google-cloud-security_center 0.5.1 → 0.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/lib/google/cloud/security_center/v1p1beta1.rb +149 -0
  3. data/lib/google/cloud/security_center/v1p1beta1/asset_pb.rb +41 -0
  4. data/lib/google/cloud/security_center/v1p1beta1/credentials.rb +41 -0
  5. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/asset.rb +105 -0
  6. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/finding.rb +96 -0
  7. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/notification_config.rb +87 -0
  8. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/organization_settings.rb +72 -0
  9. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/security_marks.rb +45 -0
  10. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/securitycenter_service.rb +923 -0
  11. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/source.rb +49 -0
  12. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/iam_policy.rb +64 -0
  13. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/options.rb +33 -0
  14. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/policy.rb +151 -0
  15. data/lib/google/cloud/security_center/v1p1beta1/doc/google/longrunning/operations.rb +51 -0
  16. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/any.rb +131 -0
  17. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/duration.rb +91 -0
  18. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/empty.rb +29 -0
  19. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/field_mask.rb +222 -0
  20. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/struct.rb +74 -0
  21. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/timestamp.rb +113 -0
  22. data/lib/google/cloud/security_center/v1p1beta1/doc/google/rpc/status.rb +39 -0
  23. data/lib/google/cloud/security_center/v1p1beta1/doc/google/type/expr.rb +45 -0
  24. data/lib/google/cloud/security_center/v1p1beta1/finding_pb.rb +36 -0
  25. data/lib/google/cloud/security_center/v1p1beta1/helpers.rb +71 -0
  26. data/lib/google/cloud/security_center/v1p1beta1/notification_config_pb.rb +34 -0
  27. data/lib/google/cloud/security_center/v1p1beta1/notification_message_pb.rb +21 -0
  28. data/lib/google/cloud/security_center/v1p1beta1/organization_settings_pb.rb +30 -0
  29. data/lib/google/cloud/security_center/v1p1beta1/run_asset_discovery_response_pb.rb +25 -0
  30. data/lib/google/cloud/security_center/v1p1beta1/security_center_client.rb +2090 -0
  31. data/lib/google/cloud/security_center/v1p1beta1/security_center_client_config.json +141 -0
  32. data/lib/google/cloud/security_center/v1p1beta1/security_marks_pb.rb +18 -0
  33. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_pb.rb +234 -0
  34. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_services_pb.rb +103 -0
  35. data/lib/google/cloud/security_center/v1p1beta1/source_pb.rb +19 -0
  36. data/lib/google/cloud/security_center/version.rb +1 -1
  37. metadata +36 -2
@@ -0,0 +1,39 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Rpc
18
+ # The `Status` type defines a logical error model that is suitable for
19
+ # different programming environments, including REST APIs and RPC APIs. It is
20
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
21
+ # three pieces of data: error code, error message, and error details.
22
+ #
23
+ # You can find out more about this error model and how to work with it in the
24
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
25
+ # @!attribute [rw] code
26
+ # @return [Integer]
27
+ # The status code, which should be an enum value of {Google::Rpc::Code}.
28
+ # @!attribute [rw] message
29
+ # @return [String]
30
+ # A developer-facing error message, which should be in English. Any
31
+ # user-facing error message should be localized and sent in the
32
+ # {Google::Rpc::Status#details} field, or localized by the client.
33
+ # @!attribute [rw] details
34
+ # @return [Array<Google::Protobuf::Any>]
35
+ # A list of messages that carry the error details. There is a common set of
36
+ # message types for APIs to use.
37
+ class Status; end
38
+ end
39
+ end
@@ -0,0 +1,45 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
15
+
16
+ module Google
17
+ module Type
18
+ # Represents an expression text. Example:
19
+ #
20
+ # title: "User account presence"
21
+ # description: "Determines whether the request has a user account"
22
+ # expression: "size(request.user) > 0"
23
+ # @!attribute [rw] expression
24
+ # @return [String]
25
+ # Textual representation of an expression in
26
+ # Common Expression Language syntax.
27
+ #
28
+ # The application context of the containing message determines which
29
+ # well-known feature set of CEL is supported.
30
+ # @!attribute [rw] title
31
+ # @return [String]
32
+ # An optional title for the expression, i.e. a short string describing
33
+ # its purpose. This can be used e.g. in UIs which allow to enter the
34
+ # expression.
35
+ # @!attribute [rw] description
36
+ # @return [String]
37
+ # An optional description of the expression. This is a longer text which
38
+ # describes the expression, e.g. when hovered over it in a UI.
39
+ # @!attribute [rw] location
40
+ # @return [String]
41
+ # An optional string indicating the location of the expression for error
42
+ # reporting, e.g. a file name and a position in the file.
43
+ class Expr; end
44
+ end
45
+ end
@@ -0,0 +1,36 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/security_center/v1p1beta1/finding.proto
3
+
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ require 'google/api/field_behavior_pb'
9
+ require 'google/api/resource_pb'
10
+ require 'google/cloud/security_center/v1p1beta1/security_marks_pb'
11
+ require 'google/protobuf/struct_pb'
12
+ require 'google/protobuf/timestamp_pb'
13
+ Google::Protobuf::DescriptorPool.generated_pool.build do
14
+ add_message "google.cloud.securitycenter.v1p1beta1.Finding" do
15
+ optional :name, :string, 1
16
+ optional :parent, :string, 2
17
+ optional :resource_name, :string, 3
18
+ optional :state, :enum, 4, "google.cloud.securitycenter.v1p1beta1.Finding.State"
19
+ optional :category, :string, 5
20
+ optional :external_uri, :string, 6
21
+ map :source_properties, :string, :message, 7, "google.protobuf.Value"
22
+ optional :security_marks, :message, 8, "google.cloud.securitycenter.v1p1beta1.SecurityMarks"
23
+ optional :event_time, :message, 9, "google.protobuf.Timestamp"
24
+ optional :create_time, :message, 10, "google.protobuf.Timestamp"
25
+ end
26
+ add_enum "google.cloud.securitycenter.v1p1beta1.Finding.State" do
27
+ value :STATE_UNSPECIFIED, 0
28
+ value :ACTIVE, 1
29
+ value :INACTIVE, 2
30
+ end
31
+ end
32
+
33
+ module Google::Cloud::SecurityCenter::V1p1beta1
34
+ Finding = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.Finding").msgclass
35
+ Finding::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.Finding.State").enummodule
36
+ end
@@ -0,0 +1,71 @@
1
+ # Copyright 2019 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # # limitations under the License.
14
+
15
+ module Google
16
+ module Cloud
17
+ module SecurityCenter
18
+ module V1p1beta1
19
+ class SecurityCenterClient
20
+
21
+ # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.finding_path.
22
+ # @param organization [String]
23
+ # @param source [String]
24
+ # @param finding [String]
25
+ # @return [String]
26
+ def finding_path organization, source, finding
27
+ self.class.finding_path organization, source, finding
28
+ end
29
+
30
+ # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.notification_config_path.
31
+ # @param organization [String]
32
+ # @param notification_config [String]
33
+ # @return [String]
34
+ def notification_config_path organization, notification_config
35
+ self.class.notification_config_path organization, notification_config
36
+ end
37
+
38
+ # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path.
39
+ # @param organization [String]
40
+ # @return [String]
41
+ def organization_path organization
42
+ self.class.organization_path organization
43
+ end
44
+
45
+ # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_settings_path.
46
+ # @param organization [String]
47
+ # @return [String]
48
+ def organization_settings_path organization
49
+ self.class.organization_settings_path organization
50
+ end
51
+
52
+ # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path.
53
+ # @param organization [String]
54
+ # @param source [String]
55
+ # @return [String]
56
+ def source_path organization, source
57
+ self.class.source_path organization, source
58
+ end
59
+
60
+ # Alias for Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.topic_path.
61
+ # @param project [String]
62
+ # @param topic [String]
63
+ # @return [String]
64
+ def topic_path project, topic
65
+ self.class.topic_path project, topic
66
+ end
67
+ end
68
+ end
69
+ end
70
+ end
71
+ end
@@ -0,0 +1,34 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/security_center/v1p1beta1/notification_config.proto
3
+
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ require 'google/api/field_behavior_pb'
9
+ require 'google/api/resource_pb'
10
+ Google::Protobuf::DescriptorPool.generated_pool.build do
11
+ add_message "google.cloud.securitycenter.v1p1beta1.NotificationConfig" do
12
+ optional :name, :string, 1
13
+ optional :description, :string, 2
14
+ optional :event_type, :enum, 3, "google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType"
15
+ optional :pubsub_topic, :string, 4
16
+ optional :service_account, :string, 5
17
+ oneof :notify_config do
18
+ optional :streaming_config, :message, 6, "google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig"
19
+ end
20
+ end
21
+ add_message "google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig" do
22
+ optional :filter, :string, 1
23
+ end
24
+ add_enum "google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType" do
25
+ value :EVENT_TYPE_UNSPECIFIED, 0
26
+ value :FINDING, 1
27
+ end
28
+ end
29
+
30
+ module Google::Cloud::SecurityCenter::V1p1beta1
31
+ NotificationConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationConfig").msgclass
32
+ NotificationConfig::StreamingConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig").msgclass
33
+ NotificationConfig::EventType = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType").enummodule
34
+ end
@@ -0,0 +1,21 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/security_center/v1p1beta1/notification_message.proto
3
+
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ require 'google/cloud/security_center/v1p1beta1/asset_pb'
9
+ require 'google/cloud/security_center/v1p1beta1/finding_pb'
10
+ Google::Protobuf::DescriptorPool.generated_pool.build do
11
+ add_message "google.cloud.securitycenter.v1p1beta1.NotificationMessage" do
12
+ optional :notification_config_name, :string, 1
13
+ oneof :event do
14
+ optional :finding, :message, 2, "google.cloud.securitycenter.v1p1beta1.Finding"
15
+ end
16
+ end
17
+ end
18
+
19
+ module Google::Cloud::SecurityCenter::V1p1beta1
20
+ NotificationMessage = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.NotificationMessage").msgclass
21
+ end
@@ -0,0 +1,30 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/security_center/v1p1beta1/organization_settings.proto
3
+
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ require 'google/api/resource_pb'
9
+ Google::Protobuf::DescriptorPool.generated_pool.build do
10
+ add_message "google.cloud.securitycenter.v1p1beta1.OrganizationSettings" do
11
+ optional :name, :string, 1
12
+ optional :enable_asset_discovery, :bool, 2
13
+ optional :asset_discovery_config, :message, 3, "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig"
14
+ end
15
+ add_message "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig" do
16
+ repeated :project_ids, :string, 1
17
+ optional :inclusion_mode, :enum, 2, "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"
18
+ end
19
+ add_enum "google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode" do
20
+ value :INCLUSION_MODE_UNSPECIFIED, 0
21
+ value :INCLUDE_ONLY, 1
22
+ value :EXCLUDE, 2
23
+ end
24
+ end
25
+
26
+ module Google::Cloud::SecurityCenter::V1p1beta1
27
+ OrganizationSettings = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.OrganizationSettings").msgclass
28
+ OrganizationSettings::AssetDiscoveryConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig").msgclass
29
+ OrganizationSettings::AssetDiscoveryConfig::InclusionMode = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode").enummodule
30
+ end
@@ -0,0 +1,25 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: google/cloud/security_center/v1p1beta1/run_asset_discovery_response.proto
3
+
4
+
5
+ require 'google/protobuf'
6
+
7
+ require 'google/api/annotations_pb'
8
+ require 'google/protobuf/duration_pb'
9
+ Google::Protobuf::DescriptorPool.generated_pool.build do
10
+ add_message "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse" do
11
+ optional :state, :enum, 1, "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State"
12
+ optional :duration, :message, 2, "google.protobuf.Duration"
13
+ end
14
+ add_enum "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State" do
15
+ value :STATE_UNSPECIFIED, 0
16
+ value :COMPLETED, 1
17
+ value :SUPERSEDED, 2
18
+ value :TERMINATED, 3
19
+ end
20
+ end
21
+
22
+ module Google::Cloud::SecurityCenter::V1p1beta1
23
+ RunAssetDiscoveryResponse = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse").msgclass
24
+ RunAssetDiscoveryResponse::State = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State").enummodule
25
+ end
@@ -0,0 +1,2090 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # https://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+ #
15
+ # EDITING INSTRUCTIONS
16
+ # This file was generated from the file
17
+ # https://github.com/googleapis/googleapis/blob/master/google/cloud/security_center/v1p1beta1/securitycenter_service.proto,
18
+ # and updates to that file get reflected here through a refresh process.
