google-cloud-security_center 0.5.1 → 0.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/lib/google/cloud/security_center/v1p1beta1.rb +149 -0
  3. data/lib/google/cloud/security_center/v1p1beta1/asset_pb.rb +41 -0
  4. data/lib/google/cloud/security_center/v1p1beta1/credentials.rb +41 -0
  5. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/asset.rb +105 -0
  6. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/finding.rb +96 -0
  7. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/notification_config.rb +87 -0
  8. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/organization_settings.rb +72 -0
  9. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/security_marks.rb +45 -0
  10. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/securitycenter_service.rb +923 -0
  11. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/source.rb +49 -0
  12. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/iam_policy.rb +64 -0
  13. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/options.rb +33 -0
  14. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/policy.rb +151 -0
  15. data/lib/google/cloud/security_center/v1p1beta1/doc/google/longrunning/operations.rb +51 -0
  16. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/any.rb +131 -0
  17. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/duration.rb +91 -0
  18. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/empty.rb +29 -0
  19. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/field_mask.rb +222 -0
  20. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/struct.rb +74 -0
  21. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/timestamp.rb +113 -0
  22. data/lib/google/cloud/security_center/v1p1beta1/doc/google/rpc/status.rb +39 -0
  23. data/lib/google/cloud/security_center/v1p1beta1/doc/google/type/expr.rb +45 -0
  24. data/lib/google/cloud/security_center/v1p1beta1/finding_pb.rb +36 -0
  25. data/lib/google/cloud/security_center/v1p1beta1/helpers.rb +71 -0
  26. data/lib/google/cloud/security_center/v1p1beta1/notification_config_pb.rb +34 -0
  27. data/lib/google/cloud/security_center/v1p1beta1/notification_message_pb.rb +21 -0
  28. data/lib/google/cloud/security_center/v1p1beta1/organization_settings_pb.rb +30 -0
  29. data/lib/google/cloud/security_center/v1p1beta1/run_asset_discovery_response_pb.rb +25 -0
  30. data/lib/google/cloud/security_center/v1p1beta1/security_center_client.rb +2090 -0
  31. data/lib/google/cloud/security_center/v1p1beta1/security_center_client_config.json +141 -0
  32. data/lib/google/cloud/security_center/v1p1beta1/security_marks_pb.rb +18 -0
  33. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_pb.rb +234 -0
  34. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_services_pb.rb +103 -0
  35. data/lib/google/cloud/security_center/v1p1beta1/source_pb.rb +19 -0
  36. data/lib/google/cloud/security_center/version.rb +1 -1
  37. metadata +36 -2
@@ -0,0 +1,49 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Cloud
18
+ module Securitycenter
19
+ module V1p1beta1
20
+ # Cloud Security Command Center's (Cloud SCC) finding source. A finding source
21
+ # is an entity or a mechanism that can produce a finding. A source is like a
22
+ # container of findings that come from the same scanner, logger, monitor, etc.
23
+ # @!attribute [rw] name
24
+ # @return [String]
25
+ # The relative resource name of this source. See:
26
+ # https://cloud.google.com/apis/design/resource_names#relative_resource_name
27
+ # Example:
28
+ # "organizations/{organization_id}/sources/{source_id}"
29
+ # @!attribute [rw] display_name
30
+ # @return [String]
31
+ # The source's display name.
32
+ # A source's display name must be unique amongst its siblings, for example,
33
+ # two sources with the same parent can't share the same display name.
34
+ # The display name must have a length between 1 and 64 characters
35
+ # (inclusive).
36
+ # @!attribute [rw] description
37
+ # @return [String]
38
+ # The description of the source (max of 1024 characters).
39
+ # Example:
40
+ # "Cloud Security Scanner is a web security scanner for common
41
+ # vulnerabilities in App Engine applications. It can automatically
42
+ # scan and detect four common vulnerabilities, including cross-site-scripting
43
+ # (XSS), Flash injection, mixed content (HTTP in HTTPS), and
44
+ # outdated/insecure libraries."
45
+ class Source; end
46
+ end
47
+ end
48
+ end
49
+ end
@@ -0,0 +1,64 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Iam
18
+ module V1
19
+ # Request message for `SetIamPolicy` method.
20
+ # @!attribute [rw] resource
21
+ # @return [String]
22
+ # REQUIRED: The resource for which the policy is being specified.
23
+ # See the operation documentation for the appropriate value for this field.
24
+ # @!attribute [rw] policy
25
+ # @return [Google::Iam::V1::Policy]
26
+ # REQUIRED: The complete policy to be applied to the `resource`. The size of
27
+ # the policy is limited to a few 10s of KB. An empty policy is a
28
+ # valid policy but certain Cloud Platform services (such as Projects)
29
+ # might reject them.
