google-cloud-security_center 0.9.0 → 1.1.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (78) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +3 -2
  3. data/AUTHENTICATION.md +51 -59
  4. data/LICENSE.md +203 -0
  5. data/MIGRATING.md +327 -0
  6. data/README.md +36 -25
  7. data/lib/{google/cloud/security_center/v1/doc/google/protobuf/empty.rb → google-cloud-security_center.rb} +4 -14
  8. data/lib/google/cloud/security_center.rb +87 -117
  9. data/lib/google/cloud/security_center/version.rb +6 -2
  10. metadata +63 -113
  11. data/LICENSE +0 -201
  12. data/lib/google/cloud/security_center/v1.rb +0 -149
  13. data/lib/google/cloud/security_center/v1/asset_pb.rb +0 -41
  14. data/lib/google/cloud/security_center/v1/credentials.rb +0 -41
  15. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/asset.rb +0 -105
  16. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/finding.rb +0 -97
  17. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/notification_config.rb +0 -75
  18. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/organization_settings.rb +0 -72
  19. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/security_marks.rb +0 -45
  20. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/securitycenter_service.rb +0 -912
  21. data/lib/google/cloud/security_center/v1/doc/google/cloud/securitycenter/v1/source.rb +0 -50
  22. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/iam_policy.rb +0 -64
  23. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/options.rb +0 -33
  24. data/lib/google/cloud/security_center/v1/doc/google/iam/v1/policy.rb +0 -151
  25. data/lib/google/cloud/security_center/v1/doc/google/longrunning/operations.rb +0 -51
  26. data/lib/google/cloud/security_center/v1/doc/google/protobuf/any.rb +0 -131
  27. data/lib/google/cloud/security_center/v1/doc/google/protobuf/duration.rb +0 -91
  28. data/lib/google/cloud/security_center/v1/doc/google/protobuf/field_mask.rb +0 -222
  29. data/lib/google/cloud/security_center/v1/doc/google/protobuf/struct.rb +0 -74
  30. data/lib/google/cloud/security_center/v1/doc/google/protobuf/timestamp.rb +0 -113
  31. data/lib/google/cloud/security_center/v1/doc/google/rpc/status.rb +0 -39
  32. data/lib/google/cloud/security_center/v1/doc/google/type/expr.rb +0 -45
  33. data/lib/google/cloud/security_center/v1/finding_pb.rb +0 -36
  34. data/lib/google/cloud/security_center/v1/helpers.rb +0 -88
  35. data/lib/google/cloud/security_center/v1/notification_config_pb.rb +0 -28
  36. data/lib/google/cloud/security_center/v1/notification_message_pb.rb +0 -20
  37. data/lib/google/cloud/security_center/v1/organization_settings_pb.rb +0 -30
  38. data/lib/google/cloud/security_center/v1/run_asset_discovery_response_pb.rb +0 -25
  39. data/lib/google/cloud/security_center/v1/security_center_client.rb +0 -2118
  40. data/lib/google/cloud/security_center/v1/security_center_client_config.json +0 -141
  41. data/lib/google/cloud/security_center/v1/security_marks_pb.rb +0 -18
  42. data/lib/google/cloud/security_center/v1/securitycenter_service_pb.rb +0 -230
  43. data/lib/google/cloud/security_center/v1/securitycenter_service_services_pb.rb +0 -100
  44. data/lib/google/cloud/security_center/v1/source_pb.rb +0 -19
  45. data/lib/google/cloud/security_center/v1p1beta1.rb +0 -149
  46. data/lib/google/cloud/security_center/v1p1beta1/asset_pb.rb +0 -41
  47. data/lib/google/cloud/security_center/v1p1beta1/credentials.rb +0 -41
  48. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/asset.rb +0 -105
  49. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/finding.rb +0 -96
  50. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/notification_config.rb +0 -87
  51. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/organization_settings.rb +0 -72
  52. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/security_marks.rb +0 -45
  53. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/securitycenter_service.rb +0 -923
  54. data/lib/google/cloud/security_center/v1p1beta1/doc/google/cloud/securitycenter/v1p1beta1/source.rb +0 -49
  55. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/iam_policy.rb +0 -64
  56. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/options.rb +0 -33
  57. data/lib/google/cloud/security_center/v1p1beta1/doc/google/iam/v1/policy.rb +0 -151
  58. data/lib/google/cloud/security_center/v1p1beta1/doc/google/longrunning/operations.rb +0 -51
  59. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/any.rb +0 -131
  60. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/duration.rb +0 -91
  61. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/empty.rb +0 -29
  62. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/field_mask.rb +0 -222
  63. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/struct.rb +0 -74
  64. data/lib/google/cloud/security_center/v1p1beta1/doc/google/protobuf/timestamp.rb +0 -113
  65. data/lib/google/cloud/security_center/v1p1beta1/doc/google/rpc/status.rb +0 -39
  66. data/lib/google/cloud/security_center/v1p1beta1/doc/google/type/expr.rb +0 -45
  67. data/lib/google/cloud/security_center/v1p1beta1/finding_pb.rb +0 -36
  68. data/lib/google/cloud/security_center/v1p1beta1/helpers.rb +0 -71
  69. data/lib/google/cloud/security_center/v1p1beta1/notification_config_pb.rb +0 -34
  70. data/lib/google/cloud/security_center/v1p1beta1/notification_message_pb.rb +0 -21
  71. data/lib/google/cloud/security_center/v1p1beta1/organization_settings_pb.rb +0 -30
  72. data/lib/google/cloud/security_center/v1p1beta1/run_asset_discovery_response_pb.rb +0 -25
  73. data/lib/google/cloud/security_center/v1p1beta1/security_center_client.rb +0 -2093
  74. data/lib/google/cloud/security_center/v1p1beta1/security_center_client_config.json +0 -141
  75. data/lib/google/cloud/security_center/v1p1beta1/security_marks_pb.rb +0 -18
  76. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_pb.rb +0 -234
  77. data/lib/google/cloud/security_center/v1p1beta1/securitycenter_service_services_pb.rb +0 -103
  78. data/lib/google/cloud/security_center/v1p1beta1/source_pb.rb +0 -19
@@ -1,97 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Cloud
18
- module Securitycenter
19
- module V1
20
- # Cloud Security Command Center (Cloud SCC) finding.
21
- #
22
- # A finding is a record of assessment data like security, risk, health, or
23
- # privacy, that is ingested into Cloud SCC for presentation, notification,
24
- # analysis, policy testing, and enforcement. For example, a
25
- # cross-site scripting (XSS) vulnerability in an App Engine application is a
26
- # finding.
