google-cloud-security_center 0.10.0 → 1.1.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (78) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +3 -2
  3. data/AUTHENTICATION.md +51 -54
  4. data/LICENSE.md +203 -0
  5. data/MIGRATING.md +327 -0
  6. data/README.md +36 -25
  7. data/lib/{google/cloud/security_center/v1/doc/google/protobuf/empty.rb → google-cloud-security_center.rb} +4 -14
  8. data/lib/google/cloud/security_center.rb +87 -117
  9. data/lib/google/cloud/security_center/version.rb +6 -2
  10. metadata +63 -113
  11. data/LICENSE +0 -201
  12. data/lib/google/cloud/security_center/v1.rb +0 -149
  13. data/lib/google/cloud/security_center/v1/asset_pb.rb +0 -41
  14. data/lib/google/cloud/security_center/v1/credentials.rb +0 -41
  15. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/asset.rb +0 -105
  16. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/finding.rb +0 -97
  17. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/notification_config.rb +0 -75
  18. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/organization_settings.rb +0 -72
  19. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/security_marks.rb +0 -45
  20. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/securitycenter_service.rb +0 -912
  21. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/source.rb +0 -50
  22. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/iam_policy.rb +0 -64
  23. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/options.rb +0 -33
  24. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/policy.rb +0 -151
  25. data/lib/google/cloud/security_center/v1/doc/google/longrunning/operations.rb +0 -51
  26. data/lib/google/cloud/security_center/v1/doc/google/protobuf/any.rb +0 -131
  27. data/lib/google/cloud/security_center/v1/doc/google/protobuf/duration.rb +0 -91
  28. data/lib/google/cloud/security_center/v1/doc/google/protobuf/field_mask.rb +0 -222
  29. data/lib/google/cloud/security_center/v1/doc/google/protobuf/struct.rb +0 -74
  30. data/lib/google/cloud/security_center/v1/doc/google/protobuf/timestamp.rb +0 -113
  31. data/lib/google/cloud/security_center/v1/doc/google/rpc/status.rb +0 -39
  32. data/lib/google/cloud/security_center/v1/doc/google/type/expr.rb +0 -45
  33. data/lib/google/cloud/security_center/v1/finding_pb.rb +0 -36
  34. data/lib/google/cloud/security_center/v1/helpers.rb +0 -96
  35. data/lib/google/cloud/security_center/v1/notification_config_pb.rb +0 -28
  36. data/lib/google/cloud/security_center/v1/notification_message_pb.rb +0 -20
  37. data/lib/google/cloud/security_center/v1/organization_settings_pb.rb +0 -30
  38. data/lib/google/cloud/security_center/v1/run_asset_discovery_response_pb.rb +0 -25
  39. data/lib/google/cloud/security_center/v1/security_center_client.rb +0 -2135
  40. data/lib/google/cloud/security_center/v1/security_center_client_config.json +0 -141
  41. data/lib/google/cloud/security_center/v1/security_marks_pb.rb +0 -18
  42. data/lib/google/cloud/security_center/v1/securitycenter_service_pb.rb +0 -230
  43. data/lib/google/cloud/security_center/v1/securitycenter_service_services_pb.rb +0 -100
  44. data/lib/google/cloud/security_center/v1/source_pb.rb +0 -19
  45. data/lib/google/cloud/security_center/v1p1beta1.rb +0 -149
  46. data/lib/google/cloud/security_center/v1p1beta1/asset_pb.rb +0 -41
  47. data/lib/google/cloud/security_center/v1p1beta1/credentials.rb +0 -41
  48. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/asset.rb +0 -105
  49. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/finding.rb +0 -96
  50. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/notification_config.rb +0 -87
  51. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/organization_settings.rb +0 -72
  52. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/security_marks.rb +0 -45
  53. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/securitycenter_service.rb +0 -923
  54. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/source.rb +0 -49
  55. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/iam_policy.rb +0 -64
  56. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/options.rb +0 -33
  57. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/policy.rb +0 -151
  58. data/lib/google/cloud/security_center/v1p1beta1/doc/google/longrunning/operations.rb +0 -51
  59. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/any.rb +0 -131
  60. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/duration.rb +0 -91
  61. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/empty.rb +0 -29
  62. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/field_mask.rb +0 -222
  63. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/struct.rb +0 -74
  64. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/timestamp.rb +0 -113
  65. data/lib/google/cloud/security_center/v1p1beta1/doc/google/rpc/status.rb +0 -39
  66. data/lib/google/cloud/security_center/v1p1beta1/doc/google/type/expr.rb +0 -45
  67. data/lib/google/cloud/security_center/v1p1beta1/finding_pb.rb +0 -36
  68. data/lib/google/cloud/security_center/v1p1beta1/helpers.rb +0 -79
  69. data/lib/google/cloud/security_center/v1p1beta1/notification_config_pb.rb +0 -34
  70. data/lib/google/cloud/security_center/v1p1beta1/notification_message_pb.rb +0 -21
  71. data/lib/google/cloud/security_center/v1p1beta1/organization_settings_pb.rb +0 -30
  72. data/lib/google/cloud/security_center/v1p1beta1/run_asset_discovery_response_pb.rb +0 -25
  73. data/lib/google/cloud/security_center/v1p1beta1/security_center_client.rb +0 -2110
  74. data/lib/google/cloud/security_center/v1p1beta1/security_center_client_config.json +0 -141
  75. data/lib/google/cloud/security_center/v1p1beta1/security_marks_pb.rb +0 -18
  76. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_pb.rb +0 -234
  77. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_services_pb.rb +0 -103
  78. data/lib/google/cloud/security_center/v1p1beta1/source_pb.rb +0 -19
@@ -1,39 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Rpc
18
- # The `Status` type defines a logical error model that is suitable for
19
- # different programming environments, including REST APIs and RPC APIs. It is
20
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
21
- # three pieces of data: error code, error message, and error details.
22
- #
23
- # You can find out more about this error model and how to work with it in the
24
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
25
- # @!attribute [rw] code
26
- # @return [Integer]
27
- # The status code, which should be an enum value of {Google::Rpc::Code}.
28
- # @!attribute [rw] message
29
- # @return [String]
30
- # A developer-facing error message, which should be in English. Any
31
- # user-facing error message should be localized and sent in the
32
- # {Google::Rpc::Status#details} field, or localized by the client.
33
- # @!attribute [rw] details
34
- # @return [Array<Google::Protobuf::Any>]
35
- # A list of messages that carry the error details. There is a common set of
36
- # message types for APIs to use.
37
- class Status; end
38
- end
39
- end
@@ -1,45 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Type
18
- # Represents an expression text. Example:
19
- #
20
- # title: "User account presence"
21
- # description: "Determines whether the request has a user account"
22
- # expression: "size(request.user) > 0"
23
- # @!attribute [rw] expression
24
- # @return [String]
25
- # Textual representation of an expression in
26
- # Common Expression Language syntax.
27
- #
28
- # The application context of the containing message determines which
29
- # well-known feature set of CEL is supported.
30
- # @!attribute [rw] title
31
- # @return [String]
32
- # An optional title for the expression, i.e. a short string describing
33
- # its purpose. This can be used e.g. in UIs which allow to enter the
34
- # expression.
35
- # @!attribute [rw] description
36
- # @return [String]
37
- # An optional description of the expression. This is a longer text which
38
- # describes the expression, e.g. when hovered over it in a UI.
39
- # @!attribute [rw] location
40
- # @return [String]
41
- # An optional string indicating the location of the expression for error
42
- # reporting, e.g. a file name and a position in the file.
43
- class Expr; end
44
- end
45
- end
@@ -1,36 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1p1beta1/finding.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/api/field_behavior_pb'
9
- require 'google/api/resource_pb'
10
- require 'google/cloud/security_center/v1p1beta1/security_marks_pb'
11
- require 'google/protobuf/struct_pb'
12
- require 'google/protobuf/timestamp_pb'
13
- Google::Protobuf::DescriptorPool.generated_pool.build do
14
- add_message "google.cloud.securitycenter.v1p1beta1.Finding" do
15
- optional :name, :string, 1
16
- optional :parent, :string, 2
17
- optional :resource_name, :string, 3
18
- optional :state, :enum, 4, "google.cloud.securitycenter.v1p1beta1.Finding.State"
19
- optional :category, :string, 5
20
- optional :external_uri, :string, 6
21
- map :source_properties, :string, :message, 7, "google.protobuf.Value"
22
- optional :security_marks, :message, 8, "google.cloud.securitycenter.v1p1beta1.SecurityMarks"
23
- optional :event_time, :message, 9, "google.protobuf.Timestamp"
24
- optional :create_time, :message, 10, "google.protobuf.Timestamp"
25
- end
26
- add_enum "google.cloud.securitycenter.v1p1beta1.Finding.State" do
27
- value :STATE_UNSPECIFIED, 0
28
- value :ACTIVE, 1
29
- value :INACTIVE, 2
30
- end
31
- end
32
-
33
- module Google::Cloud::SecurityCenter::V1p1beta1
34
- Finding = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.Finding").msgclass
35
- Finding::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.Finding.State").enummodule
36
- end
@@ -1,79 +0,0 @@
1
- # Copyright 2019 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # # limitations under the License.
14
-
15
- module Google
16
- module Cloud
17
- module SecurityCenter
18
- module V1p1beta1
19
- class SecurityCenterClient
20
-
21
- # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.finding_path.
22
- # @param organization [String]
23
- # @param source [String]
24
- # @param finding [String]
25
- # @return [String]
26
- def finding_path organization, source, finding
27
- self.class.finding_path organization, source, finding
28
- end
29
-
30
- # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.notification_config_path.
31
- # @param organization [String]
32
- # @param notification_config [String]
33
- # @return [String]
34
- def notification_config_path organization, notification_config
35
- self.class.notification_config_path organization, notification_config
36
- end
37
-
38
- # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path.
39
- # @param organization [String]
40
- # @return [String]
41
- def organization_path organization
42
- self.class.organization_path organization
43
- end
44
-
45
- # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_settings_path.
46
- # @param organization [String]
47
- # @return [String]
48
- def organization_settings_path organization
49
- self.class.organization_settings_path organization
50
- end
51
-
52
- # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.security_marks_path.
53
- # @param organization [String]
54
- # @param asset [String]
55
- # @return [String]
56
- def security_marks_path organization, asset
57
- self.class.security_marks_path organization, asset
58
- end
59
-
60
- # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path.
61
- # @param organization [String]
62
- # @param source [String]
63
- # @return [String]
64
- def source_path organization, source
65
- self.class.source_path organization, source
66
- end
67
-
68
- # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.topic_path.
