google-cloud-security_center 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.yardopts +9 -0
- data/LICENSE +201 -0
- data/README.md +69 -0
- data/lib/google/cloud/security_center.rb +141 -0
- data/lib/google/cloud/security_center/v1.rb +139 -0
- data/lib/google/cloud/security_center/v1/asset_pb.rb +37 -0
- data/lib/google/cloud/security_center/v1/credentials.rb +41 -0
- data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/asset.rb +96 -0
- data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/finding.rb +94 -0
- data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/organization_settings.rb +72 -0
- data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/security_marks.rb +44 -0
- data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/securitycenter_service.rb +759 -0
- data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/source.rb +51 -0
- data/lib/google/cloud/security_center/v1/doc/google/iam/v1/iam_policy.rb +63 -0
- data/lib/google/cloud/security_center/v1/doc/google/iam/v1/policy.rb +104 -0
- data/lib/google/cloud/security_center/v1/doc/google/longrunning/operations.rb +51 -0
- data/lib/google/cloud/security_center/v1/doc/google/protobuf/any.rb +131 -0
- data/lib/google/cloud/security_center/v1/doc/google/protobuf/duration.rb +91 -0
- data/lib/google/cloud/security_center/v1/doc/google/protobuf/field_mask.rb +222 -0
- data/lib/google/cloud/security_center/v1/doc/google/protobuf/struct.rb +74 -0
- data/lib/google/cloud/security_center/v1/doc/google/protobuf/timestamp.rb +111 -0
- data/lib/google/cloud/security_center/v1/doc/google/rpc/status.rb +87 -0
- data/lib/google/cloud/security_center/v1/finding_pb.rb +34 -0
- data/lib/google/cloud/security_center/v1/helpers.rb +87 -0
- data/lib/google/cloud/security_center/v1/organization_settings_pb.rb +29 -0
- data/lib/google/cloud/security_center/v1/security_center_client.rb +1772 -0
- data/lib/google/cloud/security_center/v1/security_center_client_config.json +116 -0
- data/lib/google/cloud/security_center/v1/security_marks_pb.rb +17 -0
- data/lib/google/cloud/security_center/v1/securitycenter_service_pb.rb +186 -0
- data/lib/google/cloud/security_center/v1/securitycenter_service_services_pb.rb +90 -0
- data/lib/google/cloud/security_center/v1/source_pb.rb +18 -0
- metadata +172 -0
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
|
+
# source: google/cloud/security_center/v1/finding.proto
|
|
3
|
+
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
require 'google/api/annotations_pb'
|
|
8
|
+
require 'google/cloud/security_center/v1/security_marks_pb'
|
|
9
|
+
require 'google/protobuf/struct_pb'
|
|
10
|
+
require 'google/protobuf/timestamp_pb'
|
|
11
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
12
|
+
add_message "google.cloud.securitycenter.v1.Finding" do
|
|
13
|
+
optional :name, :string, 1
|
|
14
|
+
optional :parent, :string, 2
|
|
15
|
+
optional :resource_name, :string, 3
|
|
16
|
+
optional :state, :enum, 4, "google.cloud.securitycenter.v1.Finding.State"
|
|
17
|
+
optional :category, :string, 5
|
|
18
|
+
optional :external_uri, :string, 6
|
|
19
|
+
map :source_properties, :string, :message, 7, "google.protobuf.Value"
|
|
20
|
+
optional :security_marks, :message, 8, "google.cloud.securitycenter.v1.SecurityMarks"
|
|
21
|
+
optional :event_time, :message, 9, "google.protobuf.Timestamp"
|
|
22
|
+
optional :create_time, :message, 10, "google.protobuf.Timestamp"
|
|
23
|
+
end
|
|
24
|
+
add_enum "google.cloud.securitycenter.v1.Finding.State" do
|
|
25
|
+
value :STATE_UNSPECIFIED, 0
|
|
26
|
+
value :ACTIVE, 1
|
|
27
|
+
value :INACTIVE, 2
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
module Google::Cloud::SecurityCenter::V1
|
|
32
|
+
Finding = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding").msgclass
|
|
33
|
+
Finding::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding.State").enummodule
|
|
34
|
+
end
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
# Copyright 2019 Google LLC
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
# you may not use this file except in compliance with the License.
|
|
5
|
+
# You may obtain a copy of the License at
|
|
6
|
+
#
|
|
7
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
#
|
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
# See the License for the specific language governing permissions and
|
|
13
|
+
# # limitations under the License.
|
|
14
|
+
|
|
15
|
+
module Google
|
|
16
|
+
module Cloud
|
|
17
|
+
module SecurityCenter
|
|
18
|
+
module V1
|
|
19
|
+
class SecurityCenterClient
|
|
20
|
+
|
|
21
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.asset_path.
|
|
22
|
+
# @param organization [String]
|
|
23
|
+
# @param asset [String]
|
|
24
|
+
# @return [String]
|
|
25
|
+
def asset_path organization, asset
|
|
26
|
+
self.class.asset_path organization, asset
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.asset_security_marks_path.
|
|
30
|
+
# @param organization [String]
|
|
31
|
+
# @param asset [String]
|
|
32
|
+
# @return [String]
|
|
33
|
+
def asset_security_marks_path organization, asset
|
|
34
|
+
self.class.asset_security_marks_path organization, asset
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_path.
|
|
38
|
+
# @param organization [String]
|
|
39
|
+
# @param source [String]
|
|
40
|
+
# @param finding [String]
|
|
41
|
+
# @return [String]
|
|
42
|
+
def finding_path organization, source, finding
|
|
43
|
+
self.class.finding_path organization, source, finding
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_security_marks_path.
|
|
47
|
+
# @param organization [String]
|
|
48
|
+
# @param source [String]
|
|
49
|
+
# @param finding [String]
|
|
50
|
+
# @return [String]
|
|
51
|
+
def finding_security_marks_path organization, source, finding
|
|
52
|
+
self.class.finding_security_marks_path organization, source, finding
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path.
|
|
56
|
+
# @param organization [String]
|
|
57
|
+
# @return [String]
|
|
58
|
+
def organization_path organization
|
|
59
|
+
self.class.organization_path organization
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_settings_path.
|
|
63
|
+
# @param organization [String]
|
|
64
|
+
# @return [String]
|
|
65
|
+
def organization_settings_path organization
|
|
66
|
+
self.class.organization_settings_path organization
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_sources_path.
|
|
70
|
+
# @param organization [String]
|
|
71
|
+
# @return [String]
|
|
72
|
+
def organization_sources_path organization
|
|
73
|
+
self.class.organization_sources_path organization
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
# Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path.
|
|
77
|
+
# @param organization [String]
|
|
78
|
+
# @param source [String]
|
|
79
|
+
# @return [String]
|
|
80
|
+
def source_path organization, source
|
|
81
|
+
self.class.source_path organization, source
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
|
2
|
+
# source: google/cloud/security_center/v1/organization_settings.proto
|
|
3
|
+
|
|
4
|
+
|
|
5
|
+
require 'google/protobuf'
|
|
6
|
+
|
|
7
|
+
require 'google/api/annotations_pb'
|
|
8
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
9
|
+
add_message "google.cloud.securitycenter.v1.OrganizationSettings" do
|
|
10
|
+
optional :name, :string, 1
|
|
11
|
+
optional :enable_asset_discovery, :bool, 2
|
|
12
|
+
optional :asset_discovery_config, :message, 3, "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig"
|
|
13
|
+
end
|
|
14
|
+
add_message "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig" do
|
|
15
|
+
repeated :project_ids, :string, 1
|
|
16
|
+
optional :inclusion_mode, :enum, 2, "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"
|
|
17
|
+
end
|
|
18
|
+
add_enum "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode" do
|
|
19
|
+
value :INCLUSION_MODE_UNSPECIFIED, 0
|
|
20
|
+
value :INCLUDE_ONLY, 1
|
|
21
|
+
value :EXCLUDE, 2
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
module Google::Cloud::SecurityCenter::V1
|
|
26
|
+
OrganizationSettings = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings").msgclass
|
|
27
|
+
OrganizationSettings::AssetDiscoveryConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig").msgclass
|
|
28
|
+
OrganizationSettings::AssetDiscoveryConfig::InclusionMode = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode").enummodule
|
|
29
|
+
end
|
|
@@ -0,0 +1,1772 @@
|
|
|
1
|
+
# Copyright 2019 Google LLC
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
# you may not use this file except in compliance with the License.
|
|
5
|
+
# You may obtain a copy of the License at
|
|
6
|
+
#
|
|
7
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
#
|
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
# See the License for the specific language governing permissions and
|
|
13
|
+
# limitations under the License.
|
|
14
|
+
#
|
|
15
|
+
# EDITING INSTRUCTIONS
|
|
16
|
+
# This file was generated from the file
|
|
17
|
+
# https://github.com/googleapis/googleapis/blob/master/google/cloud/security_center/v1/securitycenter_service.proto,
|
|
18
|
+
# and updates to that file get reflected here through a refresh process.
|
|
19
|
+
# For the short term, the refresh process will only be runnable by Google
|
|
20
|
+
# engineers.
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
require "json"
|
|
24
|
+
require "pathname"
|
|
25
|
+
|
|
26
|
+
require "google/gax"
|
|
27
|
+
require "google/gax/operation"
|
|
28
|
+
require "google/longrunning/operations_client"
|
|
29
|
+
|
|
30
|
+
require "google/cloud/security_center/v1/securitycenter_service_pb"
|
|
31
|
+
require "google/cloud/security_center/v1/credentials"
|
|
32
|
+
|
|
33
|
+
module Google
|
|
34
|
+
module Cloud
|
|
35
|
+
module SecurityCenter
|
|
36
|
+
module V1
|
|
37
|
+
# V1 APIs for Security Center service.
|
|
38
|
+
#
|
|
39
|
+
# @!attribute [r] security_center_stub
|
|
40
|
+
# @return [Google::Cloud::SecurityCenter::V1::SecurityCenter::Stub]
|
|
41
|
+
class SecurityCenterClient
|
|
42
|
+
# @private
|
|
43
|
+
attr_reader :security_center_stub
|
|
44
|
+
|
|
45
|
+
# The default address of the service.
|
|
46
|
+
SERVICE_ADDRESS = "securitycenter.googleapis.com".freeze
|
|
47
|
+
|
|
48
|
+
# The default port of the service.
|
|
49
|
+
DEFAULT_SERVICE_PORT = 443
|
|
50
|
+
|
|
51
|
+
# The default set of gRPC interceptors.
|
|
52
|
+
GRPC_INTERCEPTORS = []
|
|
53
|
+
|
|
54
|
+
DEFAULT_TIMEOUT = 30
|
|
55
|
+
|
|
56
|
+
PAGE_DESCRIPTORS = {
|
|
57
|
+
"group_assets" => Google::Gax::PageDescriptor.new(
|
|
58
|
+
"page_token",
|
|
59
|
+
"next_page_token",
|
|
60
|
+
"group_by_results"),
|
|
61
|
+
"group_findings" => Google::Gax::PageDescriptor.new(
|
|
62
|
+
"page_token",
|
|
63
|
+
"next_page_token",
|
|
64
|
+
"group_by_results"),
|
|
65
|
+
"list_assets" => Google::Gax::PageDescriptor.new(
|
|
66
|
+
"page_token",
|
|
67
|
+
"next_page_token",
|
|
68
|
+
"list_assets_results"),
|
|
69
|
+
"list_findings" => Google::Gax::PageDescriptor.new(
|
|
70
|
+
"page_token",
|
|
71
|
+
"next_page_token",
|
|
72
|
+
"list_findings_results"),
|
|
73
|
+
"list_sources" => Google::Gax::PageDescriptor.new(
|
|
74
|
+
"page_token",
|
|
75
|
+
"next_page_token",
|
|
76
|
+
"sources")
