google-cloud-security_center-v2 0.a → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +122 -0
- data/README.md +144 -8
- data/lib/google/cloud/security_center/v2/rest.rb +37 -0
- data/lib/google/cloud/security_center/v2/security_center/client.rb +4771 -0
- data/lib/google/cloud/security_center/v2/security_center/credentials.rb +51 -0
- data/lib/google/cloud/security_center/v2/security_center/operations.rb +809 -0
- data/lib/google/cloud/security_center/v2/security_center/paths.rb +973 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/client.rb +4390 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/operations.rb +901 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/service_stub.rb +3165 -0
- data/lib/google/cloud/security_center/v2/security_center/rest.rb +53 -0
- data/lib/google/cloud/security_center/v2/security_center.rb +56 -0
- data/lib/google/cloud/security_center/v2/version.rb +7 -2
- data/lib/google/cloud/security_center/v2.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/access_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/application_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/attack_exposure_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/attack_path_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/backup_disaster_recovery_pb.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/bigquery_export_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/cloud_dlp_data_profile_pb.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/cloud_dlp_inspection_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/compliance_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/connection_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/contact_details_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/container_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/database_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/exfiltration_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/external_system_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/file_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/finding_pb.rb +109 -0
- data/lib/google/cloud/securitycenter/v2/group_membership_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/iam_binding_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/indicator_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/kernel_rootkit_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/kubernetes_pb.rb +57 -0
- data/lib/google/cloud/securitycenter/v2/label_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/load_balancer_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/log_entry_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/mitre_attack_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/mute_config_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v2/notification_config_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/notification_message_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/org_policy_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/process_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/resource_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/resource_value_config_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/security_marks_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/security_posture_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/securitycenter_service_pb.rb +128 -0
- data/lib/google/cloud/securitycenter/v2/securitycenter_service_services_pb.rb +167 -0
- data/lib/google/cloud/securitycenter/v2/simulation_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/source_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/toxic_combination_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/valued_resource_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/vulnerability_pb.rb +58 -0
- data/lib/google-cloud-security_center-v2.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/client.rb +399 -0
- data/proto_docs/google/api/field_behavior.rb +85 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/api/resource.rb +222 -0
- data/proto_docs/google/api/routing.rb +459 -0
- data/proto_docs/google/cloud/securitycenter/v2/access.rb +120 -0
- data/proto_docs/google/cloud/securitycenter/v2/application.rb +40 -0
