PiperOrigin-RevId: 289011995pull/593/head
Google APIs
5 years ago
committed by
Copybara-Service
parent
a79211c20c
commit
360a8792ed
14 changed files with 2286 additions and 171 deletions
@ -0,0 +1,149 @@ |
||||
# This file was automatically generated by BuildFileGenerator |
||||
|
||||
############################################################################## |
||||
# Common |
||||
############################################################################## |
||||
load("@rules_proto//proto:defs.bzl", "proto_library") |
||||
|
||||
############################################################################## |
||||
# Java |
||||
############################################################################## |
||||
load( |
||||
"@com_google_googleapis_imports//:imports.bzl", |
||||
"csharp_grpc_library", |
||||
"csharp_proto_library", |
||||
"go_proto_library", |
||||
"java_grpc_library", |
||||
"java_proto_library", |
||||
"moved_proto_library", |
||||
"php_grpc_library", |
||||
"php_proto_library", |
||||
"py_grpc_library", |
||||
"py_proto_library", |
||||
"ruby_grpc_library", |
||||
"ruby_proto_library", |
||||
) |
||||
|
||||
# This is an API workspace, having public visibility by default makes perfect sense. |
||||
package(default_visibility = ["//visibility:public"]) |
||||
|
||||
proto_library( |
||||
name = "securitycenter_proto", |
||||
srcs = [ |
||||
"asset.proto", |
||||
"finding.proto", |
||||
"notification_config.proto", |
||||
"notification_message.proto", |
||||
"organization_settings.proto", |
||||
"run_asset_discovery_response.proto", |
||||
"security_marks.proto", |
||||
"securitycenter_service.proto", |
||||
"source.proto", |
||||
], |
||||
deps = [ |
||||
"//google/api:annotations_proto", |
||||
"//google/api:client_proto", |
||||
"//google/api:field_behavior_proto", |
||||
"//google/api:resource_proto", |
||||
"//google/iam/v1:iam_policy_proto", |
||||
"//google/iam/v1:policy_proto", |
||||
"//google/longrunning:operations_proto", |
||||
"@com_google_protobuf//:duration_proto", |
||||
"@com_google_protobuf//:empty_proto", |
||||
"@com_google_protobuf//:field_mask_proto", |
||||
"@com_google_protobuf//:struct_proto", |
||||
"@com_google_protobuf//:timestamp_proto", |
||||
], |
||||
) |
||||
|
||||
java_proto_library( |
||||
name = "securitycenter_java_proto", |
||||
deps = [":securitycenter_proto"], |
||||
) |
||||
|
||||
java_grpc_library( |
||||
name = "securitycenter_java_grpc", |
||||
srcs = [":securitycenter_proto"], |
||||
deps = [":securitycenter_java_proto"], |
||||
) |
||||
|
||||
go_proto_library( |
||||
name = "securitycenter_go_proto", |
||||
compilers = ["@io_bazel_rules_go//proto:go_grpc"], |
||||
importpath = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1", |
||||
protos = [":securitycenter_proto"], |
||||
deps = [ |
||||
"//google/api:annotations_go_proto", |
||||
"//google/iam/v1:iam_go_proto", |
||||
"//google/longrunning:longrunning_go_proto", |
||||
], |
||||
) |
||||
|
||||
moved_proto_library( |
||||
name = "securitycenter_moved_proto", |
||||
srcs = [":securitycenter_proto"], |
||||
deps = [ |
||||
"//google/api:annotations_proto", |
||||
"//google/api:client_proto", |
||||
"//google/api:field_behavior_proto", |
||||
"//google/api:resource_proto", |
||||
"//google/iam/v1:iam_policy_proto", |
||||
"//google/iam/v1:policy_proto", |
||||
"//google/longrunning:operations_proto", |
||||
"@com_google_protobuf//:duration_proto", |
||||
"@com_google_protobuf//:empty_proto", |
||||
"@com_google_protobuf//:field_mask_proto", |
||||
"@com_google_protobuf//:struct_proto", |
||||
"@com_google_protobuf//:timestamp_proto", |
||||
], |
||||
) |
||||
|
||||
py_proto_library( |
||||
name = "securitycenter_py_proto", |
||||
plugin = "@protoc_docs_plugin//:docs_plugin", |
||||
deps = [":securitycenter_moved_proto"], |
||||
) |
||||
|
||||
py_grpc_library( |
||||
name = "securitycenter_py_grpc", |
||||
srcs = [":securitycenter_moved_proto"], |
||||
deps = [":securitycenter_py_proto"], |
||||
) |
||||
|
||||
php_proto_library( |
||||
name = "securitycenter_php_proto", |