|
|
77
|
+
}.freeze
|
|
78
|
+
|
|
79
|
+
private_constant :PAGE_DESCRIPTORS
|
|
80
|
+
|
|
81
|
+
# The scopes needed to make gRPC calls to all of the methods defined in
|
|
82
|
+
# this service.
|
|
83
|
+
ALL_SCOPES = [
|
|
84
|
+
"https://www.googleapis.com/auth/cloud-platform"
|
|
85
|
+
].freeze
|
|
86
|
+
|
|
87
|
+
class OperationsClient < Google::Longrunning::OperationsClient
|
|
88
|
+
self::SERVICE_ADDRESS = SecurityCenterClient::SERVICE_ADDRESS
|
|
89
|
+
self::GRPC_INTERCEPTORS = SecurityCenterClient::GRPC_INTERCEPTORS
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
ASSET_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
93
|
+
"organizations/{organization}/assets/{asset}"
|
|
94
|
+
)
|
|
95
|
+
|
|
96
|
+
private_constant :ASSET_PATH_TEMPLATE
|
|
97
|
+
|
|
98
|
+
ASSET_SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
99
|
+
"organizations/{organization}/assets/{asset}/securityMarks"
|
|
100
|
+
)
|
|
101
|
+
|
|
102
|
+
private_constant :ASSET_SECURITY_MARKS_PATH_TEMPLATE
|
|
103
|
+
|
|
104
|
+
FINDING_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
105
|
+
"organizations/{organization}/sources/{source}/findings/{finding}"
|
|
106
|
+
)
|
|
107
|
+
|
|
108
|
+
private_constant :FINDING_PATH_TEMPLATE
|
|
109
|
+
|
|
110
|
+
FINDING_SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
111
|
+
"organizations/{organization}/sources/{source}/findings/{finding}/securityMarks"
|
|
112
|
+
)
|
|
113
|
+
|
|
114
|
+
private_constant :FINDING_SECURITY_MARKS_PATH_TEMPLATE
|
|
115
|
+
|
|
116
|
+
ORGANIZATION_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
117
|
+
"organizations/{organization}"
|
|
118
|
+
)
|
|
119
|
+
|
|
120
|
+
private_constant :ORGANIZATION_PATH_TEMPLATE
|
|
121
|
+
|
|
122
|
+
ORGANIZATION_SETTINGS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
123
|
+
"organizations/{organization}/organizationSettings"
|
|
124
|
+
)
|
|
125
|
+
|
|
126
|
+
private_constant :ORGANIZATION_SETTINGS_PATH_TEMPLATE
|
|
127
|
+
|
|
128
|
+
ORGANIZATION_SOURCES_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
129
|
+
"organizations/{organization}/sources/-"
|
|
130
|
+
)
|
|
131
|
+
|
|
132
|
+
private_constant :ORGANIZATION_SOURCES_PATH_TEMPLATE
|
|
133
|
+
|
|
134
|
+
SOURCE_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
135
|
+
"organizations/{organization}/sources/{source}"
|
|
136
|
+
)
|
|
137
|
+
|
|
138
|
+
private_constant :SOURCE_PATH_TEMPLATE
|
|
139
|
+
|
|
140
|
+
# Returns a fully-qualified asset resource name string.
|
|
141
|
+
# @param organization [String]
|
|
142
|
+
# @param asset [String]
|
|
143
|
+
# @return [String]
|
|
144
|
+
def self.asset_path organization, asset
|
|
145
|
+
ASSET_PATH_TEMPLATE.render(
|
|
146
|
+
:"organization" => organization,
|
|
147
|
+
:"asset" => asset
|
|
148
|
+
)
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
# Returns a fully-qualified asset_security_marks resource name string.
|
|
152
|
+
# @param organization [String]
|
|
153
|
+
# @param asset [String]
|
|
154
|
+
# @return [String]
|
|
155
|
+
def self.asset_security_marks_path organization, asset
|
|
156
|
+
ASSET_SECURITY_MARKS_PATH_TEMPLATE.render(
|
|
157
|
+
:"organization" => organization,
|
|
158
|
+
:"asset" => asset
|
|
159
|
+
)
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
# Returns a fully-qualified finding resource name string.
|
|
163
|
+
# @param organization [String]
|
|
164
|
+
# @param source [String]
|
|
165
|
+
# @param finding [String]
|
|
166
|
+
# @return [String]
|
|
167
|
+
def self.finding_path organization, source, finding
|
|
168
|
+
FINDING_PATH_TEMPLATE.render(
|
|
169
|
+
:"organization" => organization,
|
|
170
|
+
:"source" => source,
|
|
171
|
+
:"finding" => finding
|
|
172
|
+
)
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
# Returns a fully-qualified finding_security_marks resource name string.
|
|
176
|
+
# @param organization [String]
|
|
177
|
+
# @param source [String]
|
|
178
|
+
# @param finding [String]
|
|
179
|
+
# @return [String]
|
|
180
|
+
def self.finding_security_marks_path organization, source, finding
|
|
181
|
+
FINDING_SECURITY_MARKS_PATH_TEMPLATE.render(
|
|
182
|
+
:"organization" => organization,
|
|
183
|
+
:"source" => source,
|
|
184
|
+
:"finding" => finding
|
|
185
|
+
)
|
|
186
|
+
end
|
|
187
|
+
|
|
188
|
+
# Returns a fully-qualified organization resource name string.
|
|
189
|
+
# @param organization [String]
|
|
190
|
+
# @return [String]
|
|
191
|
+
def self.organization_path organization
|
|
192
|
+
ORGANIZATION_PATH_TEMPLATE.render(
|
|
193
|
+
:"organization" => organization
|
|
194
|
+
)
|
|
195
|
+
end
|
|
196
|
+
|
|
197
|
+
# Returns a fully-qualified organization_settings resource name string.
|
|
198
|
+
# @param organization [String]
|
|
199
|
+
# @return [String]
|
|
200
|
+
def self.organization_settings_path organization
|
|
201
|
+
ORGANIZATION_SETTINGS_PATH_TEMPLATE.render(
|
|
202
|
+
:"organization" => organization
|
|
203
|
+
)
|
|
204
|
+
end
|
|
205
|
+
|
|
206
|
+
# Returns a fully-qualified organization_sources resource name string.
|
|
207
|
+
# @param organization [String]
|
|
208
|
+
# @return [String]
|
|
209
|
+
def self.organization_sources_path organization
|
|
210
|
+
ORGANIZATION_SOURCES_PATH_TEMPLATE.render(
|
|
211
|
+
:"organization" => organization
|
|
212
|
+
)
|
|
213
|
+
end
|
|
214
|
+
|
|
215
|
+
# Returns a fully-qualified source resource name string.
|
|
216
|
+
# @param organization [String]
|
|
217
|
+
# @param source [String]
|
|
218
|
+
# @return [String]
|
|
219
|
+
def self.source_path organization, source
|
|
220
|
+
SOURCE_PATH_TEMPLATE.render(
|
|
221
|
+
:"organization" => organization,
|
|
222
|
+
:"source" => source
|
|
223
|
+
)
|
|
224
|
+
end
|
|
225
|
+
|
|
226
|
+
# @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
|
|
227
|
+
# Provides the means for authenticating requests made by the client. This parameter can
|
|
228
|
+
# be many types.
|
|
229
|
+
# A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
|
|
230
|
+
# authenticating requests made by this client.
|
|
231
|
+
# A `String` will be treated as the path to the keyfile to be used for the construction of
|
|
232
|
+
# credentials for this client.
|
|
233
|
+
# A `Hash` will be treated as the contents of a keyfile to be used for the construction of
|
|
234
|
+
# credentials for this client.
|
|
235
|
+
# A `GRPC::Core::Channel` will be used to make calls through.
|
|
236
|
+
# A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
|
|
237
|
+
# should already be composed with a `GRPC::Core::CallCredentials` object.
|
|
238
|
+
# A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
|
|
239
|
+
# metadata for requests, generally, to give OAuth credentials.
|
|
240
|
+
# @param scopes [Array<String>]
|
|
241
|
+
# The OAuth scopes for this service. This parameter is ignored if
|
|
242
|
+
# an updater_proc is supplied.
|
|
243
|
+
# @param client_config [Hash]
|
|
244
|
+
# A Hash for call options for each method. See
|
|
245
|
+
# Google::Gax#construct_settings for the structure of
|
|
246
|
+
# this data. Falls back to the default config if not specified
|
|
247
|
+
# or the specified config is missing data points.
|
|
248
|
+
# @param timeout [Numeric]
|
|
249
|
+
# The default timeout, in seconds, for calls made through this client.
|
|
250
|
+
# @param metadata [Hash]
|
|
251
|
+
# Default metadata to be sent with each request. This can be overridden on a per call basis.
|
|
252
|
+
# @param exception_transformer [Proc]
|
|
253
|
+
# An optional proc that intercepts any exceptions raised during an API call to inject
|
|
254
|
+
# custom error handling.
|
|
255
|
+
def initialize \
|
|
256
|
+
credentials: nil,
|
|
257
|
+
scopes: ALL_SCOPES,
|
|
258
|
+
client_config: {},
|
|
259
|
+
timeout: DEFAULT_TIMEOUT,
|
|
260
|
+
metadata: nil,
|
|
261
|
+
exception_transformer: nil,
|
|
262
|
+
lib_name: nil,
|
|
263
|
+
lib_version: ""
|
|
264
|
+
# These require statements are intentionally placed here to initialize
|
|
265
|
+
# the gRPC module only when it's required.
|
|
266
|
+
# See https://github.com/googleapis/toolkit/issues/446
|
|
267
|
+
require "google/gax/grpc"
|
|
268
|
+
require "google/cloud/security_center/v1/securitycenter_service_services_pb"
|
|
269
|
+
|
|
270
|
+
credentials ||= Google::Cloud::SecurityCenter::V1::Credentials.default
|
|
271
|
+
|
|
272
|
+
@operations_client = OperationsClient.new(
|
|
273
|
+
credentials: credentials,
|
|
274
|
+
scopes: scopes,
|
|
275
|
+
client_config: client_config,
|
|
276
|
+
timeout: timeout,
|
|
277
|
+
lib_name: lib_name,
|
|
278
|
+
lib_version: lib_version,
|
|
279
|
+
)
|
|
280
|
+
|
|
281
|
+
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
|
282
|
+
updater_proc = Google::Cloud::SecurityCenter::V1::Credentials.new(credentials).updater_proc
|
|
283
|
+
end
|
|
284
|
+
if credentials.is_a?(GRPC::Core::Channel)
|
|
285
|
+
channel = credentials
|
|
286
|
+
end
|
|
287
|
+
if credentials.is_a?(GRPC::Core::ChannelCredentials)
|
|
288
|
+
chan_creds = credentials
|
|
289
|
+
end
|
|
290
|
+
if credentials.is_a?(Proc)
|
|
291
|
+
updater_proc = credentials
|
|
292
|
+
end
|
|
293
|
+
if credentials.is_a?(Google::Auth::Credentials)
|
|
294
|
+
updater_proc = credentials.updater_proc
|
|
295
|
+
end
|
|
296
|
+
|
|
297
|
+
package_version = Gem.loaded_specs['google-cloud-security_center'].version.version
|
|
298
|
+
|
|
299
|
+
google_api_client = "gl-ruby/#{RUBY_VERSION}"
|
|
300
|
+
google_api_client << " #{lib_name}/#{lib_version}" if lib_name
|
|
301
|
+
google_api_client << " gapic/#{package_version} gax/#{Google::Gax::VERSION}"
|
|
302
|
+
google_api_client << " grpc/#{GRPC::VERSION}"
|
|
303
|
+
google_api_client.freeze
|
|
304
|
+
|
|
305
|
+
headers = { :"x-goog-api-client" => google_api_client }
|
|
306
|
+
headers.merge!(metadata) unless metadata.nil?