19
+ # For the short term, the refresh process will only be runnable by Google
20
+ # engineers.
21
+
22
+
23
+ require "json"
24
+ require "pathname"
25
+
26
+ require "google/gax"
27
+ require "google/gax/operation"
28
+ require "google/longrunning/operations_client"
29
+
30
+ require "google/cloud/security_center/v1p1beta1/securitycenter_service_pb"
31
+ require "google/cloud/security_center/v1/run_asset_discovery_response_pb"
32
+ require "google/cloud/security_center/v1p1beta1/credentials"
33
+ require "google/cloud/security_center/version"
34
+
35
+ module Google
36
+ module Cloud
37
+ module SecurityCenter
38
+ module V1p1beta1
39
+ # V1p1Beta1 APIs for Security Center service.
40
+ #
41
+ # @!attribute [r] security_center_stub
42
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Stub]
43
+ class SecurityCenterClient
44
+ # @private
45
+ attr_reader :security_center_stub
46
+
47
+ # The default address of the service.
48
+ SERVICE_ADDRESS = "securitycenter.googleapis.com".freeze
49
+
50
+ # The default port of the service.
51
+ DEFAULT_SERVICE_PORT = 443
52
+
53
+ # The default set of gRPC interceptors.
54
+ GRPC_INTERCEPTORS = []
55
+
56
+ DEFAULT_TIMEOUT = 30
57
+
58
+ PAGE_DESCRIPTORS = {
59
+ "group_assets" => Google::Gax::PageDescriptor.new(
60
+ "page_token",
61
+ "next_page_token",
62
+ "group_by_results"),
63
+ "group_findings" => Google::Gax::PageDescriptor.new(
64
+ "page_token",
65
+ "next_page_token",
66
+ "group_by_results"),
67
+ "list_assets" => Google::Gax::PageDescriptor.new(
68
+ "page_token",
69
+ "next_page_token",
70
+ "list_assets_results"),
71
+ "list_findings" => Google::Gax::PageDescriptor.new(
72
+ "page_token",
73
+ "next_page_token",
74
+ "list_findings_results"),
75
+ "list_notification_configs" => Google::Gax::PageDescriptor.new(
76
+ "page_token",
77
+ "next_page_token",
78
+ "notification_configs"),
79
+ "list_sources" => Google::Gax::PageDescriptor.new(
80
+ "page_token",
81
+ "next_page_token",
82
+ "sources")
83
+ }.freeze
84
+
85
+ private_constant :PAGE_DESCRIPTORS
86
+
87
+ # The scopes needed to make gRPC calls to all of the methods defined in
88
+ # this service.
89
+ ALL_SCOPES = [
90
+ "https://www.googleapis.com/auth/cloud-platform"
91
+ ].freeze
92
+
93
+ class OperationsClient < Google::Longrunning::OperationsClient
94
+ self::SERVICE_ADDRESS = SecurityCenterClient::SERVICE_ADDRESS
95
+ self::GRPC_INTERCEPTORS = SecurityCenterClient::GRPC_INTERCEPTORS
96
+ end
97
+
98
+ FINDING_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
99
+ "organizations/{organization}/sources/{source}/findings/{finding}"
100
+ )
101
+
102
+ private_constant :FINDING_PATH_TEMPLATE
103
+
104
+ NOTIFICATION_CONFIG_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
105
+ "organizations/{organization}/notificationConfigs/{notification_config}"
106
+ )
107
+
108
+ private_constant :NOTIFICATION_CONFIG_PATH_TEMPLATE
109
+
110
+ ORGANIZATION_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
111
+ "organizations/{organization}"
112
+ )
113
+
114
+ private_constant :ORGANIZATION_PATH_TEMPLATE
115
+
116
+ ORGANIZATION_SETTINGS_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
117
+ "organizations/{organization}/organizationSettings"
118
+ )
119
+
120
+ private_constant :ORGANIZATION_SETTINGS_PATH_TEMPLATE
121
+
122
+ SOURCE_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
123
+ "organizations/{organization}/sources/{source}"
124
+ )
125
+
126
+ private_constant :SOURCE_PATH_TEMPLATE
127
+
128
+ TOPIC_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
129
+ "projects/{project}/topics/{topic}"
130
+ )
131
+
132
+ private_constant :TOPIC_PATH_TEMPLATE
133
+
134
+ # Returns a fully-qualified finding resource name string.
135
+ # @param organization [String]
136
+ # @param source [String]
137
+ # @param finding [String]
138
+ # @return [String]
139
+ def self.finding_path organization, source, finding
140
+ FINDING_PATH_TEMPLATE.render(
141
+ :"organization" => organization,
142
+ :"source" => source,
143
+ :"finding" => finding
144
+ )
145
+ end
146
+
147
+ # Returns a fully-qualified notification_config resource name string.
148
+ # @param organization [String]
149
+ # @param notification_config [String]
150
+ # @return [String]
151
+ def self.notification_config_path organization, notification_config
152
+ NOTIFICATION_CONFIG_PATH_TEMPLATE.render(
153
+ :"organization" => organization,
154
+ :"notification_config" => notification_config
155
+ )
156
+ end
157
+
158
+ # Returns a fully-qualified organization resource name string.
159
+ # @param organization [String]
160
+ # @return [String]
161
+ def self.organization_path organization
162
+ ORGANIZATION_PATH_TEMPLATE.render(
163
+ :"organization" => organization
164
+ )
165
+ end
166
+
167
+ # Returns a fully-qualified organization_settings resource name string.
168
+ # @param organization [String]
169
+ # @return [String]
170
+ def self.organization_settings_path organization
171
+ ORGANIZATION_SETTINGS_PATH_TEMPLATE.render(
172
+ :"organization" => organization
173
+ )
174
+ end
175
+
176
+ # Returns a fully-qualified source resource name string.
177
+ # @param organization [String]
178
+ # @param source [String]
179
+ # @return [String]
180
+ def self.source_path organization, source
181
+ SOURCE_PATH_TEMPLATE.render(
182
+ :"organization" => organization,
183
+ :"source" => source
184
+ )
185
+ end
186
+
187
+ # Returns a fully-qualified topic resource name string.
188
+ # @param project [String]
189
+ # @param topic [String]
190
+ # @return [String]
191
+ def self.topic_path project, topic
192
+ TOPIC_PATH_TEMPLATE.render(
193
+ :"project" => project,
194
+ :"topic" => topic
195
+ )
196
+ end
197
+
198
+ # @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
199
+ # Provides the means for authenticating requests made by the client. This parameter can
200
+ # be many types.
201
+ # A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
202
+ # authenticating requests made by this client.
203
+ # A `String` will be treated as the path to the keyfile to be used for the construction of
204
+ # credentials for this client.
205
+ # A `Hash` will be treated as the contents of a keyfile to be used for the construction of
206
+ # credentials for this client.
207
+ # A `GRPC::Core::Channel` will be used to make calls through.
208
+ # A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
209
+ # should already be composed with a `GRPC::Core::CallCredentials` object.
210
+ # A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
211
+ # metadata for requests, generally, to give OAuth credentials.
212
+ # @param scopes [Array<String>]
213
+ # The OAuth scopes for this service. This parameter is ignored if
214
+ # an updater_proc is supplied.
215
+ # @param client_config [Hash]
216
+ # A Hash for call options for each method. See
217
+ # Google::Gax#construct_settings for the structure of
218
+ # this data. Falls back to the default config if not specified
219
+ # or the specified config is missing data points.
220
+ # @param timeout [Numeric]
221
+ # The default timeout, in seconds, for calls made through this client.
222
+ # @param metadata [Hash]
223
+ # Default metadata to be sent with each request. This can be overridden on a per call basis.
224
+ # @param service_address [String]
225
+ # Override for the service hostname, or `nil` to leave as the default.
226
+ # @param service_port [Integer]
227
+ # Override for the service port, or `nil` to leave as the default.
228
+ # @param exception_transformer [Proc]
229
+ # An optional proc that intercepts any exceptions raised during an API call to inject
230
+ # custom error handling.
231
+ def initialize \
232
+ credentials: nil,
233
+ scopes: ALL_SCOPES,
234
+ client_config: {},
235
+ timeout: DEFAULT_TIMEOUT,
236
+ metadata: nil,
237
+ service_address: nil,
238
+ service_port: nil,
239
+ exception_transformer: nil,
240
+ lib_name: nil,
241
+ lib_version: ""
242
+ # These require statements are intentionally placed here to initialize
243
+ # the gRPC module only when it's required.
244
+ # See https://github.com/googleapis/toolkit/issues/446
245
+ require "google/gax/grpc"
246
+ require "google/cloud/security_center/v1p1beta1/securitycenter_service_services_pb"
247
+
248
+ credentials ||= Google::Cloud::SecurityCenter::V1p1beta1::Credentials.default
249
+
250
+ @operations_client = OperationsClient.new(
251
+ credentials: credentials,
252
+ scopes: scopes,
253
+ client_config: client_config,
254
+ timeout: timeout,
255
+ lib_name: lib_name,
256
+ service_address: service_address,
257
+ service_port: service_port,
258
+ lib_version: lib_version,
259
+ metadata: metadata,
260
+ )
261
+
262
+ if credentials.is_a?(String) || credentials.is_a?(Hash)
263
+ updater_proc = Google::Cloud::SecurityCenter::V1p1beta1::Credentials.new(credentials).updater_proc
264
+ end
265
+ if credentials.is_a?(GRPC::Core::Channel)
266
+ channel = credentials
267
+ end
268
+ if credentials.is_a?(GRPC::Core::ChannelCredentials)
269
+ chan_creds = credentials
270
+ end
271
+ if credentials.is_a?(Proc)
272
+ updater_proc = credentials
273
+ end
274
+ if credentials.is_a?(Google::Auth::Credentials)
275
+ updater_proc = credentials.updater_proc
276
+ end
277
+
278
+ package_version = Google::Cloud::SecurityCenter::VERSION
279
+
280
+ google_api_client = "gl-ruby/#{RUBY_VERSION}"
281
+ google_api_client << " #{lib_name}/#{lib_version}" if lib_name
282
+ google_api_client << " gapic/#{package_version} gax/#{Google::Gax::VERSION}"
283
+ google_api_client << " grpc/#{GRPC::VERSION}"
284
+ google_api_client.freeze
285
+
286
+ headers = { :"x-goog-api-client" => google_api_client }
287
+ headers.merge!(metadata) unless metadata.nil?
288
+ client_config_file = Pathname.new(__dir__).join(
289
+ "security_center_client_config.json"
290
+ )
291
+ defaults = client_config_file.open do |f|
292
+ Google::Gax.construct_settings(
293
+ "google.cloud.securitycenter.v1p1beta1.SecurityCenter",
294
+ JSON.parse(f.read),
295
+ client_config,
296
+ Google::Gax::Grpc::STATUS_CODE_NAMES,
297
+ timeout,
298
+ page_descriptors: PAGE_DESCRIPTORS,
299
+ errors: Google::Gax::Grpc::API_ERRORS,
300
+ metadata: headers
301
+ )
302
+ end
303
+
304
+ # Allow overriding the service path/port in subclasses.