69
- # @param project [String]
70
- # @param topic [String]
71
- # @return [String]
72
- def topic_path project, topic
73
- self.class.topic_path project, topic
74
- end
75
- end
76
- end
77
- end
78
- end
79
- end
@@ -1,34 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1p1beta1/notification_config.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/api/field_behavior_pb'
9
- require 'google/api/resource_pb'
10
- Google::Protobuf::DescriptorPool.generated_pool.build do
11
- add_message "google.cloud.securitycenter.v1p1beta1.NotificationConfig" do
12
- optional :name, :string, 1
13
- optional :description, :string, 2
14
- optional :event_type, :enum, 3, "google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType"
15
- optional :pubsub_topic, :string, 4
16
- optional :service_account, :string, 5
17
- oneof :notify_config do
18
- optional :streaming_config, :message, 6, "google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig"
19
- end
20
- end
21
- add_message "google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig" do
22
- optional :filter, :string, 1
23
- end
24
- add_enum "google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType" do
25
- value :EVENT_TYPE_UNSPECIFIED, 0
26
- value :FINDING, 1
27
- end
28
- end
29
-
30
- module Google::Cloud::SecurityCenter::V1p1beta1
31
- NotificationConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationConfig").msgclass
32
- NotificationConfig::StreamingConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig").msgclass
33
- NotificationConfig::EventType = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType").enummodule
34
- end
@@ -1,21 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1p1beta1/notification_message.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/cloud/security_center/v1p1beta1/asset_pb'
9
- require 'google/cloud/security_center/v1p1beta1/finding_pb'
10
- Google::Protobuf::DescriptorPool.generated_pool.build do
11
- add_message "google.cloud.securitycenter.v1p1beta1.NotificationMessage" do
12
- optional :notification_config_name, :string, 1
13
- oneof :event do
14
- optional :finding, :message, 2, "google.cloud.securitycenter.v1p1beta1.Finding"
15
- end
16
- end
17
- end
18
-
19
- module Google::Cloud::SecurityCenter::V1p1beta1
20
- NotificationMessage = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationMessage").msgclass
21
- end
@@ -1,30 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1p1beta1/organization_settings.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/api/resource_pb'
9
- Google::Protobuf::DescriptorPool.generated_pool.build do
10
- add_message "google.cloud.securitycenter.v1p1beta1.OrganizationSettings" do
11
- optional :name, :string, 1
12
- optional :enable_asset_discovery, :bool, 2
13
- optional :asset_discovery_config, :message, 3, "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig"
14
- end
15
- add_message "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig" do
16
- repeated :project_ids, :string, 1
17
- optional :inclusion_mode, :enum, 2, "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"
18
- end
19
- add_enum "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode" do
20
- value :INCLUSION_MODE_UNSPECIFIED, 0
21
- value :INCLUDE_ONLY, 1
22
- value :EXCLUDE, 2
23
- end
24
- end
25
-
26
- module Google::Cloud::SecurityCenter::V1p1beta1
27
- OrganizationSettings = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.OrganizationSettings").msgclass
28
- OrganizationSettings::AssetDiscoveryConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig").msgclass
29
- OrganizationSettings::AssetDiscoveryConfig::InclusionMode = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode").enummodule
30
- end
@@ -1,25 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1p1beta1/run_asset_discovery_response.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/protobuf/duration_pb'
9
- Google::Protobuf::DescriptorPool.generated_pool.build do
10
- add_message "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse" do
11
- optional :state, :enum, 1, "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State"
12
- optional :duration, :message, 2, "google.protobuf.Duration"
13
- end
14
- add_enum "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State" do
15
- value :STATE_UNSPECIFIED, 0
16
- value :COMPLETED, 1
17
- value :SUPERSEDED, 2
18
- value :TERMINATED, 3
19
- end
20
- end
21
-
22
- module Google::Cloud::SecurityCenter::V1p1beta1
23
- RunAssetDiscoveryResponse = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse").msgclass
24
- RunAssetDiscoveryResponse::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State").enummodule
25
- end
@@ -1,2110 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
- #
15
- # EDITING INSTRUCTIONS
16
- # This file was generated from the file
17
- # https://github.com/googleapis/googleapis/blob/master/google/cloud/security_center/v1p1beta1/securitycenter_service.proto,
18
- # and updates to that file get reflected here through a refresh process.
19
- # For the short term, the refresh process will only be runnable by Google
20
- # engineers.
21
-
22
-
23
- require "json"
24
- require "pathname"
25
-
26
- require "google/gax"
27
- require "google/gax/operation"
28
- require "google/longrunning/operations_client"
29
-
30
- require "google/cloud/security_center/v1p1beta1/securitycenter_service_pb"
31
- require "google/cloud/security_center/v1/run_asset_discovery_response_pb"
32
- require "google/cloud/security_center/v1p1beta1/credentials"
33
- require "google/cloud/security_center/version"
34
-
35
- module Google
36
- module Cloud
37
- module SecurityCenter
38
- module V1p1beta1
39
- # V1p1Beta1 APIs for Security Center service.
40
- #
41
- # @!attribute [r] security_center_stub
42
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Stub]
43
- class SecurityCenterClient
44
- # @private
45
- attr_reader :security_center_stub
46
-
47
- # The default address of the service.
48
- SERVICE_ADDRESS = "securitycenter.googleapis.com".freeze
49
-
50
- # The default port of the service.
51
- DEFAULT_SERVICE_PORT = 443
52
-
53
- # The default set of gRPC interceptors.
54
- GRPC_INTERCEPTORS = []
55
-
56
- DEFAULT_TIMEOUT = 30
57
-
58
- PAGE_DESCRIPTORS = {
59
- "group_assets" => Google::Gax::PageDescriptor.new(
60
- "page_token",
61
- "next_page_token",
62
- "group_by_results"),
63
- "group_findings" => Google::Gax::PageDescriptor.new(
64
- "page_token",
65
- "next_page_token",
66
- "group_by_results"),
67
- "list_assets" => Google::Gax::PageDescriptor.new(
68
- "page_token",
69
- "next_page_token",
70
- "list_assets_results"),
71
- "list_findings" => Google::Gax::PageDescriptor.new(
72
- "page_token",
73
- "next_page_token",
74
- "list_findings_results"),
75
- "list_notification_configs" => Google::Gax::PageDescriptor.new(
76
- "page_token",
77
- "next_page_token",
78
- "notification_configs"),
79
- "list_sources" => Google::Gax::PageDescriptor.new(
80
- "page_token",
81
- "next_page_token",
82
- "sources")
83
- }.freeze
84
-
85
- private_constant :PAGE_DESCRIPTORS
86
-
87
- # The scopes needed to make gRPC calls to all of the methods defined in
88
- # this service.
89
- ALL_SCOPES = [
90
- "https://www.googleapis.com/auth/cloud-platform"
91
- ].freeze
92
-
93
- class OperationsClient < Google::Longrunning::OperationsClient
94
- self::SERVICE_ADDRESS = SecurityCenterClient::SERVICE_ADDRESS
95
- self::GRPC_INTERCEPTORS = SecurityCenterClient::GRPC_INTERCEPTORS
96
- end
97
-
98
- FINDING_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
99
- "organizations/{organization}/sources/{source}/findings/{finding}"
100
- )
101
-
102
- private_constant :FINDING_PATH_TEMPLATE
103
-
104
- NOTIFICATION_CONFIG_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
105
- "organizations/{organization}/notificationConfigs/{notification_config}"
106
- )
107
-
108
- private_constant :NOTIFICATION_CONFIG_PATH_TEMPLATE
109
-
110
- ORGANIZATION_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
111
- "organizations/{organization}"
112
- )
113
-
114
- private_constant :ORGANIZATION_PATH_TEMPLATE
115
-
116
- ORGANIZATION_SETTINGS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
117
- "organizations/{organization}/organizationSettings"
118
- )
119
-
120
- private_constant :ORGANIZATION_SETTINGS_PATH_TEMPLATE
121
-
122
- SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
123
- "organizations/{organization}/assets/{asset}/securityMarks"
124
- )
125
-
126
- private_constant :SECURITY_MARKS_PATH_TEMPLATE
127
-
128
- SOURCE_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
129
- "organizations/{organization}/sources/{source}"
130
- )
131
-
132
- private_constant :SOURCE_PATH_TEMPLATE
133
-
134
- TOPIC_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
135
- "projects/{project}/topics/{topic}"
136
- )
137
-
138
- private_constant :TOPIC_PATH_TEMPLATE
139
-
140
- # Returns a fully-qualified finding resource name string.
141
- # @param organization [String]
142
- # @param source [String]
143
- # @param finding [String]
144
- # @return [String]
145
- def self.finding_path organization, source, finding
146
- FINDING_PATH_TEMPLATE.render(
147
- :"organization" => organization,
148
- :"source" => source,
149
- :"finding" => finding
150
- )
151
- end
152
-
153
- # Returns a fully-qualified notification_config resource name string.
154
- # @param organization [String]
155
- # @param notification_config [String]
156
- # @return [String]
157
- def self.notification_config_path organization, notification_config
158
- NOTIFICATION_CONFIG_PATH_TEMPLATE.render(
159
- :"organization" => organization,
160
- :"notification_config" => notification_config
161
- )
162
- end
163
-
164
- # Returns a fully-qualified organization resource name string.
165
- # @param organization [String]
166
- # @return [String]
167
- def self.organization_path organization
168
- ORGANIZATION_PATH_TEMPLATE.render(
169
- :"organization" => organization
170
- )
171
- end
172
-
173
- # Returns a fully-qualified organization_settings resource name string.
174
- # @param organization [String]
175
- # @return [String]
176
- def self.organization_settings_path organization
177
- ORGANIZATION_SETTINGS_PATH_TEMPLATE.render(
178
- :"organization" => organization
179
- )
180
- end
181
-
182
- # Returns a fully-qualified security_marks resource name string.
183
- # @param organization [String]
184
- # @param asset [String]
185
- # @return [String]
186
- def self.security_marks_path organization, asset
187
- SECURITY_MARKS_PATH_TEMPLATE.render(
188
- :"organization" => organization,
189
- :"asset" => asset
190
- )
191
- end
192
-
193
- # Returns a fully-qualified source resource name string.
194
- # @param organization [String]
195
- # @param source [String]
196
- # @return [String]
197
- def self.source_path organization, source
198
- SOURCE_PATH_TEMPLATE.render(
199
- :"organization" => organization,
200
- :"source" => source
201
- )
202
- end
203
-
204
- # Returns a fully-qualified topic resource name string.
205
- # @param project [String]
206
- # @param topic [String]
207
- # @return [String]
208
- def self.topic_path project, topic
209
- TOPIC_PATH_TEMPLATE.render(
210
- :"project" => project,
211
- :"topic" => topic
212
- )
213
- end
214
-
215
- # @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
216
- # Provides the means for authenticating requests made by the client. This parameter can
217
- # be many types.
218
- # A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
219
- # authenticating requests made by this client.
220
- # A `String` will be treated as the path to the keyfile to be used for the construction of
221
- # credentials for this client.
222
- # A `Hash` will be treated as the contents of a keyfile to be used for the construction of
223
- # credentials for this client.
224
- # A `GRPC::Core::Channel` will be used to make calls through.
225
- # A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
226
- # should already be composed with a `GRPC::Core::CallCredentials` object.
227
- # A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
228
- # metadata for requests, generally, to give OAuth credentials.
229
- # @param scopes [Array<String>]
230
- # The OAuth scopes for this service. This parameter is ignored if
231
- # an updater_proc is supplied.
232
- # @param client_config [Hash]
233
- # A Hash for call options for each method. See
234
- # Google::Gax#construct_settings for the structure of
235
- # this data. Falls back to the default config if not specified
236
- # or the specified config is missing data points.
237
- # @param timeout [Numeric]
238
- # The default timeout, in seconds, for calls made through this client.
239
- # @param metadata [Hash]
240
- # Default metadata to be sent with each request. This can be overridden on a per call basis.
241
- # @param service_address [String]
242
- # Override for the service hostname, or `nil` to leave as the default.
243
- # @param service_port [Integer]
244
- # Override for the service port, or `nil` to leave as the default.
245
- # @param exception_transformer [Proc]
246
- # An optional proc that intercepts any exceptions raised during an API call to inject
247
- # custom error handling.