27
- # @!attribute [rw] name
28
- # @return [String]
29
- # The relative resource name of this finding. See:
30
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
31
- # Example:
32
- # "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
33
- # @!attribute [rw] parent
34
- # @return [String]
35
- # The relative resource name of the source the finding belongs to. See:
36
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
37
- # This field is immutable after creation time.
38
- # For example:
39
- # "organizations/{organization_id}/sources/{source_id}"
40
- # @!attribute [rw] resource_name
41
- # @return [String]
42
- # For findings on Google Cloud Platform (GCP) resources, the full resource
43
- # name of the GCP resource this finding is for. See:
44
- # https://cloud.google.com/apis/design/resource_names#full_resource_name
45
- # When the finding is for a non-GCP resource, the resourceName can be a
46
- # customer or partner defined string.
47
- # This field is immutable after creation time.
48
- # @!attribute [rw] state
49
- # @return [Google::Cloud::SecurityCenter::V1::Finding::State]
50
- # The state of the finding.
51
- # @!attribute [rw] category
52
- # @return [String]
53
- # The additional taxonomy group within findings from a given source.
54
- # This field is immutable after creation time.
55
- # Example: "XSS_FLASH_INJECTION"
56
- # @!attribute [rw] external_uri
57
- # @return [String]
58
- # The URI that, if available, points to a web page outside of Cloud SCC
59
- # where additional information about the finding can be found. This field is
60
- # guaranteed to be either empty or a well formed URL.
61
- # @!attribute [rw] source_properties
62
- # @return [Hash{String => Google::Protobuf::Value}]
63
- # Source specific properties. These properties are managed by the source
64
- # that writes the finding. The key names in the source_properties map must be
65
- # between 1 and 255 characters, and must start with a letter and contain
66
- # alphanumeric characters or underscores only.
67
- # @!attribute [rw] security_marks
68
- # @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
69
- # Output only. User specified security marks. These marks are entirely
70
- # managed by the user and come from the SecurityMarks resource that belongs
71
- # to the finding.
72
- # @!attribute [rw] event_time
73
- # @return [Google::Protobuf::Timestamp]
74
- # The time at which the event took place. For example, if the finding
75
- # represents an open firewall it would capture the time the detector believes
76
- # the firewall became open. The accuracy is determined by the detector.
77
- # @!attribute [rw] create_time
78
- # @return [Google::Protobuf::Timestamp]
79
- # The time at which the finding was created in Cloud SCC.
80
- class Finding
81
- # The state of the finding.
82
- module State
83
- # Unspecified state.
84
- STATE_UNSPECIFIED = 0
85
-
86
- # The finding requires attention and has not been addressed yet.
87
- ACTIVE = 1
88
-
89
- # The finding has been fixed, triaged as a non-issue or otherwise addressed
90
- # and is no longer active.
91
- INACTIVE = 2
92
- end
93
- end
94
- end
95
- end
96
- end
97
- end
@@ -1,75 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Cloud
18
- module Securitycenter
19
- module V1
20
- # Cloud Security Command Center (Cloud SCC) notification configs.
21
- #
22
- # A notification config is a Cloud SCC resource that contains the configuration
23
- # to send notifications for create/update events of findings, assets and etc.
24
- # @!attribute [rw] name
25
- # @return [String]
26
- # The relative resource name of this notification config. See:
27
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
28
- # Example:
29
- # "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
30
- # @!attribute [rw] description
31
- # @return [String]
32
- # The description of the notification config (max of 1024 characters).
33
- # @!attribute [rw] pubsub_topic
34
- # @return [String]
35
- # The PubSub topic to send notifications to. Its format is
36
- # "projects/[project_id]/topics/[topic]".
37
- # @!attribute [rw] service_account
38
- # @return [String]
39
- # Output only. The service account that needs "pubsub.topics.publish"
40
- # permission to publish to the PubSub topic.
41
- # @!attribute [rw] streaming_config
42
- # @return [Google::Cloud::SecurityCenter::V1::NotificationConfig::StreamingConfig]
43
- # The config for triggering streaming-based notifications.
44
- class NotificationConfig
45
- # The config for streaming-based notifications, which send each event as soon
46
- # as it is detected.
47
- # @!attribute [rw] filter
48
- # @return [String]
49
- # Expression that defines the filter to apply across create/update events
50
- # of assets or findings as specified by the event type. The expression is a
51
- # list of zero or more restrictions combined via logical operators `AND`
52
- # and `OR`. Parentheses are supported, and `OR` has higher precedence than
53
- # `AND`.
54
- #
55
- # Restrictions have the form `<field> <operator> <value>` and may have a
56
- # `-` character in front of them to indicate negation. The fields map to
57
- # those defined in the corresponding resource.
58
- #
59
- # The supported operators are:
60
- #
61
- # * `=` for all value types.
62
- # * `>`, `<`, `>=`, `<=` for integer values.
63
- # * `:`, meaning substring matching, for strings.
64
- #
65
- # The supported value types are:
66
- #
67
- # * string literals in quotes.
68
- # * integer literals without quotes.
69
- # * boolean literals `true` and `false` without quotes.
70
- class StreamingConfig; end
71
- end
72
- end
73
- end
74
- end
75
- end
@@ -1,72 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Cloud
18
- module Securitycenter
19
- module V1
20
- # User specified settings that are attached to the Cloud Security Command
21
- # Center (Cloud SCC) organization.
22
- # @!attribute [rw] name
23
- # @return [String]
24
- # The relative resource name of the settings. See:
25
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
26
- # Example:
27
- # "organizations/{organization_id}/organizationSettings".
28
- # @!attribute [rw] enable_asset_discovery
29
- # @return [true, false]
30
- # A flag that indicates if Asset Discovery should be enabled. If the flag is
31
- # set to `true`, then discovery of assets will occur. If it is set to `false,
32
- # all historical assets will remain, but discovery of future assets will not
33
- # occur.
34
- # @!attribute [rw] asset_discovery_config
35
- # @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings::AssetDiscoveryConfig]
36
- # The configuration used for Asset Discovery runs.
37
- class OrganizationSettings
38
- # The configuration used for Asset Discovery runs.
39
- # @!attribute [rw] project_ids
40
- # @return [Array<String>]
41
- # The project ids to use for filtering asset discovery.
42
- # @!attribute [rw] inclusion_mode
43
- # @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings::AssetDiscoveryConfig::InclusionMode]
44
- # The mode to use for filtering asset discovery.
45
- class AssetDiscoveryConfig
46
- # The mode of inclusion when running Asset Discovery.
