google-cloud-security_center 0.10.0 → 1.1.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (78) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +3 -2
  3. data/AUTHENTICATION.md +51 -54
  4. data/LICENSE.md +203 -0
  5. data/MIGRATING.md +327 -0
  6. data/README.md +36 -25
  7. data/lib/{google/cloud/security_center/v1/doc/google/protobuf/empty.rb → google-cloud-security_center.rb} +4 -14
  8. data/lib/google/cloud/security_center.rb +87 -117
  9. data/lib/google/cloud/security_center/version.rb +6 -2
  10. metadata +63 -113
  11. data/LICENSE +0 -201
  12. data/lib/google/cloud/security_center/v1.rb +0 -149
  13. data/lib/google/cloud/security_center/v1/asset_pb.rb +0 -41
  14. data/lib/google/cloud/security_center/v1/credentials.rb +0 -41
  15. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/asset.rb +0 -105
  16. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/finding.rb +0 -97
  17. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/notification_config.rb +0 -75
  18. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/organization_settings.rb +0 -72
  19. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/security_marks.rb +0 -45
  20. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/securitycenter_service.rb +0 -912
  21. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/source.rb +0 -50
  22. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/iam_policy.rb +0 -64
  23. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/options.rb +0 -33
  24. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/policy.rb +0 -151
  25. data/lib/google/cloud/security_center/v1/doc/google/longrunning/operations.rb +0 -51
  26. data/lib/google/cloud/security_center/v1/doc/google/protobuf/any.rb +0 -131
  27. data/lib/google/cloud/security_center/v1/doc/google/protobuf/duration.rb +0 -91
  28. data/lib/google/cloud/security_center/v1/doc/google/protobuf/field_mask.rb +0 -222
  29. data/lib/google/cloud/security_center/v1/doc/google/protobuf/struct.rb +0 -74
  30. data/lib/google/cloud/security_center/v1/doc/google/protobuf/timestamp.rb +0 -113
  31. data/lib/google/cloud/security_center/v1/doc/google/rpc/status.rb +0 -39
  32. data/lib/google/cloud/security_center/v1/doc/google/type/expr.rb +0 -45
  33. data/lib/google/cloud/security_center/v1/finding_pb.rb +0 -36
  34. data/lib/google/cloud/security_center/v1/helpers.rb +0 -96
  35. data/lib/google/cloud/security_center/v1/notification_config_pb.rb +0 -28
  36. data/lib/google/cloud/security_center/v1/notification_message_pb.rb +0 -20
  37. data/lib/google/cloud/security_center/v1/organization_settings_pb.rb +0 -30
  38. data/lib/google/cloud/security_center/v1/run_asset_discovery_response_pb.rb +0 -25
  39. data/lib/google/cloud/security_center/v1/security_center_client.rb +0 -2135
  40. data/lib/google/cloud/security_center/v1/security_center_client_config.json +0 -141
  41. data/lib/google/cloud/security_center/v1/security_marks_pb.rb +0 -18
  42. data/lib/google/cloud/security_center/v1/securitycenter_service_pb.rb +0 -230
  43. data/lib/google/cloud/security_center/v1/securitycenter_service_services_pb.rb +0 -100
  44. data/lib/google/cloud/security_center/v1/source_pb.rb +0 -19
  45. data/lib/google/cloud/security_center/v1p1beta1.rb +0 -149
  46. data/lib/google/cloud/security_center/v1p1beta1/asset_pb.rb +0 -41
  47. data/lib/google/cloud/security_center/v1p1beta1/credentials.rb +0 -41
  48. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/asset.rb +0 -105
  49. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/finding.rb +0 -96
  50. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/notification_config.rb +0 -87
  51. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/organization_settings.rb +0 -72
  52. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/security_marks.rb +0 -45
  53. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/securitycenter_service.rb +0 -923
  54. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/source.rb +0 -49
  55. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/iam_policy.rb +0 -64
  56. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/options.rb +0 -33
  57. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/policy.rb +0 -151
  58. data/lib/google/cloud/security_center/v1p1beta1/doc/google/longrunning/operations.rb +0 -51
  59. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/any.rb +0 -131
  60. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/duration.rb +0 -91
  61. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/empty.rb +0 -29
  62. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/field_mask.rb +0 -222
  63. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/struct.rb +0 -74
  64. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/timestamp.rb +0 -113
  65. data/lib/google/cloud/security_center/v1p1beta1/doc/google/rpc/status.rb +0 -39
  66. data/lib/google/cloud/security_center/v1p1beta1/doc/google/type/expr.rb +0 -45
  67. data/lib/google/cloud/security_center/v1p1beta1/finding_pb.rb +0 -36
  68. data/lib/google/cloud/security_center/v1p1beta1/helpers.rb +0 -79
  69. data/lib/google/cloud/security_center/v1p1beta1/notification_config_pb.rb +0 -34
  70. data/lib/google/cloud/security_center/v1p1beta1/notification_message_pb.rb +0 -21
  71. data/lib/google/cloud/security_center/v1p1beta1/organization_settings_pb.rb +0 -30
  72. data/lib/google/cloud/security_center/v1p1beta1/run_asset_discovery_response_pb.rb +0 -25
  73. data/lib/google/cloud/security_center/v1p1beta1/security_center_client.rb +0 -2110
  74. data/lib/google/cloud/security_center/v1p1beta1/security_center_client_config.json +0 -141
  75. data/lib/google/cloud/security_center/v1p1beta1/security_marks_pb.rb +0 -18
  76. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_pb.rb +0 -234
  77. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_services_pb.rb +0 -103
  78. data/lib/google/cloud/security_center/v1p1beta1/source_pb.rb +0 -19
@@ -1,39 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Rpc
18
- # The `Status` type defines a logical error model that is suitable for
19
- # different programming environments, including REST APIs and RPC APIs. It is
20
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
21
- # three pieces of data: error code, error message, and error details.
22
- #
23
- # You can find out more about this error model and how to work with it in the
24
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
25
- # @!attribute [rw] code
26
- # @return [Integer]
27
- # The status code, which should be an enum value of {Google::Rpc::Code}.
28
- # @!attribute [rw] message
29
- # @return [String]
30
- # A developer-facing error message, which should be in English. Any
31
- # user-facing error message should be localized and sent in the
32
- # {Google::Rpc::Status#details} field, or localized by the client.
33
- # @!attribute [rw] details
34
- # @return [Array<Google::Protobuf::Any>]
35
- # A list of messages that carry the error details. There is a common set of
36
- # message types for APIs to use.
37
- class Status; end
38
- end
39
- end
@@ -1,45 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Type
18
- # Represents an expression text. Example:
19
- #
20
- # title: "User account presence"
21
- # description: "Determines whether the request has a user account"
22
- # expression: "size(request.user) > 0"
23
- # @!attribute [rw] expression
24
- # @return [String]
25
- # Textual representation of an expression in
26
- # Common Expression Language syntax.
27
- #
28
- # The application context of the containing message determines which
29
- # well-known feature set of CEL is supported.
30
- # @!attribute [rw] title
31
- # @return [String]
32
- # An optional title for the expression, i.e. a short string describing
33
- # its purpose. This can be used e.g. in UIs which allow to enter the
34
- # expression.
35
- # @!attribute [rw] description
36
- # @return [String]
37
- # An optional description of the expression. This is a longer text which
38
- # describes the expression, e.g. when hovered over it in a UI.
39
- # @!attribute [rw] location
40
- # @return [String]
41
- # An optional string indicating the location of the expression for error
42
- # reporting, e.g. a file name and a position in the file.
43
- class Expr; end
44
- end
45
- end
@@ -1,36 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1/finding.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/api/field_behavior_pb'
9
- require 'google/api/resource_pb'
10
- require 'google/cloud/security_center/v1/security_marks_pb'
11
- require 'google/protobuf/struct_pb'
12
- require 'google/protobuf/timestamp_pb'
13
- Google::Protobuf::DescriptorPool.generated_pool.build do
14
- add_message "google.cloud.securitycenter.v1.Finding" do
15
- optional :name, :string, 1
16
- optional :parent, :string, 2
17
- optional :resource_name, :string, 3
18
- optional :state, :enum, 4, "google.cloud.securitycenter.v1.Finding.State"
19
- optional :category, :string, 5
20
- optional :external_uri, :string, 6
21
- map :source_properties, :string, :message, 7, "google.protobuf.Value"
22
- optional :security_marks, :message, 8, "google.cloud.securitycenter.v1.SecurityMarks"
23
- optional :event_time, :message, 9, "google.protobuf.Timestamp"
24
- optional :create_time, :message, 10, "google.protobuf.Timestamp"
25
- end
26
- add_enum "google.cloud.securitycenter.v1.Finding.State" do
27
- value :STATE_UNSPECIFIED, 0
28
- value :ACTIVE, 1
29
- value :INACTIVE, 2
30
- end
31
- end
32
-
33
- module Google::Cloud::SecurityCenter::V1
34
- Finding = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding").msgclass
35
- Finding::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.Finding.State").enummodule
36
- end
@@ -1,96 +0,0 @@
1
- # Copyright 2019 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # # limitations under the License.
14
-
15
- module Google
16
- module Cloud
17
- module SecurityCenter
18
- module V1
19
- class SecurityCenterClient
20
-
21
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.asset_security_marks_path.
22
- # @param organization [String]
23
- # @param asset [String]
24
- # @return [String]
25
- def asset_security_marks_path organization, asset
26
- self.class.asset_security_marks_path organization, asset
27
- end
28
-
29
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_path.
30
- # @param organization [String]
31
- # @param source [String]
32
- # @param finding [String]
33
- # @return [String]
34
- def finding_path organization, source, finding
35
- self.class.finding_path organization, source, finding
36
- end
37
-
38
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_security_marks_path.
39
- # @param organization [String]
40
- # @param source [String]
41
- # @param finding [String]
42
- # @return [String]
43
- def finding_security_marks_path organization, source, finding
44
- self.class.finding_security_marks_path organization, source, finding
45
- end
46
-
47
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.notification_config_path.
48
- # @param organization [String]
49
- # @param notification_config [String]
50
- # @return [String]
51
- def notification_config_path organization, notification_config
52
- self.class.notification_config_path organization, notification_config
53
- end
54
-
55
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path.
56
- # @param organization [String]
57
- # @return [String]
58
- def organization_path organization
59
- self.class.organization_path organization
60
- end
61
-
62
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_settings_path.
63
- # @param organization [String]
64
- # @return [String]
65
- def organization_settings_path organization
66
- self.class.organization_settings_path organization
67
- end
68
-
69
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.security_marks_path.
70
- # @param organization [String]
71
- # @param asset [String]
72
- # @return [String]
73
- def security_marks_path organization, asset
74
- self.class.security_marks_path organization, asset
75
- end
76
-
77
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path.
78
- # @param organization [String]
79
- # @param source [String]
80
- # @return [String]
81
- def source_path organization, source
82
- self.class.source_path organization, source
83
- end
84
-
85
- # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.topic_path.