248
- def initialize \
249
- credentials: nil,
250
- scopes: ALL_SCOPES,
251
- client_config: {},
252
- timeout: DEFAULT_TIMEOUT,
253
- metadata: nil,
254
- service_address: nil,
255
- service_port: nil,
256
- exception_transformer: nil,
257
- lib_name: nil,
258
- lib_version: ""
259
- # These require statements are intentionally placed here to initialize
260
- # the gRPC module only when it's required.
261
- # See https://github.com/googleapis/toolkit/issues/446
262
- require "google/gax/grpc"
263
- require "google/cloud/security_center/v1p1beta1/securitycenter_service_services_pb"
264
-
265
- credentials ||= Google::Cloud::SecurityCenter::V1p1beta1::Credentials.default
266
-
267
- @operations_client = OperationsClient.new(
268
- credentials: credentials,
269
- scopes: scopes,
270
- client_config: client_config,
271
- timeout: timeout,
272
- lib_name: lib_name,
273
- service_address: service_address,
274
- service_port: service_port,
275
- lib_version: lib_version,
276
- metadata: metadata,
277
- )
278
-
279
- if credentials.is_a?(String) || credentials.is_a?(Hash)
280
- updater_proc = Google::Cloud::SecurityCenter::V1p1beta1::Credentials.new(credentials).updater_proc
281
- end
282
- if credentials.is_a?(GRPC::Core::Channel)
283
- channel = credentials
284
- end
285
- if credentials.is_a?(GRPC::Core::ChannelCredentials)
286
- chan_creds = credentials
287
- end
288
- if credentials.is_a?(Proc)
289
- updater_proc = credentials
290
- end
291
- if credentials.is_a?(Google::Auth::Credentials)
292
- updater_proc = credentials.updater_proc
293
- end
294
-
295
- package_version = Google::Cloud::SecurityCenter::VERSION
296
-
297
- google_api_client = "gl-ruby/#{RUBY_VERSION}"
298
- google_api_client << " #{lib_name}/#{lib_version}" if lib_name
299
- google_api_client << " gapic/#{package_version} gax/#{Google::Gax::VERSION}"
300
- google_api_client << " grpc/#{GRPC::VERSION}"
301
- google_api_client.freeze
302
-
303
- headers = { :"x-goog-api-client" => google_api_client }
304
- if credentials.respond_to?(:quota_project_id) && credentials.quota_project_id
305
- headers[:"x-goog-user-project"] = credentials.quota_project_id
306
- end
307
- headers.merge!(metadata) unless metadata.nil?
308
- client_config_file = Pathname.new(__dir__).join(
309
- "security_center_client_config.json"
310
- )
311
- defaults = client_config_file.open do |f|
312
- Google::Gax.construct_settings(
313
- "google.cloud.securitycenter.v1p1beta1.SecurityCenter",
314
- JSON.parse(f.read),
315
- client_config,
316
- Google::Gax::Grpc::STATUS_CODE_NAMES,
317
- timeout,
318
- page_descriptors: PAGE_DESCRIPTORS,
319
- errors: Google::Gax::Grpc::API_ERRORS,
320
- metadata: headers
321
- )
322
- end
323
-
324
- # Allow overriding the service path/port in subclasses.
325
- service_path = service_address || self.class::SERVICE_ADDRESS
326
- port = service_port || self.class::DEFAULT_SERVICE_PORT
327
- interceptors = self.class::GRPC_INTERCEPTORS
328
- @security_center_stub = Google::Gax::Grpc.create_stub(
329
- service_path,
330
- port,
331
- chan_creds: chan_creds,
332
- channel: channel,
333
- updater_proc: updater_proc,
334
- scopes: scopes,
335
- interceptors: interceptors,
336
- &Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Stub.method(:new)
337
- )
338
-
339
- @create_source = Google::Gax.create_api_call(
340
- @security_center_stub.method(:create_source),
341
- defaults["create_source"],
342
- exception_transformer: exception_transformer,
343
- params_extractor: proc do |request|
344
- {'parent' => request.parent}
345
- end
346
- )
347
- @create_finding = Google::Gax.create_api_call(
348
- @security_center_stub.method(:create_finding),
349
- defaults["create_finding"],
350
- exception_transformer: exception_transformer,
351
- params_extractor: proc do |request|
352
- {'parent' => request.parent}
353
- end
354
- )
355
- @create_notification_config = Google::Gax.create_api_call(
356
- @security_center_stub.method(:create_notification_config),
357
- defaults["create_notification_config"],
358
- exception_transformer: exception_transformer,
359
- params_extractor: proc do |request|
360
- {'parent' => request.parent}
361
- end
362
- )
363
- @delete_notification_config = Google::Gax.create_api_call(
364
- @security_center_stub.method(:delete_notification_config),
365
- defaults["delete_notification_config"],
366
- exception_transformer: exception_transformer,
367
- params_extractor: proc do |request|
368
- {'name' => request.name}
369
- end
370
- )
371
- @get_iam_policy = Google::Gax.create_api_call(
372
- @security_center_stub.method(:get_iam_policy),
373
- defaults["get_iam_policy"],
374
- exception_transformer: exception_transformer,
375
- params_extractor: proc do |request|
376
- {'resource' => request.resource}
377
- end
378
- )
379
- @get_notification_config = Google::Gax.create_api_call(
380
- @security_center_stub.method(:get_notification_config),
381
- defaults["get_notification_config"],
382
- exception_transformer: exception_transformer,
383
- params_extractor: proc do |request|
384
- {'name' => request.name}
385
- end
386
- )
387
- @get_organization_settings = Google::Gax.create_api_call(
388
- @security_center_stub.method(:get_organization_settings),
389
- defaults["get_organization_settings"],
390
- exception_transformer: exception_transformer,
391
- params_extractor: proc do |request|
392
- {'name' => request.name}
393
- end
394
- )
395
- @get_source = Google::Gax.create_api_call(
396
- @security_center_stub.method(:get_source),
397
- defaults["get_source"],
398
- exception_transformer: exception_transformer,
399
- params_extractor: proc do |request|
400
- {'name' => request.name}
401
- end
402
- )
403
- @group_assets = Google::Gax.create_api_call(
404
- @security_center_stub.method(:group_assets),
405
- defaults["group_assets"],
406
- exception_transformer: exception_transformer,
407
- params_extractor: proc do |request|
408
- {'parent' => request.parent}
409
- end
410
- )
411
- @group_findings = Google::Gax.create_api_call(
412
- @security_center_stub.method(:group_findings),
413
- defaults["group_findings"],
414
- exception_transformer: exception_transformer,
415
- params_extractor: proc do |request|
416
- {'parent' => request.parent}
417
- end
418
- )
419
- @list_assets = Google::Gax.create_api_call(
420
- @security_center_stub.method(:list_assets),
421
- defaults["list_assets"],
422
- exception_transformer: exception_transformer,
423
- params_extractor: proc do |request|
424
- {'parent' => request.parent}
425
- end
426
- )
427
- @list_findings = Google::Gax.create_api_call(
428
- @security_center_stub.method(:list_findings),
429
- defaults["list_findings"],
430
- exception_transformer: exception_transformer,
431
- params_extractor: proc do |request|
432
- {'parent' => request.parent}
433
- end
434
- )
435
- @list_notification_configs = Google::Gax.create_api_call(
436
- @security_center_stub.method(:list_notification_configs),
437
- defaults["list_notification_configs"],
438
- exception_transformer: exception_transformer,
439
- params_extractor: proc do |request|
440
- {'parent' => request.parent}
441
- end
442
- )
443
- @list_sources = Google::Gax.create_api_call(
444
- @security_center_stub.method(:list_sources),
445
- defaults["list_sources"],
446
- exception_transformer: exception_transformer,
447
- params_extractor: proc do |request|
448
- {'parent' => request.parent}
449
- end
450
- )
451
- @run_asset_discovery = Google::Gax.create_api_call(
452
- @security_center_stub.method(:run_asset_discovery),
453
- defaults["run_asset_discovery"],
454
- exception_transformer: exception_transformer,
455
- params_extractor: proc do |request|
456
- {'parent' => request.parent}
457
- end
458
- )
459
- @set_finding_state = Google::Gax.create_api_call(
460
- @security_center_stub.method(:set_finding_state),
461
- defaults["set_finding_state"],
462
- exception_transformer: exception_transformer,
463
- params_extractor: proc do |request|
464
- {'name' => request.name}
465
- end
466
- )
467
- @set_iam_policy = Google::Gax.create_api_call(
468
- @security_center_stub.method(:set_iam_policy),
469
- defaults["set_iam_policy"],
470
- exception_transformer: exception_transformer,
471
- params_extractor: proc do |request|
472
- {'resource' => request.resource}
473
- end
474
- )
475
- @test_iam_permissions = Google::Gax.create_api_call(
476
- @security_center_stub.method(:test_iam_permissions),
477
- defaults["test_iam_permissions"],
478
- exception_transformer: exception_transformer,
479
- params_extractor: proc do |request|
480
- {'resource' => request.resource}
481
- end
482
- )
483
- @update_finding = Google::Gax.create_api_call(
484
- @security_center_stub.method(:update_finding),
485
- defaults["update_finding"],
486
- exception_transformer: exception_transformer,
487
- params_extractor: proc do |request|
488
- {'finding.name' => request.finding.name}
489
- end
490
- )
491
- @update_notification_config = Google::Gax.create_api_call(
492
- @security_center_stub.method(:update_notification_config),
493
- defaults["update_notification_config"],
494
- exception_transformer: exception_transformer,
495
- params_extractor: proc do |request|
496
- {'notification_config.name' => request.notification_config.name}
497
- end
498
- )
499
- @update_organization_settings = Google::Gax.create_api_call(
500
- @security_center_stub.method(:update_organization_settings),
501
- defaults["update_organization_settings"],
502
- exception_transformer: exception_transformer,
503
- params_extractor: proc do |request|
504
- {'organization_settings.name' => request.organization_settings.name}
505
- end
506
- )
507
- @update_source = Google::Gax.create_api_call(
508
- @security_center_stub.method(:update_source),
509
- defaults["update_source"],
510
- exception_transformer: exception_transformer,
511
- params_extractor: proc do |request|
512
- {'source.name' => request.source.name}
513
- end
514
- )
515
- @update_security_marks = Google::Gax.create_api_call(
516
- @security_center_stub.method(:update_security_marks),
517
- defaults["update_security_marks"],
518
- exception_transformer: exception_transformer,
519
- params_extractor: proc do |request|
520
- {'security_marks.name' => request.security_marks.name}
521
- end
522
- )
523
- end
524
-
525
- # Service calls
526
-
527
- # Creates a source.
528
- #
529
- # @param parent [String]
530
- # Required. Resource name of the new source's parent. Its format should be
531
- # "organizations/[organization_id]".
532
- # @param source [Google::Cloud::SecurityCenter::V1p1beta1::Source | Hash]
533
- # Required. The Source being created, only the display_name and description
534
- # will be used. All other fields will be ignored.
535
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Source`
536
- # can also be provided.
537
- # @param options [Google::Gax::CallOptions]
538
- # Overrides the default settings for this call, e.g, timeout,
539
- # retries, etc.
540
- # @yield [result, operation] Access the result along with the RPC operation
541
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Source]
542
- # @yieldparam operation [GRPC::ActiveCall::Operation]
543
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::Source]
544
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
545
- # @example
546
- # require "google/cloud/security_center"
547
- #
548
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
549
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
550
- #
551
- # # TODO: Initialize `source`:
552
- # source = {}
553
- # response = security_center_client.create_source(formatted_parent, source)
554
-
555
- def create_source \
556
- parent,
557
- source,
558
- options: nil,
559
- &block
560
- req = {
561
- parent: parent,
562
- source: source
563
- }.delete_if { |_, v| v.nil? }
564
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::CreateSourceRequest)
565
- @create_source.call(req, options, &block)
566
- end
567
-
568
- # Creates a finding. The corresponding source must exist for finding
569
- # creation to succeed.
