google-cloud-security_center-v2 0.a → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +122 -0
- data/README.md +144 -8
- data/lib/google/cloud/security_center/v2/rest.rb +37 -0
- data/lib/google/cloud/security_center/v2/security_center/client.rb +4771 -0
- data/lib/google/cloud/security_center/v2/security_center/credentials.rb +51 -0
- data/lib/google/cloud/security_center/v2/security_center/operations.rb +809 -0
- data/lib/google/cloud/security_center/v2/security_center/paths.rb +973 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/client.rb +4390 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/operations.rb +901 -0
- data/lib/google/cloud/security_center/v2/security_center/rest/service_stub.rb +3165 -0
- data/lib/google/cloud/security_center/v2/security_center/rest.rb +53 -0
- data/lib/google/cloud/security_center/v2/security_center.rb +56 -0
- data/lib/google/cloud/security_center/v2/version.rb +7 -2
- data/lib/google/cloud/security_center/v2.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/access_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/application_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/attack_exposure_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/attack_path_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/backup_disaster_recovery_pb.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/bigquery_export_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/cloud_dlp_data_profile_pb.rb +45 -0
- data/lib/google/cloud/securitycenter/v2/cloud_dlp_inspection_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/compliance_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/connection_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/contact_details_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/container_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/database_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/exfiltration_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/external_system_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/file_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/finding_pb.rb +109 -0
- data/lib/google/cloud/securitycenter/v2/group_membership_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/iam_binding_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/indicator_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/kernel_rootkit_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/kubernetes_pb.rb +57 -0
- data/lib/google/cloud/securitycenter/v2/label_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/load_balancer_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/log_entry_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/mitre_attack_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/mute_config_pb.rb +48 -0
- data/lib/google/cloud/securitycenter/v2/notification_config_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/notification_message_pb.rb +47 -0
- data/lib/google/cloud/securitycenter/v2/org_policy_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/process_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/resource_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/resource_value_config_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/security_marks_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/security_posture_pb.rb +43 -0
- data/lib/google/cloud/securitycenter/v2/securitycenter_service_pb.rb +128 -0
- data/lib/google/cloud/securitycenter/v2/securitycenter_service_services_pb.rb +167 -0
- data/lib/google/cloud/securitycenter/v2/simulation_pb.rb +49 -0
- data/lib/google/cloud/securitycenter/v2/source_pb.rb +44 -0
- data/lib/google/cloud/securitycenter/v2/toxic_combination_pb.rb +42 -0
- data/lib/google/cloud/securitycenter/v2/valued_resource_pb.rb +46 -0
- data/lib/google/cloud/securitycenter/v2/vulnerability_pb.rb +58 -0
- data/lib/google-cloud-security_center-v2.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/client.rb +399 -0
- data/proto_docs/google/api/field_behavior.rb +85 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/api/resource.rb +222 -0
- data/proto_docs/google/api/routing.rb +459 -0
- data/proto_docs/google/cloud/securitycenter/v2/access.rb +120 -0
- data/proto_docs/google/cloud/securitycenter/v2/application.rb +40 -0
