google-cloud-security_center 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c53987a65142ff94fc7bf23fb5d21a65ffa9aa04011ce3547dbfbd800fece172
-  data.tar.gz: 2f159336e93dfed91e0c442b6a2c3115d23f8adb71bbf4914ca9cbb49df423ce
+  metadata.gz: 407977e97e563223b220e1b6aea9315c0a8d4cb7e03f08f7673c0ccde2a584f3
+  data.tar.gz: 9746e680d943378502cec57f4bcff03ece1ceab6600c1b763670913672b8cdc7
 SHA512:
-  metadata.gz: 142ee68972dbed6f5037db53d794f304f44300c94c8e63565e99bc615596c55ea56c746182b71798afbfb31616df6c8b067fa7a1d618af9b26765674d47f3bd2
-  data.tar.gz: 2f97d88ecc50ed333d11d16a0273e80ac587c86a73fb1d4ca244707c4cb6303607dc5371f57b0afc9e5a78277481ddee29521ca8a800a82c59180a92b7c0efbc
+  metadata.gz: 37e397c2fbe90bf4c18f60ff7a2f0fa206866c282747a2e40b6669d25da5b03675f8c1f1e1a34d8528bbfe6a3eb5a316e8288f84b6ad5d05d76dd9c950d570ac
+  data.tar.gz: 14ddd27d0747cdf2d4e69ec147c5b4c25e8fa601e83016c9849677ee29c1dc4c0718be0701969b2d85ea66ebe763d69658ae48baee89b2d8f0e6789967b8639e

data/lib/google/cloud/security_center/v1.rb

@@ -15,6 +15,7 @@
 
 require "google/cloud/security_center/v1/security_center_client"
 require "google/cloud/security_center/v1/helpers"
+require "google/cloud/security_center/v1/notification_message_pb"
 require "google/cloud/security_center/v1/run_asset_discovery_response_pb"
 
 module Google

data/lib/google/cloud/security_center/v1/asset_pb.rb

@@ -4,11 +4,11 @@
 
 require 'google/protobuf'
 
+require 'google/api/annotations_pb'
 require 'google/api/resource_pb'
 require 'google/cloud/security_center/v1/security_marks_pb'
 require 'google/protobuf/struct_pb'
 require 'google/protobuf/timestamp_pb'
-require 'google/api/annotations_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_message "google.cloud.securitycenter.v1.Asset" do
     optional :name, :string, 1

data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/notification_config.rb

@@ -0,0 +1,75 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Cloud
+    module Securitycenter
+      module V1
+        # Cloud Security Command Center (Cloud SCC) notification configs.
+        #
+        # A notification config is a Cloud SCC resource that contains the configuration
+        # to send notifications for create/update events of findings, assets and etc.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The relative resource name of this notification config. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     Example:
+        #     "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+        # @!attribute [rw] description
+        #   @return [String]
+        #     The description of the notification config (max of 1024 characters).
+        # @!attribute [rw] pubsub_topic
+        #   @return [String]
+        #     The PubSub topic to send notifications to. Its format is
+        #     "projects/[project_id]/topics/[topic]".
+        # @!attribute [rw] service_account
+        #   @return [String]
+        #     Output only. The service account that needs "pubsub.topics.publish"
+        #     permission to publish to the PubSub topic.
+        # @!attribute [rw] streaming_config
+        #   @return [Google::Cloud::SecurityCenter::V1::NotificationConfig::StreamingConfig]
+        #     The config for triggering streaming-based notifications.
+        class NotificationConfig
+          # The config for streaming-based notifications, which send each event as soon
+          # as it is detected.
+          # @!attribute [rw] filter
+          #   @return [String]
+          #     Expression that defines the filter to apply across create/update events
+          #     of assets or findings as specified by the event type. The expression is a
+          #     list of zero or more restrictions combined via logical operators `AND`
+          #     and `OR`. Parentheses are supported, and `OR` has higher precedence than
+          #     `AND`.
+          #
+          #     Restrictions have the form `<field> <operator> <value>` and may have a
+          #     `-` character in front of them to indicate negation. The fields map to
+          #     those defined in the corresponding resource.
+          #
+          #     The supported operators are:
+          #
+          #     * `=` for all value types.
+          #     * `>`, `<`, `>=`, `<=` for integer values.
+          #     * `:`, meaning substring matching, for strings.
+          #
+          #     The supported value types are:
+          #
+          #     * string literals in quotes.
+          #     * integer literals without quotes.
+          #     * boolean literals `true` and `false` without quotes.
+          class StreamingConfig; end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/securitycenter_service.rb

