google-cloud-security_center 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (33) hide show
  1. checksums.yaml +7 -0
  2. data/.yardopts +9 -0
  3. data/LICENSE +201 -0
  4. data/README.md +69 -0
  5. data/lib/google/cloud/security_center.rb +141 -0
  6. data/lib/google/cloud/security_center/v1.rb +139 -0
  7. data/lib/google/cloud/security_center/v1/asset_pb.rb +37 -0
  8. data/lib/google/cloud/security_center/v1/credentials.rb +41 -0
  9. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/asset.rb +96 -0
  10. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/finding.rb +94 -0
  11. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/organization_settings.rb +72 -0
  12. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/security_marks.rb +44 -0
  13. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/securitycenter_service.rb +759 -0
  14. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/source.rb +51 -0
  15. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/iam_policy.rb +63 -0
  16. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/policy.rb +104 -0
  17. data/lib/google/cloud/security_center/v1/doc/google/longrunning/operations.rb +51 -0
  18. data/lib/google/cloud/security_center/v1/doc/google/protobuf/any.rb +131 -0
  19. data/lib/google/cloud/security_center/v1/doc/google/protobuf/duration.rb +91 -0
  20. data/lib/google/cloud/security_center/v1/doc/google/protobuf/field_mask.rb +222 -0
  21. data/lib/google/cloud/security_center/v1/doc/google/protobuf/struct.rb +74 -0
  22. data/lib/google/cloud/security_center/v1/doc/google/protobuf/timestamp.rb +111 -0
  23. data/lib/google/cloud/security_center/v1/doc/google/rpc/status.rb +87 -0
  24. data/lib/google/cloud/security_center/v1/finding_pb.rb +34 -0
  25. data/lib/google/cloud/security_center/v1/helpers.rb +87 -0
  26. data/lib/google/cloud/security_center/v1/organization_settings_pb.rb +29 -0
  27. data/lib/google/cloud/security_center/v1/security_center_client.rb +1772 -0
  28. data/lib/google/cloud/security_center/v1/security_center_client_config.json +116 -0
  29. data/lib/google/cloud/security_center/v1/security_marks_pb.rb +17 -0
  30. data/lib/google/cloud/security_center/v1/securitycenter_service_pb.rb +186 -0
  31. data/lib/google/cloud/security_center/v1/securitycenter_service_services_pb.rb +90 -0
  32. data/lib/google/cloud/security_center/v1/source_pb.rb +18 -0
  33. metadata +172 -0
@@ -0,0 +1,34 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/security_center/v1/finding.proto
3
+
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ require 'google/cloud/security_center/v1/security_marks_pb'
9
+ require 'google/protobuf/struct_pb'
10
+ require 'google/protobuf/timestamp_pb'
11
+ Google::Protobuf::DescriptorPool.generated_pool.build do
12
+ add_message "google.cloud.securitycenter.v1.Finding" do
13
+ optional :name, :string, 1
14
+ optional :parent, :string, 2
15
+ optional :resource_name, :string, 3
16
+ optional :state, :enum, 4, "google.cloud.securitycenter.v1.Finding.State"
17
+ optional :category, :string, 5
18
+ optional :external_uri, :string, 6
19
+ map :source_properties, :string, :message, 7, "google.protobuf.Value"
20
+ optional :security_marks, :message, 8, "google.cloud.securitycenter.v1.SecurityMarks"
21
+ optional :event_time, :message, 9, "google.protobuf.Timestamp"
22
+ optional :create_time, :message, 10, "google.protobuf.Timestamp"
23
+ end
24
+ add_enum "google.cloud.securitycenter.v1.Finding.State" do
25
+ value :STATE_UNSPECIFIED, 0
26
+ value :ACTIVE, 1
27
+ value :INACTIVE, 2
28
+ end
29
+ end
30
+
31
+ module Google::Cloud::SecurityCenter::V1
32
+ Finding = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding").msgclass
33
+ Finding::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding.State").enummodule
34
+ end
@@ -0,0 +1,87 @@
1
+ # Copyright 2019 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # # limitations under the License.
14
+
15
+ module Google
16
+ module Cloud
17
+ module SecurityCenter
18
+ module V1
19
+ class SecurityCenterClient
20
+
21
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.asset_path.
22
+ # @param organization [String]
23
+ # @param asset [String]
24
+ # @return [String]
25
+ def asset_path organization, asset
26
+ self.class.asset_path organization, asset
27
+ end
28
+
29
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.asset_security_marks_path.
30
+ # @param organization [String]
31
+ # @param asset [String]
32
+ # @return [String]
33
+ def asset_security_marks_path organization, asset
34
+ self.class.asset_security_marks_path organization, asset
35
+ end
36
+
37
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_path.
38
+ # @param organization [String]
39
+ # @param source [String]
40
+ # @param finding [String]
41
+ # @return [String]
42
+ def finding_path organization, source, finding
43
+ self.class.finding_path organization, source, finding
44
+ end
45
+
46
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_security_marks_path.
47
+ # @param organization [String]
48
+ # @param source [String]
49
+ # @param finding [String]
50
+ # @return [String]
51
+ def finding_security_marks_path organization, source, finding
52
+ self.class.finding_security_marks_path organization, source, finding
53
+ end
54
+
55
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path.
56
+ # @param organization [String]
57
+ # @return [String]
58
+ def organization_path organization
59
+ self.class.organization_path organization
60
+ end
61
+
62
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_settings_path.
63
+ # @param organization [String]
64
+ # @return [String]
65
+ def organization_settings_path organization
66
+ self.class.organization_settings_path organization
67
+ end
68
+
69
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_sources_path.
70
+ # @param organization [String]
71
+ # @return [String]
72
+ def organization_sources_path organization
73
+ self.class.organization_sources_path organization
74
+ end
75
+
76
+ # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path.
77
+ # @param organization [String]
78
+ # @param source [String]
79
+ # @return [String]
80
+ def source_path organization, source
81
+ self.class.source_path organization, source
82
+ end
83
+ end
84
+ end
85
+ end
86
+ end
87
+ end
@@ -0,0 +1,29 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/security_center/v1/organization_settings.proto
3
+
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ Google::Protobuf::DescriptorPool.generated_pool.build do
9
+ add_message "google.cloud.securitycenter.v1.OrganizationSettings" do
10
+ optional :name, :string, 1
11
+ optional :enable_asset_discovery, :bool, 2
12
+ optional :asset_discovery_config, :message, 3, "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig"
13
+ end
14
+ add_message "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig" do
15
+ repeated :project_ids, :string, 1
16
+ optional :inclusion_mode, :enum, 2, "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"
17
+ end
18
+ add_enum "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode" do
19
+ value :INCLUSION_MODE_UNSPECIFIED, 0
20
+ value :INCLUDE_ONLY, 1
21
+ value :EXCLUDE, 2
22
+ end
23
+ end
24
+
25
+ module Google::Cloud::SecurityCenter::V1
26
+ OrganizationSettings = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings").msgclass
27
+ OrganizationSettings::AssetDiscoveryConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig").msgclass
28
+ OrganizationSettings::AssetDiscoveryConfig::InclusionMode = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode").enummodule
29
+ end
@@ -0,0 +1,1772 @@
1
+ # Copyright 2019 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+ #
15
+ # EDITING INSTRUCTIONS
16
+ # This file was generated from the file
17
+ # https://github.com/googleapis/googleapis/blob/master/google/cloud/security_center/v1/securitycenter_service.proto,
18
+ # and updates to that file get reflected here through a refresh process.
19
+ # For the short term, the refresh process will only be runnable by Google
20
+ # engineers.
21
+
22
+
23
+ require "json"
24
+ require "pathname"
25
+
26
+ require "google/gax"
27
+ require "google/gax/operation"
28
+ require "google/longrunning/operations_client"
29
+
30
+ require "google/cloud/security_center/v1/securitycenter_service_pb"
31
+ require "google/cloud/security_center/v1/credentials"
32
+
33
+ module Google
34
+ module Cloud
35
+ module SecurityCenter
36
+ module V1
37
+ # V1 APIs for Security Center service.
38
+ #
39
+ # @!attribute [r] security_center_stub
40
+ # @return [Google::Cloud::SecurityCenter::V1::SecurityCenter::Stub]
41
+ class SecurityCenterClient
42
+ # @private
43
+ attr_reader :security_center_stub
44
+
45
+ # The default address of the service.
46
+ SERVICE_ADDRESS = "securitycenter.googleapis.com".freeze
47
+
48
+ # The default port of the service.
49
+ DEFAULT_SERVICE_PORT = 443
50
+
51
+ # The default set of gRPC interceptors.
52
+ GRPC_INTERCEPTORS = []
53
+
54
+ DEFAULT_TIMEOUT = 30
55
+
56
+ PAGE_DESCRIPTORS = {
57
+ "group_assets" => Google::Gax::PageDescriptor.new(
58
+ "page_token",
59
+ "next_page_token",
60
+ "group_by_results"),
61
+ "group_findings" => Google::Gax::PageDescriptor.new(
62
+ "page_token",
63
+ "next_page_token",
64
+ "group_by_results"),
65
+ "list_assets" => Google::Gax::PageDescriptor.new(
66
+ "page_token",
67
+ "next_page_token",
68
+ "list_assets_results"),
69
+ "list_findings" => Google::Gax::PageDescriptor.new(
70
+ "page_token",
71
+ "next_page_token",
72
+ "list_findings_results"),
73
+ "list_sources" => Google::Gax::PageDescriptor.new(
74
+ "page_token",
75
+ "next_page_token",
76
+ "sources")
77
+ }.freeze
78
+
79
+ private_constant :PAGE_DESCRIPTORS
80
+
81
+ # The scopes needed to make gRPC calls to all of the methods defined in
82
+ # this service.