- data/proto_docs/google/cloud/securitycenter/v2/attack_exposure.rb +73 -0
- data/proto_docs/google/cloud/securitycenter/v2/attack_path.rb +147 -0
- data/proto_docs/google/cloud/securitycenter/v2/backup_disaster_recovery.rb +90 -0
- data/proto_docs/google/cloud/securitycenter/v2/bigquery_export.rb +96 -0
- data/proto_docs/google/cloud/securitycenter/v2/cloud_dlp_data_profile.rb +52 -0
- data/proto_docs/google/cloud/securitycenter/v2/cloud_dlp_inspection.rb +50 -0
- data/proto_docs/google/cloud/securitycenter/v2/compliance.rb +43 -0
- data/proto_docs/google/cloud/securitycenter/v2/connection.rb +70 -0
- data/proto_docs/google/cloud/securitycenter/v2/contact_details.rb +44 -0
- data/proto_docs/google/cloud/securitycenter/v2/container.rb +49 -0
- data/proto_docs/google/cloud/securitycenter/v2/database.rb +67 -0
- data/proto_docs/google/cloud/securitycenter/v2/exfiltration.rb +64 -0
- data/proto_docs/google/cloud/securitycenter/v2/external_system.rb +106 -0
- data/proto_docs/google/cloud/securitycenter/v2/file.rb +72 -0
- data/proto_docs/google/cloud/securitycenter/v2/finding.rb +427 -0
- data/proto_docs/google/cloud/securitycenter/v2/group_membership.rb +48 -0
- data/proto_docs/google/cloud/securitycenter/v2/iam_binding.rb +56 -0
- data/proto_docs/google/cloud/securitycenter/v2/indicator.rb +112 -0
- data/proto_docs/google/cloud/securitycenter/v2/kernel_rootkit.rb +66 -0
- data/proto_docs/google/cloud/securitycenter/v2/kubernetes.rb +241 -0
- data/proto_docs/google/cloud/securitycenter/v2/label.rb +41 -0
- data/proto_docs/google/cloud/securitycenter/v2/load_balancer.rb +36 -0
- data/proto_docs/google/cloud/securitycenter/v2/log_entry.rb +58 -0
- data/proto_docs/google/cloud/securitycenter/v2/mitre_attack.rb +285 -0
- data/proto_docs/google/cloud/securitycenter/v2/mute_config.rb +100 -0
- data/proto_docs/google/cloud/securitycenter/v2/notification_config.rb +90 -0
- data/proto_docs/google/cloud/securitycenter/v2/notification_message.rb +42 -0
- data/proto_docs/google/cloud/securitycenter/v2/org_policy.rb +37 -0
- data/proto_docs/google/cloud/securitycenter/v2/process.rb +79 -0
- data/proto_docs/google/cloud/securitycenter/v2/resource.rb +42 -0
- data/proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb +122 -0
- data/proto_docs/google/cloud/securitycenter/v2/security_marks.rb +84 -0
- data/proto_docs/google/cloud/securitycenter/v2/security_posture.rb +83 -0
- data/proto_docs/google/cloud/securitycenter/v2/securitycenter_service.rb +1136 -0
- data/proto_docs/google/cloud/securitycenter/v2/simulation.rb +43 -0
- data/proto_docs/google/cloud/securitycenter/v2/source.rb +65 -0
- data/proto_docs/google/cloud/securitycenter/v2/toxic_combination.rb +46 -0
- data/proto_docs/google/cloud/securitycenter/v2/valued_resource.rb +86 -0
- data/proto_docs/google/cloud/securitycenter/v2/vulnerability.rb +333 -0
- data/proto_docs/google/iam/v1/iam_policy.rb +87 -0
- data/proto_docs/google/iam/v1/options.rb +50 -0
- data/proto_docs/google/iam/v1/policy.rb +426 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +145 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +34 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/struct.rb +96 -0
- data/proto_docs/google/protobuf/timestamp.rb +127 -0
- data/proto_docs/google/rpc/status.rb +48 -0
- data/proto_docs/google/type/expr.rb +75 -0
- metadata +173 -10
@@ -0,0 +1,43 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Attack path simulation
|
25
|
+
# @!attribute [rw] name
|
26
|
+
# @return [::String]
|
27
|
+
# Full resource name of the Simulation:
|
28
|
+
# organizations/123/simulations/456
|
29
|
+
# @!attribute [r] create_time
|
30
|
+
# @return [::Google::Protobuf::Timestamp]
|
31
|
+
# Output only. Time simulation was created
|
32
|
+
# @!attribute [rw] resource_value_configs_metadata
|
33
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::ResourceValueConfigMetadata>]
|
34
|
+
# Resource value configurations' metadata used in this simulation. Maximum of
|
35
|
+
# 100.
|
36
|
+
class Simulation
|
37
|
+
include ::Google::Protobuf::MessageExts
|
38
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,65 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Security Command Center finding source. A finding source
