google-cloud-security_center 0.5.1 → 0.6.0

data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/source.rb

@@ -0,0 +1,49 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Cloud
+    module Securitycenter
+      module V1p1beta1
+        # Cloud Security Command Center's (Cloud SCC) finding source. A finding source
+        # is an entity or a mechanism that can produce a finding. A source is like a
+        # container of findings that come from the same scanner, logger, monitor, etc.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The relative resource name of this source. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/{organization_id}/sources/{source_id}"
+        # @!attribute [rw] display_name
+        #   @return [String]
+        #     The source's display name.
+        #     A source's display name must be unique amongst its siblings, for example,
+        #     two sources with the same parent can't share the same display name.
+        #     The display name must have a length between 1 and 64 characters
+        #     (inclusive).
+        # @!attribute [rw] description
+        #   @return [String]
+        #     The description of the source (max of 1024 characters).
+        #     Example:
+        #     "Cloud Security Scanner is a web security scanner for common
+        #     vulnerabilities in App Engine applications. It can automatically
+        #     scan and detect four common vulnerabilities, including cross-site-scripting
+        #     (XSS), Flash injection, mixed content (HTTP in HTTPS), and
+        #     outdated/insecure libraries."
+        class Source; end
+      end
+    end
+  end
+end

data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/iam_policy.rb

@@ -0,0 +1,64 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Iam
+    module V1
+      # Request message for `SetIamPolicy` method.
+      # @!attribute [rw] resource
+      #   @return [String]
+      #     REQUIRED: The resource for which the policy is being specified.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] policy
+      #   @return [Google::Iam::V1::Policy]
+      #     REQUIRED: The complete policy to be applied to the `resource`. The size of
+      #     the policy is limited to a few 10s of KB. An empty policy is a
+      #     valid policy but certain Cloud Platform services (such as Projects)
+      #     might reject them.
+      class SetIamPolicyRequest; end
+
+      # Request message for `GetIamPolicy` method.
+      # @!attribute [rw] resource
+      #   @return [String]
+      #     REQUIRED: The resource for which the policy is being requested.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] options
+      #   @return [Google::Iam::V1::GetPolicyOptions]
+      #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
+      #     `GetIamPolicy`. This field is only used by Cloud IAM.
+      class GetIamPolicyRequest; end
+
+      # Request message for `TestIamPermissions` method.
+      # @!attribute [rw] resource
+      #   @return [String]
+      #     REQUIRED: The resource for which the policy detail is being requested.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] permissions
+      #   @return [Array<String>]
+      #     The set of permissions to check for the `resource`. Permissions with
+      #     wildcards (such as '*' or 'storage.*') are not allowed. For more
+      #     information see
+      #     [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
+      class TestIamPermissionsRequest; end
+
+      # Response message for `TestIamPermissions` method.
+      # @!attribute [rw] permissions
+      #   @return [Array<String>]
+      #     A subset of `TestPermissionsRequest.permissions` that the caller is
+      #     allowed.
+      class TestIamPermissionsResponse; end
+    end
+  end
+end

data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/options.rb

@@ -0,0 +1,33 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Iam
+    module V1
+      # Encapsulates settings provided to GetIamPolicy.
+      # @!attribute [rw] requested_policy_version
+      #   @return [Integer]
+      #     Optional. The policy format version to be returned.
+      #
+      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
+      #     rejected.
+      #
+      #     Requests for policies with any conditional bindings must specify version 3.
+      #     Policies without any conditional bindings may specify any valid value or
+      #     leave the field unset.
+      class GetPolicyOptions; end
+    end
+  end
+end