83
+ ALL_SCOPES = [
84
+ "https://www.googleapis.com/auth/cloud-platform"
85
+ ].freeze
86
+
87
+ class OperationsClient < Google::Longrunning::OperationsClient
88
+ self::SERVICE_ADDRESS = SecurityCenterClient::SERVICE_ADDRESS
89
+ self::GRPC_INTERCEPTORS = SecurityCenterClient::GRPC_INTERCEPTORS
90
+ end
91
+
92
+ ASSET_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
93
+ "organizations/{organization}/assets/{asset}"
94
+ )
95
+
96
+ private_constant :ASSET_PATH_TEMPLATE
97
+
98
+ ASSET_SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
99
+ "organizations/{organization}/assets/{asset}/securityMarks"
100
+ )
101
+
102
+ private_constant :ASSET_SECURITY_MARKS_PATH_TEMPLATE
103
+
104
+ FINDING_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
105
+ "organizations/{organization}/sources/{source}/findings/{finding}"
106
+ )
107
+
108
+ private_constant :FINDING_PATH_TEMPLATE
109
+
110
+ FINDING_SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
111
+ "organizations/{organization}/sources/{source}/findings/{finding}/securityMarks"
112
+ )
113
+
114
+ private_constant :FINDING_SECURITY_MARKS_PATH_TEMPLATE
115
+
116
+ ORGANIZATION_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
117
+ "organizations/{organization}"
118
+ )
119
+
120
+ private_constant :ORGANIZATION_PATH_TEMPLATE
121
+
122
+ ORGANIZATION_SETTINGS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
123
+ "organizations/{organization}/organizationSettings"
124
+ )
125
+
126
+ private_constant :ORGANIZATION_SETTINGS_PATH_TEMPLATE
127
+
128
+ ORGANIZATION_SOURCES_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
129
+ "organizations/{organization}/sources/-"
130
+ )
131
+
132
+ private_constant :ORGANIZATION_SOURCES_PATH_TEMPLATE
133
+
134
+ SOURCE_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
135
+ "organizations/{organization}/sources/{source}"
136
+ )
137
+
138
+ private_constant :SOURCE_PATH_TEMPLATE
139
+
140
+ # Returns a fully-qualified asset resource name string.
141
+ # @param organization [String]
142
+ # @param asset [String]
143
+ # @return [String]
144
+ def self.asset_path organization, asset
145
+ ASSET_PATH_TEMPLATE.render(
146
+ :"organization" => organization,
147
+ :"asset" => asset
148
+ )
149
+ end
150
+
151
+ # Returns a fully-qualified asset_security_marks resource name string.
152
+ # @param organization [String]
153
+ # @param asset [String]
154
+ # @return [String]
155
+ def self.asset_security_marks_path organization, asset
156
+ ASSET_SECURITY_MARKS_PATH_TEMPLATE.render(
157
+ :"organization" => organization,
158
+ :"asset" => asset
159
+ )
160
+ end
161
+
162
+ # Returns a fully-qualified finding resource name string.
163
+ # @param organization [String]
164
+ # @param source [String]
165
+ # @param finding [String]
166
+ # @return [String]
167
+ def self.finding_path organization, source, finding
168
+ FINDING_PATH_TEMPLATE.render(
169
+ :"organization" => organization,
170
+ :"source" => source,
171
+ :"finding" => finding
172
+ )
173
+ end
174
+
175
+ # Returns a fully-qualified finding_security_marks resource name string.
176
+ # @param organization [String]
177
+ # @param source [String]
178
+ # @param finding [String]
179
+ # @return [String]
180
+ def self.finding_security_marks_path organization, source, finding
181
+ FINDING_SECURITY_MARKS_PATH_TEMPLATE.render(
182
+ :"organization" => organization,
183
+ :"source" => source,
184
+ :"finding" => finding
185
+ )
186
+ end
187
+
188
+ # Returns a fully-qualified organization resource name string.
189
+ # @param organization [String]
190
+ # @return [String]
191
+ def self.organization_path organization
192
+ ORGANIZATION_PATH_TEMPLATE.render(
193
+ :"organization" => organization
194
+ )
195
+ end
196
+
197
+ # Returns a fully-qualified organization_settings resource name string.
198
+ # @param organization [String]
199
+ # @return [String]
200
+ def self.organization_settings_path organization
201
+ ORGANIZATION_SETTINGS_PATH_TEMPLATE.render(
202
+ :"organization" => organization
203
+ )
204
+ end
205
+
206
+ # Returns a fully-qualified organization_sources resource name string.
207
+ # @param organization [String]
208
+ # @return [String]
209
+ def self.organization_sources_path organization
210
+ ORGANIZATION_SOURCES_PATH_TEMPLATE.render(
211
+ :"organization" => organization
212
+ )
213
+ end
214
+
215
+ # Returns a fully-qualified source resource name string.
216
+ # @param organization [String]
217
+ # @param source [String]
218
+ # @return [String]
219
+ def self.source_path organization, source
220
+ SOURCE_PATH_TEMPLATE.render(
221
+ :"organization" => organization,
222
+ :"source" => source
223
+ )
224
+ end
225
+
226
+ # @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
227
+ # Provides the means for authenticating requests made by the client. This parameter can
228
+ # be many types.
229
+ # A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
230
+ # authenticating requests made by this client.
231
+ # A `String` will be treated as the path to the keyfile to be used for the construction of
232
+ # credentials for this client.
233
+ # A `Hash` will be treated as the contents of a keyfile to be used for the construction of
234
+ # credentials for this client.
235
+ # A `GRPC::Core::Channel` will be used to make calls through.
236
+ # A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
237
+ # should already be composed with a `GRPC::Core::CallCredentials` object.
238
+ # A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
239
+ # metadata for requests, generally, to give OAuth credentials.
240
+ # @param scopes [Array<String>]
241
+ # The OAuth scopes for this service. This parameter is ignored if
242
+ # an updater_proc is supplied.
243
+ # @param client_config [Hash]
244
+ # A Hash for call options for each method. See
245
+ # Google::Gax#construct_settings for the structure of
246
+ # this data. Falls back to the default config if not specified
247
+ # or the specified config is missing data points.
248
+ # @param timeout [Numeric]
249
+ # The default timeout, in seconds, for calls made through this client.
250
+ # @param metadata [Hash]
251
+ # Default metadata to be sent with each request. This can be overridden on a per call basis.
252
+ # @param exception_transformer [Proc]
253
+ # An optional proc that intercepts any exceptions raised during an API call to inject
254
+ # custom error handling.
255
+ def initialize \
256
+ credentials: nil,
257
+ scopes: ALL_SCOPES,
258
+ client_config: {},
259
+ timeout: DEFAULT_TIMEOUT,
260
+ metadata: nil,
261
+ exception_transformer: nil,
262
+ lib_name: nil,
263
+ lib_version: ""
264
+ # These require statements are intentionally placed here to initialize
265
+ # the gRPC module only when it's required.
266
+ # See https://github.com/googleapis/toolkit/issues/446
267
+ require "google/gax/grpc"
268
+ require "google/cloud/security_center/v1/securitycenter_service_services_pb"
269
+
270
+ credentials ||= Google::Cloud::SecurityCenter::V1::Credentials.default
271
+
272
+ @operations_client = OperationsClient.new(
273
+ credentials: credentials,
274
+ scopes: scopes,
275
+ client_config: client_config,
276
+ timeout: timeout,
277
+ lib_name: lib_name,
278
+ lib_version: lib_version,
279
+ )
280
+
281
+ if credentials.is_a?(String) || credentials.is_a?(Hash)
282
+ updater_proc = Google::Cloud::SecurityCenter::V1::Credentials.new(credentials).updater_proc
283
+ end
284
+ if credentials.is_a?(GRPC::Core::Channel)
285
+ channel = credentials
286
+ end
287
+ if credentials.is_a?(GRPC::Core::ChannelCredentials)
288
+ chan_creds = credentials
289
+ end
290
+ if credentials.is_a?(Proc)
291
+ updater_proc = credentials
292
+ end
293
+ if credentials.is_a?(Google::Auth::Credentials)
294
+ updater_proc = credentials.updater_proc
295
+ end
296
+
297
+ package_version = Gem.loaded_specs['google-cloud-security_center'].version.version
298
+
299
+ google_api_client = "gl-ruby/#{RUBY_VERSION}"
300
+ google_api_client << " #{lib_name}/#{lib_version}" if lib_name
301
+ google_api_client << " gapic/#{package_version} gax/#{Google::Gax::VERSION}"
302
+ google_api_client << " grpc/#{GRPC::VERSION}"
303
+ google_api_client.freeze
304
+
305
+ headers = { :"x-goog-api-client" => google_api_client }
306
+ headers.merge!(metadata) unless metadata.nil?