|
25
|
+
# is an entity or a mechanism that can produce a finding. A source is like a
|
26
|
+
# container of findings that come from the same scanner, logger, monitor, and
|
27
|
+
# other tools.
|
28
|
+
# @!attribute [rw] name
|
29
|
+
# @return [::String]
|
30
|
+
# The relative resource name of this source. See:
|
31
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
32
|
+
# Example:
|
33
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}"
|
34
|
+
# @!attribute [rw] display_name
|
35
|
+
# @return [::String]
|
36
|
+
# The source's display name.
|
37
|
+
# A source's display name must be unique amongst its siblings, for example,
|
38
|
+
# two sources with the same parent can't share the same display name.
|
39
|
+
# The display name must have a length between 1 and 64 characters
|
40
|
+
# (inclusive).
|
41
|
+
# @!attribute [rw] description
|
42
|
+
# @return [::String]
|
43
|
+
# The description of the source (max of 1024 characters).
|
44
|
+
# Example:
|
45
|
+
# "Web Security Scanner is a web security scanner for common
|
46
|
+
# vulnerabilities in App Engine applications. It can automatically
|
47
|
+
# scan and detect four common vulnerabilities, including cross-site-scripting
|
48
|
+
# (XSS), Flash injection, mixed content (HTTP in HTTPS), and
|
49
|
+
# outdated or insecure libraries."
|
50
|
+
# @!attribute [rw] canonical_name
|
51
|
+
# @return [::String]
|
52
|
+
# The canonical name of the finding source. It's either
|
53
|
+
# "organizations/\\{organization_id}/sources/\\{source_id}",
|
54
|
+
# "folders/\\{folder_id}/sources/\\{source_id}", or
|
55
|
+
# "projects/\\{project_number}/sources/\\{source_id}",
|
56
|
+
# depending on the closest CRM ancestor of the resource associated with the
|
57
|
+
# finding.
|
58
|
+
class Source
|
59
|
+
include ::Google::Protobuf::MessageExts
|
60
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Contains details about a group of security issues that, when the issues
|
25
|
+
# occur together, represent a greater risk than when the issues occur
|
26
|
+
# independently. A group of such issues is referred to as a toxic
|
27
|
+
# combination.
|
28
|
+
# @!attribute [rw] attack_exposure_score
|
29
|
+
# @return [::Float]
|
30
|
+
# The
|
31
|
+
# [Attack exposure
|
32
|
+
# score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores)
|
33
|
+
# of this toxic combination. The score is a measure of how much this toxic
|
34
|
+
# combination exposes one or more high-value resources to potential attack.
|
35
|
+
# @!attribute [rw] related_findings
|
36
|
+
# @return [::Array<::String>]
|
37
|
+
# List of resource names of findings associated with this toxic combination.
|
38
|
+
# For example, `organizations/123/sources/456/findings/789`.
|
39
|
+
class ToxicCombination
|
40
|
+
include ::Google::Protobuf::MessageExts
|
41
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# A resource that is determined to have value to a user's system