|
|
307
|
+
client_config_file = Pathname.new(__dir__).join(
|
|
308
|
+
"security_center_client_config.json"
|
|
309
|
+
)
|
|
310
|
+
defaults = client_config_file.open do |f|
|
|
311
|
+
Google::Gax.construct_settings(
|
|
312
|
+
"google.cloud.securitycenter.v1.SecurityCenter",
|
|
313
|
+
JSON.parse(f.read),
|
|
314
|
+
client_config,
|
|
315
|
+
Google::Gax::Grpc::STATUS_CODE_NAMES,
|
|
316
|
+
timeout,
|
|
317
|
+
page_descriptors: PAGE_DESCRIPTORS,
|
|
318
|
+
errors: Google::Gax::Grpc::API_ERRORS,
|
|
319
|
+
metadata: headers
|
|
320
|
+
)
|
|
321
|
+
end
|
|
322
|
+
|
|
323
|
+
# Allow overriding the service path/port in subclasses.
|
|
324
|
+
service_path = self.class::SERVICE_ADDRESS
|
|
325
|
+
port = self.class::DEFAULT_SERVICE_PORT
|
|
326
|
+
interceptors = self.class::GRPC_INTERCEPTORS
|
|
327
|
+
@security_center_stub = Google::Gax::Grpc.create_stub(
|
|
328
|
+
service_path,
|
|
329
|
+
port,
|
|
330
|
+
chan_creds: chan_creds,
|
|
331
|
+
channel: channel,
|
|
332
|
+
updater_proc: updater_proc,
|
|
333
|
+
scopes: scopes,
|
|
334
|
+
interceptors: interceptors,
|
|
335
|
+
&Google::Cloud::SecurityCenter::V1::SecurityCenter::Stub.method(:new)
|
|
336
|
+
)
|
|
337
|
+
|
|
338
|
+
@create_source = Google::Gax.create_api_call(
|
|
339
|
+
@security_center_stub.method(:create_source),
|
|
340
|
+
defaults["create_source"],
|
|
341
|
+
exception_transformer: exception_transformer,
|
|
342
|
+
params_extractor: proc do |request|
|
|
343
|
+
{'parent' => request.parent}
|
|
344
|
+
end
|
|
345
|
+
)
|
|
346
|
+
@create_finding = Google::Gax.create_api_call(
|
|
347
|
+
@security_center_stub.method(:create_finding),
|
|
348
|
+
defaults["create_finding"],
|
|
349
|
+
exception_transformer: exception_transformer,
|
|
350
|
+
params_extractor: proc do |request|
|
|
351
|
+
{'parent' => request.parent}
|
|
352
|
+
end
|
|
353
|
+
)
|
|
354
|
+
@get_iam_policy = Google::Gax.create_api_call(
|
|
355
|
+
@security_center_stub.method(:get_iam_policy),
|
|
356
|
+
defaults["get_iam_policy"],
|
|
357
|
+
exception_transformer: exception_transformer,
|
|
358
|
+
params_extractor: proc do |request|
|
|
359
|
+
{'resource' => request.resource}
|
|
360
|
+
end
|
|
361
|
+
)
|
|
362
|
+
@get_organization_settings = Google::Gax.create_api_call(
|
|
363
|
+
@security_center_stub.method(:get_organization_settings),
|
|
364
|
+
defaults["get_organization_settings"],
|
|
365
|
+
exception_transformer: exception_transformer,
|
|
366
|
+
params_extractor: proc do |request|
|
|
367
|
+
{'name' => request.name}
|
|
368
|
+
end
|
|
369
|
+
)
|
|
370
|
+
@get_source = Google::Gax.create_api_call(
|
|
371
|
+
@security_center_stub.method(:get_source),
|
|
372
|
+
defaults["get_source"],
|
|
373
|
+
exception_transformer: exception_transformer,
|
|
374
|
+
params_extractor: proc do |request|
|
|
375
|
+
{'name' => request.name}
|
|
376
|
+
end
|
|
377
|
+
)
|
|
378
|
+
@group_assets = Google::Gax.create_api_call(
|
|
379
|
+
@security_center_stub.method(:group_assets),
|
|
380
|
+
defaults["group_assets"],
|
|
381
|
+
exception_transformer: exception_transformer,
|
|
382
|
+
params_extractor: proc do |request|
|
|
383
|
+
{'parent' => request.parent}
|
|
384
|
+
end
|
|
385
|
+
)
|
|
386
|
+
@group_findings = Google::Gax.create_api_call(
|
|
387
|
+
@security_center_stub.method(:group_findings),
|
|
388
|
+
defaults["group_findings"],
|
|
389
|
+
exception_transformer: exception_transformer,
|
|
390
|
+
params_extractor: proc do |request|
|
|
391
|
+
{'parent' => request.parent}
|
|
392
|
+
end
|
|
393
|
+
)
|
|
394
|
+
@list_assets = Google::Gax.create_api_call(
|
|
395
|
+
@security_center_stub.method(:list_assets),
|
|
396
|
+
defaults["list_assets"],
|
|
397
|
+
exception_transformer: exception_transformer,
|
|
398
|
+
params_extractor: proc do |request|
|
|
399
|
+
{'parent' => request.parent}
|
|
400
|
+
end
|
|
401
|
+
)
|
|
402
|
+
@list_findings = Google::Gax.create_api_call(
|
|
403
|
+
@security_center_stub.method(:list_findings),
|
|
404
|
+
defaults["list_findings"],
|
|
405
|
+
exception_transformer: exception_transformer,
|
|
406
|
+
params_extractor: proc do |request|
|
|
407
|
+
{'parent' => request.parent}
|
|
408
|
+
end
|
|
409
|
+
)
|
|
410
|
+
@list_sources = Google::Gax.create_api_call(
|
|
411
|
+
@security_center_stub.method(:list_sources),
|
|
412
|
+
defaults["list_sources"],
|
|
413
|
+
exception_transformer: exception_transformer,
|
|
414
|
+
params_extractor: proc do |request|
|
|
415
|
+
{'parent' => request.parent}
|
|
416
|
+
end
|
|
417
|
+
)
|
|
418
|
+
@run_asset_discovery = Google::Gax.create_api_call(
|
|
419
|
+
@security_center_stub.method(:run_asset_discovery),
|
|
420
|
+
defaults["run_asset_discovery"],
|
|
421
|
+
exception_transformer: exception_transformer,
|
|
422
|
+
params_extractor: proc do |request|
|
|
423
|
+
{'parent' => request.parent}
|
|
424
|
+
end
|
|
425
|
+
)
|
|
426
|
+
@set_finding_state = Google::Gax.create_api_call(
|
|
427
|
+
@security_center_stub.method(:set_finding_state),
|
|
428
|
+
defaults["set_finding_state"],
|
|
429
|
+
exception_transformer: exception_transformer,
|
|
430
|
+
params_extractor: proc do |request|
|
|
431
|
+
{'name' => request.name}
|
|
432
|
+
end
|
|
433
|
+
)
|
|
434
|
+
@set_iam_policy = Google::Gax.create_api_call(
|
|
435
|
+
@security_center_stub.method(:set_iam_policy),
|
|
436
|
+
defaults["set_iam_policy"],
|
|
437
|
+
exception_transformer: exception_transformer,
|
|
438
|
+
params_extractor: proc do |request|
|
|
439
|
+
{'resource' => request.resource}
|
|
440
|
+
end
|
|
441
|
+
)
|
|
442
|
+
@test_iam_permissions = Google::Gax.create_api_call(
|
|
443
|
+
@security_center_stub.method(:test_iam_permissions),
|
|
444
|
+
defaults["test_iam_permissions"],
|
|
445
|
+
exception_transformer: exception_transformer,
|
|
446
|
+
params_extractor: proc do |request|
|
|
447
|
+
{'resource' => request.resource}
|
|
448
|
+
end
|
|
449
|
+
)
|
|
450
|
+
@update_finding = Google::Gax.create_api_call(
|
|
451
|
+
@security_center_stub.method(:update_finding),
|
|
452
|
+
defaults["update_finding"],
|
|
453
|
+
exception_transformer: exception_transformer,
|
|
454
|
+
params_extractor: proc do |request|
|
|
455
|
+
{'finding.name' => request.finding.name}
|
|
456
|
+
end
|
|
457
|
+
)
|
|
458
|
+
@update_organization_settings = Google::Gax.create_api_call(
|
|
459
|
+
@security_center_stub.method(:update_organization_settings),
|
|
460
|
+
defaults["update_organization_settings"],
|
|
461
|
+
exception_transformer: exception_transformer,
|
|
462
|
+
params_extractor: proc do |request|
|
|
463
|
+
{'organization_settings.name' => request.organization_settings.name}
|
|
464
|
+
end
|
|
465
|
+
)
|
|
466
|
+
@update_source = Google::Gax.create_api_call(
|
|
467
|
+
@security_center_stub.method(:update_source),
|
|
468
|
+
defaults["update_source"],
|
|
469
|
+
exception_transformer: exception_transformer,
|
|
470
|
+
params_extractor: proc do |request|
|
|
471
|
+
{'source.name' => request.source.name}
|
|
472
|
+
end
|
|
473
|
+
)
|
|
474
|
+
@update_security_marks = Google::Gax.create_api_call(
|
|
475
|
+
@security_center_stub.method(:update_security_marks),
|
|
476
|
+
defaults["update_security_marks"],
|
|
477
|
+
exception_transformer: exception_transformer,
|
|
478
|
+
params_extractor: proc do |request|
|
|
479
|
+
{'security_marks.name' => request.security_marks.name}
|
|
480
|
+
end
|
|
481
|
+
)
|
|
482
|
+
end
|
|
483
|
+
|
|
484
|
+
# Service calls
|
|
485
|
+
|
|
486
|
+
# Creates a source.
|
|
487
|
+
#
|
|
488
|
+
# @param parent [String]
|
|
489
|
+
# Resource name of the new source's parent. Its format should be
|
|
490
|
+
# "organizations/[organization_id]".
|
|
491
|
+
# @param source [Google::Cloud::SecurityCenter::V1::Source | Hash]
|
|
492
|
+
# The Source being created, only the display_name and description will be
|
|
493
|
+
# used. All other fields will be ignored.
|
|
494
|
+
# A hash of the same form as `Google::Cloud::SecurityCenter::V1::Source`
|
|
495
|
+
# can also be provided.
|
|
496
|
+
# @param options [Google::Gax::CallOptions]
|
|
497
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
498
|
+
# retries, etc.
|
|
499
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
500
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
|
|
501
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
502
|
+
# @return [Google::Cloud::SecurityCenter::V1::Source]
|
|
503
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
504
|
+
# @example
|
|
505
|
+
# require "google/cloud/security_center"
|
|
506
|
+
#
|
|
507
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
508
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
|
|
509
|
+
#
|
|
510
|
+
# # TODO: Initialize `source`:
|
|
511
|
+
# source = {}
|
|
512
|
+
# response = security_center_client.create_source(formatted_parent, source)
|
|
513
|
+
|
|
514
|
+
def create_source \
|
|
515
|
+
parent,
|
|
516
|
+
source,
|
|
517
|
+
options: nil,
|
|
518
|
+
&block
|
|
519
|
+
req = {
|
|
520
|
+
parent: parent,
|
|
521
|
+
source: source
|
|
522
|
+
}.delete_if { |_, v| v.nil? }
|
|
523
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::CreateSourceRequest)
|
|
524
|
+
@create_source.call(req, options, &block)
|
|
525
|
+
end
|
|
526
|
+
|
|
527
|
+
# Creates a finding. The corresponding source must exist for finding creation
|
|
528
|
+
# to succeed.
|
|
529
|
+
#
|
|
530
|
+
# @param parent [String]
|
|
531
|
+
# Resource name of the new finding's parent. Its format should be
|
|
532
|
+
# "organizations/[organization_id]/sources/[source_id]".
|
|
533
|
+
# @param finding_id [String]
|
|
534
|
+
# Unique identifier provided by the client within the parent scope.
|
|
535
|
+
# It must be alphanumeric and less than or equal to 32 characters and
|
|
536
|
+
# greater than 0 characters in length.
|
|
537
|
+
# @param finding [Google::Cloud::SecurityCenter::V1::Finding | Hash]
|
|
538
|
+
# The Finding being created. The name and security_marks will be ignored as
|
|
539
|
+
# they are both output only fields on this resource.
|
|
540
|
+
# A hash of the same form as `Google::Cloud::SecurityCenter::V1::Finding`
|
|
541
|
+
# can also be provided.
|
|
542
|
+
# @param options [Google::Gax::CallOptions]
|
|
543
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
544
|
+
# retries, etc.
|
|
545
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
546
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
|
|
547
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
548
|
+
# @return [Google::Cloud::SecurityCenter::V1::Finding]
|
|
549
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
550
|
+
# @example
|
|
551
|
+
# require "google/cloud/security_center"
|
|
552
|
+
#
|
|
553
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
554
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
|
|
555
|
+
#
|
|
556
|
+
# # TODO: Initialize `finding_id`:
|
|
557
|
+
# finding_id = ''
|
|
558
|
+
#
|
|
559
|
+
# # TODO: Initialize `finding`:
|
|
560
|
+
# finding = {}
|
|
561
|
+
# response = security_center_client.create_finding(formatted_parent, finding_id, finding)
|
|
562
|
+
|
|
563
|
+
def create_finding \
|
|
564
|
+
parent,
|
|
565
|
+
finding_id,
|
|
566
|
+
finding,
|
|
567
|
+
options: nil,
|
|
568
|
+
&block
|
|
569
|
+
req = {
|
|
570
|
+
parent: parent,
|
|
571
|
+
finding_id: finding_id,
|
|
572
|
+
finding: finding
|
|
573
|
+
}.delete_if { |_, v| v.nil? }
|
|
574
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::CreateFindingRequest)
|
|
575
|
+
@create_finding.call(req, options, &block)