570
- #
571
- # @param parent [String]
572
- # Required. Resource name of the new finding's parent. Its format should be
573
- # "organizations/[organization_id]/sources/[source_id]".
574
- # @param finding_id [String]
575
- # Required. Unique identifier provided by the client within the parent scope.
576
- # It must be alphanumeric and less than or equal to 32 characters and
577
- # greater than 0 characters in length.
578
- # @param finding [Google::Cloud::SecurityCenter::V1p1beta1::Finding | Hash]
579
- # Required. The Finding being created. The name and security_marks will be
580
- # ignored as they are both output only fields on this resource.
581
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Finding`
582
- # can also be provided.
583
- # @param options [Google::Gax::CallOptions]
584
- # Overrides the default settings for this call, e.g, timeout,
585
- # retries, etc.
586
- # @yield [result, operation] Access the result along with the RPC operation
587
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
588
- # @yieldparam operation [GRPC::ActiveCall::Operation]
589
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
590
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
591
- # @example
592
- # require "google/cloud/security_center"
593
- #
594
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
595
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
596
- #
597
- # # TODO: Initialize `finding_id`:
598
- # finding_id = ''
599
- #
600
- # # TODO: Initialize `finding`:
601
- # finding = {}
602
- # response = security_center_client.create_finding(formatted_parent, finding_id, finding)
603
-
604
- def create_finding \
605
- parent,
606
- finding_id,
607
- finding,
608
- options: nil,
609
- &block
610
- req = {
611
- parent: parent,
612
- finding_id: finding_id,
613
- finding: finding
614
- }.delete_if { |_, v| v.nil? }
615
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::CreateFindingRequest)
616
- @create_finding.call(req, options, &block)
617
- end
618
-
619
- # Creates a notification config.
620
- #
621
- # @param parent [String]
622
- # Required. Resource name of the new notification config's parent. Its format
623
- # is "organizations/[organization_id]".
624
- # @param config_id [String]
625
- # Required.
626
- # Unique identifier provided by the client within the parent scope.
627
- # It must be between 1 and 128 characters, and contains alphanumeric
628
- # characters, underscores or hyphens only.
629
- # @param notification_config [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig | Hash]
630
- # Required. The notification config being created. The name and the service
631
- # account will be ignored as they are both output only fields on this
632
- # resource.
633
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig`
634
- # can also be provided.
635
- # @param options [Google::Gax::CallOptions]
636
- # Overrides the default settings for this call, e.g, timeout,
637
- # retries, etc.
638
- # @yield [result, operation] Access the result along with the RPC operation
639
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
640
- # @yieldparam operation [GRPC::ActiveCall::Operation]
641
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
642
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
643
- # @example
644
- # require "google/cloud/security_center"
645
- #
646
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
647
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
648
- #
649
- # # TODO: Initialize `config_id`:
650
- # config_id = ''
651
- #
652
- # # TODO: Initialize `notification_config`:
653
- # notification_config = {}
654
- # response = security_center_client.create_notification_config(formatted_parent, config_id, notification_config)
655
-
656
- def create_notification_config \
657
- parent,
658
- config_id,
659
- notification_config,
660
- options: nil,
661
- &block
662
- req = {
663
- parent: parent,
664
- config_id: config_id,
665
- notification_config: notification_config
666
- }.delete_if { |_, v| v.nil? }
667
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::CreateNotificationConfigRequest)
668
- @create_notification_config.call(req, options, &block)
669
- end
670
-
671
- # Deletes a notification config.
672
- #
673
- # @param name [String]
674
- # Required. Name of the notification config to delete. Its format is
675
- # "organizations/[organization_id]/notificationConfigs/[config_id]".
676
- # @param options [Google::Gax::CallOptions]
677
- # Overrides the default settings for this call, e.g, timeout,
678
- # retries, etc.
679
- # @yield [result, operation] Access the result along with the RPC operation
680
- # @yieldparam result []
681
- # @yieldparam operation [GRPC::ActiveCall::Operation]
682
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
683
- # @example
684
- # require "google/cloud/security_center"
685
- #
686
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
687
- # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.notification_config_path("[ORGANIZATION]", "[NOTIFICATION_CONFIG]")
688
- # security_center_client.delete_notification_config(formatted_name)
689
-
690
- def delete_notification_config \
691
- name,
692
- options: nil,
693
- &block
694
- req = {
695
- name: name
696
- }.delete_if { |_, v| v.nil? }
697
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::DeleteNotificationConfigRequest)
698
- @delete_notification_config.call(req, options, &block)
699
- nil
700
- end
701
-
702
- # Gets the access control policy on the specified Source.
703
- #
704
- # @param resource [String]
705
- # REQUIRED: The resource for which the policy is being requested.
706
- # See the operation documentation for the appropriate value for this field.
707
- # @param options_ [Google::Iam::V1::GetPolicyOptions | Hash]
708
- # OPTIONAL: A `GetPolicyOptions` object for specifying options to
709
- # `GetIamPolicy`. This field is only used by Cloud IAM.
710
- # A hash of the same form as `Google::Iam::V1::GetPolicyOptions`
711
- # can also be provided.
712
- # @param options [Google::Gax::CallOptions]
713
- # Overrides the default settings for this call, e.g, timeout,
714
- # retries, etc.
715
- # @yield [result, operation] Access the result along with the RPC operation
716
- # @yieldparam result [Google::Iam::V1::Policy]
717
- # @yieldparam operation [GRPC::ActiveCall::Operation]
718
- # @return [Google::Iam::V1::Policy]
719
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
720
- # @example
721
- # require "google/cloud/security_center"
722
- #
723
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
724
- #
725
- # # TODO: Initialize `resource`:
726
- # resource = ''
727
- # response = security_center_client.get_iam_policy(resource)
728
-
729
- def get_iam_policy \
730
- resource,
731
- options_: nil,
732
- options: nil,
733
- &block
734
- req = {
735
- resource: resource,
736
- options: options_
737
- }.delete_if { |_, v| v.nil? }
738
- req = Google::Gax::to_proto(req, Google::Iam::V1::GetIamPolicyRequest)
739
- @get_iam_policy.call(req, options, &block)
740
- end
741
-
742
- # Gets a notification config.
743
- #
744
- # @param name [String]
745
- # Required. Name of the notification config to get. Its format is
746
- # "organizations/[organization_id]/notificationConfigs/[config_id]".
747
- # @param options [Google::Gax::CallOptions]
748
- # Overrides the default settings for this call, e.g, timeout,
749
- # retries, etc.
750
- # @yield [result, operation] Access the result along with the RPC operation
751
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
752
- # @yieldparam operation [GRPC::ActiveCall::Operation]
753
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
754
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
755
- # @example
756
- # require "google/cloud/security_center"
757
- #
758
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
759
- # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.notification_config_path("[ORGANIZATION]", "[NOTIFICATION_CONFIG]")
760
- # response = security_center_client.get_notification_config(formatted_name)
761
-
762
- def get_notification_config \
763
- name,
764
- options: nil,
765
- &block
766
- req = {
767
- name: name
768
- }.delete_if { |_, v| v.nil? }
769
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GetNotificationConfigRequest)
770
- @get_notification_config.call(req, options, &block)
771
- end
772
-
773
- # Gets the settings for an organization.
774
- #
775
- # @param name [String]
776
- # Required. Name of the organization to get organization settings for. Its
777
- # format is "organizations/[organization_id]/organizationSettings".
778
- # @param options [Google::Gax::CallOptions]
779
- # Overrides the default settings for this call, e.g, timeout,
780
- # retries, etc.
781
- # @yield [result, operation] Access the result along with the RPC operation
782
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
783
- # @yieldparam operation [GRPC::ActiveCall::Operation]
784
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
785
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
786
- # @example
787
- # require "google/cloud/security_center"
788
- #
789
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
790
- # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_settings_path("[ORGANIZATION]")
791
- # response = security_center_client.get_organization_settings(formatted_name)
792
-
793
- def get_organization_settings \
794
- name,
795
- options: nil,
796
- &block
797
- req = {
798
- name: name
799
- }.delete_if { |_, v| v.nil? }
800
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GetOrganizationSettingsRequest)
801
- @get_organization_settings.call(req, options, &block)
802
- end
803
-
804
- # Gets a source.
805
- #
806
- # @param name [String]
807
- # Required. Relative resource name of the source. Its format is
808
- # "organizations/[organization_id]/source/[source_id]".
809
- # @param options [Google::Gax::CallOptions]
810
- # Overrides the default settings for this call, e.g, timeout,
811
- # retries, etc.
812
- # @yield [result, operation] Access the result along with the RPC operation
813
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Source]
814
- # @yieldparam operation [GRPC::ActiveCall::Operation]
815
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::Source]
816
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
817
- # @example
818
- # require "google/cloud/security_center"
819
- #
820
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
821
- # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
822
- # response = security_center_client.get_source(formatted_name)
823
-
824
- def get_source \
825
- name,
826
- options: nil,
827
- &block
828
- req = {
829
- name: name
830
- }.delete_if { |_, v| v.nil? }
831
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GetSourceRequest)
832
- @get_source.call(req, options, &block)
833
- end
834
-
835
- # Filters an organization's assets and groups them by their specified
836
- # properties.
837
- #
838
- # @param parent [String]
839
- # Required. Name of the organization to groupBy. Its format is
840
- # "organizations/[organization_id]".
841
- # @param group_by [String]
842
- # Required. Expression that defines what assets fields to use for grouping.
843
- # The string value should follow SQL syntax: comma separated list of fields.
844
- # For example:
845
- # "security_center_properties.resource_project,security_center_properties.project".
846
- #
847
- # The following fields are supported when compare_duration is not set:
848
- #
849
- # * security_center_properties.resource_project
850
- # * security_center_properties.resource_project_display_name
851
- # * security_center_properties.resource_type
852
- # * security_center_properties.resource_parent
853
- # * security_center_properties.resource_parent_display_name
854
- #
855
- # The following fields are supported when compare_duration is set:
856
- #
857
- # * security_center_properties.resource_type
858
- # * security_center_properties.resource_project_display_name
859
- # * security_center_properties.resource_parent_display_name
860
- # @param filter [String]
861
- # Expression that defines the filter to apply across assets.
862
- # The expression is a list of zero or more restrictions combined via logical
863
- # operators `AND` and `OR`.
864
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
865
- #
866
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
867
- # character in front of them to indicate negation. The fields map to those
868
- # defined in the Asset resource. Examples include:
869
- #
870
- # * name
871
- # * security_center_properties.resource_name
872
- # * resource_properties.a_property
873
- # * security_marks.marks.marka
874
- #
875
- # The supported operators are:
876
- #
877
- # * `=` for all value types.
878
- # * `>`, `<`, `>=`, `<=` for integer values.
879
- # * `:`, meaning substring matching, for strings.
880
- #
881
- # The supported value types are:
882
- #
883
- # * string literals in quotes.
884
- # * integer literals without quotes.
885
- # * boolean literals `true` and `false` without quotes.