86
- # @param project [String]
87
- # @param topic [String]
88
- # @return [String]
89
- def topic_path project, topic
90
- self.class.topic_path project, topic
91
- end
92
- end
93
- end
94
- end
95
- end
96
- end
@@ -1,28 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1/notification_config.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/api/field_behavior_pb'
9
- require 'google/api/resource_pb'
10
- Google::Protobuf::DescriptorPool.generated_pool.build do
11
- add_message "google.cloud.securitycenter.v1.NotificationConfig" do
12
- optional :name, :string, 1
13
- optional :description, :string, 2
14
- optional :pubsub_topic, :string, 3
15
- optional :service_account, :string, 4
16
- oneof :notify_config do
17
- optional :streaming_config, :message, 5, "google.cloud.securitycenter.v1.NotificationConfig.StreamingConfig"
18
- end
19
- end
20
- add_message "google.cloud.securitycenter.v1.NotificationConfig.StreamingConfig" do
21
- optional :filter, :string, 1
22
- end
23
- end
24
-
25
- module Google::Cloud::SecurityCenter::V1
26
- NotificationConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.NotificationConfig").msgclass
27
- NotificationConfig::StreamingConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.NotificationConfig.StreamingConfig").msgclass
28
- end
@@ -1,20 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1/notification_message.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/cloud/security_center/v1/finding_pb'
9
- Google::Protobuf::DescriptorPool.generated_pool.build do
10
- add_message "google.cloud.securitycenter.v1.NotificationMessage" do
11
- optional :notification_config_name, :string, 1
12
- oneof :event do
13
- optional :finding, :message, 2, "google.cloud.securitycenter.v1.Finding"
14
- end
15
- end
16
- end
17
-
18
- module Google::Cloud::SecurityCenter::V1
19
- NotificationMessage = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.NotificationMessage").msgclass
20
- end
@@ -1,30 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1/organization_settings.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/api/resource_pb'
9
- Google::Protobuf::DescriptorPool.generated_pool.build do
10
- add_message "google.cloud.securitycenter.v1.OrganizationSettings" do
11
- optional :name, :string, 1
12
- optional :enable_asset_discovery, :bool, 2
13
- optional :asset_discovery_config, :message, 3, "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig"
14
- end
15
- add_message "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig" do
16
- repeated :project_ids, :string, 1
17
- optional :inclusion_mode, :enum, 2, "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"
18
- end
19
- add_enum "google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode" do
20
- value :INCLUSION_MODE_UNSPECIFIED, 0
21
- value :INCLUDE_ONLY, 1
22
- value :EXCLUDE, 2
23
- end
24
- end
25
-
26
- module Google::Cloud::SecurityCenter::V1
27
- OrganizationSettings = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings").msgclass
28
- OrganizationSettings::AssetDiscoveryConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig").msgclass
29
- OrganizationSettings::AssetDiscoveryConfig::InclusionMode = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode").enummodule
30
- end
@@ -1,25 +0,0 @@
1
- # Generated by the protocol buffer compiler. DO NOT EDIT!
2
- # source: google/cloud/security_center/v1/run_asset_discovery_response.proto
3
-
4
-
5
- require 'google/protobuf'
6
-
7
- require 'google/api/annotations_pb'
8
- require 'google/protobuf/duration_pb'
9
- Google::Protobuf::DescriptorPool.generated_pool.build do
10
- add_message "google.cloud.securitycenter.v1.RunAssetDiscoveryResponse" do
11
- optional :state, :enum, 1, "google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.State"
12
- optional :duration, :message, 2, "google.protobuf.Duration"
13
- end
14
- add_enum "google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.State" do
15
- value :STATE_UNSPECIFIED, 0
16
- value :COMPLETED, 1
17
- value :SUPERSEDED, 2
18
- value :TERMINATED, 3
19
- end
20
- end
21
-
22
- module Google::Cloud::SecurityCenter::V1
23
- RunAssetDiscoveryResponse = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.RunAssetDiscoveryResponse").msgclass
24
- RunAssetDiscoveryResponse::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.State").enummodule
25
- end
@@ -1,2135 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
- #
15
- # EDITING INSTRUCTIONS
16
- # This file was generated from the file
17
- # https://github.com/googleapis/googleapis/blob/master/google/cloud/security_center/v1/securitycenter_service.proto,
18
- # and updates to that file get reflected here through a refresh process.
19
- # For the short term, the refresh process will only be runnable by Google
20
- # engineers.
21
-
22
-
23
- require "json"
24
- require "pathname"
25
-
26
- require "google/gax"
27
- require "google/gax/operation"
28
- require "google/longrunning/operations_client"
29
-
30
- require "google/cloud/security_center/v1/securitycenter_service_pb"
31
- require "google/cloud/security_center/v1/run_asset_discovery_response_pb"
32
- require "google/cloud/security_center/v1/credentials"
33
- require "google/cloud/security_center/version"
34
-
35
- module Google
36
- module Cloud
37
- module SecurityCenter
38
- module V1
39
- # V1 APIs for Security Center service.
40
- #
41
- # @!attribute [r] security_center_stub
42
- # @return [Google::Cloud::SecurityCenter::V1::SecurityCenter::Stub]
43
- class SecurityCenterClient
44
- # @private
45
- attr_reader :security_center_stub
46
-
47
- # The default address of the service.
48
- SERVICE_ADDRESS = "securitycenter.googleapis.com".freeze
49
-
50
- # The default port of the service.
51
- DEFAULT_SERVICE_PORT = 443
52
-
53
- # The default set of gRPC interceptors.
54
- GRPC_INTERCEPTORS = []
55
-
56
- DEFAULT_TIMEOUT = 30
57
-
58
- PAGE_DESCRIPTORS = {
59
- "group_assets" => Google::Gax::PageDescriptor.new(
60
- "page_token",
61
- "next_page_token",
62
- "group_by_results"),
63
- "group_findings" => Google::Gax::PageDescriptor.new(
64
- "page_token",
65
- "next_page_token",
66
- "group_by_results"),
67
- "list_assets" => Google::Gax::PageDescriptor.new(
68
- "page_token",
69
- "next_page_token",
70
- "list_assets_results"),
71
- "list_findings" => Google::Gax::PageDescriptor.new(
72
- "page_token",
73
- "next_page_token",
74
- "list_findings_results"),
75
- "list_notification_configs" => Google::Gax::PageDescriptor.new(
76
- "page_token",
77
- "next_page_token",
78
- "notification_configs"),
79
- "list_sources" => Google::Gax::PageDescriptor.new(
80
- "page_token",
81
- "next_page_token",
82
- "sources")
83
- }.freeze
84
-
85
- private_constant :PAGE_DESCRIPTORS
86
-
87
- # The scopes needed to make gRPC calls to all of the methods defined in
88
- # this service.
89
- ALL_SCOPES = [
90
- "https://www.googleapis.com/auth/cloud-platform"
91
- ].freeze
92
-
93
- class OperationsClient < Google::Longrunning::OperationsClient
94
- self::SERVICE_ADDRESS = SecurityCenterClient::SERVICE_ADDRESS
95
- self::GRPC_INTERCEPTORS = SecurityCenterClient::GRPC_INTERCEPTORS
96
- end
97
-
98
- ASSET_SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
99
- "organizations/{organization}/assets/{asset}/securityMarks"
100
- )
101
-
102
- private_constant :ASSET_SECURITY_MARKS_PATH_TEMPLATE
103
-
104
- FINDING_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
105
- "organizations/{organization}/sources/{source}/findings/{finding}"
106
- )
107
-
108
- private_constant :FINDING_PATH_TEMPLATE
109
-
110
- FINDING_SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
111
- "organizations/{organization}/sources/{source}/findings/{finding}/securityMarks"
112
- )
113
-
114
- private_constant :FINDING_SECURITY_MARKS_PATH_TEMPLATE
115
-
116
- NOTIFICATION_CONFIG_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
117
- "organizations/{organization}/notificationConfigs/{notification_config}"
118
- )
119
-
120
- private_constant :NOTIFICATION_CONFIG_PATH_TEMPLATE
121
-
122
- ORGANIZATION_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
123
- "organizations/{organization}"
124
- )
125
-
126
- private_constant :ORGANIZATION_PATH_TEMPLATE
127
-
128
- ORGANIZATION_SETTINGS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
129
- "organizations/{organization}/organizationSettings"
130
- )
131
-
132
- private_constant :ORGANIZATION_SETTINGS_PATH_TEMPLATE
133
-
134
- SECURITY_MARKS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
135
- "organizations/{organization}/assets/{asset}/securityMarks"
136
- )
137
-
138
- private_constant :SECURITY_MARKS_PATH_TEMPLATE
139
-
140
- SOURCE_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
141
- "organizations/{organization}/sources/{source}"
142
- )
143
-
144
- private_constant :SOURCE_PATH_TEMPLATE
145
-
146
- TOPIC_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
147
- "projects/{project}/topics/{topic}"
148
- )
149
-
150
- private_constant :TOPIC_PATH_TEMPLATE
151
-
152
- # Returns a fully-qualified asset_security_marks resource name string.
153
- # @deprecated Multi-pattern resource names will have unified creation and parsing helper functions.
154
- # This helper function will be deleted in the next major version.
155
- # @param organization [String]
156
- # @param asset [String]
157
- # @return [String]
158
- def self.asset_security_marks_path organization, asset
159
- ASSET_SECURITY_MARKS_PATH_TEMPLATE.render(
160
- :"organization" => organization,
161
- :"asset" => asset
162
- )
163
- end
164
-
165
- # Returns a fully-qualified finding resource name string.
166
- # @param organization [String]
167
- # @param source [String]
168
- # @param finding [String]
169
- # @return [String]
170
- def self.finding_path organization, source, finding
171
- FINDING_PATH_TEMPLATE.render(
172
- :"organization" => organization,
173
- :"source" => source,
174
- :"finding" => finding
175
- )
176
- end
177
-
178
- # Returns a fully-qualified finding_security_marks resource name string.
179
- # @deprecated Multi-pattern resource names will have unified creation and parsing helper functions.
180
- # This helper function will be deleted in the next major version.
181
- # @param organization [String]
182
- # @param source [String]
183
- # @param finding [String]
184
- # @return [String]
185
- def self.finding_security_marks_path organization, source, finding
186
- FINDING_SECURITY_MARKS_PATH_TEMPLATE.render(
187
- :"organization" => organization,
188
- :"source" => source,
189
- :"finding" => finding
190
- )
191
- end
192
-
193
- # Returns a fully-qualified notification_config resource name string.
194
- # @param organization [String]
195
- # @param notification_config [String]
196
- # @return [String]
197
- def self.notification_config_path organization, notification_config
198
- NOTIFICATION_CONFIG_PATH_TEMPLATE.render(
199
- :"organization" => organization,
200
- :"notification_config" => notification_config
201
- )
202
- end
203
-
204
- # Returns a fully-qualified organization resource name string.
205
- # @param organization [String]
206
- # @return [String]
207
- def self.organization_path organization
208
- ORGANIZATION_PATH_TEMPLATE.render(
209
- :"organization" => organization
210
- )
211
- end
212
-
213
- # Returns a fully-qualified organization_settings resource name string.
214
- # @param organization [String]
215
- # @return [String]
216
- def self.organization_settings_path organization
217
- ORGANIZATION_SETTINGS_PATH_TEMPLATE.render(
218
- :"organization" => organization
219
- )
220
- end
221
-
222
- # Returns a fully-qualified security_marks resource name string.
223
- # @param organization [String]
224
- # @param asset [String]
225
- # @return [String]
226
- def self.security_marks_path organization, asset
227
- SECURITY_MARKS_PATH_TEMPLATE.render(
228
- :"organization" => organization,
229
- :"asset" => asset
230
- )
231
- end
232
-
233
- # Returns a fully-qualified source resource name string.
234
- # @param organization [String]
235
- # @param source [String]
236
- # @return [String]
237
- def self.source_path organization, source
238
- SOURCE_PATH_TEMPLATE.render(
239
- :"organization" => organization,
240
- :"source" => source
241
- )
242
- end
243
-
244
- # Returns a fully-qualified topic resource name string.
245
- # @param project [String]
246
- # @param topic [String]
247
- # @return [String]
248
- def self.topic_path project, topic
249
- TOPIC_PATH_TEMPLATE.render(
250
- :"project" => project,
251
- :"topic" => topic
252
- )
253
- end
254
-
255
- # @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
256
- # Provides the means for authenticating requests made by the client. This parameter can
257
- # be many types.
258
- # A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
259
- # authenticating requests made by this client.
260
- # A `String` will be treated as the path to the keyfile to be used for the construction of
261
- # credentials for this client.
262
- # A `Hash` will be treated as the contents of a keyfile to be used for the construction of
263
- # credentials for this client.