data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/policy.rb

@@ -0,0 +1,151 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Iam
+    module V1
+      # Defines an Identity and Access Management (IAM) policy. It is used to
+      # specify access control policies for Cloud Platform resources.
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+      # `members` to a single `role`. Members can be user accounts, service accounts,
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
+      # permissions (defined by IAM or configured by users). A `binding` can
+      # optionally specify a `condition`, which is a logic expression that further
+      # constrains the role binding based on attributes about the request and/or
+      # target resource.
+      #
+      # **JSON Example**
+      #
+      #     {
+      #       "bindings": [
+      #         {
+      #           "role": "roles/resourcemanager.organizationAdmin",
+      #           "members": [
+      #             "user:mike@example.com",
+      #             "group:admins@example.com",
+      #             "domain:google.com",
+      #             "serviceAccount:my-project-id@appspot.gserviceaccount.com"
+      #           ]
+      #         },
+      #         {
+      #           "role": "roles/resourcemanager.organizationViewer",
+      #           "members": ["user:eve@example.com"],
+      #           "condition": {
+      #             "title": "expirable access",
+      #             "description": "Does not grant access after Sep 2020",
+      #             "expression": "request.time <
+      #             timestamp('2020-10-01T00:00:00.000Z')",
+      #           }
+      #         }
+      #       ]
+      #     }
+      #
+      # **YAML Example**
+      #
+      #     bindings:
+      # * members:
+      #   * user:mike@example.com
+      #     * group:admins@example.com
+      #       * domain:google.com
+      #       * serviceAccount:my-project-id@appspot.gserviceaccount.com
+      #         role: roles/resourcemanager.organizationAdmin
+      #       * members:
+      #       * user:eve@example.com
+      #         role: roles/resourcemanager.organizationViewer
+      #         condition:
+      #         title: expirable access
+      #         description: Does not grant access after Sep 2020
+      #         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
+      #
+      #       For a description of IAM and its features, see the
+      #       [IAM developer's guide](https://cloud.google.com/iam/docs).
+      # @!attribute [rw] version
+      #   @return [Integer]
+      #     Specifies the format of the policy.
+      #
+      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
+      #     rejected.
+      #
+      #     Operations affecting conditional bindings must specify version 3. This can
+      #     be either setting a conditional policy, modifying a conditional binding,
+      #     or removing a binding (conditional or unconditional) from the stored
+      #     conditional policy.
+      #     Operations on non-conditional policies may specify any valid value or
+      #     leave the field unset.
+      #
+      #     If no etag is provided in the call to `setIamPolicy`, version compliance
+      #     checks against the stored policy is skipped.
+      # @!attribute [rw] bindings
+      #   @return [Array<Google::Iam::V1::Binding>]
+      #     Associates a list of `members` to a `role`. Optionally may specify a
+      #     `condition` that determines when binding is in effect.
+      #     `bindings` with no members will result in an error.
+      # @!attribute [rw] etag
+      #   @return [String]
+      #     `etag` is used for optimistic concurrency control as a way to help
+      #     prevent simultaneous updates of a policy from overwriting each other.
+      #     It is strongly suggested that systems make use of the `etag` in the
+      #     read-modify-write cycle to perform policy updates in order to avoid race
+      #     conditions: An `etag` is returned in the response to `getIamPolicy`, and
+      #     systems are expected to put that etag in the request to `setIamPolicy` to
+      #     ensure that their change will be applied to the same version of the policy.
+      #
+      #     If no `etag` is provided in the call to `setIamPolicy`, then the existing
+      #     policy is overwritten. Due to blind-set semantics of an etag-less policy,
+      #     'setIamPolicy' will not fail even if the incoming policy version does not
+      #     meet the requirements for modifying the stored policy.
+      class Policy; end
+
+      # Associates `members` with a `role`.
+      # @!attribute [rw] role
+      #   @return [String]
+      #     Role that is assigned to `members`.
+      #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      # @!attribute [rw] members
+      #   @return [Array<String>]
+      #     Specifies the identities requesting access for a Cloud Platform resource.
+      #     `members` can have the following values:
+      #
+      #     * `allUsers`: A special identifier that represents anyone who is
+      #       on the internet; with or without a Google account.
+      #
+      #     * `allAuthenticatedUsers`: A special identifier that represents anyone
+      #       who is authenticated with a Google account or a service account.
+      #
+      #     * `user:{emailid}`: An email address that represents a specific Google
+      #       account. For example, `alice@example.com` .
+      #
+      #
+      #     * `serviceAccount:{emailid}`: An email address that represents a service
+      #       account. For example, `my-other-app@appspot.gserviceaccount.com`.
+      #
+      #     * `group:{emailid}`: An email address that represents a Google group.
+      #       For example, `admins@example.com`.
+      #
+      #
+      #     * `domain:{domain}`: The G Suite domain (primary) that represents all the
+      #       users of that domain. For example, `google.com` or `example.com`.
+      # @!attribute [rw] condition
+      #   @return [Google::Type::Expr]
+      #     The condition that is associated with this binding.
+      #     NOTE: An unsatisfied condition will not allow user access via current
+      #     binding. Different bindings, including their conditions, are examined
+      #     independently.
+      class Binding; end
+    end
+  end
+end

data/lib/google/cloud/security_center/v1p1beta1/doc/google/longrunning/operations.rb

@@ -0,0 +1,51 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Longrunning
+    # This resource represents a long-running operation that is the result of a
+    # network API call.
+    # @!attribute [rw] name
+    #   @return [String]
+    #     The server-assigned name, which is only unique within the same service that
+    #     originally returns it. If you use the default HTTP mapping, the
+    #     `name` should be a resource name ending with `operations/{unique_id}`.
+    # @!attribute [rw] metadata
+    #   @return [Google::Protobuf::Any]
+    #     Service-specific metadata associated with the operation.  It typically
+    #     contains progress information and common metadata such as create time.
+    #     Some services might not provide such metadata.  Any method that returns a
+    #     long-running operation should document the metadata type, if any.
+    # @!attribute [rw] done
+    #   @return [true, false]
+    #     If the value is `false`, it means the operation is still in progress.
+    #     If `true`, the operation is completed, and either `error` or `response` is
+    #     available.
+    # @!attribute [rw] error
+    #   @return [Google::Rpc::Status]
+    #     The error result of the operation in case of failure or cancellation.
+    # @!attribute [rw] response
+    #   @return [Google::Protobuf::Any]
+    #     The normal response of the operation in case of success.  If the original
+    #     method returns no data on success, such as `Delete`, the response is
+    #     `google.protobuf.Empty`.  If the original method is standard
+    #     `Get`/`Create`/`Update`, the response should be the resource.  For other
+    #     methods, the response should have the type `XxxResponse`, where `Xxx`
+    #     is the original method name.  For example, if the original method name
+    #     is `TakeSnapshot()`, the inferred response type is
+    #     `TakeSnapshotResponse`.
+    class Operation; end
+  end
+end

