google-cloud-security_center-v2 0.a → 0.1.0

data/proto_docs/google/cloud/securitycenter/v2/mute_config.rb

@@ -0,0 +1,100 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # A mute config is a Cloud SCC resource that contains the configuration
+        # to mute create/update events of findings.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     This field will be ignored if provided on config creation. The following
+        #     list shows some examples of the format:
+        #
+        #     + `organizations/{organization}/muteConfigs/{mute_config}`
+        #     +
+        #     `organizations/{organization}locations/{location}//muteConfigs/{mute_config}`
+        #     + `folders/{folder}/muteConfigs/{mute_config}`
+        #     + `folders/{folder}/locations/{location}/muteConfigs/{mute_config}`
+        #     + `projects/{project}/muteConfigs/{mute_config}`
+        #     + `projects/{project}/locations/{location}/muteConfigs/{mute_config}`
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     A description of the mute config.
+        # @!attribute [rw] filter
+        #   @return [::String]
+        #     Required. An expression that defines the filter to apply across
+        #     create/update events of findings. While creating a filter string, be
+        #     mindful of the scope in which the mute configuration is being created.
+        #     E.g., If a filter contains project = X but is created under the project = Y
+        #     scope, it might not match any findings.
+        #
+        #     The following field and operator combinations are supported:
+        #
+        #     * severity: `=`, `:`
+        #     * category: `=`, `:`
+        #     * resource.name: `=`, `:`
+        #     * resource.project_name: `=`, `:`
+        #     * resource.project_display_name: `=`, `:`
+        #     * resource.folders.resource_folder: `=`, `:`
+        #     * resource.parent_name: `=`, `:`
+        #     * resource.parent_display_name: `=`, `:`
+        #     * resource.type: `=`, `:`
+        #     * finding_class: `=`, `:`
+        #     * indicator.ip_addresses: `=`, `:`
+        #     * indicator.domains: `=`, `:`
+        # @!attribute [r] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the mute config was created.
+        #     This field is set by the server and will be ignored if provided on config
+        #     creation.
+        # @!attribute [r] update_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The most recent time at which the mute config was updated.
+        #     This field is set by the server and will be ignored if provided on config
+        #     creation or update.
+        # @!attribute [r] most_recent_editor
+        #   @return [::String]
+        #     Output only. Email address of the user who last edited the mute config.
+        #     This field is set by the server and will be ignored if provided on config
+        #     creation or update.
+        # @!attribute [rw] type
+        #   @return [::Google::Cloud::SecurityCenter::V2::MuteConfig::MuteConfigType]
+        #     Required. The type of the mute config, which determines what type of mute
+        #     state the config affects. Immutable after creation.
+        class MuteConfig
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The type of MuteConfig.
+          module MuteConfigType
+            # Unused.
+            MUTE_CONFIG_TYPE_UNSPECIFIED = 0
+
+            # A static mute config, which sets the static mute state of future matching
+            # findings to muted. Once the static mute state has been set, finding or
+            # config modifications will not affect the state.
+            STATIC = 1
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/notification_config.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Cloud Security Command Center (Cloud SCC) notification configs.
+        #
+        # A notification config is a Cloud SCC resource that contains the configuration
+        # to send notifications for create/update events of findings, assets and etc.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The relative resource name of this notification config. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     The following list shows some examples:
+        #     +
+        #     `organizations/{organization_id}/locations/{location_id}/notificationConfigs/notify_public_bucket`
+        #     +
+        #     `folders/{folder_id}/locations/{location_id}/notificationConfigs/notify_public_bucket`
+        #     +
+        #     `projects/{project_id}/locations/{location_id}/notificationConfigs/notify_public_bucket`
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     The description of the notification config (max of 1024 characters).
+        # @!attribute [rw] pubsub_topic
+        #   @return [::String]
+        #     The Pub/Sub topic to send notifications to. Its format is
+        #     "projects/[project_id]/topics/[topic]".
+        # @!attribute [r] service_account
+        #   @return [::String]
+        #     Output only. The service account that needs "pubsub.topics.publish"
+        #     permission to publish to the Pub/Sub topic.
+        # @!attribute [rw] streaming_config
+        #   @return [::Google::Cloud::SecurityCenter::V2::NotificationConfig::StreamingConfig]
+        #     The config for triggering streaming-based notifications.
+        class NotificationConfig
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The config for streaming-based notifications, which send each event as soon
+          # as it is detected.