|
25
|
+
# @!attribute [rw] name
|
26
|
+
# @return [::String]
|
27
|
+
# Valued resource name, for example,
|
28
|
+
# e.g.:
|
29
|
+
# `organizations/123/simulations/456/valuedResources/789`
|
30
|
+
# @!attribute [rw] resource
|
31
|
+
# @return [::String]
|
32
|
+
# The
|
33
|
+
# [full resource
|
34
|
+
# name](https://cloud.google.com/apis/design/resource_names#full_resource_name)
|
35
|
+
# of the valued resource.
|
36
|
+
# @!attribute [rw] resource_type
|
37
|
+
# @return [::String]
|
38
|
+
# The [resource
|
39
|
+
# type](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
|
40
|
+
# of the valued resource.
|
41
|
+
# @!attribute [rw] display_name
|
42
|
+
# @return [::String]
|
43
|
+
# Human-readable name of the valued resource.
|
44
|
+
# @!attribute [rw] resource_value
|
45
|
+
# @return [::Google::Cloud::SecurityCenter::V2::ValuedResource::ResourceValue]
|
46
|
+
# How valuable this resource is.
|
47
|
+
# @!attribute [rw] exposed_score
|
48
|
+
# @return [::Float]
|
49
|
+
# Exposed score for this valued resource. A value of 0 means no exposure was
|
50
|
+
# detected exposure.
|
51
|
+
# @!attribute [rw] resource_value_configs_used
|
52
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::ResourceValueConfigMetadata>]
|
53
|
+
# List of resource value configurations' metadata used to determine the value
|
54
|
+
# of this resource. Maximum of 100.
|
55
|
+
class ValuedResource
|
56
|
+
include ::Google::Protobuf::MessageExts
|
57
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
58
|
+
|
59
|
+
# How valuable the resource is.
|
60
|
+
module ResourceValue
|
61
|
+
# The resource value isn't specified.
|
62
|
+
RESOURCE_VALUE_UNSPECIFIED = 0
|
63
|
+
|
64
|
+
# This is a low-value resource.
|
65
|
+
RESOURCE_VALUE_LOW = 1
|
66
|
+
|
67
|
+
# This is a medium-value resource.
|
68
|
+
RESOURCE_VALUE_MEDIUM = 2
|
69
|
+
|
70
|
+
# This is a high-value resource.
|
71
|
+
RESOURCE_VALUE_HIGH = 3
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
# Metadata about a ResourceValueConfig. For example, id and name.
|
76
|
+
# @!attribute [rw] name
|
77
|
+
# @return [::String]
|
78
|
+
# Resource value config name
|
79
|
+
class ResourceValueConfigMetadata
|
80
|
+
include ::Google::Protobuf::MessageExts
|
81
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
@@ -0,0 +1,333 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module SecurityCenter
|
23
|
+
module V2
|
24
|
+
# Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
|
25
|
+
# @!attribute [rw] cve
|
26
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cve]
|
27
|
+
# CVE stands for Common Vulnerabilities and Exposures
|
28
|
+
# (https://cve.mitre.org/about/)
|
29
|
+
# @!attribute [rw] offending_package
|
30
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Package]
|
31
|
+
# The offending package is relevant to the finding.
|
32
|
+
# @!attribute [rw] fixed_package
|
33
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Package]
|
34
|
+
# The fixed package is relevant to the finding.
|
35
|
+
# @!attribute [rw] security_bulletin
|
36
|
+
# @return [::Google::Cloud::SecurityCenter::V2::SecurityBulletin]
|
37
|
+
# The security bulletin is relevant to this finding.
|
38
|
+
class Vulnerability
|
39
|
+
include ::Google::Protobuf::MessageExts
|
40
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
41
|
+
end
|
42
|
+
|
43
|
+
# CVE stands for Common Vulnerabilities and Exposures.
|
44
|
+
# Information from the [CVE
|
45
|
+
# record](https://www.cve.org/ResourcesSupport/Glossary) that describes this
|
46
|
+
# vulnerability.
|
47
|
+
# @!attribute [rw] id
|
48
|
+
# @return [::String]
|
49
|
+
# The unique identifier for the vulnerability. e.g. CVE-2021-34527
|
50
|
+
# @!attribute [rw] references
|
51
|
+
# @return [::Array<::Google::Cloud::SecurityCenter::V2::Reference>]
|
52
|
+
# Additional information about the CVE.
|
53
|
+
# e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
|
54
|
+
# @!attribute [rw] cvssv3
|
55
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3]
|
56
|
+
# Describe Common Vulnerability Scoring System specified at
|
57
|
+
# https://www.first.org/cvss/v3.1/specification-document
|
58
|
+
# @!attribute [rw] upstream_fix_available
|
59
|
+
# @return [::Boolean]
|
60
|
+
# Whether upstream fix is available for the CVE.
|
61
|
+
# @!attribute [rw] impact
|
62
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cve::RiskRating]
|
63
|
+
# The potential impact of the vulnerability if it was to be exploited.
|
64
|
+
# @!attribute [rw] exploitation_activity
|
65
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cve::ExploitationActivity]