305
+ service_path = service_address || self.class::SERVICE_ADDRESS
306
+ port = service_port || self.class::DEFAULT_SERVICE_PORT
307
+ interceptors = self.class::GRPC_INTERCEPTORS
308
+ @security_center_stub = Google::Gax::Grpc.create_stub(
309
+ service_path,
310
+ port,
311
+ chan_creds: chan_creds,
312
+ channel: channel,
313
+ updater_proc: updater_proc,
314
+ scopes: scopes,
315
+ interceptors: interceptors,
316
+ &Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenter::Stub.method(:new)
317
+ )
318
+
319
+ @create_source = Google::Gax.create_api_call(
320
+ @security_center_stub.method(:create_source),
321
+ defaults["create_source"],
322
+ exception_transformer: exception_transformer,
323
+ params_extractor: proc do |request|
324
+ {'parent' => request.parent}
325
+ end
326
+ )
327
+ @create_finding = Google::Gax.create_api_call(
328
+ @security_center_stub.method(:create_finding),
329
+ defaults["create_finding"],
330
+ exception_transformer: exception_transformer,
331
+ params_extractor: proc do |request|
332
+ {'parent' => request.parent}
333
+ end
334
+ )
335
+ @create_notification_config = Google::Gax.create_api_call(
336
+ @security_center_stub.method(:create_notification_config),
337
+ defaults["create_notification_config"],
338
+ exception_transformer: exception_transformer,
339
+ params_extractor: proc do |request|
340
+ {'parent' => request.parent}
341
+ end
342
+ )
343
+ @delete_notification_config = Google::Gax.create_api_call(
344
+ @security_center_stub.method(:delete_notification_config),
345
+ defaults["delete_notification_config"],
346
+ exception_transformer: exception_transformer,
347
+ params_extractor: proc do |request|
348
+ {'name' => request.name}
349
+ end
350
+ )
351
+ @get_iam_policy = Google::Gax.create_api_call(
352
+ @security_center_stub.method(:get_iam_policy),
353
+ defaults["get_iam_policy"],
354
+ exception_transformer: exception_transformer,
355
+ params_extractor: proc do |request|
356
+ {'resource' => request.resource}
357
+ end
358
+ )
359
+ @get_notification_config = Google::Gax.create_api_call(
360
+ @security_center_stub.method(:get_notification_config),
361
+ defaults["get_notification_config"],
362
+ exception_transformer: exception_transformer,
363
+ params_extractor: proc do |request|
364
+ {'name' => request.name}
365
+ end
366
+ )
367
+ @get_organization_settings = Google::Gax.create_api_call(
368
+ @security_center_stub.method(:get_organization_settings),
369
+ defaults["get_organization_settings"],
370
+ exception_transformer: exception_transformer,
371
+ params_extractor: proc do |request|
372
+ {'name' => request.name}
373
+ end
374
+ )
375
+ @get_source = Google::Gax.create_api_call(
376
+ @security_center_stub.method(:get_source),
377
+ defaults["get_source"],
378
+ exception_transformer: exception_transformer,
379
+ params_extractor: proc do |request|
380
+ {'name' => request.name}
381
+ end
382
+ )
383
+ @group_assets = Google::Gax.create_api_call(
384
+ @security_center_stub.method(:group_assets),
385
+ defaults["group_assets"],
386
+ exception_transformer: exception_transformer,
387
+ params_extractor: proc do |request|
388
+ {'parent' => request.parent}
389
+ end
390
+ )
391
+ @group_findings = Google::Gax.create_api_call(
392
+ @security_center_stub.method(:group_findings),
393
+ defaults["group_findings"],
394
+ exception_transformer: exception_transformer,
395
+ params_extractor: proc do |request|
396
+ {'parent' => request.parent}
397
+ end
398
+ )
399
+ @list_assets = Google::Gax.create_api_call(
400
+ @security_center_stub.method(:list_assets),
401
+ defaults["list_assets"],
402
+ exception_transformer: exception_transformer,
403
+ params_extractor: proc do |request|
404
+ {'parent' => request.parent}
405
+ end
406
+ )
407
+ @list_findings = Google::Gax.create_api_call(
408
+ @security_center_stub.method(:list_findings),
409
+ defaults["list_findings"],
410
+ exception_transformer: exception_transformer,
411
+ params_extractor: proc do |request|
412
+ {'parent' => request.parent}
413
+ end
414
+ )
415
+ @list_notification_configs = Google::Gax.create_api_call(
416
+ @security_center_stub.method(:list_notification_configs),
417
+ defaults["list_notification_configs"],
418
+ exception_transformer: exception_transformer,
419
+ params_extractor: proc do |request|
420
+ {'parent' => request.parent}
421
+ end
422
+ )
423
+ @list_sources = Google::Gax.create_api_call(
424
+ @security_center_stub.method(:list_sources),
425
+ defaults["list_sources"],
426
+ exception_transformer: exception_transformer,
427
+ params_extractor: proc do |request|
428
+ {'parent' => request.parent}
429
+ end
430
+ )
431
+ @run_asset_discovery = Google::Gax.create_api_call(
432
+ @security_center_stub.method(:run_asset_discovery),
433
+ defaults["run_asset_discovery"],
434
+ exception_transformer: exception_transformer,
435
+ params_extractor: proc do |request|
436
+ {'parent' => request.parent}
437
+ end
438
+ )
439
+ @set_finding_state = Google::Gax.create_api_call(
440
+ @security_center_stub.method(:set_finding_state),
441
+ defaults["set_finding_state"],
442
+ exception_transformer: exception_transformer,
443
+ params_extractor: proc do |request|
444
+ {'name' => request.name}
445
+ end
446
+ )
447
+ @set_iam_policy = Google::Gax.create_api_call(
448
+ @security_center_stub.method(:set_iam_policy),
449
+ defaults["set_iam_policy"],
450
+ exception_transformer: exception_transformer,
451
+ params_extractor: proc do |request|
452
+ {'resource' => request.resource}
453
+ end
454
+ )
455
+ @test_iam_permissions = Google::Gax.create_api_call(
456
+ @security_center_stub.method(:test_iam_permissions),
457
+ defaults["test_iam_permissions"],
458
+ exception_transformer: exception_transformer,
459
+ params_extractor: proc do |request|
460
+ {'resource' => request.resource}
461
+ end
462
+ )
463
+ @update_finding = Google::Gax.create_api_call(
464
+ @security_center_stub.method(:update_finding),
465
+ defaults["update_finding"],
466
+ exception_transformer: exception_transformer,
467
+ params_extractor: proc do |request|
468
+ {'finding.name' => request.finding.name}
469
+ end
470
+ )
471
+ @update_notification_config = Google::Gax.create_api_call(
472
+ @security_center_stub.method(:update_notification_config),
473
+ defaults["update_notification_config"],
474
+ exception_transformer: exception_transformer,
475
+ params_extractor: proc do |request|
476
+ {'notification_config.name' => request.notification_config.name}
477
+ end
478
+ )
479
+ @update_organization_settings = Google::Gax.create_api_call(
480
+ @security_center_stub.method(:update_organization_settings),
481
+ defaults["update_organization_settings"],
482
+ exception_transformer: exception_transformer,
483
+ params_extractor: proc do |request|
484
+ {'organization_settings.name' => request.organization_settings.name}
485
+ end
486
+ )
487
+ @update_source = Google::Gax.create_api_call(
488
+ @security_center_stub.method(:update_source),
489
+ defaults["update_source"],
490
+ exception_transformer: exception_transformer,
491
+ params_extractor: proc do |request|
492
+ {'source.name' => request.source.name}
493
+ end
494
+ )
495
+ @update_security_marks = Google::Gax.create_api_call(
496
+ @security_center_stub.method(:update_security_marks),
497
+ defaults["update_security_marks"],
498
+ exception_transformer: exception_transformer,
499
+ params_extractor: proc do |request|
500
+ {'security_marks.name' => request.security_marks.name}
501
+ end
502
+ )
503
+ end
504
+
505
+ # Service calls
506
+
507
+ # Creates a source.
508
+ #
509
+ # @param parent [String]
510
+ # Required. Resource name of the new source's parent. Its format should be
511
+ # "organizations/[organization_id]".
512
+ # @param source [Google::Cloud::SecurityCenter::V1p1beta1::Source | Hash]
513
+ # Required. The Source being created, only the display_name and description
514
+ # will be used. All other fields will be ignored.
515
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Source`
516
+ # can also be provided.
517
+ # @param options [Google::Gax::CallOptions]
518
+ # Overrides the default settings for this call, e.g, timeout,
519
+ # retries, etc.
520
+ # @yield [result, operation] Access the result along with the RPC operation
521
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Source]
522
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
523
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::Source]
524
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
525
+ # @example
526
+ # require "google/cloud/security_center"
527
+ #
528
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
529
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
530
+ #
531
+ # # TODO: Initialize `source`:
532
+ # source = {}
533
+ # response = security_center_client.create_source(formatted_parent, source)
534
+
535
+ def create_source \
536
+ parent,
537
+ source,
538
+ options: nil,
539
+ &block
540
+ req = {
541
+ parent: parent,
542
+ source: source
543
+ }.delete_if { |_, v| v.nil? }
544
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::CreateSourceRequest)
545
+ @create_source.call(req, options, &block)
546
+ end
547
+
548
+ # Creates a finding. The corresponding source must exist for finding
549
+ # creation to succeed.
550
+ #
551
+ # @param parent [String]
552
+ # Required. Resource name of the new finding's parent. Its format should be
553
+ # "organizations/[organization_id]/sources/[source_id]".
554
+ # @param finding_id [String]
555
+ # Required. Unique identifier provided by the client within the parent scope.
556
+ # It must be alphanumeric and less than or equal to 32 characters and
557
+ # greater than 0 characters in length.
558
+ # @param finding [Google::Cloud::SecurityCenter::V1p1beta1::Finding | Hash]
559
+ # Required. The Finding being created. The name and security_marks will be
560
+ # ignored as they are both output only fields on this resource.
561
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Finding`
562
+ # can also be provided.
563
+ # @param options [Google::Gax::CallOptions]
564
+ # Overrides the default settings for this call, e.g, timeout,
565
+ # retries, etc.
566
+ # @yield [result, operation] Access the result along with the RPC operation
567
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
568
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
569
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
570
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
571
+ # @example
572
+ # require "google/cloud/security_center"
573
+ #
574
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
575
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
576
+ #
577
+ # # TODO: Initialize `finding_id`:
578
+ # finding_id = ''
579
+ #
580
+ # # TODO: Initialize `finding`:
581
+ # finding = {}
582
+ # response = security_center_client.create_finding(formatted_parent, finding_id, finding)
583
+
584
+ def create_finding \
585
+ parent,
586
+ finding_id,
587
+ finding,
588
+ options: nil,
589
+ &block
590
+ req = {
591
+ parent: parent,
592
+ finding_id: finding_id,
593
+ finding: finding
594
+ }.delete_if { |_, v| v.nil? }
595
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::CreateFindingRequest)
596
+ @create_finding.call(req, options, &block)
597
+ end
598
+
599
+ # Creates a notification config.
600
+ #
601
+ # @param parent [String]
602
+ # Required. Resource name of the new notification config's parent. Its format
603
+ # is "organizations/[organization_id]".
604
+ # @param config_id [String]
605
+ # Required.