- data/proto_docs/google/cloud/securitycenter/v2/attack_exposure.rb +73 -0
- data/proto_docs/google/cloud/securitycenter/v2/attack_path.rb +147 -0
- data/proto_docs/google/cloud/securitycenter/v2/backup_disaster_recovery.rb +90 -0
- data/proto_docs/google/cloud/securitycenter/v2/bigquery_export.rb +96 -0
- data/proto_docs/google/cloud/securitycenter/v2/cloud_dlp_data_profile.rb +52 -0
- data/proto_docs/google/cloud/securitycenter/v2/cloud_dlp_inspection.rb +50 -0
- data/proto_docs/google/cloud/securitycenter/v2/compliance.rb +43 -0
- data/proto_docs/google/cloud/securitycenter/v2/connection.rb +70 -0
- data/proto_docs/google/cloud/securitycenter/v2/contact_details.rb +44 -0
- data/proto_docs/google/cloud/securitycenter/v2/container.rb +49 -0
- data/proto_docs/google/cloud/securitycenter/v2/database.rb +67 -0
- data/proto_docs/google/cloud/securitycenter/v2/exfiltration.rb +64 -0
- data/proto_docs/google/cloud/securitycenter/v2/external_system.rb +106 -0
- data/proto_docs/google/cloud/securitycenter/v2/file.rb +72 -0
- data/proto_docs/google/cloud/securitycenter/v2/finding.rb +427 -0
- data/proto_docs/google/cloud/securitycenter/v2/group_membership.rb +48 -0
- data/proto_docs/google/cloud/securitycenter/v2/iam_binding.rb +56 -0
- data/proto_docs/google/cloud/securitycenter/v2/indicator.rb +112 -0
- data/proto_docs/google/cloud/securitycenter/v2/kernel_rootkit.rb +66 -0
- data/proto_docs/google/cloud/securitycenter/v2/kubernetes.rb +241 -0
- data/proto_docs/google/cloud/securitycenter/v2/label.rb +41 -0
- data/proto_docs/google/cloud/securitycenter/v2/load_balancer.rb +36 -0
- data/proto_docs/google/cloud/securitycenter/v2/log_entry.rb +58 -0
- data/proto_docs/google/cloud/securitycenter/v2/mitre_attack.rb +285 -0
- data/proto_docs/google/cloud/securitycenter/v2/mute_config.rb +100 -0
- data/proto_docs/google/cloud/securitycenter/v2/notification_config.rb +90 -0
- data/proto_docs/google/cloud/securitycenter/v2/notification_message.rb +42 -0
- data/proto_docs/google/cloud/securitycenter/v2/org_policy.rb +37 -0
- data/proto_docs/google/cloud/securitycenter/v2/process.rb +79 -0
- data/proto_docs/google/cloud/securitycenter/v2/resource.rb +42 -0
- data/proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb +122 -0
- data/proto_docs/google/cloud/securitycenter/v2/security_marks.rb +84 -0
- data/proto_docs/google/cloud/securitycenter/v2/security_posture.rb +83 -0
- data/proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb +1136 -0
- data/proto_docs/google/cloud/securitycenter/v2/simulation.rb +43 -0
- data/proto_docs/google/cloud/securitycenter/v2/source.rb +65 -0
- data/proto_docs/google/cloud/securitycenter/v2/toxic_combination.rb +46 -0
- data/proto_docs/google/cloud/securitycenter/v2/valued_resource.rb +86 -0
- data/proto_docs/google/cloud/securitycenter/v2/vulnerability.rb +333 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +87 -0
- data/proto_docs/google/iam/v1/options.rb +50 -0
- data/proto_docs/google/iam/v1/policy.rb +426 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +145 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +34 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/struct.rb +96 -0
- data/proto_docs/google/protobuf/timestamp.rb +127 -0
- data/proto_docs/google/rpc/status.rb +48 -0
- data/proto_docs/google/type/expr.rb +75 -0
- metadata +173 -10
@@ -0,0 +1,120 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Represents an access event.
|
25
|
+
# @!attribute [rw] principal_email
|
26
|
+
# @return [::String]
|
27
|
+
# Associated email, such as "foo@google.com".
|
28
|
+
#
|
29
|
+
# The email address of the authenticated user or a service account acting on
|
30
|
+
# behalf of a third party principal making the request. For third party
|
31
|
+
# identity callers, the `principal_subject` field is populated instead of
|
32
|
+
# this field. For privacy reasons, the principal email address is sometimes
|
33
|
+
# redacted. For more information, see [Caller identities in audit
|
34
|
+
# logs](https://cloud.google.com/logging/docs/audit#user-id).
|
35
|
+
# @!attribute [rw] caller_ip
|
36
|
+
# @return [::String]
|
37
|
+
# Caller's IP address, such as "1.1.1.1".
|
38
|
+
# @!attribute [rw] caller_ip_geo
|
39
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Geolocation]