@@ -29,10 +29,28 @@ module Google
         #     greater than 0 characters in length.
         # @!attribute [rw] finding
         #   @return [Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The Finding being created. The name and security_marks will be ignored as
-        #     they are both output only fields on this resource.
+        #     Required. The Finding being created. The name and security_marks will be
+        #     ignored as they are both output only fields on this resource.
         class CreateFindingRequest; end
 
+        # Request message for creating a notification config.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. Resource name of the new notification config's parent. Its format
+        #     is "organizations/[organization_id]".
+        # @!attribute [rw] config_id
+        #   @return [String]
+        #     Required.
+        #     Unique identifier provided by the client within the parent scope.
+        #     It must be between 1 and 128 characters, and contains alphanumeric
+        #     characters, underscores or hyphens only.
+        # @!attribute [rw] notification_config
+        #   @return [Google::Cloud::SecurityCenter::V1::NotificationConfig]
+        #     Required. The notification config being created. The name and the service
+        #     account will be ignored as they are both output only fields on this
+        #     resource.
+        class CreateNotificationConfigRequest; end
+
         # Request message for creating a source.
         # @!attribute [rw] parent
         #   @return [String]
@@ -40,15 +58,29 @@ module Google
         #     "organizations/[organization_id]".
         # @!attribute [rw] source
         #   @return [Google::Cloud::SecurityCenter::V1::Source]
-        #     Required. The Source being created, only the display_name and description will be
-        #     used. All other fields will be ignored.
+        #     Required. The Source being created, only the display_name and description
+        #     will be used. All other fields will be ignored.
         class CreateSourceRequest; end
 
+        # Request message for deleting a notification config.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Required. Name of the notification config to delete. Its format is
+        #     "organizations/[organization_id]/notificationConfigs/[config_id]".
+        class DeleteNotificationConfigRequest; end
+
+        # Request message for getting a notification config.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Required. Name of the notification config to get. Its format is
+        #     "organizations/[organization_id]/notificationConfigs/[config_id]".
+        class GetNotificationConfigRequest; end
+
         # Request message for getting organization settings.
         # @!attribute [rw] name
         #   @return [String]
-        #     Required. Name of the organization to get organization settings for. Its format is
-        #     "organizations/[organization_id]/organizationSettings".
+        #     Required. Name of the organization to get organization settings for. Its
+        #     format is "organizations/[organization_id]/organizationSettings".
         class GetOrganizationSettingsRequest; end
 
         # Request message for getting a source.
@@ -123,9 +155,9 @@ module Google
         #     For example, `resource_properties.size = 100` is a valid filter string.
         # @!attribute [rw] group_by
         #   @return [String]
-        #     Required. Expression that defines what assets fields to use for grouping. The string
-        #     value should follow SQL syntax: comma separated list of fields. For
-        #     example:
+        #     Required. Expression that defines what assets fields to use for grouping.
+        #     The string value should follow SQL syntax: comma separated list of fields.
+        #     For example:
         #     "security_center_properties.resource_project,security_center_properties.project".
         #
         #     The following fields are supported when compare_duration is not set:
@@ -259,9 +291,9 @@ module Google
         #     For example, `source_properties.size = 100` is a valid filter string.
         # @!attribute [rw] group_by
         #   @return [String]
-        #     Required. Expression that defines what assets fields to use for grouping (including
-        #     `state_change`). The string value should follow SQL syntax: comma separated
-        #     list of fields. For example: "parent,resource_name".
+        #     Required. Expression that defines what assets fields to use for grouping
+        #     (including `state_change`). The string value should follow SQL syntax:
+        #     comma separated list of fields. For example: "parent,resource_name".
         #
         #     The following fields are supported:
         #
@@ -294,12 +326,18 @@ module Google
         #
         #     Possible "state_change" values when compare_duration is specified:
         #
-        #     * "CHANGED":   indicates that the finding was present at the start of
-        #       compare_duration, but changed its state at read_time.
-        #     * "UNCHANGED": indicates that the finding was present at the start of
-        #       compare_duration and did not change state at read_time.
-        #     * "ADDED":     indicates that the finding was not present at the start
-        #       of compare_duration, but was present at read_time.
+        #     * "CHANGED":   indicates that the finding was present and matched the given
+        #       filter at the start of compare_duration, but changed its
+        #       state at read_time.
+        #     * "UNCHANGED": indicates that the finding was present and matched the given
+        #       filter at the start of compare_duration and did not change
+        #       state at read_time.
+        #     * "ADDED":     indicates that the finding did not match the given filter or
+        #       was not present at the start of compare_duration, but was
+        #       present at read_time.
+        #     * "REMOVED":   indicates that the finding was present and matched the
+        #       filter at the start of compare_duration, but did not match
+        #       the filter at read_time.
         #
         #     If compare_duration is not specified, then the only possible state_change
         #     is "UNUSED",  which will be the state_change set for all findings present
@@ -345,11 +383,37 @@ module Google
         #     Total count of resources for the given properties.
         class GroupResult; end
 