|
66
|
+
# The exploitation activity of the vulnerability in the wild.
|
67
|
+
# @!attribute [rw] observed_in_the_wild
|
68
|
+
# @return [::Boolean]
|
69
|
+
# Whether or not the vulnerability has been observed in the wild.
|
70
|
+
# @!attribute [rw] zero_day
|
71
|
+
# @return [::Boolean]
|
72
|
+
# Whether or not the vulnerability was zero day when the finding was
|
73
|
+
# published.
|
74
|
+
class Cve
|
75
|
+
include ::Google::Protobuf::MessageExts
|
76
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
77
|
+
|
78
|
+
# The possible values of impact of the vulnerability if it was to be
|
79
|
+
# exploited.
|
80
|
+
module RiskRating
|
81
|
+
# Invalid or empty value.
|
82
|
+
RISK_RATING_UNSPECIFIED = 0
|
83
|
+
|
84
|
+
# Exploitation would have little to no security impact.
|
85
|
+
LOW = 1
|
86
|
+
|
87
|
+
# Exploitation would enable attackers to perform activities, or could allow
|
88
|
+
# attackers to have a direct impact, but would require additional steps.
|
89
|
+
MEDIUM = 2
|
90
|
+
|
91
|
+
# Exploitation would enable attackers to have a notable direct impact
|
92
|
+
# without needing to overcome any major mitigating factors.
|
93
|
+
HIGH = 3
|
94
|
+
|
95
|
+
# Exploitation would fundamentally undermine the security of affected
|
96
|
+
# systems, enable actors to perform significant attacks with minimal
|
97
|
+
# effort, with little to no mitigating factors to overcome.
|
98
|
+
CRITICAL = 4
|
99
|
+
end
|
100
|
+
|
101
|
+
# The possible values of exploitation activity of the vulnerability in the
|
102
|
+
# wild.
|
103
|
+
module ExploitationActivity
|
104
|
+
# Invalid or empty value.
|
105
|
+
EXPLOITATION_ACTIVITY_UNSPECIFIED = 0
|
106
|
+
|
107
|
+
# Exploitation has been reported or confirmed to widely occur.
|
108
|
+
WIDE = 1
|
109
|
+
|
110
|
+
# Limited reported or confirmed exploitation activities.
|
111
|
+
CONFIRMED = 2
|
112
|
+
|
113
|
+
# Exploit is publicly available.
|
114
|
+
AVAILABLE = 3
|
115
|
+
|
116
|
+
# No known exploitation activity, but has a high potential for
|
117
|
+
# exploitation.
|
118
|
+
ANTICIPATED = 4
|
119
|
+
|
120
|
+
# No known exploitation activity.
|
121
|
+
NO_KNOWN = 5
|
122
|
+
end
|
123
|
+
end
|
124
|
+
|
125
|
+
# Additional Links
|
126
|
+
# @!attribute [rw] source
|
127
|
+
# @return [::String]
|
128
|
+
# Source of the reference e.g. NVD
|
129
|
+
# @!attribute [rw] uri
|
130
|
+
# @return [::String]
|
131
|
+
# Uri for the mentioned source e.g.
|
132
|
+
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
|
133
|
+
class Reference
|
134
|
+
include ::Google::Protobuf::MessageExts
|
135
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
136
|
+
end
|
137
|
+
|
138
|
+
# Common Vulnerability Scoring System version 3.
|
139
|
+
# @!attribute [rw] base_score
|
140
|
+
# @return [::Float]
|
141
|
+
# The base score is a function of the base metric scores.
|
142
|
+
# @!attribute [rw] attack_vector
|
143
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::AttackVector]
|
144
|
+
# Base Metrics
|
145
|
+
# Represents the intrinsic characteristics of a vulnerability that are
|
146
|
+
# constant over time and across user environments.
|
147
|
+
# This metric reflects the context by which vulnerability exploitation is
|
148
|
+
# possible.
|
149
|
+
# @!attribute [rw] attack_complexity
|
150
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::AttackComplexity]
|
151
|
+
# This metric describes the conditions beyond the attacker's control that
|
152
|
+
# must exist in order to exploit the vulnerability.
|
153
|
+
# @!attribute [rw] privileges_required
|
154
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::PrivilegesRequired]