47
- # Asset discovery can be limited by explicitly identifying projects to be
48
- # included or excluded. If INCLUDE_ONLY is set, then only those projects
49
- # within the organization and their children are discovered during asset
50
- # discovery. If EXCLUDE is set, then projects that don't match those
51
- # projects are discovered during asset discovery. If neither are set, then
52
- # all projects within the organization are discovered during asset
53
- # discovery.
54
- module InclusionMode
55
- # Unspecified. Setting the mode with this value will disable
56
- # inclusion/exclusion filtering for Asset Discovery.
57
- INCLUSION_MODE_UNSPECIFIED = 0
58
-
59
- # Asset Discovery will capture only the resources within the projects
60
- # specified. All other resources will be ignored.
61
- INCLUDE_ONLY = 1
62
-
63
- # Asset Discovery will ignore all resources under the projects specified.
64
- # All other resources will be retrieved.
65
- EXCLUDE = 2
66
- end
67
- end
68
- end
69
- end
70
- end
71
- end
72
- end
@@ -1,45 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Cloud
18
- module Securitycenter
19
- module V1
20
- # User specified security marks that are attached to the parent Cloud Security
21
- # Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud
22
- # SCC organization -- they can be modified and viewed by all users who have
23
- # proper permissions on the organization.
24
- # @!attribute [rw] name
25
- # @return [String]
26
- # The relative resource name of the SecurityMarks. See:
27
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
28
- # Examples:
29
- # "organizations/{organization_id}/assets/{asset_id}/securityMarks"
30
- # "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks".
31
- # @!attribute [rw] marks
32
- # @return [Hash{String => String}]
33
- # Mutable user specified security marks belonging to the parent resource.
34
- # Constraints are as follows:
35
- #
36
- # * Keys and values are treated as case insensitive
37
- # * Keys must be between 1 - 256 characters (inclusive)
38
- # * Keys must be letters, numbers, underscores, or dashes
39
- # * Values have leading and trailing whitespace trimmed, remaining
40
- # characters must be between 1 - 4096 characters (inclusive)
41
- class SecurityMarks; end
42
- end
43
- end
44
- end
45
- end
@@ -1,912 +0,0 @@
1
- # Copyright 2020 Google LLC
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # https://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
-
16
- module Google
17
- module Cloud
18
- module Securitycenter
19
- module V1
20
- # Request message for creating a finding.
21
- # @!attribute [rw] parent
22
- # @return [String]
23
- # Required. Resource name of the new finding's parent. Its format should be
24
- # "organizations/[organization_id]/sources/[source_id]".
25
- # @!attribute [rw] finding_id
26
- # @return [String]
27
- # Required. Unique identifier provided by the client within the parent scope.
28
- # It must be alphanumeric and less than or equal to 32 characters and
29
- # greater than 0 characters in length.
30
- # @!attribute [rw] finding
31
- # @return [Google::Cloud::SecurityCenter::V1::Finding]
32
- # Required. The Finding being created. The name and security_marks will be
33
- # ignored as they are both output only fields on this resource.
34
- class CreateFindingRequest; end
35
-
36
- # Request message for creating a notification config.
37
- # @!attribute [rw] parent
38
- # @return [String]
39
- # Required. Resource name of the new notification config's parent. Its format
40
- # is "organizations/[organization_id]".
41
- # @!attribute [rw] config_id
42
- # @return [String]
43
- # Required.
44
- # Unique identifier provided by the client within the parent scope.
45
- # It must be between 1 and 128 characters, and contains alphanumeric
46
- # characters, underscores or hyphens only.
47
- # @!attribute [rw] notification_config
48
- # @return [Google::Cloud::SecurityCenter::V1::NotificationConfig]
49
- # Required. The notification config being created. The name and the service
50
- # account will be ignored as they are both output only fields on this
51
- # resource.
52
- class CreateNotificationConfigRequest; end
53
-
54
- # Request message for creating a source.
55
- # @!attribute [rw] parent
56
- # @return [String]
57
- # Required. Resource name of the new source's parent. Its format should be
58
- # "organizations/[organization_id]".
59
- # @!attribute [rw] source
60
- # @return [Google::Cloud::SecurityCenter::V1::Source]
61
- # Required. The Source being created, only the display_name and description
62
- # will be used. All other fields will be ignored.
63
- class CreateSourceRequest; end
64
-
65
- # Request message for deleting a notification config.
66
- # @!attribute [rw] name
67
- # @return [String]
68
- # Required. Name of the notification config to delete. Its format is
69
- # "organizations/[organization_id]/notificationConfigs/[config_id]".
70
- class DeleteNotificationConfigRequest; end
71
-
72
- # Request message for getting a notification config.
73
- # @!attribute [rw] name
74
- # @return [String]
75
- # Required. Name of the notification config to get. Its format is
76
- # "organizations/[organization_id]/notificationConfigs/[config_id]".
77
- class GetNotificationConfigRequest; end
78
-
79
- # Request message for getting organization settings.
80
- # @!attribute [rw] name
81
- # @return [String]
82
- # Required. Name of the organization to get organization settings for. Its
83
- # format is "organizations/[organization_id]/organizationSettings".
84
- class GetOrganizationSettingsRequest; end
85
-
86
- # Request message for getting a source.
87
- # @!attribute [rw] name
88
- # @return [String]
89
- # Required. Relative resource name of the source. Its format is
90
- # "organizations/[organization_id]/source/[source_id]".
91
- class GetSourceRequest; end
92
-
93
- # Request message for grouping by assets.
94
- # @!attribute [rw] parent
95
- # @return [String]
96
- # Required. Name of the organization to groupBy. Its format is
97
- # "organizations/[organization_id]".
98
- # @!attribute [rw] filter
99
- # @return [String]
100
- # Expression that defines the filter to apply across assets.
101
- # The expression is a list of zero or more restrictions combined via logical
102
- # operators `AND` and `OR`.
103
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
104
- #
105
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
106
- # character in front of them to indicate negation. The fields map to those
107
- # defined in the Asset resource. Examples include:
108
- #
109
- # * name
110
- # * security_center_properties.resource_name
111
- # * resource_properties.a_property
112
- # * security_marks.marks.marka
113
- #
114
- # The supported operators are:
115
- #
116
- # * `=` for all value types.
117
- # * `>`, `<`, `>=`, `<=` for integer values.
118
- # * `:`, meaning substring matching, for strings.
119
- #
120
- # The supported value types are:
121
- #
122
- # * string literals in quotes.
123
- # * integer literals without quotes.
124
- # * boolean literals `true` and `false` without quotes.
