google-cloud-security_center-v2 0.a → 0.2.0

data/proto_docs/google/cloud/securitycenter/v2/kernel_rootkit.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Kernel mode rootkit signatures.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Rootkit name, when available.
+        # @!attribute [rw] unexpected_code_modification
+        #   @return [::Boolean]
+        #     True if unexpected modifications of kernel code memory are present.
+        # @!attribute [rw] unexpected_read_only_data_modification
+        #   @return [::Boolean]
+        #     True if unexpected modifications of kernel read-only data memory are
+        #     present.
+        # @!attribute [rw] unexpected_ftrace_handler
+        #   @return [::Boolean]
+        #     True if `ftrace` points are present with callbacks pointing to regions
+        #     that are not in the expected kernel or module code range.
+        # @!attribute [rw] unexpected_kprobe_handler
+        #   @return [::Boolean]
+        #     True if `kprobe` points are present with callbacks pointing to regions
+        #     that are not in the expected kernel or module code range.
+        # @!attribute [rw] unexpected_kernel_code_pages
+        #   @return [::Boolean]
+        #     True if kernel code pages that are not in the expected kernel or module
+        #     code regions are present.
+        # @!attribute [rw] unexpected_system_call_handler
+        #   @return [::Boolean]
+        #     True if system call handlers that are are not in the expected kernel or
+        #     module code regions are present.
+        # @!attribute [rw] unexpected_interrupt_handler
+        #   @return [::Boolean]
+        #     True if interrupt handlers that are are not in the expected kernel or
+        #     module code regions are present.
+        # @!attribute [rw] unexpected_processes_in_runqueue
+        #   @return [::Boolean]
+        #     True if unexpected processes in the scheduler run queue are present. Such
+        #     processes are in the run queue, but not in the process task list.
+        class KernelRootkit
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/kubernetes.rb

@@ -0,0 +1,241 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Kubernetes-related attributes.
+        # @!attribute [rw] pods
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Pod>]
+        #     Kubernetes
+        #     [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
+        #     associated with the finding. This field contains Pod records for each
+        #     container that is owned by a Pod.
+        # @!attribute [rw] nodes
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Node>]
+        #     Provides Kubernetes
+        #     [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes)
+        #     information.
+        # @!attribute [rw] node_pools
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::NodePool>]
+        #     GKE [node
+        #     pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools)
+        #     associated with the finding. This field contains node pool information for
+        #     each node, when it is available.
+        # @!attribute [rw] roles
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Role>]
+        #     Provides Kubernetes role information for findings that involve [Roles or
+        #     ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
+        # @!attribute [rw] bindings
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Binding>]
+        #     Provides Kubernetes role binding information for findings that involve
+        #     [RoleBindings or
+        #     ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
+        # @!attribute [rw] access_reviews
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::AccessReview>]
+        #     Provides information on any Kubernetes access reviews (privilege checks)
+        #     relevant to the finding.
+        # @!attribute [rw] objects
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Object>]
+        #     Kubernetes objects related to the finding.
+        class Kubernetes
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # A Kubernetes Pod.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Kubernetes Pod namespace.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes Pod name.
+          # @!attribute [rw] labels
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Label>]
+          #     Pod labels.  For Kubernetes containers, these are applied to the
+          #     container.
+          # @!attribute [rw] containers
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Container>]
+          #     Pod containers associated with this finding, if any.
+          class Pod
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Kubernetes nodes associated with the finding.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
+          #     the Compute Engine VM running the cluster node.
+          class Node
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Provides GKE node pool information.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes node pool name.
+          # @!attribute [rw] nodes
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Node>]
+          #     Nodes associated with the finding.
+          class NodePool
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Kubernetes Role or ClusterRole.
+          # @!attribute [rw] kind
+          #   @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Role::Kind]
+          #     Role type.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Role namespace.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Role name.
+          class Role
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Types of Kubernetes roles.
+            module Kind
+              # Role type is not specified.
+              KIND_UNSPECIFIED = 0
+
+              # Kubernetes Role.
+              ROLE = 1
+
+              # Kubernetes ClusterRole.
+              CLUSTER_ROLE = 2
+            end
+          end
+
+          # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace for the binding.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Name for the binding.
+          # @!attribute [rw] role
+          #   @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Role]
+          #     The Role or ClusterRole referenced by the binding.