264
- # A `GRPC::Core::Channel` will be used to make calls through.
265
- # A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
266
- # should already be composed with a `GRPC::Core::CallCredentials` object.
267
- # A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
268
- # metadata for requests, generally, to give OAuth credentials.
269
- # @param scopes [Array<String>]
270
- # The OAuth scopes for this service. This parameter is ignored if
271
- # an updater_proc is supplied.
272
- # @param client_config [Hash]
273
- # A Hash for call options for each method. See
274
- # Google::Gax#construct_settings for the structure of
275
- # this data. Falls back to the default config if not specified
276
- # or the specified config is missing data points.
277
- # @param timeout [Numeric]
278
- # The default timeout, in seconds, for calls made through this client.
279
- # @param metadata [Hash]
280
- # Default metadata to be sent with each request. This can be overridden on a per call basis.
281
- # @param service_address [String]
282
- # Override for the service hostname, or `nil` to leave as the default.
283
- # @param service_port [Integer]
284
- # Override for the service port, or `nil` to leave as the default.
285
- # @param exception_transformer [Proc]
286
- # An optional proc that intercepts any exceptions raised during an API call to inject
287
- # custom error handling.
288
- def initialize \
289
- credentials: nil,
290
- scopes: ALL_SCOPES,
291
- client_config: {},
292
- timeout: DEFAULT_TIMEOUT,
293
- metadata: nil,
294
- service_address: nil,
295
- service_port: nil,
296
- exception_transformer: nil,
297
- lib_name: nil,
298
- lib_version: ""
299
- # These require statements are intentionally placed here to initialize
300
- # the gRPC module only when it's required.
301
- # See https://github.com/googleapis/toolkit/issues/446
302
- require "google/gax/grpc"
303
- require "google/cloud/security_center/v1/securitycenter_service_services_pb"
304
-
305
- credentials ||= Google::Cloud::SecurityCenter::V1::Credentials.default
306
-
307
- @operations_client = OperationsClient.new(
308
- credentials: credentials,
309
- scopes: scopes,
310
- client_config: client_config,
311
- timeout: timeout,
312
- lib_name: lib_name,
313
- service_address: service_address,
314
- service_port: service_port,
315
- lib_version: lib_version,
316
- metadata: metadata,
317
- )
318
-
319
- if credentials.is_a?(String) || credentials.is_a?(Hash)
320
- updater_proc = Google::Cloud::SecurityCenter::V1::Credentials.new(credentials).updater_proc
321
- end
322
- if credentials.is_a?(GRPC::Core::Channel)
323
- channel = credentials
324
- end
325
- if credentials.is_a?(GRPC::Core::ChannelCredentials)
326
- chan_creds = credentials
327
- end
328
- if credentials.is_a?(Proc)
329
- updater_proc = credentials
330
- end
331
- if credentials.is_a?(Google::Auth::Credentials)
332
- updater_proc = credentials.updater_proc
333
- end
334
-
335
- package_version = Google::Cloud::SecurityCenter::VERSION
336
-
337
- google_api_client = "gl-ruby/#{RUBY_VERSION}"
338
- google_api_client << " #{lib_name}/#{lib_version}" if lib_name
339
- google_api_client << " gapic/#{package_version} gax/#{Google::Gax::VERSION}"
340
- google_api_client << " grpc/#{GRPC::VERSION}"
341
- google_api_client.freeze
342
-
343
- headers = { :"x-goog-api-client" => google_api_client }
344
- if credentials.respond_to?(:quota_project_id) && credentials.quota_project_id
345
- headers[:"x-goog-user-project"] = credentials.quota_project_id
346
- end
347
- headers.merge!(metadata) unless metadata.nil?
348
- client_config_file = Pathname.new(__dir__).join(
349
- "security_center_client_config.json"
350
- )
351
- defaults = client_config_file.open do |f|
352
- Google::Gax.construct_settings(
353
- "google.cloud.securitycenter.v1.SecurityCenter",
354
- JSON.parse(f.read),
355
- client_config,
356
- Google::Gax::Grpc::STATUS_CODE_NAMES,
357
- timeout,
358
- page_descriptors: PAGE_DESCRIPTORS,
359
- errors: Google::Gax::Grpc::API_ERRORS,
360
- metadata: headers
361
- )
362
- end
363
-
364
- # Allow overriding the service path/port in subclasses.
365
- service_path = service_address || self.class::SERVICE_ADDRESS
366
- port = service_port || self.class::DEFAULT_SERVICE_PORT
367
- interceptors = self.class::GRPC_INTERCEPTORS
368
- @security_center_stub = Google::Gax::Grpc.create_stub(
369
- service_path,
370
- port,
371
- chan_creds: chan_creds,
372
- channel: channel,
373
- updater_proc: updater_proc,
374
- scopes: scopes,
375
- interceptors: interceptors,
376
- &Google::Cloud::SecurityCenter::V1::SecurityCenter::Stub.method(:new)
377
- )
378
-
379
- @get_iam_policy = Google::Gax.create_api_call(
380
- @security_center_stub.method(:get_iam_policy),
381
- defaults["get_iam_policy"],
382
- exception_transformer: exception_transformer,
383
- params_extractor: proc do |request|
384
- {'resource' => request.resource}
385
- end
386
- )
387
- @group_assets = Google::Gax.create_api_call(
388
- @security_center_stub.method(:group_assets),
389
- defaults["group_assets"],
390
- exception_transformer: exception_transformer,
391
- params_extractor: proc do |request|
392
- {'parent' => request.parent}
393
- end
394
- )
395
- @group_findings = Google::Gax.create_api_call(
396
- @security_center_stub.method(:group_findings),
397
- defaults["group_findings"],
398
- exception_transformer: exception_transformer,
399
- params_extractor: proc do |request|
400
- {'parent' => request.parent}
401
- end
402
- )
403
- @test_iam_permissions = Google::Gax.create_api_call(
404
- @security_center_stub.method(:test_iam_permissions),
405
- defaults["test_iam_permissions"],
406
- exception_transformer: exception_transformer,
407
- params_extractor: proc do |request|
408
- {'resource' => request.resource}
409
- end
410
- )
411
- @create_source = Google::Gax.create_api_call(
412
- @security_center_stub.method(:create_source),
413
- defaults["create_source"],
414
- exception_transformer: exception_transformer,
415
- params_extractor: proc do |request|
416
- {'parent' => request.parent}
417
- end
418
- )
419
- @create_finding = Google::Gax.create_api_call(
420
- @security_center_stub.method(:create_finding),
421
- defaults["create_finding"],
422
- exception_transformer: exception_transformer,
423
- params_extractor: proc do |request|
424
- {'parent' => request.parent}
425
- end
426
- )
427
- @create_notification_config = Google::Gax.create_api_call(
428
- @security_center_stub.method(:create_notification_config),
429
- defaults["create_notification_config"],
430
- exception_transformer: exception_transformer,
431
- params_extractor: proc do |request|
432
- {'parent' => request.parent}
433
- end
434
- )
435
- @delete_notification_config = Google::Gax.create_api_call(
436
- @security_center_stub.method(:delete_notification_config),
437
- defaults["delete_notification_config"],
438
- exception_transformer: exception_transformer,
439
- params_extractor: proc do |request|
440
- {'name' => request.name}
441
- end
442
- )
443
- @get_notification_config = Google::Gax.create_api_call(
444
- @security_center_stub.method(:get_notification_config),
445
- defaults["get_notification_config"],
446
- exception_transformer: exception_transformer,
447
- params_extractor: proc do |request|
448
- {'name' => request.name}
449
- end
450
- )
451
- @get_organization_settings = Google::Gax.create_api_call(
452
- @security_center_stub.method(:get_organization_settings),
453
- defaults["get_organization_settings"],
454
- exception_transformer: exception_transformer,
455
- params_extractor: proc do |request|
456
- {'name' => request.name}
457
- end
458
- )
459
- @get_source = Google::Gax.create_api_call(
460
- @security_center_stub.method(:get_source),
461
- defaults["get_source"],
462
- exception_transformer: exception_transformer,
463
- params_extractor: proc do |request|
464
- {'name' => request.name}
465
- end
466
- )
467
- @list_assets = Google::Gax.create_api_call(
468
- @security_center_stub.method(:list_assets),
469
- defaults["list_assets"],
470
- exception_transformer: exception_transformer,
471
- params_extractor: proc do |request|
472
- {'parent' => request.parent}
473
- end
474
- )
475
- @list_findings = Google::Gax.create_api_call(
476
- @security_center_stub.method(:list_findings),
477
- defaults["list_findings"],
478
- exception_transformer: exception_transformer,
479
- params_extractor: proc do |request|
480
- {'parent' => request.parent}
481
- end
482
- )
483
- @list_notification_configs = Google::Gax.create_api_call(
484
- @security_center_stub.method(:list_notification_configs),
485
- defaults["list_notification_configs"],
486
- exception_transformer: exception_transformer,
487
- params_extractor: proc do |request|
488
- {'parent' => request.parent}
489
- end
490
- )
491
- @list_sources = Google::Gax.create_api_call(
492
- @security_center_stub.method(:list_sources),
493
- defaults["list_sources"],
494
- exception_transformer: exception_transformer,
495
- params_extractor: proc do |request|
496
- {'parent' => request.parent}
497
- end
498
- )
499
- @run_asset_discovery = Google::Gax.create_api_call(
500
- @security_center_stub.method(:run_asset_discovery),
501
- defaults["run_asset_discovery"],
502
- exception_transformer: exception_transformer,
503
- params_extractor: proc do |request|
504
- {'parent' => request.parent}
505
- end
506
- )
507
- @set_finding_state = Google::Gax.create_api_call(
508
- @security_center_stub.method(:set_finding_state),
509
- defaults["set_finding_state"],
510
- exception_transformer: exception_transformer,
511
- params_extractor: proc do |request|
512
- {'name' => request.name}
513
- end
514
- )
515
- @set_iam_policy = Google::Gax.create_api_call(
516
- @security_center_stub.method(:set_iam_policy),
517
- defaults["set_iam_policy"],
518
- exception_transformer: exception_transformer,
519
- params_extractor: proc do |request|
520
- {'resource' => request.resource}
521
- end
522
- )
523
- @update_finding = Google::Gax.create_api_call(
524
- @security_center_stub.method(:update_finding),
525
- defaults["update_finding"],
526
- exception_transformer: exception_transformer,
527
- params_extractor: proc do |request|
528
- {'finding.name' => request.finding.name}
529
- end
530
- )
531
- @update_notification_config = Google::Gax.create_api_call(
532
- @security_center_stub.method(:update_notification_config),
533
- defaults["update_notification_config"],
534
- exception_transformer: exception_transformer,
535
- params_extractor: proc do |request|
536
- {'notification_config.name' => request.notification_config.name}
537
- end
538
- )
539
- @update_organization_settings = Google::Gax.create_api_call(
540
- @security_center_stub.method(:update_organization_settings),
541
- defaults["update_organization_settings"],
542
- exception_transformer: exception_transformer,
543
- params_extractor: proc do |request|
544
- {'organization_settings.name' => request.organization_settings.name}
545
- end
546
- )
547
- @update_source = Google::Gax.create_api_call(
548
- @security_center_stub.method(:update_source),
549
- defaults["update_source"],
550
- exception_transformer: exception_transformer,
551
- params_extractor: proc do |request|
552
- {'source.name' => request.source.name}
553
- end
554
- )
555
- @update_security_marks = Google::Gax.create_api_call(
556
- @security_center_stub.method(:update_security_marks),
557
- defaults["update_security_marks"],
558
- exception_transformer: exception_transformer,
559
- params_extractor: proc do |request|
560
- {'security_marks.name' => request.security_marks.name}
561
- end
562
- )
563
- end
564
-
565
- # Service calls
566
-
567
- # Gets the access control policy on the specified Source.