|
40
|
+
# The caller IP's geolocation, which identifies where the call came from.
|
41
|
+
# @!attribute [rw] user_agent_family
|
42
|
+
# @return [::String]
|
43
|
+
# Type of user agent associated with the finding. For example, an operating
|
44
|
+
# system shell or an embedded or standalone application.
|
45
|
+
# @!attribute [rw] user_agent
|
46
|
+
# @return [::String]
|
47
|
+
# The caller's user agent string associated with the finding.
|
48
|
+
# @!attribute [rw] service_name
|
49
|
+
# @return [::String]
|
50
|
+
# This is the API service that the service account made a call to, e.g.
|
51
|
+
# "iam.googleapis.com"
|
52
|
+
# @!attribute [rw] method_name
|
53
|
+
# @return [::String]
|
54
|
+
# The method that the service account called, e.g. "SetIamPolicy".
|
55
|
+
# @!attribute [rw] principal_subject
|
56
|
+
# @return [::String]
|
57
|
+
# A string that represents the principal_subject that is associated with the
|
58
|
+
# identity. Unlike `principal_email`, `principal_subject` supports principals
|
59
|
+
# that aren't associated with email addresses, such as third party
|
60
|
+
# principals. For most identities, the format is
|
61
|
+
# `principal://iam.googleapis.com/{identity pool name}/subject/{subject}`.
|
62
|
+
# Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD,
|
63
|
+
# still use the legacy format `serviceAccount:{identity pool
|
64
|
+
# name}[\\{subject}]`.
|
65
|
+
# @!attribute [rw] service_account_key_name
|
66
|
+
# @return [::String]
|
67
|
+
# The name of the service account key that was used to create or exchange
|
68
|
+
# credentials when authenticating the service account that made the request.
|
69
|
+
# This is a scheme-less URI full resource name. For example:
|
70
|
+
#
|
71
|
+
# "//iam.googleapis.com/projects/\\{PROJECT_ID}/serviceAccounts/\\{ACCOUNT}/keys/\\{key}".
|
72
|
+
# @!attribute [rw] service_account_delegation_info
|
73
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::ServiceAccountDelegationInfo>]
|
74
|
+
# The identity delegation history of an authenticated service account that
|
75
|
+
# made the request. The `serviceAccountDelegationInfo[]` object contains
|
76
|
+
# information about the real authorities that try to access Google Cloud
|
77
|
+
# resources by delegating on a service account. When multiple authorities are
|
78
|
+
# present, they are guaranteed to be sorted based on the original ordering of
|
79
|
+
# the identity delegation events.
|
80
|
+
# @!attribute [rw] user_name
|
81
|
+
# @return [::String]
|
82
|
+
# A string that represents a username. The username provided depends on the
|
83
|
+
# type of the finding and is likely not an IAM principal. For example, this
|
84
|
+
# can be a system username if the finding is related to a virtual machine, or
|
85
|
+
# it can be an application login username.
|
86
|
+
class Access
|
87
|
+
include ::Google::Protobuf::MessageExts
|
88
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
89
|
+
end
|
90
|
+
|
91
|
+
# Identity delegation history of an authenticated service account.
|
92
|
+
# @!attribute [rw] principal_email
|
93
|
+
# @return [::String]
|
94
|
+
# The email address of a Google account.
|
95
|
+
# @!attribute [rw] principal_subject
|
96
|
+
# @return [::String]
|
97
|
+
# A string representing the principal_subject associated with the identity.
|
98
|
+
# As compared to `principal_email`, supports principals that aren't
|
99
|
+
# associated with email addresses, such as third party principals. For most
|
100
|
+
# identities, the format will be `principal://iam.googleapis.com/{identity
|
101
|
+
# pool name}/subjects/\\{subject}` except for some GKE identities
|
102
|
+
# (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
|
103
|
+
# format `serviceAccount:{identity pool name}[{subject}]`
|
104
|
+
class ServiceAccountDelegationInfo
|
105
|
+
include ::Google::Protobuf::MessageExts
|
106
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
107
|
+
end
|
108
|
+
|
109
|
+
# Represents a geographical location for a given access.
|
110
|
+
# @!attribute [rw] region_code
|
111
|
+
# @return [::String]
|
112
|
+
# A CLDR.
|
113
|
+
class Geolocation
|
114
|
+
include ::Google::Protobuf::MessageExts
|
115
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Represents an application associated with a finding.