+        # Request message for listing notification configs.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. Name of the organization to list notification configs.
+        #     Its format is "organizations/[organization_id]".
+        # @!attribute [rw] page_token
+        #   @return [String]
+        #     The value returned by the last `ListNotificationConfigsResponse`; indicates
+        #     that this is a continuation of a prior `ListNotificationConfigs` call, and
+        #     that the system should return the next page of data.
+        # @!attribute [rw] page_size
+        #   @return [Integer]
+        #     The maximum number of results to return in a single response. Default is
+        #     10, minimum is 1, maximum is 1000.
+        class ListNotificationConfigsRequest; end
+
+        # Response message for listing notification configs.
+        # @!attribute [rw] notification_configs
+        #   @return [Array<Google::Cloud::SecurityCenter::V1::NotificationConfig>]
+        #     Notification configs belonging to the requested parent.
+        # @!attribute [rw] next_page_token
+        #   @return [String]
+        #     Token to retrieve the next page of results, or empty if there are no more
+        #     results.
+        class ListNotificationConfigsResponse; end
+
         # Request message for listing sources.
         # @!attribute [rw] parent
         #   @return [String]
-        #     Required. Resource name of the parent of sources to list. Its format should be
-        #     "organizations/[organization_id]".
+        #     Required. Resource name of the parent of sources to list. Its format should
+        #     be "organizations/[organization_id]".
         # @!attribute [rw] page_token
         #   @return [String]
         #     The value returned by the last `ListSourcesResponse`; indicates
@@ -491,9 +555,8 @@ module Google
         #     read_time.
         # @!attribute [rw] field_mask
         #   @return [Google::Protobuf::FieldMask]
-        #     Optional. A field mask to specify the ListAssetsResult fields to be listed in the
-        #     response.
-        #     An empty field mask will list all fields.
+        #     Optional. A field mask to specify the ListAssetsResult fields to be listed
+        #     in the response. An empty field mask will list all fields.
         # @!attribute [rw] page_token
         #   @return [String]
         #     The value returned by the last `ListAssetsResponse`; indicates
@@ -644,20 +707,26 @@ module Google
         #
         #     Possible "state_change" values when compare_duration is specified:
         #
-        #     * "CHANGED":   indicates that the finding was present at the start of
-        #       compare_duration, but changed its state at read_time.
-        #     * "UNCHANGED": indicates that the finding was present at the start of
-        #       compare_duration and did not change state at read_time.
-        #     * "ADDED":     indicates that the finding was not present at the start
-        #       of compare_duration, but was present at read_time.
+        #     * "CHANGED":   indicates that the finding was present and matched the given
+        #       filter at the start of compare_duration, but changed its
+        #       state at read_time.
+        #     * "UNCHANGED": indicates that the finding was present and matched the given
+        #       filter at the start of compare_duration and did not change
+        #       state at read_time.
+        #     * "ADDED":     indicates that the finding did not match the given filter or
+        #       was not present at the start of compare_duration, but was
+        #       present at read_time.
+        #     * "REMOVED":   indicates that the finding was present and matched the
+        #       filter at the start of compare_duration, but did not match
+        #       the filter at read_time.
         #
         #     If compare_duration is not specified, then the only possible state_change
         #     is "UNUSED", which will be the state_change set for all findings present at
         #     read_time.
         # @!attribute [rw] field_mask
         #   @return [Google::Protobuf::FieldMask]
-        #     Optional. A field mask to specify the Finding fields to be listed in the response.
-        #     An empty field mask will list all fields.
+        #     Optional. A field mask to specify the Finding fields to be listed in the
+        #     response. An empty field mask will list all fields.
         # @!attribute [rw] page_token
         #   @return [String]
         #     The value returned by the last `ListFindingsResponse`; indicates
@@ -763,15 +832,15 @@ module Google
         # Request message for running asset discovery for an organization.
         # @!attribute [rw] parent
         #   @return [String]
-        #     Required. Name of the organization to run asset discovery for. Its format is
-        #     "organizations/[organization_id]".
+        #     Required. Name of the organization to run asset discovery for. Its format
+        #     is "organizations/[organization_id]".
         class RunAssetDiscoveryRequest; end
 