307
+ client_config_file = Pathname.new(__dir__).join(
308
+ "security_center_client_config.json"
309
+ )
310
+ defaults = client_config_file.open do |f|
311
+ Google::Gax.construct_settings(
312
+ "google.cloud.securitycenter.v1.SecurityCenter",
313
+ JSON.parse(f.read),
314
+ client_config,
315
+ Google::Gax::Grpc::STATUS_CODE_NAMES,
316
+ timeout,
317
+ page_descriptors: PAGE_DESCRIPTORS,
318
+ errors: Google::Gax::Grpc::API_ERRORS,
319
+ metadata: headers
320
+ )
321
+ end
322
+
323
+ # Allow overriding the service path/port in subclasses.
324
+ service_path = self.class::SERVICE_ADDRESS
325
+ port = self.class::DEFAULT_SERVICE_PORT
326
+ interceptors = self.class::GRPC_INTERCEPTORS
327
+ @security_center_stub = Google::Gax::Grpc.create_stub(
328
+ service_path,
329
+ port,
330
+ chan_creds: chan_creds,
331
+ channel: channel,
332
+ updater_proc: updater_proc,
333
+ scopes: scopes,
334
+ interceptors: interceptors,
335
+ &Google::Cloud::SecurityCenter::V1::SecurityCenter::Stub.method(:new)
336
+ )
337
+
338
+ @create_source = Google::Gax.create_api_call(
339
+ @security_center_stub.method(:create_source),
340
+ defaults["create_source"],
341
+ exception_transformer: exception_transformer,
342
+ params_extractor: proc do |request|
343
+ {'parent' => request.parent}
344
+ end
345
+ )
346
+ @create_finding = Google::Gax.create_api_call(
347
+ @security_center_stub.method(:create_finding),
348
+ defaults["create_finding"],
349
+ exception_transformer: exception_transformer,
350
+ params_extractor: proc do |request|
351
+ {'parent' => request.parent}
352
+ end
353
+ )
354
+ @get_iam_policy = Google::Gax.create_api_call(
355
+ @security_center_stub.method(:get_iam_policy),
356
+ defaults["get_iam_policy"],
357
+ exception_transformer: exception_transformer,
358
+ params_extractor: proc do |request|
359
+ {'resource' => request.resource}
360
+ end
361
+ )
362
+ @get_organization_settings = Google::Gax.create_api_call(
363
+ @security_center_stub.method(:get_organization_settings),
364
+ defaults["get_organization_settings"],
365
+ exception_transformer: exception_transformer,
366
+ params_extractor: proc do |request|
367
+ {'name' => request.name}
368
+ end
369
+ )
370
+ @get_source = Google::Gax.create_api_call(
371
+ @security_center_stub.method(:get_source),
372
+ defaults["get_source"],
373
+ exception_transformer: exception_transformer,
374
+ params_extractor: proc do |request|
375
+ {'name' => request.name}
376
+ end
377
+ )
378
+ @group_assets = Google::Gax.create_api_call(
379
+ @security_center_stub.method(:group_assets),
380
+ defaults["group_assets"],
381
+ exception_transformer: exception_transformer,
382
+ params_extractor: proc do |request|
383
+ {'parent' => request.parent}
384
+ end
385
+ )
386
+ @group_findings = Google::Gax.create_api_call(
387
+ @security_center_stub.method(:group_findings),
388
+ defaults["group_findings"],
389
+ exception_transformer: exception_transformer,
390
+ params_extractor: proc do |request|
391
+ {'parent' => request.parent}
392
+ end
393
+ )
394
+ @list_assets = Google::Gax.create_api_call(
395
+ @security_center_stub.method(:list_assets),
396
+ defaults["list_assets"],
397
+ exception_transformer: exception_transformer,
398
+ params_extractor: proc do |request|
399
+ {'parent' => request.parent}
400
+ end
401
+ )
402
+ @list_findings = Google::Gax.create_api_call(
403
+ @security_center_stub.method(:list_findings),
404
+ defaults["list_findings"],
405
+ exception_transformer: exception_transformer,
406
+ params_extractor: proc do |request|
407
+ {'parent' => request.parent}
408
+ end
409
+ )
410
+ @list_sources = Google::Gax.create_api_call(
411
+ @security_center_stub.method(:list_sources),
412
+ defaults["list_sources"],
413
+ exception_transformer: exception_transformer,
414
+ params_extractor: proc do |request|
415
+ {'parent' => request.parent}
416
+ end
417
+ )
418
+ @run_asset_discovery = Google::Gax.create_api_call(
419
+ @security_center_stub.method(:run_asset_discovery),
420
+ defaults["run_asset_discovery"],
421
+ exception_transformer: exception_transformer,
422
+ params_extractor: proc do |request|
423
+ {'parent' => request.parent}
424
+ end
425
+ )
426
+ @set_finding_state = Google::Gax.create_api_call(
427
+ @security_center_stub.method(:set_finding_state),
428
+ defaults["set_finding_state"],
429
+ exception_transformer: exception_transformer,
430
+ params_extractor: proc do |request|
431
+ {'name' => request.name}
432
+ end
433
+ )
434
+ @set_iam_policy = Google::Gax.create_api_call(
435
+ @security_center_stub.method(:set_iam_policy),
436
+ defaults["set_iam_policy"],
437
+ exception_transformer: exception_transformer,
438
+ params_extractor: proc do |request|
439
+ {'resource' => request.resource}
440
+ end
441
+ )
442
+ @test_iam_permissions = Google::Gax.create_api_call(
443
+ @security_center_stub.method(:test_iam_permissions),
444
+ defaults["test_iam_permissions"],
445
+ exception_transformer: exception_transformer,
446
+ params_extractor: proc do |request|
447
+ {'resource' => request.resource}
448
+ end
449
+ )
450
+ @update_finding = Google::Gax.create_api_call(
451
+ @security_center_stub.method(:update_finding),
452
+ defaults["update_finding"],
453
+ exception_transformer: exception_transformer,
454
+ params_extractor: proc do |request|
455
+ {'finding.name' => request.finding.name}
456
+ end
457
+ )
458
+ @update_organization_settings = Google::Gax.create_api_call(
459
+ @security_center_stub.method(:update_organization_settings),
460
+ defaults["update_organization_settings"],
461
+ exception_transformer: exception_transformer,
462
+ params_extractor: proc do |request|
463
+ {'organization_settings.name' => request.organization_settings.name}
464
+ end
465
+ )
466
+ @update_source = Google::Gax.create_api_call(
467
+ @security_center_stub.method(:update_source),
468
+ defaults["update_source"],
469
+ exception_transformer: exception_transformer,
470
+ params_extractor: proc do |request|
471
+ {'source.name' => request.source.name}
472
+ end
473
+ )
474
+ @update_security_marks = Google::Gax.create_api_call(
475
+ @security_center_stub.method(:update_security_marks),
476
+ defaults["update_security_marks"],
477
+ exception_transformer: exception_transformer,
478
+ params_extractor: proc do |request|
479
+ {'security_marks.name' => request.security_marks.name}
480
+ end
481
+ )
482
+ end
483
+
484
+ # Service calls
485
+
486
+ # Creates a source.
487
+ #
488
+ # @param parent [String]
489
+ # Resource name of the new source's parent. Its format should be
490
+ # "organizations/[organization_id]".
491
+ # @param source [Google::Cloud::SecurityCenter::V1::Source | Hash]
492
+ # The Source being created, only the display_name and description will be
493
+ # used. All other fields will be ignored.
494
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Source`
495
+ # can also be provided.
496
+ # @param options [Google::Gax::CallOptions]
497
+ # Overrides the default settings for this call, e.g, timeout,
498
+ # retries, etc.
499
+ # @yield [result, operation] Access the result along with the RPC operation
500
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
501
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
502
+ # @return [Google::Cloud::SecurityCenter::V1::Source]
503
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
504
+ # @example
505
+ # require "google/cloud/security_center"
506
+ #
507
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
508
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
509
+ #
510
+ # # TODO: Initialize `source`:
511
+ # source = {}
512
+ # response = security_center_client.create_source(formatted_parent, source)
513
+
514
+ def create_source \
515
+ parent,
516
+ source,
517
+ options: nil,
518
+ &block
519
+ req = {
520
+ parent: parent,
521
+ source: source
522
+ }.delete_if { |_, v| v.nil? }
523
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::CreateSourceRequest)
524
+ @create_source.call(req, options, &block)
525
+ end
526
+
527
+ # Creates a finding. The corresponding source must exist for finding creation
528
+ # to succeed.
529
+ #
530
+ # @param parent [String]
531
+ # Resource name of the new finding's parent. Its format should be
532
+ # "organizations/[organization_id]/sources/[source_id]".
533
+ # @param finding_id [String]
534
+ # Unique identifier provided by the client within the parent scope.
535
+ # It must be alphanumeric and less than or equal to 32 characters and
536
+ # greater than 0 characters in length.
537
+ # @param finding [Google::Cloud::SecurityCenter::V1::Finding | Hash]
538
+ # The Finding being created. The name and security_marks will be ignored as
539
+ # they are both output only fields on this resource.
540
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Finding`
541
+ # can also be provided.
542
+ # @param options [Google::Gax::CallOptions]
543
+ # Overrides the default settings for this call, e.g, timeout,
544
+ # retries, etc.