|
25
|
+
# @!attribute [rw] base_uri
|
26
|
+
# @return [::String]
|
27
|
+
# The base URI that identifies the network location of the application in
|
28
|
+
# which the vulnerability was detected. For example, `http://example.com`.
|
29
|
+
# @!attribute [rw] full_uri
|
30
|
+
# @return [::String]
|
31
|
+
# The full URI with payload that could be used to reproduce the
|
32
|
+
# vulnerability. For example, `http://example.com?p=aMmYgI6H`.
|
33
|
+
class Application
|
34
|
+
include ::Google::Protobuf::MessageExts
|
35
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# An attack exposure contains the results of an attack path simulation run.
|
25
|
+
# @!attribute [rw] score
|
26
|
+
# @return [::Float]
|
27
|
+
# A number between 0 (inclusive) and infinity that represents how important
|
28
|
+
# this finding is to remediate. The higher the score, the more important it
|
29
|
+
# is to remediate.
|
30
|
+
# @!attribute [rw] latest_calculation_time
|
31
|
+
# @return [::Google::Protobuf::Timestamp]
|
32
|
+
# The most recent time the attack exposure was updated on this finding.
|
33
|
+
# @!attribute [rw] attack_exposure_result
|
34
|
+
# @return [::String]
|
35
|
+
# The resource name of the attack path simulation result that contains the
|
36
|
+
# details regarding this attack exposure score.
|
37
|
+
# Example: organizations/123/simulations/456/attackExposureResults/789
|
38
|
+
# @!attribute [r] state
|
39
|
+
# @return [::Google::Cloud::SecurityCenter::V2::AttackExposure::State]
|
40
|
+
# Output only. What state this AttackExposure is in. This captures whether or
|
41
|
+
# not an attack exposure has been calculated or not.
|
42
|
+
# @!attribute [rw] exposed_high_value_resources_count
|
43
|
+
# @return [::Integer]
|
44
|
+
# The number of high value resources that are exposed as a result of this
|
45
|
+
# finding.
|
46
|
+
# @!attribute [rw] exposed_medium_value_resources_count
|
47
|
+
# @return [::Integer]
|
48
|
+
# The number of medium value resources that are exposed as a result of this
|
49
|
+
# finding.
|
50
|
+
# @!attribute [rw] exposed_low_value_resources_count
|
51
|
+
# @return [::Integer]
|
52
|
+
# The number of high value resources that are exposed as a result of this
|
53
|
+
# finding.
|
54
|
+
class AttackExposure
|
55
|
+
include ::Google::Protobuf::MessageExts
|
56
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
57
|
+
|
58
|
+
# This enum defines the various states an AttackExposure can be in.
|
59
|
+
module State
|
60
|
+
# The state is not specified.
|
61
|
+
STATE_UNSPECIFIED = 0
|
62
|
+
|
63
|
+
# The attack exposure has been calculated.
|
64
|
+
CALCULATED = 1
|
65
|
+
|
66
|
+
# The attack exposure has not been calculated.
|
67
|
+
NOT_CALCULATED = 2
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,147 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# A path that an attacker could take to reach an exposed resource.
|
25
|
+
# @!attribute [rw] name
|
26
|
+
# @return [::String]
|
27
|
+
# The attack path name, for example,
|
28
|
+
# `organizations/12/simulations/34/valuedResources/56/attackPaths/78`
|
29
|
+
# @!attribute [rw] path_nodes
|
30
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::AttackPath::AttackPathNode>]
|
31
|
+
# A list of nodes that exist in this attack path.
|
32
|
+
# @!attribute [rw] edges
|
33
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::AttackPath::AttackPathEdge>]
