/cloud/securitycenter/v2/mute_config.rb +100 -0
- data/proto_docs/google/cloud/securitycenter/v2/notification_config.rb +90 -0
- data/proto_docs/google/cloud/securitycenter/v2/notification_message.rb +42 -0
- data/proto_docs/google/cloud/securitycenter/v2/org_policy.rb +37 -0
- data/proto_docs/google/cloud/securitycenter/v2/process.rb +79 -0
- data/proto_docs/google/cloud/securitycenter/v2/resource.rb +42 -0
- data/proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb +122 -0
- data/proto_docs/google/cloud/securitycenter/v2/security_marks.rb +84 -0
- data/proto_docs/google/cloud/securitycenter/v2/security_posture.rb +83 -0
- data/proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb +1136 -0
- data/proto_docs/google/cloud/securitycenter/v2/simulation.rb +43 -0
- data/proto_docs/google/cloud/securitycenter/v2/source.rb +65 -0
- data/proto_docs/google/cloud/securitycenter/v2/valued_resource.rb +86 -0
- data/proto_docs/google/cloud/securitycenter/v2/vulnerability.rb +333 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +87 -0
- data/proto_docs/google/iam/v1/options.rb +50 -0
- data/proto_docs/google/iam/v1/policy.rb +426 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +145 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +34 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/struct.rb +96 -0
- data/proto_docs/google/protobuf/timestamp.rb +127 -0
- data/proto_docs/google/rpc/status.rb +48 -0
- data/proto_docs/google/type/expr.rb +75 -0
- metadata +169 -10
@@ -0,0 +1,241 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Kubernetes-related attributes.
|
25
|
+
# @!attribute [rw] pods
|
26
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Pod>]
|
27
|
+
# Kubernetes
|
28
|
+
# [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
|
29
|
+
# associated with the finding. This field contains Pod records for each
|
30
|
+
# container that is owned by a Pod.
|
31
|
+
# @!attribute [rw] nodes
|
32
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Node>]
|
33
|
+
# Provides Kubernetes
|
34
|
+
# [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes)
|
35
|
+
# information.
|
36
|
+
# @!attribute [rw] node_pools
|
37
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::NodePool>]
|
38
|
+
# GKE [node
|
39
|
+
# pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools)
|
40
|
+
# associated with the finding. This field contains node pool information for
|
41
|
+
# each node, when it is available.
|
42
|
+
# @!attribute [rw] roles
|
43
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Role>]
|
44
|
+
# Provides Kubernetes role information for findings that involve [Roles or
|
45
|
+
# ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
|
46
|
+
# @!attribute [rw] bindings
|
47
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Binding>]
|
48
|
+
# Provides Kubernetes role binding information for findings that involve
|
49
|
+
# [RoleBindings or
|
50
|
+
# ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
|
51
|
+
# @!attribute [rw] access_reviews
|
52
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::AccessReview>]
|
53
|
+
# Provides information on any Kubernetes access reviews (privilege checks)
|
54
|
+
# relevant to the finding.
|
55
|
+
# @!attribute [rw] objects
|
56
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Object>]
|
57
|
+
# Kubernetes objects related to the finding.
|
58
|
+
class Kubernetes
|
59
|
+
include ::Google::Protobuf::MessageExts
|
60
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
61
|
+
|
62
|
+
# A Kubernetes Pod.
|
63
|
+
# @!attribute [rw] ns
|
64
|
+
# @return [::String]
|
65
|
+
# Kubernetes Pod namespace.
|
66
|
+
# @!attribute [rw] name
|
67
|
+
# @return [::String]
|
68
|
+
# Kubernetes Pod name.
|
69
|
+
# @!attribute [rw] labels
|
70
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Label>]
|
71
|
+
# Pod labels. For Kubernetes containers, these are applied to the
|
72
|
+
# container.
|
73
|
+
# @!attribute [rw] containers
|
74
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Container>]