886
- #
887
- # The following field and operator combinations are supported:
888
- #
889
- # * name: `=`
890
- # * update_time: `=`, `>`, `<`, `>=`, `<=`
891
- #
892
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
893
- # Examples:
894
- # "update_time = \"2019-06-10T16:07:18-07:00\""
895
- # "update_time = 1560208038000"
896
- #
897
- # * create_time: `=`, `>`, `<`, `>=`, `<=`
898
- #
899
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
900
- # Examples:
901
- # "create_time = \"2019-06-10T16:07:18-07:00\""
902
- # "create_time = 1560208038000"
903
- #
904
- # * iam_policy.policy_blob: `=`, `:`
905
- # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
906
- # * security_marks.marks: `=`, `:`
907
- # * security_center_properties.resource_name: `=`, `:`
908
- # * security_center_properties.resource_name_display_name: `=`, `:`
909
- # * security_center_properties.resource_type: `=`, `:`
910
- # * security_center_properties.resource_parent: `=`, `:`
911
- # * security_center_properties.resource_parent_display_name: `=`, `:`
912
- # * security_center_properties.resource_project: `=`, `:`
913
- # * security_center_properties.resource_project_display_name: `=`, `:`
914
- # * security_center_properties.resource_owners: `=`, `:`
915
- #
916
- # For example, `resource_properties.size = 100` is a valid filter string.
917
- # @param compare_duration [Google::Protobuf::Duration | Hash]
918
- # When compare_duration is set, the GroupResult's "state_change" property is
919
- # updated to indicate whether the asset was added, removed, or remained
920
- # present during the compare_duration period of time that precedes the
921
- # read_time. This is the time between (read_time - compare_duration) and
922
- # read_time.
923
- #
924
- # The state change value is derived based on the presence of the asset at the
925
- # two points in time. Intermediate state changes between the two times don't
926
- # affect the result. For example, the results aren't affected if the asset is
927
- # removed and re-created again.
928
- #
929
- # Possible "state_change" values when compare_duration is specified:
930
- #
931
- # * "ADDED": indicates that the asset was not present at the start of
932
- # compare_duration, but present at reference_time.
933
- # * "REMOVED": indicates that the asset was present at the start of
934
- # compare_duration, but not present at reference_time.
935
- # * "ACTIVE": indicates that the asset was present at both the
936
- # start and the end of the time period defined by
937
- # compare_duration and reference_time.
938
- #
939
- # If compare_duration is not specified, then the only possible state_change
940
- # is "UNUSED", which will be the state_change set for all assets present at
941
- # read_time.
942
- #
943
- # If this field is set then `state_change` must be a specified field in
944
- # `group_by`.
945
- # A hash of the same form as `Google::Protobuf::Duration`
946
- # can also be provided.
947
- # @param read_time [Google::Protobuf::Timestamp | Hash]
948
- # Time used as a reference point when filtering assets. The filter is limited
949
- # to assets existing at the supplied time and their values are those at that
950
- # specific time. Absence of this field will default to the API's version of
951
- # NOW.
952
- # A hash of the same form as `Google::Protobuf::Timestamp`
953
- # can also be provided.
954
- # @param having [String]
955
- # Filter that specifies what fields to further filter on *after* the query
956
- # filter has been executed. Currently only `state_change` is supported and
957
- # requires compare_duration to be specified.
958
- # @param page_size [Integer]
959
- # The maximum number of resources contained in the underlying API
960
- # response. If page streaming is performed per-resource, this
961
- # parameter does not affect the return value. If page streaming is
962
- # performed per-page, this determines the maximum number of
963
- # resources in a page.
964
- # @param options [Google::Gax::CallOptions]
965
- # Overrides the default settings for this call, e.g, timeout,
966
- # retries, etc.
967
- # @yield [result, operation] Access the result along with the RPC operation
968
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
969
- # @yieldparam operation [GRPC::ActiveCall::Operation]
970
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
971
- # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::GroupResult instances.
972
- # See Google::Gax::PagedEnumerable documentation for other
973
- # operations such as per-page iteration or access to the response
974
- # object.
975
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
976
- # @example
977
- # require "google/cloud/security_center"
978
- #
979
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
980
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
981
- #
982
- # # TODO: Initialize `group_by`:
983
- # group_by = ''
984
- #
985
- # # Iterate over all results.
986
- # security_center_client.group_assets(formatted_parent, group_by).each do |element|
987
- # # Process element.
988
- # end
989
- #
990
- # # Or iterate over results one page at a time.
991
- # security_center_client.group_assets(formatted_parent, group_by).each_page do |page|
992
- # # Process each page at a time.
993
- # page.each do |element|
994
- # # Process element.
995
- # end
996
- # end
997
-
998
- def group_assets \
999
- parent,
1000
- group_by,
1001
- filter: nil,
1002
- compare_duration: nil,
1003
- read_time: nil,
1004
- having: nil,
1005
- page_size: nil,
1006
- options: nil,
1007
- &block
1008
- req = {
1009
- parent: parent,
1010
- group_by: group_by,
1011
- filter: filter,
1012
- compare_duration: compare_duration,
1013
- read_time: read_time,
1014
- having: having,
1015
- page_size: page_size
1016
- }.delete_if { |_, v| v.nil? }
1017
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GroupAssetsRequest)
1018
- @group_assets.call(req, options, &block)
1019
- end
1020
-
1021
- # Filters an organization or source's findings and groups them by their
1022
- # specified properties.
1023
- #
1024
- # To group across all sources provide a `-` as the source id.
1025
- # Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings
1026
- #
1027
- # @param parent [String]
1028
- # Required. Name of the source to groupBy. Its format is
1029
- # "organizations/[organization_id]/sources/[source_id]". To groupBy across
1030
- # all sources provide a source_id of `-`. For example:
1031
- # organizations/{organization_id}/sources/-
1032
- # @param group_by [String]
1033
- # Required. Expression that defines what assets fields to use for grouping
1034
- # (including `state_change`). The string value should follow SQL syntax:
1035
- # comma separated list of fields. For example: "parent,resource_name".
1036
- #
1037
- # The following fields are supported:
1038
- #
1039
- # * resource_name
1040
- # * category
1041
- # * state
1042
- # * parent
1043
- #
1044
- # The following fields are supported when compare_duration is set:
1045
- #
1046
- # * state_change
1047
- # @param filter [String]
1048
- # Expression that defines the filter to apply across findings.
1049
- # The expression is a list of one or more restrictions combined via logical
1050
- # operators `AND` and `OR`.
1051
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
1052
- #
1053
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1054
- # character in front of them to indicate negation. Examples include:
1055
- #
1056
- # * name
1057
- # * source_properties.a_property
1058
- # * security_marks.marks.marka
1059
- #
1060
- # The supported operators are:
1061
- #
1062
- # * `=` for all value types.
1063
- # * `>`, `<`, `>=`, `<=` for integer values.
1064
- # * `:`, meaning substring matching, for strings.
1065
- #
1066
- # The supported value types are:
1067
- #
1068
- # * string literals in quotes.
1069
- # * integer literals without quotes.
1070
- # * boolean literals `true` and `false` without quotes.
1071
- #
1072
- # The following field and operator combinations are supported:
1073
- #
1074
- # * name: `=`
1075
- # * parent: `=`, `:`
1076
- # * resource_name: `=`, `:`
1077
- # * state: `=`, `:`
1078
- # * category: `=`, `:`
1079
- # * external_uri: `=`, `:`
1080
- # * event_time: `=`, `>`, `<`, `>=`, `<=`
1081
- #
1082
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
1083
- # Examples:
1084
- # "event_time = \"2019-06-10T16:07:18-07:00\""
1085
- # "event_time = 1560208038000"
1086
- #
1087
- # * security_marks.marks: `=`, `:`
1088
- # * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1089
- #
1090
- # For example, `source_properties.size = 100` is a valid filter string.
1091
- # @param read_time [Google::Protobuf::Timestamp | Hash]
1092
- # Time used as a reference point when filtering findings. The filter is
1093
- # limited to findings existing at the supplied time and their values are
1094
- # those at that specific time. Absence of this field will default to the
1095
- # API's version of NOW.
1096
- # A hash of the same form as `Google::Protobuf::Timestamp`
1097
- # can also be provided.
1098
- # @param compare_duration [Google::Protobuf::Duration | Hash]
1099
- # When compare_duration is set, the GroupResult's "state_change" attribute is
1100
- # updated to indicate whether the finding had its state changed, the
1101
- # finding's state remained unchanged, or if the finding was added during the
1102
- # compare_duration period of time that precedes the read_time. This is the
1103
- # time between (read_time - compare_duration) and read_time.
1104
- #
1105
- # The state_change value is derived based on the presence and state of the
1106
- # finding at the two points in time. Intermediate state changes between the
1107
- # two times don't affect the result. For example, the results aren't affected
1108
- # if the finding is made inactive and then active again.
1109
- #
1110
- # Possible "state_change" values when compare_duration is specified:
1111
- #
1112
- # * "CHANGED": indicates that the finding was present at the start of
1113
- # compare_duration, but changed its state at read_time.
1114
- # * "UNCHANGED": indicates that the finding was present at the start of
1115
- # compare_duration and did not change state at read_time.
1116
- # * "ADDED": indicates that the finding was not present at the start
1117
- # of compare_duration, but was present at read_time.
1118
- #
1119
- # If compare_duration is not specified, then the only possible state_change
1120
- # is "UNUSED", which will be the state_change set for all findings present
1121
- # at read_time.
1122
- #
1123
- # If this field is set then `state_change` must be a specified field in
1124
- # `group_by`.
1125
- # A hash of the same form as `Google::Protobuf::Duration`
1126
- # can also be provided.
1127
- # @param having [String]
1128
- # Filter that specifies what fields to further filter on *after* the query
1129
- # filter has been executed. Currently only `finding.state` and `state_change`
1130
- # are supported and requires compare_duration to be specified.
1131
- # @param page_size [Integer]
1132
- # The maximum number of resources contained in the underlying API
1133
- # response. If page streaming is performed per-resource, this
1134
- # parameter does not affect the return value. If page streaming is
1135
- # performed per-page, this determines the maximum number of
1136
- # resources in a page.
1137
- # @param options [Google::Gax::CallOptions]
1138
- # Overrides the default settings for this call, e.g, timeout,
1139
- # retries, etc.
1140
- # @yield [result, operation] Access the result along with the RPC operation
1141
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
1142
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1143
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
1144
- # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::GroupResult instances.
1145
- # See Google::Gax::PagedEnumerable documentation for other
1146
- # operations such as per-page iteration or access to the response
1147
- # object.
1148
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1149
- # @example
1150
- # require "google/cloud/security_center"
1151
- #
1152
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1153
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1154
- #
1155
- # # TODO: Initialize `group_by`:
1156
- # group_by = ''
1157
- #
1158
- # # Iterate over all results.
1159
- # security_center_client.group_findings(formatted_parent, group_by).each do |element|
1160
- # # Process element.
1161
- # end
1162
- #
1163
- # # Or iterate over results one page at a time.
1164
- # security_center_client.group_findings(formatted_parent, group_by).each_page do |page|
1165
- # # Process each page at a time.
1166
- # page.each do |element|
1167
- # # Process element.
1168
- # end
1169
- # end
1170
-
1171
- def group_findings \
1172
- parent,
1173
- group_by,
1174
- filter: nil,
1175
- read_time: nil,
1176
- compare_duration: nil,
1177
- having: nil,
1178
- page_size: nil,
1179
- options: nil,
1180
- &block
1181
- req = {
1182
- parent: parent,
1183
- group_by: group_by,
1184
- filter: filter,
1185
- read_time: read_time,
1186
- compare_duration: compare_duration,
1187
- having: having,
1188
- page_size: page_size
1189
- }.delete_if { |_, v| v.nil? }
1190
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GroupFindingsRequest)
1191
- @group_findings.call(req, options, &block)
1192
- end
1193
-
1194
- # Lists an organization's assets.