606
+ # Unique identifier provided by the client within the parent scope.
607
+ # It must be between 1 and 128 characters, and contains alphanumeric
608
+ # characters, underscores or hyphens only.
609
+ # @param notification_config [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig | Hash]
610
+ # Required. The notification config being created. The name and the service
611
+ # account will be ignored as they are both output only fields on this
612
+ # resource.
613
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig`
614
+ # can also be provided.
615
+ # @param options [Google::Gax::CallOptions]
616
+ # Overrides the default settings for this call, e.g, timeout,
617
+ # retries, etc.
618
+ # @yield [result, operation] Access the result along with the RPC operation
619
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
620
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
621
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
622
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
623
+ # @example
624
+ # require "google/cloud/security_center"
625
+ #
626
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
627
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
628
+ #
629
+ # # TODO: Initialize `config_id`:
630
+ # config_id = ''
631
+ #
632
+ # # TODO: Initialize `notification_config`:
633
+ # notification_config = {}
634
+ # response = security_center_client.create_notification_config(formatted_parent, config_id, notification_config)
635
+
636
+ def create_notification_config \
637
+ parent,
638
+ config_id,
639
+ notification_config,
640
+ options: nil,
641
+ &block
642
+ req = {
643
+ parent: parent,
644
+ config_id: config_id,
645
+ notification_config: notification_config
646
+ }.delete_if { |_, v| v.nil? }
647
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::CreateNotificationConfigRequest)
648
+ @create_notification_config.call(req, options, &block)
649
+ end
650
+
651
+ # Deletes a notification config.
652
+ #
653
+ # @param name [String]
654
+ # Required. Name of the notification config to delete. Its format is
655
+ # "organizations/[organization_id]/notificationConfigs/[config_id]".
656
+ # @param options [Google::Gax::CallOptions]
657
+ # Overrides the default settings for this call, e.g, timeout,
658
+ # retries, etc.
659
+ # @yield [result, operation] Access the result along with the RPC operation
660
+ # @yieldparam result []
661
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
662
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
663
+ # @example
664
+ # require "google/cloud/security_center"
665
+ #
666
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
667
+ # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.notification_config_path("[ORGANIZATION]", "[NOTIFICATION_CONFIG]")
668
+ # security_center_client.delete_notification_config(formatted_name)
669
+
670
+ def delete_notification_config \
671
+ name,
672
+ options: nil,
673
+ &block
674
+ req = {
675
+ name: name
676
+ }.delete_if { |_, v| v.nil? }
677
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::DeleteNotificationConfigRequest)
678
+ @delete_notification_config.call(req, options, &block)
679
+ nil
680
+ end
681
+
682
+ # Gets the access control policy on the specified Source.
683
+ #
684
+ # @param resource [String]
685
+ # REQUIRED: The resource for which the policy is being requested.
686
+ # See the operation documentation for the appropriate value for this field.
687
+ # @param options_ [Google::Iam::V1::GetPolicyOptions | Hash]
688
+ # OPTIONAL: A `GetPolicyOptions` object for specifying options to
689
+ # `GetIamPolicy`. This field is only used by Cloud IAM.
690
+ # A hash of the same form as `Google::Iam::V1::GetPolicyOptions`
691
+ # can also be provided.
692
+ # @param options [Google::Gax::CallOptions]
693
+ # Overrides the default settings for this call, e.g, timeout,
694
+ # retries, etc.
695
+ # @yield [result, operation] Access the result along with the RPC operation
696
+ # @yieldparam result [Google::Iam::V1::Policy]
697
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
698
+ # @return [Google::Iam::V1::Policy]
699
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
700
+ # @example
701
+ # require "google/cloud/security_center"
702
+ #
703
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
704
+ #
705
+ # # TODO: Initialize `resource`:
706
+ # resource = ''
707
+ # response = security_center_client.get_iam_policy(resource)
708
+
709
+ def get_iam_policy \
710
+ resource,
711
+ options_: nil,
712
+ options: nil,
713
+ &block
714
+ req = {
715
+ resource: resource,
716
+ options: options_
717
+ }.delete_if { |_, v| v.nil? }
718
+ req = Google::Gax::to_proto(req, Google::Iam::V1::GetIamPolicyRequest)
719
+ @get_iam_policy.call(req, options, &block)
720
+ end
721
+
722
+ # Gets a notification config.
723
+ #
724
+ # @param name [String]
725
+ # Required. Name of the notification config to get. Its format is
726
+ # "organizations/[organization_id]/notificationConfigs/[config_id]".
727
+ # @param options [Google::Gax::CallOptions]
728
+ # Overrides the default settings for this call, e.g, timeout,
729
+ # retries, etc.
730
+ # @yield [result, operation] Access the result along with the RPC operation
731
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
732
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
733
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
734
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
735
+ # @example
736
+ # require "google/cloud/security_center"
737
+ #
738
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
739
+ # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.notification_config_path("[ORGANIZATION]", "[NOTIFICATION_CONFIG]")
740
+ # response = security_center_client.get_notification_config(formatted_name)
741
+
742
+ def get_notification_config \
743
+ name,
744
+ options: nil,
745
+ &block
746
+ req = {
747
+ name: name
748
+ }.delete_if { |_, v| v.nil? }
749
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GetNotificationConfigRequest)
750
+ @get_notification_config.call(req, options, &block)
751
+ end
752
+
753
+ # Gets the settings for an organization.
754
+ #
755
+ # @param name [String]
756
+ # Required. Name of the organization to get organization settings for. Its
757
+ # format is "organizations/[organization_id]/organizationSettings".
758
+ # @param options [Google::Gax::CallOptions]
759
+ # Overrides the default settings for this call, e.g, timeout,
760
+ # retries, etc.
761
+ # @yield [result, operation] Access the result along with the RPC operation
762
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
763
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
764
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
765
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
766
+ # @example
767
+ # require "google/cloud/security_center"
768
+ #
769
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
770
+ # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_settings_path("[ORGANIZATION]")
771
+ # response = security_center_client.get_organization_settings(formatted_name)
772
+
773
+ def get_organization_settings \
774
+ name,
775
+ options: nil,
776
+ &block
777
+ req = {
778
+ name: name
779
+ }.delete_if { |_, v| v.nil? }
780
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GetOrganizationSettingsRequest)
781
+ @get_organization_settings.call(req, options, &block)
782
+ end
783
+
784
+ # Gets a source.
785
+ #
786
+ # @param name [String]
787
+ # Required. Relative resource name of the source. Its format is
788
+ # "organizations/[organization_id]/source/[source_id]".
789
+ # @param options [Google::Gax::CallOptions]
790
+ # Overrides the default settings for this call, e.g, timeout,
791
+ # retries, etc.
792
+ # @yield [result, operation] Access the result along with the RPC operation
793
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Source]
794
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
795
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::Source]
796
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
797
+ # @example
798
+ # require "google/cloud/security_center"
799
+ #
800
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
801
+ # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
802
+ # response = security_center_client.get_source(formatted_name)
803
+
804
+ def get_source \
805
+ name,
806
+ options: nil,
807
+ &block
808
+ req = {
809
+ name: name
810
+ }.delete_if { |_, v| v.nil? }
811
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GetSourceRequest)
812
+ @get_source.call(req, options, &block)
813
+ end
814
+
815
+ # Filters an organization's assets and groups them by their specified
816
+ # properties.
817
+ #
818
+ # @param parent [String]
819
+ # Required. Name of the organization to groupBy. Its format is
820
+ # "organizations/[organization_id]".
821
+ # @param group_by [String]
822
+ # Required. Expression that defines what assets fields to use for grouping.
823
+ # The string value should follow SQL syntax: comma separated list of fields.
824
+ # For example:
825
+ # "security_center_properties.resource_project,security_center_properties.project".
826
+ #
827
+ # The following fields are supported when compare_duration is not set:
828
+ #
829
+ # * security_center_properties.resource_project
830
+ # * security_center_properties.resource_project_display_name
831
+ # * security_center_properties.resource_type
832
+ # * security_center_properties.resource_parent
833
+ # * security_center_properties.resource_parent_display_name
834
+ #
835
+ # The following fields are supported when compare_duration is set:
836
+ #
837
+ # * security_center_properties.resource_type
838
+ # * security_center_properties.resource_project_display_name
839
+ # * security_center_properties.resource_parent_display_name
840
+ # @param filter [String]
841
+ # Expression that defines the filter to apply across assets.
842
+ # The expression is a list of zero or more restrictions combined via logical
843
+ # operators `AND` and `OR`.
844
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
845
+ #
846
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
847
+ # character in front of them to indicate negation. The fields map to those
848
+ # defined in the Asset resource. Examples include:
849
+ #
850
+ # * name
851
+ # * security_center_properties.resource_name
852
+ # * resource_properties.a_property
853
+ # * security_marks.marks.marka
854
+ #
855
+ # The supported operators are:
856
+ #
857
+ # * `=` for all value types.
858
+ # * `>`, `<`, `>=`, `<=` for integer values.
859
+ # * `:`, meaning substring matching, for strings.
860
+ #
861
+ # The supported value types are:
862
+ #
863
+ # * string literals in quotes.
864
+ # * integer literals without quotes.
865
+ # * boolean literals `true` and `false` without quotes.
866
+ #
867
+ # The following field and operator combinations are supported:
868
+ #
869
+ # * name: `=`
870
+ # * update_time: `=`, `>`, `<`, `>=`, `<=`
871
+ #
872
+ # Usage: This should be milliseconds since epoch or an RFC3339 string.
873
+ # Examples:
874
+ # "update_time = \"2019-06-10T16:07:18-07:00\""
875
+ # "update_time = 1560208038000"
876
+ #
877
+ # * create_time: `=`, `>`, `<`, `>=`, `<=`
878
+ #
879
+ # Usage: This should be milliseconds since epoch or an RFC3339 string.
880
+ # Examples:
881
+ # "create_time = \"2019-06-10T16:07:18-07:00\""
882
+ # "create_time = 1560208038000"
883
+ #
884
+ # * iam_policy.policy_blob: `=`, `:`
885
+ # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
886
+ # * security_marks.marks: `=`, `:`
887
+ # * security_center_properties.resource_name: `=`, `:`
888
+ # * security_center_properties.resource_name_display_name: `=`, `:`
889
+ # * security_center_properties.resource_type: `=`, `:`
890
+ # * security_center_properties.resource_parent: `=`, `:`
891
+ # * security_center_properties.resource_parent_display_name: `=`, `:`
892
+ # * security_center_properties.resource_project: `=`, `:`
893
+ # * security_center_properties.resource_project_display_name: `=`, `:`
894
+ # * security_center_properties.resource_owners: `=`, `:`
895
+ #
896
+ # For example, `resource_properties.size = 100` is a valid filter string.
897
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
898
+ # When compare_duration is set, the GroupResult's "state_change" property is
899
+ # updated to indicate whether the asset was added, removed, or remained
900
+ # present during the compare_duration period of time that precedes the
901
+ # read_time. This is the time between (read_time - compare_duration) and
902
+ # read_time.
903
+ #
904
+ # The state change value is derived based on the presence of the asset at the
905
+ # two points in time. Intermediate state changes between the two times don't
906
+ # affect the result. For example, the results aren't affected if the asset is
907
+ # removed and re-created again.
908
+ #
909
+ # Possible "state_change" values when compare_duration is specified:
910
+ #
911
+ # * "ADDED": indicates that the asset was not present at the start of
912
+ # compare_duration, but present at reference_time.
913
+ # * "REMOVED": indicates that the asset was present at the start of
914
+ # compare_duration, but not present at reference_time.
915
+ # * "ACTIVE": indicates that the asset was present at both the
916
+ # start and the end of the time period defined by
917
+ # compare_duration and reference_time.