125
- #
126
- # The following field and operator combinations are supported:
127
- #
128
- # * name: `=`
129
- # * update_time: `=`, `>`, `<`, `>=`, `<=`
130
- #
131
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
132
- # Examples:
133
- # "update_time = \"2019-06-10T16:07:18-07:00\""
134
- # "update_time = 1560208038000"
135
- #
136
- # * create_time: `=`, `>`, `<`, `>=`, `<=`
137
- #
138
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
139
- # Examples:
140
- # "create_time = \"2019-06-10T16:07:18-07:00\""
141
- # "create_time = 1560208038000"
142
- #
143
- # * iam_policy.policy_blob: `=`, `:`
144
- # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
145
- # * security_marks.marks: `=`, `:`
146
- # * security_center_properties.resource_name: `=`, `:`
147
- # * security_center_properties.resource_display_name: `=`, `:`
148
- # * security_center_properties.resource_type: `=`, `:`
149
- # * security_center_properties.resource_parent: `=`, `:`
150
- # * security_center_properties.resource_parent_display_name: `=`, `:`
151
- # * security_center_properties.resource_project: `=`, `:`
152
- # * security_center_properties.resource_project_display_name: `=`, `:`
153
- # * security_center_properties.resource_owners: `=`, `:`
154
- #
155
- # For example, `resource_properties.size = 100` is a valid filter string.
156
- # @!attribute [rw] group_by
157
- # @return [String]
158
- # Required. Expression that defines what assets fields to use for grouping.
159
- # The string value should follow SQL syntax: comma separated list of fields.
160
- # For example:
161
- # "security_center_properties.resource_project,security_center_properties.project".
162
- #
163
- # The following fields are supported when compare_duration is not set:
164
- #
165
- # * security_center_properties.resource_project
166
- # * security_center_properties.resource_project_display_name
167
- # * security_center_properties.resource_type
168
- # * security_center_properties.resource_parent
169
- # * security_center_properties.resource_parent_display_name
170
- #
171
- # The following fields are supported when compare_duration is set:
172
- #
173
- # * security_center_properties.resource_type
174
- # * security_center_properties.resource_project_display_name
175
- # * security_center_properties.resource_parent_display_name
176
- # @!attribute [rw] compare_duration
177
- # @return [Google::Protobuf::Duration]
178
- # When compare_duration is set, the GroupResult's "state_change" property is
179
- # updated to indicate whether the asset was added, removed, or remained
180
- # present during the compare_duration period of time that precedes the
181
- # read_time. This is the time between (read_time - compare_duration) and
182
- # read_time.
183
- #
184
- # The state change value is derived based on the presence of the asset at the
185
- # two points in time. Intermediate state changes between the two times don't
186
- # affect the result. For example, the results aren't affected if the asset is
187
- # removed and re-created again.
188
- #
189
- # Possible "state_change" values when compare_duration is specified:
190
- #
191
- # * "ADDED": indicates that the asset was not present at the start of
192
- # compare_duration, but present at reference_time.
193
- # * "REMOVED": indicates that the asset was present at the start of
194
- # compare_duration, but not present at reference_time.
195
- # * "ACTIVE": indicates that the asset was present at both the
196
- # start and the end of the time period defined by
197
- # compare_duration and reference_time.
198
- #
199
- # If compare_duration is not specified, then the only possible state_change
200
- # is "UNUSED", which will be the state_change set for all assets present at
201
- # read_time.
202
- #
203
- # If this field is set then `state_change` must be a specified field in
204
- # `group_by`.
205
- # @!attribute [rw] read_time
206
- # @return [Google::Protobuf::Timestamp]
207
- # Time used as a reference point when filtering assets. The filter is limited
208
- # to assets existing at the supplied time and their values are those at that
209
- # specific time. Absence of this field will default to the API's version of
210
- # NOW.
211
- # @!attribute [rw] page_token
212
- # @return [String]
213
- # The value returned by the last `GroupAssetsResponse`; indicates
214
- # that this is a continuation of a prior `GroupAssets` call, and that the
215
- # system should return the next page of data.
216
- # @!attribute [rw] page_size
217
- # @return [Integer]
218
- # The maximum number of results to return in a single response. Default is
219
- # 10, minimum is 1, maximum is 1000.
220
- class GroupAssetsRequest; end
221
-
222
- # Response message for grouping by assets.
223
- # @!attribute [rw] group_by_results
224
- # @return [Array<Google::Cloud::SecurityCenter::V1::GroupResult>]
225
- # Group results. There exists an element for each existing unique
226
- # combination of property/values. The element contains a count for the number
227
- # of times those specific property/values appear.
228
- # @!attribute [rw] read_time
229
- # @return [Google::Protobuf::Timestamp]
230
- # Time used for executing the groupBy request.
231
- # @!attribute [rw] next_page_token
232
- # @return [String]
233
- # Token to retrieve the next page of results, or empty if there are no more
234
- # results.
235
- # @!attribute [rw] total_size
236
- # @return [Integer]
237
- # The total number of results matching the query.
238
- class GroupAssetsResponse; end
239
-
240
- # Request message for grouping by findings.
241
- # @!attribute [rw] parent
242
- # @return [String]
243
- # Required. Name of the source to groupBy. Its format is
244
- # "organizations/[organization_id]/sources/[source_id]". To groupBy across
245
- # all sources provide a source_id of `-`. For example:
246
- # organizations/{organization_id}/sources/-
247
- # @!attribute [rw] filter
248
- # @return [String]
249
- # Expression that defines the filter to apply across findings.
250
- # The expression is a list of one or more restrictions combined via logical
251
- # operators `AND` and `OR`.
252
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
253
- #
254
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
255
- # character in front of them to indicate negation. Examples include:
256
- #
257
- # * name
258
- # * source_properties.a_property
259
- # * security_marks.marks.marka
260
- #
261
- # The supported operators are:
262
- #
263
- # * `=` for all value types.
264
- # * `>`, `<`, `>=`, `<=` for integer values.
265
- # * `:`, meaning substring matching, for strings.
266
- #
267
- # The supported value types are:
268
- #
269
- # * string literals in quotes.
270
- # * integer literals without quotes.
271
- # * boolean literals `true` and `false` without quotes.
272
- #
273
- # The following field and operator combinations are supported:
274
- #
275
- # * name: `=`
276
- # * parent: `=`, `:`
277
- # * resource_name: `=`, `:`
278
- # * state: `=`, `:`
279
- # * category: `=`, `:`
280
- # * external_uri: `=`, `:`
281
- # * event_time: `=`, `>`, `<`, `>=`, `<=`
282
- #
283
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
284
- # Examples:
285
- # "event_time = \"2019-06-10T16:07:18-07:00\""
286
- # "event_time = 1560208038000"
287
- #
288
- # * security_marks.marks: `=`, `:`
289
- # * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
290
- #
291
- # For example, `source_properties.size = 100` is a valid filter string.