|
|
576
|
+
end
|
|
577
|
+
|
|
578
|
+
# Gets the access control policy on the specified Source.
|
|
579
|
+
#
|
|
580
|
+
# @param resource [String]
|
|
581
|
+
# REQUIRED: The resource for which the policy is being requested.
|
|
582
|
+
# `resource` is usually specified as a path. For example, a Project
|
|
583
|
+
# resource is specified as `projects/{project}`.
|
|
584
|
+
# @param options [Google::Gax::CallOptions]
|
|
585
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
586
|
+
# retries, etc.
|
|
587
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
588
|
+
# @yieldparam result [Google::Iam::V1::Policy]
|
|
589
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
590
|
+
# @return [Google::Iam::V1::Policy]
|
|
591
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
592
|
+
# @example
|
|
593
|
+
# require "google/cloud/security_center"
|
|
594
|
+
#
|
|
595
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
596
|
+
# formatted_resource = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
|
|
597
|
+
# response = security_center_client.get_iam_policy(formatted_resource)
|
|
598
|
+
|
|
599
|
+
def get_iam_policy \
|
|
600
|
+
resource,
|
|
601
|
+
options: nil,
|
|
602
|
+
&block
|
|
603
|
+
req = {
|
|
604
|
+
resource: resource
|
|
605
|
+
}.delete_if { |_, v| v.nil? }
|
|
606
|
+
req = Google::Gax::to_proto(req, Google::Iam::V1::GetIamPolicyRequest)
|
|
607
|
+
@get_iam_policy.call(req, options, &block)
|
|
608
|
+
end
|
|
609
|
+
|
|
610
|
+
# Gets the settings for an organization.
|
|
611
|
+
#
|
|
612
|
+
# @param name [String]
|
|
613
|
+
# Name of the organization to get organization settings for. Its format is
|
|
614
|
+
# "organizations/[organization_id]/organizationSettings".
|
|
615
|
+
# @param options [Google::Gax::CallOptions]
|
|
616
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
617
|
+
# retries, etc.
|
|
618
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
619
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
|
|
620
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
621
|
+
# @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
|
|
622
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
623
|
+
# @example
|
|
624
|
+
# require "google/cloud/security_center"
|
|
625
|
+
#
|
|
626
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
627
|
+
# formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_settings_path("[ORGANIZATION]")
|
|
628
|
+
# response = security_center_client.get_organization_settings(formatted_name)
|
|
629
|
+
|
|
630
|
+
def get_organization_settings \
|
|
631
|
+
name,
|
|
632
|
+
options: nil,
|
|
633
|
+
&block
|
|
634
|
+
req = {
|
|
635
|
+
name: name
|
|
636
|
+
}.delete_if { |_, v| v.nil? }
|
|
637
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest)
|
|
638
|
+
@get_organization_settings.call(req, options, &block)
|
|
639
|
+
end
|
|
640
|
+
|
|
641
|
+
# Gets a source.
|
|
642
|
+
#
|
|
643
|
+
# @param name [String]
|
|
644
|
+
# Relative resource name of the source. Its format is
|
|
645
|
+
# "organizations/[organization_id]/source/[source_id]".
|
|
646
|
+
# @param options [Google::Gax::CallOptions]
|
|
647
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
648
|
+
# retries, etc.
|
|
649
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
650
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
|
|
651
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
652
|
+
# @return [Google::Cloud::SecurityCenter::V1::Source]
|
|
653
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
654
|
+
# @example
|
|
655
|
+
# require "google/cloud/security_center"
|
|
656
|
+
#
|
|
657
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
658
|
+
# formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
|
|
659
|
+
# response = security_center_client.get_source(formatted_name)
|
|
660
|
+
|
|
661
|
+
def get_source \
|
|
662
|
+
name,
|
|
663
|
+
options: nil,
|
|
664
|
+
&block
|
|
665
|
+
req = {
|
|
666
|
+
name: name
|
|
667
|
+
}.delete_if { |_, v| v.nil? }
|
|
668
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GetSourceRequest)
|
|
669
|
+
@get_source.call(req, options, &block)
|
|
670
|
+
end
|
|
671
|
+
|
|
672
|
+
# Filters an organization's assets and groups them by their specified
|
|
673
|
+
# properties.
|
|
674
|
+
#
|
|
675
|
+
# @param parent [String]
|
|
676
|
+
# Name of the organization to groupBy. Its format is
|
|
677
|
+
# "organizations/[organization_id]".
|
|
678
|
+
# @param group_by [String]
|
|
679
|
+
# Expression that defines what assets fields to use for grouping. The string
|
|
680
|
+
# value should follow SQL syntax: comma separated list of fields. For
|
|
681
|
+
# example:
|
|
682
|
+
# "security_center_properties.resource_project,security_center_properties.project".
|
|
683
|
+
#
|
|
684
|
+
# The following fields are supported when compare_duration is not set:
|
|
685
|
+
#
|
|
686
|
+
# * security_center_properties.resource_project
|
|
687
|
+
# * security_center_properties.resource_type
|
|
688
|
+
# * security_center_properties.resource_parent
|
|
689
|
+
#
|
|
690
|
+
# The following fields are supported when compare_duration is set:
|
|
691
|
+
#
|
|
692
|
+
# * security_center_properties.resource_type
|
|
693
|
+
# @param filter [String]
|
|
694
|
+
# Expression that defines the filter to apply across assets.
|
|
695
|
+
# The expression is a list of zero or more restrictions combined via logical
|
|
696
|
+
# operators `AND` and `OR`.
|
|
697
|
+
# Parentheses are supported, and `OR` has higher precedence than `AND`.
|
|
698
|
+
#
|
|
699
|
+
# Restrictions have the form `<field> <operator> <value>` and may have a `-`
|
|
700
|
+
# character in front of them to indicate negation. The fields map to those
|
|
701
|
+
# defined in the Asset resource. Examples include:
|
|
702
|
+
#
|
|
703
|
+
# * name
|
|
704
|
+
# * security_center_properties.resource_name
|
|
705
|
+
# * resource_properties.a_property
|
|
706
|
+
# * security_marks.marks.marka
|
|
707
|
+
#
|
|
708
|
+
# The supported operators are:
|
|
709
|
+
#
|
|
710
|
+
# * `=` for all value types.
|
|
711
|
+
# * `>`, `<`, `>=`, `<=` for integer values.
|
|
712
|
+
# * `:`, meaning substring matching, for strings.
|
|
713
|
+
#
|
|
714
|
+
# The supported value types are:
|
|
715
|
+
#
|
|
716
|
+
# * string literals in quotes.
|
|
717
|
+
# * integer literals without quotes.
|
|
718
|
+
# * boolean literals `true` and `false` without quotes.
|
|
719
|
+
#
|
|
720
|
+
# The following field and operator combinations are supported:
|
|
721
|
+
# name | '='
|
|
722
|
+
# update_time | '>', '<', '>=', '<=', '='
|
|
723
|
+
# create_time | '>', '<', '>=', '<=', '='
|
|
724
|
+
# iam_policy.policy_blob | '=', ':'
|
|
725
|
+
# resource_properties | '=', ':', '>', '<', '>=', '<='
|
|
726
|
+
# security_marks | '=', ':'
|
|
727
|
+
# security_center_properties.resource_name | '=', ':'
|
|
728
|
+
# security_center_properties.resource_type | '=', ':'
|
|
729
|
+
# security_center_properties.resource_parent | '=', ':'
|
|
730
|
+
# security_center_properties.resource_project | '=', ':'
|
|
731
|
+
# security_center_properties.resource_owners | '=', ':'
|
|
732
|
+
#
|
|
733
|
+
# For example, `resource_properties.size = 100` is a valid filter string.
|
|
734
|
+
# @param compare_duration [Google::Protobuf::Duration | Hash]
|
|
735
|
+
# When compare_duration is set, the GroupResult's "state_change" property is
|
|
736
|
+
# updated to indicate whether the asset was added, removed, or remained
|
|
737
|
+
# present during the compare_duration period of time that precedes the
|
|
738
|
+
# read_time. This is the time between (read_time - compare_duration) and
|
|
739
|
+
# read_time.
|
|
740
|
+
#
|
|
741
|
+
# The state change value is derived based on the presence of the asset at the
|
|
742
|
+
# two points in time. Intermediate state changes between the two times don't
|
|
743
|
+
# affect the result. For example, the results aren't affected if the asset is
|
|
744
|
+
# removed and re-created again.
|
|
745
|
+
#
|
|
746
|
+
# Possible "state_change" values when compare_duration is specified:
|
|
747
|
+
#
|
|
748
|
+
# * "ADDED": indicates that the asset was not present at the start of
|
|
749
|
+
# compare_duration, but present at reference_time.
|
|
750
|
+
# * "REMOVED": indicates that the asset was present at the start of
|
|
751
|
+
# compare_duration, but not present at reference_time.
|
|
752
|
+
# * "ACTIVE": indicates that the asset was present at both the
|
|
753
|
+
# start and the end of the time period defined by
|
|
754
|
+
# compare_duration and reference_time.
|
|
755
|
+
#
|
|
756
|
+
# If compare_duration is not specified, then the only possible state_change
|
|
757
|
+
# is "UNUSED", which will be the state_change set for all assets present at
|
|
758
|
+
# read_time.
|
|
759
|
+
#
|
|
760
|
+
# If this field is set then `state_change` must be a specified field in
|
|
761
|
+
# `group_by`.
|
|
762
|
+
# A hash of the same form as `Google::Protobuf::Duration`
|
|
763
|
+
# can also be provided.
|
|
764
|
+
# @param read_time [Google::Protobuf::Timestamp | Hash]
|
|
765
|
+
# Time used as a reference point when filtering assets. The filter is limited
|
|
766
|
+
# to assets existing at the supplied time and their values are those at that
|
|
767
|
+
# specific time. Absence of this field will default to the API's version of
|
|
768
|
+
# NOW.
|
|
769
|
+
# A hash of the same form as `Google::Protobuf::Timestamp`
|
|
770
|
+
# can also be provided.
|
|
771
|
+
# @param page_size [Integer]
|
|
772
|
+
# The maximum number of resources contained in the underlying API
|
|
773
|
+
# response. If page streaming is performed per-resource, this
|
|
774
|
+
# parameter does not affect the return value. If page streaming is
|
|
775
|
+
# performed per-page, this determines the maximum number of
|
|
776
|
+
# resources in a page.
|
|
777
|
+
# @param options [Google::Gax::CallOptions]
|
|
778
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
779
|
+
# retries, etc.
|
|
780
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
781
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
|
|
782
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
783
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
|
|
784
|
+
# An enumerable of Google::Cloud::SecurityCenter::V1::GroupResult instances.
|
|
785
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
|
786
|
+
# operations such as per-page iteration or access to the response
|
|
787
|
+
# object.
|
|
788
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
789
|
+
# @example
|
|
790
|
+
# require "google/cloud/security_center"
|
|
791
|
+
#
|
|
792
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
793
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
|
|
794
|
+
#
|
|
795
|
+
# # TODO: Initialize `group_by`:
|
|
796
|
+
# group_by = ''
|
|
797
|
+
#
|
|
798
|
+
# # Iterate over all results.
|
|
799
|
+
# security_center_client.group_assets(formatted_parent, group_by).each do |element|
|
|
800
|
+
# # Process element.
|
|
801
|
+
# end
|
|
802
|
+
#
|
|
803
|
+
# # Or iterate over results one page at a time.
|
|
804
|
+
# security_center_client.group_assets(formatted_parent, group_by).each_page do |page|
|
|
805
|
+
# # Process each page at a time.
|
|
806
|
+
# page.each do |element|
|
|
807
|
+
# # Process element.
|
|
808
|
+
# end
|
|
809
|
+
# end
|
|
810
|
+
|
|
811
|
+
def group_assets \
|
|
812
|
+
parent,
|
|
813
|
+
group_by,
|
|
814
|
+
filter: nil,
|
|
815
|
+
compare_duration: nil,
|
|
816
|
+
read_time: nil,
|
|
817
|
+
page_size: nil,
|
|
818
|
+
options: nil,
|
|
819
|
+
&block
|
|
820
|
+
req = {
|
|
821
|
+
parent: parent,
|
|
822
|
+
group_by: group_by,
|
|
823
|
+
filter: filter,
|
|
824
|
+
compare_duration: compare_duration,
|
|
825
|
+
read_time: read_time,
|
|
826
|
+
page_size: page_size
|
|
827
|
+
}.delete_if { |_, v| v.nil? }
|
|
828
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GroupAssetsRequest)
|
|
829
|
+
@group_assets.call(req, options, &block)