|
75
|
+
# Pod containers associated with this finding, if any.
|
76
|
+
class Pod
|
77
|
+
include ::Google::Protobuf::MessageExts
|
78
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
79
|
+
end
|
80
|
+
|
81
|
+
# Kubernetes nodes associated with the finding.
|
82
|
+
# @!attribute [rw] name
|
83
|
+
# @return [::String]
|
84
|
+
# [Full resource name](https://google.aip.dev/122#full-resource-names) of
|
85
|
+
# the Compute Engine VM running the cluster node.
|
86
|
+
class Node
|
87
|
+
include ::Google::Protobuf::MessageExts
|
88
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
89
|
+
end
|
90
|
+
|
91
|
+
# Provides GKE node pool information.
|
92
|
+
# @!attribute [rw] name
|
93
|
+
# @return [::String]
|
94
|
+
# Kubernetes node pool name.
|
95
|
+
# @!attribute [rw] nodes
|
96
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Node>]
|
97
|
+
# Nodes associated with the finding.
|
98
|
+
class NodePool
|
99
|
+
include ::Google::Protobuf::MessageExts
|
100
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
101
|
+
end
|
102
|
+
|
103
|
+
# Kubernetes Role or ClusterRole.
|
104
|
+
# @!attribute [rw] kind
|
105
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Role::Kind]
|
106
|
+
# Role type.
|
107
|
+
# @!attribute [rw] ns
|
108
|
+
# @return [::String]
|
109
|
+
# Role namespace.
|
110
|
+
# @!attribute [rw] name
|
111
|
+
# @return [::String]
|
112
|
+
# Role name.
|
113
|
+
class Role
|
114
|
+
include ::Google::Protobuf::MessageExts
|
115
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
116
|
+
|
117
|
+
# Types of Kubernetes roles.
|
118
|
+
module Kind
|
119
|
+
# Role type is not specified.
|
120
|
+
KIND_UNSPECIFIED = 0
|
121
|
+
|
122
|
+
# Kubernetes Role.
|
123
|
+
ROLE = 1
|
124
|
+
|
125
|
+
# Kubernetes ClusterRole.
|
126
|
+
CLUSTER_ROLE = 2
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
# Represents a Kubernetes RoleBinding or ClusterRoleBinding.
|
131
|
+
# @!attribute [rw] ns
|
132
|
+
# @return [::String]
|
133
|
+
# Namespace for the binding.
|
134
|
+
# @!attribute [rw] name
|
135
|
+
# @return [::String]
|
136
|
+
# Name for the binding.
|
137
|
+
# @!attribute [rw] role
|
138
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Role]
|
139
|
+
# The Role or ClusterRole referenced by the binding.
|
140
|
+
# @!attribute [rw] subjects
|
141
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Subject>]
|
142
|
+
# Represents one or more subjects that are bound to the role. Not always
|
143
|
+
# available for PATCH requests.
|
144
|
+
class Binding
|
145
|
+
include ::Google::Protobuf::MessageExts
|
146
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
147
|
+
end
|
148
|
+
|
149
|
+
# Represents a Kubernetes subject.
|
150
|
+
# @!attribute [rw] kind
|
151
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Subject::AuthType]