292
- # @!attribute [rw] group_by
293
- # @return [String]
294
- # Required. Expression that defines what assets fields to use for grouping
295
- # (including `state_change`). The string value should follow SQL syntax:
296
- # comma separated list of fields. For example: "parent,resource_name".
297
- #
298
- # The following fields are supported:
299
- #
300
- # * resource_name
301
- # * category
302
- # * state
303
- # * parent
304
- #
305
- # The following fields are supported when compare_duration is set:
306
- #
307
- # * state_change
308
- # @!attribute [rw] read_time
309
- # @return [Google::Protobuf::Timestamp]
310
- # Time used as a reference point when filtering findings. The filter is
311
- # limited to findings existing at the supplied time and their values are
312
- # those at that specific time. Absence of this field will default to the
313
- # API's version of NOW.
314
- # @!attribute [rw] compare_duration
315
- # @return [Google::Protobuf::Duration]
316
- # When compare_duration is set, the GroupResult's "state_change" attribute is
317
- # updated to indicate whether the finding had its state changed, the
318
- # finding's state remained unchanged, or if the finding was added during the
319
- # compare_duration period of time that precedes the read_time. This is the
320
- # time between (read_time - compare_duration) and read_time.
321
- #
322
- # The state_change value is derived based on the presence and state of the
323
- # finding at the two points in time. Intermediate state changes between the
324
- # two times don't affect the result. For example, the results aren't affected
325
- # if the finding is made inactive and then active again.
326
- #
327
- # Possible "state_change" values when compare_duration is specified:
328
- #
329
- # * "CHANGED": indicates that the finding was present and matched the given
330
- # filter at the start of compare_duration, but changed its
331
- # state at read_time.
332
- # * "UNCHANGED": indicates that the finding was present and matched the given
333
- # filter at the start of compare_duration and did not change
334
- # state at read_time.
335
- # * "ADDED": indicates that the finding did not match the given filter or
336
- # was not present at the start of compare_duration, but was
337
- # present at read_time.
338
- # * "REMOVED": indicates that the finding was present and matched the
339
- # filter at the start of compare_duration, but did not match
340
- # the filter at read_time.
341
- #
342
- # If compare_duration is not specified, then the only possible state_change
343
- # is "UNUSED", which will be the state_change set for all findings present
344
- # at read_time.
345
- #
346
- # If this field is set then `state_change` must be a specified field in
347
- # `group_by`.
348
- # @!attribute [rw] page_token
349
- # @return [String]
350
- # The value returned by the last `GroupFindingsResponse`; indicates
351
- # that this is a continuation of a prior `GroupFindings` call, and
352
- # that the system should return the next page of data.
353
- # @!attribute [rw] page_size
354
- # @return [Integer]
355
- # The maximum number of results to return in a single response. Default is
356
- # 10, minimum is 1, maximum is 1000.
357
- class GroupFindingsRequest; end
358
-
359
- # Response message for group by findings.
360
- # @!attribute [rw] group_by_results
361
- # @return [Array<Google::Cloud::SecurityCenter::V1::GroupResult>]
362
- # Group results. There exists an element for each existing unique
363
- # combination of property/values. The element contains a count for the number
364
- # of times those specific property/values appear.
365
- # @!attribute [rw] read_time
366
- # @return [Google::Protobuf::Timestamp]
367
- # Time used for executing the groupBy request.
368
- # @!attribute [rw] next_page_token
369
- # @return [String]
370
- # Token to retrieve the next page of results, or empty if there are no more
371
- # results.
372
- # @!attribute [rw] total_size
373
- # @return [Integer]
374
- # The total number of results matching the query.
375
- class GroupFindingsResponse; end
376
-
377
- # Result containing the properties and count of a groupBy request.
378
- # @!attribute [rw] properties
379
- # @return [Hash{String => Google::Protobuf::Value}]
380
- # Properties matching the groupBy fields in the request.
381
- # @!attribute [rw] count
382
- # @return [Integer]
383
- # Total count of resources for the given properties.
384
- class GroupResult; end
385
-
386
- # Request message for listing notification configs.
387
- # @!attribute [rw] parent
388
- # @return [String]
389
- # Required. Name of the organization to list notification configs.
390
- # Its format is "organizations/[organization_id]".
391
- # @!attribute [rw] page_token
392
- # @return [String]
393
- # The value returned by the last `ListNotificationConfigsResponse`; indicates
394
- # that this is a continuation of a prior `ListNotificationConfigs` call, and
395
- # that the system should return the next page of data.
396
- # @!attribute [rw] page_size
397
- # @return [Integer]
398
- # The maximum number of results to return in a single response. Default is
399
- # 10, minimum is 1, maximum is 1000.
400
- class ListNotificationConfigsRequest; end
401
-
402
- # Response message for listing notification configs.
403
- # @!attribute [rw] notification_configs
404
- # @return [Array<Google::Cloud::SecurityCenter::V1::NotificationConfig>]
405
- # Notification configs belonging to the requested parent.
406
- # @!attribute [rw] next_page_token
407
- # @return [String]
408
- # Token to retrieve the next page of results, or empty if there are no more
409
- # results.
410
- class ListNotificationConfigsResponse; end
411
-
412
- # Request message for listing sources.
413
- # @!attribute [rw] parent
414
- # @return [String]
415
- # Required. Resource name of the parent of sources to list. Its format should
416
- # be "organizations/[organization_id]".
417
- # @!attribute [rw] page_token
418
- # @return [String]
419
- # The value returned by the last `ListSourcesResponse`; indicates
420
- # that this is a continuation of a prior `ListSources` call, and
421
- # that the system should return the next page of data.
422
- # @!attribute [rw] page_size
423
- # @return [Integer]
424
- # The maximum number of results to return in a single response. Default is
425
- # 10, minimum is 1, maximum is 1000.
426
- class ListSourcesRequest; end
427
-
428
- # Response message for listing sources.
429
- # @!attribute [rw] sources
430
- # @return [Array<Google::Cloud::SecurityCenter::V1::Source>]
431
- # Sources belonging to the requested parent.
432
- # @!attribute [rw] next_page_token
433
- # @return [String]
434
- # Token to retrieve the next page of results, or empty if there are no more
435
- # results.
436
- class ListSourcesResponse; end
437
-
438
- # Request message for listing assets.
439
- # @!attribute [rw] parent
440
- # @return [String]
441
- # Required. Name of the organization assets should belong to. Its format is
442
- # "organizations/[organization_id]".