|
|
830
|
+
end
|
|
831
|
+
|
|
832
|
+
# Filters an organization or source's findings and groups them by their
|
|
833
|
+
# specified properties.
|
|
834
|
+
#
|
|
835
|
+
# To group across all sources provide a `-` as the source id.
|
|
836
|
+
# Example: /v1/organizations/123/sources/-/findings
|
|
837
|
+
#
|
|
838
|
+
# @param parent [String]
|
|
839
|
+
# Name of the source to groupBy. Its format is
|
|
840
|
+
# "organizations/[organization_id]/sources/[source_id]". To groupBy across
|
|
841
|
+
# all sources provide a source_id of `-`. For example:
|
|
842
|
+
# organizations/123/sources/-
|
|
843
|
+
# @param group_by [String]
|
|
844
|
+
# Expression that defines what assets fields to use for grouping (including
|
|
845
|
+
# `state_change`). The string value should follow SQL syntax: comma separated
|
|
846
|
+
# list of fields. For example: "parent,resource_name".
|
|
847
|
+
#
|
|
848
|
+
# The following fields are supported:
|
|
849
|
+
#
|
|
850
|
+
# * resource_name
|
|
851
|
+
# * category
|
|
852
|
+
# * state
|
|
853
|
+
# * parent
|
|
854
|
+
#
|
|
855
|
+
# The following fields are supported when compare_duration is set:
|
|
856
|
+
#
|
|
857
|
+
# * state_change
|
|
858
|
+
# @param filter [String]
|
|
859
|
+
# Expression that defines the filter to apply across findings.
|
|
860
|
+
# The expression is a list of one or more restrictions combined via logical
|
|
861
|
+
# operators `AND` and `OR`.
|
|
862
|
+
# Parentheses are supported, and `OR` has higher precedence than `AND`.
|
|
863
|
+
#
|
|
864
|
+
# Restrictions have the form `<field> <operator> <value>` and may have a `-`
|
|
865
|
+
# character in front of them to indicate negation. Examples include:
|
|
866
|
+
#
|
|
867
|
+
# * name
|
|
868
|
+
# * source_properties.a_property
|
|
869
|
+
# * security_marks.marks.marka
|
|
870
|
+
#
|
|
871
|
+
# The supported operators are:
|
|
872
|
+
#
|
|
873
|
+
# * `=` for all value types.
|
|
874
|
+
# * `>`, `<`, `>=`, `<=` for integer values.
|
|
875
|
+
# * `:`, meaning substring matching, for strings.
|
|
876
|
+
#
|
|
877
|
+
# The supported value types are:
|
|
878
|
+
#
|
|
879
|
+
# * string literals in quotes.
|
|
880
|
+
# * integer literals without quotes.
|
|
881
|
+
# * boolean literals `true` and `false` without quotes.
|
|
882
|
+
#
|
|
883
|
+
# The following field and operator combinations are supported:
|
|
884
|
+
# name | `=`
|
|
885
|
+
# parent | '=', ':'
|
|
886
|
+
# resource_name | '=', ':'
|
|
887
|
+
# state | '=', ':'
|
|
888
|
+
# category | '=', ':'
|
|
889
|
+
# external_uri | '=', ':'
|
|
890
|
+
# event_time | `>`, `<`, `>=`, `<=`
|
|
891
|
+
# security_marks | '=', ':'
|
|
892
|
+
# source_properties | '=', ':', `>`, `<`, `>=`, `<=`
|
|
893
|
+
#
|
|
894
|
+
# For example, `source_properties.size = 100` is a valid filter string.
|
|
895
|
+
# @param read_time [Google::Protobuf::Timestamp | Hash]
|
|
896
|
+
# Time used as a reference point when filtering findings. The filter is
|
|
897
|
+
# limited to findings existing at the supplied time and their values are
|
|
898
|
+
# those at that specific time. Absence of this field will default to the
|
|
899
|
+
# API's version of NOW.
|
|
900
|
+
# A hash of the same form as `Google::Protobuf::Timestamp`
|
|
901
|
+
# can also be provided.
|
|
902
|
+
# @param compare_duration [Google::Protobuf::Duration | Hash]
|
|
903
|
+
# When compare_duration is set, the GroupResult's "state_change" attribute is
|
|
904
|
+
# updated to indicate whether the finding had its state changed, the
|
|
905
|
+
# finding's state remained unchanged, or if the finding was added during the
|
|
906
|
+
# compare_duration period of time that precedes the read_time. This is the
|
|
907
|
+
# time between (read_time - compare_duration) and read_time.
|
|
908
|
+
#
|
|
909
|
+
# The state_change value is derived based on the presence and state of the
|
|
910
|
+
# finding at the two points in time. Intermediate state changes between the
|
|
911
|
+
# two times don't affect the result. For example, the results aren't affected
|
|
912
|
+
# if the finding is made inactive and then active again.
|
|
913
|
+
#
|
|
914
|
+
# Possible "state_change" values when compare_duration is specified:
|
|
915
|
+
#
|
|
916
|
+
# * "CHANGED": indicates that the finding was present at the start of
|
|
917
|
+
# compare_duration, but changed its state at read_time.
|
|
918
|
+
# * "UNCHANGED": indicates that the finding was present at the start of
|
|
919
|
+
# compare_duration and did not change state at read_time.
|
|
920
|
+
# * "ADDED": indicates that the finding was not present at the start
|
|
921
|
+
# of compare_duration, but was present at read_time.
|
|
922
|
+
#
|
|
923
|
+
# If compare_duration is not specified, then the only possible state_change
|
|
924
|
+
# is "UNUSED", which will be the state_change set for all findings present
|
|
925
|
+
# at read_time.
|
|
926
|
+
#
|
|
927
|
+
# If this field is set then `state_change` must be a specified field in
|
|
928
|
+
# `group_by`.
|
|
929
|
+
# A hash of the same form as `Google::Protobuf::Duration`
|
|
930
|
+
# can also be provided.
|
|
931
|
+
# @param page_size [Integer]
|
|
932
|
+
# The maximum number of resources contained in the underlying API
|
|
933
|
+
# response. If page streaming is performed per-resource, this
|
|
934
|
+
# parameter does not affect the return value. If page streaming is
|
|
935
|
+
# performed per-page, this determines the maximum number of
|
|
936
|
+
# resources in a page.
|
|
937
|
+
# @param options [Google::Gax::CallOptions]
|
|
938
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
939
|
+
# retries, etc.
|
|
940
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
941
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
|
|
942
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
943
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
|
|
944
|
+
# An enumerable of Google::Cloud::SecurityCenter::V1::GroupResult instances.
|
|
945
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
|
946
|
+
# operations such as per-page iteration or access to the response
|
|
947
|
+
# object.
|
|
948
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
949
|
+
# @example
|
|
950
|
+
# require "google/cloud/security_center"
|
|
951
|
+
#
|
|
952
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
953
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
|
|
954
|
+
#
|
|
955
|
+
# # TODO: Initialize `group_by`:
|
|
956
|
+
# group_by = ''
|
|
957
|
+
#
|
|
958
|
+
# # Iterate over all results.
|
|
959
|
+
# security_center_client.group_findings(formatted_parent, group_by).each do |element|
|
|
960
|
+
# # Process element.
|
|
961
|
+
# end
|
|
962
|
+
#
|
|
963
|
+
# # Or iterate over results one page at a time.
|
|
964
|
+
# security_center_client.group_findings(formatted_parent, group_by).each_page do |page|
|
|
965
|
+
# # Process each page at a time.
|
|
966
|
+
# page.each do |element|
|
|
967
|
+
# # Process element.
|
|
968
|
+
# end
|
|
969
|
+
# end
|
|
970
|
+
|
|
971
|
+
def group_findings \
|
|
972
|
+
parent,
|
|
973
|
+
group_by,
|
|
974
|
+
filter: nil,
|
|
975
|
+
read_time: nil,
|
|
976
|
+
compare_duration: nil,
|
|
977
|
+
page_size: nil,
|
|
978
|
+
options: nil,
|
|
979
|
+
&block
|
|
980
|
+
req = {
|
|
981
|
+
parent: parent,
|
|
982
|
+
group_by: group_by,
|
|
983
|
+
filter: filter,
|
|
984
|
+
read_time: read_time,
|
|
985
|
+
compare_duration: compare_duration,
|
|
986
|
+
page_size: page_size
|
|
987
|
+
}.delete_if { |_, v| v.nil? }
|
|
988
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GroupFindingsRequest)
|
|
989
|
+
@group_findings.call(req, options, &block)