1195
- #
1196
- # @param parent [String]
1197
- # Required. Name of the organization assets should belong to. Its format is
1198
- # "organizations/[organization_id]".
1199
- # @param filter [String]
1200
- # Expression that defines the filter to apply across assets.
1201
- # The expression is a list of zero or more restrictions combined via logical
1202
- # operators `AND` and `OR`.
1203
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
1204
- #
1205
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1206
- # character in front of them to indicate negation. The fields map to those
1207
- # defined in the Asset resource. Examples include:
1208
- #
1209
- # * name
1210
- # * security_center_properties.resource_name
1211
- # * resource_properties.a_property
1212
- # * security_marks.marks.marka
1213
- #
1214
- # The supported operators are:
1215
- #
1216
- # * `=` for all value types.
1217
- # * `>`, `<`, `>=`, `<=` for integer values.
1218
- # * `:`, meaning substring matching, for strings.
1219
- #
1220
- # The supported value types are:
1221
- #
1222
- # * string literals in quotes.
1223
- # * integer literals without quotes.
1224
- # * boolean literals `true` and `false` without quotes.
1225
- #
1226
- # The following are the allowed field and operator combinations:
1227
- #
1228
- # * name: `=`
1229
- # * update_time: `=`, `>`, `<`, `>=`, `<=`
1230
- #
1231
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
1232
- # Examples:
1233
- # "update_time = \"2019-06-10T16:07:18-07:00\""
1234
- # "update_time = 1560208038000"
1235
- #
1236
- # * create_time: `=`, `>`, `<`, `>=`, `<=`
1237
- #
1238
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
1239
- # Examples:
1240
- # "create_time = \"2019-06-10T16:07:18-07:00\""
1241
- # "create_time = 1560208038000"
1242
- #
1243
- # * iam_policy.policy_blob: `=`, `:`
1244
- # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1245
- # * security_marks.marks: `=`, `:`
1246
- # * security_center_properties.resource_name: `=`, `:`
1247
- # * security_center_properties.resource_display_name: `=`, `:`
1248
- # * security_center_properties.resource_type: `=`, `:`
1249
- # * security_center_properties.resource_parent: `=`, `:`
1250
- # * security_center_properties.resource_parent_display_name: `=`, `:`
1251
- # * security_center_properties.resource_project: `=`, `:`
1252
- # * security_center_properties.resource_project_display_name: `=`, `:`
1253
- # * security_center_properties.resource_owners: `=`, `:`
1254
- #
1255
- # For example, `resource_properties.size = 100` is a valid filter string.
1256
- # @param order_by [String]
1257
- # Expression that defines what fields and order to use for sorting. The
1258
- # string value should follow SQL syntax: comma separated list of fields. For
1259
- # example: "name,resource_properties.a_property". The default sorting order
1260
- # is ascending. To specify descending order for a field, a suffix " desc"
1261
- # should be appended to the field name. For example: "name
1262
- # desc,resource_properties.a_property". Redundant space characters in the
1263
- # syntax are insignificant. "name desc,resource_properties.a_property" and "
1264
- # name desc , resource_properties.a_property " are equivalent.
1265
- #
1266
- # The following fields are supported:
1267
- # name
1268
- # update_time
1269
- # resource_properties
1270
- # security_marks.marks
1271
- # security_center_properties.resource_name
1272
- # security_center_properties.resource_display_name
1273
- # security_center_properties.resource_parent
1274
- # security_center_properties.resource_parent_display_name
1275
- # security_center_properties.resource_project
1276
- # security_center_properties.resource_project_display_name
1277
- # security_center_properties.resource_type
1278
- # @param read_time [Google::Protobuf::Timestamp | Hash]
1279
- # Time used as a reference point when filtering assets. The filter is limited
1280
- # to assets existing at the supplied time and their values are those at that
1281
- # specific time. Absence of this field will default to the API's version of
1282
- # NOW.
1283
- # A hash of the same form as `Google::Protobuf::Timestamp`
1284
- # can also be provided.
1285
- # @param compare_duration [Google::Protobuf::Duration | Hash]
1286
- # When compare_duration is set, the ListAssetsResult's "state_change"
1287
- # attribute is updated to indicate whether the asset was added, removed, or
1288
- # remained present during the compare_duration period of time that precedes
1289
- # the read_time. This is the time between (read_time - compare_duration) and
1290
- # read_time.
1291
- #
1292
- # The state_change value is derived based on the presence of the asset at the
1293
- # two points in time. Intermediate state changes between the two times don't
1294
- # affect the result. For example, the results aren't affected if the asset is
1295
- # removed and re-created again.
1296
- #
1297
- # Possible "state_change" values when compare_duration is specified:
1298
- #
1299
- # * "ADDED": indicates that the asset was not present at the start of
1300
- # compare_duration, but present at read_time.
1301
- # * "REMOVED": indicates that the asset was present at the start of
1302
- # compare_duration, but not present at read_time.
1303
- # * "ACTIVE": indicates that the asset was present at both the
1304
- # start and the end of the time period defined by
1305
- # compare_duration and read_time.
1306
- #
1307
- # If compare_duration is not specified, then the only possible state_change
1308
- # is "UNUSED", which will be the state_change set for all assets present at
1309
- # read_time.
1310
- # A hash of the same form as `Google::Protobuf::Duration`
1311
- # can also be provided.
1312
- # @param having [String]
1313
- # Filter that specifies what fields to further filter on *after* the query
1314
- # filter has been executed. Currently only `state_change` is supported and
1315
- # requires compare_duration to be specified.
1316
- # @param field_mask [Google::Protobuf::FieldMask | Hash]
1317
- # Optional.
1318
- # A field mask to specify the ListAssetsResult fields to be listed in the
1319
- # response.
1320
- # An empty field mask will list all fields.
1321
- # A hash of the same form as `Google::Protobuf::FieldMask`
1322
- # can also be provided.
1323
- # @param page_size [Integer]
1324
- # The maximum number of resources contained in the underlying API
1325
- # response. If page streaming is performed per-resource, this
1326
- # parameter does not affect the return value. If page streaming is
1327
- # performed per-page, this determines the maximum number of
1328
- # resources in a page.
1329
- # @param options [Google::Gax::CallOptions]
1330
- # Overrides the default settings for this call, e.g, timeout,
1331
- # retries, etc.
1332
- # @yield [result, operation] Access the result along with the RPC operation
1333
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse::ListAssetsResult>]
1334
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1335
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse::ListAssetsResult>]
1336
- # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse::ListAssetsResult instances.
1337
- # See Google::Gax::PagedEnumerable documentation for other
1338
- # operations such as per-page iteration or access to the response
1339
- # object.
1340
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1341
- # @example
1342
- # require "google/cloud/security_center"
1343
- #
1344
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1345
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1346
- #
1347
- # # Iterate over all results.
1348
- # security_center_client.list_assets(formatted_parent).each do |element|
1349
- # # Process element.
1350
- # end
1351
- #
1352
- # # Or iterate over results one page at a time.
1353
- # security_center_client.list_assets(formatted_parent).each_page do |page|
1354
- # # Process each page at a time.
1355
- # page.each do |element|
1356
- # # Process element.
1357
- # end
1358
- # end
1359
-
1360
- def list_assets \
1361
- parent,
1362
- filter: nil,
1363
- order_by: nil,
1364
- read_time: nil,
1365
- compare_duration: nil,
1366
- having: nil,
1367
- field_mask: nil,
1368
- page_size: nil,
1369
- options: nil,
1370
- &block
1371
- req = {
1372
- parent: parent,
1373
- filter: filter,
1374
- order_by: order_by,
1375
- read_time: read_time,
1376
- compare_duration: compare_duration,
1377
- having: having,
1378
- field_mask: field_mask,
1379
- page_size: page_size
1380
- }.delete_if { |_, v| v.nil? }
1381
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsRequest)
1382
- @list_assets.call(req, options, &block)
1383
- end
1384
-
1385
- # Lists an organization or source's findings.
1386
- #
1387
- # To list across all sources provide a `-` as the source id.
1388
- # Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings
1389
- #
1390
- # @param parent [String]
1391
- # Required. Name of the source the findings belong to. Its format is
1392
- # "organizations/[organization_id]/sources/[source_id]". To list across all
1393
- # sources provide a source_id of `-`. For example:
1394
- # organizations/{organization_id}/sources/-
1395
- # @param filter [String]
1396
- # Expression that defines the filter to apply across findings.
1397
- # The expression is a list of one or more restrictions combined via logical
1398
- # operators `AND` and `OR`.
1399
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
1400
- #
1401
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1402
- # character in front of them to indicate negation. Examples include:
1403
- #
1404
- # * name
1405
- # * source_properties.a_property
1406
- # * security_marks.marks.marka
1407
- #
1408
- # The supported operators are:
1409
- #
1410
- # * `=` for all value types.
1411
- # * `>`, `<`, `>=`, `<=` for integer values.
1412
- # * `:`, meaning substring matching, for strings.
1413
- #
1414
- # The supported value types are:
1415
- #
1416
- # * string literals in quotes.
1417
- # * integer literals without quotes.
1418
- # * boolean literals `true` and `false` without quotes.
1419
- #
1420
- # The following field and operator combinations are supported:
1421
- #
1422
- # name: `=`
1423
- # parent: `=`, `:`
1424
- # resource_name: `=`, `:`
1425
- # state: `=`, `:`
1426
- # category: `=`, `:`
1427
- # external_uri: `=`, `:`
1428
- # event_time: `=`, `>`, `<`, `>=`, `<=`
1429
- #
1430
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
1431
- # Examples:
1432
- # "event_time = \"2019-06-10T16:07:18-07:00\""
1433
- # "event_time = 1560208038000"
1434
- #
1435
- # security_marks.marks: `=`, `:`
1436
- # source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1437
- #
1438
- # For example, `source_properties.size = 100` is a valid filter string.
1439
- # @param order_by [String]
1440
- # Expression that defines what fields and order to use for sorting. The
1441
- # string value should follow SQL syntax: comma separated list of fields. For
1442
- # example: "name,resource_properties.a_property". The default sorting order
1443
- # is ascending. To specify descending order for a field, a suffix " desc"
1444
- # should be appended to the field name. For example: "name
1445
- # desc,source_properties.a_property". Redundant space characters in the
1446
- # syntax are insignificant. "name desc,source_properties.a_property" and "
1447
- # name desc , source_properties.a_property " are equivalent.
1448
- #
1449
- # The following fields are supported:
1450
- # name
1451
- # parent
1452
- # state
1453
- # category
1454
- # resource_name
1455
- # event_time
1456
- # source_properties
1457
- # security_marks.marks
1458
- # @param read_time [Google::Protobuf::Timestamp | Hash]
1459
- # Time used as a reference point when filtering findings. The filter is
1460
- # limited to findings existing at the supplied time and their values are
1461
- # those at that specific time. Absence of this field will default to the
1462
- # API's version of NOW.
1463
- # A hash of the same form as `Google::Protobuf::Timestamp`
1464
- # can also be provided.
1465
- # @param compare_duration [Google::Protobuf::Duration | Hash]
1466
- # When compare_duration is set, the ListFindingsResult's "state_change"
1467
- # attribute is updated to indicate whether the finding had its state changed,
1468
- # the finding's state remained unchanged, or if the finding was added in any
1469
- # state during the compare_duration period of time that precedes the
1470
- # read_time. This is the time between (read_time - compare_duration) and
1471
- # read_time.