568
- #
569
- # @param resource [String]
570
- # REQUIRED: The resource for which the policy is being requested.
571
- # See the operation documentation for the appropriate value for this field.
572
- # @param options_ [Google::Iam::V1::GetPolicyOptions | Hash]
573
- # OPTIONAL: A `GetPolicyOptions` object for specifying options to
574
- # `GetIamPolicy`. This field is only used by Cloud IAM.
575
- # A hash of the same form as `Google::Iam::V1::GetPolicyOptions`
576
- # can also be provided.
577
- # @param options [Google::Gax::CallOptions]
578
- # Overrides the default settings for this call, e.g, timeout,
579
- # retries, etc.
580
- # @yield [result, operation] Access the result along with the RPC operation
581
- # @yieldparam result [Google::Iam::V1::Policy]
582
- # @yieldparam operation [GRPC::ActiveCall::Operation]
583
- # @return [Google::Iam::V1::Policy]
584
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
585
- # @example
586
- # require "google/cloud/security_center"
587
- #
588
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
589
- #
590
- # # TODO: Initialize `resource`:
591
- # resource = ''
592
- # response = security_center_client.get_iam_policy(resource)
593
-
594
- def get_iam_policy \
595
- resource,
596
- options_: nil,
597
- options: nil,
598
- &block
599
- req = {
600
- resource: resource,
601
- options: options_
602
- }.delete_if { |_, v| v.nil? }
603
- req = Google::Gax::to_proto(req, Google::Iam::V1::GetIamPolicyRequest)
604
- @get_iam_policy.call(req, options, &block)
605
- end
606
-
607
- # Filters an organization's assets and groups them by their specified
608
- # properties.
609
- #
610
- # @param parent [String]
611
- # Required. Name of the organization to groupBy. Its format is
612
- # "organizations/[organization_id]".
613
- # @param group_by [String]
614
- # Required. Expression that defines what assets fields to use for grouping.
615
- # The string value should follow SQL syntax: comma separated list of fields.
616
- # For example:
617
- # "security_center_properties.resource_project,security_center_properties.project".
618
- #
619
- # The following fields are supported when compare_duration is not set:
620
- #
621
- # * security_center_properties.resource_project
622
- # * security_center_properties.resource_project_display_name
623
- # * security_center_properties.resource_type
624
- # * security_center_properties.resource_parent
625
- # * security_center_properties.resource_parent_display_name
626
- #
627
- # The following fields are supported when compare_duration is set:
628
- #
629
- # * security_center_properties.resource_type
630
- # * security_center_properties.resource_project_display_name
631
- # * security_center_properties.resource_parent_display_name
632
- # @param filter [String]
633
- # Expression that defines the filter to apply across assets.
634
- # The expression is a list of zero or more restrictions combined via logical
635
- # operators `AND` and `OR`.
636
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
637
- #
638
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
639
- # character in front of them to indicate negation. The fields map to those
640
- # defined in the Asset resource. Examples include:
641
- #
642
- # * name
643
- # * security_center_properties.resource_name
644
- # * resource_properties.a_property
645
- # * security_marks.marks.marka
646
- #
647
- # The supported operators are:
648
- #
649
- # * `=` for all value types.
650
- # * `>`, `<`, `>=`, `<=` for integer values.
651
- # * `:`, meaning substring matching, for strings.
652
- #
653
- # The supported value types are:
654
- #
655
- # * string literals in quotes.
656
- # * integer literals without quotes.
657
- # * boolean literals `true` and `false` without quotes.
658
- #
659
- # The following field and operator combinations are supported:
660
- #
661
- # * name: `=`
662
- # * update_time: `=`, `>`, `<`, `>=`, `<=`
663
- #
664
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
665
- # Examples:
666
- # "update_time = \"2019-06-10T16:07:18-07:00\""
667
- # "update_time = 1560208038000"
668
- #
669
- # * create_time: `=`, `>`, `<`, `>=`, `<=`
670
- #
671
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
672
- # Examples:
673
- # "create_time = \"2019-06-10T16:07:18-07:00\""
674
- # "create_time = 1560208038000"
675
- #
676
- # * iam_policy.policy_blob: `=`, `:`
677
- # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
678
- # * security_marks.marks: `=`, `:`
679
- # * security_center_properties.resource_name: `=`, `:`
680
- # * security_center_properties.resource_display_name: `=`, `:`
681
- # * security_center_properties.resource_type: `=`, `:`
682
- # * security_center_properties.resource_parent: `=`, `:`
683
- # * security_center_properties.resource_parent_display_name: `=`, `:`
684
- # * security_center_properties.resource_project: `=`, `:`
685
- # * security_center_properties.resource_project_display_name: `=`, `:`
686
- # * security_center_properties.resource_owners: `=`, `:`
687
- #
688
- # For example, `resource_properties.size = 100` is a valid filter string.
689
- # @param compare_duration [Google::Protobuf::Duration | Hash]
690
- # When compare_duration is set, the GroupResult's "state_change" property is
691
- # updated to indicate whether the asset was added, removed, or remained
692
- # present during the compare_duration period of time that precedes the
693
- # read_time. This is the time between (read_time - compare_duration) and
694
- # read_time.
695
- #
696
- # The state change value is derived based on the presence of the asset at the
697
- # two points in time. Intermediate state changes between the two times don't
698
- # affect the result. For example, the results aren't affected if the asset is
699
- # removed and re-created again.
700
- #
701
- # Possible "state_change" values when compare_duration is specified:
702
- #
703
- # * "ADDED": indicates that the asset was not present at the start of
704
- # compare_duration, but present at reference_time.
705
- # * "REMOVED": indicates that the asset was present at the start of
706
- # compare_duration, but not present at reference_time.
707
- # * "ACTIVE": indicates that the asset was present at both the
708
- # start and the end of the time period defined by
709
- # compare_duration and reference_time.
710
- #
711
- # If compare_duration is not specified, then the only possible state_change
712
- # is "UNUSED", which will be the state_change set for all assets present at
713
- # read_time.
714
- #
715
- # If this field is set then `state_change` must be a specified field in
716
- # `group_by`.
717
- # A hash of the same form as `Google::Protobuf::Duration`
718
- # can also be provided.
719
- # @param read_time [Google::Protobuf::Timestamp | Hash]
720
- # Time used as a reference point when filtering assets. The filter is limited
721
- # to assets existing at the supplied time and their values are those at that
722
- # specific time. Absence of this field will default to the API's version of
723
- # NOW.
724
- # A hash of the same form as `Google::Protobuf::Timestamp`
725
- # can also be provided.
726
- # @param page_size [Integer]
727
- # The maximum number of resources contained in the underlying API
728
- # response. If page streaming is performed per-resource, this
729
- # parameter does not affect the return value. If page streaming is
730
- # performed per-page, this determines the maximum number of
731
- # resources in a page.
732
- # @param options [Google::Gax::CallOptions]
733
- # Overrides the default settings for this call, e.g, timeout,
734
- # retries, etc.
735
- # @yield [result, operation] Access the result along with the RPC operation
736
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
737
- # @yieldparam operation [GRPC::ActiveCall::Operation]
738
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
739
- # An enumerable of Google::Cloud::SecurityCenter::V1::GroupResult instances.
740
- # See Google::Gax::PagedEnumerable documentation for other
741
- # operations such as per-page iteration or access to the response
742
- # object.
743
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
744
- # @example
745
- # require "google/cloud/security_center"
746
- #
747
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
748
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
749
- #
750
- # # TODO: Initialize `group_by`:
751
- # group_by = ''
752
- #
753
- # # Iterate over all results.
754
- # security_center_client.group_assets(formatted_parent, group_by).each do |element|
755
- # # Process element.
756
- # end
757
- #
758
- # # Or iterate over results one page at a time.
759
- # security_center_client.group_assets(formatted_parent, group_by).each_page do |page|
760
- # # Process each page at a time.
761
- # page.each do |element|
762
- # # Process element.
763
- # end
764
- # end
765
-
766
- def group_assets \
767
- parent,
768
- group_by,
769
- filter: nil,
770
- compare_duration: nil,
771
- read_time: nil,
772
- page_size: nil,
773
- options: nil,
774
- &block
775
- req = {
776
- parent: parent,
777
- group_by: group_by,
778
- filter: filter,
779
- compare_duration: compare_duration,
780
- read_time: read_time,
781
- page_size: page_size
782
- }.delete_if { |_, v| v.nil? }
783
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GroupAssetsRequest)
784
- @group_assets.call(req, options, &block)
785
- end
786
-
787
- # Filters an organization or source's findings and groups them by their
788
- # specified properties.
789
- #
790
- # To group across all sources provide a `-` as the source id.
791
- # Example: /v1/organizations/{organization_id}/sources/-/findings
792
- #
793
- # @param parent [String]
794
- # Required. Name of the source to groupBy. Its format is
795
- # "organizations/[organization_id]/sources/[source_id]". To groupBy across
796
- # all sources provide a source_id of `-`. For example:
797
- # organizations/{organization_id}/sources/-
798
- # @param group_by [String]
799
- # Required. Expression that defines what assets fields to use for grouping
800
- # (including `state_change`). The string value should follow SQL syntax:
801
- # comma separated list of fields. For example: "parent,resource_name".
802
- #
803
- # The following fields are supported:
804
- #
805
- # * resource_name
806
- # * category
807
- # * state
808
- # * parent
809
- #
810
- # The following fields are supported when compare_duration is set:
811
- #
812
- # * state_change
813
- # @param filter [String]
814
- # Expression that defines the filter to apply across findings.
815
- # The expression is a list of one or more restrictions combined via logical
816
- # operators `AND` and `OR`.
817
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
818
- #
819
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
820
- # character in front of them to indicate negation. Examples include:
821
- #
822
- # * name
823
- # * source_properties.a_property
824
- # * security_marks.marks.marka
825
- #
826
- # The supported operators are:
827
- #
828
- # * `=` for all value types.
829
- # * `>`, `<`, `>=`, `<=` for integer values.
830
- # * `:`, meaning substring matching, for strings.
831
- #
832
- # The supported value types are:
833
- #
834
- # * string literals in quotes.
835
- # * integer literals without quotes.
836
- # * boolean literals `true` and `false` without quotes.
837
- #
838
- # The following field and operator combinations are supported:
839
- #
840
- # * name: `=`
841
- # * parent: `=`, `:`
842
- # * resource_name: `=`, `:`
843
- # * state: `=`, `:`
844
- # * category: `=`, `:`
845
- # * external_uri: `=`, `:`
846
- # * event_time: `=`, `>`, `<`, `>=`, `<=`
847
- #
848
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
849
- # Examples:
850
- # "event_time = \"2019-06-10T16:07:18-07:00\""
851
- # "event_time = 1560208038000"
852
- #
853
- # * security_marks.marks: `=`, `:`
854
- # * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
855
- #
856
- # For example, `source_properties.size = 100` is a valid filter string.
857
- # @param read_time [Google::Protobuf::Timestamp | Hash]
858
- # Time used as a reference point when filtering findings. The filter is
859
- # limited to findings existing at the supplied time and their values are
860
- # those at that specific time. Absence of this field will default to the
861
- # API's version of NOW.
862
- # A hash of the same form as `Google::Protobuf::Timestamp`
863
- # can also be provided.
864
- # @param compare_duration [Google::Protobuf::Duration | Hash]
865
- # When compare_duration is set, the GroupResult's "state_change" attribute is
866
- # updated to indicate whether the finding had its state changed, the
867
- # finding's state remained unchanged, or if the finding was added during the
868
- # compare_duration period of time that precedes the read_time. This is the
869
- # time between (read_time - compare_duration) and read_time.
870
- #
871
- # The state_change value is derived based on the presence and state of the
872
- # finding at the two points in time. Intermediate state changes between the
873
- # two times don't affect the result. For example, the results aren't affected
874
- # if the finding is made inactive and then active again.