||||
deps = [":securitycenter_proto"], |
||||
) |
||||
|
||||
php_grpc_library( |
||||
name = "securitycenter_php_grpc", |
||||
srcs = [":securitycenter_proto"], |
||||
deps = [":securitycenter_php_proto"], |
||||
) |
||||
|
||||
ruby_proto_library( |
||||
name = "securitycenter_ruby_proto", |
||||
deps = [":securitycenter_proto"], |
||||
) |
||||
|
||||
ruby_grpc_library( |
||||
name = "securitycenter_ruby_grpc", |
||||
srcs = [":securitycenter_proto"], |
||||
deps = [":securitycenter_ruby_proto"], |
||||
) |
||||
|
||||
csharp_proto_library( |
||||
name = "securitycenter_csharp_proto", |
||||
deps = [":securitycenter_proto"], |
||||
) |
||||
|
||||
csharp_grpc_library( |
||||
name = "securitycenter_csharp_grpc", |
||||
srcs = [":securitycenter_proto"], |
||||
deps = [":securitycenter_csharp_proto"], |
||||
) |
||||
|
||||
############################################################################## |
||||
# C++ |
||||
############################################################################## |
||||
# Put your C++ code here |
||||
@ -0,0 +1,119 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/api/resource.proto"; |
||||
import "google/cloud/securitycenter/v1p1beta1/security_marks.proto"; |
||||
import "google/protobuf/struct.proto"; |
||||
import "google/protobuf/timestamp.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud |
||||
// Platform (GCP) resource. |
||||
// |
||||
// The Asset is a Cloud SCC resource that captures information about a single |
||||
// GCP resource. All modifications to an Asset are only within the context of |
||||
// Cloud SCC and don't affect the referenced GCP resource. |
||||
message Asset { |
||||
option (google.api.resource) = { |
||||
type: "securitycenter.googleapis.com/Asset" |
||||
pattern: "organizations/{organization}/assets/{asset}" |
||||
}; |
||||
|
||||
// Cloud SCC managed properties. These properties are managed by Cloud SCC and |
||||
// cannot be modified by the user. |
||||
message SecurityCenterProperties { |
||||
// The full resource name of the GCP resource this asset |
||||
// represents. This field is immutable after create time. See: |
||||
// https://cloud.google.com/apis/design/resource_names#full_resource_name |
||||
string resource_name = 1; |
||||
|
||||
// The type of the GCP resource. Examples include: APPLICATION, |
||||
// PROJECT, and ORGANIZATION. This is a case insensitive field defined by |
||||
// Cloud SCC and/or the producer of the resource and is immutable |
||||
// after create time. |
||||
string resource_type = 2; |
||||
|
||||
// The full resource name of the immediate parent of the resource. See: |
||||
// https://cloud.google.com/apis/design/resource_names#full_resource_name |
||||
string resource_parent = 3; |
||||
|
||||
// The full resource name of the project the resource belongs to. See: |
||||
// https://cloud.google.com/apis/design/resource_names#full_resource_name |
||||
string resource_project = 4; |
||||
|
||||
// Owners of the Google Cloud resource. |
||||
repeated string resource_owners = 5; |
||||
|
||||
// The user defined display name for this resource. |
||||
string resource_display_name = 6; |
||||
|
||||
// The user defined display name for the parent of this resource. |
||||
string resource_parent_display_name = 7; |
||||
|
||||
// The user defined display name for the project of this resource. |
||||
string resource_project_display_name = 8; |
||||
} |
||||
|
||||
// IAM Policy information associated with the GCP resource described by the |
||||
// Cloud SCC asset. This information is managed and defined by the GCP |
||||
// resource and cannot be modified by the user. |
||||
message IamPolicy { |
||||
// The JSON representation of the Policy associated with the asset. |
||||
// See https://cloud.google.com/iam/reference/rest/v1p1beta1/Policy for |
||||
// format details. |
||||
string policy_blob = 1; |
||||
} |
||||
|
||||
// The relative resource name of this asset. See: |
||||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name |
||||
// Example: |
||||