|
152
|
+
# Authentication type for the subject.
|
153
|
+
# @!attribute [rw] ns
|
154
|
+
# @return [::String]
|
155
|
+
# Namespace for the subject.
|
156
|
+
# @!attribute [rw] name
|
157
|
+
# @return [::String]
|
158
|
+
# Name for the subject.
|
159
|
+
class Subject
|
160
|
+
include ::Google::Protobuf::MessageExts
|
161
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
162
|
+
|
163
|
+
# Auth types that can be used for the subject's kind field.
|
164
|
+
module AuthType
|
165
|
+
# Authentication is not specified.
|
166
|
+
AUTH_TYPE_UNSPECIFIED = 0
|
167
|
+
|
168
|
+
# User with valid certificate.
|
169
|
+
USER = 1
|
170
|
+
|
171
|
+
# Users managed by Kubernetes API with credentials stored as secrets.
|
172
|
+
SERVICEACCOUNT = 2
|
173
|
+
|
174
|
+
# Collection of users.
|
175
|
+
GROUP = 3
|
176
|
+
end
|
177
|
+
end
|
178
|
+
|
179
|
+
# Conveys information about a Kubernetes access review (such as one returned
|
180
|
+
# by a [`kubectl auth
|
181
|
+
# can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
|
182
|
+
# command) that was involved in a finding.
|
183
|
+
# @!attribute [rw] group
|
184
|
+
# @return [::String]
|
185
|
+
# The API group of the resource. "*" means all.
|
186
|
+
# @!attribute [rw] ns
|
187
|
+
# @return [::String]
|
188
|
+
# Namespace of the action being requested. Currently, there is no
|
189
|
+
# distinction between no namespace and all namespaces. Both
|
190
|
+
# are represented by "" (empty).
|
191
|
+
# @!attribute [rw] name
|
192
|
+
# @return [::String]
|
193
|
+
# The name of the resource being requested. Empty means all.
|
194
|
+
# @!attribute [rw] resource
|
195
|
+
# @return [::String]
|
196
|
+
# The optional resource type requested. "*" means all.
|
197
|
+
# @!attribute [rw] subresource
|
198
|
+
# @return [::String]
|
199
|
+
# The optional subresource type.
|
200
|
+
# @!attribute [rw] verb
|
201
|
+
# @return [::String]
|
202
|
+
# A Kubernetes resource API verb, like get, list, watch, create, update,
|
203
|
+
# delete, proxy. "*" means all.
|
204
|
+
# @!attribute [rw] version
|
205
|
+
# @return [::String]
|
206
|
+
# The API version of the resource. "*" means all.
|
207
|
+
class AccessReview
|
208
|
+
include ::Google::Protobuf::MessageExts
|
209
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
210
|
+
end
|
211
|
+
|
212
|
+
# Kubernetes object related to the finding, uniquely identified by GKNN.
|
213
|
+
# Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
|
214
|
+
# AccessReview.
|
215
|
+
# @!attribute [rw] group
|
216
|
+
# @return [::String]
|
217
|
+
# Kubernetes object group, such as "policy.k8s.io/v1".
|
218
|
+
# @!attribute [rw] kind
|
219
|
+
# @return [::String]
|
220
|
+
# Kubernetes object kind, such as "Namespace".
|
221
|
+
# @!attribute [rw] ns
|
222
|
+
# @return [::String]
|
223
|
+
# Kubernetes object namespace. Must be a valid DNS label. Named
|
224
|
+
# "ns" to avoid collision with C++ namespace keyword. For details see
|
225
|
+
# https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
|
226
|
+
# @!attribute [rw] name
|
227
|
+
# @return [::String]
|
228
|
+
# Kubernetes object name. For details see
|
229
|
+
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
|
230
|
+
# @!attribute [rw] containers
|
231
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Container>]
|
232
|
+
# Pod containers associated with this finding, if any.
|
233
|
+
class Object
|
234
|
+
include ::Google::Protobuf::MessageExts
|
235
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
236
|
+
end
|
237
|
+
end
|
238
|
+
end
|
239
|
+
end
|
240
|
+
end
|
241
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Represents a generic name-value label. A label has separate name and value
|
25
|
+
# fields to support filtering with the `contains()` function. For more
|
26
|
+
# information, see [Filtering on array-type
|
27
|
+
# fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering).
|
28
|
+
# @!attribute [rw] name
|
29
|
+
# @return [::String]
|
30
|
+
# Name of the label.
|
31
|
+
# @!attribute [rw] value
|
32
|
+
# @return [::String]
|
33
|
+
# Value that corresponds to the label's name.
|
34
|
+
class Label
|
35
|
+
include ::Google::Protobuf::MessageExts
|
36
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Contains information related to the load balancer associated with the
|
25
|
+
# finding.
|
26
|
+
# @!attribute [rw] name
|
27
|
+
# @return [::String]
|
28
|
+
# The name of the load balancer associated with the finding.
|
29
|
+
class LoadBalancer
|
30
|
+
include ::Google::Protobuf::MessageExts
|
31
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# An individual entry in a log.