         # Request message for updating or creating a finding.
         # @!attribute [rw] finding
         #   @return [Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The finding resource to update or create if it does not already exist.
-        #     parent, security_marks, and update_time will be ignored.
+        #     Required. The finding resource to update or create if it does not already
+        #     exist. parent, security_marks, and update_time will be ignored.
         #
         #     In the case of creation, the finding id portion of the name must be
         #     alphanumeric and less than or equal to 32 characters and greater than 0
@@ -787,6 +856,17 @@ module Google
         #     mask.
         class UpdateFindingRequest; end
 
+        # Request message for updating a notification config.
+        # @!attribute [rw] notification_config
+        #   @return [Google::Cloud::SecurityCenter::V1::NotificationConfig]
+        #     Required. The notification config to update.
+        # @!attribute [rw] update_mask
+        #   @return [Google::Protobuf::FieldMask]
+        #     The FieldMask to use when updating the notification config.
+        #
+        #     If empty all mutable fields will be updated.
+        class UpdateNotificationConfigRequest; end
+
         # Request message for updating an organization's settings.
         # @!attribute [rw] organization_settings
         #   @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]

data/lib/google/cloud/security_center/v1/doc/google/protobuf/empty.rb

@@ -0,0 +1,29 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+module Google
+  module Protobuf
+    # A generic empty message that you can re-use to avoid defining duplicated
+    # empty messages in your APIs. A typical example is to use it as the request
+    # or the response type of an API method. For instance:
+    #
+    #     service Foo {
+    #       rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
+    #     }
+    #
+    # The JSON representation for `Empty` is empty JSON object `{}`.
+    class Empty; end
+  end
+end

data/lib/google/cloud/security_center/v1/finding_pb.rb

@@ -4,12 +4,12 @@
 
 require 'google/protobuf'
 
+require 'google/api/annotations_pb'
 require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
 require 'google/cloud/security_center/v1/security_marks_pb'
 require 'google/protobuf/struct_pb'
 require 'google/protobuf/timestamp_pb'
-require 'google/api/annotations_pb'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_message "google.cloud.securitycenter.v1.Finding" do
     optional :name, :string, 1

data/lib/google/cloud/security_center/v1/helpers.rb

@@ -44,6 +44,14 @@ module Google
             self.class.finding_security_marks_path organization, source, finding
           end
           
+          # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.notification_config_path.
+          # @param organization [String]
+          # @param notification_config [String]
+          # @return [String]
+          def notification_config_path organization, notification_config
+            self.class.notification_config_path organization, notification_config
+          end
+          
           # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.organization_path.
           # @param organization [String]
           # @return [String]
@@ -65,6 +73,14 @@ module Google
           def source_path organization, source
             self.class.source_path organization, source
           end
+          
+          # Alias for Google::Cloud::SecurityCenter::V1::SecurityCenterClient.topic_path.
+          # @param project [String]
+          # @param topic [String]
+          # @return [String]
+          def topic_path project, topic
+            self.class.topic_path project, topic
+          end
         end
       end
     end

data/lib/google/cloud/security_center/v1/notification_config_pb.rb

@@ -0,0 +1,28 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/security_center/v1/notification_config.proto
+
+
+require 'google/protobuf'
+
+require 'google/api/annotations_pb'
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_message "google.cloud.securitycenter.v1.NotificationConfig" do
+    optional :name, :string, 1
+    optional :description, :string, 2
+    optional :pubsub_topic, :string, 3
+    optional :service_account, :string, 4
+    oneof :notify_config do
+      optional :streaming_config, :message, 5, "google.cloud.securitycenter.v1.NotificationConfig.StreamingConfig"
+    end
+  end
+  add_message "google.cloud.securitycenter.v1.NotificationConfig.StreamingConfig" do
+    optional :filter, :string, 1
+  end
+end
+
+module Google::Cloud::SecurityCenter::V1
+  NotificationConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.NotificationConfig").msgclass
+  NotificationConfig::StreamingConfig = Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.NotificationConfig.StreamingConfig").msgclass
+end