// "organizations/{organization_id}/assets/{asset_id}". |
||||
string name = 1; |
||||
|
||||
// Cloud SCC managed properties. These properties are managed by |
||||
// Cloud SCC and cannot be modified by the user. |
||||
SecurityCenterProperties security_center_properties = 2; |
||||
|
||||
// Resource managed properties. These properties are managed and defined by |
||||
// the GCP resource and cannot be modified by the user. |
||||
map<string, google.protobuf.Value> resource_properties = 7; |
||||
|
||||
// User specified security marks. These marks are entirely managed by the user |
||||
// and come from the SecurityMarks resource that belongs to the asset. |
||||
SecurityMarks security_marks = 8; |
||||
|
||||
// The time at which the asset was created in Cloud SCC. |
||||
google.protobuf.Timestamp create_time = 9; |
||||
|
||||
// The time at which the asset was last updated, added, or deleted in Cloud |
||||
// SCC. |
||||
google.protobuf.Timestamp update_time = 10; |
||||
|
||||
// IAM Policy information associated with the GCP resource described by the |
||||
// Cloud SCC asset. This information is managed and defined by the GCP |
||||
// resource and cannot be modified by the user. |
||||
IamPolicy iam_policy = 11; |
||||
} |
||||
@ -0,0 +1,111 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/api/field_behavior.proto"; |
||||
import "google/api/resource.proto"; |
||||
import "google/cloud/securitycenter/v1p1beta1/security_marks.proto"; |
||||
import "google/protobuf/struct.proto"; |
||||
import "google/protobuf/timestamp.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// Cloud Security Command Center (Cloud SCC) finding. |
||||
// |
||||
// A finding is a record of assessment data (security, risk, health or privacy) |
||||
// ingested into Cloud SCC for presentation, notification, analysis, |
||||
// policy testing, and enforcement. For example, an XSS vulnerability in an |
||||
// App Engine application is a finding. |
||||
message Finding { |
||||
option (google.api.resource) = { |
||||
type: "securitycenter.googleapis.com/Finding" |
||||
pattern: "organizations/{organization}/sources/{source}/findings/{finding}" |
||||
}; |
||||
|
||||
// The state of the finding. |
||||
enum State { |
||||
// Unspecified state. |
||||
STATE_UNSPECIFIED = 0; |
||||
|
||||
// The finding requires attention and has not been addressed yet. |
||||
ACTIVE = 1; |
||||
|
||||
// The finding has been fixed, triaged as a non-issue or otherwise addressed |
||||
// and is no longer active. |
||||
INACTIVE = 2; |
||||
} |
||||
|
||||
// The relative resource name of this finding. See: |
||||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name |
||||
// Example: |
||||
// "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}" |
||||
string name = 1; |
||||
|
||||
// The relative resource name of the source the finding belongs to. See: |
||||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name |
||||
// This field is immutable after creation time. |
||||
// For example: |
||||
// "organizations/{organization_id}/sources/{source_id}" |
||||
string parent = 2; |
||||
|
||||
// For findings on Google Cloud Platform (GCP) resources, the full resource |
||||
// name of the GCP resource this finding is for. See: |
||||
// https://cloud.google.com/apis/design/resource_names#full_resource_name |
||||
// When the finding is for a non-GCP resource, the resourceName can be a |
||||
// customer or partner defined string. |
||||
// This field is immutable after creation time. |
||||
string resource_name = 3; |
||||
|
||||
// The state of the finding. |
||||
State state = 4; |
||||
|
||||
// The additional taxonomy group within findings from a given source. |
||||
// This field is immutable after creation time. |
||||
// Example: "XSS_FLASH_INJECTION" |
||||
string category = 5; |
||||
|
||||
// The URI that, if available, points to a web page outside of Cloud SCC |
||||
// where additional information about the finding can be found. This field is |
||||
// guaranteed to be either empty or a well formed URL. |