918
+ #
919
+ # If compare_duration is not specified, then the only possible state_change
920
+ # is "UNUSED", which will be the state_change set for all assets present at
921
+ # read_time.
922
+ #
923
+ # If this field is set then `state_change` must be a specified field in
924
+ # `group_by`.
925
+ # A hash of the same form as `Google::Protobuf::Duration`
926
+ # can also be provided.
927
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
928
+ # Time used as a reference point when filtering assets. The filter is limited
929
+ # to assets existing at the supplied time and their values are those at that
930
+ # specific time. Absence of this field will default to the API's version of
931
+ # NOW.
932
+ # A hash of the same form as `Google::Protobuf::Timestamp`
933
+ # can also be provided.
934
+ # @param having [String]
935
+ # Filter that specifies what fields to further filter on *after* the query
936
+ # filter has been executed. Currently only `state_change` is supported and
937
+ # requires compare_duration to be specified.
938
+ # @param page_size [Integer]
939
+ # The maximum number of resources contained in the underlying API
940
+ # response. If page streaming is performed per-resource, this
941
+ # parameter does not affect the return value. If page streaming is
942
+ # performed per-page, this determines the maximum number of
943
+ # resources in a page.
944
+ # @param options [Google::Gax::CallOptions]
945
+ # Overrides the default settings for this call, e.g, timeout,
946
+ # retries, etc.
947
+ # @yield [result, operation] Access the result along with the RPC operation
948
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
949
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
950
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
951
+ # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::GroupResult instances.
952
+ # See Google::Gax::PagedEnumerable documentation for other
953
+ # operations such as per-page iteration or access to the response
954
+ # object.
955
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
956
+ # @example
957
+ # require "google/cloud/security_center"
958
+ #
959
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
960
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
961
+ #
962
+ # # TODO: Initialize `group_by`:
963
+ # group_by = ''
964
+ #
965
+ # # Iterate over all results.
966
+ # security_center_client.group_assets(formatted_parent, group_by).each do |element|
967
+ # # Process element.
968
+ # end
969
+ #
970
+ # # Or iterate over results one page at a time.
971
+ # security_center_client.group_assets(formatted_parent, group_by).each_page do |page|
972
+ # # Process each page at a time.
973
+ # page.each do |element|
974
+ # # Process element.
975
+ # end
976
+ # end
977
+
978
+ def group_assets \
979
+ parent,
980
+ group_by,
981
+ filter: nil,
982
+ compare_duration: nil,
983
+ read_time: nil,
984
+ having: nil,
985
+ page_size: nil,
986
+ options: nil,
987
+ &block
988
+ req = {
989
+ parent: parent,
990
+ group_by: group_by,
991
+ filter: filter,
992
+ compare_duration: compare_duration,
993
+ read_time: read_time,
994
+ having: having,
995
+ page_size: page_size
996
+ }.delete_if { |_, v| v.nil? }
997
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GroupAssetsRequest)
998
+ @group_assets.call(req, options, &block)
999
+ end
1000
+
1001
+ # Filters an organization or source's findings and groups them by their
1002
+ # specified properties.
1003
+ #
1004
+ # To group across all sources provide a `-` as the source id.
1005
+ # Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings
1006
+ #
1007
+ # @param parent [String]
1008
+ # Required. Name of the source to groupBy. Its format is
1009
+ # "organizations/[organization_id]/sources/[source_id]". To groupBy across
1010
+ # all sources provide a source_id of `-`. For example:
1011
+ # organizations/{organization_id}/sources/-
1012
+ # @param group_by [String]
1013
+ # Required. Expression that defines what assets fields to use for grouping
1014
+ # (including `state_change`). The string value should follow SQL syntax:
1015
+ # comma separated list of fields. For example: "parent,resource_name".
1016
+ #
1017
+ # The following fields are supported:
1018
+ #
1019
+ # * resource_name
1020
+ # * category
1021
+ # * state
1022
+ # * parent
1023
+ #
1024
+ # The following fields are supported when compare_duration is set:
1025
+ #
1026
+ # * state_change
1027
+ # @param filter [String]
1028
+ # Expression that defines the filter to apply across findings.
1029
+ # The expression is a list of one or more restrictions combined via logical
1030
+ # operators `AND` and `OR`.
1031
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
1032
+ #
1033
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1034
+ # character in front of them to indicate negation. Examples include:
1035
+ #
1036
+ # * name
1037
+ # * source_properties.a_property
1038
+ # * security_marks.marks.marka
1039
+ #
1040
+ # The supported operators are:
1041
+ #
1042
+ # * `=` for all value types.
1043
+ # * `>`, `<`, `>=`, `<=` for integer values.
1044
+ # * `:`, meaning substring matching, for strings.
1045
+ #
1046
+ # The supported value types are:
1047
+ #
1048
+ # * string literals in quotes.
1049
+ # * integer literals without quotes.
1050
+ # * boolean literals `true` and `false` without quotes.
1051
+ #
1052
+ # The following field and operator combinations are supported:
1053
+ #
1054
+ # * name: `=`
1055
+ # * parent: `=`, `:`
1056
+ # * resource_name: `=`, `:`
1057
+ # * state: `=`, `:`
1058
+ # * category: `=`, `:`
1059
+ # * external_uri: `=`, `:`
1060
+ # * event_time: `=`, `>`, `<`, `>=`, `<=`
1061
+ #
1062
+ # Usage: This should be milliseconds since epoch or an RFC3339 string.
1063
+ # Examples:
1064
+ # "event_time = \"2019-06-10T16:07:18-07:00\""
1065
+ # "event_time = 1560208038000"
1066
+ #
1067
+ # * security_marks.marks: `=`, `:`
1068
+ # * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1069
+ #
1070
+ # For example, `source_properties.size = 100` is a valid filter string.
1071
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
1072
+ # Time used as a reference point when filtering findings. The filter is
1073
+ # limited to findings existing at the supplied time and their values are
1074
+ # those at that specific time. Absence of this field will default to the
1075
+ # API's version of NOW.
1076
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1077
+ # can also be provided.
1078
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
1079
+ # When compare_duration is set, the GroupResult's "state_change" attribute is
1080
+ # updated to indicate whether the finding had its state changed, the
1081
+ # finding's state remained unchanged, or if the finding was added during the
1082
+ # compare_duration period of time that precedes the read_time. This is the
1083
+ # time between (read_time - compare_duration) and read_time.
1084
+ #
1085
+ # The state_change value is derived based on the presence and state of the
1086
+ # finding at the two points in time. Intermediate state changes between the
1087
+ # two times don't affect the result. For example, the results aren't affected
1088
+ # if the finding is made inactive and then active again.
1089
+ #
1090
+ # Possible "state_change" values when compare_duration is specified:
1091
+ #
1092
+ # * "CHANGED": indicates that the finding was present at the start of
1093
+ # compare_duration, but changed its state at read_time.
1094
+ # * "UNCHANGED": indicates that the finding was present at the start of
1095
+ # compare_duration and did not change state at read_time.
1096
+ # * "ADDED": indicates that the finding was not present at the start
1097
+ # of compare_duration, but was present at read_time.
1098
+ #
1099
+ # If compare_duration is not specified, then the only possible state_change
1100
+ # is "UNUSED", which will be the state_change set for all findings present
1101
+ # at read_time.
1102
+ #
1103
+ # If this field is set then `state_change` must be a specified field in
1104
+ # `group_by`.
1105
+ # A hash of the same form as `Google::Protobuf::Duration`
1106
+ # can also be provided.
1107
+ # @param having [String]
1108
+ # Filter that specifies what fields to further filter on *after* the query
1109
+ # filter has been executed. Currently only `finding.state` and `state_change`
1110
+ # are supported and requires compare_duration to be specified.
1111
+ # @param page_size [Integer]
1112
+ # The maximum number of resources contained in the underlying API
1113
+ # response. If page streaming is performed per-resource, this
1114
+ # parameter does not affect the return value. If page streaming is
1115
+ # performed per-page, this determines the maximum number of
1116
+ # resources in a page.
1117
+ # @param options [Google::Gax::CallOptions]
1118
+ # Overrides the default settings for this call, e.g, timeout,
1119
+ # retries, etc.
1120
+ # @yield [result, operation] Access the result along with the RPC operation
1121
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
1122
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1123
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::GroupResult>]
1124
+ # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::GroupResult instances.
1125
+ # See Google::Gax::PagedEnumerable documentation for other
1126
+ # operations such as per-page iteration or access to the response
1127
+ # object.
1128
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1129
+ # @example
1130
+ # require "google/cloud/security_center"
1131
+ #
1132
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1133
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1134
+ #
1135
+ # # TODO: Initialize `group_by`:
1136
+ # group_by = ''
1137
+ #
1138
+ # # Iterate over all results.
1139
+ # security_center_client.group_findings(formatted_parent, group_by).each do |element|
1140
+ # # Process element.
1141
+ # end
1142
+ #
1143
+ # # Or iterate over results one page at a time.
1144
+ # security_center_client.group_findings(formatted_parent, group_by).each_page do |page|
1145
+ # # Process each page at a time.
1146
+ # page.each do |element|
1147
+ # # Process element.
1148
+ # end
1149
+ # end
1150
+
1151
+ def group_findings \
1152
+ parent,
1153
+ group_by,
1154
+ filter: nil,
1155
+ read_time: nil,
1156
+ compare_duration: nil,
1157
+ having: nil,
1158
+ page_size: nil,
1159
+ options: nil,
1160
+ &block
1161
+ req = {
1162
+ parent: parent,
1163
+ group_by: group_by,
1164
+ filter: filter,
1165
+ read_time: read_time,
1166
+ compare_duration: compare_duration,
1167
+ having: having,
1168
+ page_size: page_size
1169
+ }.delete_if { |_, v| v.nil? }
1170
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::GroupFindingsRequest)
1171
+ @group_findings.call(req, options, &block)
1172
+ end
1173
+
1174
+ # Lists an organization's assets.
1175
+ #
1176
+ # @param parent [String]
1177
+ # Required. Name of the organization assets should belong to. Its format is
1178
+ # "organizations/[organization_id]".
1179
+ # @param filter [String]
1180
+ # Expression that defines the filter to apply across assets.
1181
+ # The expression is a list of zero or more restrictions combined via logical
1182
+ # operators `AND` and `OR`.
1183
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
1184
+ #
1185
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1186
+ # character in front of them to indicate negation. The fields map to those
1187
+ # defined in the Asset resource. Examples include:
1188
+ #
1189
+ # * name
1190
+ # * security_center_properties.resource_name
1191
+ # * resource_properties.a_property
1192
+ # * security_marks.marks.marka
1193
+ #
1194
+ # The supported operators are:
1195
+ #
1196
+ # * `=` for all value types.
1197
+ # * `>`, `<`, `>=`, `<=` for integer values.
1198
+ # * `:`, meaning substring matching, for strings.
1199
+ #
1200
+ # The supported value types are:
1201
+ #
1202
+ # * string literals in quotes.
1203
+ # * integer literals without quotes.
1204
+ # * boolean literals `true` and `false` without quotes.
1205
+ #
1206
+ # The following are the allowed field and operator combinations:
1207
+ #
1208
+ # * name: `=`
1209
+ # * update_time: `=`, `>`, `<`, `>=`, `<=`
1210
+ #
1211
+ # Usage: This should be milliseconds since epoch or an RFC3339 string.
1212
+ # Examples:
1213
+ # "update_time = \"2019-06-10T16:07:18-07:00\""
1214
+ # "update_time = 1560208038000"
1215
+ #
1216
+ # * create_time: `=`, `>`, `<`, `>=`, `<=`
1217
+ #
1218
+ # Usage: This should be milliseconds since epoch or an RFC3339 string.