30
+ class SetIamPolicyRequest; end
31
+
32
+ # Request message for `GetIamPolicy` method.
33
+ # @!attribute [rw] resource
34
+ # @return [String]
35
+ # REQUIRED: The resource for which the policy is being requested.
36
+ # See the operation documentation for the appropriate value for this field.
37
+ # @!attribute [rw] options
38
+ # @return [Google::Iam::V1::GetPolicyOptions]
39
+ # OPTIONAL: A `GetPolicyOptions` object for specifying options to
40
+ # `GetIamPolicy`. This field is only used by Cloud IAM.
41
+ class GetIamPolicyRequest; end
42
+
43
+ # Request message for `TestIamPermissions` method.
44
+ # @!attribute [rw] resource
45
+ # @return [String]
46
+ # REQUIRED: The resource for which the policy detail is being requested.
47
+ # See the operation documentation for the appropriate value for this field.
48
+ # @!attribute [rw] permissions
49
+ # @return [Array<String>]
50
+ # The set of permissions to check for the `resource`. Permissions with
51
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
52
+ # information see
53
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
54
+ class TestIamPermissionsRequest; end
55
+
56
+ # Response message for `TestIamPermissions` method.
57
+ # @!attribute [rw] permissions
58
+ # @return [Array<String>]
59
+ # A subset of `TestPermissionsRequest.permissions` that the caller is
60
+ # allowed.
61
+ class TestIamPermissionsResponse; end
62
+ end
63
+ end
64
+ end
@@ -0,0 +1,33 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Iam
18
+ module V1
19
+ # Encapsulates settings provided to GetIamPolicy.
20
+ # @!attribute [rw] requested_policy_version
21
+ # @return [Integer]
22
+ # Optional. The policy format version to be returned.
23
+ #
24
+ # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
25
+ # rejected.
26
+ #
27
+ # Requests for policies with any conditional bindings must specify version 3.
28
+ # Policies without any conditional bindings may specify any valid value or
29
+ # leave the field unset.
30
+ class GetPolicyOptions; end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,151 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Iam
18
+ module V1
19
+ # Defines an Identity and Access Management (IAM) policy. It is used to
20
+ # specify access control policies for Cloud Platform resources.
21
+ #
22
+ #
23
+ # A `Policy` is a collection of `bindings`. A `binding` binds one or more
24
+ # `members` to a single `role`. Members can be user accounts, service accounts,
25
+ # Google groups, and domains (such as G Suite). A `role` is a named list of
26
+ # permissions (defined by IAM or configured by users). A `binding` can
27
+ # optionally specify a `condition`, which is a logic expression that further
28
+ # constrains the role binding based on attributes about the request and/or
29
+ # target resource.
30
+ #
31
+ # **JSON Example**
32
+ #
33
+ # {
34
+ # "bindings": [
35
+ # {
36
+ # "role": "roles/resourcemanager.organizationAdmin",
37
+ # "members": [
38
+ # "user:mike@example.com",
39
+ # "group:admins@example.com",
40
+ # "domain:google.com",
41
+ # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
42
+ # ]
43
+ # },
44
+ # {
45
+ # "role": "roles/resourcemanager.organizationViewer",
46
+ # "members": ["user:eve@example.com"],
47
+ # "condition": {
48
+ # "title": "expirable access",
49
+ # "description": "Does not grant access after Sep 2020",
50
+ # "expression": "request.time <
51
+ # timestamp('2020-10-01T00:00:00.000Z')",
52
+ # }
53
+ # }
54
+ # ]
55
+ # }
56
+ #
57
+ # **YAML Example**
58
+ #
59
+ # bindings:
60
+ # * members:
61
+ # * user:mike@example.com
62
+ # * group:admins@example.com
63
+ # * domain:google.com
64
+ # * serviceAccount:my-project-id@appspot.gserviceaccount.com
65
+ # role: roles/resourcemanager.organizationAdmin
66
+ # * members:
67
+ # * user:eve@example.com
68
+ # role: roles/resourcemanager.organizationViewer
69
+ # condition:
70
+ # title: expirable access
71
+ # description: Does not grant access after Sep 2020
72
+ # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
73
+ #
74
+ # For a description of IAM and its features, see the
75
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
76
+ # @!attribute [rw] version
77
+ # @return [Integer]
78
+ # Specifies the format of the policy.
79
+ #
80
+ # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
81
+ # rejected.
82
+ #
83
+ # Operations affecting conditional bindings must specify version 3. This can
84
+ # be either setting a conditional policy, modifying a conditional binding,
85
+ # or removing a binding (conditional or unconditional) from the stored
86
+ # conditional policy.
87
+ # Operations on non-conditional policies may specify any valid value or
88
+ # leave the field unset.