545
+ # @yield [result, operation] Access the result along with the RPC operation
546
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
547
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
548
+ # @return [Google::Cloud::SecurityCenter::V1::Finding]
549
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
550
+ # @example
551
+ # require "google/cloud/security_center"
552
+ #
553
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
554
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
555
+ #
556
+ # # TODO: Initialize `finding_id`:
557
+ # finding_id = ''
558
+ #
559
+ # # TODO: Initialize `finding`:
560
+ # finding = {}
561
+ # response = security_center_client.create_finding(formatted_parent, finding_id, finding)
562
+
563
+ def create_finding \
564
+ parent,
565
+ finding_id,
566
+ finding,
567
+ options: nil,
568
+ &block
569
+ req = {
570
+ parent: parent,
571
+ finding_id: finding_id,
572
+ finding: finding
573
+ }.delete_if { |_, v| v.nil? }
574
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::CreateFindingRequest)
575
+ @create_finding.call(req, options, &block)
576
+ end
577
+
578
+ # Gets the access control policy on the specified Source.
579
+ #
580
+ # @param resource [String]
581
+ # REQUIRED: The resource for which the policy is being requested.
582
+ # `resource` is usually specified as a path. For example, a Project
583
+ # resource is specified as `projects/{project}`.
584
+ # @param options [Google::Gax::CallOptions]
585
+ # Overrides the default settings for this call, e.g, timeout,
586
+ # retries, etc.
587
+ # @yield [result, operation] Access the result along with the RPC operation
588
+ # @yieldparam result [Google::Iam::V1::Policy]
589
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
590
+ # @return [Google::Iam::V1::Policy]
591
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
592
+ # @example
593
+ # require "google/cloud/security_center"
594
+ #
595
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
596
+ # formatted_resource = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
597
+ # response = security_center_client.get_iam_policy(formatted_resource)
598
+
599
+ def get_iam_policy \
600
+ resource,
601
+ options: nil,
602
+ &block
603
+ req = {
604
+ resource: resource
605
+ }.delete_if { |_, v| v.nil? }
606
+ req = Google::Gax::to_proto(req, Google::Iam::V1::GetIamPolicyRequest)
607
+ @get_iam_policy.call(req, options, &block)
608
+ end
609
+
610
+ # Gets the settings for an organization.
611
+ #
612
+ # @param name [String]
613
+ # Name of the organization to get organization settings for. Its format is
614
+ # "organizations/[organization_id]/organizationSettings".
615
+ # @param options [Google::Gax::CallOptions]
616
+ # Overrides the default settings for this call, e.g, timeout,
617
+ # retries, etc.
618
+ # @yield [result, operation] Access the result along with the RPC operation
619
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
620
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
621
+ # @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
622
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
623
+ # @example
624
+ # require "google/cloud/security_center"
625
+ #
626
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
627
+ # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_settings_path("[ORGANIZATION]")
628
+ # response = security_center_client.get_organization_settings(formatted_name)
629
+
630
+ def get_organization_settings \
631
+ name,
632
+ options: nil,
633
+ &block
634
+ req = {
635
+ name: name
636
+ }.delete_if { |_, v| v.nil? }
637
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest)
638
+ @get_organization_settings.call(req, options, &block)
639
+ end
640
+
641
+ # Gets a source.
642
+ #
643
+ # @param name [String]
644
+ # Relative resource name of the source. Its format is
645
+ # "organizations/[organization_id]/source/[source_id]".
646
+ # @param options [Google::Gax::CallOptions]
647
+ # Overrides the default settings for this call, e.g, timeout,
648
+ # retries, etc.
649
+ # @yield [result, operation] Access the result along with the RPC operation
650
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
651
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
652
+ # @return [Google::Cloud::SecurityCenter::V1::Source]
653
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
654
+ # @example
655
+ # require "google/cloud/security_center"
656
+ #
657
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
658
+ # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
659
+ # response = security_center_client.get_source(formatted_name)
660
+
661
+ def get_source \
662
+ name,
663
+ options: nil,
664
+ &block
665
+ req = {
666
+ name: name
667
+ }.delete_if { |_, v| v.nil? }
668
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GetSourceRequest)
669
+ @get_source.call(req, options, &block)
670
+ end
671
+
672
+ # Filters an organization's assets and groups them by their specified
673
+ # properties.
674
+ #
675
+ # @param parent [String]
676
+ # Name of the organization to groupBy. Its format is
677
+ # "organizations/[organization_id]".
678
+ # @param group_by [String]
679
+ # Expression that defines what assets fields to use for grouping. The string
680
+ # value should follow SQL syntax: comma separated list of fields. For
681
+ # example:
682
+ # "security_center_properties.resource_project,security_center_properties.project".
683
+ #
684
+ # The following fields are supported when compare_duration is not set:
685
+ #
686
+ # * security_center_properties.resource_project
687
+ # * security_center_properties.resource_type
688
+ # * security_center_properties.resource_parent
689
+ #
690
+ # The following fields are supported when compare_duration is set:
691
+ #
692
+ # * security_center_properties.resource_type
693
+ # @param filter [String]
694
+ # Expression that defines the filter to apply across assets.
695
+ # The expression is a list of zero or more restrictions combined via logical
696
+ # operators `AND` and `OR`.
697
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
698
+ #
699
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
700
+ # character in front of them to indicate negation. The fields map to those
701
+ # defined in the Asset resource. Examples include:
702
+ #
703
+ # * name
704
+ # * security_center_properties.resource_name
705
+ # * resource_properties.a_property
706
+ # * security_marks.marks.marka
707
+ #
708
+ # The supported operators are:
709
+ #
710
+ # * `=` for all value types.
711
+ # * `>`, `<`, `>=`, `<=` for integer values.
712
+ # * `:`, meaning substring matching, for strings.
713
+ #
714
+ # The supported value types are:
715
+ #
716
+ # * string literals in quotes.
717
+ # * integer literals without quotes.
718
+ # * boolean literals `true` and `false` without quotes.
719
+ #
720
+ # The following field and operator combinations are supported:
721
+ # name | '='
722
+ # update_time | '>', '<', '>=', '<=', '='
723
+ # create_time | '>', '<', '>=', '<=', '='
724
+ # iam_policy.policy_blob | '=', ':'
725
+ # resource_properties | '=', ':', '>', '<', '>=', '<='
726
+ # security_marks | '=', ':'
727
+ # security_center_properties.resource_name | '=', ':'
728
+ # security_center_properties.resource_type | '=', ':'
729
+ # security_center_properties.resource_parent | '=', ':'
730
+ # security_center_properties.resource_project | '=', ':'
731
+ # security_center_properties.resource_owners | '=', ':'
732
+ #
733
+ # For example, `resource_properties.size = 100` is a valid filter string.
734
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
735
+ # When compare_duration is set, the GroupResult's "state_change" property is
736
+ # updated to indicate whether the asset was added, removed, or remained
737
+ # present during the compare_duration period of time that precedes the
738
+ # read_time. This is the time between (read_time - compare_duration) and
739
+ # read_time.
740
+ #
741
+ # The state change value is derived based on the presence of the asset at the
742
+ # two points in time. Intermediate state changes between the two times don't
743
+ # affect the result. For example, the results aren't affected if the asset is
744
+ # removed and re-created again.
745
+ #
746
+ # Possible "state_change" values when compare_duration is specified:
747
+ #
748
+ # * "ADDED": indicates that the asset was not present at the start of
749
+ # compare_duration, but present at reference_time.
750
+ # * "REMOVED": indicates that the asset was present at the start of
751
+ # compare_duration, but not present at reference_time.
752
+ # * "ACTIVE": indicates that the asset was present at both the
753
+ # start and the end of the time period defined by
754
+ # compare_duration and reference_time.
755
+ #
756
+ # If compare_duration is not specified, then the only possible state_change
757
+ # is "UNUSED", which will be the state_change set for all assets present at
758
+ # read_time.
759
+ #
760
+ # If this field is set then `state_change` must be a specified field in
761
+ # `group_by`.
762
+ # A hash of the same form as `Google::Protobuf::Duration`
763
+ # can also be provided.
764
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
765
+ # Time used as a reference point when filtering assets. The filter is limited
766
+ # to assets existing at the supplied time and their values are those at that
767
+ # specific time. Absence of this field will default to the API's version of
768
+ # NOW.
769
+ # A hash of the same form as `Google::Protobuf::Timestamp`
770
+ # can also be provided.
771
+ # @param page_size [Integer]
772
+ # The maximum number of resources contained in the underlying API
773
+ # response. If page streaming is performed per-resource, this
774
+ # parameter does not affect the return value. If page streaming is
775
+ # performed per-page, this determines the maximum number of
776
+ # resources in a page.
777
+ # @param options [Google::Gax::CallOptions]
778
+ # Overrides the default settings for this call, e.g, timeout,
779
+ # retries, etc.
780
+ # @yield [result, operation] Access the result along with the RPC operation
781
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
782
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
783
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
784
+ # An enumerable of Google::Cloud::SecurityCenter::V1::GroupResult instances.
785
+ # See Google::Gax::PagedEnumerable documentation for other
786
+ # operations such as per-page iteration or access to the response
787
+ # object.
788
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
789
+ # @example
790
+ # require "google/cloud/security_center"
791
+ #
792
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
793
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
794
+ #
795
+ # # TODO: Initialize `group_by`:
796
+ # group_by = ''
797
+ #
798
+ # # Iterate over all results.
799
+ # security_center_client.group_assets(formatted_parent, group_by).each do |element|
800
+ # # Process element.
801
+ # end
802
+ #
803
+ # # Or iterate over results one page at a time.