||||
string external_uri = 6; |
||||
|
||||
// Source specific properties. These properties are managed by the source |
||||
// that writes the finding. The key names in the source_properties map must be |
||||
// between 1 and 255 characters, and must start with a letter and contain |
||||
// alphanumeric characters or underscores only. |
||||
map<string, google.protobuf.Value> source_properties = 7; |
||||
|
||||
// Output only. User specified security marks. These marks are entirely |
||||
// managed by the user and come from the SecurityMarks resource that belongs |
||||
// to the finding. |
||||
SecurityMarks security_marks = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; |
||||
|
||||
// The time at which the event took place. For example, if the finding |
||||
// represents an open firewall it would capture the time the detector believes |
||||
// the firewall became open. The accuracy is determined by the detector. |
||||
google.protobuf.Timestamp event_time = 9; |
||||
|
||||
// The time at which the finding was created in Cloud SCC. |
||||
google.protobuf.Timestamp create_time = 10; |
||||
} |
||||
@ -0,0 +1,104 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/api/field_behavior.proto"; |
||||
import "google/api/resource.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// Cloud Security Command Center (Cloud SCC) notification configs. |
||||
// |
||||
// A notification config is a Cloud SCC resource that contains the configuration |
||||
// to send notifications for create/update events of findings, assets and etc. |
||||
message NotificationConfig { |
||||
option (google.api.resource) = { |
||||
type: "securitycenter.googleapis.com/Finding" |
||||
pattern: "organizations/{organization}/notificationConfigs/{notification_config}" |
||||
}; |
||||
|
||||
// The config for streaming-based notifications, which send each event as soon |
||||
// as it is detected. |
||||
message StreamingConfig { |
||||
// Expression that defines the filter to apply across create/update events |
||||
// of assets or findings as specified by the event type. The expression is a |
||||
// list of zero or more restrictions combined via logical operators `AND` |
||||
// and `OR`. Parentheses are supported, and `OR` has higher precedence than |
||||
// `AND`. |
||||
// |
||||
// Restrictions have the form `<field> <operator> <value>` and may have a |
||||
// `-` character in front of them to indicate negation. The fields map to |
||||
// those defined in the corresponding resource. |
||||
// |
||||
// The supported operators are: |
||||
// |
||||
// * `=` for all value types. |
||||
// * `>`, `<`, `>=`, `<=` for integer values. |
||||
// * `:`, meaning substring matching, for strings. |
||||
// |
||||
// The supported value types are: |
||||
// |
||||
// * string literals in quotes. |
||||
// * integer literals without quotes. |
||||
// * boolean literals `true` and `false` without quotes. |
||||
string filter = 1; |
||||
} |
||||
|
||||
// The type of events. |
||||
enum EventType { |
||||
// Unspecified event type. |
||||
EVENT_TYPE_UNSPECIFIED = 0; |
||||
|
||||
// Events for findings. |
||||
FINDING = 1; |
||||
} |
||||
|
||||
// The relative resource name of this notification config. See: |
||||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name |
||||
// Example: |
||||
// "organizations/{organization_id}/notificationConfigs/notify_public_bucket". |
||||
string name = 1; |
||||
|
||||
// The description of the notification config (max of 1024 characters). |
||||
string description = 2; |
||||
|
||||
// The type of events the config is for, e.g. FINDING. |
||||
EventType event_type = 3; |
||||
|
||||
// The PubSub topic to send notifications to. Its format is |
||||
// "projects/[project_id]/topics/[topic]". |
||||
string pubsub_topic = 4 [ |
||||
(google.api.resource_reference) = { type: "pubsub.googleapis.com/Topic" } |
||||
]; |
||||
|
||||
// Output only. The service account that needs "pubsub.topics.publish" |
||||
// permission to publish to the PubSub topic. |
||||