+          # @!attribute [rw] filter
+          #   @return [::String]
+          #     Expression that defines the filter to apply across create/update events
+          #     of assets or findings as specified by the event type. The expression is a
+          #     list of zero or more restrictions combined via logical operators `AND`
+          #     and `OR`. Parentheses are supported, and `OR` has higher precedence than
+          #     `AND`.
+          #
+          #     Restrictions have the form `<field> <operator> <value>` and may have a
+          #     `-` character in front of them to indicate negation. The fields map to
+          #     those defined in the corresponding resource.
+          #
+          #     The supported operators are:
+          #
+          #     * `=` for all value types.
+          #     * `>`, `<`, `>=`, `<=` for integer values.
+          #     * `:`, meaning substring matching, for strings.
+          #
+          #     The supported value types are:
+          #
+          #     * string literals in quotes.
+          #     * integer literals without quotes.
+          #     * boolean literals `true` and `false` without quotes.
+          class StreamingConfig
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/notification_message.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Cloud SCC's Notification
+        # @!attribute [rw] notification_config_name
+        #   @return [::String]
+        #     Name of the notification config that generated current notification.
+        # @!attribute [rw] finding
+        #   @return [::Google::Cloud::SecurityCenter::V2::Finding]
+        #     If it's a Finding based notification config, this field will be
+        #     populated.
+        # @!attribute [rw] resource
+        #   @return [::Google::Cloud::SecurityCenter::V2::Resource]
+        #     The Cloud resource tied to this notification's Finding.
+        class NotificationMessage
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/org_policy.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Contains information about the org policies associated with the finding.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The resource name of the org policy.
+        #     Example:
+        #     "organizations/\\{organization_id}/policies/\\{constraint_name}"
+        class OrgPolicy
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/process.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Represents an operating system process.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The process name, as displayed in utilities like `top` and `ps`. This name
+        #     can be accessed through `/proc/[pid]/comm` and changed with
+        #     `prctl(PR_SET_NAME)`.
+        # @!attribute [rw] binary
+        #   @return [::Google::Cloud::SecurityCenter::V2::File]
+        #     File information for the process executable.
+        # @!attribute [rw] libraries
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::File>]
+        #     File information for libraries loaded by the process.
+        # @!attribute [rw] script
+        #   @return [::Google::Cloud::SecurityCenter::V2::File]
+        #     When the process represents the invocation of a script, `binary` provides
+        #     information about the interpreter, while `script` provides information
+        #     about the script file provided to the interpreter.
+        # @!attribute [rw] args
+        #   @return [::Array<::String>]
+        #     Process arguments as JSON encoded strings.
+        # @!attribute [rw] arguments_truncated
+        #   @return [::Boolean]
+        #     True if `args` is incomplete.
+        # @!attribute [rw] env_variables
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::EnvironmentVariable>]
+        #     Process environment variables.
+        # @!attribute [rw] env_variables_truncated
+        #   @return [::Boolean]
+        #     True if `env_variables` is incomplete.
+        # @!attribute [rw] pid
+        #   @return [::Integer]
+        #     The process ID.
+        # @!attribute [rw] parent_pid
+        #   @return [::Integer]
+        #     The parent process ID.
+        class Process
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # A name-value pair representing an environment variable used in an operating
+        # system process.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Environment variable name as a JSON encoded string.
+        # @!attribute [rw] val
+        #   @return [::String]
+        #     Environment variable value as a JSON encoded string.
+        class EnvironmentVariable
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/resource.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Information related to the Google Cloud resource.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The full resource name of the resource. See:
+        #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     The human readable name of the resource.
+        # @!attribute [rw] type
+        #   @return [::String]
+        #     The full resource type of the resource.
+        class Resource
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb

@@ -0,0 +1,122 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # A resource value config (RVC) is a mapping configuration of user's resources
+        # to resource values. Used in Attack path simulations.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Name for the resource value config
+        # @!attribute [rw] resource_value
+        #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
+        #     Resource value level this expression represents
+        #     Only required when there is no SDP mapping in the request
+        # @!attribute [rw] tag_values
+        #   @return [::Array<::String>]
+        #     Required. Tag values combined with AND to check against.
+        #     Values in the form "tagValues/123"
+        #     E.g. [ "tagValues/123", "tagValues/456", "tagValues/789" ]
+        #     https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
+        # @!attribute [rw] resource_type
+        #   @return [::String]
+        #     Apply resource_value only to resources that match resource_type.
+        #     resource_type will be checked with "AND" of other resources.