443
- # @!attribute [rw] filter
444
- # @return [String]
445
- # Expression that defines the filter to apply across assets.
446
- # The expression is a list of zero or more restrictions combined via logical
447
- # operators `AND` and `OR`.
448
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
449
- #
450
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
451
- # character in front of them to indicate negation. The fields map to those
452
- # defined in the Asset resource. Examples include:
453
- #
454
- # * name
455
- # * security_center_properties.resource_name
456
- # * resource_properties.a_property
457
- # * security_marks.marks.marka
458
- #
459
- # The supported operators are:
460
- #
461
- # * `=` for all value types.
462
- # * `>`, `<`, `>=`, `<=` for integer values.
463
- # * `:`, meaning substring matching, for strings.
464
- #
465
- # The supported value types are:
466
- #
467
- # * string literals in quotes.
468
- # * integer literals without quotes.
469
- # * boolean literals `true` and `false` without quotes.
470
- #
471
- # The following are the allowed field and operator combinations:
472
- #
473
- # * name: `=`
474
- # * update_time: `=`, `>`, `<`, `>=`, `<=`
475
- #
476
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
477
- # Examples:
478
- # "update_time = \"2019-06-10T16:07:18-07:00\""
479
- # "update_time = 1560208038000"
480
- #
481
- # * create_time: `=`, `>`, `<`, `>=`, `<=`
482
- #
483
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
484
- # Examples:
485
- # "create_time = \"2019-06-10T16:07:18-07:00\""
486
- # "create_time = 1560208038000"
487
- #
488
- # * iam_policy.policy_blob: `=`, `:`
489
- # * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
490
- # * security_marks.marks: `=`, `:`
491
- # * security_center_properties.resource_name: `=`, `:`
492
- # * security_center_properties.resource_display_name: `=`, `:`
493
- # * security_center_properties.resource_type: `=`, `:`
494
- # * security_center_properties.resource_parent: `=`, `:`
495
- # * security_center_properties.resource_parent_display_name: `=`, `:`
496
- # * security_center_properties.resource_project: `=`, `:`
497
- # * security_center_properties.resource_project_display_name: `=`, `:`
498
- # * security_center_properties.resource_owners: `=`, `:`
499
- #
500
- # For example, `resource_properties.size = 100` is a valid filter string.
501
- # @!attribute [rw] order_by
502
- # @return [String]
503
- # Expression that defines what fields and order to use for sorting. The
504
- # string value should follow SQL syntax: comma separated list of fields. For
505
- # example: "name,resource_properties.a_property". The default sorting order
506
- # is ascending. To specify descending order for a field, a suffix " desc"
507
- # should be appended to the field name. For example: "name
508
- # desc,resource_properties.a_property". Redundant space characters in the
509
- # syntax are insignificant. "name desc,resource_properties.a_property" and "
510
- # name desc , resource_properties.a_property " are equivalent.
511
- #
512
- # The following fields are supported:
513
- # name
514
- # update_time
515
- # resource_properties
516
- # security_marks.marks
517
- # security_center_properties.resource_name
518
- # security_center_properties.resource_display_name
519
- # security_center_properties.resource_parent
520
- # security_center_properties.resource_parent_display_name
521
- # security_center_properties.resource_project
522
- # security_center_properties.resource_project_display_name
523
- # security_center_properties.resource_type
524
- # @!attribute [rw] read_time
525
- # @return [Google::Protobuf::Timestamp]
526
- # Time used as a reference point when filtering assets. The filter is limited
527
- # to assets existing at the supplied time and their values are those at that
528
- # specific time. Absence of this field will default to the API's version of
529
- # NOW.
530
- # @!attribute [rw] compare_duration
531
- # @return [Google::Protobuf::Duration]
532
- # When compare_duration is set, the ListAssetsResult's "state_change"
533
- # attribute is updated to indicate whether the asset was added, removed, or
534
- # remained present during the compare_duration period of time that precedes
535
- # the read_time. This is the time between (read_time - compare_duration) and
536
- # read_time.
537
- #
538
- # The state_change value is derived based on the presence of the asset at the
539
- # two points in time. Intermediate state changes between the two times don't
540
- # affect the result. For example, the results aren't affected if the asset is
541
- # removed and re-created again.
542
- #
543
- # Possible "state_change" values when compare_duration is specified:
544
- #
545
- # * "ADDED": indicates that the asset was not present at the start of
546
- # compare_duration, but present at read_time.
547
- # * "REMOVED": indicates that the asset was present at the start of
548
- # compare_duration, but not present at read_time.
549
- # * "ACTIVE": indicates that the asset was present at both the
550
- # start and the end of the time period defined by
551
- # compare_duration and read_time.
552
- #
553
- # If compare_duration is not specified, then the only possible state_change
554
- # is "UNUSED", which will be the state_change set for all assets present at
555
- # read_time.
556
- # @!attribute [rw] field_mask
557
- # @return [Google::Protobuf::FieldMask]
558
- # Optional. A field mask to specify the ListAssetsResult fields to be listed
559
- # in the response. An empty field mask will list all fields.
560
- # @!attribute [rw] page_token
561
- # @return [String]
562
- # The value returned by the last `ListAssetsResponse`; indicates
563
- # that this is a continuation of a prior `ListAssets` call, and
564
- # that the system should return the next page of data.
565
- # @!attribute [rw] page_size
566
- # @return [Integer]
567
- # The maximum number of results to return in a single response. Default is
568
- # 10, minimum is 1, maximum is 1000.
569
- class ListAssetsRequest; end
570
-
571
- # Response message for listing assets.
572
- # @!attribute [rw] list_assets_results
573
- # @return [Array<Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult>]
574
- # Assets matching the list request.
575
- # @!attribute [rw] read_time
576
- # @return [Google::Protobuf::Timestamp]
577
- # Time used for executing the list request.
578
- # @!attribute [rw] next_page_token
579
- # @return [String]
580
- # Token to retrieve the next page of results, or empty if there are no more
581
- # results.
582
- # @!attribute [rw] total_size
583
- # @return [Integer]
584
- # The total number of assets matching the query.
585
- class ListAssetsResponse
586
- # Result containing the Asset and its State.
587
- # @!attribute [rw] asset
588
- # @return [Google::Cloud::SecurityCenter::V1::Asset]
589
- # Asset matching the search request.
590
- # @!attribute [rw] state_change
591
- # @return [Google::Cloud::SecurityCenter::V1::ListAssetsResponse::ListAssetsResult::StateChange]
592
- # State change of the asset between the points in time.
593
- class ListAssetsResult
594
- # The change in state of the asset.