data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/any.rb

@@ -0,0 +1,131 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Protobuf
+    # `Any` contains an arbitrary serialized protocol buffer message along with a
+    # URL that describes the type of the serialized message.
+    #
+    # Protobuf library provides support to pack/unpack Any values in the form
+    # of utility functions or additional generated methods of the Any type.
+    #
+    # Example 1: Pack and unpack a message in C++.
+    #
+    #     Foo foo = ...;
+    #     Any any;
+    #     any.PackFrom(foo);
+    #     ...
+    #     if (any.UnpackTo(&foo)) {
+    #       ...
+    #     }
+    #
+    # Example 2: Pack and unpack a message in Java.
+    #
+    #     Foo foo = ...;
+    #     Any any = Any.pack(foo);
+    #     ...
+    #     if (any.is(Foo.class)) {
+    #       foo = any.unpack(Foo.class);
+    #     }
+    #
+    #  Example 3: Pack and unpack a message in Python.
+    #
+    #     foo = Foo(...)
+    #     any = Any()
+    #     any.Pack(foo)
+    #     ...
+    #     if any.Is(Foo.DESCRIPTOR):
+    #       any.Unpack(foo)
+    #       ...
+    #
+    #  Example 4: Pack and unpack a message in Go
+    #
+    #      foo := &pb.Foo{...}
+    #      any, err := ptypes.MarshalAny(foo)
+    #      ...
+    #      foo := &pb.Foo{}
+    #      if err := ptypes.UnmarshalAny(any, foo); err != nil {
+    #        ...
+    #      }
+    #
+    # The pack methods provided by protobuf library will by default use
+    # 'type.googleapis.com/full.type.name' as the type URL and the unpack
+    # methods only use the fully qualified type name after the last '/'
+    # in the type URL, for example "foo.bar.com/x/y.z" will yield type
+    # name "y.z".
+    #
+    #
+    # = JSON
+    #
+    # The JSON representation of an `Any` value uses the regular
+    # representation of the deserialized, embedded message, with an
+    # additional field `@type` which contains the type URL. Example:
+    #
+    #     package google.profile;
+    #     message Person {
+    #       string first_name = 1;
+    #       string last_name = 2;
+    #     }
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.profile.Person",
+    #       "firstName": <string>,
+    #       "lastName": <string>
+    #     }
+    #
+    # If the embedded message type is well-known and has a custom JSON
+    # representation, that representation will be embedded adding a field
+    # `value` which holds the custom JSON in addition to the `@type`
+    # field. Example (for message {Google::Protobuf::Duration}):
+    #
+    #     {
+    #       "@type": "type.googleapis.com/google.protobuf.Duration",
+    #       "value": "1.212s"
+    #     }
+    # @!attribute [rw] type_url
+    #   @return [String]
+    #     A URL/resource name that uniquely identifies the type of the serialized
+    #     protocol buffer message. This string must contain at least
+    #     one "/" character. The last segment of the URL's path must represent
+    #     the fully qualified name of the type (as in
+    #     `path/google.protobuf.Duration`). The name should be in a canonical form
+    #     (e.g., leading "." is not accepted).
+    #
+    #     In practice, teams usually precompile into the binary all types that they
+    #     expect it to use in the context of Any. However, for URLs which use the
+    #     scheme `http`, `https`, or no scheme, one can optionally set up a type
+    #     server that maps type URLs to message definitions as follows:
+    #
+    #     * If no scheme is provided, `https` is assumed.
+    #     * An HTTP GET on the URL must yield a {Google::Protobuf::Type}
+    #       value in binary format, or produce an error.
+    #     * Applications are allowed to cache lookup results based on the
+    #       URL, or have them precompiled into a binary to avoid any
+    #       lookup. Therefore, binary compatibility needs to be preserved
+    #       on changes to types. (Use versioned type names to manage
+    #       breaking changes.)
+    #
+    #     Note: this functionality is not currently available in the official
+    #     protobuf release, and it is not used for type URLs beginning with
+    #     type.googleapis.com.
+    #
+    #     Schemes other than `http`, `https` (or the empty scheme) might be
+    #     used with implementation specific semantics.
+    # @!attribute [rw] value
+    #   @return [String]
+    #     Must be a valid serialized protocol buffer of the above specified type.
+    class Any; end
+  end
+end