875
- #
876
- # Possible "state_change" values when compare_duration is specified:
877
- #
878
- # * "CHANGED": indicates that the finding was present and matched the given
879
- # filter at the start of compare_duration, but changed its
880
- # state at read_time.
881
- # * "UNCHANGED": indicates that the finding was present and matched the given
882
- # filter at the start of compare_duration and did not change
883
- # state at read_time.
884
- # * "ADDED": indicates that the finding did not match the given filter or
885
- # was not present at the start of compare_duration, but was
886
- # present at read_time.
887
- # * "REMOVED": indicates that the finding was present and matched the
888
- # filter at the start of compare_duration, but did not match
889
- # the filter at read_time.
890
- #
891
- # If compare_duration is not specified, then the only possible state_change
892
- # is "UNUSED", which will be the state_change set for all findings present
893
- # at read_time.
894
- #
895
- # If this field is set then `state_change` must be a specified field in
896
- # `group_by`.
897
- # A hash of the same form as `Google::Protobuf::Duration`
898
- # can also be provided.
899
- # @param page_size [Integer]
900
- # The maximum number of resources contained in the underlying API
901
- # response. If page streaming is performed per-resource, this
902
- # parameter does not affect the return value. If page streaming is
903
- # performed per-page, this determines the maximum number of
904
- # resources in a page.
905
- # @param options [Google::Gax::CallOptions]
906
- # Overrides the default settings for this call, e.g, timeout,
907
- # retries, etc.
908
- # @yield [result, operation] Access the result along with the RPC operation
909
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
910
- # @yieldparam operation [GRPC::ActiveCall::Operation]
911
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::GroupResult>]
912
- # An enumerable of Google::Cloud::SecurityCenter::V1::GroupResult instances.
913
- # See Google::Gax::PagedEnumerable documentation for other
914
- # operations such as per-page iteration or access to the response
915
- # object.
916
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
917
- # @example
918
- # require "google/cloud/security_center"
919
- #
920
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
921
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
922
- #
923
- # # TODO: Initialize `group_by`:
924
- # group_by = ''
925
- #
926
- # # Iterate over all results.
927
- # security_center_client.group_findings(formatted_parent, group_by).each do |element|
928
- # # Process element.
929
- # end
930
- #
931
- # # Or iterate over results one page at a time.
932
- # security_center_client.group_findings(formatted_parent, group_by).each_page do |page|
933
- # # Process each page at a time.
934
- # page.each do |element|
935
- # # Process element.
936
- # end
937
- # end
938
-
939
- def group_findings \
940
- parent,
941
- group_by,
942
- filter: nil,
943
- read_time: nil,
944
- compare_duration: nil,
945
- page_size: nil,
946
- options: nil,
947
- &block
948
- req = {
949
- parent: parent,
950
- group_by: group_by,
951
- filter: filter,
952
- read_time: read_time,
953
- compare_duration: compare_duration,
954
- page_size: page_size
955
- }.delete_if { |_, v| v.nil? }
956
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GroupFindingsRequest)
957
- @group_findings.call(req, options, &block)
958
- end
959
-
960
- # Returns the permissions that a caller has on the specified source.
961
- #
962
- # @param resource [String]
963
- # REQUIRED: The resource for which the policy detail is being requested.
964
- # See the operation documentation for the appropriate value for this field.
965
- # @param permissions [Array<String>]
966
- # The set of permissions to check for the `resource`. Permissions with
967
- # wildcards (such as '*' or 'storage.*') are not allowed. For more
968
- # information see
969
- # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
970
- # @param options [Google::Gax::CallOptions]
971
- # Overrides the default settings for this call, e.g, timeout,
972
- # retries, etc.
973
- # @yield [result, operation] Access the result along with the RPC operation
974
- # @yieldparam result [Google::Iam::V1::TestIamPermissionsResponse]
975
- # @yieldparam operation [GRPC::ActiveCall::Operation]
976
- # @return [Google::Iam::V1::TestIamPermissionsResponse]
977
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
978
- # @example
979
- # require "google/cloud/security_center"
980
- #
981
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
982
- #
983
- # # TODO: Initialize `resource`:
984
- # resource = ''
985
- #
986
- # # TODO: Initialize `permissions`:
987
- # permissions = []
988
- # response = security_center_client.test_iam_permissions(resource, permissions)
989
-
990
- def test_iam_permissions \
991
- resource,
992
- permissions,
993
- options: nil,
994
- &block
995
- req = {
996
- resource: resource,
997
- permissions: permissions
998
- }.delete_if { |_, v| v.nil? }
999
- req = Google::Gax::to_proto(req, Google::Iam::V1::TestIamPermissionsRequest)
1000
- @test_iam_permissions.call(req, options, &block)
1001
- end
1002
-
1003
- # Creates a source.
1004
- #
1005
- # @param parent [String]
1006
- # Required. Resource name of the new source's parent. Its format should be
1007
- # "organizations/[organization_id]".
1008
- # @param source [Google::Cloud::SecurityCenter::V1::Source | Hash]
1009
- # Required. The Source being created, only the display_name and description
1010
- # will be used. All other fields will be ignored.
1011
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Source`
1012
- # can also be provided.
1013
- # @param options [Google::Gax::CallOptions]
1014
- # Overrides the default settings for this call, e.g, timeout,
1015
- # retries, etc.
1016
- # @yield [result, operation] Access the result along with the RPC operation
1017
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
1018
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1019
- # @return [Google::Cloud::SecurityCenter::V1::Source]
1020
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1021
- # @example
1022
- # require "google/cloud/security_center"
1023
- #
1024
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1025
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1026
- #
1027
- # # TODO: Initialize `source`:
1028
- # source = {}
1029
- # response = security_center_client.create_source(formatted_parent, source)
1030
-
1031
- def create_source \
1032
- parent,
1033
- source,
1034
- options: nil,
1035
- &block
1036
- req = {
1037
- parent: parent,
1038
- source: source
1039
- }.delete_if { |_, v| v.nil? }
1040
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::CreateSourceRequest)
1041
- @create_source.call(req, options, &block)
1042
- end
1043
-
1044
- # Creates a finding. The corresponding source must exist for finding creation
1045
- # to succeed.
1046
- #
1047
- # @param parent [String]
1048
- # Required. Resource name of the new finding's parent. Its format should be
1049
- # "organizations/[organization_id]/sources/[source_id]".
1050
- # @param finding_id [String]
1051
- # Required. Unique identifier provided by the client within the parent scope.
1052
- # It must be alphanumeric and less than or equal to 32 characters and
1053
- # greater than 0 characters in length.
1054
- # @param finding [Google::Cloud::SecurityCenter::V1::Finding | Hash]
1055
- # Required. The Finding being created. The name and security_marks will be
1056
- # ignored as they are both output only fields on this resource.
1057
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Finding`
1058
- # can also be provided.
1059
- # @param options [Google::Gax::CallOptions]
1060
- # Overrides the default settings for this call, e.g, timeout,
1061
- # retries, etc.
1062
- # @yield [result, operation] Access the result along with the RPC operation
1063
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
1064
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1065
- # @return [Google::Cloud::SecurityCenter::V1::Finding]
1066
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1067
- # @example
1068
- # require "google/cloud/security_center"
1069
- #
1070
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1071
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1072
- #
1073
- # # TODO: Initialize `finding_id`:
1074
- # finding_id = ''
1075
- #
1076
- # # TODO: Initialize `finding`:
1077
- # finding = {}
1078
- # response = security_center_client.create_finding(formatted_parent, finding_id, finding)
1079
-
1080
- def create_finding \
1081
- parent,
1082
- finding_id,
1083
- finding,
1084
- options: nil,
1085
- &block
1086
- req = {
1087
- parent: parent,
1088
- finding_id: finding_id,
1089
- finding: finding
1090
- }.delete_if { |_, v| v.nil? }
1091
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::CreateFindingRequest)
1092
- @create_finding.call(req, options, &block)
1093
- end
1094
-
1095
- # Creates a notification config.
1096
- #
1097
- # @param parent [String]
1098
- # Required. Resource name of the new notification config's parent. Its format
1099
- # is "organizations/[organization_id]".
1100
- # @param config_id [String]
1101
- # Required.
1102
- # Unique identifier provided by the client within the parent scope.
1103
- # It must be between 1 and 128 characters, and contains alphanumeric
1104
- # characters, underscores or hyphens only.
1105
- # @param notification_config [Google::Cloud::SecurityCenter::V1::NotificationConfig | Hash]
1106
- # Required. The notification config being created. The name and the service
1107
- # account will be ignored as they are both output only fields on this
1108
- # resource.
1109
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::NotificationConfig`
1110
- # can also be provided.
1111
- # @param options [Google::Gax::CallOptions]
1112
- # Overrides the default settings for this call, e.g, timeout,
1113
- # retries, etc.
1114
- # @yield [result, operation] Access the result along with the RPC operation
1115
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::NotificationConfig]
1116
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1117
- # @return [Google::Cloud::SecurityCenter::V1::NotificationConfig]
1118
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1119
- # @example
1120
- # require "google/cloud/security_center"
1121
- #
1122
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1123
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1124
- #
1125
- # # TODO: Initialize `config_id`:
1126
- # config_id = ''
1127
- #
1128
- # # TODO: Initialize `notification_config`:
1129
- # notification_config = {}
1130
- # response = security_center_client.create_notification_config(formatted_parent, config_id, notification_config)
1131
-
1132
- def create_notification_config \
1133
- parent,
1134
- config_id,
1135
- notification_config,
1136
- options: nil,
1137
- &block
1138
- req = {
1139
- parent: parent,
1140
- config_id: config_id,
1141
- notification_config: notification_config
1142
- }.delete_if { |_, v| v.nil? }
1143
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::CreateNotificationConfigRequest)
1144
- @create_notification_config.call(req, options, &block)
1145
- end
1146
-
1147
- # Deletes a notification config.
1148
- #
1149
- # @param name [String]
1150
- # Required. Name of the notification config to delete. Its format is
1151
- # "organizations/[organization_id]/notificationConfigs/[config_id]".
1152
- # @param options [Google::Gax::CallOptions]
1153
- # Overrides the default settings for this call, e.g, timeout,
1154
- # retries, etc.
1155
- # @yield [result, operation] Access the result along with the RPC operation
1156
- # @yieldparam result []
1157
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1158
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1159
- # @example
1160
- # require "google/cloud/security_center"
1161
- #
1162
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1163
- # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.notification_config_path("[ORGANIZATION]", "[NOTIFICATION_CONFIG]")
1164
- # security_center_client.delete_notification_config(formatted_name)
1165
-
1166
- def delete_notification_config \
1167
- name,
1168
- options: nil,
1169
- &block
1170
- req = {
1171
- name: name
1172
- }.delete_if { |_, v| v.nil? }
1173
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::DeleteNotificationConfigRequest)
1174
- @delete_notification_config.call(req, options, &block)
1175
- nil
1176
- end
1177
-
1178
- # Gets a notification config.
1179
- #
1180
- # @param name [String]
1181
- # Required. Name of the notification config to get. Its format is
1182
- # "organizations/[organization_id]/notificationConfigs/[config_id]".
1183
- # @param options [Google::Gax::CallOptions]
1184
- # Overrides the default settings for this call, e.g, timeout,
1185
- # retries, etc.
1186
- # @yield [result, operation] Access the result along with the RPC operation
1187
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::NotificationConfig]
1188
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1189
- # @return [Google::Cloud::SecurityCenter::V1::NotificationConfig]
1190
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1191
- # @example
1192
- # require "google/cloud/security_center"
1193
- #
1194
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1195
- # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.notification_config_path("[ORGANIZATION]", "[NOTIFICATION_CONFIG]")
1196
- # response = security_center_client.get_notification_config(formatted_name)
1197
-
1198
- def get_notification_config \
1199
- name,
1200
- options: nil,
1201
- &block
1202
- req = {
1203
- name: name
1204
- }.delete_if { |_, v| v.nil? }
1205
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GetNotificationConfigRequest)
1206
- @get_notification_config.call(req, options, &block)
1207
- end
1208
-
1209
- # Gets the settings for an organization.