1219
+ # Examples:
1220
+ # "create_time = \"2019-06-10T16:07:18-07:00\""
1221
+ # "create_time = 1560208038000"
1222
+ #
1223
+ # * iam_policy.policy_blob: `=`, `:`
1224
+ # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1225
+ # * security_marks.marks: `=`, `:`
1226
+ # * security_center_properties.resource_name: `=`, `:`
1227
+ # * security_center_properties.resource_display_name: `=`, `:`
1228
+ # * security_center_properties.resource_type: `=`, `:`
1229
+ # * security_center_properties.resource_parent: `=`, `:`
1230
+ # * security_center_properties.resource_parent_display_name: `=`, `:`
1231
+ # * security_center_properties.resource_project: `=`, `:`
1232
+ # * security_center_properties.resource_project_display_name: `=`, `:`
1233
+ # * security_center_properties.resource_owners: `=`, `:`
1234
+ #
1235
+ # For example, `resource_properties.size = 100` is a valid filter string.
1236
+ # @param order_by [String]
1237
+ # Expression that defines what fields and order to use for sorting. The
1238
+ # string value should follow SQL syntax: comma separated list of fields. For
1239
+ # example: "name,resource_properties.a_property". The default sorting order
1240
+ # is ascending. To specify descending order for a field, a suffix " desc"
1241
+ # should be appended to the field name. For example: "name
1242
+ # desc,resource_properties.a_property". Redundant space characters in the
1243
+ # syntax are insignificant. "name desc,resource_properties.a_property" and "
1244
+ # name desc , resource_properties.a_property " are equivalent.
1245
+ #
1246
+ # The following fields are supported:
1247
+ # name
1248
+ # update_time
1249
+ # resource_properties
1250
+ # security_marks.marks
1251
+ # security_center_properties.resource_name
1252
+ # security_center_properties.resource_display_name
1253
+ # security_center_properties.resource_parent
1254
+ # security_center_properties.resource_parent_display_name
1255
+ # security_center_properties.resource_project
1256
+ # security_center_properties.resource_project_display_name
1257
+ # security_center_properties.resource_type
1258
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
1259
+ # Time used as a reference point when filtering assets. The filter is limited
1260
+ # to assets existing at the supplied time and their values are those at that
1261
+ # specific time. Absence of this field will default to the API's version of
1262
+ # NOW.
1263
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1264
+ # can also be provided.
1265
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
1266
+ # When compare_duration is set, the ListAssetsResult's "state_change"
1267
+ # attribute is updated to indicate whether the asset was added, removed, or
1268
+ # remained present during the compare_duration period of time that precedes
1269
+ # the read_time. This is the time between (read_time - compare_duration) and
1270
+ # read_time.
1271
+ #
1272
+ # The state_change value is derived based on the presence of the asset at the
1273
+ # two points in time. Intermediate state changes between the two times don't
1274
+ # affect the result. For example, the results aren't affected if the asset is
1275
+ # removed and re-created again.
1276
+ #
1277
+ # Possible "state_change" values when compare_duration is specified:
1278
+ #
1279
+ # * "ADDED": indicates that the asset was not present at the start of
1280
+ # compare_duration, but present at read_time.
1281
+ # * "REMOVED": indicates that the asset was present at the start of
1282
+ # compare_duration, but not present at read_time.
1283
+ # * "ACTIVE": indicates that the asset was present at both the
1284
+ # start and the end of the time period defined by
1285
+ # compare_duration and read_time.
1286
+ #
1287
+ # If compare_duration is not specified, then the only possible state_change
1288
+ # is "UNUSED", which will be the state_change set for all assets present at
1289
+ # read_time.
1290
+ # A hash of the same form as `Google::Protobuf::Duration`
1291
+ # can also be provided.
1292
+ # @param having [String]
1293
+ # Filter that specifies what fields to further filter on *after* the query
1294
+ # filter has been executed. Currently only `state_change` is supported and
1295
+ # requires compare_duration to be specified.
1296
+ # @param field_mask [Google::Protobuf::FieldMask | Hash]
1297
+ # Optional.
1298
+ # A field mask to specify the ListAssetsResult fields to be listed in the
1299
+ # response.
1300
+ # An empty field mask will list all fields.
1301
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1302
+ # can also be provided.
1303
+ # @param page_size [Integer]
1304
+ # The maximum number of resources contained in the underlying API
1305
+ # response. If page streaming is performed per-resource, this
1306
+ # parameter does not affect the return value. If page streaming is
1307
+ # performed per-page, this determines the maximum number of
1308
+ # resources in a page.
1309
+ # @param options [Google::Gax::CallOptions]
1310
+ # Overrides the default settings for this call, e.g, timeout,
1311
+ # retries, etc.
1312
+ # @yield [result, operation] Access the result along with the RPC operation
1313
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse::ListAssetsResult>]
1314
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1315
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse::ListAssetsResult>]
1316
+ # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse::ListAssetsResult instances.
1317
+ # See Google::Gax::PagedEnumerable documentation for other
1318
+ # operations such as per-page iteration or access to the response
1319
+ # object.
1320
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1321
+ # @example
1322
+ # require "google/cloud/security_center"
1323
+ #
1324
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1325
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1326
+ #
1327
+ # # Iterate over all results.
1328
+ # security_center_client.list_assets(formatted_parent).each do |element|
1329
+ # # Process element.
1330
+ # end
1331
+ #
1332
+ # # Or iterate over results one page at a time.
1333
+ # security_center_client.list_assets(formatted_parent).each_page do |page|
1334
+ # # Process each page at a time.
1335
+ # page.each do |element|
1336
+ # # Process element.
1337
+ # end
1338
+ # end
1339
+
1340
+ def list_assets \
1341
+ parent,
1342
+ filter: nil,
1343
+ order_by: nil,
1344
+ read_time: nil,
1345
+ compare_duration: nil,
1346
+ having: nil,
1347
+ field_mask: nil,
1348
+ page_size: nil,
1349
+ options: nil,
1350
+ &block
1351
+ req = {
1352
+ parent: parent,
1353
+ filter: filter,
1354
+ order_by: order_by,
1355
+ read_time: read_time,
1356
+ compare_duration: compare_duration,
1357
+ having: having,
1358
+ field_mask: field_mask,
1359
+ page_size: page_size
1360
+ }.delete_if { |_, v| v.nil? }
1361
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsRequest)
1362
+ @list_assets.call(req, options, &block)
1363
+ end
1364
+
1365
+ # Lists an organization or source's findings.
1366
+ #
1367
+ # To list across all sources provide a `-` as the source id.
1368
+ # Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings
1369
+ #
1370
+ # @param parent [String]
1371
+ # Required. Name of the source the findings belong to. Its format is
1372
+ # "organizations/[organization_id]/sources/[source_id]". To list across all
1373
+ # sources provide a source_id of `-`. For example:
1374
+ # organizations/{organization_id}/sources/-
1375
+ # @param filter [String]
1376
+ # Expression that defines the filter to apply across findings.
1377
+ # The expression is a list of one or more restrictions combined via logical
1378
+ # operators `AND` and `OR`.
1379
+ # Parentheses are supported, and `OR` has higher precedence than `AND`.
1380
+ #
1381
+ # Restrictions have the form `<field> <operator> <value>` and may have a `-`
1382
+ # character in front of them to indicate negation. Examples include:
1383
+ #
1384
+ # * name
1385
+ # * source_properties.a_property
1386
+ # * security_marks.marks.marka
1387
+ #
1388
+ # The supported operators are:
1389
+ #
1390
+ # * `=` for all value types.
1391
+ # * `>`, `<`, `>=`, `<=` for integer values.
1392
+ # * `:`, meaning substring matching, for strings.
1393
+ #
1394
+ # The supported value types are:
1395
+ #
1396
+ # * string literals in quotes.
1397
+ # * integer literals without quotes.
1398
+ # * boolean literals `true` and `false` without quotes.
1399
+ #
1400
+ # The following field and operator combinations are supported:
1401
+ #
1402
+ # name: `=`
1403
+ # parent: `=`, `:`
1404
+ # resource_name: `=`, `:`
1405
+ # state: `=`, `:`
1406
+ # category: `=`, `:`
1407
+ # external_uri: `=`, `:`
1408
+ # event_time: `=`, `>`, `<`, `>=`, `<=`
1409
+ #
1410
+ # Usage: This should be milliseconds since epoch or an RFC3339 string.
1411
+ # Examples:
1412
+ # "event_time = \"2019-06-10T16:07:18-07:00\""
1413
+ # "event_time = 1560208038000"
1414
+ #
1415
+ # security_marks.marks: `=`, `:`
1416
+ # source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
1417
+ #
1418
+ # For example, `source_properties.size = 100` is a valid filter string.
1419
+ # @param order_by [String]
1420
+ # Expression that defines what fields and order to use for sorting. The
1421
+ # string value should follow SQL syntax: comma separated list of fields. For
1422
+ # example: "name,resource_properties.a_property". The default sorting order
1423
+ # is ascending. To specify descending order for a field, a suffix " desc"
1424
+ # should be appended to the field name. For example: "name
1425
+ # desc,source_properties.a_property". Redundant space characters in the
1426
+ # syntax are insignificant. "name desc,source_properties.a_property" and "
1427
+ # name desc , source_properties.a_property " are equivalent.
1428
+ #
1429
+ # The following fields are supported:
1430
+ # name
1431
+ # parent
1432
+ # state
1433
+ # category
1434
+ # resource_name
1435
+ # event_time
1436
+ # source_properties
1437
+ # security_marks.marks
1438
+ # @param read_time [Google::Protobuf::Timestamp | Hash]
1439
+ # Time used as a reference point when filtering findings. The filter is
1440
+ # limited to findings existing at the supplied time and their values are
1441
+ # those at that specific time. Absence of this field will default to the
1442
+ # API's version of NOW.
1443
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1444
+ # can also be provided.
1445
+ # @param compare_duration [Google::Protobuf::Duration | Hash]
1446
+ # When compare_duration is set, the ListFindingsResult's "state_change"
1447
+ # attribute is updated to indicate whether the finding had its state changed,
1448
+ # the finding's state remained unchanged, or if the finding was added in any
1449
+ # state during the compare_duration period of time that precedes the
1450
+ # read_time. This is the time between (read_time - compare_duration) and
1451
+ # read_time.
1452
+ #
1453
+ # The state_change value is derived based on the presence and state of the
1454
+ # finding at the two points in time. Intermediate state changes between the
1455
+ # two times don't affect the result. For example, the results aren't affected
1456
+ # if the finding is made inactive and then active again.
1457
+ #
1458
+ # Possible "state_change" values when compare_duration is specified:
1459
+ #
1460
+ # * "CHANGED": indicates that the finding was present at the start of
1461
+ # compare_duration, but changed its state at read_time.
1462
+ # * "UNCHANGED": indicates that the finding was present at the start of
1463
+ # compare_duration and did not change state at read_time.
1464
+ # * "ADDED": indicates that the finding was not present at the start
1465
+ # of compare_duration, but was present at read_time.
1466
+ #
1467
+ # If compare_duration is not specified, then the only possible state_change
1468
+ # is "UNUSED", which will be the state_change set for all findings present at
1469
+ # read_time.
1470
+ # A hash of the same form as `Google::Protobuf::Duration`
1471
+ # can also be provided.
1472
+ # @param having [String]
1473
+ # Filter that specifies what fields to further filter on *after* the query
1474
+ # filter has been executed. Currently only `finding.state` and `state_change`
1475
+ # are supported and requires compare_duration to be specified.
1476
+ # @param field_mask [Google::Protobuf::FieldMask | Hash]
1477
+ # Optional.