804
+ # security_center_client.group_assets(formatted_parent, group_by).each_page do |page|
805
+ # # Process each page at a time.
806
+ # page.each do |element|
807
+ # # Process element.
808
+ # end
809
+ # end
810
+
811
+ def group_assets \
812
+ parent,
813
+ group_by,
814
+ filter: nil,
815
+ compare_duration: nil,
816
+ read_time: nil,
817
+ page_size: nil,
818
+ options: nil,
819
+ &block
820
+ req = {
821
+ parent: parent,
822
+ group_by: group_by,
823
+ filter: filter,
824
+ compare_duration: compare_duration,
825
+ read_time: read_time,
826
+ page_size: page_size
827
+ }.delete_if { |_, v| v.nil? }
828
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GroupAssetsRequest)
829
+ @group_assets.call(req, options, &block)
830
+ end
831
+
832
+ # Filters an organization or source's findings and groups them by their
833
+ # specified properties.
834
+ #
835
+ # To group across all sources provide a `-` as the source id.
836
+ # Example: /v1/organizations/123/sources/-/findings
837
+ #
838
+ # @param parent [String]
839
+ # Name of the source to groupBy. Its format is
840
+ # "organizations/[organization_id]/sources/[source_id]". To groupBy across
841
+ # all sources provide a source_id of `-`. For example:
842
+ # organizations/123/sources/-
843
+ # @param group_by [String]
844
+ # Expression that defines what assets fields to use for grouping (including
845
+ # `state_change`). The string value should follow SQL syntax: comma separated
846
+ # list of fields. For example: "parent,resource_name".
847
+ #
848
+ # The following fields are supported:
849
+ #
850
+ # * resource_name
851
+ # * category
852
+ # * state
853
+ # * parent
854
+ #
855
+ # The following fields are supported when compare_duration is set:
856
+ #
857
+ # * state_change
858
+ # @param filter [String]
859
+ # Expression that defines the filter to apply across findings.
860
+ # The expression is a list of one or more restrictions combined via logical
861
+ # operators `AND` and `OR`.
862
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
863
+ #
864
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
865
+ # character in front of them to indicate negation. Examples include:
866
+ #
867
+ # * name
868
+ # * source_properties.a_property
869
+ # * security_marks.marks.marka
870
+ #
871
+ # The supported operators are:
872
+ #
873
+ # * `=` for all value types.
874
+ # * `>`, `<`, `>=`, `<=` for integer values.
875
+ # * `:`, meaning substring matching, for strings.
876
+ #
877
+ # The supported value types are:
878
+ #
879
+ # * string literals in quotes.
880
+ # * integer literals without quotes.
881
+ # * boolean literals `true` and `false` without quotes.
882
+ #
883
+ # The following field and operator combinations are supported:
884
+ # name | `=`
885
+ # parent | '=', ':'
886
+ # resource_name | '=', ':'
887
+ # state | '=', ':'
888
+ # category | '=', ':'
889
+ # external_uri | '=', ':'
890
+ # event_time | `>`, `<`, `>=`, `<=`
891
+ # security_marks | '=', ':'
892
+ # source_properties | '=', ':', `>`, `<`, `>=`, `<=`
893
+ #
894
+ # For example, `source_properties.size = 100` is a valid filter string.
895
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
896
+ # Time used as a reference point when filtering findings. The filter is
897
+ # limited to findings existing at the supplied time and their values are
898
+ # those at that specific time. Absence of this field will default to the
899
+ # API's version of NOW.
900
+ # A hash of the same form as `Google::Protobuf::Timestamp`
901
+ # can also be provided.
902
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
903
+ # When compare_duration is set, the GroupResult's "state_change" attribute is
904
+ # updated to indicate whether the finding had its state changed, the
905
+ # finding's state remained unchanged, or if the finding was added during the
906
+ # compare_duration period of time that precedes the read_time. This is the
907
+ # time between (read_time - compare_duration) and read_time.
908
+ #
909
+ # The state_change value is derived based on the presence and state of the
910
+ # finding at the two points in time. Intermediate state changes between the
911
+ # two times don't affect the result. For example, the results aren't affected
912
+ # if the finding is made inactive and then active again.
913
+ #
914
+ # Possible "state_change" values when compare_duration is specified:
915
+ #
916
+ # * "CHANGED": indicates that the finding was present at the start of
917
+ # compare_duration, but changed its state at read_time.
918
+ # * "UNCHANGED": indicates that the finding was present at the start of
919
+ # compare_duration and did not change state at read_time.
920
+ # * "ADDED": indicates that the finding was not present at the start
921
+ # of compare_duration, but was present at read_time.
922
+ #
923
+ # If compare_duration is not specified, then the only possible state_change
924
+ # is "UNUSED", which will be the state_change set for all findings present
925
+ # at read_time.
926
+ #
927
+ # If this field is set then `state_change` must be a specified field in
928
+ # `group_by`.
929
+ # A hash of the same form as `Google::Protobuf::Duration`
930
+ # can also be provided.
931
+ # @param page_size [Integer]
932
+ # The maximum number of resources contained in the underlying API
933
+ # response. If page streaming is performed per-resource, this
934
+ # parameter does not affect the return value. If page streaming is
935
+ # performed per-page, this determines the maximum number of
936
+ # resources in a page.
937
+ # @param options [Google::Gax::CallOptions]
938
+ # Overrides the default settings for this call, e.g, timeout,
939
+ # retries, etc.
940
+ # @yield [result, operation] Access the result along with the RPC operation
941
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
942
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
943
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
944
+ # An enumerable of Google::Cloud::SecurityCenter::V1::GroupResult instances.
945
+ # See Google::Gax::PagedEnumerable documentation for other
946
+ # operations such as per-page iteration or access to the response
947
+ # object.
948
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
949
+ # @example
950
+ # require "google/cloud/security_center"
951
+ #
952
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
953
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
954
+ #
955
+ # # TODO: Initialize `group_by`:
956
+ # group_by = ''
957
+ #
958
+ # # Iterate over all results.
959
+ # security_center_client.group_findings(formatted_parent, group_by).each do |element|
960
+ # # Process element.
961
+ # end
962
+ #
963
+ # # Or iterate over results one page at a time.
964
+ # security_center_client.group_findings(formatted_parent, group_by).each_page do |page|
965
+ # # Process each page at a time.
966
+ # page.each do |element|
967
+ # # Process element.
968
+ # end
969
+ # end
970
+
971
+ def group_findings \
972
+ parent,
973
+ group_by,
974
+ filter: nil,
975
+ read_time: nil,
976
+ compare_duration: nil,
977
+ page_size: nil,
978
+ options: nil,
979
+ &block
980
+ req = {
981
+ parent: parent,
982
+ group_by: group_by,
983
+ filter: filter,
984
+ read_time: read_time,
985
+ compare_duration: compare_duration,
986
+ page_size: page_size
987
+ }.delete_if { |_, v| v.nil? }
988
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GroupFindingsRequest)
989
+ @group_findings.call(req, options, &block)
990
+ end
991
+
992
+ # Lists an organization's assets.
993
+ #
994
+ # @param parent [String]
995
+ # Name of the organization assets should belong to. Its format is
996
+ # "organizations/[organization_id]".
997
+ # @param filter [String]
998
+ # Expression that defines the filter to apply across assets.
999
+ # The expression is a list of zero or more restrictions combined via logical
1000
+ # operators `AND` and `OR`.
1001
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
1002
+ #
1003
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1004
+ # character in front of them to indicate negation. The fields map to those
1005
+ # defined in the Asset resource. Examples include:
1006
+ #
1007
+ # * name
1008
+ # * security_center_properties.resource_name
1009
+ # * resource_properties.a_property
1010
+ # * security_marks.marks.marka
1011
+ #
1012
+ # The supported operators are:
1013
+ #
1014
+ # * `=` for all value types.
1015
+ # * `>`, `<`, `>=`, `<=` for integer values.
1016
+ # * `:`, meaning substring matching, for strings.
1017
+ #
1018
+ # The supported value types are:
1019
+ #
1020
+ # * string literals in quotes.
1021
+ # * integer literals without quotes.
1022
+ # * boolean literals `true` and `false` without quotes.
1023
+ #
1024
+ # The following are the allowed field and operator combinations:
1025
+ # name | `=`
1026
+ # update_time | `>`, `<`, `>=`, `<=`
1027
+ # iam_policy.policy_blob | '=', ':'
1028
+ # resource_properties | '=', ':', `>`, `<`, `>=`, `<=`
1029
+ # security_marks | '=', ':'
1030
+ # security_center_properties.resource_name | '=', ':'
1031
+ # security_center_properties.resource_type | '=', ':'
1032
+ # security_center_properties.resource_parent | '=', ':'
1033
+ # security_center_properties.resource_project | '=', ':'
1034
+ # security_center_properties.resource_owners | '=', ':'
1035
+ #
1036
+ # For example, `resource_properties.size = 100` is a valid filter string.
1037
+ # @param order_by [String]
1038
+ # Expression that defines what fields and order to use for sorting. The
1039
+ # string value should follow SQL syntax: comma separated list of fields. For
1040
+ # example: "name,resource_properties.a_property". The default sorting order
1041
+ # is ascending. To specify descending order for a field, a suffix " desc"
1042
+ # should be appended to the field name. For example: "name
1043
+ # desc,resource_properties.a_property". Redundant space characters in the
1044
+ # syntax are insignificant. "name desc,resource_properties.a_property" and "
1045
+ # name desc , resource_properties.a_property " are equivalent.