1210
- #
1211
- # @param name [String]
1212
- # Required. Name of the organization to get organization settings for. Its
1213
- # format is "organizations/[organization_id]/organizationSettings".
1214
- # @param options [Google::Gax::CallOptions]
1215
- # Overrides the default settings for this call, e.g, timeout,
1216
- # retries, etc.
1217
- # @yield [result, operation] Access the result along with the RPC operation
1218
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
1219
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1220
- # @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
1221
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1222
- # @example
1223
- # require "google/cloud/security_center"
1224
- #
1225
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1226
- # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_settings_path("[ORGANIZATION]")
1227
- # response = security_center_client.get_organization_settings(formatted_name)
1228
-
1229
- def get_organization_settings \
1230
- name,
1231
- options: nil,
1232
- &block
1233
- req = {
1234
- name: name
1235
- }.delete_if { |_, v| v.nil? }
1236
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest)
1237
- @get_organization_settings.call(req, options, &block)
1238
- end
1239
-
1240
- # Gets a source.
1241
- #
1242
- # @param name [String]
1243
- # Required. Relative resource name of the source. Its format is
1244
- # "organizations/[organization_id]/source/[source_id]".
1245
- # @param options [Google::Gax::CallOptions]
1246
- # Overrides the default settings for this call, e.g, timeout,
1247
- # retries, etc.
1248
- # @yield [result, operation] Access the result along with the RPC operation
1249
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
1250
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1251
- # @return [Google::Cloud::SecurityCenter::V1::Source]
1252
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1253
- # @example
1254
- # require "google/cloud/security_center"
1255
- #
1256
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1257
- # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1258
- # response = security_center_client.get_source(formatted_name)
1259
-
1260
- def get_source \
1261
- name,
1262
- options: nil,
1263
- &block
1264
- req = {
1265
- name: name
1266
- }.delete_if { |_, v| v.nil? }
1267
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::GetSourceRequest)
1268
- @get_source.call(req, options, &block)
1269
- end
1270
-
1271
- # Lists an organization's assets.
1272
- #
1273
- # @param parent [String]
1274
- # Required. Name of the organization assets should belong to. Its format is
1275
- # "organizations/[organization_id]".
1276
- # @param filter [String]
1277
- # Expression that defines the filter to apply across assets.
1278
- # The expression is a list of zero or more restrictions combined via logical
1279
- # operators `AND` and `OR`.
1280
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
1281
- #
1282
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1283
- # character in front of them to indicate negation. The fields map to those
1284
- # defined in the Asset resource. Examples include:
1285
- #
1286
- # * name
1287
- # * security_center_properties.resource_name
1288
- # * resource_properties.a_property
1289
- # * security_marks.marks.marka
1290
- #
1291
- # The supported operators are:
1292
- #
1293
- # * `=` for all value types.
1294
- # * `>`, `<`, `>=`, `<=` for integer values.
1295
- # * `:`, meaning substring matching, for strings.
1296
- #
1297
- # The supported value types are:
1298
- #
1299
- # * string literals in quotes.
1300
- # * integer literals without quotes.
1301
- # * boolean literals `true` and `false` without quotes.
1302
- #
1303
- # The following are the allowed field and operator combinations:
1304
- #
1305
- # * name: `=`
1306
- # * update_time: `=`, `>`, `<`, `>=`, `<=`
1307
- #
1308
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
1309
- # Examples:
1310
- # "update_time = \"2019-06-10T16:07:18-07:00\""
1311
- # "update_time = 1560208038000"
1312
- #
1313
- # * create_time: `=`, `>`, `<`, `>=`, `<=`
1314
- #
1315
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
1316
- # Examples:
1317
- # "create_time = \"2019-06-10T16:07:18-07:00\""
1318
- # "create_time = 1560208038000"
1319
- #
1320
- # * iam_policy.policy_blob: `=`, `:`
1321
- # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1322
- # * security_marks.marks: `=`, `:`
1323
- # * security_center_properties.resource_name: `=`, `:`
1324
- # * security_center_properties.resource_display_name: `=`, `:`
1325
- # * security_center_properties.resource_type: `=`, `:`
1326
- # * security_center_properties.resource_parent: `=`, `:`
1327
- # * security_center_properties.resource_parent_display_name: `=`, `:`
1328
- # * security_center_properties.resource_project: `=`, `:`
1329
- # * security_center_properties.resource_project_display_name: `=`, `:`
1330
- # * security_center_properties.resource_owners: `=`, `:`
1331
- #
1332
- # For example, `resource_properties.size = 100` is a valid filter string.
1333
- # @param order_by [String]
1334
- # Expression that defines what fields and order to use for sorting. The
1335
- # string value should follow SQL syntax: comma separated list of fields. For
1336
- # example: "name,resource_properties.a_property". The default sorting order
1337
- # is ascending. To specify descending order for a field, a suffix " desc"
1338
- # should be appended to the field name. For example: "name
1339
- # desc,resource_properties.a_property". Redundant space characters in the
1340
- # syntax are insignificant. "name desc,resource_properties.a_property" and "
1341
- # name desc , resource_properties.a_property " are equivalent.
1342
- #
1343
- # The following fields are supported:
1344
- # name
1345
- # update_time
1346
- # resource_properties
1347
- # security_marks.marks
1348
- # security_center_properties.resource_name
1349
- # security_center_properties.resource_display_name
1350
- # security_center_properties.resource_parent
1351
- # security_center_properties.resource_parent_display_name
1352
- # security_center_properties.resource_project
1353
- # security_center_properties.resource_project_display_name
1354
- # security_center_properties.resource_type
1355
- # @param read_time [Google::Protobuf::Timestamp | Hash]
1356
- # Time used as a reference point when filtering assets. The filter is limited
1357
- # to assets existing at the supplied time and their values are those at that
1358
- # specific time. Absence of this field will default to the API's version of
1359
- # NOW.
1360
- # A hash of the same form as `Google::Protobuf::Timestamp`
1361
- # can also be provided.
1362
- # @param compare_duration [Google::Protobuf::Duration | Hash]
1363
- # When compare_duration is set, the ListAssetsResult's "state_change"
1364
- # attribute is updated to indicate whether the asset was added, removed, or
1365
- # remained present during the compare_duration period of time that precedes
1366
- # the read_time. This is the time between (read_time - compare_duration) and
1367
- # read_time.
1368
- #
1369
- # The state_change value is derived based on the presence of the asset at the
1370
- # two points in time. Intermediate state changes between the two times don't
1371
- # affect the result. For example, the results aren't affected if the asset is
1372
- # removed and re-created again.
1373
- #
1374
- # Possible "state_change" values when compare_duration is specified:
1375
- #
1376
- # * "ADDED": indicates that the asset was not present at the start of
1377
- # compare_duration, but present at read_time.
1378
- # * "REMOVED": indicates that the asset was present at the start of
1379
- # compare_duration, but not present at read_time.
1380
- # * "ACTIVE": indicates that the asset was present at both the
1381
- # start and the end of the time period defined by
1382
- # compare_duration and read_time.
1383
- #
1384
- # If compare_duration is not specified, then the only possible state_change
1385
- # is "UNUSED", which will be the state_change set for all assets present at
1386
- # read_time.
1387
- # A hash of the same form as `Google::Protobuf::Duration`
1388
- # can also be provided.
1389
- # @param field_mask [Google::Protobuf::FieldMask | Hash]
1390
- # Optional. A field mask to specify the ListAssetsResult fields to be listed
1391
- # in the response. An empty field mask will list all fields.
1392
- # A hash of the same form as `Google::Protobuf::FieldMask`
1393
- # can also be provided.
1394
- # @param page_size [Integer]
1395
- # The maximum number of resources contained in the underlying API
1396
- # response. If page streaming is performed per-resource, this
1397
- # parameter does not affect the return value. If page streaming is
1398
- # performed per-page, this determines the maximum number of
1399
- # resources in a page.
1400
- # @param options [Google::Gax::CallOptions]
1401
- # Overrides the default settings for this call, e.g, timeout,
1402
- # retries, etc.
1403
- # @yield [result, operation] Access the result along with the RPC operation
1404
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
1405
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1406
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
1407
- # An enumerable of Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult instances.
1408
- # See Google::Gax::PagedEnumerable documentation for other
1409
- # operations such as per-page iteration or access to the response
1410
- # object.
1411
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1412
- # @example
1413
- # require "google/cloud/security_center"
1414
- #
1415
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1416
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1417
- #
1418
- # # Iterate over all results.
1419
- # security_center_client.list_assets(formatted_parent).each do |element|
1420
- # # Process element.
1421
- # end
1422
- #
1423
- # # Or iterate over results one page at a time.
1424
- # security_center_client.list_assets(formatted_parent).each_page do |page|
1425
- # # Process each page at a time.
1426
- # page.each do |element|
1427
- # # Process element.
1428
- # end
1429
- # end
1430
-
1431
- def list_assets \
1432
- parent,
1433
- filter: nil,
1434
- order_by: nil,
1435
- read_time: nil,
1436
- compare_duration: nil,
1437
- field_mask: nil,
1438
- page_size: nil,
1439
- options: nil,
1440
- &block
1441
- req = {
1442
- parent: parent,
1443
- filter: filter,
1444
- order_by: order_by,
1445
- read_time: read_time,
1446
- compare_duration: compare_duration,
1447
- field_mask: field_mask,
1448
- page_size: page_size
1449
- }.delete_if { |_, v| v.nil? }
1450
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListAssetsRequest)
1451
- @list_assets.call(req, options, &block)
1452
- end
1453
-
1454
- # Lists an organization or source's findings.
1455
- #
1456
- # To list across all sources provide a `-` as the source id.
1457
- # Example: /v1/organizations/{organization_id}/sources/-/findings
1458
- #
1459
- # @param parent [String]
1460
- # Required. Name of the source the findings belong to. Its format is
1461
- # "organizations/[organization_id]/sources/[source_id]". To list across all
1462
- # sources provide a source_id of `-`. For example:
1463
- # organizations/{organization_id}/sources/-
1464
- # @param filter [String]
1465
- # Expression that defines the filter to apply across findings.
1466
- # The expression is a list of one or more restrictions combined via logical
1467
- # operators `AND` and `OR`.
1468
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
1469
- #
1470
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1471
- # character in front of them to indicate negation. Examples include:
1472
- #
1473
- # * name
1474
- # * source_properties.a_property
1475
- # * security_marks.marks.marka
1476
- #
1477
- # The supported operators are:
1478
- #
1479
- # * `=` for all value types.
1480
- # * `>`, `<`, `>=`, `<=` for integer values.
1481
- # * `:`, meaning substring matching, for strings.
1482
- #
1483
- # The supported value types are:
1484
- #
1485
- # * string literals in quotes.
1486
- # * integer literals without quotes.
1487
- # * boolean literals `true` and `false` without quotes.
1488
- #
1489
- # The following field and operator combinations are supported:
1490
- #
1491
- # name: `=`
1492
- # parent: `=`, `:`
1493
- # resource_name: `=`, `:`
1494
- # state: `=`, `:`
1495
- # category: `=`, `:`
1496
- # external_uri: `=`, `:`
1497
- # event_time: `=`, `>`, `<`, `>=`, `<=`
1498
- #
1499
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
1500
- # Examples:
1501
- # "event_time = \"2019-06-10T16:07:18-07:00\""
1502
- # "event_time = 1560208038000"
1503
- #
1504
- # security_marks.marks: `=`, `:`
1505
- # source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1506
- #
1507
- # For example, `source_properties.size = 100` is a valid filter string.