|
34
|
+
# A list of the edges between nodes in this attack path.
|
35
|
+
class AttackPath
|
36
|
+
include ::Google::Protobuf::MessageExts
|
37
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
38
|
+
|
39
|
+
# Represents one point that an attacker passes through in this attack path.
|
40
|
+
# @!attribute [rw] resource
|
41
|
+
# @return [::String]
|
42
|
+
# The name of the resource at this point in the attack path.
|
43
|
+
# The format of the name follows the Cloud Asset Inventory [resource
|
44
|
+
# name
|
45
|
+
# format]("https://cloud.google.com/asset-inventory/docs/resource-name-format")
|
46
|
+
# @!attribute [rw] resource_type
|
47
|
+
# @return [::String]
|
48
|
+
# The [supported resource
|
49
|
+
# type](https://cloud.google.com/asset-inventory/docs/supported-asset-types")
|
50
|
+
# @!attribute [rw] display_name
|
51
|
+
# @return [::String]
|
52
|
+
# Human-readable name of this resource.
|
53
|
+
# @!attribute [rw] associated_findings
|
54
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::AttackPath::AttackPathNode::PathNodeAssociatedFinding>]
|
55
|
+
# The findings associated with this node in the attack path.
|
56
|
+
# @!attribute [rw] uuid
|
57
|
+
# @return [::String]
|
58
|
+
# Unique id of the attack path node.
|
59
|
+
# @!attribute [rw] attack_steps
|
60
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::AttackPath::AttackPathNode::AttackStepNode>]