+        #     E.g. "storage.googleapis.com/Bucket" with resource_value "HIGH" will
+        #     apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.
+        # @!attribute [rw] scope
+        #   @return [::String]
+        #     Project or folder to scope this config to.
+        #     For example, "project/456" would apply this config only to resources in
+        #     "project/456"
+        #     scope will be checked with "AND" of other resources.
+        # @!attribute [rw] resource_labels_selector
+        #   @return [::Google::Protobuf::Map{::String => ::String}]
+        #     List of resource labels to search for, evaluated with AND.
+        #     E.g. "resource_labels_selector": \\{"key": "value", "env": "prod"}
+        #     will match resources with labels "key": "value" AND "env": "prod"
+        #     https://cloud.google.com/resource-manager/docs/creating-managing-labels
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     Description of the resource value config.
+        # @!attribute [r] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. Timestamp this resource value config was created.
+        # @!attribute [r] update_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. Timestamp this resource value config was last updated.
+        # @!attribute [rw] sensitive_data_protection_mapping
+        #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValueConfig::SensitiveDataProtectionMapping]
+        #     A mapping of the sensitivity on Sensitive Data Protection finding to
+        #     resource values. This mapping can only be used in combination with a
+        #     resource_type that is related to BigQuery, e.g.
+        #     "bigquery.googleapis.com/Dataset".
+        class ResourceValueConfig
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Resource value mapping for Sensitive Data Protection findings
+          # If any of these mappings have a resource value that is not unspecified,
+          # the resource_value field will be ignored when reading this configuration.
+          # @!attribute [rw] high_sensitivity_mapping
+          #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
+          #     Resource value mapping for high-sensitivity Sensitive Data Protection
+          #     findings
+          # @!attribute [rw] medium_sensitivity_mapping
+          #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
+          #     Resource value mapping for medium-sensitivity Sensitive Data Protection
+          #     findings
+          class SensitiveDataProtectionMapping
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # @!attribute [rw] key
+          #   @return [::String]
+          # @!attribute [rw] value
+          #   @return [::String]
+          class ResourceLabelsSelectorEntry
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+
+        # Value enum to map to a resource
+        module ResourceValue
+          # Unspecific value
+          RESOURCE_VALUE_UNSPECIFIED = 0
+
+          # High resource value
+          HIGH = 1
+
+          # Medium resource value
+          MEDIUM = 2
+
+          # Low resource value
+          LOW = 3
+
+          # No resource value, e.g. ignore these resources
+          NONE = 4
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/security_marks.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # User specified security marks that are attached to the parent Security
+        # Command Center resource. Security marks are scoped within a Security Command
+        # Center organization -- they can be modified and viewed by all users who have
+        # proper permissions on the organization.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The relative resource name of the SecurityMarks. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     The following list shows some examples:
+        #
+        #     + `organizations/{organization_id}/assets/{asset_id}/securityMarks`
+        #     +
+        #     `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks`
+        #     +
+        #     `organizations/{organization_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks`
+        # @!attribute [rw] marks
+        #   @return [::Google::Protobuf::Map{::String => ::String}]
+        #     Mutable user specified security marks belonging to the parent resource.
+        #     Constraints are as follows:
+        #
+        #       * Keys and values are treated as case insensitive
+        #       * Keys must be between 1 - 256 characters (inclusive)
+        #       * Keys must be letters, numbers, underscores, or dashes
+        #       * Values have leading and trailing whitespace trimmed, remaining
+        #         characters must be between 1 - 4096 characters (inclusive)
+        # @!attribute [rw] canonical_name
+        #   @return [::String]
+        #     The canonical name of the marks. The following list shows some examples:
+        #
+        #     + `organizations/{organization_id}/assets/{asset_id}/securityMarks`
+        #     +
+        #     `organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks`
+        #     +
+        #     `organizations/{organization_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks`
+        #     + `folders/{folder_id}/assets/{asset_id}/securityMarks`
+        #     +
+        #     `folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks`
+        #     +
+        #     `folders/{folder_id}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks`
+        #     + `projects/{project_number}/assets/{asset_id}/securityMarks`
+        #     +
+        #     `projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks`
+        #     +
+        #     `projects/{project_number}/sources/{source_id}/locations/{location}/findings/{finding_id}/securityMarks`
+        class SecurityMarks
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # @!attribute [rw] key
+          #   @return [::String]
+          # @!attribute [rw] value
+          #   @return [::String]
+          class MarksEntry
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end