string service_account = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; |
||||
|
||||
// The config for triggering notifications. |
||||
oneof notify_config { |
||||
// The config for triggering streaming-based notifications. |
||||
StreamingConfig streaming_config = 6; |
||||
} |
||||
} |
||||
@ -0,0 +1,42 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/cloud/securitycenter/v1p1beta1/asset.proto"; |
||||
import "google/cloud/securitycenter/v1p1beta1/finding.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// Cloud SCC's Notification |
||||
message NotificationMessage { |
||||
// Name of the notification config that generated current notification. |
||||
string notification_config_name = 1; |
||||
|
||||
// Notification Event. |
||||
oneof event { |
||||
// If it's a Finding based notification config, this field will be |
||||
// populated. |
||||
Finding finding = 2; |
||||
} |
||||
} |
||||
@ -0,0 +1,83 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/api/resource.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// User specified settings that are attached to the Cloud Security Command |
||||
// Center (Cloud SCC) organization. |
||||
message OrganizationSettings { |
||||
option (google.api.resource) = { |
||||
type: "securitycenter.googleapis.com/OrganizationSettings" |
||||
pattern: "organizations/{organization}/organizationSettings" |
||||
}; |
||||
|
||||
// The configuration used for Asset Discovery runs. |
||||
message AssetDiscoveryConfig { |
||||
// The mode of inclusion when running Asset Discovery. |
||||
// Asset discovery can be limited by explicitly identifying projects to be |
||||
// included or excluded. If INCLUDE_ONLY is set, then only those projects |
||||
// within the organization and their children are discovered during asset |
||||
// discovery. If EXCLUDE is set, then projects that don't match those |
||||
// projects are discovered during asset discovery. If neither are set, then |
||||
// all projects within the organization are discovered during asset |
||||
// discovery. |
||||
enum InclusionMode { |
||||
// Unspecified. Setting the mode with this value will disable |
||||
// inclusion/exclusion filtering for Asset Discovery. |
||||
INCLUSION_MODE_UNSPECIFIED = 0; |
||||
|
||||
// Asset Discovery will capture only the resources within the projects |
||||
// specified. All other resources will be ignored. |
||||
INCLUDE_ONLY = 1; |
||||
|
||||
// Asset Discovery will ignore all resources under the projects specified. |
||||
// All other resources will be retrieved. |
||||
EXCLUDE = 2; |
||||
} |
||||
|
||||
// The project ids to use for filtering asset discovery. |
||||
repeated string project_ids = 1; |
||||
|
||||
// The mode to use for filtering asset discovery. |
||||
InclusionMode inclusion_mode = 2; |
||||
} |
||||
|
||||
// The relative resource name of the settings. See: |
||||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name |
||||
// Example: |
||||
// "organizations/{organization_id}/organizationSettings". |
||||
string name = 1; |
||||
|
||||
// A flag that indicates if Asset Discovery should be enabled. If the flag is |
||||
// set to `true`, then discovery of assets will occur. If it is set to `false, |
||||
// all historical assets will remain, but discovery of future assets will not |
||||
// occur. |
||||
bool enable_asset_discovery = 2; |
||||
|
||||
// The configuration used for Asset Discovery runs. |
||||
AssetDiscoveryConfig asset_discovery_config = 3; |
||||
} |
||||
@ -0,0 +1,53 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/protobuf/duration.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// Response of asset discovery run |
||||
message RunAssetDiscoveryResponse { |
||||
// The state of an asset discovery run. |
||||
enum State { |
||||
// Asset discovery run state was unspecified. |
||||
STATE_UNSPECIFIED = 0; |
||||
|
||||
// Asset discovery run completed successfully. |
||||
COMPLETED = 1; |
||||
|
||||
// Asset discovery run was cancelled with tasks still pending, as another |
||||