1046
+ #
1047
+ # The following fields are supported:
1048
+ # name
1049
+ # update_time
1050
+ # resource_properties
1051
+ # security_marks
1052
+ # security_center_properties.resource_name
1053
+ # security_center_properties.resource_parent
1054
+ # security_center_properties.resource_project
1055
+ # security_center_properties.resource_type
1056
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
1057
+ # Time used as a reference point when filtering assets. The filter is limited
1058
+ # to assets existing at the supplied time and their values are those at that
1059
+ # specific time. Absence of this field will default to the API's version of
1060
+ # NOW.
1061
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1062
+ # can also be provided.
1063
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
1064
+ # When compare_duration is set, the ListAssetsResult's "state_change"
1065
+ # attribute is updated to indicate whether the asset was added, removed, or
1066
+ # remained present during the compare_duration period of time that precedes
1067
+ # the read_time. This is the time between (read_time - compare_duration) and
1068
+ # read_time.
1069
+ #
1070
+ # The state_change value is derived based on the presence of the asset at the
1071
+ # two points in time. Intermediate state changes between the two times don't
1072
+ # affect the result. For example, the results aren't affected if the asset is
1073
+ # removed and re-created again.
1074
+ #
1075
+ # Possible "state_change" values when compare_duration is specified:
1076
+ #
1077
+ # * "ADDED": indicates that the asset was not present at the start of
1078
+ # compare_duration, but present at read_time.
1079
+ # * "REMOVED": indicates that the asset was present at the start of
1080
+ # compare_duration, but not present at read_time.
1081
+ # * "ACTIVE": indicates that the asset was present at both the
1082
+ # start and the end of the time period defined by
1083
+ # compare_duration and read_time.
1084
+ #
1085
+ # If compare_duration is not specified, then the only possible state_change
1086
+ # is "UNUSED", which will be the state_change set for all assets present at
1087
+ # read_time.
1088
+ # A hash of the same form as `Google::Protobuf::Duration`
1089
+ # can also be provided.
1090
+ # @param field_mask [Google::Protobuf::FieldMask | Hash]
1091
+ # Optional.
1092
+ #
1093
+ # A field mask to specify the ListAssetsResult fields to be listed in the
1094
+ # response.
1095
+ # An empty field mask will list all fields.
1096
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1097
+ # can also be provided.
1098
+ # @param page_size [Integer]
1099
+ # The maximum number of resources contained in the underlying API
1100
+ # response. If page streaming is performed per-resource, this
1101
+ # parameter does not affect the return value. If page streaming is
1102
+ # performed per-page, this determines the maximum number of
1103
+ # resources in a page.
1104
+ # @param options [Google::Gax::CallOptions]
1105
+ # Overrides the default settings for this call, e.g, timeout,
1106
+ # retries, etc.
1107
+ # @yield [result, operation] Access the result along with the RPC operation
1108
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
1109
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1110
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
1111
+ # An enumerable of Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult instances.
1112
+ # See Google::Gax::PagedEnumerable documentation for other
1113
+ # operations such as per-page iteration or access to the response
1114
+ # object.
1115
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1116
+ # @example
1117
+ # require "google/cloud/security_center"
1118
+ #
1119
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1120
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1121
+ #
1122
+ # # Iterate over all results.
1123
+ # security_center_client.list_assets(formatted_parent).each do |element|
1124
+ # # Process element.
1125
+ # end
1126
+ #
1127
+ # # Or iterate over results one page at a time.
1128
+ # security_center_client.list_assets(formatted_parent).each_page do |page|
1129
+ # # Process each page at a time.
1130
+ # page.each do |element|
1131
+ # # Process element.
1132
+ # end
1133
+ # end
1134
+
1135
+ def list_assets \
1136
+ parent,
1137
+ filter: nil,
1138
+ order_by: nil,
1139
+ read_time: nil,
1140
+ compare_duration: nil,
1141
+ field_mask: nil,
1142
+ page_size: nil,
1143
+ options: nil,
1144
+ &block
1145
+ req = {
1146
+ parent: parent,
1147
+ filter: filter,
1148
+ order_by: order_by,
1149
+ read_time: read_time,
1150
+ compare_duration: compare_duration,
1151
+ field_mask: field_mask,
1152
+ page_size: page_size
1153
+ }.delete_if { |_, v| v.nil? }
1154
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListAssetsRequest)
1155
+ @list_assets.call(req, options, &block)
1156
+ end
1157
+
1158
+ # Lists an organization or source's findings.
1159
+ #
1160
+ # To list across all sources provide a `-` as the source id.
1161
+ # Example: /v1/organizations/123/sources/-/findings
1162
+ #
1163
+ # @param parent [String]
1164
+ # Name of the source the findings belong to. Its format is
1165
+ # "organizations/[organization_id]/sources/[source_id]". To list across all
1166
+ # sources provide a source_id of `-`. For example:
1167
+ # organizations/123/sources/-
1168
+ # @param filter [String]
1169
+ # Expression that defines the filter to apply across findings.
1170
+ # The expression is a list of one or more restrictions combined via logical
1171
+ # operators `AND` and `OR`.
1172
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
1173
+ #
1174
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1175
+ # character in front of them to indicate negation. Examples include:
1176
+ #
1177
+ # * name
1178
+ # * source_properties.a_property
1179
+ # * security_marks.marks.marka
1180
+ #
1181
+ # The supported operators are:
1182
+ #
1183
+ # * `=` for all value types.
1184
+ # * `>`, `<`, `>=`, `<=` for integer values.
1185
+ # * `:`, meaning substring matching, for strings.
1186
+ #
1187
+ # The supported value types are:
1188
+ #
1189
+ # * string literals in quotes.
1190
+ # * integer literals without quotes.
1191
+ # * boolean literals `true` and `false` without quotes.
1192
+ #
1193
+ # The following field and operator combinations are supported:
1194
+ # name | `=`
1195
+ # parent | '=', ':'
1196
+ # resource_name | '=', ':'
1197
+ # state | '=', ':'
1198
+ # category | '=', ':'
1199
+ # external_uri | '=', ':'
1200
+ # event_time | `>`, `<`, `>=`, `<=`
1201
+ # security_marks | '=', ':'
1202
+ # source_properties | '=', ':', `>`, `<`, `>=`, `<=`
1203
+ #
1204
+ # For example, `source_properties.size = 100` is a valid filter string.
1205
+ # @param order_by [String]
1206
+ # Expression that defines what fields and order to use for sorting. The
1207
+ # string value should follow SQL syntax: comma separated list of fields. For
1208
+ # example: "name,resource_properties.a_property". The default sorting order
1209
+ # is ascending. To specify descending order for a field, a suffix " desc"
1210
+ # should be appended to the field name. For example: "name
1211
+ # desc,source_properties.a_property". Redundant space characters in the
1212
+ # syntax are insignificant. "name desc,source_properties.a_property" and "
1213
+ # name desc , source_properties.a_property " are equivalent.
1214
+ #
1215
+ # The following fields are supported:
1216
+ # name
1217
+ # parent
1218
+ # state
1219
+ # category
1220
+ # resource_name
1221
+ # event_time
1222
+ # source_properties
1223
+ # security_marks
1224
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
1225
+ # Time used as a reference point when filtering findings. The filter is
1226
+ # limited to findings existing at the supplied time and their values are
1227
+ # those at that specific time. Absence of this field will default to the
1228
+ # API's version of NOW.
1229
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1230
+ # can also be provided.
1231
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
1232
+ # When compare_duration is set, the ListFindingsResult's "state_change"
1233
+ # attribute is updated to indicate whether the finding had its state changed,
1234
+ # the finding's state remained unchanged, or if the finding was added in any
1235
+ # state during the compare_duration period of time that precedes the
1236
+ # read_time. This is the time between (read_time - compare_duration) and
1237
+ # read_time.
1238
+ #
1239
+ # The state_change value is derived based on the presence and state of the
1240
+ # finding at the two points in time. Intermediate state changes between the
1241
+ # two times don't affect the result. For example, the results aren't affected
1242
+ # if the finding is made inactive and then active again.
1243
+ #
1244
+ # Possible "state_change" values when compare_duration is specified:
1245
+ #
1246
+ # * "CHANGED": indicates that the finding was present at the start of
1247
+ # compare_duration, but changed its state at read_time.
1248
+ # * "UNCHANGED": indicates that the finding was present at the start of
1249
+ # compare_duration and did not change state at read_time.
1250
+ # * "ADDED": indicates that the finding was not present at the start
1251
+ # of compare_duration, but was present at read_time.
1252
+ #
1253
+ # If compare_duration is not specified, then the only possible state_change
1254
+ # is "UNUSED", which will be the state_change set for all findings present at
1255
+ # read_time.
1256
+ # A hash of the same form as `Google::Protobuf::Duration`
1257
+ # can also be provided.
1258
+ # @param field_mask [Google::Protobuf::FieldMask | Hash]
1259
+ # Optional.
1260
+ #
1261
+ # A field mask to specify the Finding fields to be listed in the response.
1262
+ # An empty field mask will list all fields.
1263
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1264
+ # can also be provided.