|
155
|
+
# This metric describes the level of privileges an attacker must possess
|
156
|
+
# before successfully exploiting the vulnerability.
|
157
|
+
# @!attribute [rw] user_interaction
|
158
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::UserInteraction]
|
159
|
+
# This metric captures the requirement for a human user, other than the
|
160
|
+
# attacker, to participate in the successful compromise of the vulnerable
|
161
|
+
# component.
|
162
|
+
# @!attribute [rw] scope
|
163
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Scope]
|
164
|
+
# The Scope metric captures whether a vulnerability in one vulnerable
|
165
|
+
# component impacts resources in components beyond its security scope.
|
166
|
+
# @!attribute [rw] confidentiality_impact
|
167
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Impact]
|
168
|
+
# This metric measures the impact to the confidentiality of the information
|
169
|
+
# resources managed by a software component due to a successfully exploited
|
170
|
+
# vulnerability.
|
171
|
+
# @!attribute [rw] integrity_impact
|
172
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Impact]
|
173
|
+
# This metric measures the impact to integrity of a successfully exploited
|
174
|
+
# vulnerability.
|
175
|
+
# @!attribute [rw] availability_impact
|
176
|
+
# @return [::Google::Cloud::SecurityCenter::V2::Cvssv3::Impact]
|
177
|
+
# This metric measures the impact to the availability of the impacted
|
178
|
+
# component resulting from a successfully exploited vulnerability.
|
179
|
+
class Cvssv3
|
180
|
+
include ::Google::Protobuf::MessageExts
|
181
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
182
|
+
|
183
|
+
# This metric reflects the context by which vulnerability exploitation is
|
184
|
+
# possible.
|
185
|
+
module AttackVector
|
186
|
+
# Invalid value.
|
187
|
+
ATTACK_VECTOR_UNSPECIFIED = 0
|
188
|
+
|
189
|
+
# The vulnerable component is bound to the network stack and the set of
|
190
|
+
# possible attackers extends beyond the other options listed below, up to
|
191
|
+
# and including the entire Internet.
|
192
|
+
ATTACK_VECTOR_NETWORK = 1
|
193
|
+
|
194
|
+
# The vulnerable component is bound to the network stack, but the attack is
|
195
|
+
# limited at the protocol level to a logically adjacent topology.
|
196
|
+
ATTACK_VECTOR_ADJACENT = 2
|
197
|
+
|
198
|
+
# The vulnerable component is not bound to the network stack and the
|
199
|
+
# attacker's path is via read/write/execute capabilities.
|
200
|
+
ATTACK_VECTOR_LOCAL = 3
|
201
|
+
|
202
|
+
# The attack requires the attacker to physically touch or manipulate the
|
203
|
+
# vulnerable component.
|
204
|
+
ATTACK_VECTOR_PHYSICAL = 4
|
205
|
+
end
|
206
|
+
|
207
|
+
# This metric describes the conditions beyond the attacker's control that
|
208
|
+
# must exist in order to exploit the vulnerability.
|
209
|
+
module AttackComplexity
|
210
|
+
# Invalid value.
|
211
|
+
ATTACK_COMPLEXITY_UNSPECIFIED = 0
|
212
|
+
|
213
|
+
# Specialized access conditions or extenuating circumstances do not exist.
|
214
|
+
# An attacker can expect repeatable success when attacking the vulnerable
|
215
|
+
# component.
|
216
|
+
ATTACK_COMPLEXITY_LOW = 1
|
217
|
+
|
218
|
+
# A successful attack depends on conditions beyond the attacker's control.
|
219
|
+
# That is, a successful attack cannot be accomplished at will, but requires
|
220
|
+
# the attacker to invest in some measurable amount of effort in preparation
|
221
|
+
# or execution against the vulnerable component before a successful attack
|
222
|
+
# can be expected.
|
223
|
+
ATTACK_COMPLEXITY_HIGH = 2
|
224
|
+
end
|
225
|
+
|
226
|
+
# This metric describes the level of privileges an attacker must possess
|