|
25
|
+
# @!attribute [rw] cloud_logging_entry
|
26
|
+
# @return [::Google::Cloud::SecurityCenter::V2::CloudLoggingEntry]
|
27
|
+
# An individual entry in a log stored in Cloud Logging.
|
28
|
+
class LogEntry
|
29
|
+
include ::Google::Protobuf::MessageExts
|
30
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
31
|
+
end
|
32
|
+
|
33
|
+
# Metadata taken from a [Cloud Logging
|
34
|
+
# LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry)
|
35
|
+
# @!attribute [rw] insert_id
|
36
|
+
# @return [::String]
|
37
|
+
# A unique identifier for the log entry.
|
38
|
+
# @!attribute [rw] log_id
|
39
|
+
# @return [::String]
|
40
|
+
# The type of the log (part of `log_name`. `log_name` is the resource name of
|
41
|
+
# the log to which this log entry belongs). For example:
|
42
|
+
# `cloudresourcemanager.googleapis.com/activity` Note that this field is not
|
43
|
+
# URL-encoded, unlike in `LogEntry`.
|
44
|
+
# @!attribute [rw] resource_container
|
45
|
+
# @return [::String]
|
46
|
+
# The organization, folder, or project of the monitored resource that
|
47
|
+
# produced this log entry.
|
48
|
+
# @!attribute [rw] timestamp
|
49
|
+
# @return [::Google::Protobuf::Timestamp]
|
50
|
+
# The time the event described by the log entry occurred.
|
51
|
+
class CloudLoggingEntry
|
52
|
+
include ::Google::Protobuf::MessageExts
|
53
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
@@ -0,0 +1,285 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# MITRE ATT&CK tactics and techniques related to this finding.
|
25
|
+
# See: https://attack.mitre.org
|
26
|
+
# @!attribute [rw] primary_tactic
|
27
|
+
# @return [::Google::Cloud::SecurityCenter::V2::MitreAttack::Tactic]
|
28
|
+
# The MITRE ATT&CK tactic most closely represented by this finding, if any.
|
29
|
+
# @!attribute [rw] primary_techniques
|
30
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::MitreAttack::Technique>]
|
31
|
+
# The MITRE ATT&CK technique most closely represented by this finding, if
|
32
|
+
# any. primary_techniques is a repeated field because there are multiple
|
33
|
+
# levels of MITRE ATT&CK techniques. If the technique most closely
|
34
|
+
# represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
|
35
|
+
# both the sub-technique and its parent technique(s) will be listed (e.g.
|
36
|
+
# `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
|
37
|
+
# @!attribute [rw] additional_tactics
|
38
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::MitreAttack::Tactic>]
|
39
|
+
# Additional MITRE ATT&CK tactics related to this finding, if any.
|
40
|
+
# @!attribute [rw] additional_techniques
|
41
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::MitreAttack::Technique>]