1265
+ # @param page_size [Integer]
1266
+ # The maximum number of resources contained in the underlying API
1267
+ # response. If page streaming is performed per-resource, this
1268
+ # parameter does not affect the return value. If page streaming is
1269
+ # performed per-page, this determines the maximum number of
1270
+ # resources in a page.
1271
+ # @param options [Google::Gax::CallOptions]
1272
+ # Overrides the default settings for this call, e.g, timeout,
1273
+ # retries, etc.
1274
+ # @yield [result, operation] Access the result along with the RPC operation
1275
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
1276
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1277
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
1278
+ # An enumerable of Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult instances.
1279
+ # See Google::Gax::PagedEnumerable documentation for other
1280
+ # operations such as per-page iteration or access to the response
1281
+ # object.
1282
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1283
+ # @example
1284
+ # require "google/cloud/security_center"
1285
+ #
1286
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1287
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1288
+ #
1289
+ # # Iterate over all results.
1290
+ # security_center_client.list_findings(formatted_parent).each do |element|
1291
+ # # Process element.
1292
+ # end
1293
+ #
1294
+ # # Or iterate over results one page at a time.
1295
+ # security_center_client.list_findings(formatted_parent).each_page do |page|
1296
+ # # Process each page at a time.
1297
+ # page.each do |element|
1298
+ # # Process element.
1299
+ # end
1300
+ # end
1301
+
1302
+ def list_findings \
1303
+ parent,
1304
+ filter: nil,
1305
+ order_by: nil,
1306
+ read_time: nil,
1307
+ compare_duration: nil,
1308
+ field_mask: nil,
1309
+ page_size: nil,
1310
+ options: nil,
1311
+ &block
1312
+ req = {
1313
+ parent: parent,
1314
+ filter: filter,
1315
+ order_by: order_by,
1316
+ read_time: read_time,
1317
+ compare_duration: compare_duration,
1318
+ field_mask: field_mask,
1319
+ page_size: page_size
1320
+ }.delete_if { |_, v| v.nil? }
1321
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListFindingsRequest)
1322
+ @list_findings.call(req, options, &block)
1323
+ end
1324
+
1325
+ # Lists all sources belonging to an organization.
1326
+ #
1327
+ # @param parent [String]
1328
+ # Resource name of the parent of sources to list. Its format should be
1329
+ # "organizations/[organization_id]".
1330
+ # @param page_size [Integer]
1331
+ # The maximum number of resources contained in the underlying API
1332
+ # response. If page streaming is performed per-resource, this
1333
+ # parameter does not affect the return value. If page streaming is
1334
+ # performed per-page, this determines the maximum number of
1335
+ # resources in a page.
1336
+ # @param options [Google::Gax::CallOptions]
1337
+ # Overrides the default settings for this call, e.g, timeout,
1338
+ # retries, etc.
1339
+ # @yield [result, operation] Access the result along with the RPC operation
1340
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::Source>]
1341
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1342
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::Source>]
1343
+ # An enumerable of Google::Cloud::SecurityCenter::V1::Source instances.
1344
+ # See Google::Gax::PagedEnumerable documentation for other
1345
+ # operations such as per-page iteration or access to the response
1346
+ # object.
1347
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1348
+ # @example
1349
+ # require "google/cloud/security_center"
1350
+ #
1351
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1352
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1353
+ #
1354
+ # # Iterate over all results.
1355
+ # security_center_client.list_sources(formatted_parent).each do |element|
1356
+ # # Process element.
1357
+ # end
1358
+ #
1359
+ # # Or iterate over results one page at a time.
1360
+ # security_center_client.list_sources(formatted_parent).each_page do |page|
1361
+ # # Process each page at a time.
1362
+ # page.each do |element|
1363
+ # # Process element.
1364
+ # end
1365
+ # end
1366
+
1367
+ def list_sources \
1368
+ parent,
1369
+ page_size: nil,
1370
+ options: nil,
1371
+ &block
1372
+ req = {
1373
+ parent: parent,
1374
+ page_size: page_size
1375
+ }.delete_if { |_, v| v.nil? }
1376
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListSourcesRequest)
1377
+ @list_sources.call(req, options, &block)
1378
+ end
1379
+
1380
+ # Runs asset discovery. The discovery is tracked with a long-running
1381
+ # operation.
1382
+ #
1383
+ # This API can only be called with limited frequency for an organization. If
1384
+ # it is called too frequently the caller will receive a TOO_MANY_REQUESTS
1385
+ # error.
1386
+ #
1387
+ # @param parent [String]
1388
+ # Name of the organization to run asset discovery for. Its format is
1389
+ # "organizations/[organization_id]".
1390
+ # @param options [Google::Gax::CallOptions]
1391
+ # Overrides the default settings for this call, e.g, timeout,
1392
+ # retries, etc.
1393
+ # @return [Google::Gax::Operation]
1394
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1395
+ # @example
1396
+ # require "google/cloud/security_center"
1397
+ #
1398
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1399
+ # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1400
+ #
1401
+ # # Register a callback during the method call.
1402
+ # operation = security_center_client.run_asset_discovery(formatted_parent) do |op|
1403
+ # raise op.results.message if op.error?
1404
+ # op_results = op.results
1405
+ # # Process the results.
1406
+ #
1407
+ # metadata = op.metadata
1408
+ # # Process the metadata.
1409
+ # end
1410
+ #
1411
+ # # Or use the return value to register a callback.
1412
+ # operation.on_done do |op|
1413
+ # raise op.results.message if op.error?
1414
+ # op_results = op.results
1415
+ # # Process the results.
1416
+ #
1417
+ # metadata = op.metadata
1418
+ # # Process the metadata.
1419
+ # end
1420
+ #
1421
+ # # Manually reload the operation.
1422
+ # operation.reload!
1423
+ #
1424
+ # # Or block until the operation completes, triggering callbacks on
1425
+ # # completion.
1426
+ # operation.wait_until_done!
1427
+
1428
+ def run_asset_discovery \
1429
+ parent,
1430
+ options: nil
1431
+ req = {
1432
+ parent: parent
1433
+ }.delete_if { |_, v| v.nil? }
1434
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest)
1435
+ operation = Google::Gax::Operation.new(
1436
+ @run_asset_discovery.call(req, options),
1437
+ @operations_client,
1438
+ Google::Protobuf::Empty,
1439
+ Google::Protobuf::Empty,
1440
+ call_options: options
1441
+ )
1442
+ operation.on_done { |operation| yield(operation) } if block_given?
1443
+ operation
1444
+ end
1445
+
1446
+ # Updates the state of a finding.
1447
+ #
1448
+ # @param name [String]
1449
+ # The relative resource name of the finding. See:
1450
+ # https://cloud.google.com/apis/design/resource_names#relative_resource_name
1451
+ # Example:
1452
+ # "organizations/123/sources/456/finding/789".
1453
+ # @param state [Google::Cloud::SecurityCenter::V1::Finding::State]
1454
+ # The desired State of the finding.
1455
+ # @param start_time [Google::Protobuf::Timestamp | Hash]
1456
+ # The time at which the updated state takes effect.
1457
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1458
+ # can also be provided.
1459
+ # @param options [Google::Gax::CallOptions]
1460
+ # Overrides the default settings for this call, e.g, timeout,
1461
+ # retries, etc.
1462
+ # @yield [result, operation] Access the result along with the RPC operation
1463
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
1464
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1465
+ # @return [Google::Cloud::SecurityCenter::V1::Finding]
1466
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1467
+ # @example
1468
+ # require "google/cloud/security_center"
1469
+ #
1470
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1471
+ # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_path("[ORGANIZATION]", "[SOURCE]", "[FINDING]")
1472
+ #
1473
+ # # TODO: Initialize `state`:
1474
+ # state = :STATE_UNSPECIFIED
1475
+ #
1476
+ # # TODO: Initialize `start_time`:
1477
+ # start_time = {}
1478
+ # response = security_center_client.set_finding_state(formatted_name, state, start_time)
1479
+
1480
+ def set_finding_state \
1481
+ name,
1482
+ state,
1483
+ start_time,
1484
+ options: nil,
1485
+ &block
1486
+ req = {
1487
+ name: name,
1488
+ state: state,
1489
+ start_time: start_time
1490
+ }.delete_if { |_, v| v.nil? }
1491
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::SetFindingStateRequest)
1492
+ @set_finding_state.call(req, options, &block)
1493
+ end
1494
+
1495
+ # Sets the access control policy on the specified Source.
1496
+ #
1497
+ # @param resource [String]
1498
+ # REQUIRED: The resource for which the policy is being specified.
1499
+ # `resource` is usually specified as a path. For example, a Project
1500
+ # resource is specified as `projects/{project}`.
1501
+ # @param policy [Google::Iam::V1::Policy | Hash]
1502
+ # REQUIRED: The complete policy to be applied to the `resource`. The size of
1503
+ # the policy is limited to a few 10s of KB. An empty policy is a
1504
+ # valid policy but certain Cloud Platform services (such as Projects)
1505
+ # might reject them.
1506
+ # A hash of the same form as `Google::Iam::V1::Policy`
1507
+ # can also be provided.
1508
+ # @param options [Google::Gax::CallOptions]
1509
+ # Overrides the default settings for this call, e.g, timeout,
1510
+ # retries, etc.