// run for the same organization was started with a higher priority. |
||||
SUPERSEDED = 2; |
||||
|
||||
// Asset discovery run was killed and terminated. |
||||
TERMINATED = 3; |
||||
} |
||||
|
||||
// The state of an asset discovery run. |
||||
State state = 1; |
||||
|
||||
// The duration between asset discovery run start and end |
||||
google.protobuf.Duration duration = 2; |
||||
} |
||||
@ -0,0 +1,57 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/api/resource.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// User specified security marks that are attached to the parent Cloud Security |
||||
// Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud |
||||
// SCC organization -- they can be modified and viewed by all users who have |
||||
// proper permissions on the organization. |
||||
message SecurityMarks { |
||||
option (google.api.resource) = { |
||||
type: "securitycenter.googleapis.com/SecurityMarks" |
||||
pattern: "organizations/{organization}/assets/{asset}/securityMarks" |
||||
pattern: "organizations/{organization}/sources/{source}/findings/{finding}/securityMarks" |
||||
}; |
||||
|
||||
// The relative resource name of the SecurityMarks. See: |
||||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name |
||||
// Examples: |
||||
// "organizations/{organization_id}/assets/{asset_id}/securityMarks" |
||||
// "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". |
||||
string name = 1; |
||||
|
||||
// Mutable user specified security marks belonging to the parent resource. |
||||
// Constraints are as follows: |
||||
// |
||||
// * Keys and values are treated as case insensitive |
||||
// * Keys must be between 1 - 256 characters (inclusive) |
||||
// * Keys must be letters, numbers, underscores, or dashes |
||||
// * Values have leading and trailing whitespace trimmed, remaining |
||||
// characters must be between 1 - 4096 characters (inclusive) |
||||
map<string, string> marks = 2; |
||||
} |
||||
@ -0,0 +1,115 @@ |
||||
{ |
||||
"methodConfig": [ |
||||
{ |
||||
"name": [ |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "CreateSource" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "CreateFinding" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "CreateNotificationConfig" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "DeleteNotificationConfig" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "RunAssetDiscovery" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "SetFindingState" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "SetIamPolicy" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "UpdateFinding" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "UpdateNotificationConfig" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "UpdateOrganizationSettings" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "UpdateSource" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "UpdateSecurityMarks" |
||||
} |
||||
], |
||||
"timeout": "600s" |
||||
}, |
||||
{ |
||||
"name": [ |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "GetIamPolicy" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "GetNotificationConfig" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "GetOrganizationSettings" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "GetSource" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "GroupAssets" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "GroupFindings" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "ListAssets" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "ListFindings" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "ListNotificationConfigs" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "ListSources" |
||||
}, |
||||
{ |
||||
"service": "google.cloud.securitycenter.v1p1beta1.SecurityCenter", |
||||
"method": "TestIamPermissions" |
||||
} |
||||
], |
||||
"timeout": "600s", |
||||
"retryPolicy": { |
||||
"initialBackoff": "0.100s", |
||||
"maxBackoff": "60s", |
||||
"backoffMultiplier": 1.3, |
||||
"retryableStatusCodes": [ |
||||
"DEADLINE_EXCEEDED", |
||||
"UNAVAILABLE" |
||||
] |