595
- #
596
- # When querying across two points in time this describes
597
- # the change between the two points: ADDED, REMOVED, or ACTIVE.
598
- # If there was no compare_duration supplied in the request the state change
599
- # will be: UNUSED
600
- module StateChange
601
- # State change is unused, this is the canonical default for this enum.
602
- UNUSED = 0
603
-
604
- # Asset was added between the points in time.
605
- ADDED = 1
606
-
607
- # Asset was removed between the points in time.
608
- REMOVED = 2
609
-
610
- # Asset was present at both point(s) in time.
611
- ACTIVE = 3
612
- end
613
- end
614
- end
615
-
616
- # Request message for listing findings.
617
- # @!attribute [rw] parent
618
- # @return [String]
619
- # Required. Name of the source the findings belong to. Its format is
620
- # "organizations/[organization_id]/sources/[source_id]". To list across all
621
- # sources provide a source_id of `-`. For example:
622
- # organizations/{organization_id}/sources/-
623
- # @!attribute [rw] filter
624
- # @return [String]
625
- # Expression that defines the filter to apply across findings.
626
- # The expression is a list of one or more restrictions combined via logical
627
- # operators `AND` and `OR`.
628
- # Parentheses are supported, and `OR` has higher precedence than `AND`.
629
- #
630
- # Restrictions have the form `<field> <operator> <value>` and may have a `-`
631
- # character in front of them to indicate negation. Examples include:
632
- #
633
- # * name
634
- # * source_properties.a_property
635
- # * security_marks.marks.marka
636
- #
637
- # The supported operators are:
638
- #
639
- # * `=` for all value types.
640
- # * `>`, `<`, `>=`, `<=` for integer values.
641
- # * `:`, meaning substring matching, for strings.
642
- #
643
- # The supported value types are:
644
- #
645
- # * string literals in quotes.
646
- # * integer literals without quotes.
647
- # * boolean literals `true` and `false` without quotes.
648
- #
649
- # The following field and operator combinations are supported:
650
- #
651
- # name: `=`
652
- # parent: `=`, `:`
653
- # resource_name: `=`, `:`
654
- # state: `=`, `:`
655
- # category: `=`, `:`
656
- # external_uri: `=`, `:`
657
- # event_time: `=`, `>`, `<`, `>=`, `<=`
658
- #
659
- # Usage: This should be milliseconds since epoch or an RFC3339 string.
660
- # Examples:
661
- # "event_time = \"2019-06-10T16:07:18-07:00\""
662
- # "event_time = 1560208038000"
663
- #
664
- # security_marks.marks: `=`, `:`
665
- # source_properties: `=`, `:`, `>`, `<`, `>=`, `<=`
666
- #
667
- # For example, `source_properties.size = 100` is a valid filter string.
668
- # @!attribute [rw] order_by
669
- # @return [String]
670
- # Expression that defines what fields and order to use for sorting. The
671
- # string value should follow SQL syntax: comma separated list of fields. For
672
- # example: "name,resource_properties.a_property". The default sorting order
673
- # is ascending. To specify descending order for a field, a suffix " desc"
674
- # should be appended to the field name. For example: "name
675
- # desc,source_properties.a_property". Redundant space characters in the
676
- # syntax are insignificant. "name desc,source_properties.a_property" and "
677
- # name desc , source_properties.a_property " are equivalent.
678
- #
679
- # The following fields are supported:
680
- # name
681
- # parent
682
- # state
683
- # category
684
- # resource_name
685
- # event_time
686
- # source_properties
687
- # security_marks.marks
688
- # @!attribute [rw] read_time
689
- # @return [Google::Protobuf::Timestamp]
690
- # Time used as a reference point when filtering findings. The filter is
691
- # limited to findings existing at the supplied time and their values are
692
- # those at that specific time. Absence of this field will default to the
693
- # API's version of NOW.
694
- # @!attribute [rw] compare_duration
695
- # @return [Google::Protobuf::Duration]
696
- # When compare_duration is set, the ListFindingsResult's "state_change"
697
- # attribute is updated to indicate whether the finding had its state changed,
698
- # the finding's state remained unchanged, or if the finding was added in any
699
- # state during the compare_duration period of time that precedes the
700
- # read_time. This is the time between (read_time - compare_duration) and
701
- # read_time.
702
- #
703
- # The state_change value is derived based on the presence and state of the
704
- # finding at the two points in time. Intermediate state changes between the
705
- # two times don't affect the result. For example, the results aren't affected
706
- # if the finding is made inactive and then active again.
707
- #
708
- # Possible "state_change" values when compare_duration is specified:
709
- #
710
- # * "CHANGED": indicates that the finding was present and matched the given
711
- # filter at the start of compare_duration, but changed its
712
- # state at read_time.
713
- # * "UNCHANGED": indicates that the finding was present and matched the given
714
- # filter at the start of compare_duration and did not change
715
- # state at read_time.
716
- # * "ADDED": indicates that the finding did not match the given filter or
717
- # was not present at the start of compare_duration, but was
718
- # present at read_time.
719
- # * "REMOVED": indicates that the finding was present and matched the
720
- # filter at the start of compare_duration, but did not match
721
- # the filter at read_time.
722
- #
723
- # If compare_duration is not specified, then the only possible state_change
724
- # is "UNUSED", which will be the state_change set for all findings present at
725
- # read_time.
726
- # @!attribute [rw] field_mask
727
- # @return [Google::Protobuf::FieldMask]
728
- # Optional. A field mask to specify the Finding fields to be listed in the
729
- # response. An empty field mask will list all fields.
730
- # @!attribute [rw] page_token
731
- # @return [String]
732
- # The value returned by the last `ListFindingsResponse`; indicates
733
- # that this is a continuation of a prior `ListFindings` call, and
734
- # that the system should return the next page of data.
735
- # @!attribute [rw] page_size
736
- # @return [Integer]
737
- # The maximum number of results to return in a single response. Default is
738
- # 10, minimum is 1, maximum is 1000.
739
- class ListFindingsRequest; end
740
-
741
- # Response message for listing findings.
742
- # @!attribute [rw] list_findings_results
743
- # @return [Array<Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult>]
744
- # Findings matching the list request.
745
- # @!attribute [rw] read_time
746
- # @return [Google::Protobuf::Timestamp]
747
- # Time used for executing the list request.
748
- # @!attribute [rw] next_page_token
749
- # @return [String]
750
- # Token to retrieve the next page of results, or empty if there are no more
751
- # results.
752
- # @!attribute [rw] total_size
753
- # @return [Integer]
754
- # The total number of findings matching the query.
755
- class ListFindingsResponse
756
- # Result containing the Finding and its StateChange.