227
|
+
# before successfully exploiting the vulnerability.
|
228
|
+
module PrivilegesRequired
|
229
|
+
# Invalid value.
|
230
|
+
PRIVILEGES_REQUIRED_UNSPECIFIED = 0
|
231
|
+
|
232
|
+
# The attacker is unauthorized prior to attack, and therefore does not
|
233
|
+
# require any access to settings or files of the vulnerable system to
|
234
|
+
# carry out an attack.
|
235
|
+
PRIVILEGES_REQUIRED_NONE = 1
|
236
|
+
|
237
|
+
# The attacker requires privileges that provide basic user capabilities
|
238
|
+
# that could normally affect only settings and files owned by a user.
|
239
|
+
# Alternatively, an attacker with Low privileges has the ability to access
|
240
|
+
# only non-sensitive resources.
|
241
|
+
PRIVILEGES_REQUIRED_LOW = 2
|
242
|
+
|
243
|
+
# The attacker requires privileges that provide significant (e.g.,
|
244
|
+
# administrative) control over the vulnerable component allowing access to
|
245
|
+
# component-wide settings and files.
|
246
|
+
PRIVILEGES_REQUIRED_HIGH = 3
|
247
|
+
end
|
248
|
+
|
249
|
+
# This metric captures the requirement for a human user, other than the
|
250
|
+
# attacker, to participate in the successful compromise of the vulnerable
|
251
|
+
# component.
|
252
|
+
module UserInteraction
|
253
|
+
# Invalid value.
|
254
|
+
USER_INTERACTION_UNSPECIFIED = 0
|
255
|
+
|
256
|
+
# The vulnerable system can be exploited without interaction from any user.
|
257
|
+
USER_INTERACTION_NONE = 1
|
258
|
+
|
259
|
+
# Successful exploitation of this vulnerability requires a user to take
|
260
|
+
# some action before the vulnerability can be exploited.
|
261
|
+
USER_INTERACTION_REQUIRED = 2
|
262
|
+
end
|
263
|
+
|
264
|
+
# The Scope metric captures whether a vulnerability in one vulnerable
|
265
|
+
# component impacts resources in components beyond its security scope.
|
266
|
+
module Scope
|
267
|
+
# Invalid value.
|
268
|
+
SCOPE_UNSPECIFIED = 0
|
269
|
+
|
270
|
+
# An exploited vulnerability can only affect resources managed by the same
|
271
|
+
# security authority.
|
272
|
+
SCOPE_UNCHANGED = 1
|
273
|
+
|
274
|
+
# An exploited vulnerability can affect resources beyond the security scope
|
275
|
+
# managed by the security authority of the vulnerable component.
|
276
|
+
SCOPE_CHANGED = 2
|
277
|
+
end
|
278
|
+
|
279
|
+
# The Impact metrics capture the effects of a successfully exploited
|
280
|
+
# vulnerability on the component that suffers the worst outcome that is most
|
281
|
+
# directly and predictably associated with the attack.
|
282
|
+
module Impact
|
283
|
+
# Invalid value.
|
284
|
+
IMPACT_UNSPECIFIED = 0
|
285
|
+
|
286
|
+
# High impact.
|
287
|
+
IMPACT_HIGH = 1
|
288
|
+
|
289
|
+
# Low impact.
|
290
|
+
IMPACT_LOW = 2
|
291
|
+
|
292
|
+
# No impact.
|
293
|
+
IMPACT_NONE = 3
|
294
|
+
end
|
295
|
+
end
|
296
|
+
|
297
|
+
# Package is a generic definition of a package.
|
298
|
+
# @!attribute [rw] package_name
|
299
|
+
# @return [::String]
|
300
|
+
# The name of the package where the vulnerability was detected.
|
301
|
+
# @!attribute [rw] cpe_uri
|
302
|
+
# @return [::String]
|
303
|
+
# The CPE URI where the vulnerability was detected.
|
304
|
+
# @!attribute [rw] package_type
|
305
|
+
# @return [::String]
|
306
|
+
# Type of package, for example, os, maven, or go.
|
307
|
+
# @!attribute [rw] package_version
|
308
|
+
# @return [::String]
|
309
|
+
# The version of the package.
|
310
|
+
class Package
|
311
|
+
include ::Google::Protobuf::MessageExts
|
312
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
313
|
+
end
|
314
|
+
|
315
|
+
# SecurityBulletin are notifications of vulnerabilities of Google products.
|
316
|
+
# @!attribute [rw] bulletin_id
|
317
|