+          # @!attribute [rw] subjects
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Kubernetes::Subject>]
+          #     Represents one or more subjects that are bound to the role. Not always
+          #     available for PATCH requests.
+          class Binding
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Represents a Kubernetes subject.
+          # @!attribute [rw] kind
+          #   @return [::Google::Cloud::SecurityCenter::V2::Kubernetes::Subject::AuthType]
+          #     Authentication type for the subject.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace for the subject.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Name for the subject.
+          class Subject
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Auth types that can be used for the subject's kind field.
+            module AuthType
+              # Authentication is not specified.
+              AUTH_TYPE_UNSPECIFIED = 0
+
+              # User with valid certificate.
+              USER = 1
+
+              # Users managed by Kubernetes API with credentials stored as secrets.
+              SERVICEACCOUNT = 2
+
+              # Collection of users.
+              GROUP = 3
+            end
+          end
+
+          # Conveys information about a Kubernetes access review (such as one returned
+          # by a [`kubectl auth
+          # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
+          # command) that was involved in a finding.
+          # @!attribute [rw] group
+          #   @return [::String]
+          #     The API group of the resource. "*" means all.
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Namespace of the action being requested. Currently, there is no
+          #     distinction between no namespace and all namespaces.  Both
+          #     are represented by "" (empty).
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     The name of the resource being requested. Empty means all.
+          # @!attribute [rw] resource
+          #   @return [::String]
+          #     The optional resource type requested. "*" means all.
+          # @!attribute [rw] subresource
+          #   @return [::String]
+          #     The optional subresource type.
+          # @!attribute [rw] verb
+          #   @return [::String]
+          #     A Kubernetes resource API verb, like get, list, watch, create, update,
+          #     delete, proxy. "*" means all.
+          # @!attribute [rw] version
+          #   @return [::String]
+          #     The API version of the resource. "*" means all.
+          class AccessReview
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Kubernetes object related to the finding, uniquely identified by GKNN.
+          # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
+          # AccessReview.
+          # @!attribute [rw] group
+          #   @return [::String]
+          #     Kubernetes object group, such as "policy.k8s.io/v1".
+          # @!attribute [rw] kind
+          #   @return [::String]
+          #     Kubernetes object kind, such as "Namespace".
+          # @!attribute [rw] ns
+          #   @return [::String]
+          #     Kubernetes object namespace. Must be a valid DNS label. Named
+          #     "ns" to avoid collision with C++ namespace keyword. For details see
+          #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
+          # @!attribute [rw] name
+          #   @return [::String]
+          #     Kubernetes object name. For details see
+          #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
+          # @!attribute [rw] containers
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V2::Container>]
+          #     Pod containers associated with this finding, if any.
+          class Object
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/label.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Represents a generic name-value label. A label has separate name and value
+        # fields to support filtering with the `contains()` function. For more
+        # information, see [Filtering on array-type
+        # fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering).
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Name of the label.
+        # @!attribute [rw] value
+        #   @return [::String]
+        #     Value that corresponds to the label's name.
+        class Label
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/load_balancer.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # Contains information related to the load balancer associated with the
+        # finding.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     The name of the load balancer associated with the finding.
+        class LoadBalancer
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v2/log_entry.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V2
+        # An individual entry in a log.
+        # @!attribute [rw] cloud_logging_entry
+        #   @return [::Google::Cloud::SecurityCenter::V2::CloudLoggingEntry]
+        #     An individual entry in a log stored in Cloud Logging.
+        class LogEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Metadata taken from a [Cloud Logging
+        # LogEntry](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry)
+        # @!attribute [rw] insert_id
+        #   @return [::String]
+        #     A unique identifier for the log entry.
+        # @!attribute [rw] log_id
+        #   @return [::String]
+        #     The type of the log (part of `log_name`. `log_name` is the resource name of
+        #     the log to which this log entry belongs). For example:
+        #     `cloudresourcemanager.googleapis.com/activity` Note that this field is not
+        #     URL-encoded, unlike in `LogEntry`.
+        # @!attribute [rw] resource_container
+        #   @return [::String]
+        #     The organization, folder, or project of the monitored resource that
+        #     produced this log entry.
+        # @!attribute [rw] timestamp
+        #   @return [::Google::Protobuf::Timestamp]
+        #     The time the event described by the log entry occurred.
+        class CloudLoggingEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end