1478
+ # A field mask to specify the Finding fields to be listed in the response.
1479
+ # An empty field mask will list all fields.
1480
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1481
+ # can also be provided.
1482
+ # @param page_size [Integer]
1483
+ # The maximum number of resources contained in the underlying API
1484
+ # response. If page streaming is performed per-resource, this
1485
+ # parameter does not affect the return value. If page streaming is
1486
+ # performed per-page, this determines the maximum number of
1487
+ # resources in a page.
1488
+ # @param options [Google::Gax::CallOptions]
1489
+ # Overrides the default settings for this call, e.g, timeout,
1490
+ # retries, etc.
1491
+ # @yield [result, operation] Access the result along with the RPC operation
1492
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult>]
1493
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1494
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult>]
1495
+ # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult instances.
1496
+ # See Google::Gax::PagedEnumerable documentation for other
1497
+ # operations such as per-page iteration or access to the response
1498
+ # object.
1499
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1500
+ # @example
1501
+ # require "google/cloud/security_center"
1502
+ #
1503
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1504
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.source_path("[ORGANIZATION]", "[SOURCE]")
1505
+ #
1506
+ # # Iterate over all results.
1507
+ # security_center_client.list_findings(formatted_parent).each do |element|
1508
+ # # Process element.
1509
+ # end
1510
+ #
1511
+ # # Or iterate over results one page at a time.
1512
+ # security_center_client.list_findings(formatted_parent).each_page do |page|
1513
+ # # Process each page at a time.
1514
+ # page.each do |element|
1515
+ # # Process element.
1516
+ # end
1517
+ # end
1518
+
1519
+ def list_findings \
1520
+ parent,
1521
+ filter: nil,
1522
+ order_by: nil,
1523
+ read_time: nil,
1524
+ compare_duration: nil,
1525
+ having: nil,
1526
+ field_mask: nil,
1527
+ page_size: nil,
1528
+ options: nil,
1529
+ &block
1530
+ req = {
1531
+ parent: parent,
1532
+ filter: filter,
1533
+ order_by: order_by,
1534
+ read_time: read_time,
1535
+ compare_duration: compare_duration,
1536
+ having: having,
1537
+ field_mask: field_mask,
1538
+ page_size: page_size
1539
+ }.delete_if { |_, v| v.nil? }
1540
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsRequest)
1541
+ @list_findings.call(req, options, &block)
1542
+ end
1543
+
1544
+ # Lists notification configs.
1545
+ #
1546
+ # @param parent [String]
1547
+ # Required. Name of the organization to list notification configs.
1548
+ # Its format is "organizations/[organization_id]".
1549
+ # @param page_size [Integer]
1550
+ # The maximum number of resources contained in the underlying API
1551
+ # response. If page streaming is performed per-resource, this
1552
+ # parameter does not affect the return value. If page streaming is
1553
+ # performed per-page, this determines the maximum number of
1554
+ # resources in a page.
1555
+ # @param options [Google::Gax::CallOptions]
1556
+ # Overrides the default settings for this call, e.g, timeout,
1557
+ # retries, etc.
1558
+ # @yield [result, operation] Access the result along with the RPC operation
1559
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig>]
1560
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1561
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig>]
1562
+ # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig instances.
1563
+ # See Google::Gax::PagedEnumerable documentation for other
1564
+ # operations such as per-page iteration or access to the response
1565
+ # object.
1566
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1567
+ # @example
1568
+ # require "google/cloud/security_center"
1569
+ #
1570
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1571
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1572
+ #
1573
+ # # Iterate over all results.
1574
+ # security_center_client.list_notification_configs(formatted_parent).each do |element|
1575
+ # # Process element.
1576
+ # end
1577
+ #
1578
+ # # Or iterate over results one page at a time.
1579
+ # security_center_client.list_notification_configs(formatted_parent).each_page do |page|
1580
+ # # Process each page at a time.
1581
+ # page.each do |element|
1582
+ # # Process element.
1583
+ # end
1584
+ # end
1585
+
1586
+ def list_notification_configs \
1587
+ parent,
1588
+ page_size: nil,
1589
+ options: nil,
1590
+ &block
1591
+ req = {
1592
+ parent: parent,
1593
+ page_size: page_size
1594
+ }.delete_if { |_, v| v.nil? }
1595
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListNotificationConfigsRequest)
1596
+ @list_notification_configs.call(req, options, &block)
1597
+ end
1598
+
1599
+ # Lists all sources belonging to an organization.
1600
+ #
1601
+ # @param parent [String]
1602
+ # Required. Resource name of the parent of sources to list. Its format should
1603
+ # be "organizations/[organization_id]".
1604
+ # @param page_size [Integer]
1605
+ # The maximum number of resources contained in the underlying API
1606
+ # response. If page streaming is performed per-resource, this
1607
+ # parameter does not affect the return value. If page streaming is
1608
+ # performed per-page, this determines the maximum number of
1609
+ # resources in a page.
1610
+ # @param options [Google::Gax::CallOptions]
1611
+ # Overrides the default settings for this call, e.g, timeout,
1612
+ # retries, etc.
1613
+ # @yield [result, operation] Access the result along with the RPC operation
1614
+ # @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::Source>]
1615
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1616
+ # @return [Google::Gax::PagedEnumerable<Google::Cloud::SecurityCenter::V1p1beta1::Source>]
1617
+ # An enumerable of Google::Cloud::SecurityCenter::V1p1beta1::Source instances.
1618
+ # See Google::Gax::PagedEnumerable documentation for other
1619
+ # operations such as per-page iteration or access to the response
1620
+ # object.
1621
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1622
+ # @example
1623
+ # require "google/cloud/security_center"
1624
+ #
1625
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1626
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1627
+ #
1628
+ # # Iterate over all results.
1629
+ # security_center_client.list_sources(formatted_parent).each do |element|
1630
+ # # Process element.
1631
+ # end
1632
+ #
1633
+ # # Or iterate over results one page at a time.
1634
+ # security_center_client.list_sources(formatted_parent).each_page do |page|
1635
+ # # Process each page at a time.
1636
+ # page.each do |element|
1637
+ # # Process element.
1638
+ # end
1639
+ # end
1640
+
1641
+ def list_sources \
1642
+ parent,
1643
+ page_size: nil,
1644
+ options: nil,
1645
+ &block
1646
+ req = {
1647
+ parent: parent,
1648
+ page_size: page_size
1649
+ }.delete_if { |_, v| v.nil? }
1650
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::ListSourcesRequest)
1651
+ @list_sources.call(req, options, &block)
1652
+ end
1653
+
1654
+ # Runs asset discovery. The discovery is tracked with a long-running
1655
+ # operation.
1656
+ #
1657
+ # This API can only be called with limited frequency for an organization. If
1658
+ # it is called too frequently the caller will receive a TOO_MANY_REQUESTS
1659
+ # error.
1660
+ #
1661
+ # @param parent [String]
1662
+ # Required. Name of the organization to run asset discovery for. Its format
1663
+ # is "organizations/[organization_id]".
1664
+ # @param options [Google::Gax::CallOptions]
1665
+ # Overrides the default settings for this call, e.g, timeout,
1666
+ # retries, etc.
1667
+ # @return [Google::Gax::Operation]
1668
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1669
+ # @example
1670
+ # require "google/cloud/security_center"
1671
+ #
1672
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1673
+ # formatted_parent = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.organization_path("[ORGANIZATION]")
1674
+ #
1675
+ # # Register a callback during the method call.
1676
+ # operation = security_center_client.run_asset_discovery(formatted_parent) do |op|
1677
+ # raise op.results.message if op.error?
1678
+ # op_results = op.results
1679
+ # # Process the results.
1680
+ #
1681
+ # metadata = op.metadata
1682
+ # # Process the metadata.
1683
+ # end
1684
+ #
1685
+ # # Or use the return value to register a callback.
1686
+ # operation.on_done do |op|
1687
+ # raise op.results.message if op.error?
1688
+ # op_results = op.results
1689
+ # # Process the results.
1690
+ #
1691
+ # metadata = op.metadata
1692
+ # # Process the metadata.
1693
+ # end
1694
+ #
1695
+ # # Manually reload the operation.
1696
+ # operation.reload!
1697
+ #
1698
+ # # Or block until the operation completes, triggering callbacks on
1699
+ # # completion.
1700
+ # operation.wait_until_done!
1701
+
1702
+ def run_asset_discovery \
1703
+ parent,
1704
+ options: nil
1705
+ req = {
1706
+ parent: parent
1707
+ }.delete_if { |_, v| v.nil? }
1708
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::RunAssetDiscoveryRequest)
1709
+ operation = Google::Gax::Operation.new(
1710
+ @run_asset_discovery.call(req, options),
1711
+ @operations_client,
1712
+ Google::Cloud::SecurityCenter::V1p1beta1::RunAssetDiscoveryResponse,
1713
+ Google::Protobuf::Empty,
1714
+ call_options: options
1715
+ )
1716
+ operation.on_done { |operation| yield(operation) } if block_given?
1717
+ operation
1718
+ end
1719
+
1720
+ # Updates the state of a finding.
1721
+ #
1722
+ # @param name [String]
1723
+ # Required. The relative resource name of the finding. See:
1724
+ # https://cloud.google.com/apis/design/resource_names#relative_resource_name
1725
+ # Example:
1726
+ # "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}".
1727
+ # @param state [Google::Cloud::SecurityCenter::V1p1beta1::Finding::State]
1728
+ # Required. The desired State of the finding.
1729
+ # @param start_time [Google::Protobuf::Timestamp | Hash]
1730
+ # Required. The time at which the updated state takes effect.
1731
+ # A hash of the same form as `Google::Protobuf::Timestamp`
1732
+ # can also be provided.
1733
+ # @param options [Google::Gax::CallOptions]
1734
+ # Overrides the default settings for this call, e.g, timeout,
1735
+ # retries, etc.
1736
+ # @yield [result, operation] Access the result along with the RPC operation
1737
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1738
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1739
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1740
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1741
+ # @example
1742
+ # require "google/cloud/security_center"
1743
+ #
1744
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1745
+ # formatted_name = Google::Cloud::SecurityCenter::V1p1beta1::SecurityCenterClient.finding_path("[ORGANIZATION]", "[SOURCE]", "[FINDING]")
1746
+ #
1747
+ # # TODO: Initialize `state`:
1748
+ # state = :STATE_UNSPECIFIED
1749
+ #
1750
+ # # TODO: Initialize `start_time`:
1751
+ # start_time = {}
1752
+ # response = security_center_client.set_finding_state(formatted_name, state, start_time)
1753
+
1754
+ def set_finding_state \
1755
+ name,
1756
+ state,
1757
+ start_time,
1758
+ options: nil,
1759
+ &block
1760
+ req = {
1761
+ name: name,
1762
+ state: state,
1763
+ start_time: start_time
1764
+ }.delete_if { |_, v| v.nil? }
1765
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::SetFindingStateRequest)
1766
+ @set_finding_state.call(req, options, &block)
1767
+ end
1768
+
1769
+ # Sets the access control policy on the specified Source.
1770
+ #
1771
+ # @param resource [String]
1772
+ # REQUIRED: The resource for which the policy is being specified.
1773
+ # See the operation documentation for the appropriate value for this field.
1774
+ # @param policy [Google::Iam::V1::Policy | Hash]
1775
+ # REQUIRED: The complete policy to be applied to the `resource`. The size of
1776
+ # the policy is limited to a few 10s of KB. An empty policy is a
1777
+ # valid policy but certain Cloud Platform services (such as Projects)
1778
+ # might reject them.
1779
+ # A hash of the same form as `Google::Iam::V1::Policy`
1780
+ # can also be provided.