|
|
990
|
+
end
|
|
991
|
+
|
|
992
|
+
# Lists an organization's assets.
|
|
993
|
+
#
|
|
994
|
+
# @param parent [String]
|
|
995
|
+
# Name of the organization assets should belong to. Its format is
|
|
996
|
+
# "organizations/[organization_id]".
|
|
997
|
+
# @param filter [String]
|
|
998
|
+
# Expression that defines the filter to apply across assets.
|
|
999
|
+
# The expression is a list of zero or more restrictions combined via logical
|
|
1000
|
+
# operators `AND` and `OR`.
|
|
1001
|
+
# Parentheses are supported, and `OR` has higher precedence than `AND`.
|
|
1002
|
+
#
|
|
1003
|
+
# Restrictions have the form `<field> <operator> <value>` and may have a `-`
|
|
1004
|
+
# character in front of them to indicate negation. The fields map to those
|
|
1005
|
+
# defined in the Asset resource. Examples include:
|
|
1006
|
+
#
|
|
1007
|
+
# * name
|
|
1008
|
+
# * security_center_properties.resource_name
|
|
1009
|
+
# * resource_properties.a_property
|
|
1010
|
+
# * security_marks.marks.marka
|
|
1011
|
+
#
|
|
1012
|
+
# The supported operators are:
|
|
1013
|
+
#
|
|
1014
|
+
# * `=` for all value types.
|
|
1015
|
+
# * `>`, `<`, `>=`, `<=` for integer values.
|
|
1016
|
+
# * `:`, meaning substring matching, for strings.
|
|
1017
|
+
#
|
|
1018
|
+
# The supported value types are:
|
|
1019
|
+
#
|
|
1020
|
+
# * string literals in quotes.
|
|
1021
|
+
# * integer literals without quotes.
|
|
1022
|
+
# * boolean literals `true` and `false` without quotes.
|
|
1023
|
+
#
|
|
1024
|
+
# The following are the allowed field and operator combinations:
|
|
1025
|
+
# name | `=`
|
|
1026
|
+
# update_time | `>`, `<`, `>=`, `<=`
|
|
1027
|
+
# iam_policy.policy_blob | '=', ':'
|
|
1028
|
+
# resource_properties | '=', ':', `>`, `<`, `>=`, `<=`
|
|
1029
|
+
# security_marks | '=', ':'
|
|
1030
|
+
# security_center_properties.resource_name | '=', ':'
|
|
1031
|
+
# security_center_properties.resource_type | '=', ':'
|
|
1032
|
+
# security_center_properties.resource_parent | '=', ':'
|
|
1033
|
+
# security_center_properties.resource_project | '=', ':'
|
|
1034
|
+
# security_center_properties.resource_owners | '=', ':'
|
|
1035
|
+
#
|
|
1036
|
+
# For example, `resource_properties.size = 100` is a valid filter string.
|
|
1037
|
+
# @param order_by [String]
|
|
1038
|
+
# Expression that defines what fields and order to use for sorting. The
|
|
1039
|
+
# string value should follow SQL syntax: comma separated list of fields. For
|
|
1040
|
+
# example: "name,resource_properties.a_property". The default sorting order
|
|
1041
|
+
# is ascending. To specify descending order for a field, a suffix " desc"
|
|
1042
|
+
# should be appended to the field name. For example: "name
|
|
1043
|
+
# desc,resource_properties.a_property". Redundant space characters in the
|
|
1044
|
+
# syntax are insignificant. "name desc,resource_properties.a_property" and "
|
|
1045
|
+
# name desc , resource_properties.a_property " are equivalent.
|
|
1046
|
+
#
|
|
1047
|
+
# The following fields are supported:
|
|
1048
|
+
# name
|
|
1049
|
+
# update_time
|
|
1050
|
+
# resource_properties
|
|
1051
|
+
# security_marks
|
|
1052
|
+
# security_center_properties.resource_name
|
|
1053
|
+
# security_center_properties.resource_parent
|
|
1054
|
+
# security_center_properties.resource_project
|
|
1055
|
+
# security_center_properties.resource_type
|
|
1056
|
+
# @param read_time [Google::Protobuf::Timestamp | Hash]
|
|
1057
|
+
# Time used as a reference point when filtering assets. The filter is limited
|
|
1058
|
+
# to assets existing at the supplied time and their values are those at that
|
|
1059
|
+
# specific time. Absence of this field will default to the API's version of
|
|
1060
|
+
# NOW.
|
|
1061
|
+
# A hash of the same form as `Google::Protobuf::Timestamp`
|
|
1062
|
+
# can also be provided.
|
|
1063
|
+
# @param compare_duration [Google::Protobuf::Duration | Hash]
|
|
1064
|
+
# When compare_duration is set, the ListAssetsResult's "state_change"
|
|
1065
|
+
# attribute is updated to indicate whether the asset was added, removed, or
|
|
1066
|
+
# remained present during the compare_duration period of time that precedes
|
|
1067
|
+
# the read_time. This is the time between (read_time - compare_duration) and
|
|
1068
|
+
# read_time.
|
|
1069
|
+
#
|
|
1070
|
+
# The state_change value is derived based on the presence of the asset at the
|
|
1071
|
+
# two points in time. Intermediate state changes between the two times don't
|
|
1072
|
+
# affect the result. For example, the results aren't affected if the asset is
|
|
1073
|
+
# removed and re-created again.
|
|
1074
|
+
#
|
|
1075
|
+
# Possible "state_change" values when compare_duration is specified:
|
|
1076
|
+
#
|
|
1077
|
+
# * "ADDED": indicates that the asset was not present at the start of
|
|
1078
|
+
# compare_duration, but present at read_time.
|
|
1079
|
+
# * "REMOVED": indicates that the asset was present at the start of
|
|
1080
|
+
# compare_duration, but not present at read_time.
|
|
1081
|
+
# * "ACTIVE": indicates that the asset was present at both the
|
|
1082
|
+
# start and the end of the time period defined by
|
|
1083
|
+
# compare_duration and read_time.
|
|
1084
|
+
#
|
|
1085
|
+
# If compare_duration is not specified, then the only possible state_change
|
|
1086
|
+
# is "UNUSED", which will be the state_change set for all assets present at
|
|
1087
|
+
# read_time.
|
|
1088
|
+
# A hash of the same form as `Google::Protobuf::Duration`
|
|
1089
|
+
# can also be provided.
|
|
1090
|
+
# @param field_mask [Google::Protobuf::FieldMask | Hash]
|
|
1091
|
+
# Optional.
|
|
1092
|
+
#
|
|
1093
|
+
# A field mask to specify the ListAssetsResult fields to be listed in the
|
|
1094
|
+
# response.
|
|
1095
|
+
# An empty field mask will list all fields.
|
|
1096
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
|
1097
|
+
# can also be provided.
|
|
1098
|
+
# @param page_size [Integer]
|
|
1099
|
+
# The maximum number of resources contained in the underlying API
|
|
1100
|
+
# response. If page streaming is performed per-resource, this
|
|
1101
|
+
# parameter does not affect the return value. If page streaming is
|
|
1102
|
+
# performed per-page, this determines the maximum number of
|
|
1103
|
+
# resources in a page.
|
|
1104
|
+
# @param options [Google::Gax::CallOptions]
|
|
1105
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1106
|
+
# retries, etc.
|
|
1107
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1108
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
|
|
1109
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1110
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
|
|
1111
|
+
# An enumerable of Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult instances.
|
|
1112
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
|
1113
|
+
# operations such as per-page iteration or access to the response
|
|
1114
|
+
# object.
|
|
1115
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1116
|
+
# @example
|
|
1117
|
+
# require "google/cloud/security_center"
|
|
1118
|
+
#
|
|
1119
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1120
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
|
|
1121
|
+
#
|
|
1122
|
+
# # Iterate over all results.
|
|
1123
|
+
# security_center_client.list_assets(formatted_parent).each do |element|
|
|
1124
|
+
# # Process element.
|
|
1125
|
+
# end
|
|
1126
|
+
#
|
|
1127
|
+
# # Or iterate over results one page at a time.
|
|
1128
|
+
# security_center_client.list_assets(formatted_parent).each_page do |page|
|
|
1129
|
+
# # Process each page at a time.
|
|
1130
|
+
# page.each do |element|
|
|
1131
|
+
# # Process element.
|
|
1132
|
+
# end
|
|
1133
|
+
# end
|
|
1134
|
+
|
|
1135
|
+
def list_assets \
|
|
1136
|
+
parent,
|
|
1137
|
+
filter: nil,
|
|
1138
|
+
order_by: nil,
|
|
1139
|
+
read_time: nil,
|
|
1140
|
+
compare_duration: nil,
|
|
1141
|
+
field_mask: nil,
|
|
1142
|
+
page_size: nil,
|
|
1143
|
+
options: nil,
|
|
1144
|
+
&block
|
|
1145
|
+
req = {
|
|
1146
|
+
parent: parent,
|
|
1147
|
+
filter: filter,
|
|
1148
|
+
order_by: order_by,
|
|
1149
|
+
read_time: read_time,
|
|
1150
|
+
compare_duration: compare_duration,
|
|
1151
|
+
field_mask: field_mask,
|
|
1152
|
+
page_size: page_size
|
|
1153
|
+
}.delete_if { |_, v| v.nil? }
|
|
1154
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListAssetsRequest)
|
|
1155
|
+
@list_assets.call(req, options, &block)