|
61
|
+
# A list of attack step nodes that exist in this attack path node.
|
62
|
+
class AttackPathNode
|
63
|
+
include ::Google::Protobuf::MessageExts
|
64
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
65
|
+
|
66
|
+
# A finding that is associated with this node in the attack path.
|
67
|
+
# @!attribute [rw] canonical_finding
|
68
|
+
# @return [::String]
|
69
|
+
# Canonical name of the associated findings. Example:
|
70
|
+
# organizations/123/sources/456/findings/789
|
71
|
+
# @!attribute [rw] finding_category
|
72
|
+
# @return [::String]
|
73
|
+
# The additional taxonomy group within findings from a given source.
|
74
|
+
# @!attribute [rw] name
|
75
|
+
# @return [::String]
|
76
|
+
# Full resource name of the finding.
|
77
|
+
class PathNodeAssociatedFinding
|
78
|
+
include ::Google::Protobuf::MessageExts
|
79
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
80
|
+
end
|
81
|
+
|
82
|
+
# Detailed steps the attack can take between path nodes.
|
83
|
+
# @!attribute [rw] uuid
|
84
|
+
# @return [::String]
|
85
|
+
# Unique ID for one Node
|
86
|
+
# @!attribute [rw] type
|
87
|
+
# @return [::Google::Cloud::SecurityCenter::V2::AttackPath::AttackPathNode::NodeType]
|
88
|
+
# Attack step type. Can be either AND, OR or DEFENSE
|
89
|
+
# @!attribute [rw] display_name
|
90
|
+
# @return [::String]
|
91
|
+
# User friendly name of the attack step
|
92
|
+
# @!attribute [rw] labels
|
93
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
94
|
+
# Attack step labels for metadata
|
95
|
+
# @!attribute [rw] description
|
96
|
+
# @return [::String]
|
97
|
+
# Attack step description
|
98
|
+
class AttackStepNode
|
99
|
+
include ::Google::Protobuf::MessageExts
|
100
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
101
|
+
|
102
|
+
# @!attribute [rw] key
|
103
|
+
# @return [::String]
|
104
|
+
# @!attribute [rw] value
|
105
|
+
# @return [::String]
|
106
|
+
class LabelsEntry
|
107
|
+
include ::Google::Protobuf::MessageExts
|
108
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
112
|
+
# The type of the incoming attack step node.
|
113
|
+
module NodeType
|
114
|
+
# Type not specified
|
115
|
+
NODE_TYPE_UNSPECIFIED = 0
|
116
|
+
|
117
|
+
# Incoming edge joined with AND
|
118
|
+
NODE_TYPE_AND = 1
|
119
|
+
|
120
|
+
# Incoming edge joined with OR
|
121
|
+
NODE_TYPE_OR = 2
|
122
|
+
|
123
|
+
# Incoming edge is defense
|
124
|
+
NODE_TYPE_DEFENSE = 3
|
125
|
+
|
126
|
+
# Incoming edge is attacker
|
127
|
+
NODE_TYPE_ATTACKER = 4
|
128
|
+
end
|
129
|
+
end
|
130
|
+
|
131
|
+
# Represents a connection between a source node and a destination node in
|
132
|
+
# this attack path.
|
133
|
+
# @!attribute [rw] source
|
134
|
+
# @return [::String]
|
135
|
+
# The attack node uuid of the source node.
|
136
|
+
# @!attribute [rw] destination
|
137
|
+
# @return [::String]
|
138
|
+
# The attack node uuid of the destination node.
|
139
|
+
class AttackPathEdge
|
140
|
+
include ::Google::Protobuf::MessageExts
|
141
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
142
|
+
end
|
143
|
+
end
|
144
|
+
end
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
@@ -0,0 +1,90 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Information related to Google Cloud Backup and DR Service findings.