|
42
|
+
# Additional MITRE ATT&CK techniques related to this finding, if any, along
|
43
|
+
# with any of their respective parent techniques.
|
44
|
+
# @!attribute [rw] version
|
45
|
+
# @return [::String]
|
46
|
+
# The MITRE ATT&CK version referenced by the above fields. E.g. "8".
|
47
|
+
class MitreAttack
|
48
|
+
include ::Google::Protobuf::MessageExts
|
49
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
50
|
+
|
51
|
+
# MITRE ATT&CK tactics that can be referenced by SCC findings.
|
52
|
+
# See: https://attack.mitre.org/tactics/enterprise/
|
53
|
+
module Tactic
|
54
|
+
# Unspecified value.
|
55
|
+
TACTIC_UNSPECIFIED = 0
|
56
|
+
|
57
|
+
# TA0043
|
58
|
+
RECONNAISSANCE = 1
|
59
|
+
|
60
|
+
# TA0042
|
61
|
+
RESOURCE_DEVELOPMENT = 2
|
62
|
+
|
63
|
+
# TA0001
|
64
|
+
INITIAL_ACCESS = 5
|
65
|
+
|
66
|
+
# TA0002
|
67
|
+
EXECUTION = 3
|
68
|
+
|
69
|
+
# TA0003
|
70
|
+
PERSISTENCE = 6
|
71
|
+
|
72
|
+
# TA0004
|
73
|
+
PRIVILEGE_ESCALATION = 8
|
74
|
+
|
75
|
+
# TA0005
|
76
|
+
DEFENSE_EVASION = 7
|
77
|
+
|
78
|
+
# TA0006
|
79
|
+
CREDENTIAL_ACCESS = 9
|
80
|
+
|
81
|
+
# TA0007
|
82
|
+
DISCOVERY = 10
|
83
|
+
|
84
|
+
# TA0008
|
85
|
+
LATERAL_MOVEMENT = 11
|
86
|
+
|
87
|
+
# TA0009
|
88
|
+
COLLECTION = 12
|
89
|
+
|
90
|
+
# TA0011
|
91
|
+
COMMAND_AND_CONTROL = 4
|
92
|
+
|
93
|
+
# TA0010
|
94
|
+
EXFILTRATION = 13
|
95
|
+
|
96
|
+
# TA0040
|
97
|
+
IMPACT = 14
|
98
|
+
end
|
99
|
+
|
100
|
+
# MITRE ATT&CK techniques that can be referenced by SCC findings.
|
101
|
+
# See: https://attack.mitre.org/techniques/enterprise/
|
102
|
+
# Next ID: 59
|
103
|
+
module Technique
|
104
|
+
# Unspecified value.
|
105
|
+
TECHNIQUE_UNSPECIFIED = 0
|
106
|
+
|
107
|
+
# T1036
|
108
|
+
MASQUERADING = 49
|
109
|
+
|
110
|
+
# T1036.005
|
111
|
+
MATCH_LEGITIMATE_NAME_OR_LOCATION = 50
|
112
|
+
|
113
|
+
# T1037
|
114
|
+
BOOT_OR_LOGON_INITIALIZATION_SCRIPTS = 37
|
115
|
+
|
116
|
+
# T1037.005
|
117
|
+
STARTUP_ITEMS = 38
|
118
|
+
|
119
|
+
# T1046
|
120
|
+
NETWORK_SERVICE_DISCOVERY = 32
|
121
|
+
|
122
|
+
# T1057
|
123
|
+
PROCESS_DISCOVERY = 56
|
124
|
+
|
125
|
+
# T1059
|
126
|
+
COMMAND_AND_SCRIPTING_INTERPRETER = 6
|
127
|
+
|
128
|
+
# T1059.004
|
129
|
+
UNIX_SHELL = 7
|
130
|
+
|
131
|
+
# T1069
|
132
|
+
PERMISSION_GROUPS_DISCOVERY = 18
|
133
|
+
|
134
|
+
# T1069.003
|
135
|
+
CLOUD_GROUPS = 19
|
136
|
+
|
137
|
+
# T1071
|
138
|
+
APPLICATION_LAYER_PROTOCOL = 45
|
139
|
+
|
140
|
+
# T1071.004
|
141
|
+
DNS = 46
|
142
|
+
|
143
|
+
# T1072
|
144
|
+
SOFTWARE_DEPLOYMENT_TOOLS = 47
|
145
|
+
|
146
|
+
# T1078
|
147
|
+
VALID_ACCOUNTS = 14
|
148
|
+
|
149
|
+
# T1078.001
|
150
|
+
DEFAULT_ACCOUNTS = 35
|
151
|
+
|
152
|
+
# T1078.003
|
153
|
+
LOCAL_ACCOUNTS = 15
|
154
|
+
|
155
|
+
# T1078.004
|
156
|
+
CLOUD_ACCOUNTS = 16
|
157
|
+
|
158
|
+
# T1090
|