+
# @return [::String]
|
318
|
+
# ID of the bulletin corresponding to the vulnerability.
|
319
|
+
# @!attribute [rw] submission_time
|
320
|
+
# @return [::Google::Protobuf::Timestamp]
|
321
|
+
# Submission time of this Security Bulletin.
|
322
|
+
# @!attribute [rw] suggested_upgrade_version
|
323
|
+
# @return [::String]
|
324
|
+
# This represents a version that the cluster receiving this notification
|
325
|
+
# should be upgraded to, based on its current version. For example, 1.15.0
|
326
|
+
class SecurityBulletin
|
327
|
+
include ::Google::Protobuf::MessageExts
|
328
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
329
|
+
end
|
330
|
+
end
|
331
|
+
end
|
332
|
+
end
|
333
|
+
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2024 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Iam
|
22
|
+
module V1
|
23
|
+
# Request message for `SetIamPolicy` method.
|
24
|
+
# @!attribute [rw] resource
|
25
|
+
# @return [::String]
|
26
|
+
# REQUIRED: The resource for which the policy is being specified.
|
27
|
+
# See the operation documentation for the appropriate value for this field.
|
28
|
+
# @!attribute [rw] policy
|
29
|
+
# @return [::Google::Iam::V1::Policy]
|
30
|
+
# REQUIRED: The complete policy to be applied to the `resource`. The size of
|
31
|
+
# the policy is limited to a few 10s of KB. An empty policy is a
|
32
|
+
# valid policy but certain Cloud Platform services (such as Projects)
|
33
|
+
# might reject them.
|
34
|
+
# @!attribute [rw] update_mask
|
35
|
+
# @return [::Google::Protobuf::FieldMask]
|
36
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
37
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
38
|
+
# following default mask is used:
|
39
|
+
#
|
40
|
+
# `paths: "bindings, etag"`
|
41
|
+
class SetIamPolicyRequest
|
42
|
+
include ::Google::Protobuf::MessageExts
|
43
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
44
|
+
end
|
45
|
+
|
46
|
+
# Request message for `GetIamPolicy` method.
|
47
|
+
# @!attribute [rw] resource
|
48
|
+
# @return [::String]
|
49
|
+
# REQUIRED: The resource for which the policy is being requested.
|
50
|
+
# See the operation documentation for the appropriate value for this field.
|
51
|
+
# @!attribute [rw] options
|
52
|
+
# @return [::Google::Iam::V1::GetPolicyOptions]
|
53
|
+
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
54
|
+
# `GetIamPolicy`.
|
55
|
+
class GetIamPolicyRequest
|
56
|
+
include ::Google::Protobuf::MessageExts
|
57
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
58
|
+
end
|
59
|
+
|
60
|
+
# Request message for `TestIamPermissions` method.
|
61
|
+
# @!attribute [rw] resource
|
62
|
+
# @return [::String]
|
63
|
+
# REQUIRED: The resource for which the policy detail is being requested.
|
64
|
+
# See the operation documentation for the appropriate value for this field.
|
65
|
+
# @!attribute [rw] permissions
|
66
|
+
# @return [::Array<::String>]
|
67
|
+
# The set of permissions to check for the `resource`. Permissions with
|
68
|
+
# wildcards (such as '*' or 'storage.*') are not allowed. For more
|
69
|
+
# information see
|
70
|
+
# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
71
|
+
class TestIamPermissionsRequest
|
72
|
+
include ::Google::Protobuf::MessageExts
|
73
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
74
|
+
end
|
75
|
+
|
76
|
+
# Response message for `TestIamPermissions` method.
|
77
|
+
# @!attribute [rw] permissions
|
78
|
+
# @return [::Array<::String>]
|
79
|
+
# A subset of `TestPermissionsRequest.permissions` that the caller is
|
80
|
+
# allowed.
|
81
|
+
class TestIamPermissionsResponse
|
82
|
+
include ::Google::Protobuf::MessageExts
|
83
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|