1781
+ # @param options [Google::Gax::CallOptions]
1782
+ # Overrides the default settings for this call, e.g, timeout,
1783
+ # retries, etc.
1784
+ # @yield [result, operation] Access the result along with the RPC operation
1785
+ # @yieldparam result [Google::Iam::V1::Policy]
1786
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1787
+ # @return [Google::Iam::V1::Policy]
1788
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1789
+ # @example
1790
+ # require "google/cloud/security_center"
1791
+ #
1792
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1793
+ #
1794
+ # # TODO: Initialize `resource`:
1795
+ # resource = ''
1796
+ #
1797
+ # # TODO: Initialize `policy`:
1798
+ # policy = {}
1799
+ # response = security_center_client.set_iam_policy(resource, policy)
1800
+
1801
+ def set_iam_policy \
1802
+ resource,
1803
+ policy,
1804
+ options: nil,
1805
+ &block
1806
+ req = {
1807
+ resource: resource,
1808
+ policy: policy
1809
+ }.delete_if { |_, v| v.nil? }
1810
+ req = Google::Gax::to_proto(req, Google::Iam::V1::SetIamPolicyRequest)
1811
+ @set_iam_policy.call(req, options, &block)
1812
+ end
1813
+
1814
+ # Returns the permissions that a caller has on the specified source.
1815
+ #
1816
+ # @param resource [String]
1817
+ # REQUIRED: The resource for which the policy detail is being requested.
1818
+ # See the operation documentation for the appropriate value for this field.
1819
+ # @param permissions [Array<String>]
1820
+ # The set of permissions to check for the `resource`. Permissions with
1821
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
1822
+ # information see
1823
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
1824
+ # @param options [Google::Gax::CallOptions]
1825
+ # Overrides the default settings for this call, e.g, timeout,
1826
+ # retries, etc.
1827
+ # @yield [result, operation] Access the result along with the RPC operation
1828
+ # @yieldparam result [Google::Iam::V1::TestIamPermissionsResponse]
1829
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1830
+ # @return [Google::Iam::V1::TestIamPermissionsResponse]
1831
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1832
+ # @example
1833
+ # require "google/cloud/security_center"
1834
+ #
1835
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1836
+ #
1837
+ # # TODO: Initialize `resource`:
1838
+ # resource = ''
1839
+ #
1840
+ # # TODO: Initialize `permissions`:
1841
+ # permissions = []
1842
+ # response = security_center_client.test_iam_permissions(resource, permissions)
1843
+
1844
+ def test_iam_permissions \
1845
+ resource,
1846
+ permissions,
1847
+ options: nil,
1848
+ &block
1849
+ req = {
1850
+ resource: resource,
1851
+ permissions: permissions
1852
+ }.delete_if { |_, v| v.nil? }
1853
+ req = Google::Gax::to_proto(req, Google::Iam::V1::TestIamPermissionsRequest)
1854
+ @test_iam_permissions.call(req, options, &block)
1855
+ end
1856
+
1857
+ # Creates or updates a finding. The corresponding source must exist for a
1858
+ # finding creation to succeed.
1859
+ #
1860
+ # @param finding [Google::Cloud::SecurityCenter::V1p1beta1::Finding | Hash]
1861
+ # Required. The finding resource to update or create if it does not already
1862
+ # exist. parent, security_marks, and update_time will be ignored.
1863
+ #
1864
+ # In the case of creation, the finding id portion of the name must be
1865
+ # alphanumeric and less than or equal to 32 characters and greater than 0
1866
+ # characters in length.
1867
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Finding`
1868
+ # can also be provided.
1869
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
1870
+ # The FieldMask to use when updating the finding resource. This field should
1871
+ # not be specified when creating a finding.
1872
+ #
1873
+ # When updating a finding, an empty mask is treated as updating all mutable
1874
+ # fields and replacing source_properties. Individual source_properties can
1875
+ # be added/updated by using "source_properties.<property key>" in the field
1876
+ # mask.
1877
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1878
+ # can also be provided.
1879
+ # @param options [Google::Gax::CallOptions]
1880
+ # Overrides the default settings for this call, e.g, timeout,
1881
+ # retries, etc.
1882
+ # @yield [result, operation] Access the result along with the RPC operation
1883
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1884
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1885
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::Finding]
1886
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1887
+ # @example
1888
+ # require "google/cloud/security_center"
1889
+ #
1890
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1891
+ #
1892
+ # # TODO: Initialize `finding`:
1893
+ # finding = {}
1894
+ # response = security_center_client.update_finding(finding)
1895
+
1896
+ def update_finding \
1897
+ finding,
1898
+ update_mask: nil,
1899
+ options: nil,
1900
+ &block
1901
+ req = {
1902
+ finding: finding,
1903
+ update_mask: update_mask
1904
+ }.delete_if { |_, v| v.nil? }
1905
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateFindingRequest)
1906
+ @update_finding.call(req, options, &block)
1907
+ end
1908
+
1909
+ # Updates a notification config.
1910
+ #
1911
+ # @param notification_config [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig | Hash]
1912
+ # Required. The notification config to update.
1913
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig`
1914
+ # can also be provided.
1915
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
1916
+ # The FieldMask to use when updating the notification config.
1917
+ #
1918
+ # If empty all mutable fields will be updated.
1919
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1920
+ # can also be provided.
1921
+ # @param options [Google::Gax::CallOptions]
1922
+ # Overrides the default settings for this call, e.g, timeout,
1923
+ # retries, etc.
1924
+ # @yield [result, operation] Access the result along with the RPC operation
1925
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
1926
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1927
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
1928
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1929
+ # @example
1930
+ # require "google/cloud/security_center"
1931
+ #
1932
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1933
+ #
1934
+ # # TODO: Initialize `notification_config`:
1935
+ # notification_config = {}
1936
+ # response = security_center_client.update_notification_config(notification_config)
1937
+
1938
+ def update_notification_config \
1939
+ notification_config,
1940
+ update_mask: nil,
1941
+ options: nil,
1942
+ &block
1943
+ req = {
1944
+ notification_config: notification_config,
1945
+ update_mask: update_mask
1946
+ }.delete_if { |_, v| v.nil? }
1947
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateNotificationConfigRequest)
1948
+ @update_notification_config.call(req, options, &block)
1949
+ end
1950
+
1951
+ # Updates an organization's settings.
1952
+ #
1953
+ # @param organization_settings [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings | Hash]
1954
+ # Required. The organization settings resource to update.
1955
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings`
1956
+ # can also be provided.
1957
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
1958
+ # The FieldMask to use when updating the settings resource.
1959
+ #
1960
+ # If empty all mutable fields will be updated.
1961
+ # A hash of the same form as `Google::Protobuf::FieldMask`
1962
+ # can also be provided.
1963
+ # @param options [Google::Gax::CallOptions]
1964
+ # Overrides the default settings for this call, e.g, timeout,
1965
+ # retries, etc.
1966
+ # @yield [result, operation] Access the result along with the RPC operation
1967
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
1968
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
1969
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings]
1970
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
1971
+ # @example
1972
+ # require "google/cloud/security_center"
1973
+ #
1974
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
1975
+ #
1976
+ # # TODO: Initialize `organization_settings`:
1977
+ # organization_settings = {}
1978
+ # response = security_center_client.update_organization_settings(organization_settings)
1979
+
1980
+ def update_organization_settings \
1981
+ organization_settings,
1982
+ update_mask: nil,
1983
+ options: nil,
1984
+ &block
1985
+ req = {
1986
+ organization_settings: organization_settings,
1987
+ update_mask: update_mask
1988
+ }.delete_if { |_, v| v.nil? }
1989
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateOrganizationSettingsRequest)
1990
+ @update_organization_settings.call(req, options, &block)
1991
+ end
1992
+
1993
+ # Updates a source.
1994
+ #
1995
+ # @param source [Google::Cloud::SecurityCenter::V1p1beta1::Source | Hash]
1996
+ # Required. The source resource to update.
1997
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::Source`
1998
+ # can also be provided.
1999
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
2000
+ # The FieldMask to use when updating the source resource.
2001
+ #
2002
+ # If empty all mutable fields will be updated.
2003
+ # A hash of the same form as `Google::Protobuf::FieldMask`
2004
+ # can also be provided.
2005
+ # @param options [Google::Gax::CallOptions]
2006
+ # Overrides the default settings for this call, e.g, timeout,
2007
+ # retries, etc.
2008
+ # @yield [result, operation] Access the result along with the RPC operation
2009
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::Source]
2010
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
2011
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::Source]
2012
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
2013
+ # @example
2014
+ # require "google/cloud/security_center"
2015
+ #
2016
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
2017
+ #
2018
+ # # TODO: Initialize `source`:
2019
+ # source = {}
2020
+ # response = security_center_client.update_source(source)
2021
+
2022
+ def update_source \
2023
+ source,
2024
+ update_mask: nil,
2025
+ options: nil,
2026
+ &block
2027
+ req = {
2028
+ source: source,
2029
+ update_mask: update_mask
2030
+ }.delete_if { |_, v| v.nil? }
2031
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateSourceRequest)
2032
+ @update_source.call(req, options, &block)
2033
+ end
2034
+
2035
+ # Updates security marks.
2036
+ #
2037
+ # @param security_marks [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks | Hash]
2038
+ # Required. The security marks resource to update.
2039
+ # A hash of the same form as `Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks`
2040
+ # can also be provided.
2041
+ # @param update_mask [Google::Protobuf::FieldMask | Hash]
2042
+ # The FieldMask to use when updating the security marks resource.
2043
+ #
2044
+ # The field mask must not contain duplicate fields.
2045
+ # If empty or set to "marks", all marks will be replaced. Individual
2046
+ # marks can be updated using "marks.<mark_key>".
2047
+ # A hash of the same form as `Google::Protobuf::FieldMask`
2048
+ # can also be provided.
2049
+ # @param start_time [Google::Protobuf::Timestamp | Hash]
2050
+ # The time at which the updated SecurityMarks take effect.
2051
+ # If not set uses current server time. Updates will be applied to the
2052
+ # SecurityMarks that are active immediately preceding this time.
2053
+ # A hash of the same form as `Google::Protobuf::Timestamp`
2054
+ # can also be provided.
2055
+ # @param options [Google::Gax::CallOptions]
2056
+ # Overrides the default settings for this call, e.g, timeout,
2057
+ # retries, etc.
2058
+ # @yield [result, operation] Access the result along with the RPC operation
2059
+ # @yieldparam result [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks]
2060
+ # @yieldparam operation [GRPC::ActiveCall::Operation]
2061
+ # @return [Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks]
2062
+ # @raise [Google::Gax::GaxError] if the RPC is aborted.
2063
+ # @example
2064
+ # require "google/cloud/security_center"
2065
+ #
2066
+ # security_center_client = Google::Cloud::SecurityCenter.new(version: :v1p1beta1)
2067
+ #
2068
+ # # TODO: Initialize `security_marks`:
2069
+ # security_marks = {}
2070
+ # response = security_center_client.update_security_marks(security_marks)
2071
+
2072
+ def update_security_marks \
2073
+ security_marks,
2074
+ update_mask: nil,
2075
+ start_time: nil,
2076
+ options: nil,
2077
+ &block
2078
+ req = {
2079
+ security_marks: security_marks,
2080
+ update_mask: update_mask,
2081
+ start_time: start_time
2082
+ }.delete_if { |_, v| v.nil? }
2083
+ req = Google::Gax::to_proto(req, Google::Cloud::SecurityCenter::V1p1beta1::UpdateSecurityMarksRequest)
2084
+ @update_security_marks.call(req, options, &block)
2085
+ end
2086
+ end
2087
+ end
2088
+ end
2089
+ end
2090
+ end