|
25
|
+
# @!attribute [rw] backup_template
|
26
|
+
# @return [::String]
|
27
|
+
# The name of a Backup and DR template which comprises one or more backup
|
28
|
+
# policies. See the [Backup and DR
|
29
|
+
# documentation](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#temp)
|
30
|
+
# for more information. For example, `snap-ov`.
|
31
|
+
# @!attribute [rw] policies
|
32
|
+
# @return [::Array<::String>]
|
33
|
+
# The names of Backup and DR policies that are associated with a template
|
34
|
+
# and that define when to run a backup, how frequently to run a backup, and
|
35
|
+
# how long to retain the backup image. For example, `onvaults`.
|
36
|
+
# @!attribute [rw] host
|
37
|
+
# @return [::String]
|
38
|
+
# The name of a Backup and DR host, which is managed by the backup and
|
39
|
+
# recovery appliance and known to the management console. The host can be of
|
40
|
+
# type Generic (for example, Compute Engine, SQL Server, Oracle DB, SMB file
|
41
|
+
# system, etc.), vCenter, or an ESX server. See the [Backup and DR
|
42
|
+
# documentation on
|
43
|
+
# hosts](https://cloud.google.com/backup-disaster-recovery/docs/configuration/manage-hosts-and-their-applications)
|
44
|
+
# for more information. For example, `centos7-01`.
|
45
|
+
# @!attribute [rw] applications
|
46
|
+
# @return [::Array<::String>]
|
47
|
+
# The names of Backup and DR applications. An application is a VM, database,
|
48
|
+
# or file system on a managed host monitored by a backup and recovery
|
49
|
+
# appliance. For example, `centos7-01-vol00`, `centos7-01-vol01`,
|
50
|
+
# `centos7-01-vol02`.
|
51
|
+
# @!attribute [rw] storage_pool
|
52
|
+
# @return [::String]
|
53
|
+
# The name of the Backup and DR storage pool that the backup and recovery
|
54
|
+
# appliance is storing data in. The storage pool could be of type Cloud,
|
55
|
+
# Primary, Snapshot, or OnVault. See the [Backup and DR documentation on
|
56
|
+
# storage
|
57
|
+
# pools](https://cloud.google.com/backup-disaster-recovery/docs/concepts/storage-pools).
|
58
|
+
# For example, `DiskPoolOne`.
|
59
|
+
# @!attribute [rw] policy_options
|
60
|
+
# @return [::Array<::String>]
|
61
|
+
# The names of Backup and DR advanced policy options of a policy applying to
|
62
|
+
# an application. See the [Backup and DR documentation on policy
|
63
|
+
# options](https://cloud.google.com/backup-disaster-recovery/docs/create-plan/policy-settings).
|
64
|
+
# For example, `skipofflineappsincongrp, nounmap`.
|
65
|
+
# @!attribute [rw] profile
|
66
|
+
# @return [::String]
|
67
|
+
# The name of the Backup and DR resource profile that specifies the storage
|
68
|
+
# media for backups of application and VM data. See the [Backup and DR
|
69
|
+
# documentation on
|
70
|
+
# profiles](https://cloud.google.com/backup-disaster-recovery/docs/concepts/backup-plan#profile).
|
71
|
+
# For example, `GCP`.
|
72
|
+
# @!attribute [rw] appliance
|
73
|
+
# @return [::String]
|
74
|
+
# The name of the Backup and DR appliance that captures, moves, and manages
|
75
|
+
# the lifecycle of backup data. For example, `backup-server-57137`.
|
76
|
+
# @!attribute [rw] backup_type
|
77
|
+
# @return [::String]
|
78
|
+
# The backup type of the Backup and DR image.
|
79
|
+
# For example, `Snapshot`, `Remote Snapshot`, `OnVault`.
|
80
|
+
# @!attribute [rw] backup_create_time
|
81
|
+
# @return [::Google::Protobuf::Timestamp]
|
82
|
+
# The timestamp at which the Backup and DR backup was created.
|
83
|
+
class BackupDisasterRecovery
|
84
|
+
include ::Google::Protobuf::MessageExts
|
85
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
@@ -0,0 +1,96 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Configures how to deliver Findings to BigQuery Instance.
|
25
|
+
# @!attribute [rw] name
|
26
|
+
# @return [::String]
|
27
|
+
# The relative resource name of this export. See:
|
28
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name.