89
+ #
90
+ # If no etag is provided in the call to `setIamPolicy`, version compliance
91
+ # checks against the stored policy is skipped.
92
+ # @!attribute [rw] bindings
93
+ # @return [Array<Google::Iam::V1::Binding>]
94
+ # Associates a list of `members` to a `role`. Optionally may specify a
95
+ # `condition` that determines when binding is in effect.
96
+ # `bindings` with no members will result in an error.
97
+ # @!attribute [rw] etag
98
+ # @return [String]
99
+ # `etag` is used for optimistic concurrency control as a way to help
100
+ # prevent simultaneous updates of a policy from overwriting each other.
101
+ # It is strongly suggested that systems make use of the `etag` in the
102
+ # read-modify-write cycle to perform policy updates in order to avoid race
103
+ # conditions: An `etag` is returned in the response to `getIamPolicy`, and
104
+ # systems are expected to put that etag in the request to `setIamPolicy` to
105
+ # ensure that their change will be applied to the same version of the policy.
106
+ #
107
+ # If no `etag` is provided in the call to `setIamPolicy`, then the existing
108
+ # policy is overwritten. Due to blind-set semantics of an etag-less policy,
109
+ # 'setIamPolicy' will not fail even if the incoming policy version does not
110
+ # meet the requirements for modifying the stored policy.
111
+ class Policy; end
112
+
113
+ # Associates `members` with a `role`.
114
+ # @!attribute [rw] role
115
+ # @return [String]
116
+ # Role that is assigned to `members`.
117
+ # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
118
+ # @!attribute [rw] members
119
+ # @return [Array<String>]
120
+ # Specifies the identities requesting access for a Cloud Platform resource.
121
+ # `members` can have the following values:
122
+ #
123
+ # * `allUsers`: A special identifier that represents anyone who is
124
+ # on the internet; with or without a Google account.
125
+ #
126
+ # * `allAuthenticatedUsers`: A special identifier that represents anyone
127
+ # who is authenticated with a Google account or a service account.
128
+ #
129
+ # * `user:{emailid}`: An email address that represents a specific Google
130
+ # account. For example, `alice@example.com` .
131
+ #
132
+ #
133
+ # * `serviceAccount:{emailid}`: An email address that represents a service
134
+ # account. For example, `my-other-app@appspot.gserviceaccount.com`.
135
+ #
136
+ # * `group:{emailid}`: An email address that represents a Google group.
137
+ # For example, `admins@example.com`.
138
+ #
139
+ #
140
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
141
+ # users of that domain. For example, `google.com` or `example.com`.
142
+ # @!attribute [rw] condition
143
+ # @return [Google::Type::Expr]
144
+ # The condition that is associated with this binding.
145
+ # NOTE: An unsatisfied condition will not allow user access via current
146
+ # binding. Different bindings, including their conditions, are examined
147
+ # independently.
148
+ class Binding; end
149
+ end
150
+ end
151
+ end
@@ -0,0 +1,51 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Longrunning
18
+ # This resource represents a long-running operation that is the result of a
19
+ # network API call.
20
+ # @!attribute [rw] name
21
+ # @return [String]
22
+ # The server-assigned name, which is only unique within the same service that
23
+ # originally returns it. If you use the default HTTP mapping, the
24
+ # `name` should be a resource name ending with `operations/{unique_id}`.
25
+ # @!attribute [rw] metadata
26
+ # @return [Google::Protobuf::Any]
27
+ # Service-specific metadata associated with the operation. It typically
28
+ # contains progress information and common metadata such as create time.
29
+ # Some services might not provide such metadata. Any method that returns a
30
+ # long-running operation should document the metadata type, if any.
31
+ # @!attribute [rw] done
32
+ # @return [true, false]
33
+ # If the value is `false`, it means the operation is still in progress.
34
+ # If `true`, the operation is completed, and either `error` or `response` is
35
+ # available.
36
+ # @!attribute [rw] error
37
+ # @return [Google::Rpc::Status]
38
+ # The error result of the operation in case of failure or cancellation.
39
+ # @!attribute [rw] response
40
+ # @return [Google::Protobuf::Any]
41
+ # The normal response of the operation in case of success. If the original
42
+ # method returns no data on success, such as `Delete`, the response is
43
+ # `google.protobuf.Empty`. If the original method is standard
44
+ # `Get`/`Create`/`Update`, the response should be the resource. For other
45
+ # methods, the response should have the type `XxxResponse`, where `Xxx`
46
+ # is the original method name. For example, if the original method name
47
+ # is `TakeSnapshot()`, the inferred response type is
48
+ # `TakeSnapshotResponse`.