1472
- #
1473
- # The state_change value is derived based on the presence and state of the
1474
- # finding at the two points in time. Intermediate state changes between the
1475
- # two times don't affect the result. For example, the results aren't affected
1476
- # if the finding is made inactive and then active again.
1477
- #
1478
- # Possible "state_change" values when compare_duration is specified:
1479
- #
1480
- # * "CHANGED": indicates that the finding was present at the start of
1481
- # compare_duration, but changed its state at read_time.
1482
- # * "UNCHANGED": indicates that the finding was present at the start of
1483
- # compare_duration and did not change state at read_time.
1484
- # * "ADDED": indicates that the finding was not present at the start
1485
- # of compare_duration, but was present at read_time.
1486
- #
1487
- # If compare_duration is not specified, then the only possible state_change
1488
- # is "UNUSED", which will be the state_change set for all findings present at
1489
- # read_time.
1490
- # A hash of the same form as `Google::Protobuf::Duration`
1491
- # can also be provided.
1492
- # @param having [String]
1493
- # Filter that specifies what fields to further filter on *after* the query
1494
- # filter has been executed. Currently only `finding.state` and `state_change`
1495
- # are supported and requires compare_duration to be specified.
1496
- # @param field_mask [Google::Protobuf::FieldMask | Hash]
1497
- # Optional.
1498
- # A field mask to specify the Finding fields to be listed in the response.
1499
- # An empty field mask will list all fields.
1500
- # A hash of the same form as `Google::Protobuf::FieldMask`
1501
- # can also be provided.
1502
- # @param page_size [Integer]
1503
- # The maximum number of resources contained in the underlying API
1504
- # response. If page streaming is performed per-resource, this
1505
- # parameter does not affect the return value. If page streaming is
1506
- # performed per-page, this determines the maximum number of
1507
- # resources in a page.
1508
- # @param options [Google::Gax::CallOptions]
1509
- # Overrides the default settings for this call, e.g, timeout,
1510
- # retries, etc.
1511
- # @yield [result, operation] Access the result along with the RPC operation
1512
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult>]
1513
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1514
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult>]
1515
- # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult instances.
1516
- # See Google::Gax::PagedEnumerable documentation for other
1517
- # operations such as per-page iteration or access to the response
1518
- # object.
1519
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1520
- # @example
1521
- # require "google/cloud/security_center"
1522
- #
1523
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1524
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1525
- #
1526
- # # Iterate over all results.
1527
- # security_center_client.list_findings(formatted_parent).each do |element|
1528
- # # Process element.
1529
- # end
1530
- #
1531
- # # Or iterate over results one page at a time.
1532
- # security_center_client.list_findings(formatted_parent).each_page do |page|
1533
- # # Process each page at a time.
1534
- # page.each do |element|
1535
- # # Process element.
1536
- # end
1537
- # end
1538
-
1539
- def list_findings \
1540
- parent,
1541
- filter: nil,
1542
- order_by: nil,
1543
- read_time: nil,
1544
- compare_duration: nil,
1545
- having: nil,
1546
- field_mask: nil,
1547
- page_size: nil,
1548
- options: nil,
1549
- &block
1550
- req = {
1551
- parent: parent,
1552
- filter: filter,
1553
- order_by: order_by,
1554
- read_time: read_time,
1555
- compare_duration: compare_duration,
1556
- having: having,
1557
- field_mask: field_mask,
1558
- page_size: page_size
1559
- }.delete_if { |_, v| v.nil? }
1560
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsRequest)
1561
- @list_findings.call(req, options, &block)
1562
- end
1563
-
1564
- # Lists notification configs.
1565
- #
1566
- # @param parent [String]
1567
- # Required. Name of the organization to list notification configs.
1568
- # Its format is "organizations/[organization_id]".
1569
- # @param page_size [Integer]
1570
- # The maximum number of resources contained in the underlying API
1571
- # response. If page streaming is performed per-resource, this
1572
- # parameter does not affect the return value. If page streaming is
1573
- # performed per-page, this determines the maximum number of
1574
- # resources in a page.
1575
- # @param options [Google::Gax::CallOptions]
1576
- # Overrides the default settings for this call, e.g, timeout,
1577
- # retries, etc.
1578
- # @yield [result, operation] Access the result along with the RPC operation
1579
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig>]
1580
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1581
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig>]
1582
- # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig instances.
1583
- # See Google::Gax::PagedEnumerable documentation for other
1584
- # operations such as per-page iteration or access to the response
1585
- # object.
1586
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1587
- # @example
1588
- # require "google/cloud/security_center"
1589
- #
1590
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1591
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1592
- #
1593
- # # Iterate over all results.
1594
- # security_center_client.list_notification_configs(formatted_parent).each do |element|
1595
- # # Process element.
1596
- # end
1597
- #
1598
- # # Or iterate over results one page at a time.
1599
- # security_center_client.list_notification_configs(formatted_parent).each_page do |page|
1600
- # # Process each page at a time.
1601
- # page.each do |element|
1602
- # # Process element.
1603
- # end
1604
- # end
1605
-
1606
- def list_notification_configs \
1607
- parent,
1608
- page_size: nil,
1609
- options: nil,
1610
- &block
1611
- req = {
1612
- parent: parent,
1613
- page_size: page_size
1614
- }.delete_if { |_, v| v.nil? }
1615
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListNotificationConfigsRequest)
1616
- @list_notification_configs.call(req, options, &block)
1617
- end
1618
-
1619
- # Lists all sources belonging to an organization.
1620
- #
1621
- # @param parent [String]
1622
- # Required. Resource name of the parent of sources to list. Its format should
1623
- # be "organizations/[organization_id]".
1624
- # @param page_size [Integer]
1625
- # The maximum number of resources contained in the underlying API
1626
- # response. If page streaming is performed per-resource, this
1627
- # parameter does not affect the return value. If page streaming is
1628
- # performed per-page, this determines the maximum number of
1629
- # resources in a page.
1630
- # @param options [Google::Gax::CallOptions]
1631
- # Overrides the default settings for this call, e.g, timeout,
1632
- # retries, etc.
1633
- # @yield [result, operation] Access the result along with the RPC operation
1634
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::Source>]
1635
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1636
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::Source>]
1637
- # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::Source instances.
1638
- # See Google::Gax::PagedEnumerable documentation for other
1639
- # operations such as per-page iteration or access to the response
1640
- # object.
1641
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1642
- # @example
1643
- # require "google/cloud/security_center"
1644
- #
1645
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1646
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1647
- #
1648
- # # Iterate over all results.
1649
- # security_center_client.list_sources(formatted_parent).each do |element|
1650
- # # Process element.
1651
- # end
1652
- #
1653
- # # Or iterate over results one page at a time.
1654
- # security_center_client.list_sources(formatted_parent).each_page do |page|
1655
- # # Process each page at a time.
1656
- # page.each do |element|
1657
- # # Process element.
1658
- # end
1659
- # end
1660
-
1661
- def list_sources \
1662
- parent,
1663
- page_size: nil,
1664
- options: nil,
1665
- &block
1666
- req = {
1667
- parent: parent,
1668
- page_size: page_size
1669
- }.delete_if { |_, v| v.nil? }
1670
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListSourcesRequest)
1671
- @list_sources.call(req, options, &block)
1672
- end
1673
-
1674
- # Runs asset discovery. The discovery is tracked with a long-running
1675
- # operation.
1676
- #
1677
- # This API can only be called with limited frequency for an organization. If
1678
- # it is called too frequently the caller will receive a TOO_MANY_REQUESTS
1679
- # error.
1680
- #
1681
- # @param parent [String]
1682
- # Required. Name of the organization to run asset discovery for. Its format
1683
- # is "organizations/[organization_id]".
1684
- # @param options [Google::Gax::CallOptions]
1685
- # Overrides the default settings for this call, e.g, timeout,
1686
- # retries, etc.
1687
- # @return [Google::Gax::Operation]
1688
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1689
- # @example
1690
- # require "google/cloud/security_center"
1691
- #
1692
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1693
- # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1694
- #
1695
- # # Register a callback during the method call.
1696
- # operation = security_center_client.run_asset_discovery(formatted_parent) do |op|
1697
- # raise op.results.message if op.error?
1698
- # op_results = op.results
1699
- # # Process the results.
1700
- #
1701
- # metadata = op.metadata
1702
- # # Process the metadata.
1703
- # end
1704
- #
1705
- # # Or use the return value to register a callback.
1706
- # operation.on_done do |op|
1707
- # raise op.results.message if op.error?
1708
- # op_results = op.results
1709
- # # Process the results.
1710
- #
1711
- # metadata = op.metadata
1712
- # # Process the metadata.
1713
- # end
1714
- #
1715
- # # Manually reload the operation.
1716
- # operation.reload!
1717
- #
1718
- # # Or block until the operation completes, triggering callbacks on
1719
- # # completion.
1720
- # operation.wait_until_done!
1721
-
1722
- def run_asset_discovery \
1723
- parent,
1724
- options: nil
1725
- req = {
1726
- parent: parent
1727
- }.delete_if { |_, v| v.nil? }
1728
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::RunAssetDiscoveryRequest)
1729
- operation = Google::Gax::Operation.new(
1730
- @run_asset_discovery.call(req, options),
1731
- @operations_client,
1732
- Google::Cloud::SecurityCenter::V1p1beta1::RunAssetDiscoveryResponse,
1733
- Google::Protobuf::Empty,
1734
- call_options: options
1735
- )
1736
- operation.on_done { |operation| yield(operation) } if block_given?
1737
- operation
1738
- end
1739
-
1740
- # Updates the state of a finding.
1741
- #
1742
- # @param name [String]
1743
- # Required. The relative resource name of the finding. See:
1744
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
1745
- # Example:
1746
- # "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}".
1747
- # @param state [Google::Cloud::SecurityCenter::V1p1beta1::Finding::State]
1748
- # Required. The desired State of the finding.
1749
- # @param start_time [Google::Protobuf::Timestamp | Hash]
1750
- # Required. The time at which the updated state takes effect.
1751
- # A hash of the same form as `Google::Protobuf::Timestamp`
1752
- # can also be provided.
1753
- # @param options [Google::Gax::CallOptions]
1754
- # Overrides the default settings for this call, e.g, timeout,
1755
- # retries, etc.
1756
- # @yield [result, operation] Access the result along with the RPC operation
1757
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1758
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1759
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1760
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1761
- # @example
1762
- # require "google/cloud/security_center"
1763
- #
1764
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1765
- # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.finding_path("[ORGANIZATION]", "[SOURCE]", "[FINDING]")
1766
- #
1767
- # # TODO: Initialize `state`:
1768
- # state = :STATE_UNSPECIFIED
1769
- #
1770
- # # TODO: Initialize `start_time`:
1771
- # start_time = {}
1772
- # response = security_center_client.set_finding_state(formatted_name, state, start_time)
1773
-
1774
- def set_finding_state \
1775
- name,
1776
- state,
1777
- start_time,
1778
- options: nil,
1779
- &block
1780
- req = {
1781
- name: name,
1782
- state: state,
1783
- start_time: start_time
1784
- }.delete_if { |_, v| v.nil? }
1785
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::SetFindingStateRequest)
1786
- @set_finding_state.call(req, options, &block)
1787
- end
1788
-
1789
- # Sets the access control policy on the specified Source.