1508
- # @param order_by [String]
1509
- # Expression that defines what fields and order to use for sorting. The
1510
- # string value should follow SQL syntax: comma separated list of fields. For
1511
- # example: "name,resource_properties.a_property". The default sorting order
1512
- # is ascending. To specify descending order for a field, a suffix " desc"
1513
- # should be appended to the field name. For example: "name
1514
- # desc,source_properties.a_property". Redundant space characters in the
1515
- # syntax are insignificant. "name desc,source_properties.a_property" and "
1516
- # name desc , source_properties.a_property " are equivalent.
1517
- #
1518
- # The following fields are supported:
1519
- # name
1520
- # parent
1521
- # state
1522
- # category
1523
- # resource_name
1524
- # event_time
1525
- # source_properties
1526
- # security_marks.marks
1527
- # @param read_time [Google::Protobuf::Timestamp | Hash]
1528
- # Time used as a reference point when filtering findings. The filter is
1529
- # limited to findings existing at the supplied time and their values are
1530
- # those at that specific time. Absence of this field will default to the
1531
- # API's version of NOW.
1532
- # A hash of the same form as `Google::Protobuf::Timestamp`
1533
- # can also be provided.
1534
- # @param compare_duration [Google::Protobuf::Duration | Hash]
1535
- # When compare_duration is set, the ListFindingsResult's "state_change"
1536
- # attribute is updated to indicate whether the finding had its state changed,
1537
- # the finding's state remained unchanged, or if the finding was added in any
1538
- # state during the compare_duration period of time that precedes the
1539
- # read_time. This is the time between (read_time - compare_duration) and
1540
- # read_time.
1541
- #
1542
- # The state_change value is derived based on the presence and state of the
1543
- # finding at the two points in time. Intermediate state changes between the
1544
- # two times don't affect the result. For example, the results aren't affected
1545
- # if the finding is made inactive and then active again.
1546
- #
1547
- # Possible "state_change" values when compare_duration is specified:
1548
- #
1549
- # * "CHANGED": indicates that the finding was present and matched the given
1550
- # filter at the start of compare_duration, but changed its
1551
- # state at read_time.
1552
- # * "UNCHANGED": indicates that the finding was present and matched the given
1553
- # filter at the start of compare_duration and did not change
1554
- # state at read_time.
1555
- # * "ADDED": indicates that the finding did not match the given filter or
1556
- # was not present at the start of compare_duration, but was
1557
- # present at read_time.
1558
- # * "REMOVED": indicates that the finding was present and matched the
1559
- # filter at the start of compare_duration, but did not match
1560
- # the filter at read_time.
1561
- #
1562
- # If compare_duration is not specified, then the only possible state_change
1563
- # is "UNUSED", which will be the state_change set for all findings present at
1564
- # read_time.
1565
- # A hash of the same form as `Google::Protobuf::Duration`
1566
- # can also be provided.
1567
- # @param field_mask [Google::Protobuf::FieldMask | Hash]
1568
- # Optional. A field mask to specify the Finding fields to be listed in the
1569
- # response. An empty field mask will list all fields.
1570
- # A hash of the same form as `Google::Protobuf::FieldMask`
1571
- # can also be provided.
1572
- # @param page_size [Integer]
1573
- # The maximum number of resources contained in the underlying API
1574
- # response. If page streaming is performed per-resource, this
1575
- # parameter does not affect the return value. If page streaming is
1576
- # performed per-page, this determines the maximum number of
1577
- # resources in a page.
1578
- # @param options [Google::Gax::CallOptions]
1579
- # Overrides the default settings for this call, e.g, timeout,
1580
- # retries, etc.
1581
- # @yield [result, operation] Access the result along with the RPC operation
1582
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
1583
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1584
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
1585
- # An enumerable of Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult instances.
1586
- # See Google::Gax::PagedEnumerable documentation for other
1587
- # operations such as per-page iteration or access to the response
1588
- # object.
1589
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1590
- # @example
1591
- # require "google/cloud/security_center"
1592
- #
1593
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1594
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1595
- #
1596
- # # Iterate over all results.
1597
- # security_center_client.list_findings(formatted_parent).each do |element|
1598
- # # Process element.
1599
- # end
1600
- #
1601
- # # Or iterate over results one page at a time.
1602
- # security_center_client.list_findings(formatted_parent).each_page do |page|
1603
- # # Process each page at a time.
1604
- # page.each do |element|
1605
- # # Process element.
1606
- # end
1607
- # end
1608
-
1609
- def list_findings \
1610
- parent,
1611
- filter: nil,
1612
- order_by: nil,
1613
- read_time: nil,
1614
- compare_duration: nil,
1615
- field_mask: nil,
1616
- page_size: nil,
1617
- options: nil,
1618
- &block
1619
- req = {
1620
- parent: parent,
1621
- filter: filter,
1622
- order_by: order_by,
1623
- read_time: read_time,
1624
- compare_duration: compare_duration,
1625
- field_mask: field_mask,
1626
- page_size: page_size
1627
- }.delete_if { |_, v| v.nil? }
1628
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListFindingsRequest)
1629
- @list_findings.call(req, options, &block)
1630
- end
1631
-
1632
- # Lists notification configs.
1633
- #
1634
- # @param parent [String]
1635
- # Required. Name of the organization to list notification configs.
1636
- # Its format is "organizations/[organization_id]".
1637
- # @param page_size [Integer]
1638
- # The maximum number of resources contained in the underlying API
1639
- # response. If page streaming is performed per-resource, this
1640
- # parameter does not affect the return value. If page streaming is
1641
- # performed per-page, this determines the maximum number of
1642
- # resources in a page.
1643
- # @param options [Google::Gax::CallOptions]
1644
- # Overrides the default settings for this call, e.g, timeout,
1645
- # retries, etc.
1646
- # @yield [result, operation] Access the result along with the RPC operation
1647
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::NotificationConfig>]
1648
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1649
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::NotificationConfig>]
1650
- # An enumerable of Google::Cloud::SecurityCenter::V1::NotificationConfig instances.
1651
- # See Google::Gax::PagedEnumerable documentation for other
1652
- # operations such as per-page iteration or access to the response
1653
- # object.
1654
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1655
- # @example
1656
- # require "google/cloud/security_center"
1657
- #
1658
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1659
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1660
- #
1661
- # # Iterate over all results.
1662
- # security_center_client.list_notification_configs(formatted_parent).each do |element|
1663
- # # Process element.
1664
- # end
1665
- #
1666
- # # Or iterate over results one page at a time.
1667
- # security_center_client.list_notification_configs(formatted_parent).each_page do |page|
1668
- # # Process each page at a time.
1669
- # page.each do |element|
1670
- # # Process element.
1671
- # end
1672
- # end
1673
-
1674
- def list_notification_configs \
1675
- parent,
1676
- page_size: nil,
1677
- options: nil,
1678
- &block
1679
- req = {
1680
- parent: parent,
1681
- page_size: page_size
1682
- }.delete_if { |_, v| v.nil? }
1683
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListNotificationConfigsRequest)
1684
- @list_notification_configs.call(req, options, &block)
1685
- end
1686
-
1687
- # Lists all sources belonging to an organization.
1688
- #
1689
- # @param parent [String]
1690
- # Required. Resource name of the parent of sources to list. Its format should
1691
- # be "organizations/[organization_id]".
1692
- # @param page_size [Integer]
1693
- # The maximum number of resources contained in the underlying API
1694
- # response. If page streaming is performed per-resource, this
1695
- # parameter does not affect the return value. If page streaming is
1696
- # performed per-page, this determines the maximum number of
1697
- # resources in a page.
1698
- # @param options [Google::Gax::CallOptions]
1699
- # Overrides the default settings for this call, e.g, timeout,
1700
- # retries, etc.
1701
- # @yield [result, operation] Access the result along with the RPC operation
1702
- # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::Source>]
1703
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1704
- # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1::Source>]
1705
- # An enumerable of Google::Cloud::SecurityCenter::V1::Source instances.
1706
- # See Google::Gax::PagedEnumerable documentation for other
1707
- # operations such as per-page iteration or access to the response
1708
- # object.
1709
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1710
- # @example
1711
- # require "google/cloud/security_center"
1712
- #
1713
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1714
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1715
- #
1716
- # # Iterate over all results.
1717
- # security_center_client.list_sources(formatted_parent).each do |element|
1718
- # # Process element.
1719
- # end
1720
- #
1721
- # # Or iterate over results one page at a time.
1722
- # security_center_client.list_sources(formatted_parent).each_page do |page|
1723
- # # Process each page at a time.
1724
- # page.each do |element|
1725
- # # Process element.
1726
- # end
1727
- # end
1728
-
1729
- def list_sources \
1730
- parent,
1731
- page_size: nil,
1732
- options: nil,
1733
- &block
1734
- req = {
1735
- parent: parent,
1736
- page_size: page_size
1737
- }.delete_if { |_, v| v.nil? }
1738
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::ListSourcesRequest)
1739
- @list_sources.call(req, options, &block)
1740
- end
1741
-
1742
- # Runs asset discovery. The discovery is tracked with a long-running
1743
- # operation.
1744
- #
1745
- # This API can only be called with limited frequency for an organization. If
1746
- # it is called too frequently the caller will receive a TOO_MANY_REQUESTS
1747
- # error.
1748
- #
1749
- # @param parent [String]
1750
- # Required. Name of the organization to run asset discovery for. Its format
1751
- # is "organizations/[organization_id]".
1752
- # @param options [Google::Gax::CallOptions]
1753
- # Overrides the default settings for this call, e.g, timeout,
1754
- # retries, etc.
1755
- # @return [Google::Gax::Operation]
1756
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1757
- # @example
1758
- # require "google/cloud/security_center"
1759
- #
1760
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1761
- # formatted_parent = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1762
- #
1763
- # # Register a callback during the method call.
1764
- # operation = security_center_client.run_asset_discovery(formatted_parent) do |op|
1765
- # raise op.results.message if op.error?
1766
- # op_results = op.results
1767
- # # Process the results.
1768
- #
1769
- # metadata = op.metadata
1770
- # # Process the metadata.
1771
- # end
1772
- #
1773
- # # Or use the return value to register a callback.
1774
- # operation.on_done do |op|
1775
- # raise op.results.message if op.error?
1776
- # op_results = op.results
1777
- # # Process the results.
1778
- #
1779
- # metadata = op.metadata
1780
- # # Process the metadata.
1781
- # end
1782
- #
1783
- # # Manually reload the operation.
1784
- # operation.reload!
1785
- #
1786
- # # Or block until the operation completes, triggering callbacks on
1787
- # # completion.
1788
- # operation.wait_until_done!
1789
-
1790
- def run_asset_discovery \
1791
- parent,
1792
- options: nil
1793
- req = {
1794
- parent: parent
1795
- }.delete_if { |_, v| v.nil? }
1796
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryRequest)
1797
- operation = Google::Gax::Operation.new(
1798
- @run_asset_discovery.call(req, options),
1799
- @operations_client,
1800
- Google::Cloud::SecurityCenter::V1::RunAssetDiscoveryResponse,
1801
- Google::Protobuf::Empty,
1802
- call_options: options
1803
- )
1804
- operation.on_done { |operation| yield(operation) } if block_given?
1805
- operation
1806
- end
1807
-
1808
- # Updates the state of a finding.
1809
- #
1810
- # @param name [String]
1811
- # Required. The relative resource name of the finding. See:
1812
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
1813
- # Example:
1814
- # "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}".
1815
- # @param state [Google::Cloud::SecurityCenter::V1::Finding::State]
1816
- # Required. The desired State of the finding.
1817
- # @param start_time [Google::Protobuf::Timestamp | Hash]
1818
- # Required. The time at which the updated state takes effect.
1819
- # A hash of the same form as `Google::Protobuf::Timestamp`
1820
- # can also be provided.
1821
- # @param options [Google::Gax::CallOptions]
1822
- # Overrides the default settings for this call, e.g, timeout,
1823
- # retries, etc.