||||
} |
||||
} |
||||
] |
||||
} |
||||
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,34 @@ |
||||
type: google.api.Service |
||||
config_version: 3 |
||||
name: securitycenter.googleapis.com |
||||
title: Cloud Security Command Center API |
||||
|
||||
apis: |
||||
- name: google.cloud.securitycenter.v1p1beta1.SecurityCenter |
||||
|
||||
types: |
||||
- name: google.cloud.securitycenter.v1p1beta1.NotificationMessage |
||||
- name: google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse |
||||
|
||||
documentation: |
||||
summary: |- |
||||
Cloud Security Command Center API provides access to temporal views of |
||||
assets and findings within an organization. |
||||
|
||||
backend: |
||||
rules: |
||||
- selector: 'google.cloud.securitycenter.v1p1beta1.SecurityCenter.*' |
||||
deadline: 480.0 |
||||
- selector: 'google.longrunning.Operations.*' |
||||
deadline: 60.0 |
||||
|
||||
authentication: |
||||
rules: |
||||
- selector: 'google.cloud.securitycenter.v1p1beta1.SecurityCenter.*' |
||||
oauth: |
||||
canonical_scopes: |- |
||||
https://www.googleapis.com/auth/cloud-platform |
||||
- selector: 'google.longrunning.Operations.*' |
||||
oauth: |
||||
canonical_scopes: |- |
||||
https://www.googleapis.com/auth/cloud-platform |
||||
@ -0,0 +1,60 @@ |
||||
// Copyright 2019 Google LLC. |
||||
// |
||||
// Licensed under the Apache License, Version 2.0 (the "License"); |
||||
// you may not use this file except in compliance with the License. |
||||
// You may obtain a copy of the License at |
||||
// |
||||
// http://www.apache.org/licenses/LICENSE-2.0 |
||||
// |
||||
// Unless required by applicable law or agreed to in writing, software |
||||
// distributed under the License is distributed on an "AS IS" BASIS, |
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
// See the License for the specific language governing permissions and |
||||
// limitations under the License. |
||||
// |
||||
|
||||
syntax = "proto3"; |
||||
|
||||
package google.cloud.securitycenter.v1p1beta1; |
||||
|
||||
import "google/api/annotations.proto"; |
||||
import "google/api/resource.proto"; |
||||
|
||||
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; |
||||
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; |
||||
option java_multiple_files = true; |
||||
option java_package = "com.google.cloud.securitycenter.v1p1beta1"; |
||||
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; |
||||
option ruby_package = "Google::Cloud::SecurityCenter::V1p1Beta1"; |
||||
|
||||
// Cloud Security Command Center's (Cloud SCC) finding source. A finding source |
||||
// is an entity or a mechanism that can produce a finding. A source is like a |
||||
// container of findings that come from the same scanner, logger, monitor, etc. |
||||
message Source { |
||||
option (google.api.resource) = { |
||||
type: "securitycenter.googleapis.com/Source" |
||||
pattern: "organizations/{organization}/sources/{source}" |
||||
}; |
||||
|
||||
// The relative resource name of this source. See: |
||||
// https://cloud.google.com/apis/design/resource_names#relative_resource_name |
||||
// Example: |
||||
// "organizations/{organization_id}/sources/{source_id}" |
||||
string name = 1; |
||||
|
||||
// The source's display name. |
||||
// A source's display name must be unique amongst its siblings, for example, |
||||
// two sources with the same parent can't share the same display name. |
||||
// The display name must have a length between 1 and 64 characters |
||||
// (inclusive). |
||||
string display_name = 2; |
||||
|
||||
// The description of the source (max of 1024 characters). |
||||
// Example: |
||||
// "Cloud Security Scanner is a web security scanner for common |
||||
// vulnerabilities in App Engine applications. It can automatically |
||||
// scan and detect four common vulnerabilities, including cross-site-scripting |
||||
// (XSS), Flash injection, mixed content (HTTP in HTTPS), and |
||||
// outdated/insecure libraries." |
||||
string description = 3; |
||||
} |
||||
Loading…
Reference in new issue