1790
- #
1791
- # @param resource [String]
1792
- # REQUIRED: The resource for which the policy is being specified.
1793
- # See the operation documentation for the appropriate value for this field.
1794
- # @param policy [Google::Iam::V1::Policy | Hash]
1795
- # REQUIRED: The complete policy to be applied to the `resource`. The size of
1796
- # the policy is limited to a few 10s of KB. An empty policy is a
1797
- # valid policy but certain Cloud Platform services (such as Projects)
1798
- # might reject them.
1799
- # A hash of the same form as `Google::Iam::V1::Policy`
1800
- # can also be provided.
1801
- # @param options [Google::Gax::CallOptions]
1802
- # Overrides the default settings for this call, e.g, timeout,
1803
- # retries, etc.
1804
- # @yield [result, operation] Access the result along with the RPC operation
1805
- # @yieldparam result [Google::Iam::V1::Policy]
1806
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1807
- # @return [Google::Iam::V1::Policy]
1808
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1809
- # @example
1810
- # require "google/cloud/security_center"
1811
- #
1812
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1813
- #
1814
- # # TODO: Initialize `resource`:
1815
- # resource = ''
1816
- #
1817
- # # TODO: Initialize `policy`:
1818
- # policy = {}
1819
- # response = security_center_client.set_iam_policy(resource, policy)
1820
-
1821
- def set_iam_policy \
1822
- resource,
1823
- policy,
1824
- options: nil,
1825
- &block
1826
- req = {
1827
- resource: resource,
1828
- policy: policy
1829
- }.delete_if { |_, v| v.nil? }
1830
- req = Google::Gax::to_proto(req, Google::Iam::V1::SetIamPolicyRequest)
1831
- @set_iam_policy.call(req, options, &block)
1832
- end
1833
-
1834
- # Returns the permissions that a caller has on the specified source.
1835
- #
1836
- # @param resource [String]
1837
- # REQUIRED: The resource for which the policy detail is being requested.
1838
- # See the operation documentation for the appropriate value for this field.
1839
- # @param permissions [Array<String>]
1840
- # The set of permissions to check for the `resource`. Permissions with
1841
- # wildcards (such as '*' or 'storage.*') are not allowed. For more
1842
- # information see
1843
- # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
1844
- # @param options [Google::Gax::CallOptions]
1845
- # Overrides the default settings for this call, e.g, timeout,
1846
- # retries, etc.
1847
- # @yield [result, operation] Access the result along with the RPC operation
1848
- # @yieldparam result [Google::Iam::V1::TestIamPermissionsResponse]
1849
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1850
- # @return [Google::Iam::V1::TestIamPermissionsResponse]
1851
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1852
- # @example
1853
- # require "google/cloud/security_center"
1854
- #
1855
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1856
- #
1857
- # # TODO: Initialize `resource`:
1858
- # resource = ''
1859
- #
1860
- # # TODO: Initialize `permissions`:
1861
- # permissions = []
1862
- # response = security_center_client.test_iam_permissions(resource, permissions)
1863
-
1864
- def test_iam_permissions \
1865
- resource,
1866
- permissions,
1867
- options: nil,
1868
- &block
1869
- req = {
1870
- resource: resource,
1871
- permissions: permissions
1872
- }.delete_if { |_, v| v.nil? }
1873
- req = Google::Gax::to_proto(req, Google::Iam::V1::TestIamPermissionsRequest)
1874
- @test_iam_permissions.call(req, options, &block)
1875
- end
1876
-
1877
- # Creates or updates a finding. The corresponding source must exist for a
1878
- # finding creation to succeed.
1879
- #
1880
- # @param finding [Google::Cloud::SecurityCenter::V1p1beta1::Finding | Hash]
1881
- # Required. The finding resource to update or create if it does not already
1882
- # exist. parent, security_marks, and update_time will be ignored.
1883
- #
1884
- # In the case of creation, the finding id portion of the name must be
1885
- # alphanumeric and less than or equal to 32 characters and greater than 0
1886
- # characters in length.
1887
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Finding`
1888
- # can also be provided.
1889
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
1890
- # The FieldMask to use when updating the finding resource. This field should
1891
- # not be specified when creating a finding.
1892
- #
1893
- # When updating a finding, an empty mask is treated as updating all mutable
1894
- # fields and replacing source_properties. Individual source_properties can
1895
- # be added/updated by using "source_properties.<property key>" in the field
1896
- # mask.
1897
- # A hash of the same form as `Google::Protobuf::FieldMask`
1898
- # can also be provided.
1899
- # @param options [Google::Gax::CallOptions]
1900
- # Overrides the default settings for this call, e.g, timeout,
1901
- # retries, etc.
1902
- # @yield [result, operation] Access the result along with the RPC operation
1903
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1904
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1905
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1906
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1907
- # @example
1908
- # require "google/cloud/security_center"
1909
- #
1910
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1911
- #
1912
- # # TODO: Initialize `finding`:
1913
- # finding = {}
1914
- # response = security_center_client.update_finding(finding)
1915
-
1916
- def update_finding \
1917
- finding,
1918
- update_mask: nil,
1919
- options: nil,
1920
- &block
1921
- req = {
1922
- finding: finding,
1923
- update_mask: update_mask
1924
- }.delete_if { |_, v| v.nil? }
1925
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateFindingRequest)
1926
- @update_finding.call(req, options, &block)
1927
- end
1928
-
1929
- # Updates a notification config.
1930
- #
1931
- # @param notification_config [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig | Hash]
1932
- # Required. The notification config to update.
1933
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig`
1934
- # can also be provided.
1935
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
1936
- # The FieldMask to use when updating the notification config.
1937
- #
1938
- # If empty all mutable fields will be updated.
1939
- # A hash of the same form as `Google::Protobuf::FieldMask`
1940
- # can also be provided.
1941
- # @param options [Google::Gax::CallOptions]
1942
- # Overrides the default settings for this call, e.g, timeout,
1943
- # retries, etc.
1944
- # @yield [result, operation] Access the result along with the RPC operation
1945
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
1946
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1947
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
1948
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1949
- # @example
1950
- # require "google/cloud/security_center"
1951
- #
1952
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1953
- #
1954
- # # TODO: Initialize `notification_config`:
1955
- # notification_config = {}
1956
- # response = security_center_client.update_notification_config(notification_config)
1957
-
1958
- def update_notification_config \
1959
- notification_config,
1960
- update_mask: nil,
1961
- options: nil,
1962
- &block
1963
- req = {
1964
- notification_config: notification_config,
1965
- update_mask: update_mask
1966
- }.delete_if { |_, v| v.nil? }
1967
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateNotificationConfigRequest)
1968
- @update_notification_config.call(req, options, &block)
1969
- end
1970
-
1971
- # Updates an organization's settings.
1972
- #
1973
- # @param organization_settings [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings | Hash]
1974
- # Required. The organization settings resource to update.
1975
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings`
1976
- # can also be provided.
1977
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
1978
- # The FieldMask to use when updating the settings resource.
1979
- #
1980
- # If empty all mutable fields will be updated.
1981
- # A hash of the same form as `Google::Protobuf::FieldMask`
1982
- # can also be provided.
1983
- # @param options [Google::Gax::CallOptions]
1984
- # Overrides the default settings for this call, e.g, timeout,
1985
- # retries, etc.
1986
- # @yield [result, operation] Access the result along with the RPC operation
1987
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
1988
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1989
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
1990
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1991
- # @example
1992
- # require "google/cloud/security_center"
1993
- #
1994
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1995
- #
1996
- # # TODO: Initialize `organization_settings`:
1997
- # organization_settings = {}
1998
- # response = security_center_client.update_organization_settings(organization_settings)
1999
-
2000
- def update_organization_settings \
2001
- organization_settings,
2002
- update_mask: nil,
2003
- options: nil,
2004
- &block
2005
- req = {
2006
- organization_settings: organization_settings,
2007
- update_mask: update_mask
2008
- }.delete_if { |_, v| v.nil? }
2009
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateOrganizationSettingsRequest)
2010
- @update_organization_settings.call(req, options, &block)
2011
- end
2012
-
2013
- # Updates a source.
2014
- #
2015
- # @param source [Google::Cloud::SecurityCenter::V1p1beta1::Source | Hash]
2016
- # Required. The source resource to update.
2017
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Source`
2018
- # can also be provided.
2019
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
2020
- # The FieldMask to use when updating the source resource.
2021
- #
2022
- # If empty all mutable fields will be updated.
2023
- # A hash of the same form as `Google::Protobuf::FieldMask`
2024
- # can also be provided.
2025
- # @param options [Google::Gax::CallOptions]
2026
- # Overrides the default settings for this call, e.g, timeout,
2027
- # retries, etc.
2028
- # @yield [result, operation] Access the result along with the RPC operation
2029
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Source]
2030
- # @yieldparam operation [GRPC::ActiveCall::Operation]
2031
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::Source]
2032
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
2033
- # @example
2034
- # require "google/cloud/security_center"
2035
- #
2036
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
2037
- #
2038
- # # TODO: Initialize `source`:
2039
- # source = {}
2040
- # response = security_center_client.update_source(source)
2041
-
2042
- def update_source \
2043
- source,
2044
- update_mask: nil,
2045
- options: nil,
2046
- &block
2047
- req = {
2048
- source: source,
2049
- update_mask: update_mask
2050
- }.delete_if { |_, v| v.nil? }
2051
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateSourceRequest)
2052
- @update_source.call(req, options, &block)
2053
- end
2054
-
2055
- # Updates security marks.
2056
- #
2057
- # @param security_marks [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks | Hash]
2058
- # Required. The security marks resource to update.
2059
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks`
2060
- # can also be provided.
2061
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
2062
- # The FieldMask to use when updating the security marks resource.
2063
- #
2064
- # The field mask must not contain duplicate fields.
2065
- # If empty or set to "marks", all marks will be replaced. Individual
2066
- # marks can be updated using "marks.<mark_key>".
2067
- # A hash of the same form as `Google::Protobuf::FieldMask`
2068
- # can also be provided.
2069
- # @param start_time [Google::Protobuf::Timestamp | Hash]
2070
- # The time at which the updated SecurityMarks take effect.
2071
- # If not set uses current server time. Updates will be applied to the
2072
- # SecurityMarks that are active immediately preceding this time.
2073
- # A hash of the same form as `Google::Protobuf::Timestamp`
2074
- # can also be provided.
2075
- # @param options [Google::Gax::CallOptions]
2076
- # Overrides the default settings for this call, e.g, timeout,
2077
- # retries, etc.
2078
- # @yield [result, operation] Access the result along with the RPC operation
2079
- # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks]
2080
- # @yieldparam operation [GRPC::ActiveCall::Operation]
2081
- # @return [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks]
2082
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
2083
- # @example
2084
- # require "google/cloud/security_center"
2085
- #
2086
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
2087
- #
2088
- # # TODO: Initialize `security_marks`:
2089
- # security_marks = {}
2090
- # response = security_center_client.update_security_marks(security_marks)
2091
-
2092
- def update_security_marks \
2093
- security_marks,
2094
- update_mask: nil,
2095
- start_time: nil,
2096
- options: nil,
2097
- &block
2098
- req = {
2099
- security_marks: security_marks,
2100
- update_mask: update_mask,
2101
- start_time: start_time
2102
- }.delete_if { |_, v| v.nil? }
2103
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateSecurityMarksRequest)
2104
- @update_security_marks.call(req, options, &block)
2105
- end
2106
- end
2107
- end
2108
- end
2109
- end
2110
- end