|
|
1156
|
+
end
|
|
1157
|
+
|
|
1158
|
+
# Lists an organization or source's findings.
|
|
1159
|
+
#
|
|
1160
|
+
# To list across all sources provide a `-` as the source id.
|
|
1161
|
+
# Example: /v1/organizations/123/sources/-/findings
|
|
1162
|
+
#
|
|
1163
|
+
# @param parent [String]
|
|
1164
|
+
# Name of the source the findings belong to. Its format is
|
|
1165
|
+
# "organizations/[organization_id]/sources/[source_id]". To list across all
|
|
1166
|
+
# sources provide a source_id of `-`. For example:
|
|
1167
|
+
# organizations/123/sources/-
|
|
1168
|
+
# @param filter [String]
|
|
1169
|
+
# Expression that defines the filter to apply across findings.
|
|
1170
|
+
# The expression is a list of one or more restrictions combined via logical
|
|
1171
|
+
# operators `AND` and `OR`.
|
|
1172
|
+
# Parentheses are supported, and `OR` has higher precedence than `AND`.
|
|
1173
|
+
#
|
|
1174
|
+
# Restrictions have the form `<field> <operator> <value>` and may have a `-`
|
|
1175
|
+
# character in front of them to indicate negation. Examples include:
|
|
1176
|
+
#
|
|
1177
|
+
# * name
|
|
1178
|
+
# * source_properties.a_property
|
|
1179
|
+
# * security_marks.marks.marka
|
|
1180
|
+
#
|
|
1181
|
+
# The supported operators are:
|
|
1182
|
+
#
|
|
1183
|
+
# * `=` for all value types.
|
|
1184
|
+
# * `>`, `<`, `>=`, `<=` for integer values.
|
|
1185
|
+
# * `:`, meaning substring matching, for strings.
|
|
1186
|
+
#
|
|
1187
|
+
# The supported value types are:
|
|
1188
|
+
#
|
|
1189
|
+
# * string literals in quotes.
|
|
1190
|
+
# * integer literals without quotes.
|
|
1191
|
+
# * boolean literals `true` and `false` without quotes.
|
|
1192
|
+
#
|
|
1193
|
+
# The following field and operator combinations are supported:
|
|
1194
|
+
# name | `=`
|
|
1195
|
+
# parent | '=', ':'
|
|
1196
|
+
# resource_name | '=', ':'
|
|
1197
|
+
# state | '=', ':'
|
|
1198
|
+
# category | '=', ':'
|
|
1199
|
+
# external_uri | '=', ':'
|
|
1200
|
+
# event_time | `>`, `<`, `>=`, `<=`
|
|
1201
|
+
# security_marks | '=', ':'
|
|
1202
|
+
# source_properties | '=', ':', `>`, `<`, `>=`, `<=`
|
|
1203
|
+
#
|
|
1204
|
+
# For example, `source_properties.size = 100` is a valid filter string.
|
|
1205
|
+
# @param order_by [String]
|
|
1206
|
+
# Expression that defines what fields and order to use for sorting. The
|
|
1207
|
+
# string value should follow SQL syntax: comma separated list of fields. For
|
|
1208
|
+
# example: "name,resource_properties.a_property". The default sorting order
|
|
1209
|
+
# is ascending. To specify descending order for a field, a suffix " desc"
|
|
1210
|
+
# should be appended to the field name. For example: "name
|
|
1211
|
+
# desc,source_properties.a_property". Redundant space characters in the
|
|
1212
|
+
# syntax are insignificant. "name desc,source_properties.a_property" and "
|
|
1213
|
+
# name desc , source_properties.a_property " are equivalent.
|
|
1214
|
+
#
|
|
1215
|
+
# The following fields are supported:
|
|
1216
|
+
# name
|
|
1217
|
+
# parent
|
|
1218
|
+
# state
|
|
1219
|
+
# category
|
|
1220
|
+
# resource_name
|
|
1221
|
+
# event_time
|
|
1222
|
+
# source_properties
|
|
1223
|
+
# security_marks
|
|
1224
|
+
# @param read_time [Google::Protobuf::Timestamp | Hash]
|
|
1225
|
+
# Time used as a reference point when filtering findings. The filter is
|
|
1226
|
+
# limited to findings existing at the supplied time and their values are
|
|
1227
|
+
# those at that specific time. Absence of this field will default to the
|
|
1228
|
+
# API's version of NOW.
|
|
1229
|
+
# A hash of the same form as `Google::Protobuf::Timestamp`
|
|
1230
|
+
# can also be provided.
|
|
1231
|
+
# @param compare_duration [Google::Protobuf::Duration | Hash]
|
|
1232
|
+
# When compare_duration is set, the ListFindingsResult's "state_change"
|
|
1233
|
+
# attribute is updated to indicate whether the finding had its state changed,
|
|
1234
|
+
# the finding's state remained unchanged, or if the finding was added in any
|
|
1235
|
+
# state during the compare_duration period of time that precedes the
|
|
1236
|
+
# read_time. This is the time between (read_time - compare_duration) and
|
|
1237
|
+
# read_time.
|
|
1238
|
+
#
|
|
1239
|
+
# The state_change value is derived based on the presence and state of the
|
|
1240
|
+
# finding at the two points in time. Intermediate state changes between the
|
|
1241
|
+
# two times don't affect the result. For example, the results aren't affected
|
|
1242
|
+
# if the finding is made inactive and then active again.
|
|
1243
|
+
#
|
|
1244
|
+
# Possible "state_change" values when compare_duration is specified:
|
|
1245
|
+
#
|
|
1246
|
+
# * "CHANGED": indicates that the finding was present at the start of
|
|
1247
|
+
# compare_duration, but changed its state at read_time.
|
|
1248
|
+
# * "UNCHANGED": indicates that the finding was present at the start of
|
|
1249
|
+
# compare_duration and did not change state at read_time.
|
|
1250
|
+
# * "ADDED": indicates that the finding was not present at the start
|
|
1251
|
+
# of compare_duration, but was present at read_time.
|
|
1252
|
+
#
|
|
1253
|
+
# If compare_duration is not specified, then the only possible state_change
|
|
1254
|
+
# is "UNUSED", which will be the state_change set for all findings present at
|
|
1255
|
+
# read_time.
|
|
1256
|
+
# A hash of the same form as `Google::Protobuf::Duration`
|
|
1257
|
+
# can also be provided.
|
|
1258
|
+
# @param field_mask [Google::Protobuf::FieldMask | Hash]
|
|
1259
|
+
# Optional.
|
|
1260
|
+
#
|
|
1261
|
+
# A field mask to specify the Finding fields to be listed in the response.
|
|
1262
|
+
# An empty field mask will list all fields.
|
|
1263
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
|
1264
|
+
# can also be provided.
|
|
1265
|
+
# @param page_size [Integer]
|
|
1266
|
+
# The maximum number of resources contained in the underlying API
|
|
1267
|
+
# response. If page streaming is performed per-resource, this
|
|
1268
|
+
# parameter does not affect the return value. If page streaming is
|
|
1269
|
+
# performed per-page, this determines the maximum number of
|
|
1270
|
+
# resources in a page.
|
|
1271
|
+
# @param options [Google::Gax::CallOptions]
|
|
1272
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1273
|
+
# retries, etc.
|
|
1274
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1275
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
|
|
1276
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1277
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
|
|
1278
|
+
# An enumerable of Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult instances.
|
|
1279
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
|
1280
|
+
# operations such as per-page iteration or access to the response
|
|
1281
|
+
# object.
|
|
1282
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1283
|
+
# @example
|
|
1284
|
+
# require "google/cloud/security_center"
|
|
1285
|
+
#
|
|
1286
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1287
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
|
|
1288
|
+
#
|
|
1289
|
+
# # Iterate over all results.
|
|
1290
|
+
# security_center_client.list_findings(formatted_parent).each do |element|
|
|
1291
|
+
# # Process element.
|
|
1292
|
+
# end
|
|
1293
|
+
#
|
|
1294
|
+
# # Or iterate over results one page at a time.
|
|
1295
|
+
# security_center_client.list_findings(formatted_parent).each_page do |page|
|
|
1296
|
+
# # Process each page at a time.
|
|
1297
|
+
# page.each do |element|
|
|
1298
|
+
# # Process element.
|
|
1299
|
+
# end
|
|
1300
|
+
# end
|
|
1301
|
+
|
|
1302
|
+
def list_findings \
|
|
1303
|
+
parent,
|
|
1304
|
+
filter: nil,
|
|
1305
|
+
order_by: nil,
|
|
1306
|
+
read_time: nil,
|
|
1307
|
+
compare_duration: nil,
|
|
1308
|
+
field_mask: nil,
|
|
1309
|
+
page_size: nil,
|
|
1310
|
+
options: nil,
|
|
1311
|
+
&block
|
|
1312
|
+
req = {
|
|
1313
|
+
parent: parent,
|
|
1314
|
+
filter: filter,
|
|
1315
|
+
order_by: order_by,
|
|
1316
|
+
read_time: read_time,
|
|
1317
|
+
compare_duration: compare_duration,
|
|
1318
|
+
field_mask: field_mask,
|
|
1319
|
+
page_size: page_size
|
|
1320
|
+
}.delete_if { |_, v| v.nil? }
|
|
1321
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListFindingsRequest)
|
|
1322
|
+
@list_findings.call(req, options, &block)
|
|
1323
|
+
end
|
|
1324
|
+
|
|
1325
|
+
# Lists all sources belonging to an organization.
|
|
1326
|
+
#
|
|
1327
|
+
# @param parent [String]
|
|
1328
|
+
# Resource name of the parent of sources to list. Its format should be
|
|
1329
|
+
# "organizations/[organization_id]".
|
|
1330
|
+
# @param page_size [Integer]
|
|
1331
|
+
# The maximum number of resources contained in the underlying API
|
|
1332
|
+
# response. If page streaming is performed per-resource, this
|
|
1333
|
+
# parameter does not affect the return value. If page streaming is
|
|
1334
|
+
# performed per-page, this determines the maximum number of
|
|
1335
|
+
# resources in a page.
|
|
1336
|
+
# @param options [Google::Gax::CallOptions]
|
|
1337
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1338
|
+
# retries, etc.
|
|
1339
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1340
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::Source>]
|
|
1341
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1342
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::Source>]
|
|
1343
|
+
# An enumerable of Google::Cloud::SecurityCenter::V1::Source instances.
|
|
1344
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
|
1345
|
+
# operations such as per-page iteration or access to the response
|
|
1346
|
+
# object.
|
|
1347
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1348
|
+
# @example
|
|
1349
|
+
# require "google/cloud/security_center"
|
|
1350
|
+
#
|
|
1351
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1352
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
|
|
1353
|
+
#
|
|
1354
|
+
# # Iterate over all results.
|
|
1355
|
+
# security_center_client.list_sources(formatted_parent).each do |element|
|
|
1356
|
+
# # Process element.
|
|
1357
|
+
# end
|
|
1358
|
+
#
|
|
1359
|
+
# # Or iterate over results one page at a time.
|
|
1360
|
+
# security_center_client.list_sources(formatted_parent).each_page do |page|
|
|
1361
|
+
# # Process each page at a time.
|
|
1362
|
+
# page.each do |element|
|
|
1363
|
+
# # Process element.
|
|
1364
|
+
# end
|
|
1365
|
+
# end
|
|
1366
|
+
|
|
1367
|
+
def list_sources \
|
|
1368
|
+
parent,
|
|
1369
|
+
page_size: nil,
|
|
1370
|
+
options: nil,
|
|
1371
|
+
&block
|
|
1372
|
+
req = {
|
|
1373
|
+
parent: parent,
|
|
1374
|
+
page_size: page_size
|
|
1375
|
+
}.delete_if { |_, v| v.nil? }
|
|
1376
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListSourcesRequest)
|
|
1377
|
+
@list_sources.call(req, options, &block)
|
|
1378
|
+
end
|
|
1379
|
+
|
|
1380
|
+
# Runs asset discovery. The discovery is tracked with a long-running
|
|
1381
|
+
# operation.
|
|
1382
|
+
#
|
|
1383
|
+
# This API can only be called with limited frequency for an organization. If
|
|
1384
|
+
# it is called too frequently the caller will receive a TOO_MANY_REQUESTS
|
|
1385
|
+
# error.
|
|
1386
|
+
#
|
|
1387
|
+
# @param parent [String]
|
|
1388
|
+
# Name of the organization to run asset discovery for. Its format is
|
|
1389
|
+
# "organizations/[organization_id]".
|
|
1390
|
+
# @param options [Google::Gax::CallOptions]
|
|
1391
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1392
|
+
# retries, etc.
|
|
1393
|
+
# @return [Google::Gax::Operation]
|
|
1394
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1395
|
+
# @example
|
|
1396
|
+
# require "google/cloud/security_center"
|
|
1397
|
+
#
|
|
1398
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1399
|
+
# formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
|
|
1400
|
+
#
|
|
1401
|
+
# # Register a callback during the method call.
|
|
1402
|
+
# operation = security_center_client.run_asset_discovery(formatted_parent) do |op|
|
|
1403
|
+
# raise op.results.message if op.error?
|
|
1404
|
+
# op_results = op.results
|
|
1405
|
+
# # Process the results.
|
|
1406
|
+
#
|
|
1407
|
+
# metadata = op.metadata
|
|
1408
|
+
# # Process the metadata.
|
|
1409
|
+
# end
|
|
1410
|
+
#
|
|
1411
|
+
# # Or use the return value to register a callback.
|
|
1412
|
+
# operation.on_done do |op|
|
|
1413
|
+
# raise op.results.message if op.error?
|
|
1414
|
+
# op_results = op.results
|
|
1415
|
+
# # Process the results.
|
|
1416
|
+
#
|
|
1417
|
+
# metadata = op.metadata
|
|
1418
|
+
# # Process the metadata.
|
|
1419
|
+
# end
|
|
1420
|
+
#
|
|
1421
|
+
# # Manually reload the operation.
|
|
1422
|
+
# operation.reload!
|
|
1423
|
+
#
|
|
1424
|
+
# # Or block until the operation completes, triggering callbacks on
|
|
1425
|
+
# # completion.
|
|
1426
|
+
# operation.wait_until_done!
|
|
1427
|
+
|
|
1428
|
+
def run_asset_discovery \
|
|
1429
|
+
parent,
|
|
1430
|
+
options: nil
|
|
1431
|
+
req = {
|
|
1432
|
+
parent: parent
|
|
1433
|
+
}.delete_if { |_, v| v.nil? }
|
|
1434
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest)
|
|
1435
|
+
operation = Google::Gax::Operation.new(
|
|
1436
|
+
@run_asset_discovery.call(req, options),
|
|
1437
|
+
@operations_client,
|
|
1438
|
+
Google::Protobuf::Empty,
|
|
1439
|
+
Google::Protobuf::Empty,
|
|
1440
|
+
call_options: options
|
|
1441
|
+
)
|
|
1442
|
+
operation.on_done { |operation| yield(operation) } if block_given?
|
|
1443
|
+
operation
|
|
1444
|
+
end
|
|
1445
|
+
|
|
1446
|
+
# Updates the state of a finding.
|
|
1447
|
+
#
|
|
1448
|
+
# @param name [String]
|
|
1449
|
+
# The relative resource name of the finding. See:
|
|
1450
|
+
# https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
|
1451
|
+
# Example:
|
|
1452
|
+
# "organizations/123/sources/456/finding/789".
|
|
1453
|
+
# @param state [Google::Cloud::SecurityCenter::V1::Finding::State]
|
|
1454
|
+
# The desired State of the finding.
|
|
1455
|
+
# @param start_time [Google::Protobuf::Timestamp | Hash]
|
|
1456
|
+
# The time at which the updated state takes effect.
|
|
1457
|
+
# A hash of the same form as `Google::Protobuf::Timestamp`
|
|
1458
|
+
# can also be provided.
|
|
1459
|
+
# @param options [Google::Gax::CallOptions]
|
|
1460
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1461
|
+
# retries, etc.
|
|
1462
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1463
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
|
|
1464
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1465
|
+
# @return [Google::Cloud::SecurityCenter::V1::Finding]
|
|
1466
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1467
|
+
# @example
|
|
1468
|
+
# require "google/cloud/security_center"
|
|
1469
|
+
#
|
|
1470
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1471
|
+
# formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_path("[ORGANIZATION]", "[SOURCE]", "[FINDING]")
|
|
1472
|
+
#
|
|
1473
|
+
# # TODO: Initialize `state`:
|
|
1474
|
+
# state = :STATE_UNSPECIFIED
|
|
1475
|
+
#
|
|
1476
|
+
# # TODO: Initialize `start_time`:
|
|
1477
|
+
# start_time = {}
|
|
1478
|
+
# response = security_center_client.set_finding_state(formatted_name, state, start_time)
|
|
1479
|
+
|
|
1480
|
+
def set_finding_state \
|
|
1481
|
+
name,
|
|
1482
|
+
state,
|
|
1483
|
+
start_time,
|
|
1484
|
+
options: nil,
|
|
1485
|
+
&block
|
|
1486
|
+
req = {
|
|
1487
|
+
name: name,
|
|
1488
|
+
state: state,
|
|
1489
|
+
start_time: start_time
|
|
1490
|
+
}.delete_if { |_, v| v.nil? }
|
|
1491
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::SetFindingStateRequest)
|
|
1492
|
+
@set_finding_state.call(req, options, &block)