1511
+ # @yield [result, operation] Access the result along with the RPC operation
1512
+ # @yieldparam result [Google::Iam::V1::Policy]
1513
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1514
+ # @return [Google::Iam::V1::Policy]
1515
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1516
+ # @example
1517
+ # require "google/cloud/security_center"
1518
+ #
1519
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1520
+ # formatted_resource = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1521
+ #
1522
+ # # TODO: Initialize `policy`:
1523
+ # policy = {}
1524
+ # response = security_center_client.set_iam_policy(formatted_resource, policy)
1525
+
1526
+ def set_iam_policy \
1527
+ resource,
1528
+ policy,
1529
+ options: nil,
1530
+ &block
1531
+ req = {
1532
+ resource: resource,
1533
+ policy: policy
1534
+ }.delete_if { |_, v| v.nil? }
1535
+ req = Google::Gax::to_proto(req, Google::Iam::V1::SetIamPolicyRequest)
1536
+ @set_iam_policy.call(req, options, &block)
1537
+ end
1538
+
1539
+ # Returns the permissions that a caller has on the specified source.
1540
+ #
1541
+ # @param resource [String]
1542
+ # REQUIRED: The resource for which the policy detail is being requested.
1543
+ # `resource` is usually specified as a path. For example, a Project
1544
+ # resource is specified as `projects/{project}`.
1545
+ # @param permissions [Array<String>]
1546
+ # The set of permissions to check for the `resource`. Permissions with
1547
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
1548
+ # information see
1549
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
1550
+ # @param options [Google::Gax::CallOptions]
1551
+ # Overrides the default settings for this call, e.g, timeout,
1552
+ # retries, etc.
1553
+ # @yield [result, operation] Access the result along with the RPC operation
1554
+ # @yieldparam result [Google::Iam::V1::TestIamPermissionsResponse]
1555
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1556
+ # @return [Google::Iam::V1::TestIamPermissionsResponse]
1557
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1558
+ # @example
1559
+ # require "google/cloud/security_center"
1560
+ #
1561
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1562
+ # formatted_resource = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1563
+ #
1564
+ # # TODO: Initialize `permissions`:
1565
+ # permissions = []
1566
+ # response = security_center_client.test_iam_permissions(formatted_resource, permissions)
1567
+
1568
+ def test_iam_permissions \
1569
+ resource,
1570
+ permissions,
1571
+ options: nil,
1572
+ &block
1573
+ req = {
1574
+ resource: resource,
1575
+ permissions: permissions
1576
+ }.delete_if { |_, v| v.nil? }
1577
+ req = Google::Gax::to_proto(req, Google::Iam::V1::TestIamPermissionsRequest)
1578
+ @test_iam_permissions.call(req, options, &block)
1579
+ end
1580
+
1581
+ # Creates or updates a finding. The corresponding source must exist for a
1582
+ # finding creation to succeed.
1583
+ #
1584
+ # @param finding [Google::Cloud::SecurityCenter::V1::Finding | Hash]
1585
+ # The finding resource to update or create if it does not already exist.
1586
+ # parent, security_marks, and update_time will be ignored.
1587
+ #
1588
+ # In the case of creation, the finding id portion of the name must be
1589
+ # alphanumeric and less than or equal to 32 characters and greater than 0
1590
+ # characters in length.
1591
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Finding`
1592
+ # can also be provided.
1593
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
1594
+ # The FieldMask to use when updating the finding resource. This field should
1595
+ # not be specified when creating a finding.
1596
+ #
1597
+ # When updating a finding, an empty mask is treated as updating all mutable
1598
+ # fields and replacing source_properties. Individual source_properties can
1599
+ # be added/updated by using "source_properties.<property key>" in the field
1600
+ # mask.
1601
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1602
+ # can also be provided.
1603
+ # @param options [Google::Gax::CallOptions]
1604
+ # Overrides the default settings for this call, e.g, timeout,
1605
+ # retries, etc.
1606
+ # @yield [result, operation] Access the result along with the RPC operation
1607
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
1608
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1609
+ # @return [Google::Cloud::SecurityCenter::V1::Finding]
1610
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1611
+ # @example
1612
+ # require "google/cloud/security_center"
1613
+ #
1614
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1615
+ #
1616
+ # # TODO: Initialize `finding`:
1617
+ # finding = {}
1618
+ # response = security_center_client.update_finding(finding)
1619
+
1620
+ def update_finding \
1621
+ finding,
1622
+ update_mask: nil,
1623
+ options: nil,
1624
+ &block
1625
+ req = {
1626
+ finding: finding,
1627
+ update_mask: update_mask
1628
+ }.delete_if { |_, v| v.nil? }
1629
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateFindingRequest)
1630
+ @update_finding.call(req, options, &block)
1631
+ end
1632
+
1633
+ # Updates an organization's settings.
1634
+ #
1635
+ # @param organization_settings [Google::Cloud::SecurityCenter::V1::OrganizationSettings | Hash]
1636
+ # The organization settings resource to update.
1637
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1::OrganizationSettings`
1638
+ # can also be provided.
1639
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
1640
+ # The FieldMask to use when updating the settings resource.
1641
+ #
1642
+ # If empty all mutable fields will be updated.
1643
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1644
+ # can also be provided.
1645
+ # @param options [Google::Gax::CallOptions]
1646
+ # Overrides the default settings for this call, e.g, timeout,
1647
+ # retries, etc.
1648
+ # @yield [result, operation] Access the result along with the RPC operation
1649
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
1650
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1651
+ # @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
1652
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1653
+ # @example
1654
+ # require "google/cloud/security_center"
1655
+ #
1656
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1657
+ #
1658
+ # # TODO: Initialize `organization_settings`:
1659
+ # organization_settings = {}
1660
+ # response = security_center_client.update_organization_settings(organization_settings)
1661
+
1662
+ def update_organization_settings \
1663
+ organization_settings,
1664
+ update_mask: nil,
1665
+ options: nil,
1666
+ &block
1667
+ req = {
1668
+ organization_settings: organization_settings,
1669
+ update_mask: update_mask
1670
+ }.delete_if { |_, v| v.nil? }
1671
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest)
1672
+ @update_organization_settings.call(req, options, &block)
1673
+ end
1674
+
1675
+ # Updates a source.
1676
+ #
1677
+ # @param source [Google::Cloud::SecurityCenter::V1::Source | Hash]
1678
+ # The source resource to update.
1679
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Source`
1680
+ # can also be provided.
1681
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
1682
+ # The FieldMask to use when updating the source resource.
1683
+ #
1684
+ # If empty all mutable fields will be updated.
1685
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1686
+ # can also be provided.
1687
+ # @param options [Google::Gax::CallOptions]
1688
+ # Overrides the default settings for this call, e.g, timeout,
1689
+ # retries, etc.
1690
+ # @yield [result, operation] Access the result along with the RPC operation
1691
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
1692
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1693
+ # @return [Google::Cloud::SecurityCenter::V1::Source]
1694
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1695
+ # @example
1696
+ # require "google/cloud/security_center"
1697
+ #
1698
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1699
+ #
1700
+ # # TODO: Initialize `source`:
1701
+ # source = {}
1702
+ # response = security_center_client.update_source(source)
1703
+
1704
+ def update_source \
1705
+ source,
1706
+ update_mask: nil,
1707
+ options: nil,
1708
+ &block
1709
+ req = {
1710
+ source: source,
1711
+ update_mask: update_mask
1712
+ }.delete_if { |_, v| v.nil? }
1713
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateSourceRequest)
1714
+ @update_source.call(req, options, &block)
1715
+ end
1716
+
1717
+ # Updates security marks.
1718
+ #
1719
+ # @param security_marks [Google::Cloud::SecurityCenter::V1::SecurityMarks | Hash]
1720
+ # The security marks resource to update.
1721
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1::SecurityMarks`
1722
+ # can also be provided.
1723
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
1724
+ # The FieldMask to use when updating the security marks resource.
1725
+ #
1726
+ # The field mask must not contain duplicate fields.
1727
+ # If empty or set to "marks", all marks will be replaced. Individual
1728
+ # marks can be updated using "marks.<mark_key>".
1729
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1730
+ # can also be provided.
1731
+ # @param start_time [Google::Protobuf::Timestamp | Hash]
1732
+ # The time at which the updated SecurityMarks take effect.
1733
+ # If not set uses current server time. Updates will be applied to the
1734
+ # SecurityMarks that are active immediately preceding this time.
1735
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1736
+ # can also be provided.
1737
+ # @param options [Google::Gax::CallOptions]
1738
+ # Overrides the default settings for this call, e.g, timeout,
1739
+ # retries, etc.
1740
+ # @yield [result, operation] Access the result along with the RPC operation
1741
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1::SecurityMarks]
1742
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1743
+ # @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
1744
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1745
+ # @example
1746
+ # require "google/cloud/security_center"
1747
+ #
1748
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1749
+ #
1750
+ # # TODO: Initialize `security_marks`:
1751
+ # security_marks = {}
1752
+ # response = security_center_client.update_security_marks(security_marks)
1753
+
1754
+ def update_security_marks \
1755
+ security_marks,
1756
+ update_mask: nil,
1757
+ start_time: nil,
1758
+ options: nil,
1759
+ &block
1760
+ req = {
1761
+ security_marks: security_marks,
1762
+ update_mask: update_mask,
1763
+ start_time: start_time
1764
+ }.delete_if { |_, v| v.nil? }
1765
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest)
1766
+ @update_security_marks.call(req, options, &block)
1767
+ end
1768
+ end
1769
+ end
1770
+ end
1771
+ end
1772
+ end