49
+ class Operation; end
50
+ end
51
+ end
@@ -0,0 +1,131 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Protobuf
18
+ # `Any` contains an arbitrary serialized protocol buffer message along with a
19
+ # URL that describes the type of the serialized message.
20
+ #
21
+ # Protobuf library provides support to pack/unpack Any values in the form
22
+ # of utility functions or additional generated methods of the Any type.
23
+ #
24
+ # Example 1: Pack and unpack a message in C++.
25
+ #
26
+ # Foo foo = ...;
27
+ # Any any;
28
+ # any.PackFrom(foo);
29
+ # ...
30
+ # if (any.UnpackTo(&foo)) {
31
+ # ...
32
+ # }
33
+ #
34
+ # Example 2: Pack and unpack a message in Java.
35
+ #
36
+ # Foo foo = ...;
37
+ # Any any = Any.pack(foo);
38
+ # ...
39
+ # if (any.is(Foo.class)) {
40
+ # foo = any.unpack(Foo.class);
41
+ # }
42
+ #
43
+ # Example 3: Pack and unpack a message in Python.
44
+ #
45
+ # foo = Foo(...)
46
+ # any = Any()
47
+ # any.Pack(foo)
48
+ # ...
49
+ # if any.Is(Foo.DESCRIPTOR):
50
+ # any.Unpack(foo)
51
+ # ...
52
+ #
53
+ # Example 4: Pack and unpack a message in Go
54
+ #
55
+ # foo := &pb.Foo{...}
56
+ # any, err := ptypes.MarshalAny(foo)
57
+ # ...
58
+ # foo := &pb.Foo{}
59
+ # if err := ptypes.UnmarshalAny(any, foo); err != nil {
60
+ # ...
61
+ # }
62
+ #
63
+ # The pack methods provided by protobuf library will by default use
64
+ # 'type.googleapis.com/full.type.name' as the type URL and the unpack
65
+ # methods only use the fully qualified type name after the last '/'
66
+ # in the type URL, for example "foo.bar.com/x/y.z" will yield type
67
+ # name "y.z".
68
+ #
69
+ #
70
+ # = JSON
71
+ #
72
+ # The JSON representation of an `Any` value uses the regular
73
+ # representation of the deserialized, embedded message, with an
74
+ # additional field `@type` which contains the type URL. Example:
75
+ #
76
+ # package google.profile;
77
+ # message Person {
78
+ # string first_name = 1;
79
+ # string last_name = 2;
80
+ # }
81
+ #
82
+ # {
83
+ # "@type": "type.googleapis.com/google.profile.Person",
84
+ # "firstName": <string>,
85
+ # "lastName": <string>
86
+ # }
87
+ #
88
+ # If the embedded message type is well-known and has a custom JSON
89
+ # representation, that representation will be embedded adding a field
90
+ # `value` which holds the custom JSON in addition to the `@type`
91
+ # field. Example (for message {Google::Protobuf::Duration}):
92
+ #
93
+ # {
94
+ # "@type": "type.googleapis.com/google.protobuf.Duration",
95
+ # "value": "1.212s"
96
+ # }
97
+ # @!attribute [rw] type_url
98
+ # @return [String]
99
+ # A URL/resource name that uniquely identifies the type of the serialized
100
+ # protocol buffer message. This string must contain at least
101
+ # one "/" character. The last segment of the URL's path must represent
102
+ # the fully qualified name of the type (as in
103
+ # `path/google.protobuf.Duration`). The name should be in a canonical form
104
+ # (e.g., leading "." is not accepted).
105
+ #
106
+ # In practice, teams usually precompile into the binary all types that they
107
+ # expect it to use in the context of Any. However, for URLs which use the
108
+ # scheme `http`, `https`, or no scheme, one can optionally set up a type
109
+ # server that maps type URLs to message definitions as follows:
110
+ #
111
+ # * If no scheme is provided, `https` is assumed.
112
+ # * An HTTP GET on the URL must yield a {Google::Protobuf::Type}
113
+ # value in binary format, or produce an error.
114
+ # * Applications are allowed to cache lookup results based on the
115
+ # URL, or have them precompiled into a binary to avoid any
116
+ # lookup. Therefore, binary compatibility needs to be preserved
117
+ # on changes to types. (Use versioned type names to manage
118
+ # breaking changes.)
119
+ #
120
+ # Note: this functionality is not currently available in the official
121
+ # protobuf release, and it is not used for type URLs beginning with
122
+ # type.googleapis.com.
123
+ #
124
+ # Schemes other than `http`, `https` (or the empty scheme) might be
125
+ # used with implementation specific semantics.
126
+ # @!attribute [rw] value
127
+ # @return [String]
128
+ # Must be a valid serialized protocol buffer of the above specified type.
129
+ class Any; end
130
+ end
131
+ end