1824
- # @yield [result, operation] Access the result along with the RPC operation
1825
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
1826
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1827
- # @return [Google::Cloud::SecurityCenter::V1::Finding]
1828
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1829
- # @example
1830
- # require "google/cloud/security_center"
1831
- #
1832
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1833
- # formatted_name = Google::Cloud::SecurityCenter::V1::SecurityCenterClient.finding_path("[ORGANIZATION]", "[SOURCE]", "[FINDING]")
1834
- #
1835
- # # TODO: Initialize `state`:
1836
- # state = :STATE_UNSPECIFIED
1837
- #
1838
- # # TODO: Initialize `start_time`:
1839
- # start_time = {}
1840
- # response = security_center_client.set_finding_state(formatted_name, state, start_time)
1841
-
1842
- def set_finding_state \
1843
- name,
1844
- state,
1845
- start_time,
1846
- options: nil,
1847
- &block
1848
- req = {
1849
- name: name,
1850
- state: state,
1851
- start_time: start_time
1852
- }.delete_if { |_, v| v.nil? }
1853
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::SetFindingStateRequest)
1854
- @set_finding_state.call(req, options, &block)
1855
- end
1856
-
1857
- # Sets the access control policy on the specified Source.
1858
- #
1859
- # @param resource [String]
1860
- # REQUIRED: The resource for which the policy is being specified.
1861
- # See the operation documentation for the appropriate value for this field.
1862
- # @param policy [Google::Iam::V1::Policy | Hash]
1863
- # REQUIRED: The complete policy to be applied to the `resource`. The size of
1864
- # the policy is limited to a few 10s of KB. An empty policy is a
1865
- # valid policy but certain Cloud Platform services (such as Projects)
1866
- # might reject them.
1867
- # A hash of the same form as `Google::Iam::V1::Policy`
1868
- # can also be provided.
1869
- # @param options [Google::Gax::CallOptions]
1870
- # Overrides the default settings for this call, e.g, timeout,
1871
- # retries, etc.
1872
- # @yield [result, operation] Access the result along with the RPC operation
1873
- # @yieldparam result [Google::Iam::V1::Policy]
1874
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1875
- # @return [Google::Iam::V1::Policy]
1876
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1877
- # @example
1878
- # require "google/cloud/security_center"
1879
- #
1880
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1881
- #
1882
- # # TODO: Initialize `resource`:
1883
- # resource = ''
1884
- #
1885
- # # TODO: Initialize `policy`:
1886
- # policy = {}
1887
- # response = security_center_client.set_iam_policy(resource, policy)
1888
-
1889
- def set_iam_policy \
1890
- resource,
1891
- policy,
1892
- options: nil,
1893
- &block
1894
- req = {
1895
- resource: resource,
1896
- policy: policy
1897
- }.delete_if { |_, v| v.nil? }
1898
- req = Google::Gax::to_proto(req, Google::Iam::V1::SetIamPolicyRequest)
1899
- @set_iam_policy.call(req, options, &block)
1900
- end
1901
-
1902
- # Creates or updates a finding. The corresponding source must exist for a
1903
- # finding creation to succeed.
1904
- #
1905
- # @param finding [Google::Cloud::SecurityCenter::V1::Finding | Hash]
1906
- # Required. The finding resource to update or create if it does not already
1907
- # exist. parent, security_marks, and update_time will be ignored.
1908
- #
1909
- # In the case of creation, the finding id portion of the name must be
1910
- # alphanumeric and less than or equal to 32 characters and greater than 0
1911
- # characters in length.
1912
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Finding`
1913
- # can also be provided.
1914
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
1915
- # The FieldMask to use when updating the finding resource. This field should
1916
- # not be specified when creating a finding.
1917
- #
1918
- # When updating a finding, an empty mask is treated as updating all mutable
1919
- # fields and replacing source_properties. Individual source_properties can
1920
- # be added/updated by using "source_properties.<property key>" in the field
1921
- # mask.
1922
- # A hash of the same form as `Google::Protobuf::FieldMask`
1923
- # can also be provided.
1924
- # @param options [Google::Gax::CallOptions]
1925
- # Overrides the default settings for this call, e.g, timeout,
1926
- # retries, etc.
1927
- # @yield [result, operation] Access the result along with the RPC operation
1928
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::Finding]
1929
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1930
- # @return [Google::Cloud::SecurityCenter::V1::Finding]
1931
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1932
- # @example
1933
- # require "google/cloud/security_center"
1934
- #
1935
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1936
- #
1937
- # # TODO: Initialize `finding`:
1938
- # finding = {}
1939
- # response = security_center_client.update_finding(finding)
1940
-
1941
- def update_finding \
1942
- finding,
1943
- update_mask: nil,
1944
- options: nil,
1945
- &block
1946
- req = {
1947
- finding: finding,
1948
- update_mask: update_mask
1949
- }.delete_if { |_, v| v.nil? }
1950
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateFindingRequest)
1951
- @update_finding.call(req, options, &block)
1952
- end
1953
-
1954
- # Updates a notification config.
1955
- #
1956
- # @param notification_config [Google::Cloud::SecurityCenter::V1::NotificationConfig | Hash]
1957
- # Required. The notification config to update.
1958
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::NotificationConfig`
1959
- # can also be provided.
1960
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
1961
- # The FieldMask to use when updating the notification config.
1962
- #
1963
- # If empty all mutable fields will be updated.
1964
- # A hash of the same form as `Google::Protobuf::FieldMask`
1965
- # can also be provided.
1966
- # @param options [Google::Gax::CallOptions]
1967
- # Overrides the default settings for this call, e.g, timeout,
1968
- # retries, etc.
1969
- # @yield [result, operation] Access the result along with the RPC operation
1970
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::NotificationConfig]
1971
- # @yieldparam operation [GRPC::ActiveCall::Operation]
1972
- # @return [Google::Cloud::SecurityCenter::V1::NotificationConfig]
1973
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
1974
- # @example
1975
- # require "google/cloud/security_center"
1976
- #
1977
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
1978
- #
1979
- # # TODO: Initialize `notification_config`:
1980
- # notification_config = {}
1981
- # response = security_center_client.update_notification_config(notification_config)
1982
-
1983
- def update_notification_config \
1984
- notification_config,
1985
- update_mask: nil,
1986
- options: nil,
1987
- &block
1988
- req = {
1989
- notification_config: notification_config,
1990
- update_mask: update_mask
1991
- }.delete_if { |_, v| v.nil? }
1992
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest)
1993
- @update_notification_config.call(req, options, &block)
1994
- end
1995
-
1996
- # Updates an organization's settings.
1997
- #
1998
- # @param organization_settings [Google::Cloud::SecurityCenter::V1::OrganizationSettings | Hash]
1999
- # Required. The organization settings resource to update.
2000
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::OrganizationSettings`
2001
- # can also be provided.
2002
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
2003
- # The FieldMask to use when updating the settings resource.
2004
- #
2005
- # If empty all mutable fields will be updated.
2006
- # A hash of the same form as `Google::Protobuf::FieldMask`
2007
- # can also be provided.
2008
- # @param options [Google::Gax::CallOptions]
2009
- # Overrides the default settings for this call, e.g, timeout,
2010
- # retries, etc.
2011
- # @yield [result, operation] Access the result along with the RPC operation
2012
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
2013
- # @yieldparam operation [GRPC::ActiveCall::Operation]
2014
- # @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
2015
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
2016
- # @example
2017
- # require "google/cloud/security_center"
2018
- #
2019
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
2020
- #
2021
- # # TODO: Initialize `organization_settings`:
2022
- # organization_settings = {}
2023
- # response = security_center_client.update_organization_settings(organization_settings)
2024
-
2025
- def update_organization_settings \
2026
- organization_settings,
2027
- update_mask: nil,
2028
- options: nil,
2029
- &block
2030
- req = {
2031
- organization_settings: organization_settings,
2032
- update_mask: update_mask
2033
- }.delete_if { |_, v| v.nil? }
2034
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest)
2035
- @update_organization_settings.call(req, options, &block)
2036
- end
2037
-
2038
- # Updates a source.
2039
- #
2040
- # @param source [Google::Cloud::SecurityCenter::V1::Source | Hash]
2041
- # Required. The source resource to update.
2042
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::Source`
2043
- # can also be provided.
2044
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
2045
- # The FieldMask to use when updating the source resource.
2046
- #
2047
- # If empty all mutable fields will be updated.
2048
- # A hash of the same form as `Google::Protobuf::FieldMask`
2049
- # can also be provided.
2050
- # @param options [Google::Gax::CallOptions]
2051
- # Overrides the default settings for this call, e.g, timeout,
2052
- # retries, etc.
2053
- # @yield [result, operation] Access the result along with the RPC operation
2054
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::Source]
2055
- # @yieldparam operation [GRPC::ActiveCall::Operation]
2056
- # @return [Google::Cloud::SecurityCenter::V1::Source]
2057
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
2058
- # @example
2059
- # require "google/cloud/security_center"
2060
- #
2061
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
2062
- #
2063
- # # TODO: Initialize `source`:
2064
- # source = {}
2065
- # response = security_center_client.update_source(source)
2066
-
2067
- def update_source \
2068
- source,
2069
- update_mask: nil,
2070
- options: nil,
2071
- &block
2072
- req = {
2073
- source: source,
2074
- update_mask: update_mask
2075
- }.delete_if { |_, v| v.nil? }
2076
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateSourceRequest)
2077
- @update_source.call(req, options, &block)
2078
- end
2079
-
2080
- # Updates security marks.
2081
- #
2082
- # @param security_marks [Google::Cloud::SecurityCenter::V1::SecurityMarks | Hash]
2083
- # Required. The security marks resource to update.
2084
- # A hash of the same form as `Google::Cloud::SecurityCenter::V1::SecurityMarks`
2085
- # can also be provided.
2086
- # @param update_mask [Google::Protobuf::FieldMask | Hash]
2087
- # The FieldMask to use when updating the security marks resource.
2088
- #
2089
- # The field mask must not contain duplicate fields.
2090
- # If empty or set to "marks", all marks will be replaced. Individual
2091
- # marks can be updated using "marks.<mark_key>".
2092
- # A hash of the same form as `Google::Protobuf::FieldMask`
2093
- # can also be provided.
2094
- # @param start_time [Google::Protobuf::Timestamp | Hash]
2095
- # The time at which the updated SecurityMarks take effect.
2096
- # If not set uses current server time. Updates will be applied to the
2097
- # SecurityMarks that are active immediately preceding this time.
2098
- # A hash of the same form as `Google::Protobuf::Timestamp`
2099
- # can also be provided.
2100
- # @param options [Google::Gax::CallOptions]
2101
- # Overrides the default settings for this call, e.g, timeout,
2102
- # retries, etc.
2103
- # @yield [result, operation] Access the result along with the RPC operation
2104
- # @yieldparam result [Google::Cloud::SecurityCenter::V1::SecurityMarks]
2105
- # @yieldparam operation [GRPC::ActiveCall::Operation]
2106
- # @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
2107
- # @raise [Google::Gax::GaxError] if the RPC is aborted.
2108
- # @example
2109
- # require "google/cloud/security_center"
2110
- #
2111
- # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1)
2112
- #
2113
- # # TODO: Initialize `security_marks`:
2114
- # security_marks = {}
2115
- # response = security_center_client.update_security_marks(security_marks)
2116
-
2117
- def update_security_marks \
2118
- security_marks,
2119
- update_mask: nil,
2120
- start_time: nil,
2121
- options: nil,
2122
- &block
2123
- req = {
2124
- security_marks: security_marks,
2125
- update_mask: update_mask,
2126
- start_time: start_time
2127
- }.delete_if { |_, v| v.nil? }
2128
- req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1::UpdateSecurityMarksRequest)
2129
- @update_security_marks.call(req, options, &block)
2130
- end
2131
- end
2132
- end
2133
- end
2134
- end
2135
- end