|
|
1493
|
+
end
|
|
1494
|
+
|
|
1495
|
+
# Sets the access control policy on the specified Source.
|
|
1496
|
+
#
|
|
1497
|
+
# @param resource [String]
|
|
1498
|
+
# REQUIRED: The resource for which the policy is being specified.
|
|
1499
|
+
# `resource` is usually specified as a path. For example, a Project
|
|
1500
|
+
# resource is specified as `projects/{project}`.
|
|
1501
|
+
# @param policy [Google::Iam::V1::Policy | Hash]
|
|
1502
|
+
# REQUIRED: The complete policy to be applied to the `resource`. The size of
|
|
1503
|
+
# the policy is limited to a few 10s of KB. An empty policy is a
|
|
1504
|
+
# valid policy but certain Cloud Platform services (such as Projects)
|
|
1505
|
+
# might reject them.
|
|
1506
|
+
# A hash of the same form as `Google::Iam::V1::Policy`
|
|
1507
|
+
# can also be provided.
|
|
1508
|
+
# @param options [Google::Gax::CallOptions]
|
|
1509
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1510
|
+
# retries, etc.
|
|
1511
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1512
|
+
# @yieldparam result [Google::Iam::V1::Policy]
|
|
1513
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1514
|
+
# @return [Google::Iam::V1::Policy]
|
|
1515
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1516
|
+
# @example
|
|
1517
|
+
# require "google/cloud/security_center"
|
|
1518
|
+
#
|
|
1519
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1520
|
+
# formatted_resource = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
|
|
1521
|
+
#
|
|
1522
|
+
# # TODO: Initialize `policy`:
|
|
1523
|
+
# policy = {}
|
|
1524
|
+
# response = security_center_client.set_iam_policy(formatted_resource, policy)
|
|
1525
|
+
|
|
1526
|
+
def set_iam_policy \
|
|
1527
|
+
resource,
|
|
1528
|
+
policy,
|
|
1529
|
+
options: nil,
|
|
1530
|
+
&block
|
|
1531
|
+
req = {
|
|
1532
|
+
resource: resource,
|
|
1533
|
+
policy: policy
|
|
1534
|
+
}.delete_if { |_, v| v.nil? }
|
|
1535
|
+
req = Google::Gax::to_proto(req, Google::Iam::V1::SetIamPolicyRequest)
|
|
1536
|
+
@set_iam_policy.call(req, options, &block)
|
|
1537
|
+
end
|
|
1538
|
+
|
|
1539
|
+
# Returns the permissions that a caller has on the specified source.
|
|
1540
|
+
#
|
|
1541
|
+
# @param resource [String]
|
|
1542
|
+
# REQUIRED: The resource for which the policy detail is being requested.
|
|
1543
|
+
# `resource` is usually specified as a path. For example, a Project
|
|
1544
|
+
# resource is specified as `projects/{project}`.
|
|
1545
|
+
# @param permissions [Array<String>]
|
|
1546
|
+
# The set of permissions to check for the `resource`. Permissions with
|
|
1547
|
+
# wildcards (such as '*' or 'storage.*') are not allowed. For more
|
|
1548
|
+
# information see
|
|
1549
|
+
# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
|
1550
|
+
# @param options [Google::Gax::CallOptions]
|
|
1551
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1552
|
+
# retries, etc.
|
|
1553
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1554
|
+
# @yieldparam result [Google::Iam::V1::TestIamPermissionsResponse]
|
|
1555
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1556
|
+
# @return [Google::Iam::V1::TestIamPermissionsResponse]
|
|
1557
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1558
|
+
# @example
|
|
1559
|
+
# require "google/cloud/security_center"
|
|
1560
|
+
#
|
|
1561
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1562
|
+
# formatted_resource = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
|
|
1563
|
+
#
|
|
1564
|
+
# # TODO: Initialize `permissions`:
|
|
1565
|
+
# permissions = []
|
|
1566
|
+
# response = security_center_client.test_iam_permissions(formatted_resource, permissions)
|
|
1567
|
+
|
|
1568
|
+
def test_iam_permissions \
|
|
1569
|
+
resource,
|
|
1570
|
+
permissions,
|
|
1571
|
+
options: nil,
|
|
1572
|
+
&block
|
|
1573
|
+
req = {
|
|
1574
|
+
resource: resource,
|
|
1575
|
+
permissions: permissions
|
|
1576
|
+
}.delete_if { |_, v| v.nil? }
|
|
1577
|
+
req = Google::Gax::to_proto(req, Google::Iam::V1::TestIamPermissionsRequest)
|
|
1578
|
+
@test_iam_permissions.call(req, options, &block)
|
|
1579
|
+
end
|
|
1580
|
+
|
|
1581
|
+
# Creates or updates a finding. The corresponding source must exist for a
|
|
1582
|
+
# finding creation to succeed.
|
|
1583
|
+
#
|
|
1584
|
+
# @param finding [Google::Cloud::SecurityCenter::V1::Finding | Hash]
|
|
1585
|
+
# The finding resource to update or create if it does not already exist.
|
|
1586
|
+
# parent, security_marks, and update_time will be ignored.
|
|
1587
|
+
#
|
|
1588
|
+
# In the case of creation, the finding id portion of the name must be
|
|
1589
|
+
# alphanumeric and less than or equal to 32 characters and greater than 0
|
|
1590
|
+
# characters in length.
|
|
1591
|
+
# A hash of the same form as `Google::Cloud::SecurityCenter::V1::Finding`
|
|
1592
|
+
# can also be provided.
|
|
1593
|
+
# @param update_mask [Google::Protobuf::FieldMask | Hash]
|
|
1594
|
+
# The FieldMask to use when updating the finding resource. This field should
|
|
1595
|
+
# not be specified when creating a finding.
|
|
1596
|
+
#
|
|
1597
|
+
# When updating a finding, an empty mask is treated as updating all mutable
|
|
1598
|
+
# fields and replacing source_properties. Individual source_properties can
|
|
1599
|
+
# be added/updated by using "source_properties.<property key>" in the field
|
|
1600
|
+
# mask.
|
|
1601
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
|
1602
|
+
# can also be provided.
|
|
1603
|
+
# @param options [Google::Gax::CallOptions]
|
|
1604
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1605
|
+
# retries, etc.
|
|
1606
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1607
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
|
|
1608
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1609
|
+
# @return [Google::Cloud::SecurityCenter::V1::Finding]
|
|
1610
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1611
|
+
# @example
|
|
1612
|
+
# require "google/cloud/security_center"
|
|
1613
|
+
#
|
|
1614
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1615
|
+
#
|
|
1616
|
+
# # TODO: Initialize `finding`:
|
|
1617
|
+
# finding = {}
|
|
1618
|
+
# response = security_center_client.update_finding(finding)
|
|
1619
|
+
|
|
1620
|
+
def update_finding \
|
|
1621
|
+
finding,
|
|
1622
|
+
update_mask: nil,
|
|
1623
|
+
options: nil,
|
|
1624
|
+
&block
|
|
1625
|
+
req = {
|
|
1626
|
+
finding: finding,
|
|
1627
|
+
update_mask: update_mask
|
|
1628
|
+
}.delete_if { |_, v| v.nil? }
|
|
1629
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateFindingRequest)
|
|
1630
|
+
@update_finding.call(req, options, &block)
|
|
1631
|
+
end
|
|
1632
|
+
|
|
1633
|
+
# Updates an organization's settings.
|
|
1634
|
+
#
|
|
1635
|
+
# @param organization_settings [Google::Cloud::SecurityCenter::V1::OrganizationSettings | Hash]
|
|
1636
|
+
# The organization settings resource to update.
|
|
1637
|
+
# A hash of the same form as `Google::Cloud::SecurityCenter::V1::OrganizationSettings`
|
|
1638
|
+
# can also be provided.
|
|
1639
|
+
# @param update_mask [Google::Protobuf::FieldMask | Hash]
|
|
1640
|
+
# The FieldMask to use when updating the settings resource.
|
|
1641
|
+
#
|
|
1642
|
+
# If empty all mutable fields will be updated.
|
|
1643
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
|
1644
|
+
# can also be provided.
|
|
1645
|
+
# @param options [Google::Gax::CallOptions]
|
|
1646
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1647
|
+
# retries, etc.
|
|
1648
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1649
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
|
|
1650
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1651
|
+
# @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
|
|
1652
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1653
|
+
# @example
|
|
1654
|
+
# require "google/cloud/security_center"
|
|
1655
|
+
#
|
|
1656
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1657
|
+
#
|
|
1658
|
+
# # TODO: Initialize `organization_settings`:
|
|
1659
|
+
# organization_settings = {}
|
|
1660
|
+
# response = security_center_client.update_organization_settings(organization_settings)
|
|
1661
|
+
|
|
1662
|
+
def update_organization_settings \
|
|
1663
|
+
organization_settings,
|
|
1664
|
+
update_mask: nil,
|
|
1665
|
+
options: nil,
|
|
1666
|
+
&block
|
|
1667
|
+
req = {
|
|
1668
|
+
organization_settings: organization_settings,
|
|
1669
|
+
update_mask: update_mask
|
|
1670
|
+
}.delete_if { |_, v| v.nil? }
|
|
1671
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest)
|
|
1672
|
+
@update_organization_settings.call(req, options, &block)
|
|
1673
|
+
end
|
|
1674
|
+
|
|
1675
|
+
# Updates a source.
|
|
1676
|
+
#
|
|
1677
|
+
# @param source [Google::Cloud::SecurityCenter::V1::Source | Hash]
|
|
1678
|
+
# The source resource to update.
|
|
1679
|
+
# A hash of the same form as `Google::Cloud::SecurityCenter::V1::Source`
|
|
1680
|
+
# can also be provided.
|
|
1681
|
+
# @param update_mask [Google::Protobuf::FieldMask | Hash]
|
|
1682
|
+
# The FieldMask to use when updating the source resource.
|
|
1683
|
+
#
|
|
1684
|
+
# If empty all mutable fields will be updated.
|
|
1685
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
|
1686
|
+
# can also be provided.
|
|
1687
|
+
# @param options [Google::Gax::CallOptions]
|
|
1688
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1689
|
+
# retries, etc.
|
|
1690
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1691
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
|
|
1692
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1693
|
+
# @return [Google::Cloud::SecurityCenter::V1::Source]
|
|
1694
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1695
|
+
# @example
|
|
1696
|
+
# require "google/cloud/security_center"
|
|
1697
|
+
#
|
|
1698
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1699
|
+
#
|
|
1700
|
+
# # TODO: Initialize `source`:
|
|
1701
|
+
# source = {}
|
|
1702
|
+
# response = security_center_client.update_source(source)
|
|
1703
|
+
|
|
1704
|
+
def update_source \
|
|
1705
|
+
source,
|
|
1706
|
+
update_mask: nil,
|
|
1707
|
+
options: nil,
|
|
1708
|
+
&block
|
|
1709
|
+
req = {
|
|
1710
|
+
source: source,
|
|
1711
|
+
update_mask: update_mask
|
|
1712
|
+
}.delete_if { |_, v| v.nil? }
|
|
1713
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateSourceRequest)
|
|
1714
|
+
@update_source.call(req, options, &block)
|
|
1715
|
+
end
|
|
1716
|
+
|
|
1717
|
+
# Updates security marks.
|
|
1718
|
+
#
|
|
1719
|
+
# @param security_marks [Google::Cloud::SecurityCenter::V1::SecurityMarks | Hash]
|
|
1720
|
+
# The security marks resource to update.
|
|
1721
|
+
# A hash of the same form as `Google::Cloud::SecurityCenter::V1::SecurityMarks`
|
|
1722
|
+
# can also be provided.
|
|
1723
|
+
# @param update_mask [Google::Protobuf::FieldMask | Hash]
|
|
1724
|
+
# The FieldMask to use when updating the security marks resource.
|
|
1725
|
+
#
|
|
1726
|
+
# The field mask must not contain duplicate fields.
|
|
1727
|
+
# If empty or set to "marks", all marks will be replaced. Individual
|
|
1728
|
+
# marks can be updated using "marks.<mark_key>".
|
|
1729
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
|
1730
|
+
# can also be provided.
|
|
1731
|
+
# @param start_time [Google::Protobuf::Timestamp | Hash]
|
|
1732
|
+
# The time at which the updated SecurityMarks take effect.
|
|
1733
|
+
# If not set uses current server time. Updates will be applied to the
|
|
1734
|
+
# SecurityMarks that are active immediately preceding this time.
|
|
1735
|
+
# A hash of the same form as `Google::Protobuf::Timestamp`
|
|
1736
|
+
# can also be provided.
|
|
1737
|
+
# @param options [Google::Gax::CallOptions]
|
|
1738
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1739
|
+
# retries, etc.
|
|
1740
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1741
|
+
# @yieldparam result [Google::Cloud::SecurityCenter::V1::SecurityMarks]
|
|
1742
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1743
|
+
# @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
|
|
1744
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1745
|
+
# @example
|
|
1746
|
+
# require "google/cloud/security_center"
|
|
1747
|
+
#
|
|
1748
|
+
# security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
|
|
1749
|
+
#
|
|
1750
|
+
# # TODO: Initialize `security_marks`:
|
|
1751
|
+
# security_marks = {}
|
|
1752
|
+
# response = security_center_client.update_security_marks(security_marks)
|
|
1753
|
+
|
|
1754
|
+
def update_security_marks \
|
|
1755
|
+
security_marks,
|
|
1756
|
+
update_mask: nil,
|
|
1757
|
+
start_time: nil,
|
|
1758
|
+
options: nil,
|
|
1759
|
+
&block
|
|
1760
|
+
req = {
|
|
1761
|
+
security_marks: security_marks,
|
|
1762
|
+
update_mask: update_mask,
|
|
1763
|
+
start_time: start_time
|
|
1764
|
+
}.delete_if { |_, v| v.nil? }
|
|
1765
|
+
req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest)
|
|
1766
|
+
@update_security_marks.call(req, options, &block)
|
|
1767
|
+
end
|
|
1768
|
+
end
|
|
1769
|
+
end
|
|
1770
|
+
end
|
|
1771
|
+
end
|
|
1772
|
+
end
|