159
|
+
PROXY = 9
|
160
|
+
|
161
|
+
# T1090.002
|
162
|
+
EXTERNAL_PROXY = 10
|
163
|
+
|
164
|
+
# T1090.003
|
165
|
+
MULTI_HOP_PROXY = 11
|
166
|
+
|
167
|
+
# T1098
|
168
|
+
ACCOUNT_MANIPULATION = 22
|
169
|
+
|
170
|
+
# T1098.001
|
171
|
+
ADDITIONAL_CLOUD_CREDENTIALS = 40
|
172
|
+
|
173
|
+
# T1098.004
|
174
|
+
SSH_AUTHORIZED_KEYS = 23
|
175
|
+
|
176
|
+
# T1098.006
|
177
|
+
ADDITIONAL_CONTAINER_CLUSTER_ROLES = 58
|
178
|
+
|
179
|
+
# T1105
|
180
|
+
INGRESS_TOOL_TRANSFER = 3
|
181
|
+
|
182
|
+
# T1106
|
183
|
+
NATIVE_API = 4
|
184
|
+
|
185
|
+
# T1110
|
186
|
+
BRUTE_FORCE = 44
|
187
|
+
|
188
|
+
# T1129
|
189
|
+
SHARED_MODULES = 5
|
190
|
+
|
191
|
+
# T1134
|
192
|
+
ACCESS_TOKEN_MANIPULATION = 33
|
193
|
+
|
194
|
+
# T1134.001
|
195
|
+
TOKEN_IMPERSONATION_OR_THEFT = 39
|
196
|
+
|
197
|
+
# T1190
|
198
|
+
EXPLOIT_PUBLIC_FACING_APPLICATION = 27
|
199
|
+
|
200
|
+
# T1484
|
201
|
+
DOMAIN_POLICY_MODIFICATION = 30
|
202
|
+
|
203
|
+
# T1485
|
204
|
+
DATA_DESTRUCTION = 29
|
205
|
+
|
206
|
+
# T1489
|
207
|
+
SERVICE_STOP = 52
|
208
|
+
|
209
|
+
# T1490
|
210
|
+
INHIBIT_SYSTEM_RECOVERY = 36
|
211
|
+
|
212
|
+
# T1496
|
213
|
+
RESOURCE_HIJACKING = 8
|
214
|
+
|
215
|
+
# T1498
|
216
|
+
NETWORK_DENIAL_OF_SERVICE = 17
|
217
|
+
|
218
|
+
# T1526
|
219
|
+
CLOUD_SERVICE_DISCOVERY = 48
|
220
|
+
|
221
|
+
# T1528
|
222
|
+
STEAL_APPLICATION_ACCESS_TOKEN = 42
|
223
|
+
|
224
|
+
# T1531
|
225
|
+
ACCOUNT_ACCESS_REMOVAL = 51
|
226
|
+
|
227
|
+
# T1539
|
228
|
+
STEAL_WEB_SESSION_COOKIE = 25
|
229
|
+
|
230
|
+
# T1543
|
231
|
+
CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
|
232
|
+
|
233
|
+
# T1548
|
234
|
+
ABUSE_ELEVATION_CONTROL_MECHANISM = 34
|
235
|
+
|
236
|
+
# T1552
|
237
|
+
UNSECURED_CREDENTIALS = 13
|
238
|
+
|
239
|
+
# T1556
|
240
|
+
MODIFY_AUTHENTICATION_PROCESS = 28
|
241
|
+
|
242
|
+
# T1562
|
243
|
+
IMPAIR_DEFENSES = 31
|
244
|
+
|
245
|
+
# T1562.001
|
246
|
+
DISABLE_OR_MODIFY_TOOLS = 55
|
247
|
+
|
248
|
+
# T1567
|
249
|
+
EXFILTRATION_OVER_WEB_SERVICE = 20
|
250
|
+
|
251
|
+
# T1567.002
|
252
|
+
EXFILTRATION_TO_CLOUD_STORAGE = 21
|
253
|
+
|
254
|
+
# T1568
|
255
|
+
DYNAMIC_RESOLUTION = 12
|
256
|
+
|
257
|
+
# T1570
|
258
|
+
LATERAL_TOOL_TRANSFER = 41
|
259
|
+
|
260
|
+
# T1578
|
261
|
+
MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
|
262
|
+
|
263
|
+
# T1578.001
|
264
|
+
CREATE_SNAPSHOT = 54
|
265
|
+
|
266
|
+
# T1580
|
267
|
+
CLOUD_INFRASTRUCTURE_DISCOVERY = 53
|
268
|
+
|
269
|
+
# T1588
|
270
|
+
OBTAIN_CAPABILITIES = 43
|
271
|
+
|
272
|
+
# T1595
|
273
|
+
ACTIVE_SCANNING = 1
|
274
|
+
|
275
|
+
# T1595.001
|
276
|
+
SCANNING_IP_BLOCKS = 2
|
277
|
+
|
278
|
+
# T1613
|
279
|
+
CONTAINER_AND_RESOURCE_DISCOVERY = 57
|
280
|
+
end
|
281
|
+
end
|
282
|
+
end
|
283
|
+
end
|
284
|
+
end
|
285
|
+
end
|