|
29
|
+
# The following list shows some examples:
|
30
|
+
#
|
31
|
+
# +
|
32
|
+
# `organizations/{organization_id}/locations/{location_id}/bigQueryExports/{export_id}`
|
33
|
+
# + `folders/{folder_id}/locations/{location_id}/bigQueryExports/{export_id}`
|
34
|
+
# +
|
35
|
+
# `projects/{project_id}/locations/{location_id}/bigQueryExports/{export_id}`
|
36
|
+
#
|
37
|
+
# This field is provided in responses, and is ignored when provided in create
|
38
|
+
# requests.
|
39
|
+
# @!attribute [rw] description
|
40
|
+
# @return [::String]
|
41
|
+
# The description of the export (max of 1024 characters).
|
42
|
+
# @!attribute [rw] filter
|
43
|
+
# @return [::String]
|
44
|
+
# Expression that defines the filter to apply across create/update events
|
45
|
+
# of findings. The expression is a list of zero or more restrictions combined
|
46
|
+
# via logical operators `AND` and `OR`. Parentheses are supported, and `OR`
|
47
|
+
# has higher precedence than `AND`.
|
48
|
+
#
|
49
|
+
# Restrictions have the form `<field> <operator> <value>` and may have a
|
50
|
+
# `-` character in front of them to indicate negation. The fields map to
|
51
|
+
# those defined in the corresponding resource.
|
52
|
+
#
|
53
|
+
# The supported operators are:
|
54
|
+
#
|
55
|
+
# * `=` for all value types.
|
56
|
+
# * `>`, `<`, `>=`, `<=` for integer values.
|
57
|
+
# * `:`, meaning substring matching, for strings.
|
58
|
+
#
|
59
|
+
# The supported value types are:
|
60
|
+
#
|
61
|
+
# * string literals in quotes.
|
62
|
+
# * integer literals without quotes.
|
63
|
+
# * boolean literals `true` and `false` without quotes.
|
64
|
+
# @!attribute [rw] dataset
|
65
|
+
# @return [::String]
|
66
|
+
# The dataset to write findings' updates to. Its format is
|
67
|
+
# "projects/[project_id]/datasets/[bigquery_dataset_id]".
|
68
|
+
# BigQuery Dataset unique ID must contain only letters (a-z, A-Z), numbers
|
69
|
+
# (0-9), or underscores (_).
|
70
|
+
# @!attribute [r] create_time
|
71
|
+
# @return [::Google::Protobuf::Timestamp]
|
72
|
+
# Output only. The time at which the BigQuery export was created.
|
73
|
+
# This field is set by the server and will be ignored if provided on export
|
74
|
+
# on creation.
|
75
|
+
# @!attribute [r] update_time
|
76
|
+
# @return [::Google::Protobuf::Timestamp]
|
77
|
+
# Output only. The most recent time at which the BigQuery export was updated.
|
78
|
+
# This field is set by the server and will be ignored if provided on export
|
79
|
+
# creation or update.
|
80
|
+
# @!attribute [r] most_recent_editor
|
81
|
+
# @return [::String]
|
82
|
+
# Output only. Email address of the user who last edited the BigQuery export.
|
83
|
+
# This field is set by the server and will be ignored if provided on export
|
84
|
+
# creation or update.
|
85
|
+
# @!attribute [r] principal
|
86
|
+
# @return [::String]
|
87
|
+
# Output only. The service account that needs permission to create table and
|
88
|
+
# upload data to the BigQuery dataset.
|
89
|
+
class BigQueryExport
|
90
|
+
include ::Google::Protobuf::MessageExts
|
91
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# The [data profile](https://cloud.google.com/dlp/docs/data-profiles)
|
25
|
+
# associated with the finding.
|
26
|
+
# @!attribute [rw] data_profile
|
27
|
+
# @return [::String]
|
28
|
+
# Name of the data profile, for example,
|
29
|
+
# `projects/123/locations/europe/tableProfiles/8383929`.
|
30
|
+
# @!attribute [rw] parent_type
|
31
|
+
# @return [::Google::Cloud::SecurityCenter::V2::CloudDlpDataProfile::ParentType]
|
32
|
+
# The resource hierarchy level at which the data profile was generated.
|
33
|
+
class CloudDlpDataProfile
|
34
|
+
include ::Google::Protobuf::MessageExts
|
35
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
36
|
+
|
37
|
+
# Parents for configurations that produce data profile findings.
|
38
|
+
module ParentType
|
39
|
+
# Unspecified parent type.
|
40
|
+
PARENT_TYPE_UNSPECIFIED = 0
|
41
|
+
|
42
|
+
# Organization-level configurations.
|
43
|
+
ORGANIZATION = 1
|
44
|
+
|
45
|
+
# Project-level configurations.
|
46
|
+
PROJECT = 2
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection
|
25
|
+
# job](https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced
|
26
|
+
# the finding.
|
27
|
+
# @!attribute [rw] inspect_job
|
28
|
+
# @return [::String]
|
29
|
+
# Name of the inspection job, for example,
|
30
|
+
# `projects/123/locations/europe/dlpJobs/i-8383929`.
|
31
|
+
# @!attribute [rw] info_type
|
32
|
+
# @return [::String]
|
33
|
+
# The type of information (or
|
34
|
+
# *[infoType](https://cloud.google.com/dlp/docs/infotypes-reference)*) found,
|
35
|
+
# for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
|
36
|
+
# @!attribute [rw] info_type_count
|
37
|
+
# @return [::Integer]
|
38
|
+
# The number of times Cloud DLP found this infoType within this job
|
39
|
+
# and resource.
|
40
|
+
# @!attribute [rw] full_scan
|
41
|
+
# @return [::Boolean]
|
42
|
+
# Whether Cloud DLP scanned the complete resource or a sampled subset.
|
43
|
+
class CloudDlpInspection
|
44
|
+
include ::Google::Protobuf::MessageExts
|
45
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|