757
- # @!attribute [rw] finding
758
- # @return [Google::Cloud::SecurityCenter::V1::Finding]
759
- # Finding matching the search request.
760
- # @!attribute [rw] state_change
761
- # @return [Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult::StateChange]
762
- # State change of the finding between the points in time.
763
- # @!attribute [rw] resource
764
- # @return [Google::Cloud::SecurityCenter::V1::ListFindingsResponse::ListFindingsResult::Resource]
765
- # Output only. Resource that is associated with this finding.
766
- class ListFindingsResult
767
- # Information related to the Google Cloud Platform (GCP) resource that is
768
- # associated with this finding.
769
- # @!attribute [rw] name
770
- # @return [String]
771
- # The full resource name of the resource. See:
772
- # https://cloud.google.com/apis/design/resource_names#full_resource_name
773
- # @!attribute [rw] project_name
774
- # @return [String]
775
- # The full resource name of project that the resource belongs to.
776
- # @!attribute [rw] project_display_name
777
- # @return [String]
778
- # The human readable name of project that the resource belongs to.
779
- # @!attribute [rw] parent_name
780
- # @return [String]
781
- # The full resource name of resource's parent.
782
- # @!attribute [rw] parent_display_name
783
- # @return [String]
784
- # The human readable name of resource's parent.
785
- class Resource; end
786
-
787
- # The change in state of the finding.
788
- #
789
- # When querying across two points in time this describes
790
- # the change in the finding between the two points: CHANGED, UNCHANGED,
791
- # ADDED, or REMOVED. Findings can not be deleted, so REMOVED implies that
792
- # the finding at timestamp does not match the filter specified, but it did
793
- # at timestamp - compare_duration. If there was no compare_duration
794
- # supplied in the request the state change will be: UNUSED
795
- module StateChange
796
- # State change is unused, this is the canonical default for this enum.
797
- UNUSED = 0
798
-
799
- # The finding has changed state in some way between the points in time
800
- # and existed at both points.
801
- CHANGED = 1
802
-
803
- # The finding has not changed state between the points in time and
804
- # existed at both points.
805
- UNCHANGED = 2
806
-
807
- # The finding was created between the points in time.
808
- ADDED = 3
809
-
810
- # The finding at timestamp does not match the filter specified, but it
811
- # did at timestamp - compare_duration.
812
- REMOVED = 4
813
- end
814
- end
815
- end
816
-
817
- # Request message for updating a finding's state.
818
- # @!attribute [rw] name
819
- # @return [String]
820
- # Required. The relative resource name of the finding. See:
821
- # https://cloud.google.com/apis/design/resource_names#relative_resource_name
822
- # Example:
823
- # "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}".
824
- # @!attribute [rw] state
825
- # @return [Google::Cloud::SecurityCenter::V1::Finding::State]
826
- # Required. The desired State of the finding.
827
- # @!attribute [rw] start_time
828
- # @return [Google::Protobuf::Timestamp]
829
- # Required. The time at which the updated state takes effect.
830
- class SetFindingStateRequest; end
831
-
832
- # Request message for running asset discovery for an organization.
833
- # @!attribute [rw] parent
834
- # @return [String]
835
- # Required. Name of the organization to run asset discovery for. Its format
836
- # is "organizations/[organization_id]".
837
- class RunAssetDiscoveryRequest; end
838
-
839
- # Request message for updating or creating a finding.
840
- # @!attribute [rw] finding
841
- # @return [Google::Cloud::SecurityCenter::V1::Finding]
842
- # Required. The finding resource to update or create if it does not already
843
- # exist. parent, security_marks, and update_time will be ignored.
844
- #
845
- # In the case of creation, the finding id portion of the name must be
846
- # alphanumeric and less than or equal to 32 characters and greater than 0
847
- # characters in length.
848
- # @!attribute [rw] update_mask
849
- # @return [Google::Protobuf::FieldMask]
850
- # The FieldMask to use when updating the finding resource. This field should
851
- # not be specified when creating a finding.
852
- #
853
- # When updating a finding, an empty mask is treated as updating all mutable
854
- # fields and replacing source_properties. Individual source_properties can
855
- # be added/updated by using "source_properties.<property key>" in the field
856
- # mask.
857
- class UpdateFindingRequest; end
858
-
859
- # Request message for updating a notification config.
860
- # @!attribute [rw] notification_config
861
- # @return [Google::Cloud::SecurityCenter::V1::NotificationConfig]
862
- # Required. The notification config to update.
863
- # @!attribute [rw] update_mask
864
- # @return [Google::Protobuf::FieldMask]
865
- # The FieldMask to use when updating the notification config.
866
- #
867
- # If empty all mutable fields will be updated.
868
- class UpdateNotificationConfigRequest; end
869
-
870
- # Request message for updating an organization's settings.
871
- # @!attribute [rw] organization_settings
872
- # @return [Google::Cloud::SecurityCenter::V1::OrganizationSettings]
873
- # Required. The organization settings resource to update.
874
- # @!attribute [rw] update_mask
875
- # @return [Google::Protobuf::FieldMask]
876
- # The FieldMask to use when updating the settings resource.
877
- #
878
- # If empty all mutable fields will be updated.
879
- class UpdateOrganizationSettingsRequest; end
880
-
881
- # Request message for updating a source.
882
- # @!attribute [rw] source
883
- # @return [Google::Cloud::SecurityCenter::V1::Source]
884
- # Required. The source resource to update.
885
- # @!attribute [rw] update_mask
886
- # @return [Google::Protobuf::FieldMask]
887
- # The FieldMask to use when updating the source resource.
888
- #
889
- # If empty all mutable fields will be updated.
890
- class UpdateSourceRequest; end
891
-
892
- # Request message for updating a SecurityMarks resource.
893
- # @!attribute [rw] security_marks
894
- # @return [Google::Cloud::SecurityCenter::V1::SecurityMarks]
895
- # Required. The security marks resource to update.
896
- # @!attribute [rw] update_mask
897
- # @return [Google::Protobuf::FieldMask]
898
- # The FieldMask to use when updating the security marks resource.
899
- #
900
- # The field mask must not contain duplicate fields.
901
- # If empty or set to "marks", all marks will be replaced. Individual
902
- # marks can be updated using "marks.<mark_key>".
903
- # @!attribute [rw] start_time
904
- # @return [Google::Protobuf::Timestamp]
905
- # The time at which the updated SecurityMarks take effect.
906
- # If not set uses current server time. Updates will be applied to the
907
- # SecurityMarks that are active immediately preceding this time.
908
- class UpdateSecurityMarksRequest; end
909
- end
910
- end
911
- end
912
- end